Radixor/dependency-suppression.xml

<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
    <!-- Add only reviewed, justified false positives. -->
    
    <!-- Example:
    <suppress>
        <notes><![CDATA[
        False positive review:
        - reason: Example package was matched to wrong CPE
        - reviewed-by: Security Team
        - reviewed-on: 2026-04-14
        - remove-when: After upgrading the plugin or dependency metadata improves
        ]]></notes>
        <gav regex="true">^org\.example:acme-lib:.*$</gav>
        <cve>CVE-2026-9999</cve>
    </suppress>
    -->
</suppressions>