RobWin · Rajik · Feb 1, 2019 · Feb 1, 2019
diff --git a/config/security-suppressions.xml b/config/security-suppressions.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+    <suppress>
+        <notes><![CDATA[
+        Suppressing the CVE for json-patch
+        ]]></notes>
+        <cve>CVE-2018-14632</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+        Suppressing the CVE for Guava
+        ]]></notes>
+        <cve>CVE-2018-10237</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+        Suppressing the CVE for jackson-databind
+        ]]></notes>
+        <cve>CVE-2018-1000873</cve>
+        <cve>CVE-2018-14719</cve>
+        <cve>CVE-2018-14720</cve>
+        <cve>CVE-2018-14721</cve>
+        <cve>CVE-2018-19360</cve>
+        <cve>CVE-2018-19361</cve>
+        <cve>CVE-2018-19362</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+        Suppressing the CVE for slf4j-ext
+        ]]></notes>
+        <cve>CVE-2018-8088</cve>
+    </suppress>
+</suppressions>
diff --git a/gradle/security.gradle b/gradle/security.gradle
@@ -5,6 +5,7 @@ check.dependsOn dependencyCheckAnalyze
 dependencyCheck {
     cveValidForHours = 8
     failBuildOnCVSS = 5
+    suppressionFiles = ["config/security-suppressions.xml"]
     analyzers {
         nexusEnabled = false
         pyDistributionEnabled = false
@@ -17,4 +18,4 @@ dependencyCheck {
         nuspecEnabled = false
         assemblyEnabled = false
     }
-}
+}