In a situation where we know a dependency vulnerability fix is incoming, it would be nice to not have to remember to un-suppress it.
<suppress>
<notes><![CDATA[
file name: jackson-databind-2.9.4.jar
]]></notes>
<gav regex="true">^com\.fasterxml\.jackson\.core:jackson-databind:.*$</gav>
<cve>CVE-2018-7489</cve>
<until>2018-04-01</until>
</suppress>
In a situation where we know a dependency vulnerability fix is incoming, it would be nice to not have to remember to un-suppress it.
For example, CVE-2018-7489 is fixed: FasterXML/jackson-databind#1931
but awaiting release: https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.5
Example
Proposed new config added to reenable warnings after specified date:
<until>2018-04-01</until>Similar to https://github.com/unruly/junit-rules/blob/master/README.md#ignore-tests-until-a-certain-date-or-datetime