Re: [PR] Bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5 [causeway]
andi-huber merged PR #3112: URL: https://github.com/apache/causeway/pull/3112 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
Re: [PR] Bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5 [causeway]
andi-huber merged PR #3104: URL: https://github.com/apache/causeway/pull/3104 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
[PR] Bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5 [causeway]
dependabot[bot] opened a new pull request, #3112: URL: https://github.com/apache/causeway/pull/3112 Bumps [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) from 12.1.3 to 12.1.5. Release notes Sourced from https://github.com/dependency-check/DependencyCheck/releases";>org.owasp:dependency-check-maven's releases. Version 12.1.5 Refer to the https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md#change-log";>CHANGELOG.md for information about improvements and upgrade notes. Changelog Sourced from https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md";>org.owasp:dependency-check-maven's changelog. https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.5";>Version 12.1.5 (2025-09-20) fix: Update to support OSS Index Authentication Requirements (https://redirect.github.com/dependency-check/DependencyCheck/issues/7920";>#7920) Note: OSS Index will require authentication starting 9/22/2025. Users must configure a free account to continue using the OSS Index Analyzer. See https://ossindex.sonatype.org/doc/auth-required";>https://ossindex.sonatype.org/doc/auth-required. fix: add CVSSv4 to suppressed entries in JSON report (https://redirect.github.com/dependency-check/DependencyCheck/issues/7900";>#7900) fix: correctly utilize CVSSv4 from ossindex (https://redirect.github.com/dependency-check/DependencyCheck/issues/7899";>#7899) fix: npe when processing cve with empty configuration (https://redirect.github.com/dependency-check/DependencyCheck/issues/7888";>#7888) fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod (https://redirect.github.com/dependency-check/DependencyCheck/issues/7848";>#7848) fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod fix: class loading problem with fat jars (https://redirect.github.com/dependency-check/DependencyCheck/issues/7786";>#7786) (https://redirect.github.com/dependency-check/DependencyCheck/issues/7787";>#7787) fix: Improve Artifactory handler log message (https://redirect.github.com/dependency-check/DependencyCheck/issues/7838";>#7838) fix: classloading problem with fat jars (https://redirect.github.com/dependency-check/DependencyCheck/issues/7786";>#7786) fix: Add null checking when parsing the license json in AbstractNpmAnalyzer. (https://redirect.github.com/dependency-check/DependencyCheck/issues/7784";>#7784) fix(fp): resolves several false positives related to CVE-2021-41033 (https://redirect.github.com/dependency-check/DependencyCheck/issues/7736";>#7736) docs: Clarify format of exclude patterns (https://redirect.github.com/dependency-check/DependencyCheck/issues/7879";>#7879) docs: Document poetry-based analysis behaviour in Python analyzer (https://redirect.github.com/dependency-check/DependencyCheck/issues/7855";>#7855) docs: request FP reporters use the latest version of ODC. (https://redirect.github.com/dependency-check/DependencyCheck/issues/7820";>#7820) docs: update development pre-reqs (https://redirect.github.com/dependency-check/DependencyCheck/issues/7792";>#7792) docs: fix minor typos in false positive issue template (https://redirect.github.com/dependency-check/DependencyCheck/issues/7763";>#7763) See the full listing of https://github.com/dependency-check/DependencyCheck/milestone/98?closed=1";>changes Commits https://github.com/dependency-check/DependencyCheck/commit/71e0fd86351e32956aeae3436102b27e291af6e2";>71e0fd8 build: prepare release v12.1.5 https://github.com/dependency-check/DependencyCheck/commit/d5198d5d7d945e230b91d2a4d9dc292b89e35b8d";>d5198d5 chore: bump project to 12.1.5 https://github.com/dependency-check/DependencyCheck/commit/ed80987e79339a405dddba8c64aa36784cefbaf6";>ed80987 chore: revert failed release (https://redirect.github.com/dependency-check/DependencyCheck/issues/7932";>#7932) https://github.com/dependency-check/DependencyCheck/commit/045e42874ce2ec34c8b108ee6e99ebe112bc8297";>045e428 chore: revert failed release https://github.com/dependency-check/DependencyCheck/commit/af347486b75deed24655e9cdea9d166b8ed29ca4";>af34748 build: release 12.1.4 (https://redirect.github.com/dependency-check/DependencyCheck/issues/7931";>#7931) https://github.com/dependency-check/DependencyCheck/commit/3220b965273700da7074f8aa470fe8105ac991bf";>3220b96 build: prepare for next development iteration https://github.com/dependency-check/DependencyCheck/commit/dcfcc106bce67c080e3674ae551b68453300e87a";>dcfcc10 build: prepare release v12.1.4 https://github.com/dependency-check/DependencyCheck/commit/1d15a2d685fb23ac24dedfcf733932a1a736ddbf";>1d15a2d docs: update changelog for release 12.1.4 https://github.com/dependency-check/DependencyCheck/commit/baf281b9e90f7f7e17707ebafd2e1815383b6e8b";>baf281b build(deps): bump actions/setup-dotnet from 4.3
[PR] Bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5 [causeway]
dependabot[bot] opened a new pull request, #3104: URL: https://github.com/apache/causeway/pull/3104 Bumps [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) from 12.1.3 to 12.1.5. Release notes Sourced from https://github.com/dependency-check/DependencyCheck/releases";>org.owasp:dependency-check-maven's releases. Version 12.1.5 Refer to the https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md#change-log";>CHANGELOG.md for information about improvements and upgrade notes. Changelog Sourced from https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md";>org.owasp:dependency-check-maven's changelog. https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.5";>Version 12.1.5 (2025-09-20) fix: Update to support OSS Index Authentication Requirements (https://redirect.github.com/dependency-check/DependencyCheck/issues/7920";>#7920) Note: OSS Index will require authentication starting 9/22/2025. Users must configure a free account to continue using the OSS Index Analyzer. See https://ossindex.sonatype.org/doc/auth-required";>https://ossindex.sonatype.org/doc/auth-required. fix: add CVSSv4 to suppressed entries in JSON report (https://redirect.github.com/dependency-check/DependencyCheck/issues/7900";>#7900) fix: correctly utilize CVSSv4 from ossindex (https://redirect.github.com/dependency-check/DependencyCheck/issues/7899";>#7899) fix: npe when processing cve with empty configuration (https://redirect.github.com/dependency-check/DependencyCheck/issues/7888";>#7888) fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod (https://redirect.github.com/dependency-check/DependencyCheck/issues/7848";>#7848) fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod fix: class loading problem with fat jars (https://redirect.github.com/dependency-check/DependencyCheck/issues/7786";>#7786) (https://redirect.github.com/dependency-check/DependencyCheck/issues/7787";>#7787) fix: Improve Artifactory handler log message (https://redirect.github.com/dependency-check/DependencyCheck/issues/7838";>#7838) fix: classloading problem with fat jars (https://redirect.github.com/dependency-check/DependencyCheck/issues/7786";>#7786) fix: Add null checking when parsing the license json in AbstractNpmAnalyzer. (https://redirect.github.com/dependency-check/DependencyCheck/issues/7784";>#7784) fix(fp): resolves several false positives related to CVE-2021-41033 (https://redirect.github.com/dependency-check/DependencyCheck/issues/7736";>#7736) docs: Clarify format of exclude patterns (https://redirect.github.com/dependency-check/DependencyCheck/issues/7879";>#7879) docs: Document poetry-based analysis behaviour in Python analyzer (https://redirect.github.com/dependency-check/DependencyCheck/issues/7855";>#7855) docs: request FP reporters use the latest version of ODC. (https://redirect.github.com/dependency-check/DependencyCheck/issues/7820";>#7820) docs: update development pre-reqs (https://redirect.github.com/dependency-check/DependencyCheck/issues/7792";>#7792) docs: fix minor typos in false positive issue template (https://redirect.github.com/dependency-check/DependencyCheck/issues/7763";>#7763) See the full listing of https://github.com/dependency-check/DependencyCheck/milestone/98?closed=1";>changes Commits https://github.com/dependency-check/DependencyCheck/commit/71e0fd86351e32956aeae3436102b27e291af6e2";>71e0fd8 build: prepare release v12.1.5 https://github.com/dependency-check/DependencyCheck/commit/d5198d5d7d945e230b91d2a4d9dc292b89e35b8d";>d5198d5 chore: bump project to 12.1.5 https://github.com/dependency-check/DependencyCheck/commit/ed80987e79339a405dddba8c64aa36784cefbaf6";>ed80987 chore: revert failed release (https://redirect.github.com/dependency-check/DependencyCheck/issues/7932";>#7932) https://github.com/dependency-check/DependencyCheck/commit/045e42874ce2ec34c8b108ee6e99ebe112bc8297";>045e428 chore: revert failed release https://github.com/dependency-check/DependencyCheck/commit/af347486b75deed24655e9cdea9d166b8ed29ca4";>af34748 build: release 12.1.4 (https://redirect.github.com/dependency-check/DependencyCheck/issues/7931";>#7931) https://github.com/dependency-check/DependencyCheck/commit/3220b965273700da7074f8aa470fe8105ac991bf";>3220b96 build: prepare for next development iteration https://github.com/dependency-check/DependencyCheck/commit/dcfcc106bce67c080e3674ae551b68453300e87a";>dcfcc10 build: prepare release v12.1.4 https://github.com/dependency-check/DependencyCheck/commit/1d15a2d685fb23ac24dedfcf733932a1a736ddbf";>1d15a2d docs: update changelog for release 12.1.4 https://github.com/dependency-check/DependencyCheck/commit/baf281b9e90f7f7e17707ebafd2e1815383b6e8b";>baf281b build(deps): bump actions/setup-dotnet from 4.3
