<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
    <suppress>
        <notes><![CDATA[
           Internal tooling, not exposed to the Internet.
       ]]></notes>
        <packageUrl regex="true">^pkg:maven/org\.pitest/pitest\-command\-line@.*$</packageUrl>
        <cpe>cpe:/a:line:line</cpe>
    </suppress>
    <suppress>
        <notes><![CDATA[
          file name: logback-core-1.5.12.jar
          A successful attack requires the user to have write access to a configuration file or environment vars.
        ]]></notes>
        <packageUrl regex="true">^pkg:maven/ch\.qos\.logback/logback-core@.*$</packageUrl>
        <cpe>cpe:/a:qos:logback</cpe>
        <cve>CVE-2024-12798</cve>
    </suppress>

</suppressions>