Bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 #1305

dependabot · 2025-01-20T16:26:44Z

Bumps org.owasp:dependency-check-maven from 12.0.0 to 12.0.1.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.0.1

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.0.1 (2025-01-19)

docs: Fix OSS Index Maven config documentation (#7322)

Fix OSS Index Maven config documentation

chore(docs): Document Gradle plugin support for failBuildOnUnusedSuppressionRule (#7307)

chore(docs): Correct analyzers config example to use Gradle dot-syntax (#7305)

fix: improve error message on improperly configured serverId credentials in settings.xml (#7313)

fix: Lower Basic serverId when Bearer was expected to a warning

fix: improve error message on improperly configured serverId credentials

fix: Correct nonProxyHosts support when no sys properties set (#7306)

core(docs): Group failBuildOnUnusedSuppressionRule flag next to suppression file configuration

core(docs): Update Gradle plugin documentation for failBuildOnUnusedSuppressionRule support

fix: Correct nonProxyHosts support when no sys properties set

chore(docs): Correct analyzers config example to use Gradle dot-syntax

See the full listing of changes.

Commits

eee5b46 build: prepare release v12.0.1
8f76b42 docs: prepare release
9424f85 build(deps): bump org.sonatype.goodies:package-url-java from 1.1.1 to 1.2.0 (...
c5e6bce build(deps): bump org.apache.maven.plugins:maven-artifact-plugin from 3.5.3 t...
7181e6a build(deps): bump joda-time:joda-time from 2.10.4 to 2.13.0 (#7300)
2c7b19b build(deps-dev): bump io.netty:netty-codec-http from 4.1.115.Final to 4.1.117...
9502f82 build(deps): bump golang from 1.23.4-alpine to 1.23.5-alpine (#7323)
eb6be01 docs: Fix OSS Index Maven config documentation (#7322)
7485f9f build(deps): bump golang from 1.23.4-alpine to 1.23.5-alpine
d883343 Fix OSS Index Maven config documentation
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 12.0.0 to 12.0.1. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](jeremylong/DependencyCheck@v12.0.0...v12.0.1) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2025-01-20T16:43:49Z

☀️ Quality Monitor

   🚦 Tests: 98% successful (✔️ 103 passed, 🙈 2 skipped)
   〰️ Line Coverage: 92% (61 missed lines)
   ➰ Branch Coverage: 91% (19 missed branches)
   Mutation Coverage: 80% (80 survived mutations)
   💪 Test Strength: 85% (58 survived mutations in tested code)
   CheckStyle: No warnings
   PMD: No warnings
   SpotBugs: No bugs
   🐛 Error Prone: No bugs
   🚫 Revapi: No warnings
   OWASP Dependency Check: No vulnerabilities
   🌀 Cyclomatic Complexity: 376 (total)
   💭 Cognitive Complexity: 173 (total)
   📏 Lines of Code: 4075 (total)
   📝 Non Commenting Source Statements: 1257 (total)
   🔭 Access to foreign data: 88 (total)
   🔗 Class cohesion: 71.43% (maximum)
   📤 Fan out: 280 (total)
   📲 Number of accessors: 14 (total)
   ⚖️ Weight of a class: 100.00% (maximum)
   📐 Weighted method count: 375 (total)
   ➿ N-Path Complexity: 455 (total)

Created by Quality Monitor v1.14.0 (#f3859fd). More details are shown in the GitHub Checks Result.

dependabot bot added dependencies Update of dependencies java Pull requests that update Maven Java dependencies labels Jan 20, 2025

github-actions bot assigned uhafner Jan 20, 2025

uhafner merged commit 956af01 into main Jan 21, 2025
15 checks passed

uhafner deleted the dependabot/maven/org.owasp-dependency-check-maven-12.0.1 branch January 21, 2025 10:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 #1305

Bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 #1305

dependabot bot commented on behalf of github Jan 20, 2025

github-actions bot commented Jan 20, 2025

Bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 #1305

Bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 #1305

Conversation

dependabot bot commented on behalf of github Jan 20, 2025

Version 12.0.1

Version 12.0.1 (2025-01-19)

github-actions bot commented Jan 20, 2025

☀️ Quality Monitor