Merge pull request #163 from companieshouse/feature/feature/JU-89-java-21-migration-fearghus

configuration to allow jacoco report generation and suppression of ne…

Author: foman-ch

pom.xml

@@ -46,6 +46,10 @@
         <test-containers.version>1.19.7</test-containers.version>
         <!-- Docker -->
         <jib-maven-plugin.version>3.4.1</jib-maven-plugin.version>
+
+        <argLine>
+            --add-opens=java.base/java.util=ALL-UNNAMED
+        </argLine>
     </properties>
 
     <dependencyManagement>
@@ -344,9 +348,6 @@
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>${maven-surefire-plugin.version}</version>
-                <configuration>
-                    <argLine>--add-opens=java.base/java.util=ALL-UNNAMED</argLine>
-                </configuration>
             </plugin>
             <plugin>
                 <groupId>com.google.cloud.tools</groupId>

suppress.xml

@@ -6,4 +6,14 @@
         <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
         <cve>CVE-2023-35116</cve>
     </suppress>
+    <suppress until="2024-09-01">
+        <notes>
+            <![CDATA[
+            File name: kafka-clients-3.6.1.jar
+            Suppressed as this is a new vulnerability that is still awaiting analysis.
+            ]]>
+        </notes>
+        <packageUrl regex="false">pkg:maven/org.apache.kafka/[email protected]</packageUrl>
+        <cve>CVE-2024-27309</cve>
+    </suppress>
 </suppressions>