jeremylong/DependencyCheck v8.1.0

Version 8.1.0

on GitHub

Added

• Pipefile.lock files are now supported (#5404).
• Python projects with only a pyproject.toml but no lock file or requirements will report an error as ODC is unable to analyze the project (#5409).

Fixed

• Some maven projects caused false positives due to bad string interpolation (#5421).
• Error message from Assembly Analyzer has been updated to emphasize dotnet 6 is required for analysis (#5408).
• Correct issue where database defrag occurs even when no updates were performed (#5441).
• Fixed several False Positives and one False Negative.
• Fixed the format configuration more flexible in the gradle plugin (dependency-check-gradle/#324).

See the full listing of changes.