Store suppressions on S3 to avoid frequent releases of poms. [BUILD-818]
Dismiss false positive about jbpm-bpmn2-7.70.0.Final.jar CVE-2019-14839. [MGNLWORKFLOW-410]
Dismiss mismatched CVE about commons-betwixt-0.8.jar CVE-2022-0869. [BUILD-821]
- Dismiss older false positive h2-1.4.200.jar CVE-2018-14335. [BUILD-609]
Removed workaround for older IntelliJ versions to pick up the right Java version. At least from IntelliJ 2022.1 onwards, specifying the
--releaseflag is sufficient. For older versions setting the
--sourceflag via the
<maven.compiler.source>Maven property locally can be used as a workaround.
Upgrade to latest 7.1.0 OWASP dependency-check Maven plugin. [BUILD-803]
Upgrading should be straightforward. Core artifacts will start being updated with Magnolia 6.2.20 release.