From ba15af63de596c48fe69d387ae39d123cebc7087 Mon Sep 17 00:00:00 2001
From: nwithan8 <nwithan8@users.noreply.github.com>
Date: Fri, 29 Sep 2023 11:20:48 -0600
Subject: [PATCH] - Bump DependencyCheck, skip known CVE in plugin

---
 dependency-check-suppressions.xml | 7 ++++++-
 pom.xml                           | 8 ++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/dependency-check-suppressions.xml b/dependency-check-suppressions.xml
index 86f0d6eeb..576299f08 100644
--- a/dependency-check-suppressions.xml
+++ b/dependency-check-suppressions.xml
@@ -3,11 +3,16 @@
     <suppress>
         <!--
         Below vulnerabilities are from outdated Protocol Buffers which is the dependency of Error Prone.
-        This will not affect our code
+        This will not affect our code.
         -->
         <vulnerabilityName>CVE-2022-3171</vulnerabilityName>
         <vulnerabilityName>CVE-2022-3509</vulnerabilityName>
         <vulnerabilityName>CVE-2022-3510</vulnerabilityName>
         <vulnerabilityName>CVE-2023-2976</vulnerabilityName>
+        <!--
+        Vulnerability in the Dependency Check itself, used during testing.
+        Will not affect end-users.
+        Ref: https://github.com/jeremylong/DependencyCheck/issues/5943 -->
+        <vulnerabilityName>CVE-2023-4759</vulnerabilityName>
     </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
index 47a93738b..fc7b1eec4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -83,6 +83,12 @@
             <version>1.18.26</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.eclipse.jgit</groupId>
+            <artifactId>org.eclipse.jgit</artifactId>
+            <version>6.7.0.202309050840-r</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <organization>
@@ -334,8 +340,6 @@
                     <suppressionFile>dependency-check-suppressions.xml</suppressionFile>
                     <failBuildOnCVSS>7</failBuildOnCVSS>
                     <junitFailOnCVSS>7</junitFailOnCVSS>
-                    <scanPlugins>false</scanPlugins>
-                    <skipTestScope>true</skipTestScope>
                 </configuration>
                 <executions>
                     <execution>