Skip to content

fix(fp): Consolidate duplicate jetcd suppression and ensure considered base suppressions#7137

Merged
jeremylong merged 1 commit intodependency-check:generatedSuppressionsfrom
chadlwilson:tidy-jetcd-suppressions
Nov 7, 2024
Merged

fix(fp): Consolidate duplicate jetcd suppression and ensure considered base suppressions#7137
jeremylong merged 1 commit intodependency-check:generatedSuppressionsfrom
chadlwilson:tidy-jetcd-suppressions

Conversation

@chadlwilson
Copy link
Copy Markdown
Collaborator

@chadlwilson chadlwilson commented Nov 7, 2024

Description of Change

The change in #7117 failed to mark the suppressions as base which makes them show up incorrectly as unused suppressions in user runs.

Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/io\.etcd/jetcd-[a-z]*@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:redhat:etcd, regex=false, caseSensitive=false},PropertyType{value=cpe:/a:etcd:etcd, regex=false, caseSensitive=false},}}
Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/io\.etcd/jetcd-grpc@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:grpc:grpc, regex=false, caseSensitive=false},}}

Additionally consolidates a duplicate earlier suppression and uses .* to handle other dependencies like jetcd-blah-blah.

FYI @joannakotula :-)

Have test cases been added to cover the new functionality?

N/A

@chadlwilson chadlwilson force-pushed the tidy-jetcd-suppressions branch from 585db5b to d92e453 Compare November 7, 2024 04:16
@chadlwilson chadlwilson changed the title fix(fp): Consolidate duplicate suppression and ensure considered base suppressions fix(fp): Consolidate duplicate jetcd suppression and ensure considered base suppressions Nov 7, 2024
jeremylong added a commit that referenced this pull request Nov 7, 2024
@jeremylong
fix: cleanup base suppression per pull #7137
b61611b
jeremylong
jeremylong approved these changes Nov 7, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@jeremylong jeremylong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jeremylong jeremylong mentioned this pull request Nov 7, 2024
Merged
@jeremylong jeremylong merged commit 9d9fa27 into dependency-check:generatedSuppressions Nov 7, 2024
@jeremylong jeremylong added this to the 11.1.1 milestone Nov 7, 2024
@chadlwilson chadlwilson deleted the tidy-jetcd-suppressions branch November 7, 2024 09:53
@jeremylong jeremylong mentioned this pull request Nov 9, 2024
Closed
@github-actions github-actions Bot locked as resolved and limited conversation to collaborators Dec 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@jeremylong jeremylong jeremylong approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

11.1.1

Development

Successfully merging this pull request may close these issues.

2 participants

@chadlwilson @jeremylong