1# Release Notes 2 3Please see the [dependency-check google group](https://groups.google.com/forum/#!forum/dependency-check) for the release notes on versions not listed below. 4 5## [Version 3.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.0) (2018-01-02) 6 7### Enhancements 8 9- Major enhancements to the Node and NSP analyzer - the analyzers are now considered 10 production ready and should be used in combination. 11- Added a shutdown hook so that if the update process is interrupted while using an H2 12 database the lock files will be properly removed allowing future executions of ODC to 13 succeed. 14- UNC paths can now be scanned using the CLI. 15- Batch updates are now used which may help with the update speed when using some DBMS 16 instead of the embedded H2. 17- Upgrade Lucene to 5.5.5, the highest version that will allow us to maintain Java 7 support 18 19### Bug fixes 20 21- Fixed the CSV report output to correctly list all fields. 22- Invalid suppression files will now break the build instead of causing ODC to 23 skip the usage of the suppression analyzer. 24- Fixed bug in Lucene query where LARGE entries in the pom.xml or manifest caused 25 the query to break. 26- General cleanup, false positive, and false negative reduction. 27 28## [Version 3.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.2) (2017-11-13) 29 30### Bug fixes 31 32- Updated the query format for the CentralAnalyzer; the old format caused the CentralAnalyzer to fail 33 34## [Version 3.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.1) (2017-10-20) 35 36### Bug fixes 37 38- Fixed a database connection issue that affected some usages. 39 40## [Version 3.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.0) (2017-10-16) 41 42- Several bug fixes and false positive reduction 43 - The 2.x branch introduced several new false positives – but also reduced the false negatives 44- Java 9 compatibility update 45- Stability issues with the Central Analyzer resolved 46 - This comes at a cost of a longer analysis time 47- The CSV report now includes the GAV and CPE 48- The Hint Analyzer now supports regular expressions 49- If show summary is disabled and vulnerable libraries are found that fail the build details are no longer displayed in the console – only that vulnerable libraries were identified 50- Resolved issues with threading and multiple connections to the embedded H2 database 51 - This allows the Jenkins pipeline, Maven Plugin, etc. to safely run parallel executions of dependency-check