OWASP dependency-check 1.4.2 released!

[Jeremy Long]

The OWASP dependency-check team is pleased to announce the release of version 1.4.2! Please visit the documentation site for information on obtaining the new version (CLI, Maven Plugin, Ant Task, Gradle Plugin, Jenkins Plugin).

Release Notes

-------------------

• Resolved a connectivity issue to the NVD that occurs when using an older version of Java. See issue #523.
  
• There may still be users experiencing a problem after upgrading to 1.4.2 - but the issue should be resolved for most.
• Improved exception handling within dependency-check so that the CLI will return non-zero exit codes when an error occurs.
  
• The Ant, Gradle, and Maven plugins have an added failOnError setting (defaults to true); previously, many errors that occurred would not cause a build failure. An exception in dependency-check will now cause a build failure; you can set failOnError to false to maintain the old behavior.
• Added the ability to scan a spring-boot fully executable JAR; the script added to the beginning of the JAR caused errors.

Best Regards,

The OWASP dependency-check team