1# Release Notes
2
3Please see the [dependency-check google group](https://groups.google.com/forum/#!forum/dependency-check) for the release notes on versions not listed below.
4
5## [Version 3.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.0) (2018-01-02)
6
7### Enhancements
8
9- Major enhancements to the Node and NSP analyzer - the analyzers are now considered
10  production ready and should be used in combination.
11- Added a shutdown hook so that if the update process is interrupted while using an H2
12  database the lock files will be properly removed allowing future executions of ODC to
13  succeed.
14- UNC paths can now be scanned using the CLI.
15- Batch updates are now used which may help with the update speed when using some DBMS
16  instead of the embedded H2.
17- Upgrade Lucene to 5.5.5, the highest version that will allow us to maintain Java 7 support
18
19### Bug fixes
20
21- Fixed the CSV report output to correctly list all fields.
22- Invalid suppression files will now break the build instead of causing ODC to
23  skip the usage of the suppression analyzer.
24- Fixed bug in Lucene query where LARGE entries in the pom.xml or manifest caused
25  the query to break.
26- General cleanup, false positive, and false negative reduction.
27
28## [Version 3.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.2) (2017-11-13)
29
30### Bug fixes
31
32- Updated the query format for the CentralAnalyzer; the old format caused the CentralAnalyzer to fail
33
34## [Version 3.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.1) (2017-10-20)
35
36### Bug fixes
37
38- Fixed a database connection issue that affected some usages.
39
40## [Version 3.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.0) (2017-10-16)
41
42- Several bug fixes and false positive reduction
43  - The 2.x branch introduced several new false positives – but also reduced the false negatives
44- Java 9 compatibility update
45- Stability issues with the Central Analyzer resolved
46  - This comes at a cost of a longer analysis time
47- The CSV report now includes the GAV and CPE
48- The Hint Analyzer now supports regular expressions
49- If show summary is disabled and vulnerable libraries are found that fail the build details are no longer displayed in the console – only that vulnerable libraries were identified
50- Resolved issues with threading and multiple connections to the embedded H2 database
51  - This allows the Jenkins pipeline, Maven Plugin, etc. to safely run parallel executions of dependency-check