From 963b2dfa572e384ee510ea9add03e651452224c6 Mon Sep 17 00:00:00 2001
From: Benoit Marty <benoit@matrix.org>
Date: Tue, 29 Mar 2022 19:38:10 +0200
Subject: [PATCH] Ignore false positive on static analysis tools Until
 2023-01-01Z !

---
 build.gradle                           |  7 +++++++
 tools/dependencycheck/suppressions.xml | 17 +++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 tools/dependencycheck/suppressions.xml

diff --git a/build.gradle b/build.gradle
index 6ad0663c6d..a5e1242afa 100644
--- a/build.gradle
+++ b/build.gradle
@@ -35,6 +35,13 @@ plugins {
 // https://github.com/jeremylong/DependencyCheck
 apply plugin: 'org.owasp.dependencycheck'
 
+dependencyCheck {
+    // See https://jeremylong.github.io/DependencyCheck/general/suppression.html
+    suppressionFiles = [
+            "./tools/dependencycheck/suppressions.xml"
+    ]
+}
+
 allprojects {
     apply plugin: "org.jlleitschuh.gradle.ktlint"
 
diff --git a/tools/dependencycheck/suppressions.xml b/tools/dependencycheck/suppressions.xml
new file mode 100644
index 0000000000..758b1a87f3
--- /dev/null
+++ b/tools/dependencycheck/suppressions.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+    <suppress until="2023-01-01Z">
+        <notes><![CDATA[
+      file name: ktlint-reporter-checkstyle-0.45.1.jar
+      ]]></notes>
+        <packageUrl regex="true">^pkg:maven/com\.pinterest\.ktlint/ktlint\-reporter\-checkstyle@.*$</packageUrl>
+        <cve>CVE-2019-10782</cve>
+    </suppress>
+    <suppress until="2023-01-01Z">
+        <notes><![CDATA[
+   file name: ktlint-reporter-checkstyle-0.45.1.jar
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/com\.pinterest\.ktlint/ktlint\-reporter\-checkstyle@.*$</packageUrl>
+        <cve>CVE-2019-9658</cve>
+    </suppress>
+</suppressions>