jeremylong/DependencyCheck
### [`v8.1.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-810-httpsgithubcomjeremylongDependencyCheckreleasestagv810-2023-01-26)
[Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.0.2...v8.1.0)
##### Added
- `Pipefile.lock` files are now supported ([#5404](https://togithub.com/jeremylong/DependencyCheck/pull/5404)).
- Python projects with only a `pyproject.toml` but no lock file or requirements will report an error as ODC is unable to analyze the project ([#5409](https://togithub.com/jeremylong/DependencyCheck/pull/5409)).
##### Fixed
- Some maven projects caused false positives due to bad string interpolation ([#5421](https://togithub.com/jeremylong/DependencyCheck/pull/5421)).
- Error message from Assembly Analyzer has been updated to emphasize dotnet 6 is required for analysis ([#5408](https://togithub.com/jeremylong/DependencyCheck/pull/5408)).
- Correct issue where database defrag occurs even when no updates were performed ([#5441](https://togithub.com/jeremylong/DependencyCheck/pull/5441)).
- Fixed several False Positives and one False Negative.
- Fixed the `format` configuration more flexible in the gradle plugin ([dependency-check-gradle/#324](https://togithub.com/dependency-check/dependency-check-gradle/pull/324)).
See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/60?closed=1).
### [`v8.0.2`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-802-httpsgithubcomjeremylongDependencyCheckreleasestagv802-2023-01-26)
[Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.0.1...v8.0.2)
##### Fixed
- Resolved bug causing an issue with some Maven Extensions ([#5366](https://togithub.com/jeremylong/DependencyCheck/pull/5366)).
- ArchiveAnalyzer will now correctly throw an exception if it cannot open an Archive ([#5371](https://togithub.com/jeremylong/DependencyCheck/pull/5371)).
- Updated CSV report so that it no longer has a duplicate `description` column ([#5364](https://togithub.com/jeremylong/DependencyCheck/pull/5364)).
- Moved several logging statements to trace which should drastically reduce the log size ([#5350](https://togithub.com/jeremylong/DependencyCheck/pull/5350)).
- Fixed bug with RetireJS' `--retirejsFilterNonVulnerable` and `--retirejsFilter` when used with the CLI ([#5351](https://togithub.com/jeremylong/DependencyCheck/pull/5351)).
- Fixed the `sarif` report format and added validation ([#5345](https://togithub.com/jeremylong/DependencyCheck/pull/5345) and ([#5363](https://togithub.com/jeremylong/DependencyCheck/pull/5363))
- Fixed `MalformedPackageException` in the gradle plugin ([dependency-check-gradle/#320](https://togithub.com/dependency-check/dependency-check-gradle/pull/320)).
- Fixed `MissingMethodException` in the gradle plugin ([dependency-check-gradle/#316](https://togithub.com/dependency-check/dependency-check-gradle/pull/316)).
See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/59?closed=1).
Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
8.0.1
->8.1.0
Release Notes
jeremylong/DependencyCheck
### [`v8.1.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-810-httpsgithubcomjeremylongDependencyCheckreleasestagv810-2023-01-26) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.0.2...v8.1.0) ##### Added - `Pipefile.lock` files are now supported ([#5404](https://togithub.com/jeremylong/DependencyCheck/pull/5404)). - Python projects with only a `pyproject.toml` but no lock file or requirements will report an error as ODC is unable to analyze the project ([#5409](https://togithub.com/jeremylong/DependencyCheck/pull/5409)). ##### Fixed - Some maven projects caused false positives due to bad string interpolation ([#5421](https://togithub.com/jeremylong/DependencyCheck/pull/5421)). - Error message from Assembly Analyzer has been updated to emphasize dotnet 6 is required for analysis ([#5408](https://togithub.com/jeremylong/DependencyCheck/pull/5408)). - Correct issue where database defrag occurs even when no updates were performed ([#5441](https://togithub.com/jeremylong/DependencyCheck/pull/5441)). - Fixed several False Positives and one False Negative. - Fixed the `format` configuration more flexible in the gradle plugin ([dependency-check-gradle/#324](https://togithub.com/dependency-check/dependency-check-gradle/pull/324)). See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/60?closed=1). ### [`v8.0.2`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-802-httpsgithubcomjeremylongDependencyCheckreleasestagv802-2023-01-26) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.0.1...v8.0.2) ##### Fixed - Resolved bug causing an issue with some Maven Extensions ([#5366](https://togithub.com/jeremylong/DependencyCheck/pull/5366)). - ArchiveAnalyzer will now correctly throw an exception if it cannot open an Archive ([#5371](https://togithub.com/jeremylong/DependencyCheck/pull/5371)). - Updated CSV report so that it no longer has a duplicate `description` column ([#5364](https://togithub.com/jeremylong/DependencyCheck/pull/5364)). - Moved several logging statements to trace which should drastically reduce the log size ([#5350](https://togithub.com/jeremylong/DependencyCheck/pull/5350)). - Fixed bug with RetireJS' `--retirejsFilterNonVulnerable` and `--retirejsFilter` when used with the CLI ([#5351](https://togithub.com/jeremylong/DependencyCheck/pull/5351)). - Fixed the `sarif` report format and added validation ([#5345](https://togithub.com/jeremylong/DependencyCheck/pull/5345) and ([#5363](https://togithub.com/jeremylong/DependencyCheck/pull/5363)) - Fixed `MalformedPackageException` in the gradle plugin ([dependency-check-gradle/#320](https://togithub.com/dependency-check/dependency-check-gradle/pull/320)). - Fixed `MissingMethodException` in the gradle plugin ([dependency-check-gradle/#316](https://togithub.com/dependency-check/dependency-check-gradle/pull/316)). See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/59?closed=1).Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.