Skip to content

feat: add new suppression xsd allowing grouping of suppressions #7957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 12, 2025
Merged

feat: add new suppression xsd allowing grouping of suppressions #7957

merged 2 commits into from
Nov 12, 2025

Conversation

@magal000
Copy link
Contributor

@magal000 magal000 commented Sep 23, 2025

Description of Change

Added new version (1.4) of suppression xsd. This allows the grouping of suppressions and metadata about the groupings. Groupings are optional. Suppression xml can be used as earlier. See issue for reasoning.

Related issues

Issue 7898

Have test cases been added to cover the new functionality?

yes

@boring-cyborg boring-cyborg bot added core changes to core tests test cases labels Sep 23, 2025
@magal000 magal000 changed the title Feature/7898 add new suppression xsd feat: add new suppression xsd allowing grouping of suppressions Sep 23, 2025
@magal000
feat: Introduced version 1.4 of dependency suppressions schema (depen…
066ba81 
…dency-check#7898).

This introduces the optional suppressionGroup element, with which suppressions can be grouped. Attributes can be set on group level and be used as default values for child suppressions.
suppresionGroup element is optional. suppressions.xml files that adhere to schema version 1.3 will be valid in schema 1.4 as well.
@magal000
feat: change so that "base" attribute does not have a default value w…
6028428 
…hen part of a SuppressionGroup. Minor changes in comments. (dependency-check#7898)
@magal000 magal000 force-pushed the feature/7898-add-new-suppression-xsd branch from 95cbedb to 6028428 Compare September 23, 2025 14:49
@jeremylong jeremylong added this to the 12.2.0 milestone Nov 11, 2025
@nhumblot
Copy link
Collaborator

nhumblot commented Nov 12, 2025

praise: thanks for your time on this proposal and your patience! I'm sure people will find it useful!

@nhumblot
Copy link
Collaborator

nhumblot commented Nov 12, 2025

chore: our false-positives documentation displays references to the 1.3.xsd version. The page is located in src/site/markdown/general/suppression.md`. We could upgrade the reference to 1.4 in order to have a documentation being up to date.

suggestion(non-blocking): it could also be interesting to add an explanation about the suppressionGroups and their purpose into this documentation but this could be done in an additional PR to keep changes small.

@jeremylong jeremylong merged commit 6502d33 into dependency-check:main Nov 12, 2025
8 of 11 checks passed
@nhumblot nhumblot mentioned this pull request Nov 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeremylong jeremylong jeremylong approved these changes

Assignees

No one assigned

Labels

core changes to core tests test cases

Projects

None yet

Milestone

12.2.0

Development

Successfully merging this pull request may close these issues.

3 participants

@magal000 @nhumblot @jeremylong