From e2649a6bbee0621794b3f549ed5919f1f3650290 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 21 Oct 2023 09:36:38 -0400 Subject: [PATCH 1/3] docs: prepare release --- .github/workflows/release.yml | 19 +++++++------------ CHANGELOG.md | 12 ++++++++++++ 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 19553e579be..7d517e444f8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -185,19 +185,14 @@ jobs: prerelease: false draft: false body: | - ### Added - - feat: Add support for Nexus v3 to NexusAnalyzer (#5849) - - ### Fixed - - - fix: Hint Analyzer should run before VersionFilter Analyzer (#5818) - - chore: switch to sha1-pinning as suggested by Semgrep - - fix: OSS Index Analyzer SocketTimeoutException exception handling based on warn only parameter (#5845) - - fix: use curl with -L to follow github redirect (#5808) - - fix: use curl with -L to follow github redirect - - fix: #5671 out of memory error (#5789) - - fix: #5671 Exit method as soon as we detect a loop to prevent an infinite loop leading to an OutOfMemoryError + - fix: upgrade to JCS3 (#5114) + - fix: Support ~= version specifier in requirements.txt and pipfile (#5902) + - fix: Version of dependency no longer ignored when CPE product has a 'java' suffix in a product name (#5901) + - fix: Do not filter out evidences added by hints (#5900) + - fix: fixes FP #5925 (#5927) + + See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/67?closed=1). - name: Upload CLI id: upload-release-cli diff --git a/CHANGELOG.md b/CHANGELOG.md index f280e31f733..130721aea78 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Change Log +## [Version 8.4.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v8.4.1) (2023-10-21) + +### Fixed + +- fix: upgrade to JCS3 (#5114) +- fix: Support ~= version specifier in requirements.txt and pipfile (#5902) +- fix: Version of dependency no longer ignored when CPE product has a 'java' suffix in a product name (#5901) +- fix: Do not filter out evidences added by hints (#5900) +- fix: fixes FP #5925 (#5927) + +See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/67?closed=1). + ## [Version 8.4.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v8.4.0) (2023-08-19) ### Added From 61377ad8f1b097025cfb7047abbfb0a2dca01a7b Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 21 Oct 2023 09:37:51 -0400 Subject: [PATCH 2/3] build: prepare release v8.4.1 --- ant/pom.xml | 4 ++-- archetype/pom.xml | 6 +++--- cli/pom.xml | 4 ++-- core/pom.xml | 4 ++-- maven/pom.xml | 4 ++-- pom.xml | 6 +++--- utils/pom.xml | 4 ++-- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/ant/pom.xml b/ant/pom.xml index 2a82b494893..d1ea7c812d7 100644 --- a/ant/pom.xml +++ b/ant/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-ant @@ -32,7 +32,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/ant scm:git:git@github.com:jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 diff --git a/archetype/pom.xml b/archetype/pom.xml index 329bfd645bc..a00fa368279 100644 --- a/archetype/pom.xml +++ b/archetype/pom.xml @@ -20,20 +20,20 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-plugin Dependency-Check Plugin Archetype jar - 2023-08-19T12:57:43Z + 2023-10-21T13:37:02Z scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/archetype scm:git:git@github.com:jeremylong/DependencyCheck.git - HEAD + v8.4.1 diff --git a/cli/pom.xml b/cli/pom.xml index 7130074a552..6e65a1c20f9 100644 --- a/cli/pom.xml +++ b/cli/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-cli @@ -32,7 +32,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/cli scm:git:git@github.com:jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 dependency-check-${project.version} diff --git a/core/pom.xml b/core/pom.xml index 7f6216c33af..cda55e36cfb 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-core @@ -32,7 +32,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/core scm:git:git@github.com:jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 diff --git a/maven/pom.xml b/maven/pom.xml index d927cbcb6c7..f0d62fba7ab 100644 --- a/maven/pom.xml +++ b/maven/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-maven maven-plugin @@ -35,7 +35,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/master/maven scm:git:git@github.com:jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 3.1.0 diff --git a/pom.xml b/pom.xml index ba6f0612479..830402e76a6 100644 --- a/pom.xml +++ b/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 pom @@ -94,7 +94,7 @@ Copyright (c) 2012 - Jeremy Long scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck scm:git:https://github.com/jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 github @@ -112,7 +112,7 @@ Copyright (c) 2012 - Jeremy Long - 2023-08-19T12:57:43Z + 2023-10-21T13:37:02Z UTF-8 UTF-8 github diff --git a/utils/pom.xml b/utils/pom.xml index b912b89336e..8074e278fff 100644 --- a/utils/pom.xml +++ b/utils/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1-SNAPSHOT + 8.4.1 dependency-check-utils @@ -30,7 +30,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/utils scm:git:git@github.com:jeremylong/DependencyCheck.git - v6.4.1 + v8.4.1 org.owasp.dependencycheck.utils.* From 5cc8df0f8f04247763d571aeb362af1c4bdfbd62 Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sat, 21 Oct 2023 09:37:52 -0400 Subject: [PATCH 3/3] build: prepare for next development iteration --- ant/pom.xml | 4 ++-- archetype/pom.xml | 6 +++--- cli/pom.xml | 4 ++-- core/pom.xml | 4 ++-- maven/pom.xml | 4 ++-- pom.xml | 6 +++--- utils/pom.xml | 4 ++-- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/ant/pom.xml b/ant/pom.xml index d1ea7c812d7..7a56bb57b3f 100644 --- a/ant/pom.xml +++ b/ant/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-ant @@ -32,7 +32,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/ant scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 diff --git a/archetype/pom.xml b/archetype/pom.xml index a00fa368279..f5a6bd5cf73 100644 --- a/archetype/pom.xml +++ b/archetype/pom.xml @@ -20,20 +20,20 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-plugin Dependency-Check Plugin Archetype jar - 2023-10-21T13:37:02Z + 2023-10-21T13:37:51Z scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/archetype scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + HEAD diff --git a/cli/pom.xml b/cli/pom.xml index 6e65a1c20f9..380a1efd399 100644 --- a/cli/pom.xml +++ b/cli/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-cli @@ -32,7 +32,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/cli scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 dependency-check-${project.version} diff --git a/core/pom.xml b/core/pom.xml index cda55e36cfb..5d3d96f2cfd 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-core @@ -32,7 +32,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/core scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 diff --git a/maven/pom.xml b/maven/pom.xml index f0d62fba7ab..fa7a742b053 100644 --- a/maven/pom.xml +++ b/maven/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-maven maven-plugin @@ -35,7 +35,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/master/maven scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 3.1.0 diff --git a/pom.xml b/pom.xml index 830402e76a6..0ce026b2190 100644 --- a/pom.xml +++ b/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT pom @@ -94,7 +94,7 @@ Copyright (c) 2012 - Jeremy Long scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck scm:git:https://github.com/jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 github @@ -112,7 +112,7 @@ Copyright (c) 2012 - Jeremy Long - 2023-10-21T13:37:02Z + 2023-10-21T13:37:51Z UTF-8 UTF-8 github diff --git a/utils/pom.xml b/utils/pom.xml index 8074e278fff..b176c53a678 100644 --- a/utils/pom.xml +++ b/utils/pom.xml @@ -20,7 +20,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved. org.owasp dependency-check-parent - 8.4.1 + 8.4.2-SNAPSHOT dependency-check-utils @@ -30,7 +30,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved. scm:git:https://github.com/jeremylong/DependencyCheck.git https://github.com/jeremylong/DependencyCheck/tree/main/utils scm:git:git@github.com:jeremylong/DependencyCheck.git - v8.4.1 + v6.4.1 org.owasp.dependencycheck.utils.*