CAL-477 Declare dependencies that were received transitively (#699)

* CAL-477 Declare dependencies that were received transitively (#653)

* CAL-477 Address owasp findings

Author: clockard

catalog/imaging/imaging-actionprovider-chip/pom.xml

@@ -48,6 +48,11 @@
             <artifactId>catalog-core-api</artifactId>
             <version>${ddf.version}</version>
         </dependency>
+        <dependency>
+            <groupId>ddf.platform</groupId>
+            <artifactId>platform-configuration</artifactId>
+            <version>${ddf.version}</version>
+        </dependency>
         <dependency>
             <groupId>ddf.catalog.core</groupId>
             <artifactId>catalog-core-api-impl</artifactId>

catalog/nsili/catalog-nsili-common/pom.xml

@@ -39,6 +39,11 @@
             <artifactId>cxf-rt-rs-client</artifactId>
             <version>${cxf.version}</version>
         </dependency>
+        <dependency>
+            <groupId>ddf.catalog.core</groupId>
+            <artifactId>catalog-core-api</artifactId>
+            <version>${ddf.version}</version>
+        </dependency>
         <dependency>
             <groupId>ddf.catalog.core</groupId>
             <artifactId>catalog-core-api-impl</artifactId>

catalog/nsili/catalog-nsili-endpoint/pom.xml

@@ -29,6 +29,11 @@
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>ddf.catalog.core</groupId>
+            <artifactId>catalog-core-api</artifactId>
+            <version>${ddf.version}</version>
+        </dependency>
         <dependency>
             <groupId>ddf.catalog.core</groupId>
             <artifactId>catalog-core-api-impl</artifactId>

dependency-check-maven-config.xml

@@ -84,4 +84,12 @@
         <cve>CVE-2017-7657</cve>
     </suppress>
 
+    <suppress>
+        <notes>FFMpeg vulnerabilities that don't affect our updated version</notes>
+        <cve>CVE-2009-0385</cve>
+        <cve>CVE-2011-4031</cve>
+        <cve>CVE-2005-4048</cve>
+        <cve>CVE-2018-1999012</cve>
+    </suppress>
+
 </suppressions>