This is an automated email from the ASF dual-hosted git repository. technoboy pushed a commit to branch branch-2.11 in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit fa0bfc31d50d633c1b7d94b994367a528e3f4a8b Author: Nicolò Boschi <[email protected]> AuthorDate: Mon Aug 29 08:45:25 2022 +0200 [cleanup][owasp] Supress false positive netty-tcnative (#17282) --- src/owasp-dependency-check-false-positives.xml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/owasp-dependency-check-false-positives.xml b/src/owasp-dependency-check-false-positives.xml index 54b703f0108..e69afb31a68 100644 --- a/src/owasp-dependency-check-false-positives.xml +++ b/src/owasp-dependency-check-false-positives.xml @@ -54,6 +54,13 @@ <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl> <cpe>cpe:/a:netty:netty</cpe> </suppress> + <suppress> + <notes><![CDATA[ + file name: netty-tcnative-boringssl-static-2.0.52.Final-osx-aarch_64.jar + ]]></notes> + <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-boringssl\-static@.*$</packageUrl> + <cpe>cpe:/a:chromium_project:chromium</cpe> + </suppress> <suppress> <!-- Zookkeeper false positive about Jetty and commons-io--> <!-- https://github.com/apache/zookeeper/pull/1824-->
