github albuch/sbt-dependency-check v5.0.0
on GitHub

latest release: v5.1.0
14 months ago

Updated dependency-check-core to v.8.1.0. See release notes for DependencyCheck from v8.0.0 to v8.1.0 for details.

Breaking Changes

The database schema was updated - if using an external database the update/initialization scripts must be run!

Noteworthy changes

  • New settings dependencyCheckHostedSuppressionsUrl, dependencyCheckHostedSuppressionsForceUpdate and dependencyCheckHostedSuppressionsValidForHours for a hosted suppression file to allow for faster remediation of reported false-positives. Defaults to a file maintained by the DependencyCheck project team.
  • New analyzer settings related to CISA Known Exploited Vulnerability Catalog: dependencyCheckKnownExploitedEnabled, dependencyCheckKnownExploitedUrl and dependencyCheckKnownExploitedValidForHours
  • New Settings to set authentication credentials for the RetireJS Analyzer data feed: dependencyCheckRetireJsAnalyzerRepoUser, dependencyCheckRetireJsAnalyzerRepoPassword
  • New schema for the XML report was added to support some of the above additions
  • Pipefile.lock files are now supported
Check out latest releases or
releases around albuch/sbt-dependency-check v5.0.0

Don't miss a new sbt-dependency-check release

NewReleases is sending notifications on new releases.

Get notifications