Added
Pipefile.lock
files are now supported (#5404).- Python projects with only a
pyproject.toml
but no lock file or requirements will report an error as ODC is unable to analyze the project (#5409).
Fixed
- Some maven projects caused false positives due to bad string interpolation (#5421).
- Error message from Assembly Analyzer has been updated to emphasize dotnet 6 is required for analysis (#5408).
- Correct issue where database defrag occurs even when no updates were performed (#5441).
- Fixed several False Positives and one False Negative.
- Fixed the
format
configuration more flexible in the gradle plugin (dependency-check-gradle/#324).
See the full listing of changes.