Update dependency org.owasp:dependency-check-maven to v6 #44
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
5.3.2
->6.5.2
Release Notes
jeremylong/DependencyCheck
v6.5.2
Compare Source
Changes
pnpm
argmument to the CLI (#3916).v6.5.1
Compare Source
Changes
v6.5.0
Compare Source
Changes
v6.4.1
Compare Source
Changes
CVE meta
files from the NVD to prevent rate limiting issues (see #3725).v6.4.0
Compare Source
Changes
cveStartYear
is now configurable and can be set to any year from 2002 to present.cveWaitTime
is a new configuration option to define how many milliseconds to wait between NVD downloads; default is 4000 ms (see #3690).v6.3.2
Compare Source
Changes
v6.3.1
Compare Source
Changes
v6.3.0
Compare Source
Changes
v6.2.2
Compare Source
Changes
v6.2.1
Compare Source
Changes
v6.2.0
Compare Source
Changes
v6.1.6
Compare Source
Changes
v6.1.5
Compare Source
Changes
v6.1.4
Compare Source
Changes
v6.1.3
Compare Source
Changes
v6.1.2
Compare Source
Changes
v6.1.1
Compare Source
Changes
v6.1.0
Compare Source
Changes
v6.0.5
Compare Source
Changes
v6.0.4
Compare Source
Changes
v6.0.3
Compare Source
Changes
completion-for-dependency-check.sh
can be found in the bin directory of the CLI:$ source completion-for-dependency-check.sh
been updated to reduce the number of false positives.
and solely rely on the Node Audit Analyzer. There are plans to rework Node JS analysis
in a future release.
v6.0.2
Compare Source
Changes
The project is migrating from hosting the release archives on Bintray and moving them to Github under the assets for each release
Npm Audit Analyzer now correctly skips dev dependencies (
--nodeAuditSkipDevDependencies
); see #2482.GoLang Analyzer now scans transitive dependencies; see #2680.
Several bug fixes found in 6.0.1.
Full listing of changes.
v6.0.1
Compare Source
Changes
Improved error messages when upgrading from 5.x to 6.x; due to breaking database changes if the old
database schema is detected an error message is produced indicating that the old database should be purged.
Fixed the database path for the Ant and Gradle plugins.
Added locking around the RetireJS updates to resolve read/write conflicts in CI environments.
Full listing of changes.
v6.0.0
Compare Source
Changes
specify the data directory will need recreate the database (including users of the docker image). The schema
changes were made to:
has not been resolved - as such, version 6.0.0 does not support Oracle.
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.