From 058d2ff66cca4873d37058b0412873bea0b7d117 Mon Sep 17 00:00:00 2001
From: Nate Danner <nate@moderne.io>
Date: Tue, 1 Oct 2024 16:59:20 -0700
Subject: [PATCH] update to latest error prone to remove protobuf-java@3.19.2
 vulnerability (#613)

---
 build.gradle.kts | 2 +-
 suppressions.xml | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index bce1547cf..71a58d2a0 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -53,7 +53,7 @@ dependencies {
 
     annotationProcessor("org.openrewrite:rewrite-templating:${rewriteVersion}")
     implementation("org.openrewrite:rewrite-templating:${rewriteVersion}")
-    compileOnly("com.google.errorprone:error_prone_core:2.19.1:with-dependencies") {
+    compileOnly("com.google.errorprone:error_prone_core:2.+:with-dependencies") {
         exclude("com.google.auto.service", "auto-service-annotations")
     }
 
diff --git a/suppressions.xml b/suppressions.xml
index fbf9371b9..cc839fdf3 100644
--- a/suppressions.xml
+++ b/suppressions.xml
@@ -1,3 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+    <suppress until="2024-11-25Z">
+        <notes><![CDATA[
+                file name: rewrite-testing-frameworks-2.20.0-SNAPSHOT.jar: wiremock-jre8-2.35.0.jar: swagger-ui-bundle.js
+                false positive: js library that is shipped as part of this jar
+            ]]></notes>
+        <packageUrl regex="true">^pkg:javascript/DOMPurify@.*$</packageUrl>
+        <vulnerabilityName>CVE-2024-45801</vulnerabilityName>
+    </suppress>
 </suppressions>