Skip to content

Bump org.owasp:dependency-check-maven from 10.0.4 to 11.0.0

Dependabot requested to merge dependabot-maven-org.owasp-dependency-check-maven-11.0.0 into master

Bumps org.owasp:dependency-check-maven from 10.0.4 to 11.0.0.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 11.0.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 11.0.0 (2024-10-21)

  • breaking change: Switch from JMockit to Mockito & build target to Java 11 (#6922)
    • dependency-check now requires a minimum of Java 11.0 to run
  • breaking change: bump com.h2database:h2 from 2.1.214 to 2.3.232 (#6132)
    • H2 databases generated with an older version of ODC will not work with ODC 11.0.0; a new H2 db must be generated
  • feat: Replace old Downloader by an Apache HTTPClient based downloader
  • feat: Use Apache HTTPClient for downloads of public resources (#6949)
  • feat: Also make NodeAuditSearch usr our HTTPClient based connections
  • feat: Also make OSSIndexAnalyzer use our HTTPClient based connections
  • feat: Migrate CentralSearch to use Apache HTTP-client via Downloader
  • feat: Extend apache HTTP-client usage to EngineVersionCheck
  • feat: Remove the need to specify dbDriver for external databases using JDBCv4 ServiceLoader supporting JDBC drivers (#6938)
  • fix: use latest generated suppressions (#7064)
  • fix: Fixup parameter sequence for Dowloader credentials (#7033)
  • fix: Fixup the missing addition of NVD API Datafeed credentials (if configured)
  • fix: Fixup broken proxy authentication in first attempt; extend to include KEV downloads
  • fix: store timestamps locally for local resources (#6936)
  • build: Remove the animal-sniffer, propagate java version to plugin-archetype (#6950)
  • build: Update Checkstyle configuration and Suppression DTD references (#6951)
  • chore: Update test db schema (#7036)
  • chore: remove old, unneeded database upgrade script
  • docs: reformat javadoc (#7009)
  • docs: Fixup javadoc warnings (#6995)
  • chore: Replace use of several deprecated methods/classes by their successors (#6933)

See the full listing of changes.

Commits
  • db79571 build: prepare release v11.0.0
  • ab479cf docs: update release notes
  • 2b36c82 fix: use latest generated suppressions (#7064)
  • 30eb04e chore: Remove unnecessary mysql-connector suppressions (#7059)
  • 26bd04c build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8....
  • bc1cc54 build(deps): bump org.apache.maven.plugins:maven-surefire-report-plugin from ...
  • 3734db6 build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.3.1 to...
  • b126e35 build(deps): bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.2 to ...
  • 46f1c72 build(deps): bump org.apache.maven.plugins:maven-deploy-plugin
  • d0d169e build(deps): bump org.apache.httpcomponents.client5:httpclient5
  • Additional commits viewable in compare view

Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports