From 16d793aa2705994496d822231936ea26e523b126 Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Fri, 21 Feb 2025 10:35:51 -0800 Subject: [PATCH 1/2] Suppress erroneous labkey-client-api "CVEs" --- dependencyCheckSuppression.xml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/dependencyCheckSuppression.xml b/dependencyCheckSuppression.xml index 844103d7fe..dcfd3f14af 100644 --- a/dependencyCheckSuppression.xml +++ b/dependencyCheckSuppression.xml @@ -387,5 +387,30 @@ ^pkg:maven/org\.apache\.tomcat/tomcat-catalina@.*$ CVE-2024-56337 + + + + + ^pkg:maven/org\.labkey\.api/labkey-client-api@.*$ + CVE-2019-3911 + + + + ^pkg:maven/org\.labkey\.api/labkey-client-api@.*$ + CVE-2019-3912 + + + + ^pkg:maven/org\.labkey\.api/labkey-client-api@.*$ + CVE-2019-3913 + From 32fa0bd9b66788db9db55c55f735c54dcf340d15 Mon Sep 17 00:00:00 2001 From: ian Date: Fri, 21 Feb 2025 11:29:12 -0800 Subject: [PATCH 2/2] Bump dependency checker --- gradle.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle.properties b/gradle.properties index fe42b277f5..708e98a669 100644 --- a/gradle.properties +++ b/gradle.properties @@ -60,7 +60,7 @@ windowsProteomicsBinariesVersion=1.0 artifactoryPluginVersion=5.2.5 gradleNodePluginVersion=3.5.1 gradlePluginsVersion=4.2.0 -owaspDependencyCheckPluginVersion=11.0.0 +owaspDependencyCheckPluginVersion=12.1.0 versioningPluginVersion=1.1.2 # Versions of node and npm to use during the build. If set, these versions