Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

jeremylong / DependencyCheck Public

Notifications You must be signed in to change notification settings
Fork 1.3k
Star 6.6k

Code
Issues 478
Pull requests 7
Actions
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Wiki
Security
Insights

Releases: jeremylong/DependencyCheck

Releases · jeremylong/DependencyCheck

Version 7.4.1

09 Dec 11:49

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.4.1

Fixed

Fixed bug when setting the proxy port in gradle (#5123)
Fixed issue with invalid node_module paths in some scans (#5127)
Resolved several FP

See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.4.0

04 Dec 14:27

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.4.0

Added

Add support for npm package lock v2 and v3 (#5078)
Added experimental support for Python Poetry (#5025)
Added a vanilla HTML report for use in Jenkins (#5053)

Changed

Renamed RELEASE_NOTES.md to CHANGELOG.md to be more conventional
Optimized checksum calculation to improve performance (#5112)
Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
Bumped several dependencies

Fixed

Fixed bug when setting the proxy port (#5076)
Resolved several FP and FN

See the full listing of changes.

Assets 7

Loading

croissong and AngelaWang2021 reacted with rocket emoji

All reactions

🚀 2 reactions

2 people reacted

Version 7.3.2

18 Nov 12:44

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.3.2

Changes

Automated release of 7.3.1 failed and only published to Central; 7.3.2 is a re-release of 7.3.1.
Resolved several false positives and false negatives.
Use Jackson Afterburner if still on Java 8 (#4966).
Exclude node_modules from the Maven plugin's scan path (#4974).
See the full listing of changes.

Assets 7

Loading

Manbearpiet, PavlenkoB, axl8713, and opritche reacted with heart emoji

All reactions

❤️ 4 reactions

4 people reacted

Version 7.3.0

19 Oct 11:49

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.3.0

Changes

Fixed issue with the Maven plugin that caused concurrent modification exceptions (#4935).
Migrated from Jackson Afterburner to Blackbird (#4905).
Added an experimental Dart analyzer (#4869).
See the full listing of changes.

Assets 7

Loading

IvanVernichenkoDevPro reacted with hooray emoji

croissong reacted with rocket emoji

All reactions

🎉 1 reaction
🚀 1 reaction

2 people reacted

Version 7.2.1

20 Sep 11:17

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.2.1

Changes

Fixed logging issue (#4846).
See the full listing of changes.

Assets 7

Loading

A-Fitz-Nelnet, la4gia, oparent-sharecare, Silicoman, and sublimino reacted with thumbs up emoji

Uwinator and sublimino reacted with hooray emoji

All reactions

👍 5 reactions
🎉 2 reactions

6 people reacted

Version 7.2.0

14 Sep 11:19

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.2.0

Changes

Add support for Bazel's pinned maven_install.json (#4772).
Fixed bug preventing the use of custom report templates (#4800).
Updated several dependencies including upgrades for dependencies with CVEs.
Several bug fixes made and suppression rules were added.
See the full listing of changes.

Assets 7

Loading

mprins, gesellix, and tom-mi reacted with hooray emoji

viniciusnavarro and croissong reacted with rocket emoji

All reactions

🎉 3 reactions
🚀 2 reactions

5 people reacted

Version 7.1.2

20 Aug 11:50

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.2

Changes

The maven plugin now includes pnpm and yarn lock files in the scan by default (#4753).
If a suppression rule is no longer used a log entry will be written (#4685).
Several bug fixes made and suppression rules added.
See the full listing of changes.

Assets 7

Loading

lgalvao, hpoettker, paulocardoso, and mattmedus reacted with thumbs up emoji

croissong and itd-pal reacted with rocket emoji

All reactions

👍 4 reactions
🚀 2 reactions

6 people reacted

Version 7.1.1

12 Jun 12:32

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.1

Changes

Minor bug fixes.
Resolved several false positives.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.1.0

23 Apr 10:14

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.1.0

Changes

Improved sorting in the HTML report (see #4112).
Improved support for Swift (see #4265).
Resolved several false positives.
See the full listing of changes.

Assets 7

Loading

All reactions

Version 7.0.4

30 Mar 11:18

This commit was signed with the committer’s verified signature.

jeremylong Jeremy Long

GPG key ID: FFDE55BE73A2D1ED

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Version 7.0.4

Changes

Update to jackson-databind (see #4285).
See the full listing of changes.

Assets 7

Loading

All reactions

Previous 1 2 3 4 5 6 7 8 Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.