Bump org.owasp:dependency-check-maven from 10.0.4 to 11.0.0
Bumps org.owasp:dependency-check-maven from 10.0.4 to 11.0.0.
Release notes
Sourced from org.owasp:dependency-check-maven's releases.
Version 11.0.0
Refer to the CHANGELOG.md for information about improvements and upgrade notes.
Changelog
Sourced from org.owasp:dependency-check-maven's changelog.
Version 11.0.0 (2024-10-21)
- breaking change: Switch from JMockit to Mockito & build target to Java 11 (#6922)
- dependency-check now requires a minimum of Java 11.0 to run
- breaking change: bump com.h2database:h2 from 2.1.214 to 2.3.232 (#6132)
- H2 databases generated with an older version of ODC will not work with ODC 11.0.0; a new H2 db must be generated
- feat: Replace old Downloader by an Apache HTTPClient based downloader
- feat: Use Apache HTTPClient for downloads of public resources (#6949)
- feat: Also make NodeAuditSearch usr our HTTPClient based connections
- feat: Also make OSSIndexAnalyzer use our HTTPClient based connections
- feat: Migrate CentralSearch to use Apache HTTP-client via Downloader
- feat: Extend apache HTTP-client usage to EngineVersionCheck
- feat: Remove the need to specify dbDriver for external databases using JDBCv4 ServiceLoader supporting JDBC drivers (#6938)
- fix: use latest generated suppressions (#7064)
- fix: Fixup parameter sequence for Dowloader credentials (#7033)
- fix: Fixup the missing addition of NVD API Datafeed credentials (if configured)
- fix: Fixup broken proxy authentication in first attempt; extend to include KEV downloads
- fix: store timestamps locally for local resources (#6936)
- build: Remove the animal-sniffer, propagate java version to plugin-archetype (#6950)
- build: Update Checkstyle configuration and Suppression DTD references (#6951)
- chore: Update test db schema (#7036)
- chore: remove old, unneeded database upgrade script
- docs: reformat javadoc (#7009)
- docs: Fixup javadoc warnings (#6995)
- chore: Replace use of several deprecated methods/classes by their successors (#6933)
See the full listing of changes.
Commits
-
db79571
build: prepare release v11.0.0 -
ab479cf
docs: update release notes -
2b36c82
fix: use latest generated suppressions (#7064) -
30eb04e
chore: Remove unnecessary mysql-connector suppressions (#7059) -
26bd04c
build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.... -
bc1cc54
build(deps): bump org.apache.maven.plugins:maven-surefire-report-plugin from ... -
3734db6
build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.3.1 to... -
b126e35
build(deps): bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.2 to ... -
46f1c72
build(deps): bump org.apache.maven.plugins:maven-deploy-plugin -
d0d169e
build(deps): bump org.apache.httpcomponents.client5:httpclient5 - Additional commits viewable in compare view
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot recreate
will recreate this MR rewriting all the manual changes and resolving conflicts