search

HtmlUnit / htmlunit-cssparser

CSS parser used by HtmlUnit
Apache License 2.0
5 stars 9 forks source link

Bump org.owasp:dependency-check-maven from 8.2.1 to 8.3.1 #21

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps org.owasp:dependency-check-maven from 8.2.1 to 8.3.1.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 8.3.1

Re-release of 8.3.0 as 8.3.1.

v8.3.0

Added

  • Add LibmanAnalyzer (#5652)
  • Update HTML report Dependencies header based on display settings (#5619)
  • Add link to suppressed vulnerabilities header in HTML report (#5620)
  • Enable local proxy configuration in maven plugin configuration (#5696)

Fixed

  • Fix npm alias present in requires of dependencies (#5703)
  • Make Central URL configurable via CLI (#5667)
  • Ensure support of CVSSv3.1 (#5602)

See the full listing of changes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 8.3.1 (2023-06-12)

Re-release of 8.3.0 as 8.3.1.

Added

Version 8.3.0 (2023-06-12)

Added

  • Add LibmanAnalyzer (#5652)
  • Update HTML report Dependencies header based on display settings (#5619)
  • Add link to suppressed vulnerabilities header in HTML report (#5620)
  • Enable local proxy configuration in maven plugin configuration (#5696)

Fixed

  • Fix npm alias present in requires of dependencies (#5703)
  • Make Central URL configurable via CLI (#5667)
  • Ensure support of CVSSv3.1 (#5602)

See the full listing of changes.

Commits
  • bb68c00 build: prepare release v8.3.1
  • 773f276 docs: update release notes
  • 15d9026 build: prepare for development
  • b46b3fa :build: bump version
  • 8e08318 build: bump version
  • 53de8f0 build: Release 8.3.0 (#5767)
  • 313c782 build(deps): bump commons-io from 2.12.0 to 2.13.0 (#5761)
  • 3e6b531 build(deps): bump maven-failsafe-plugin from 3.1.0 to 3.1.2 (#5760)
  • 12aba4b build(deps): bump guava from 32.0.0-jre to 32.0.1-jre (#5764)
  • 2cf7b79 build(deps): bump guava from 32.0.0-jre to 32.0.1-jre
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)