Bluexin · May 16, 2019 13:50
diff --git a/dependency-checker-suppression.xml b/dependency-checker-suppression.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd">
    <suppress>
        <notes><![CDATA[
        False positive, see https://github.com/jeremylong/DependencyCheck/issues/1925
        file name: jwks-rsa-0.8.1.jar
   ]]></notes>
        <gav regex="true">^com\.auth0:jwks-rsa:.*$</gav>
        <cpe>cpe:/a:auth0:auth0</cpe>
    </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>com.example</groupId>
    <artifactId>sample</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>sample</name>
    <description>Sample project</description>

    <properties>
        <java.version>1.8</java.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>com.auth0</groupId>
            <artifactId>jwks-rsa</artifactId>
            <version>0.8.1</version>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.owasp</groupId>
                <artifactId>dependency-check-maven</artifactId>
                <version>5.0.0-M3</version>
                <inherited>false</inherited>
                <configuration>
                    <format>ALL</format>
                    <retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
                    <outputDirectory>${project.build.directory}/dependency-check</outputDirectory>
                    <suppressionFiles>
                        <suppressionFile>dependency-checker-suppression.xml</suppressionFile>
                    </suppressionFiles>
                </configuration>
                <executions>
                    <execution>
                        <goals>
                            <goal>aggregate</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>
 </project>
	<?xml version="1.0" encoding="UTF-8"?>
	<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd">
	<suppress>
	<notes><![CDATA[
	False positive, see https://github.com/jeremylong/DependencyCheck/issues/1925
	file name: jwks-rsa-0.8.1.jar
	]]></notes>
	<gav regex="true">^com\.auth0:jwks-rsa:.*$</gav>
	<cpe>cpe:/a:auth0:auth0</cpe>
	</suppress>
	</suppressions>
	<?xml version="1.0" encoding="UTF-8"?>
	<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<groupId>com.example</groupId>
	<artifactId>sample</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>sample</name>
	<description>Sample project</description>

	<properties>
	<java.version>1.8</java.version>
	</properties>

	<dependencies>
	<dependency>
	<groupId>com.auth0</groupId>
	<artifactId>jwks-rsa</artifactId>
	<version>0.8.1</version>
	</dependency>
	</dependencies>

	<build>
	<plugins>
	<plugin>
	<groupId>org.owasp</groupId>
	<artifactId>dependency-check-maven</artifactId>
	<version>5.0.0-M3</version>
	<inherited>false</inherited>
	<configuration>
	<format>ALL</format>
	<retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
	<outputDirectory>${project.build.directory}/dependency-check</outputDirectory>
	<suppressionFiles>
	<suppressionFile>dependency-checker-suppression.xml</suppressionFile>
	</suppressionFiles>
	</configuration>
	<executions>
	<execution>
	<goals>
	<goal>aggregate</goal>
	</goals>
	</execution>
	</executions>
	</plugin>
	</plugins>
	</build>
	</project>