Skip to content

sonar-dependency-check-5.0.0

Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 27 Feb 13:38
· 22 commits to refs/heads/master since this release

Changes

🚀 New features and improvements

  • Update sonarsource parent and adjust license year (#916 by @Reamer)
  • Open report in a separate window (#915 by @Reamer)
  • Migrate to slf4j (#896 by @Reamer)
  • Drop JDK11 Support and add JDK21 Support (#903 by @Reamer)
  • Reinstate security hotspot rule definition (#900 by @NIGCH)
  • Use new severity levels (high, medium, low) (#895 by @NIGCH)

🧰 Maintenance

  • Bump webpack-cli from 4.10.0 to 5.1.4 in /sonar-dependency-check-plugin (#821 by @dependabot)
  • Bump webpack from 5.75.0 to 5.90.3 in /sonar-dependency-check-plugin (#914 by @dependabot)
  • Bump minimatch and recursive-readdir in /sonar-dependency-check-plugin (#725 by @dependabot)
  • Bump json5 and babel-loader in /sonar-dependency-check-plugin (#741 by @dependabot)
  • Bump postcss from 8.4.21 to 8.4.31 in /sonar-dependency-check-plugin (#856 by @dependabot)
  • Bump @babel/core from 7.21.0 to 7.23.9 in /sonar-dependency-check-plugin (#907 by @dependabot)
  • Bump follow-redirects from 1.15.2 to 1.15.4 in /sonar-dependency-check-plugin (#901 by @dependabot)
  • Bump word-wrap from 1.2.3 to 1.2.4 in /sonar-dependency-check-plugin (#837 by @dependabot)
  • Bump jackson.version from 2.16.0 to 2.16.1 in /sonar-dependency-check-plugin (#897 by @dependabot)
  • Bump org.mockito:mockito-core from 5.9.0 to 5.10.0 in /sonar-dependency-check-plugin (#905 by @dependabot)
  • Bump junit.jupiter.version from 5.10.1 to 5.10.2 in /sonar-dependency-check-plugin (#912 by @dependabot)
  • Bump release-drafter/release-drafter from 5 to 6 (#910 by @dependabot)
  • Bump actions/checkout from 3 to 4 (#845 by @dependabot)
  • Bump org.mockito:mockito-core from 5.8.0 to 5.9.0 in /sonar-dependency-check-plugin (#902 by @dependabot)
  • Bump com.github.eirslett:frontend-maven-plugin from 1.13.4 to 1.15.0 in /sonar-dependency-check-plugin (#884 by @dependabot)
  • Bump de.jutzig:github-release-plugin from 1.5.1 to 1.6.0 in /sonar-dependency-check-plugin (#890 by @dependabot)
  • Bump com.github.spotbugs:spotbugs-annotations from 4.8.2 to 4.8.3 in /sonar-dependency-check-plugin (#892 by @dependabot)