Precondition
Describe the bug
ODC hosted suppressions file is broken since 27 Jan ~16:14 UTC, users will be getting
Unable to parse the hosted suppressions data file, results may contain false positives already resolved by the DependencyCheck project
org.owasp.dependencycheck.xml.suppression.SuppressionParseException: org.xml.sax.SAXException: Line=3, Column=28: Element type "suppressions" must be followed by either attribute specifications, ">" or "/>".
at org.owasp.dependencycheck.xml.suppression.SuppressionParser.parseSuppressionRules(SuppressionParser.java:139)
at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadCachedHostedSuppressionsRules(AbstractSuppressionAnalyzer.java:315)
at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadHostedSuppressionBaseData(AbstractSuppressionAnalyzer.java:281)
at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.loadSuppressionBaseData(AbstractSuppressionAnalyzer.java:193)
at org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.prepareAnalyzer(AbstractSuppressionAnalyzer.java:104)
at org.owasp.dependencycheck.analyzer.CPEAnalyzer.prepareAnalyzer(CPEAnalyzer.java:194)
... and potentially a whole lot of FPs otherwise suppressed.
Version of dependency-check used
N.A
To Reproduce
- Run ODC with hosted suppressions enabled (default)
Filing this since it's a known issue and people may come looking for it.
Precondition
Describe the bug
ODC hosted suppressions file is broken since 27 Jan ~16:14 UTC, users will be getting
... and potentially a whole lot of FPs otherwise suppressed.
Version of dependency-check used
N.A
To Reproduce
Filing this since it's a known issue and people may come looking for it.