update parent and add owasp suppression

nidi3 · nidi3 · commit d0e4b89eb2ac · 2020-04-26T15:16:53.000+02:00
Signed-off-by: Stefan Niederhauser &lt;ghuder5@gmx.ch&gt;
diff --git a/graphviz-java/pom.xml b/graphviz-java/pom.xml
@@ -91,6 +91,12 @@
             <artifactId>batik-rasterizer</artifactId>
             <version>1.10</version>
             <optional>true</optional>
+            <exclusions>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>com.google.code.findbugs</groupId>
diff --git a/owasp-suppression.xml b/owasp-suppression.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+    <suppress>
+        <cve>CVE-2020-2799</cve>
+        <cve>CVE-2020-2802</cve>
+        <cve>CVE-2020-2900</cve>
+        <cpe>cpe:2.3:a:oracle:graalvm:20.0.0</cpe>
+    </suppress>
+</suppressions>
diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>guru.nidi</groupId>
         <artifactId>guru-nidi-parent-pom</artifactId>
-        <version>1.1.29</version>
+        <version>1.1.30</version>
         <relativePath />
     </parent>
 
@@ -19,6 +19,7 @@
     <inceptionYear>2015</inceptionYear>
 
     <properties>
+        <suppressionFile>owasp-suppression.xml</suppressionFile>
         <dependency-check.fail-on-error>false</dependency-check.fail-on-error>
         <java.version>1.8</java.version>
         <j2v8.version>4.6.0</j2v8.version>
