Besides dismissing a few CVEs, this version modernizes test coverage and dependency-check plugin.
- Upgrade to latest 6.5.3 OWASP dependency-check Maven plugin. [BUILD-571]
Replace Clover with JaCoCo. [BUILD-543]
Provide new technology-agnostic properties for skipping code coverage execution and for setting minimal coverage
Use it instead of
Dismiss h2 vulnerabilities. [BUILD-663]
Dismiss false positives related to daisydiff-magnolia-1.2.1. [BUILD-696]
Dismiss metadata-extractor CVE. [BUILD-704]
Upgrading should be straightforward. Core artifacts will start being updated with Magnolia 6.2.18 release.