jeremylong/DependencyCheck (org.owasp:dependency-check-maven)
### [`v10.0.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-1000-2024-07-01)
[Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v9.2.0...v10.0.0)
- **breaking change**: upgrade to dotnet 8.0 ([#6580](https://togithub.com/jeremylong/DependencyCheck/issues/6580))
- Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies
- feat: fix the NVD API related errors by adding cvssV4 support ([#6756](https://togithub.com/jeremylong/DependencyCheck/issues/6756))
- **breaking changes**: anyone utilizing a centralized database will need to upgrade the schema; see changes in [PR #6756](https://togithub.com/jeremylong/DependencyCheck/pull/6756/files#diff-ca432c4b41d39caa84d140e06694b09c7e6394c8a2db72ba27516dc77ee3bd67)
- fix: avoid escaping unnecessary chars in HTML report suppression regexes ([#6749](https://togithub.com/jeremylong/DependencyCheck/issues/6749))
- fix: [#6688](https://togithub.com/jeremylong/DependencyCheck/issues/6688) Trim version number when parsin POM ([#6705](https://togithub.com/jeremylong/DependencyCheck/issues/6705))
- fix: change request if lockfile is file v3 ([#6690](https://togithub.com/jeremylong/DependencyCheck/issues/6690))
- fix: skip pyproject.toml unless it contains `tool.poetry` before ensuring lockfiles ([#6681](https://togithub.com/jeremylong/DependencyCheck/issues/6681))
See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/83?closed=1).
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
coverage: 89.729% (-0.2%) from 89.922%
when pulling 7e62eb28490ef61de720862453a99c01cb57e159 on renovate/org.owasp-dependency-check-maven-10.x
into 8d27e40e5f49fae7307e6414b45c31be76e7e0d5 on master.
This PR contains the following updates:
9.2.0
->10.0.0
Release Notes
jeremylong/DependencyCheck (org.owasp:dependency-check-maven)
### [`v10.0.0`](https://togithub.com/jeremylong/DependencyCheck/blob/HEAD/CHANGELOG.md#Version-1000-2024-07-01) [Compare Source](https://togithub.com/jeremylong/DependencyCheck/compare/v9.2.0...v10.0.0) - **breaking change**: upgrade to dotnet 8.0 ([#6580](https://togithub.com/jeremylong/DependencyCheck/issues/6580)) - Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies - feat: fix the NVD API related errors by adding cvssV4 support ([#6756](https://togithub.com/jeremylong/DependencyCheck/issues/6756)) - **breaking changes**: anyone utilizing a centralized database will need to upgrade the schema; see changes in [PR #6756](https://togithub.com/jeremylong/DependencyCheck/pull/6756/files#diff-ca432c4b41d39caa84d140e06694b09c7e6394c8a2db72ba27516dc77ee3bd67) - fix: avoid escaping unnecessary chars in HTML report suppression regexes ([#6749](https://togithub.com/jeremylong/DependencyCheck/issues/6749)) - fix: [#6688](https://togithub.com/jeremylong/DependencyCheck/issues/6688) Trim version number when parsin POM ([#6705](https://togithub.com/jeremylong/DependencyCheck/issues/6705)) - fix: change request if lockfile is file v3 ([#6690](https://togithub.com/jeremylong/DependencyCheck/issues/6690)) - fix: skip pyproject.toml unless it contains `tool.poetry` before ensuring lockfiles ([#6681](https://togithub.com/jeremylong/DependencyCheck/issues/6681)) See the full listing of [changes](https://togithub.com/jeremylong/DependencyCheck/milestone/83?closed=1).Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.