search

gdcc / sword2-server

(Forked) Java Server Library for supporting integration with SWORDv2
Apache License 2.0
0 stars 1 forks source link

chore(deps): update dependency org.owasp:dependency-check-maven to v8.3.1 #140

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.owasp:dependency-check-maven (source) 8.1.2 -> 8.3.1 age adoption passing confidence

Release Notes

jeremylong/DependencyCheck ### [`v8.3.1`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-831-httpsgithubcomjeremylongDependencyCheckreleasestagv831-2023-06-12) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.3.0...v8.3.1) Re-release of 8.3.0 as 8.3.1. ##### Added ### [`v8.3.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-830-httpsgithubcomjeremylongDependencyCheckreleasestagv830-2023-06-12) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.2.1...v8.3.0) ##### Added - Add LibmanAnalyzer ([#​5652](https://togithub.com/jeremylong/DependencyCheck/issues/5652)) - Update HTML report Dependencies header based on display settings ([#​5619](https://togithub.com/jeremylong/DependencyCheck/issues/5619)) - Add link to suppressed vulnerabilities header in HTML report ([#​5620](https://togithub.com/jeremylong/DependencyCheck/issues/5620)) - Enable local proxy configuration in maven plugin configuration ([#​5696](https://togithub.com/jeremylong/DependencyCheck/issues/5696)) ##### Fixed - Fix npm alias present in requires of dependencies ([#​5703](https://togithub.com/jeremylong/DependencyCheck/issues/5703)) - Make Central URL configurable via CLI ([#​5667](https://togithub.com/jeremylong/DependencyCheck/issues/5667)) - Ensure support of CVSSv3.1 ([#​5602](https://togithub.com/jeremylong/DependencyCheck/issues/5602)) See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/65?closed=1). ### [`v8.2.1`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-821-httpsgithubcomjeremylongDependencyCheckreleasestagv821-2023-03-23) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.2.0...v8.2.1) ##### Fixed - NullPointerException in MSBuildAnalyzer ([#​5589](https://togithub.com/jeremylong/DependencyCheck/issues/5589)) - SQL Syntax for Oracle ([#​5590](https://togithub.com/jeremylong/DependencyCheck/issues/5590)) - Use `https://` URLs in report templates ([#​5582](https://togithub.com/jeremylong/DependencyCheck/issues/5582)) See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/64?closed=1). ### [`v8.2.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-820-httpsgithubcomjeremylongDependencyCheckreleasestagv820-2023-03-22) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v8.1.2...v8.2.0) ##### Added - Support msbuild Directory.build.props ([#​5475](https://togithub.com/jeremylong/DependencyCheck/issues/5475)) - better display of NPM audit references - Add CVSS V3 results from NPM Audit results ##### Fixed - Fix several issues on NPM Audit reporting ([#​5546](https://togithub.com/jeremylong/DependencyCheck/issues/5546)) - Case issue in SQL ([#​5557](https://togithub.com/jeremylong/DependencyCheck/issues/5557)) - Fix CWE(s) extraction for NPM Audit advisories - Use the stable github_advisory_id instead of the now unstable id in NPM audit results See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/63?closed=1).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

github-advanced-security[bot] commented 1 year ago

You have successfully added a new dependency-check configuration .github/workflows/maven-pr-checks.yml:verify/java:. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication