Skip to content

Navigation Menu

Explore
By size
By industry
By use case
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

jeremylong / DependencyCheck Public

Notifications You must be signed in to change notification settings
Fork 1.3k
Star 6.3k

Code
Issues 543
Pull requests 7
Actions
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Wiki
Security
Insights

Releases: jeremylong/DependencyCheck

Releases · jeremylong/DependencyCheck

Version 7.2.0

14 Sep 11:19

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.2.0

Changes

Add support for Bazel's pinned maven_install.json (#4772).
Fixed bug preventing the use of custom report templates (#4800).
Updated several dependencies including upgrades for dependencies with CVEs.
Several bug fixes made and suppression rules were added.
See the full listing of changes.

Assets 7

Loading

mprins, gesellix, and tom-mi reacted with hooray emoji

viniciusnavarro and croissong reacted with rocket emoji

All reactions

🎉 3 reactions
🚀 2 reactions

5 people reacted

Version 7.1.2

20 Aug 11:50

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.2

Changes

The maven plugin now includes pnpm and yarn lock files in the scan by default (#4753).
If a suppression rule is no longer used a log entry will be written (#4685).
Several bug fixes made and suppression rules added.
See the full listing of changes.

Assets 7

Loading

lgalvao, hpoettker, paulocardoso, and mattmedus reacted with thumbs up emoji

croissong and itd-pal reacted with rocket emoji

All reactions

👍 4 reactions
🚀 2 reactions

6 people reacted

Version 7.1.1

12 Jun 12:32

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.1

Changes

Minor bug fixes.
Resolved several false positives.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.1.0

23 Apr 10:14

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.0

Changes

Improved sorting in the HTML report (see #4112).
Improved support for Swift (see #4265).
Resolved several false positives.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.4

30 Mar 11:18

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.4

Changes

Update to jackson-databind (see #4285).
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.3

29 Mar 11:40

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.3

Changes

Update to jackson-databind (see #4285).
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.2

28 Mar 12:09

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.2

Changes

General project maintenance, bug fixes, and false positive and false negative reductions.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.1

23 Mar 11:16

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.1

Changes

General project maintenance, bug fixes, and false positive reductions.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.0

28 Feb 12:05

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.0

Breaking Changes

The H2 database version has been upgraded.
- if you use the dataDirectory option you will need to run a purge after upgrading.
Upgraded to dotnet core 6.0. If analyzing dotnet assemblies the system will need to have the dotnet core 6.0.x runtime available.

Changes

The Sarif report format has been fixed and can now be imported into GitHub if desired (See #3993).
Introduced IssueOps for False Positive reports to assist the team in evaluating FP reports.
- Create New FP Report Issue.
When analyzing Java projects ODC now includes data from the developers section.
- This will likely cause false positives on things like Apache James, please report the FP and we will fix these quickly.
General project maintenance, bug fixes, and false positive reductions.
See the full listing of changes.

Assets 7

Loading

mprins, gurubamal, AndreVirtimo, tremblaysimon, ryandutton, iConn, cbgroberio, tomcz7, 31deR, and merikan reacted with thumbs up emoji

All reactions

👍 10 reactions

10 people reacted

Version 6.5.3

12 Jan 12:25

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 6.5.3

Changes in this Release

Performance improvements for some Maven projects (see #3923 and #3931).
Fixed bug in npm version handling introduced in 6.5.2 (see #3956).
Improved the node package analyzer to correctly report the origin of a dependency (see #3970).
General code maintenance and false positive reductions.
See the full listing of changes.

Assets 6

Loading

All reactions

Previous 1 2 3 4 5 6 7 8 Next

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.