search

albuch / sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
Apache License 2.0
266 stars 35 forks source link

:arrow_up: Update dependency-check-core to 8.4.0 #308

Closed scala-steward closed 1 year ago

scala-steward commented 1 year ago

About this PR

📦 Updates org.owasp:dependency-check-core from 8.1.2 to 8.4.0

Usage

✅ Please merge!

I'll automatically update this PR to resolve conflicts as long as you don't change it yourself.

If you'd like to skip this version, you can just close this PR. If you have any feedback, just mention me in the comments below.

Configure Scala Steward for your repository with a .scala-steward.conf file.

Have a fantastic day writing Scala!

âš™ Adjust future updates Add this to your `.scala-steward.conf` file to ignore future updates of this dependency: ``` updates.ignore = [ { groupId = "org.owasp", artifactId = "dependency-check-core" } ] ``` Or, add this to slow down future updates of this dependency: ``` dependencyOverrides = [{ pullRequests = { frequency = "30 days" }, dependency = { groupId = "org.owasp", artifactId = "dependency-check-core" } }] ```

labels: library-update, early-semver-minor, semver-spec-minor, commit-count:1

mrdziuban commented 1 year ago

Hey @albuch, is there any chance you could merge this and release a new version? The later versions of OWASP have some nice fixes for false positives I've noticed in my projects. Thank you in advance!

scala-steward commented 1 year ago

Superseded by #311.