sbt-dependency-check v1.0.0

Version Release Notes from June 13, 2019 (almost 5 years ago)

« Changelog History

sbt-dependency-check v1.0.0 Release Notes

Release Date: 2019-06-13 // almost 5 years ago

🚀 Updated dependency-check-core to v5.0.0 (#72). See Release notes of dependency-check v5.0.0-m1, v5.0.0-M2, v5.0.0-M3 and v5.0.0 for details.

💥 Breaking changes
- The NVD CVE data import now uses the JSON data feeds instead of the XML data feeds.
  - The setting key names have changed if you are mirroring the data feeds locally.
- sbt-dependency-check now uses the NVD Meta files in addition to the *.json.gz files. If you have a local mirror of the NVD you must now mirror the meta data files. The nist-data-mirror has been updated to include these files.
- dotnet core must be installed to analyze .NET assemblies
- 0️⃣ The retire.js analyzer is no longer considered experimental and is enabled by default.
- ⚡️ All of the report formats have been updated to include the additional data from the NVD CVE JSON data feeds.
Noteworthy changes
- Multiple report formats can be specified with the new setting dependencyCheckFormats; if you wanted just two of the reports you no longer need to use ALL.

Awesome Scala is part of the LibHunt network. Terms. Privacy Policy.