chore(fp): remove unnecessary prometheus suppressions

[chadlwilson]

Description of Change

Consolidated into a single hosted suppression in #8499

Related issues

• depends on chore(fp): consolidate Prometheus server suppressions #8499

Have test cases been added to cover the new functionality?

N/A

[jacquicollier2-eng]

Hi,

We have been experiencing this problem when running DependencyCheck (CVE-2026-42154 is an error with the service not with the client). Will this fix solve the problem?

[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '7.0':
[ERROR]
[ERROR] micrometer-registry-prometheus-1.12.13.jar (pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.13, cpe:2.3:a:prometheus:prometheus:1.12.13:::::::): CVE-2026-42154(7.5)
[ERROR] simpleclient-0.16.0.jar (pkg:maven/io.prometheus/simpleclient@0.16.0, cpe:2.3:a:prometheus:prometheus:0.16.0:::::::): CVE-2026-42154(7.5)

Many thanks.

[chadlwilson]

hi @jacquicollier2-eng

[ERROR] micrometer-registry-prometheus-1.12.13.jar (pkg:maven/io.micrometer/micrometer-registry-prometheus@1.12.13, cpe:2.3:a:prometheus:prometheus:1.12.13:::::::_): [CVE-2026-42154]

This one was already fixed via #8497 but you need to ensure your hosted suppressions are updated/synced.

[ERROR] simpleclient-0.16.0.jar (pkg:maven/io.prometheus/simpleclient@0.16.0, cpe:2.3:a:prometheus:prometheus:0.16.0:::::::_): [CVE-2026-42154]

This one will be fixed by #8499 when it is merged and released (it will also only require an update to your hosted suppressions).

This particular PR is just cleanup of duplicate suppression rules (packaged with every ODC release) which will no longer be necessary once #8499 is merged.

[jacquicollier2-eng]

Great - thank you for your very helpful answer and for replying so quickly :-)

[marcelstoer]

LGTM