From 46b5def0390cbb850c9447239b2679935105bd11 Mon Sep 17 00:00:00 2001
From: "Mark S. Lewis" <mark_lewis@uk.ibm.com>
Date: Tue, 28 Feb 2023 16:53:11 +0000
Subject: [PATCH] Update dependency-check plugin to avoid false positives

Signed-off-by: Mark S. Lewis <mark_lewis@uk.ibm.com>
---
 dependency-suppressions.xml | 14 --------------
 pom.xml                     |  2 +-
 2 files changed, 1 insertion(+), 15 deletions(-)

diff --git a/dependency-suppressions.xml b/dependency-suppressions.xml
index 033d1306..d223faae 100644
--- a/dependency-suppressions.xml
+++ b/dependency-suppressions.xml
@@ -34,18 +34,4 @@
         <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
         <vulnerabilityName>CVE-2022-1471</vulnerabilityName>
     </suppress>
-    <suppress>
-        <notes><![CDATA[
-        Vulnerability in gopkg.in/yaml.v3 Golang module, not SnakeYaml
-        ]]></notes>
-        <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
-        <cve>CVE-2022-3064</cve>
-    </suppress>
-    <suppress>
-        <notes><![CDATA[
-        Vulnerability in gopkg.in/yaml.v3 Golang module, not SnakeYaml
-        ]]></notes>
-        <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
-        <cve>CVE-2021-4235</cve>
-    </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
index e04e72ef..4ed9af26 100644
--- a/pom.xml
+++ b/pom.xml
@@ -342,7 +342,7 @@
                     <plugin>
                         <groupId>org.owasp</groupId>
                         <artifactId>dependency-check-maven</artifactId>
-                        <version>7.4.4</version>
+                        <version>8.1.2</version>
                         <configuration>
                             <skipProvidedScope>true</skipProvidedScope>
                             <skipTestScope>true</skipTestScope>