sbt-dependency-check v2.1.0 Release Notes
Release Date: 2020-11-04 // over 3 years ago-
๐ Updated dependency-check-core to v6.0.3 (#140). See release notes of DependencyCheck v5.3.1 - v6.0.3
Noteworthy changes
- โฌ๏ธ After upgrading run
dependencyCheckPurge
to clean your database - ๐ Users mirroring the NVD feeds - sbt-dependency-check now requires the use of the version 1.1 data feeds - please ensure you are using 1.1 not the 1.0 data feed.
- โ Added an experimental PE Analyzer that reads the PE headers of DLL and EXE files that can be activated with
dependencyCheckPEAnalyzerEnabled
- โ Added experimental Analyzers for pip and Pipfile that can be activated with
dependencyCheckPipAnalyzerEnabled
,dependencyCheckPipfileAnalyzerEnabled
, - โ Added an experimental Analyzer for Mix Audit to scan Elixir dependencies that can be activated with
dependencyCheckMixAuditAnalyzerEnabled
. ConfiguredependencyCheckMixAuditPath
to point to the mix_audit binary - โ Added
dependencyCheckCveUser
anddependencyCheckCvePassword
settings to support NVD feed mirrors with Basic Authentication
- โฌ๏ธ After upgrading run