update owasp suppression

nidi3 · nidi3 · commit 0036cf6b308f · 2018-01-27T18:00:52.000+01:00
diff --git a/owasp-suppression.xml b/owasp-suppression.xml
@@ -10,6 +10,11 @@
         <sha1>8613ae82954779d518631e05daa73a6a954817d5</sha1>
         <cpe>cpe:/a:bean_project:bean:7.x-1.1::~~~drupal~~</cpe>
     </suppress>
+    <suppress>
+        <notes>Haha funny! But code-assert is only used during test phase, so vulnerable libs do not end in production code.</notes>
+        <sha1>a178eeeb5f3e15660e94d5731a3dc161c8350099</sha1>
+        <cpe>cpe:/a:mod_security:mod_security:1.7.1</cpe>
+    </suppress>
     <suppress>
         <notes>This is a nexus-staging dependency, what can we do?</notes>
         <sha1>50ade46f23bb38cd984b4ec560c46223432aac38</sha1>
@@ -25,4 +30,8 @@
         <sha1>aaf17df9fe0240e9e9d5375d24d5f177174b73d9</sha1>
         <cpe>cpe:/a:apache:tomcat:8.5.23</cpe>
     </suppress>
+    <suppress>
+        <notes>This is probably a bug in the dependency checker because detekt uses gitlab groupId</notes>
+        <cpe>cpe:/a:gitlab:gitlab:1.0.0.rc6</cpe>
+    </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>guru.nidi</groupId>
         <artifactId>guru-nidi-parent-pom</artifactId>
-        <version>1.1.6</version>
+        <version>1.1.7</version>
         <relativePath />
     </parent>
 
