Updated dependency-check-core to v.8.1.0. See release notes for DependencyCheck from v8.0.0 to v8.1.0 for details.

Breaking Changes

The database schema was updated - if using an external database the update/initialization scripts must be run!

Noteworthy changes

New settings dependencyCheckHostedSuppressionsUrl, dependencyCheckHostedSuppressionsForceUpdate and dependencyCheckHostedSuppressionsValidForHours for a hosted suppression file to allow for faster remediation of reported false-positives. Defaults to a file maintained by the DependencyCheck project team.
New analyzer settings related to CISA Known Exploited Vulnerability Catalog: dependencyCheckKnownExploitedEnabled, dependencyCheckKnownExploitedUrl and dependencyCheckKnownExploitedValidForHours
New Settings to set authentication credentials for the RetireJS Analyzer data feed: dependencyCheckRetireJsAnalyzerRepoUser, dependencyCheckRetireJsAnalyzerRepoPassword
New schema for the XML report was added to support some of the above additions
Pipefile.lock files are now supported