chore: update suppressions

build.gradle.kts

@@ -3,6 +3,17 @@ import com.github.jengelman.gradle.plugins.shadow.tasks.ShadowJar
 plugins {
     id("org.openrewrite.build.recipe-library") version "latest.release"
     id("com.github.johnrengelman.shadow") version "latest.release"
+    id("org.owasp.dependencycheck") version "latest.release"
+}
+
+dependencyCheck {
+    analyzers.assemblyEnabled = false
+    analyzers.nodeAuditEnabled = false
+    analyzers.nodeEnabled = false
+    failBuildOnCVSS = System.getenv("FAIL_BUILD_ON_CVSS")?.toFloatOrNull() ?: 9.0F
+    format = System.getenv("DEPENDENCY_CHECK_FORMAT") ?: "HTML"
+    nvd.apiKey = System.getenv("NVD_API_KEY")
+    suppressionFile = "suppressions.xml"
 }
 
 group = "org.openrewrite.recipe"

suppressions.xml

@@ -40,4 +40,30 @@
         <packageUrl regex="true">^pkg:maven/org\.springframework/spring-webflux@.*$</packageUrl>
         <vulnerabilityName>CVE-2024-38816</vulnerabilityName>
     </suppress>
-</suppressions>
+    <suppress until="2024-12-25Z">
+        <notes><![CDATA[
+        develocity and gradle
+        reason: using latest release of com.gradle.develocity and com.gradle.common-custom-user-data-gradle-plugin
+        ]]></notes>
+        <cve>CVE-2019-11402</cve>
+        <cve>CVE-2019-11403</cve>
+        <cve>CVE-2019-15052</cve>
+        <cve>CVE-2020-11979</cve>
+        <cve>CVE-2021-29427</cve>
+        <cve>CVE-2021-29428</cve>
+        <cve>CVE-2021-32751</cve>
+        <cve>CVE-2021-41589</cve>
+        <cve>CVE-2022-25364</cve>
+        <cve>CVE-2023-35947</cve>
+        <cve>CVE-2023-45161</cve>
+        <cve>CVE-2023-45163</cve>
+        <cve>CVE-2023-49238</cve>
+        <cve>CVE-2023-5964</cve>
+    </suppress>
+    <suppress until="2024-12-25Z">
+        <notes><![CDATA[
+        Spring Web
+        ]]></notes>
+        <cve>CVE-2016-1000027</cve>
+    </suppress>
+</suppressions>