Bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0
Bumps org.owasp:dependency-check-maven from 9.2.0 to 10.0.0.
Release notes
Sourced from org.owasp:dependency-check-maven's releases.
Version 10.0.0
Refer to the CHANGELOG.md for information about improvements and upgrade notes.
Changelog
Sourced from org.owasp:dependency-check-maven's changelog.
Version 10.0.0 (2024-07-01)
- breaking change: upgrade to dotnet 8.0 (#6580)
- Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies
- feat: fix the NVD API related errors by adding cvssV4 support (#6756)
- breaking changes: anyone utilizing a centralized database will need to upgrade the schema; see changes in [PR #6756](jeremylong/DependencyCheck#6756)
- fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)
- fix: #6688 Trim version number when parsin POM (#6705)
- fix: change request if lockfile is file v3 (#6690)
- fix: skip pyproject.toml unless it contains
tool.poetrybefore ensuring lockfiles (#6681)See the full listing of changes.
Commits
-
2ce874abuild: prepare release v10.0.0 -
cfe0b39docs: prepare release -
ad0d16afeat: add cvssV4 support (#6756) -
a798f89feat: upgrade to dotnet 8.0 (#6580) -
1af4856build(deps): bump bundled jQuery versions from 3.5.1 to 3.7.1 (#6750) -
9b42aedfix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749) -
fff64ebbuild(deps): bump jackson.version from 2.16.1 to 2.17.1 (#6648) -
84868b6build(deps): bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.5 t... -
66cf0b3build(deps): bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3... -
5afb495build(deps): bump org.apache.maven.plugins:maven-project-info-reports-plugin ... - Additional commits viewable in compare view
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot recreatewill recreate this MR rewriting all the manual changes and resolving conflicts