DependencyCheck v3.1.0 Release Notes
Release Date: 2018-01-02 // over 6 years ago-
✨ Enhancements
- Major enhancements to the Node and NSP analyzer - the analyzers are now considered production ready and should be used in combination.
- ➕ Added a shutdown hook so that if the update process is interrupted while using an H2 database the lock files will be properly removed allowing future executions of ODC to succeed.
- UNC paths can now be scanned using the CLI.
- ⚡️ Batch updates are now used which may help with the update speed when using some DBMS instead of the embedded H2.
- ⬆️ Upgrade Lucene to 5.5.5, the highest version that will allow us to maintain Java 7 support
🐛 Bug fixes
- 🛠 Fixed the CSV report output to correctly list all fields.
- 🏗 Invalid suppression files will now break the build instead of causing ODC to skip the usage of the suppression analyzer.
- 🛠 Fixed bug in Lucene query where LARGE entries in the pom.xml or manifest caused the query to break.
- General cleanup, false positive, and false negative reduction.