summaryrefslogtreecommitdiffhomepage
path: root/android/config
AgeCommit message (Collapse)AuthorFilesLines
2023-12-06Update CVE suppressionDavid Göransson1-1/+1
2023-11-22Add mobsf config to suppress and document issuesAlbin1-0/+28
2023-11-06Push suppression date for unfixed non-critical CVEsAlbin1-3/+3
2023-09-14Push suppression date for CVE-2023-2976Albin1-1/+1
Pushing the suppression date since not much new information is available and no upstream release has been made of the affected library (espresso).
2023-07-27Suppress CVE-2023-3635Albin1-0/+10
2023-06-13Set lint to ignore typography ellipsis errorsJonatan Rhodin1-0/+2
2023-06-07Update gradle dependency suppressionsAlbin1-69/+7
2023-05-19Bump kotlin and agpAlbin1-0/+8
2023-05-15Ignore unused resource warning for stringsAlbin1-0/+3
2023-05-03Push suppression review dateAlbin1-7/+7
New review date: 2023-06-01
2023-03-28Ignore localization workflow related lint rulesAlbin1-1/+3
2023-03-16Ignore MissingTranslation issuesAlbin1-0/+2
2023-03-16Add empty lint configAlbin1-0/+3
2023-01-10Suppress CVE-2021-4277Albin1-0/+20
2022-12-16Update compose to 1.3.2Albin1-11/+0
This fixes the following transitive CVEs in Compose: - CVE-2022-3171 - CVE-2022-3510 However, the mentioned CVEs are still present via the espresso-contrib dependency.
2022-12-13Set CVE suppression expiration to 2023-05-01Albin1-8/+8
2022-12-13Suppress CVE-2022-3510Albin1-0/+1
2022-12-08Suppress test framework CVEsAlbin1-0/+40
CVEs: - CVE-2020-8908 - CVE-2021-37714 - CVE-2022-36033
2022-12-08Update suppression of CVE-2022-3171Albin1-1/+14
2022-12-08Update suppression of CVE-2021-22569Albin1-3/+5
2022-12-08Remove suppression of CVE-2022-24329Albin1-6/+0
This CVE has been fixed upstream.
2022-12-08Suppress CVE-2021-37533Albin1-0/+15
This CVE affects the Apache Commons Net's FTP client that this app doesn't use. https://www.openwall.com/lists/oss-security/2022/12/03/1 File names: - commons-beanutils-1.9.4.jar - commons-collections-3.2.2.jar - commons-digester-2.1.jar - commons-logging-1.2.jar - commons-validator-1.7.jar
2022-10-07Suppress CVE-2022-3171 from automatic audit checksAlbin1-0/+7
This suppression only affects the Android app. The CVE will instead be tracked externally and will likely be mitigated by either updating affected dependencies or by identifying that it doesn't affect the app.
2022-06-15Suppress false positive CVE-2021-22569Albin1-0/+8
2022-03-09Suppress false positive Android CVEAlbin1-0/+9
The CVE (CVE-2022-24329) only affects "Multiplatform Gradle Projects" according to the CVE description, which this is not, and therefore it's considered a false positive.
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.