dependency-check-1.1.4 released
56 views
Skip to first unread message
Jeremy Long
Mar 31, 2014, 9:10:58 AM3/31/14
to dependen...@googlegroups.com
Over the weekend the project team released version 1.1.4 of dependency-check: https://www.owasp.org/index.php/OWASP_Dependency_Check
Change Log
- The generated report names have been modified - if you have built any automation around parsing these automatically the file name is now: dependency-check-report.html and dependency-check-report.xml.
- Fixed the bug causing suppression.xml files not to load.
- Added wild-card support to scanning paths in the command line tool.
- You can now specify `--scan=some\path\*.zip` to only scan zip files. Note, all file types within the zip archive that dependency-check can analyze will be checked.
- .NET Assembly Analyzer has been updated to better handle a few exception cases
- Individual file type analyzers will automatically disable themselves if they do not have any files to process
- Individual file type analyzers can be disabled via configuration
- For an example see the CLI documentation for the `-disableXXX` properties: http://jeremylong.github.io/DependencyCheck/dependency-check-cli/arguments.html
- An dependency-check Agent API was added to make running a scan via an external program easier. Specifically, if you have information about a dependency, but don't want to scan the dependency specifically, you can supply the evidence used to analyze the dependency via the agent API and run the scan. I doubt most users will utilize this, but it will be useful for integration with some tools/environments.
- Several other minor enhancements and additions.
Reply all
Reply to author
Forward
0 new messages