diff --git a/.github/ISSUE_TEMPLATE/false-positive-report.yml b/.github/ISSUE_TEMPLATE/false-positive-report.yml
index b14906835fc..080828b4c7f 100644
--- a/.github/ISSUE_TEMPLATE/false-positive-report.yml
+++ b/.github/ISSUE_TEMPLATE/false-positive-report.yml
@@ -6,6 +6,8 @@ body:
   - type: markdown
     attributes:
       value: |
+        **Ensure you are using the latest version of dependency-check.**
+        
         **Automation is used to process most false positives reports**; failure to follow these guidelines will delay the process:
         
           - Only enter a **single (1) Package URL**.
@@ -27,7 +29,7 @@ body:
     id: cpe
     attributes:
       label: CPE
-      description: Please enter the single Common Platform enumeration (CPE) as identified in the HTML Report. Only a **single CPE** can be specified. **Please put backtic characters around the CPE to ensure it displays correctly**.
+      description: Please enter the single Common Platform enumeration (CPE) as identified in the HTML Report. Only a **single CPE** can be specified. **Please put backtick characters around the CPE to ensure it displays correctly**.
       placeholder: ex. `cpe:2.3:a:apache:log4j:2.12.1:*:*:*:*:*:*:*`
     validations:
       required: true
@@ -35,7 +37,7 @@ body:
     id: cve
     attributes:
       label: CVE
-      description: The vulnerability name as identified in the HTML Report. If specifying a CPE this is not necassary; if entered please enter only a **signle CVE**; if multiple CVE should be suppressed please enter multiple FP reports. This is optional and may not be needed as most FP reports are due to an incorrect CPE.
+      description: The vulnerability name as identified in the HTML Report. If specifying a CPE this is not necessary; if entered please enter only a **single CVE**; if multiple CVE should be suppressed please enter multiple FP reports. This is optional and may not be needed as most FP reports are due to an incorrect CPE.
       placeholder: ex. CVE-2021-44228
     validations:
       required: false
@@ -66,4 +68,4 @@ body:
       label: Description
       description: Additional information regarding the false positive report.
     validations:
-      required: false
\ No newline at end of file
+      required: false
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index e9847615dd6..850054c0bb5 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -20,9 +20,9 @@ jobs:
       - name: Install gpg secret key
         id: install-gpg-key
         run: |
-          cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
+          cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import
           gpg --list-secret-keys --keyid-format LONG
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -43,30 +43,31 @@ jobs:
         with:
           path: core/target/data
           key: odc-data
-      - uses: actions/setup-dotnet@v4.3.1
+      - uses: actions/setup-dotnet@v5.0.0
         with:
           dotnet-version: '8.0.x'
       - name: Set up JDK 11
         id: jdk-11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 11
           distribution: 'zulu'
-          server-id: ossrh
-          server-username: ${{ secrets.OSSRH_USERNAME }}
-          server-password: ${{ secrets.OSSRH_TOKEN }}
-      - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+          server-id: central
+          server-username: ${{ secrets.CENTRAL_USER }}
+          server-password: ${{ secrets.CENTRAL_PASSWORD }}
+      - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
         with:
           version: 6.0.2
       - name: Build Snapshot with Maven
         id: build-snapshot
         env:
-          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_USERNAME: ${{ secrets.CENTRAL_USER }}
+          MAVEN_PASSWORD: ${{ secrets.CENTRAL_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PRIVATE_KEY_PASSWORD }}
           NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
-        run: mvn -V -s settings.xml -Prelease clean package verify source:jar javadoc:jar gpg:sign deploy -DreleaseTesting --no-transfer-progress --batch-mode -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
+        run: mvn -V -s settings.xml -Prelease clean package verify source:jar javadoc:jar gpg:sign deploy -DreleaseTesting --no-transfer-progress --batch-mode
       - name: SARIF Multitool
-        uses: microsoft/sarif-actions@v0.1
+        uses: microsoft/sarif-actions@v0.2
         with:
           # Command to be sent to SARIF Multitool
           command: 'validate core/target/test-reports/Report.sarif'
@@ -100,20 +101,20 @@ jobs:
             ant/target/*.zip
             cli/target/*.zip
 
-  publish_coverage:
-    name: publish code coverage reports  
-    runs-on: ubuntu-latest 
-    needs: build
-    steps:
-      - name: Download coverage reports
-        uses: actions/download-artifact@v4
-        with:
-          name: code-coverage-report
-      - name: Run codacy-coverage-reporter
-        uses: codacy/codacy-coverage-reporter-action@master
-        with:
-          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
-          coverage-reports: utils/target/jacoco-results/jacoco.xml,core/target/jacoco-results/jacoco.xml,maven/target/jacoco-results/jacoco.xml,ant/target/jacoco-results/jacoco.xml,cli/target/jacoco-results/jacoco.xml
+#  publish_coverage:
+#    name: publish code coverage reports
+#    runs-on: ubuntu-latest
+#    needs: build
+#    steps:
+#      - name: Download coverage reports
+#        uses: actions/download-artifact@v5
+#        with:
+#          name: code-coverage-report
+#      - name: Run codacy-coverage-reporter
+#        uses: codacy/codacy-coverage-reporter-action@master
+#        with:
+#          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+#          coverage-reports: utils/target/jacoco-results/jacoco.xml,core/target/jacoco-results/jacoco.xml,maven/target/jacoco-results/jacoco.xml,ant/target/jacoco-results/jacoco.xml,cli/target/jacoco-results/jacoco.xml
 
   docker:
     permissions:
@@ -127,7 +128,7 @@ jobs:
       DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -137,9 +138,21 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-maven-
       - name: Download release build
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: archive-snapshot
+      - name: Set up Docker
+        uses: docker/setup-docker-action@v4
+        with:
+          daemon-config: |
+            {
+              "debug": true,
+              "features": {
+                "containerd-snapshotter": true
+              }
+            }
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
       - name: Build Docker Image
         run: ./build-docker.sh
       - name: build scan target
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 665a11d4f62..428f96ee81a 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -33,11 +33,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -61,4 +61,4 @@ jobs:
        mvn -s settings.xml clean package -DskipTests=true --no-transfer-progress --batch-mode
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
deleted file mode 100644
index a4ef6b2aea6..00000000000
--- a/.github/workflows/coverity.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: coverity-scan
-on:
-  schedule:
-    - cron: '0 0 * * SAT'
-
-permissions:
-  contents: read
-
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up JDK 11
-        id: jdk-11
-        uses: actions/setup-java@v4
-        with:
-          java-version: 11
-          distribution: 'zulu'
-      - name: Get coverity cli
-        run: |
-          wget https://scan.coverity.com/download/linux64 --no-verbose --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=dependency-check%2FDependencyCheck" -O coverity_tool.tgz
-          mkdir coverity_tool
-          tar xzf coverity_tool.tgz --strip 1 -C coverity_tool
-      - name: Perform coverity scan
-        run: |
-          export PATH=`pwd`/coverity_tool/bin:$PATH
-          cov-build --dir cov-int mvn -DskipTests=true package --no-transfer-progress --batch-mode
-      - name: Submit coverity scan
-        run: |
-          tar czvf scan.tgz cov-int
-          curl --form token=${{ secrets.COVERITY_TOKEN }} \
-               --form email=jeremy.long@gmail.com \
-               --form file=@scan.tgz \
-               --form version="main" \
-               --form description="Weekly Scan" \
-               https://scan.coverity.com/builds?project=dependency-check%2FDependencyCheck
diff --git a/.github/workflows/false-positive-approvals.yml b/.github/workflows/false-positive-approvals.yml
index 24bca4e69c3..32b978d9e96 100644
--- a/.github/workflows/false-positive-approvals.yml
+++ b/.github/workflows/false-positive-approvals.yml
@@ -18,19 +18,20 @@ jobs:
       (github.event.comment.user.login == 'jeremylong' ||
       github.event.comment.user.login == 'aikebah' || 
       github.event.comment.user.login == 'nhumblot' ||
+      github.event.comment.user.login == 'marcelstoer' ||
       github.event.comment.user.login == 'chadlwilson') }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           ref: generatedSuppressions
-      - uses: actions/setup-node@v4.3.0
+      - uses: actions/setup-node@v5.0.0
       - run: |
           npm install fast-xml-parser@4.0.9
           npm install fs
       - name: Commit Suppression Rule
         id: fp-ops-commit
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         with:
           script: |
             const { execSync } = require("child_process");
@@ -158,7 +159,7 @@ jobs:
           target-folder: suppressions
       - name: Message failure
         if: ${{ failure() || steps.fp-ops-commit.outputs.failed }}
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         with:
           script: |
             github.rest.issues.createComment({
diff --git a/.github/workflows/false-positive-ops.yml b/.github/workflows/false-positive-ops.yml
index 3ea10dc092f..81b0bb9f6db 100644
--- a/.github/workflows/false-positive-ops.yml
+++ b/.github/workflows/false-positive-ops.yml
@@ -15,7 +15,7 @@ jobs:
     steps:
       - name: Remove Labels
         if: contains(github.event.issue.labels.*.name, 'pending more information')
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         with:
           script: |
               github.rest.issues.removeLabel({
@@ -32,7 +32,7 @@ jobs:
                 repo: context.repo.repo
               })
               )
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           path: odc
       - name: Parse False Positive Issue
@@ -41,7 +41,7 @@ jobs:
         with:
           issue-body: ${{ github.event.issue.body }}
           template-path: odc/.github/ISSUE_TEMPLATE/false-positive-report.yml
-      - uses: actions/setup-node@v4.3.0
+      - uses: actions/setup-node@v5.0.0
         with:
           node-version: 14
       - name: Initialize npm
@@ -50,7 +50,7 @@ jobs:
           npm install packageurl-js
       - name: Parse Package URL
         id: purl-parser
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         env:
           PURL: ${{ fromJSON(steps.issue-parser.outputs.jsonString).purl }}
         with:
@@ -111,7 +111,7 @@ jobs:
           cd ..
       - name: Setup dotnet
         if: ${{ fromJSON(steps.purl-parser.outputs.result).type == 'nuget' }}
-        uses: actions/setup-dotnet@v4.3.1
+        uses: actions/setup-dotnet@v5.0.0
         with:
           dotnet-version: '8.0.x'
       - name: Setup dotnet fp-project
@@ -140,6 +140,8 @@ jobs:
           args: >
             --failOnCVSS 11
             --enableExperimental
+            --ossIndexUsername ${{ secrets.OSS_INDEX_USERNAME }}
+            --ossIndexPassword ${{ secrets.OSS_INDEX_API_TOKEN }}
       - name: Upload FP Report
         if: steps.check_files.outputs.files_exists == 'true'
         uses: actions/upload-artifact@v4
@@ -148,7 +150,7 @@ jobs:
            path: ${{github.workspace}}/reports
       - name: Comment on maven issue
         if: ${{ fromJSON(steps.purl-parser.outputs.result).type == 'maven' }}
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         env:
           GROUPID: ${{ fromJSON(steps.purl-parser.outputs.result).namespace }}
           ARTIFACTID: ${{ fromJSON(steps.purl-parser.outputs.result).name }}
@@ -199,7 +201,7 @@ jobs:
             })
       - name: Comment on npm issue
         if: ${{ fromJSON(steps.purl-parser.outputs.result).type == 'npm' }}
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         env:
           NAME: ${{ fromJSON(steps.purl-parser.outputs.result).name }}
           VERSION: ${{ fromJSON(steps.purl-parser.outputs.result).version }}
@@ -246,7 +248,7 @@ jobs:
             })
       - name: Comment on dotnet issue
         if: ${{ fromJSON(steps.purl-parser.outputs.result).type == 'nuget' }}
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         env:
           NAME: ${{ fromJSON(steps.purl-parser.outputs.result).name }}
           VERSION: ${{ fromJSON(steps.purl-parser.outputs.result).version }}
@@ -293,7 +295,7 @@ jobs:
             
       - name: Message failure
         if: ${{ failure() }}
-        uses: actions/github-script@v7.0.1
+        uses: actions/github-script@v8.0.0
         with:
           script: |
             github.rest.issues.createComment({
diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml
index d990c5ae5a2..0c4125f1bd8 100644
--- a/.github/workflows/lint-pr.yml
+++ b/.github/workflows/lint-pr.yml
@@ -18,6 +18,6 @@ jobs:
       statuses: write
     runs-on: ubuntu-latest
     steps:
-      - uses: amannn/action-semantic-pull-request@v5.5.3
+      - uses: amannn/action-semantic-pull-request@v6.1.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/publish-suppressions.yml b/.github/workflows/publish-suppressions.yml
new file mode 100644
index 00000000000..75245cb59f9
--- /dev/null
+++ b/.github/workflows/publish-suppressions.yml
@@ -0,0 +1,40 @@
+name: Publish Suppressions
+
+on:
+  workflow_dispatch:
+
+permissions: {}
+jobs:
+  update_suppression:
+    permissions:
+      contents: write # to push changes in repo (jamesives/github-pages-deploy-action)
+
+    name: Publish Suppressions
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          ref: generatedSuppressions
+      - uses: actions/setup-node@v5.0.0
+      - run: |
+          npm install fs
+      - name: Create Generated Suppressions XML
+        uses: actions/github-script@v8.0.0
+        with:
+          script: |
+            const fs = require('fs');
+            const generatedSuppressions = fs.readFileSync('generatedSuppressions.xml', 'utf8');
+            if (!fs.existsSync('./suppressions')){
+                fs.mkdirSync('./suppressions');
+            }
+            fs.appendFileSync('suppressions/publishedSuppressions.xml', '<?xml version="1.0" encoding="UTF-8"?>\n<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">' + generatedSuppressions + '\n</suppressions>', function (err) {
+              if (err) throw err;
+              console.log('publishedSuppressions.xml created');
+            });
+      - name: Publish Updated Suppressions
+        uses: JamesIves/github-pages-deploy-action@v4.7.3
+        with:
+          branch: gh-pages
+          folder: suppressions
+          target-folder: suppressions
+
diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml
index ceee74e7455..fc35f684891 100644
--- a/.github/workflows/pull_requests.yml
+++ b/.github/workflows/pull_requests.yml
@@ -14,7 +14,7 @@ jobs:
       contents: read
     runs-on: ubuntu-latest 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -23,16 +23,16 @@ jobs:
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-
-      - uses: actions/setup-dotnet@v4.3.1
+      - uses: actions/setup-dotnet@v5.0.0
         with:
           dotnet-version: '8.0.x'
       - name: Set up JDK 11
         id: jdk-11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 11
           distribution: 'zulu'
-      - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+      - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
         with:
           version: 6.0.2
       - name: Test with Maven
@@ -40,31 +40,43 @@ jobs:
         run: |
             mvn -V -s settings.xml -pl utils,core,cli,ant,archetype -am compile verify --no-transfer-progress --batch-mode
       - name: SARIF Multitool
-        uses: microsoft/sarif-actions@v0.1
+        uses: microsoft/sarif-actions@v0.2
         with:
           # Command to be sent to SARIF Multitool
           command: 'validate core/target/test-reports/Report.sarif'
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: utils/target/spotbugsSarif.json
           category: spotbugs-utils
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: cli/target/spotbugsSarif.json
           category: spotbugs-cli
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ant/target/spotbugsSarif.json
           category: spotbugs-ant
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: core/target/spotbugsSarif.json
           category: spotbugs-core
-          
+      - name: Archive Snapshot
+        id: archive-snapshot
+        uses: actions/upload-artifact@v4
+        with:
+          name: archive-snapshot
+          retention-days: 1
+          path: |
+            **/target/*.asc
+            **/target/*.jar
+            **/target/*.pom
+            ant/target/*.zip
+            cli/target/*.zip
+
   maven:
     name: Regression Test Maven Plugin
     permissions: 
@@ -72,7 +84,7 @@ jobs:
       contents: read
     runs-on: ubuntu-latest 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -81,16 +93,16 @@ jobs:
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-
-      - uses: actions/setup-dotnet@v4.3.1
+      - uses: actions/setup-dotnet@v5.0.0
         with:
           dotnet-version: '8.0.x'
       - name: Set up JDK 11
         id: jdk-11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 11
           distribution: 'zulu'
-      - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+      - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
         with:
           version: 6.0.2
       - name: Regression Test Maven Plugin
@@ -108,7 +120,7 @@ jobs:
           retention-days: 7
           path: maven/target/it/**/build.log
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: maven/target/spotbugsSarif.json
           category: spotbugs-maven
@@ -120,7 +132,7 @@ jobs:
       contents: read
     runs-on: ubuntu-latest 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -131,7 +143,7 @@ jobs:
             ${{ runner.os }}-maven-
       - name: Set up JDK 11
         id: jdk-11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 11
           distribution: 'zulu'
@@ -140,7 +152,48 @@ jobs:
         run: |
             mvn -V -s settings.xml checkstyle:checkstyle-aggregate --no-transfer-progress --batch-mode
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: target/checkstyle-result.sarif
-          category: checkstyle
\ No newline at end of file
+          category: checkstyle
+
+  docker:
+    permissions:
+      contents: read # to fetch code (actions/checkout)
+
+    name: Build and Test Docker
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+      - name: Check Maven Cache
+        id: maven-cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Download release build
+        uses: actions/download-artifact@v5
+        with:
+          name: archive-snapshot
+      - name: Set up Docker
+        uses: docker/setup-docker-action@v4
+        with:
+          daemon-config: |
+            {
+              "debug": true,
+              "features": {
+                "containerd-snapshotter": true
+              }
+            }
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build Docker Image
+        run: ./build-docker.sh
+      - name: build scan target
+        run: mvn -V -s settings.xml package -DskipTests=true --no-transfer-progress --batch-mode
+      - name: Test Docker Image
+        run: ./test-docker.sh
diff --git a/.github/workflows/purge-cache.yml b/.github/workflows/purge-cache.yml
index babd4553f67..9820e850a90 100644
--- a/.github/workflows/purge-cache.yml
+++ b/.github/workflows/purge-cache.yml
@@ -10,7 +10,7 @@ jobs:
     name: Purge GitHub Cache
     runs-on: ubuntu-latest 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 081eb1e67ad..d2cbf30c8e7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -24,9 +24,9 @@ jobs:
       - name: Install gpg secret key
         id: install-gpg-key
         run: |
-          cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
+          cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import
           gpg --list-secret-keys --keyid-format LONG
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check Maven Cache
         id: maven-cache
         uses: actions/cache@v4
@@ -45,19 +45,19 @@ jobs:
         with:
           path: core/target/data
           key: odc-data
-      - uses: actions/setup-dotnet@v4.3.1
+      - uses: actions/setup-dotnet@v5.0.0
         with:
           dotnet-version: '8.0.x'
       - name: Set up JDK 11
         id: jdk-11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 11
           distribution: 'zulu'
-          server-id: ossrh
-          server-username: ${{ secrets.OSSRH_USERNAME }}
-          server-password: ${{ secrets.OSSRH_TOKEN }}
-      - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
+          server-id: central
+          server-username: ${{ secrets.CENTRAL_USER }}
+          server-password: ${{ secrets.CENTRAL_PASSWORD }}
+      - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
         with:
           version: 6.0.2
       - name: Configure Git user
@@ -72,11 +72,12 @@ jobs:
         id: build-release
         timeout-minutes: 120
         env:
-          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_USERNAME: ${{ secrets.CENTRAL_USER }}
+          MAVEN_PASSWORD: ${{ secrets.CENTRAL_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PRIVATE_KEY_PASSWORD }}
           NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
         run: |
-          mvn -V -s settings.xml -Prelease "-DnexusUrl=https://oss.sonatype.org/" clean package source:jar javadoc:jar gpg:sign deploy site site:stage -DreleaseTesting --no-transfer-progress --batch-mode -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
+          mvn -V -s settings.xml -Prelease clean package source:jar javadoc:jar gpg:sign deploy site site:stage -DreleaseTesting --no-transfer-progress --batch-mode
       - name: Archive code coverage results
         id: archive-coverage
         uses: actions/upload-artifact@v4
@@ -107,20 +108,20 @@ jobs:
           retention-days: 7
           path: target/staging/
 
-  publish_coverage:
-    name: publish code coverage reports  
-    runs-on: ubuntu-latest 
-    needs: build
-    steps:
-      - name: Download coverage reports
-        uses: actions/download-artifact@v4
-        with:
-          name: code-coverage-report
-      - name: Run codacy-coverage-reporter
-        uses: codacy/codacy-coverage-reporter-action@master
-        with:
-          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
-          coverage-reports: utils/target/jacoco-results/jacoco.xml,core/target/jacoco-results/jacoco.xml,maven/target/jacoco-results/jacoco.xml,ant/target/jacoco-results/jacoco.xml,cli/target/jacoco-results/jacoco.xml
+#  publish_coverage:
+#    name: publish code coverage reports
+#    runs-on: ubuntu-latest
+#    needs: build
+#    steps:
+#      - name: Download coverage reports
+#        uses: actions/download-artifact@v5
+#        with:
+#          name: code-coverage-report
+#      - name: Run codacy-coverage-reporter
+#        uses: codacy/codacy-coverage-reporter-action@master
+#        with:
+#          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+#          coverage-reports: utils/target/jacoco-results/jacoco.xml,core/target/jacoco-results/jacoco.xml,maven/target/jacoco-results/jacoco.xml,ant/target/jacoco-results/jacoco.xml,cli/target/jacoco-results/jacoco.xml
 
   docker:
     name: Publish Docker
@@ -143,11 +144,23 @@ jobs:
           path: ~/OWASP-Dependency-Check
           key: docker-repo
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download release build
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: archive-release
+      - name: Set up Docker
+        uses: docker/setup-docker-action@v4
+        with:
+          daemon-config: |
+            {
+              "debug": true,
+              "features": {
+                "containerd-snapshotter": true
+              }
+            }
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
       - name: Build Docker Image
         run: ./build-docker.sh
       - name: build scan target
@@ -165,14 +178,14 @@ jobs:
     needs: build
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Get version
         id: get-version
         run: |
           VERSION=$( mvn help:evaluate -Dexpression=project.version -q -DforceStdout )
           echo "VERSION=$VERSION" >> $GITHUB_ENV
       - name: Download release build
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: archive-release
       - name: Create Release
@@ -245,9 +258,9 @@ jobs:
     needs: build
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download Site
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: archive-site
           path: target/staging
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6fbdc8f6fea..6686cb21509 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,60 +1,140 @@
 # Change Log
 
+## [Version 12.1.8](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.8) (2025-10-13)
+
+- fix: improve VulnerableSoftware comparison ([#8031](https://github.com/dependency-check/DependencyCheck/pull/8031))
+- build: fix flaky central test ([#8039](https://github.com/dependency-check/DependencyCheck/pull/8039))
+- docs: Improve Gradle docs wrt experimental analyzers, use of Central and Proxy configuration ([#8036](https://github.com/dependency-check/DependencyCheck/pull/8036))
+- docs: add note about central analyzer for gradle ([#8038](https://github.com/dependency-check/DependencyCheck/pull/8038))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/101?closed=1)
+
+## [Version 12.1.7](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.7) (2025-10-12)
+
+- fix: disable central analyzer after failures ([#7993](https://github.com/dependency-check/DependencyCheck/pull/7993))
+- fix: Suppress JVM warnings from Lucene within CLI ([#8003](https://github.com/dependency-check/DependencyCheck/pull/8003))
+- fix: Clean up Apache Lucene logging via SLF4j redirect ([#7979](https://github.com/dependency-check/DependencyCheck/pull/7979))
+- fix: Correct Archive Analyzer behaviour on certain tgz archives ([#7986](https://github.com/dependency-check/DependencyCheck/pull/7986))
+- fix: Update NVD CPE search URLs in generated reports to match new search interface ([#7970](https://github.com/dependency-check/DependencyCheck/pull/7970))
+- fix: improve OSS Index Error Reporting ([#7977](https://github.com/dependency-check/DependencyCheck/pull/7977))
+- fix(fp): Consolidate false positive suppression for false positives on Redis client libs ([#8017](https://github.com/dependency-check/DependencyCheck/pull/8017))
+- fix(fp): Fix more common false positives for popular PHP/composer frameworks with generic names ([#7994](https://github.com/dependency-check/DependencyCheck/pull/7994))
+- docs: improve slack notification documentation ([#8026](https://github.com/dependency-check/DependencyCheck/pull/8026))
+- docs: Documentation artifactory settings fix ([#7999](https://github.com/dependency-check/DependencyCheck/pull/7999))
+- docs: Clarify Nexus Analyzer requirements and usage ([#8000](https://github.com/dependency-check/DependencyCheck/pull/8000))
+- build: Build amd64 and arm64 multi-platform Docker image ([#7952](https://github.com/dependency-check/DependencyCheck/pull/7952))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/100?closed=1)
+
+## [Version 12.1.6](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.6) (2025-09-24)
+
+- fix: Disable OSS Index if its credentials are missing ([#7963](https://github.com/dependency-check/DependencyCheck/pull/7963))
+- fix: Correct CVSSv4 parsing for low precision OSSIndex values ([#7935](https://github.com/dependency-check/DependencyCheck/pull/7935))
+- fix(fp): Fix false positives for Redis Server against NPM/JS client libs ([#7942](https://github.com/dependency-check/DependencyCheck/pull/7942))
+- docs: Fix legacy GitHub links within docs and CHANGELOG ([#7944](https://github.com/dependency-check/DependencyCheck/pull/7944))
+- chore: fix version typo in security policy ([#7936](https://github.com/dependency-check/DependencyCheck/pull/7936))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/99?closed=1)
+
+## [Version 12.1.5](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.5) (2025-09-20)
+
+- **fix**: Update to support OSS Index Authentication Requirements ([#7920](https://github.com/dependency-check/DependencyCheck/pull/7920))
+  - Note: OSS Index will require authentication starting 9/22/2025. Users must configure a free account to continue using the OSS Index Analyzer. See https://ossindex.sonatype.org/doc/auth-required.
+- fix: add CVSSv4 to suppressed entries in JSON report ([#7900](https://github.com/dependency-check/DependencyCheck/pull/7900))
+- fix: correctly utilize CVSSv4 from ossindex ([#7899](https://github.com/dependency-check/DependencyCheck/pull/7899))
+- fix: npe when processing cve with empty configuration ([#7888](https://github.com/dependency-check/DependencyCheck/pull/7888))
+- fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod ([#7848](https://github.com/dependency-check/DependencyCheck/pull/7848))
+- fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod
+- fix: class loading problem with fat jars ([#7786](https://github.com/dependency-check/DependencyCheck/pull/7786)) ([#7787](https://github.com/dependency-check/DependencyCheck/pull/7787))
+- fix: Improve Artifactory handler log message ([#7838](https://github.com/dependency-check/DependencyCheck/pull/7838))
+- fix: classloading problem with fat jars ([#7786](https://github.com/dependency-check/DependencyCheck/pull/7786))
+- fix: Add null checking when parsing the license json in AbstractNpmAnalyzer. ([#7784](https://github.com/dependency-check/DependencyCheck/pull/7784))
+- fix(fp): resolves several false positives related to CVE-2021-41033 ([#7736](https://github.com/dependency-check/DependencyCheck/pull/7736))
+- docs: Clarify format of exclude patterns ([#7879](https://github.com/dependency-check/DependencyCheck/pull/7879))
+- docs: Document poetry-based analysis behaviour in Python analyzer ([#7855](https://github.com/dependency-check/DependencyCheck/pull/7855))
+- docs: request FP reporters use the latest version of ODC. ([#7820](https://github.com/dependency-check/DependencyCheck/pull/7820))
+- docs: update development pre-reqs ([#7792](https://github.com/dependency-check/DependencyCheck/pull/7792))
+- docs: fix minor typos in false positive issue template ([#7763](https://github.com/dependency-check/DependencyCheck/pull/7763))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/98?closed=1)
+
+## [Version 12.1.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.3) (2025-06-10)
+
+- fix: correct regex matches introduced in 12.1.2 ([#7726](https://github.com/dependency-check/DependencyCheck/pull/7726))
+- build(deps): bump org.semver4j:semver4j from 5.7.0 to 5.7.1 ([#7718](https://github.com/dependency-check/DependencyCheck/pull/7718))
+- build(deps): bump junit.version from 5.13.0 to 5.13.1 ([#7719](https://github.com/dependency-check/DependencyCheck/pull/7719))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/97?closed=1)
+
+## [Version 12.1.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.2) (2025-06-07)
+
+- fix: Allow configuring OSS Index user/pw directly ([#7640](https://github.com/dependency-check/DependencyCheck/pull/7640))
+- fix: remove vulnerable transitive dependency - beanutils ([#7705](https://github.com/dependency-check/DependencyCheck/pull/7705))
+- fix: Simplify PHP framework suppression for Composer ([#7693](https://github.com/dependency-check/DependencyCheck/pull/7693))
+- fix: update CPE pattern to remove FP ([#7684](https://github.com/dependency-check/DependencyCheck/pull/7684))
+- fix(cli): Patch generated Windows shell script for JAVACMD installs with spaces ([#7653](https://github.com/dependency-check/DependencyCheck/pull/7653))
+- fix: Resolve various WCAG accessibility / css issues in the HTML report ([#7629](https://github.com/dependency-check/DependencyCheck/pull/7629))
+- fix: [#7510](https://github.com/dependency-check/DependencyCheck/pull/7510) Display a dedicated message when receiving an HTTP 403 ([#7575](https://github.com/dependency-check/DependencyCheck/pull/7575))
+- docs: Make `Vulnerability Sources` in `Related Work` clearer ([#7691](https://github.com/dependency-check/DependencyCheck/pull/7691))
+- docs: [#7610](https://github.com/dependency-check/DependencyCheck/pull/7610) add a reference to NVD mirroring in getting started documentation ([#7611](https://github.com/dependency-check/DependencyCheck/pull/7611))
+
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/96?closed=1)
+
 ## [Version 12.1.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.1) (2025-04-05)
 
 - fix: resolve NVD data Parse error `com.fasterxml.jackson.core.JsonParseException: Unexpected character (']' (code 93))`
-  - bump open-vulnerability-client from 7.3.1 to 7.3.2  (#7577)
-- fix: update links for repository move from `jeremylong` to the `dependency-check` organization (#7373)
-- fix: resolve NPE when processing CVE-2025-2682 (#7558)
-- fix: prevent rogue base suppression files (#7544)
-- fix: #6819 handle invalid toml file (#7548)
-- fix: Use unscored severity only in absence of any CVSS baseScore (#7530)
-- fix: protect against exotic version number of yarn (#7525)
-- fix: Ignore require-bundle MANIFEST.MF entry for evidence (#7523)
-- fix: avoid error on yarn berry audit when no vulnerability found (#7501)
-- fix: improve null checks in Downloader (#7493)
+  - bump open-vulnerability-client from 7.3.1 to 7.3.2  ([#7577](https://github.com/dependency-check/DependencyCheck/pull/7577))
+- fix: update links for repository move from `jeremylong` to the `dependency-check` organization ([#7373](https://github.com/dependency-check/DependencyCheck/pull/7373))
+- fix: resolve NPE when processing CVE-2025-2682 ([#7558](https://github.com/dependency-check/DependencyCheck/pull/7558))
+- fix: prevent rogue base suppression files ([#7544](https://github.com/dependency-check/DependencyCheck/pull/7544))
+- fix: [#6819](https://github.com/dependency-check/DependencyCheck/pull/6819) handle invalid toml file ([#7548](https://github.com/dependency-check/DependencyCheck/pull/7548))
+- fix: Use unscored severity only in absence of any CVSS baseScore ([#7530](https://github.com/dependency-check/DependencyCheck/pull/7530))
+- fix: protect against exotic version number of yarn ([#7525](https://github.com/dependency-check/DependencyCheck/pull/7525))
+- fix: Ignore require-bundle MANIFEST.MF entry for evidence ([#7523](https://github.com/dependency-check/DependencyCheck/pull/7523))
+- fix: avoid error on yarn berry audit when no vulnerability found ([#7501](https://github.com/dependency-check/DependencyCheck/pull/7501))
+- fix: improve null checks in Downloader ([#7493](https://github.com/dependency-check/DependencyCheck/pull/7493))
 - fix: improve null checks resolves https://github.com/dependency-check/dependency-check-gradle/issues/441
-- fix: Avoid FPs when Composer product name has php (#7486)
-- fix: cli not honoring window paths correctly (#7470)
-- fix: Also apply muteNoisyLoggers to UpdateMojo (#7469)
-- fix: Make HC5 Downloader honor the connection- and readTimeout settings that the old URLConnectionFactory based downloads observed (#7437) 
-- docs: sync the supported Maven version with the one stated in the system requirement section (#7570)
-- docs: update proxy config documentation (#7550)
+- fix: Avoid FPs when Composer product name has php ([#7486](https://github.com/dependency-check/DependencyCheck/pull/7486))
+- fix: cli not honoring window paths correctly ([#7470](https://github.com/dependency-check/DependencyCheck/pull/7470))
+- fix: Also apply muteNoisyLoggers to UpdateMojo ([#7469](https://github.com/dependency-check/DependencyCheck/pull/7469))
+- fix: Make HC5 Downloader honor the connection- and readTimeout settings that the old URLConnectionFactory based downloads observed ([#7437](https://github.com/dependency-check/DependencyCheck/pull/7437)) 
+- docs: sync the supported Maven version with the one stated in the system requirement section ([#7570](https://github.com/dependency-check/DependencyCheck/pull/7570))
+- docs: update proxy config documentation ([#7550](https://github.com/dependency-check/DependencyCheck/pull/7550))
 - docs: Remove copyright as requested by the Apache foundation
-- docs: drop redundant text in the Internet Access Required section (#7521)
-- docs: correct gradle documentation (#7511)
+- docs: drop redundant text in the Internet Access Required section ([#7521](https://github.com/dependency-check/DependencyCheck/pull/7521))
+- docs: correct gradle documentation ([#7511](https://github.com/dependency-check/DependencyCheck/pull/7511))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/95?closed=1)
 
 ## [Version 12.1.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.1.0) (2025-02-16)
 
-- build(deps): bump open-vulnerability-client to 7.2.2 (#7407)
-  - resolves issue with downloading data from the NVD (#7406)
-- fix: Improve thread safety issue #7338 alternative (#7367)
-- feat: Implement Yarn Berry Analyser (#7319)
+- build(deps): bump open-vulnerability-client to 7.2.2 ([#7407](https://github.com/dependency-check/DependencyCheck/pull/7407))
+  - resolves issue with downloading data from the NVD ([#7406](https://github.com/dependency-check/DependencyCheck/pull/7406))
+- fix: Improve thread safety issue [#7338](https://github.com/dependency-check/DependencyCheck/pull/7338) alternative ([#7367](https://github.com/dependency-check/DependencyCheck/pull/7367))
+- feat: Implement Yarn Berry Analyser ([#7319](https://github.com/dependency-check/DependencyCheck/pull/7319))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/94?closed=1)
 
 ## [Version 12.0.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.0.2) (2025-01-29)
 
-- fix: correct JSON report error (#7350)
-- fix: some compatability issues in the gitlab report (#7349)
-- fix: ArtifactoryAnalyzer updated to use the HTTPClient5-based Downloader and skip unusable results (#7293)
-- chore: allow messages via EngineVersionCheck (#7353)
-- chore: switch from javax.json to jakarta.json (#7326)
+- fix: correct JSON report error ([#7350](https://github.com/dependency-check/DependencyCheck/pull/7350))
+- fix: some compatability issues in the gitlab report ([#7349](https://github.com/dependency-check/DependencyCheck/pull/7349))
+- fix: ArtifactoryAnalyzer updated to use the HTTPClient5-based Downloader and skip unusable results ([#7293](https://github.com/dependency-check/DependencyCheck/pull/7293))
+- chore: allow messages via EngineVersionCheck ([#7353](https://github.com/dependency-check/DependencyCheck/pull/7353))
+- chore: switch from javax.json to jakarta.json ([#7326](https://github.com/dependency-check/DependencyCheck/pull/7326))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/93?closed=1).
 
 ## [Version 12.0.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.0.1) (2025-01-19)
 
-- docs: Fix OSS Index Maven config documentation (#7322)
+- docs: Fix OSS Index Maven config documentation ([#7322](https://github.com/dependency-check/DependencyCheck/pull/7322))
 - Fix OSS Index Maven config documentation
-- chore(docs): Document Gradle plugin support for failBuildOnUnusedSuppressionRule (#7307)
-- chore(docs): Correct analyzers config example to use Gradle dot-syntax (#7305)
-- fix: improve error message on improperly configured serverId credentials in settings.xml (#7313)
+- chore(docs): Document Gradle plugin support for failBuildOnUnusedSuppressionRule ([#7307](https://github.com/dependency-check/DependencyCheck/pull/7307))
+- chore(docs): Correct analyzers config example to use Gradle dot-syntax ([#7305](https://github.com/dependency-check/DependencyCheck/pull/7305))
+- fix: improve error message on improperly configured serverId credentials in settings.xml ([#7313](https://github.com/dependency-check/DependencyCheck/pull/7313))
 - fix: Lower Basic serverId when Bearer was expected to a warning
 - fix: improve error message on improperly configured serverId credentials
-- fix: Correct nonProxyHosts support when no sys properties set (#7306)
+- fix: Correct nonProxyHosts support when no sys properties set ([#7306](https://github.com/dependency-check/DependencyCheck/pull/7306))
 - core(docs): Group failBuildOnUnusedSuppressionRule flag next to suppression file configuration
 - core(docs): Update Gradle plugin documentation for failBuildOnUnusedSuppressionRule support
 - fix: Correct nonProxyHosts support when no sys properties set
@@ -64,100 +144,100 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ## [Version 12.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v12.0.0) (2025-01-11)
 
-- BREAKING CHANGE: report on CVSS v4 (#7204)
+- BREAKING CHANGE: report on CVSS v4 ([#7204](https://github.com/dependency-check/DependencyCheck/pull/7204))
   - the schema has been updated to include CVSS v4 for JSON and XML reports
-- feat: show from which dependency the CVE comes in failure report (#7224)
-- feat: Use Maven settings decryption API for decrypting secrets from settings.xml (#7284)
-- feat: Extend authentication to support Bearer token for many resources (#7277)
-- feat: Add a flag to fail when one or more suppression rules are not used (#7244)
-- fix: add product evidence as vendor to reduce FN (#7295)
-- fix: Make the HTTP-Client use pre-emptive authentication (#7255)
+- feat: show from which dependency the CVE comes in failure report ([#7224](https://github.com/dependency-check/DependencyCheck/pull/7224))
+- feat: Use Maven settings decryption API for decrypting secrets from settings.xml ([#7284](https://github.com/dependency-check/DependencyCheck/pull/7284))
+- feat: Extend authentication to support Bearer token for many resources ([#7277](https://github.com/dependency-check/DependencyCheck/pull/7277))
+- feat: Add a flag to fail when one or more suppression rules are not used ([#7244](https://github.com/dependency-check/DependencyCheck/pull/7244))
+- fix: add product evidence as vendor to reduce FN ([#7295](https://github.com/dependency-check/DependencyCheck/pull/7295))
+- fix: Make the HTTP-Client use pre-emptive authentication ([#7255](https://github.com/dependency-check/DependencyCheck/pull/7255))
 - fix: Add the missing proxy credentials for suppressionFileUser/Password authentication scenario
-- fix: increase max retry count (#7252)
+- fix: increase max retry count ([#7252](https://github.com/dependency-check/DependencyCheck/pull/7252))
 - fix: Make the HTTP-Client use pre-emptive authentication for configured server credentials and extend HTTPClient usage to Nexus search
-- fix: Tranform into UTC the last modified date from database (#7222)
+- fix: Tranform into UTC the last modified date from database ([#7222](https://github.com/dependency-check/DependencyCheck/pull/7222))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/91?closed=1). 
 
 ## [Version 11.1.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v11.1.1) (2024-12-04)
 
-- fix: re-enable issue locking (#7220)
-- fix: add username/password properties to be able to authenticate for central.content.url and analyzer.central.url again (#7169)
-- fix: rework replaceOrAddVulnerability (#7177)
-- fix: do not log loading of JDBC driver (#7155)
-- fix: expose flag to disable version check (#7147)
-- fix: Gracefully handle CVEs with bad configuration nodes missing CPE match expressions (#7125)
-- chore: cleanup base suppression (#7138)
-- docs: update gradle configuration documentation (#7176)
-- docs: update documentation for Gradle plugin (#7143)
-- docs: improve false positive issue templat (#7130)
+- fix: re-enable issue locking ([#7220](https://github.com/dependency-check/DependencyCheck/pull/7220))
+- fix: add username/password properties to be able to authenticate for central.content.url and analyzer.central.url again ([#7169](https://github.com/dependency-check/DependencyCheck/pull/7169))
+- fix: rework replaceOrAddVulnerability ([#7177](https://github.com/dependency-check/DependencyCheck/pull/7177))
+- fix: do not log loading of JDBC driver ([#7155](https://github.com/dependency-check/DependencyCheck/pull/7155))
+- fix: expose flag to disable version check ([#7147](https://github.com/dependency-check/DependencyCheck/pull/7147))
+- fix: Gracefully handle CVEs with bad configuration nodes missing CPE match expressions ([#7125](https://github.com/dependency-check/DependencyCheck/pull/7125))
+- chore: cleanup base suppression ([#7138](https://github.com/dependency-check/DependencyCheck/pull/7138))
+- docs: update gradle configuration documentation ([#7176](https://github.com/dependency-check/DependencyCheck/pull/7176))
+- docs: update documentation for Gradle plugin ([#7143](https://github.com/dependency-check/DependencyCheck/pull/7143))
+- docs: improve false positive issue templat ([#7130](https://github.com/dependency-check/DependencyCheck/pull/7130))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/90?closed=1). 
 
 ## [Version 11.1.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v11.1.0) (2024-10-30)
 
-- feat: PHP Composer Analyzer now scans packages-dev by default (#7114)
+- feat: PHP Composer Analyzer now scans packages-dev by default ([#7114](https://github.com/dependency-check/DependencyCheck/pull/7114))
   - Users can configure if packages-dev should be skipped
-- fix(regression): re-add h2 database driver name (#7115) 
-- fix(regression): Make the Downloader honour the proxy.nonproxyhosts ODC Setting (#7077)
-- fix: do not set legacy proxy from maven or env (#7072) (#7074)
-- docs: add missing documentation for the MS Build Analyzer (#7113)
-- docs: Document the breaking change for Maven plugin as reporting plugin (#7079)
+- fix(regression): re-add h2 database driver name ([#7115](https://github.com/dependency-check/DependencyCheck/pull/7115)) 
+- fix(regression): Make the Downloader honour the proxy.nonproxyhosts ODC Setting ([#7077](https://github.com/dependency-check/DependencyCheck/pull/7077))
+- fix: do not set legacy proxy from maven or env ([#7072](https://github.com/dependency-check/DependencyCheck/pull/7072)) ([#7074](https://github.com/dependency-check/DependencyCheck/pull/7074))
+- docs: add missing documentation for the MS Build Analyzer ([#7113](https://github.com/dependency-check/DependencyCheck/pull/7113))
+- docs: Document the breaking change for Maven plugin as reporting plugin ([#7079](https://github.com/dependency-check/DependencyCheck/pull/7079))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/89?closed=1). 
 
 ## [Version 11.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v11.0.0) (2024-10-21)
 
-- **breaking change**: Switch from JMockit to Mockito & build target to Java 11 (#6922)
+- **breaking change**: Switch from JMockit to Mockito & build target to Java 11 ([#6922](https://github.com/dependency-check/DependencyCheck/pull/6922))
   - dependency-check now requires a minimum of Java 11.0 to run
-- **breaking change**: bump com.h2database:h2 from 2.1.214 to 2.3.232 (#6132)
+- **breaking change**: bump com.h2database:h2 from 2.1.214 to 2.3.232 ([#6132](https://github.com/dependency-check/DependencyCheck/pull/6132))
   - H2 databases generated with an older version of ODC will not work with ODC 11.0.0; a new H2 db must be generated
 - **breaking change**: Maven plugin updated to Doxia 2.x reporting stack
-  - Users of the Maven plugin that configure it as a reporting plugin will need to use maven-site-plugin 3.20.0 or later (#6959)
+  - Users of the Maven plugin that configure it as a reporting plugin will need to use maven-site-plugin 3.20.0 or later ([#6959](https://github.com/dependency-check/DependencyCheck/pull/6959))
 - feat: Replace old Downloader by an Apache HTTPClient based downloader
-- feat: Use Apache HTTPClient for downloads of public resources (#6949)
+- feat: Use Apache HTTPClient for downloads of public resources ([#6949](https://github.com/dependency-check/DependencyCheck/pull/6949))
 - feat: Also make NodeAuditSearch usr our HTTPClient based connections
 - feat: Also make OSSIndexAnalyzer use our HTTPClient based connections
 - feat: Migrate CentralSearch to use Apache HTTP-client via Downloader
 - feat: Extend apache HTTP-client usage to EngineVersionCheck
-- feat: Remove the need to specify dbDriver for external databases using JDBCv4 ServiceLoader supporting JDBC drivers (#6938)
-- fix: use latest generated suppressions (#7064)
-- fix: Fixup parameter sequence for Dowloader credentials (#7033)
+- feat: Remove the need to specify dbDriver for external databases using JDBCv4 ServiceLoader supporting JDBC drivers ([#6938](https://github.com/dependency-check/DependencyCheck/pull/6938))
+- fix: use latest generated suppressions ([#7064](https://github.com/dependency-check/DependencyCheck/pull/7064))
+- fix: Fixup parameter sequence for Dowloader credentials ([#7033](https://github.com/dependency-check/DependencyCheck/pull/7033))
 - fix: Fixup the missing addition of NVD API Datafeed credentials (if configured)
 - fix: Fixup broken proxy authentication in first attempt; extend to include KEV downloads
-- fix: store timestamps locally for local resources (#6936)
-- build: Remove the animal-sniffer, propagate java version to plugin-archetype (#6950)
-- build: Update Checkstyle configuration and Suppression DTD references (#6951)
-- chore: Update test db schema (#7036)
+- fix: store timestamps locally for local resources ([#6936](https://github.com/dependency-check/DependencyCheck/pull/6936))
+- build: Remove the animal-sniffer, propagate java version to plugin-archetype ([#6950](https://github.com/dependency-check/DependencyCheck/pull/6950))
+- build: Update Checkstyle configuration and Suppression DTD references ([#6951](https://github.com/dependency-check/DependencyCheck/pull/6951))
+- chore: Update test db schema ([#7036](https://github.com/dependency-check/DependencyCheck/pull/7036))
 - chore: remove old, unneeded database upgrade script
-- docs: reformat javadoc (#7009)
-- docs: Fixup javadoc warnings (#6995)
-- chore: Replace use of several deprecated methods/classes by their successors (#6933)
+- docs: reformat javadoc ([#7009](https://github.com/dependency-check/DependencyCheck/pull/7009))
+- docs: Fixup javadoc warnings ([#6995](https://github.com/dependency-check/DependencyCheck/pull/6995))
+- chore: Replace use of several deprecated methods/classes by their successors ([#6933](https://github.com/dependency-check/DependencyCheck/pull/6933))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/87?closed=1). 
 
 ## [Version 10.0.4](https://github.com/dependency-check/DependencyCheck/releases/tag/v10.0.4) (2024-09-01)
 
- - build(deps): exclude unused dependency (#6916)
- - fix: improve regex (#6917)
- - fix: correctly handle null values in cpeMatch (#6915)
- - fix(site): Update Fluido skin to resolve broken fork-me-on-github image (#6914)
- - fix: do not report over 100% download complete (#6899)
- - fix: Correct spelling of occurring in NvdApiDataSource.java (#6883)
- - fix: skip blank lines in requirements.txt (#6867)
- - fix: correct percentage calculation (#6868)
- - docs: remove old recommendation (#6860)
+ - build(deps): exclude unused dependency ([#6916](https://github.com/dependency-check/DependencyCheck/pull/6916))
+ - fix: improve regex ([#6917](https://github.com/dependency-check/DependencyCheck/pull/6917))
+ - fix: correctly handle null values in cpeMatch ([#6915](https://github.com/dependency-check/DependencyCheck/pull/6915))
+ - fix(site): Update Fluido skin to resolve broken fork-me-on-github image ([#6914](https://github.com/dependency-check/DependencyCheck/pull/6914))
+ - fix: do not report over 100% download complete ([#6899](https://github.com/dependency-check/DependencyCheck/pull/6899))
+ - fix: Correct spelling of occurring in NvdApiDataSource.java ([#6883](https://github.com/dependency-check/DependencyCheck/pull/6883))
+ - fix: skip blank lines in requirements.txt ([#6867](https://github.com/dependency-check/DependencyCheck/pull/6867))
+ - fix: correct percentage calculation ([#6868](https://github.com/dependency-check/DependencyCheck/pull/6868))
+ - docs: remove old recommendation ([#6860](https://github.com/dependency-check/DependencyCheck/pull/6860))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/88?closed=1). 
 
 ## [Version 10.0.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v10.0.3) (2024-07-16)
 
-- feat: Enable configuration of a lower resultsPerPage on NVD API (#6843)
-- build(deps): bump open-vulnerability-clients from 6.1.6 to 6.1.7 (#6848)
-- build(deps): bump JamesIves/github-pages-deploy-action from 4.6.1 to 4.6.3 (#6814)
-- build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 (#6762)
-- build(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 (#6815)
-- build(deps): bump golang from 1.22.4-alpine to 1.22.5-alpine (#6805)
+- feat: Enable configuration of a lower resultsPerPage on NVD API ([#6843](https://github.com/dependency-check/DependencyCheck/pull/6843))
+- build(deps): bump open-vulnerability-clients from 6.1.6 to 6.1.7 ([#6848](https://github.com/dependency-check/DependencyCheck/pull/6848))
+- build(deps): bump JamesIves/github-pages-deploy-action from 4.6.1 to 4.6.3 ([#6814](https://github.com/dependency-check/DependencyCheck/pull/6814))
+- build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 ([#6762](https://github.com/dependency-check/DependencyCheck/pull/6762))
+- build(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 ([#6815](https://github.com/dependency-check/DependencyCheck/pull/6815))
+- build(deps): bump golang from 1.22.4-alpine to 1.22.5-alpine ([#6805](https://github.com/dependency-check/DependencyCheck/pull/6805))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/84?closed=1). 
 
@@ -165,164 +245,164 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 **Mandatory Upgrade** - due to older versions of dependency-check causing numerous, spurious requests that end in processing failures, this upgrade is mandatory so that the NVD can differentiate valid requests and block the old clients.
 
-- build(deps): bump open-vulnerability-clients (#6810)
-- fix(db): #6788 removing redundant db index "idxVulnerability" on "vulnerability.cve" (#6807)
-- docs: Further improve formatting and docs of H2 database caching strats (#6804)
-- fix: update_vulnerability in dbStatements_oracle.properties (#6803)
-- fix: fix NPE  (#6778)
-- fix: add hint to resolve false negative (#6802)
-- chore: update configure (#6794)
+- build(deps): bump open-vulnerability-clients ([#6810](https://github.com/dependency-check/DependencyCheck/pull/6810))
+- fix(db): [#6788](https://github.com/dependency-check/DependencyCheck/pull/6788) removing redundant db index "idxVulnerability" on "vulnerability.cve" ([#6807](https://github.com/dependency-check/DependencyCheck/pull/6807))
+- docs: Further improve formatting and docs of H2 database caching strats ([#6804](https://github.com/dependency-check/DependencyCheck/pull/6804))
+- fix: update_vulnerability in dbStatements_oracle.properties ([#6803](https://github.com/dependency-check/DependencyCheck/pull/6803))
+- fix: fix NPE  ([#6778](https://github.com/dependency-check/DependencyCheck/pull/6778))
+- fix: add hint to resolve false negative ([#6802](https://github.com/dependency-check/DependencyCheck/pull/6802))
+- chore: update configure ([#6794](https://github.com/dependency-check/DependencyCheck/pull/6794))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/86?closed=1). 
 
 ## [Version 10.0.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v10.0.1) (2024-07-02)
 
-- build(deps): bump open-vulnerability-client (#6772)
-- fix: remove debug logging (#6770)
-- fix: postgresql column count error (#6773)
-- fix: mssql column name and version (#6761)
-- docs: update supported versions (#6771)
+- build(deps): bump open-vulnerability-client ([#6772](https://github.com/dependency-check/DependencyCheck/pull/6772))
+- fix: remove debug logging ([#6770](https://github.com/dependency-check/DependencyCheck/pull/6770))
+- fix: postgresql column count error ([#6773](https://github.com/dependency-check/DependencyCheck/pull/6773))
+- fix: mssql column name and version ([#6761](https://github.com/dependency-check/DependencyCheck/pull/6761))
+- docs: update supported versions ([#6771](https://github.com/dependency-check/DependencyCheck/pull/6771))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/85?closed=1). 
 
 ## [Version 10.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v10.0.0) (2024-07-01)
 
-- **breaking change**: upgrade to dotnet 8.0 (#6580)
+- **breaking change**: upgrade to dotnet 8.0 ([#6580](https://github.com/dependency-check/DependencyCheck/pull/6580))
   - Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies
-- feat: fix the NVD API related errors by adding cvssV4 support (#6756)
+- feat: fix the NVD API related errors by adding cvssV4 support ([#6756](https://github.com/dependency-check/DependencyCheck/pull/6756))
    - **breaking changes**: anyone utilizing a centralized database will need to upgrade the schema; see changes in [PR #6756](https://github.com/dependency-check/DependencyCheck/pull/6756/files#diff-ca432c4b41d39caa84d140e06694b09c7e6394c8a2db72ba27516dc77ee3bd67)
-- fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)
-- fix: #6688 Trim version number when parsin POM (#6705)
-- fix: change request if lockfile is file v3 (#6690)
-- fix: skip pyproject.toml unless it contains `tool.poetry` before ensuring lockfiles (#6681)
+- fix: avoid escaping unnecessary chars in HTML report suppression regexes ([#6749](https://github.com/dependency-check/DependencyCheck/pull/6749))
+- fix: [#6688](https://github.com/dependency-check/DependencyCheck/pull/6688) Trim version number when parsing POM ([#6705](https://github.com/dependency-check/DependencyCheck/pull/6705))
+- fix: change request if lockfile is file v3 ([#6690](https://github.com/dependency-check/DependencyCheck/pull/6690))
+- fix: skip pyproject.toml unless it contains `tool.poetry` before ensuring lockfiles ([#6681](https://github.com/dependency-check/DependencyCheck/pull/6681))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/83?closed=1). 
 
 ## [Version 9.2.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.2.0) (2024-05-15)
 
- - docs: update logo per intellj (#6660)
- - feat: Carthage analyzer (#6614)
- - fix: Ensure valid JSON output for gitlab report (#6630)
- - feat: Support Package.swift version 3 Specification (#6578)
- - chore: Update the packaged suppressions to include new hosted suppressions (#6567)
+ - docs: update logo per intellj ([#6660](https://github.com/dependency-check/DependencyCheck/pull/6660))
+ - feat: Carthage analyzer ([#6614](https://github.com/dependency-check/DependencyCheck/pull/6614))
+ - fix: Ensure valid JSON output for gitlab report ([#6630](https://github.com/dependency-check/DependencyCheck/pull/6630))
+ - feat: Support Package.swift version 3 Specification ([#6578](https://github.com/dependency-check/DependencyCheck/pull/6578))
+ - chore: Update the packaged suppressions to include new hosted suppressions ([#6567](https://github.com/dependency-check/DependencyCheck/pull/6567))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/82?closed=1). 
 
 ## [Version 9.1.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.1.0) (2024-03-31)
 
-- feat: Add v2 support for maven_install.json (#6528)
-- build(deps): bump open-vulnerability-client (#6554)
+- feat: Add v2 support for maven_install.json ([#6528](https://github.com/dependency-check/DependencyCheck/pull/6528))
+- build(deps): bump open-vulnerability-client ([#6554](https://github.com/dependency-check/DependencyCheck/pull/6554))
   - resolves update issues due to CVSS Metrics 4.0
-- build(deps): bump jackson.version from 2.16.0 to 2.16.1 (#6353)
-- build(deps): bump org.jsoup:jsoup from 1.16.2 to 1.17.2 (#6362)
-- build(deps): bump golang from 1.21.5-alpine to 1.22.1-alpine (#6506)
+- build(deps): bump jackson.version from 2.16.0 to 2.16.1 ([#6353](https://github.com/dependency-check/DependencyCheck/pull/6353))
+- build(deps): bump org.jsoup:jsoup from 1.16.2 to 1.17.2 ([#6362](https://github.com/dependency-check/DependencyCheck/pull/6362))
+- build(deps): bump golang from 1.21.5-alpine to 1.22.1-alpine ([#6506](https://github.com/dependency-check/DependencyCheck/pull/6506))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/81?closed=1).
 
 ## [Version 9.0.10](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.10) (2024-03-15)
 
-- fix: #4321 Suppress redis server CVEs for client libraries (#4321) (#6489)
-- fix: bump commons-compress from 1.25.0 to 1.26.0 to fix CVE-2024-25710 and CVE-2024-26308 (#6492)
-- feat: Allow to pass NVD API key via environment variable (#6454)
-- fix: issue 5452 - ConcurrentModificationException in NodePackageAnalyzer.processDependencies - adding synchronized block  (#6501)
-- docs: document the default data directory (#6484)
-- fix: prevent NPE in bundler audit (#6462)
-- fix: #6441 Improve suppression rule to not restrict to a single version (#6442)
+- fix: [#4321](https://github.com/dependency-check/DependencyCheck/pull/4321) Suppress redis server CVEs for client libraries ([#4321](https://github.com/dependency-check/DependencyCheck/pull/4321)) ([#6489](https://github.com/dependency-check/DependencyCheck/pull/6489))
+- fix: bump commons-compress from 1.25.0 to 1.26.0 to fix CVE-2024-25710 and CVE-2024-26308 ([#6492](https://github.com/dependency-check/DependencyCheck/pull/6492))
+- feat: Allow to pass NVD API key via environment variable ([#6454](https://github.com/dependency-check/DependencyCheck/pull/6454))
+- fix: issue 5452 - ConcurrentModificationException in NodePackageAnalyzer.processDependencies - adding synchronized block  ([#6501](https://github.com/dependency-check/DependencyCheck/pull/6501))
+- docs: document the default data directory ([#6484](https://github.com/dependency-check/DependencyCheck/pull/6484))
+- fix: prevent NPE in bundler audit ([#6462](https://github.com/dependency-check/DependencyCheck/pull/6462))
+- fix: [#6441](https://github.com/dependency-check/DependencyCheck/pull/6441) Improve suppression rule to not restrict to a single version ([#6442](https://github.com/dependency-check/DependencyCheck/pull/6442))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/80?closed=1).
 
 ## [Version 9.0.9](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.9) (2024-01-17)
 
-- fix: for #6374 to delete non-empty directories (#6375)
-- fix: NoSuchMethodError closeQuietly(java.io.Closeable[]) (#6377)
-- chore: close stream to prevent possible resource leak (#6382)
-- docs: Document default for CLI --data (#6359)
-- docs: document gradle build (#6371)
+- fix: for [#6374](https://github.com/dependency-check/DependencyCheck/pull/6374) to delete non-empty directories ([#6375](https://github.com/dependency-check/DependencyCheck/pull/6375))
+- fix: NoSuchMethodError closeQuietly(java.io.Closeable[]) ([#6377](https://github.com/dependency-check/DependencyCheck/pull/6377))
+- chore: close stream to prevent possible resource leak ([#6382](https://github.com/dependency-check/DependencyCheck/pull/6382))
+- docs: Document default for CLI --data ([#6359](https://github.com/dependency-check/DependencyCheck/pull/6359))
+- docs: document gradle build ([#6371](https://github.com/dependency-check/DependencyCheck/pull/6371))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/79?closed=1).
 
 ## [Version 9.0.8](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.8) (2024-01-06)
 
-- fix: favor stability over performance (#6349)
-- chore: replace commons-io with core java calls (#6343)
-- fix: improve error reporting for invalid H2 database (#6339)
-- fix: rework fix for closing input streams on errors correctly (#6338)
-- fix: reduce chance NVD API block updates due to rate limit (#6333)
-- fix: ensure open handles will not leak on errors (#6326)
-- fix: improve error reporting (#6324)
+- fix: favor stability over performance ([#6349](https://github.com/dependency-check/DependencyCheck/pull/6349))
+- chore: replace commons-io with core java calls ([#6343](https://github.com/dependency-check/DependencyCheck/pull/6343))
+- fix: improve error reporting for invalid H2 database ([#6339](https://github.com/dependency-check/DependencyCheck/pull/6339))
+- fix: rework fix for closing input streams on errors correctly ([#6338](https://github.com/dependency-check/DependencyCheck/pull/6338))
+- fix: reduce chance NVD API block updates due to rate limit ([#6333](https://github.com/dependency-check/DependencyCheck/pull/6333))
+- fix: ensure open handles will not leak on errors ([#6326](https://github.com/dependency-check/DependencyCheck/pull/6326))
+- fix: improve error reporting ([#6324](https://github.com/dependency-check/DependencyCheck/pull/6324))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/78?closed=1).
 
 ## [Version 9.0.7](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.7) (2023-12-18)
 
-- docs: document insecure configuration for GHSA-qqhq-8r2c-c3f5 (#6315)
-- fix: improve memory usage on NVD update (#6321)
-- fix: skip pyproject.toml unless it contains `tool.poetry` (#6316)
-- fix: resolve build error that may cause an issue on some JDK versions (#6312)
+- docs: document insecure configuration for GHSA-qqhq-8r2c-c3f5 ([#6315](https://github.com/dependency-check/DependencyCheck/pull/6315))
+- fix: improve memory usage on NVD update ([#6321](https://github.com/dependency-check/DependencyCheck/pull/6321))
+- fix: skip pyproject.toml unless it contains `tool.poetry` ([#6316](https://github.com/dependency-check/DependencyCheck/pull/6316))
+- fix: resolve build error that may cause an issue on some JDK versions ([#6312](https://github.com/dependency-check/DependencyCheck/pull/6312))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/77?closed=1).
 
 ## [Version 9.0.6](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.6) (2023-12-15)
 
-- build: bump open-vulnerability-clients@5.1.1 (#6308)
-- fix: mask nvd.api.key in logs; see GHSA-qqhq-8r2c-c3f5 (#6307)
-- fix: update java version check (#6297)
-- fix: more efficient memory usage (#6299)
-- fix: stream NVD data via Jackson to reduce memory footprint (#6275)
-- docs: document github action caching (#6301)
+- build: bump open-vulnerability-clients@5.1.1 ([#6308](https://github.com/dependency-check/DependencyCheck/pull/6308))
+- fix: mask nvd.api.key in logs; see GHSA-qqhq-8r2c-c3f5 ([#6307](https://github.com/dependency-check/DependencyCheck/pull/6307))
+- fix: update java version check ([#6297](https://github.com/dependency-check/DependencyCheck/pull/6297))
+- fix: more efficient memory usage ([#6299](https://github.com/dependency-check/DependencyCheck/pull/6299))
+- fix: stream NVD data via Jackson to reduce memory footprint ([#6275](https://github.com/dependency-check/DependencyCheck/pull/6275))
+- docs: document github action caching ([#6301](https://github.com/dependency-check/DependencyCheck/pull/6301))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/76?closed=1).
 
 ## [Version 9.0.5](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.5) (2023-12-13)
 
-- fix: make NVD API endpoint configurable (#6287)
-- fix: synch last modified timestamp for NVD API (#6281)
-- fix: read NVD cache meta files if cache.properties does not exist (#6282)
-- fix: correct property for nonProxyHosts (#6285)
-- fix: reduce apache http logging (#6280)
-- fix: store last modified timestamp for RetireJS and the Hosted Suppression File in db (#6271)
-- build: bump golang in the docker image (#6274)
-- fix: use temporary files to reduce memory usage during the NVD Update (#6270)
-- fix: use BIT for Oracle DB instead of Boolean when calling prepared statements (#6264)
-- fix: showing all reference tags in reports (#6259)
+- fix: make NVD API endpoint configurable ([#6287](https://github.com/dependency-check/DependencyCheck/pull/6287))
+- fix: synch last modified timestamp for NVD API ([#6281](https://github.com/dependency-check/DependencyCheck/pull/6281))
+- fix: read NVD cache meta files if cache.properties does not exist ([#6282](https://github.com/dependency-check/DependencyCheck/pull/6282))
+- fix: correct property for nonProxyHosts ([#6285](https://github.com/dependency-check/DependencyCheck/pull/6285))
+- fix: reduce apache http logging ([#6280](https://github.com/dependency-check/DependencyCheck/pull/6280))
+- fix: store last modified timestamp for RetireJS and the Hosted Suppression File in db ([#6271](https://github.com/dependency-check/DependencyCheck/pull/6271))
+- build: bump golang in the docker image ([#6274](https://github.com/dependency-check/DependencyCheck/pull/6274))
+- fix: use temporary files to reduce memory usage during the NVD Update ([#6270](https://github.com/dependency-check/DependencyCheck/pull/6270))
+- fix: use BIT for Oracle DB instead of Boolean when calling prepared statements ([#6264](https://github.com/dependency-check/DependencyCheck/pull/6264))
+- fix: showing all reference tags in reports ([#6259](https://github.com/dependency-check/DependencyCheck/pull/6259))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/75?closed=1).
 
 ## [Version 9.0.4](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.4) (2023-12-08)
 
-- fix: utilize maven proxy if present (#6255)
-- fix: allow api key in cli to be quoted (#6253)
-- fix: use correct maven plugin reporting plugin (#6244)
-- fix: correct trailing comma in JSON report (#6245)
+- fix: utilize maven proxy if present ([#6255](https://github.com/dependency-check/DependencyCheck/pull/6255))
+- fix: allow api key in cli to be quoted ([#6253](https://github.com/dependency-check/DependencyCheck/pull/6253))
+- fix: use correct maven plugin reporting plugin ([#6244](https://github.com/dependency-check/DependencyCheck/pull/6244))
+- fix: correct trailing comma in JSON report ([#6245](https://github.com/dependency-check/DependencyCheck/pull/6245))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/74?closed=1).
 
 ## [Version 9.0.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.3) (2023-12-06)
 
-- fix: use Java properties for proxy configuration (#6238)
-- docs: update proxy configuration documentation (#6237)
-- docs: add documentation on caching (#6204)
-- docs: Clarify H2 database caching strategy (#6220)
-- docs: Update list of supported report formats (#6224)
-- docs: example 5 with new nvdDatafeedUrl parameter (#6215)
-- fix: prevent NPEs (#6232 and #6206)
-- fix: check valid for hours for NVD API (#6225)
-- fix: correct NVD cache last checked logic (#6218)
-- fix: nvd datafeed should process current year (#6213)
-- fix: correct references to cvssv2 and cvssv3 fields in json and xml reports (#6212)
-- fix: correct name on reference links in report (#6205)
-- fix: flaws int the gitlab report (#6193)
+- fix: use Java properties for proxy configuration ([#6238](https://github.com/dependency-check/DependencyCheck/pull/6238))
+- docs: update proxy configuration documentation ([#6237](https://github.com/dependency-check/DependencyCheck/pull/6237))
+- docs: add documentation on caching ([#6204](https://github.com/dependency-check/DependencyCheck/pull/6204))
+- docs: Clarify H2 database caching strategy ([#6220](https://github.com/dependency-check/DependencyCheck/pull/6220))
+- docs: Update list of supported report formats ([#6224](https://github.com/dependency-check/DependencyCheck/pull/6224))
+- docs: example 5 with new nvdDatafeedUrl parameter ([#6215](https://github.com/dependency-check/DependencyCheck/pull/6215))
+- fix: prevent NPEs ([#6232](https://github.com/dependency-check/DependencyCheck/pull/6232) and [#6206](https://github.com/dependency-check/DependencyCheck/pull/6206))
+- fix: check valid for hours for NVD API ([#6225](https://github.com/dependency-check/DependencyCheck/pull/6225))
+- fix: correct NVD cache last checked logic ([#6218](https://github.com/dependency-check/DependencyCheck/pull/6218))
+- fix: nvd datafeed should process current year ([#6213](https://github.com/dependency-check/DependencyCheck/pull/6213))
+- fix: correct references to cvssv2 and cvssv3 fields in json and xml reports ([#6212](https://github.com/dependency-check/DependencyCheck/pull/6212))
+- fix: correct name on reference links in report ([#6205](https://github.com/dependency-check/DependencyCheck/pull/6205))
+- fix: flaws int the gitlab report ([#6193](https://github.com/dependency-check/DependencyCheck/pull/6193))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/73?closed=1).
 
 ## [Version 9.0.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v9.0.2) (2023-12-01)
 
-- fix: remove virtual match string on NVD API Request (#6177)
-- fix: correct meta data in report after switching the NVD API (#6154)
-- fix: retry HTTP connections to NVD on 502 and 504 errors (#6151)
-- fix: Gitlab report format needs severity capitalized (#6182)
-- fix: improve JDK update version parsing (#6163)
-- fix: mute JCS logging (again) (#6153)
+- fix: remove virtual match string on NVD API Request ([#6177](https://github.com/dependency-check/DependencyCheck/pull/6177))
+- fix: correct meta data in report after switching the NVD API ([#6154](https://github.com/dependency-check/DependencyCheck/pull/6154))
+- fix: retry HTTP connections to NVD on 502 and 504 errors ([#6151](https://github.com/dependency-check/DependencyCheck/pull/6151))
+- fix: Gitlab report format needs severity capitalized ([#6182](https://github.com/dependency-check/DependencyCheck/pull/6182))
+- fix: improve JDK update version parsing ([#6163](https://github.com/dependency-check/DependencyCheck/pull/6163))
+- fix: mute JCS logging (again) ([#6153](https://github.com/dependency-check/DependencyCheck/pull/6153))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/72?closed=1).
 
@@ -330,14 +410,14 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 **breaking changes**: See the [upgrade notice](https://github.com/dependency-check/DependencyCheck#900-upgrade-notice)
 
-- fix: check java 8 update version; minimum JRE is 8 update 251 (#6118)
-- fix: add retry for failed NVD API requests (#6136)
-- docs: add default values to documentation for the NVD API Delay (#6135)
-- chore: Revert "build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224" (#6131)
+- fix: check java 8 update version; minimum JRE is 8 update 251 ([#6118](https://github.com/dependency-check/DependencyCheck/pull/6118))
+- fix: add retry for failed NVD API requests ([#6136](https://github.com/dependency-check/DependencyCheck/pull/6136))
+- docs: add default values to documentation for the NVD API Delay ([#6135](https://github.com/dependency-check/DependencyCheck/pull/6135))
+- chore: Revert "build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224" ([#6131](https://github.com/dependency-check/DependencyCheck/pull/6131))
   - this is a **breaking change** for anyone that successfully created the H2 database with 9.0.0.
-- fix: mute jcs logging (#6130)
-- docs: update NVD notice (#6110)
-- fix: Use the correct key for NVD API-Key from Maven Settings serverId (#6109)
+- fix: mute jcs logging ([#6130](https://github.com/dependency-check/DependencyCheck/pull/6130))
+- docs: update NVD notice ([#6110](https://github.com/dependency-check/DependencyCheck/pull/6110))
+- fix: Use the correct key for NVD API-Key from Maven Settings serverId ([#6109](https://github.com/dependency-check/DependencyCheck/pull/6109))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/71?closed=1).
 
@@ -345,22 +425,22 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 **breaking changes**: See the [upgrade notice](https://github.com/dependency-check/DependencyCheck#900-upgrade-notice)
 
-- feat: Utilize NVD API (#5978)
-- feat: gitlab dependency scanner report format #5919 (#5920)
-- fix: Use ASCII apostrophe for console message (#6076)
+- feat: Utilize NVD API ([#5978](https://github.com/dependency-check/DependencyCheck/pull/5978))
+- feat: gitlab dependency scanner report format [#5919](https://github.com/dependency-check/DependencyCheck/pull/5919) ([#5920](https://github.com/dependency-check/DependencyCheck/pull/5920))
+- fix: Use ASCII apostrophe for console message ([#6076](https://github.com/dependency-check/DependencyCheck/pull/6076))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/68?closed=1).
 
 ## [Version 8.4.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v8.4.3) (2023-11-15)
 
-- fix: bump jcs3 (#6047)
-- docs: Corrected docs on hostedSuppressions (#6035)
+- fix: bump jcs3 ([#6047](https://github.com/dependency-check/DependencyCheck/pull/6047))
+- docs: Corrected docs on hostedSuppressions ([#6035](https://github.com/dependency-check/DependencyCheck/pull/6035))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/70?closed=1).
 
 ## [Version 8.4.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v8.4.2) (2023-10-22)
 
-- fix: correct log configuration in cli (#6002)
+- fix: correct log configuration in cli ([#6002](https://github.com/dependency-check/DependencyCheck/pull/6002))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/69?closed=1).
 
@@ -368,11 +448,11 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- fix: upgrade to JCS3 (#5114)
-- fix: Support ~= version specifier in requirements.txt and pipfile (#5902)
-- fix: Version of dependency no longer ignored when CPE product has a 'java' suffix in a product name (#5901)
-- fix: Do not filter out evidences added by hints (#5900)
-- fix: fixes FP #5925 (#5927)
+- fix: upgrade to JCS3 ([#5114](https://github.com/dependency-check/DependencyCheck/pull/5114))
+- fix: Support ~= version specifier in requirements.txt and pipfile ([#5902](https://github.com/dependency-check/DependencyCheck/pull/5902))
+- fix: Version of dependency no longer ignored when CPE product has a 'java' suffix in a product name ([#5901](https://github.com/dependency-check/DependencyCheck/pull/5901))
+- fix: Do not filter out evidences added by hints ([#5900](https://github.com/dependency-check/DependencyCheck/pull/5900))
+- fix: fixes FP [#5925](https://github.com/dependency-check/DependencyCheck/pull/5925) ([#5927](https://github.com/dependency-check/DependencyCheck/pull/5927))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/67?closed=1).
 
@@ -380,17 +460,17 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Added
 
-- feat: Add support for Nexus v3 to NexusAnalyzer (#5849)
+- feat: Add support for Nexus v3 to NexusAnalyzer ([#5849](https://github.com/dependency-check/DependencyCheck/pull/5849))
 
 ### Fixed
 
-- fix: Hint Analyzer should run before VersionFilter Analyzer (#5818)
+- fix: Hint Analyzer should run before VersionFilter Analyzer ([#5818](https://github.com/dependency-check/DependencyCheck/pull/5818))
 - chore: switch to sha1-pinning as suggested by Semgrep
-- fix: OSS Index Analyzer SocketTimeoutException exception handling based on warn only parameter (#5845)
-- fix: use curl with -L to follow github redirect (#5808)
+- fix: OSS Index Analyzer SocketTimeoutException exception handling based on warn only parameter ([#5845](https://github.com/dependency-check/DependencyCheck/pull/5845))
+- fix: use curl with -L to follow github redirect ([#5808](https://github.com/dependency-check/DependencyCheck/pull/5808))
 - fix: use curl with -L to follow github redirect
-- fix: #5671 out of memory error (#5789)
-- fix: #5671 Exit method as soon as we detect a loop to prevent an infinite loop leading to an OutOfMemoryError
+- fix: [#5671](https://github.com/dependency-check/DependencyCheck/pull/5671) out of memory error ([#5789](https://github.com/dependency-check/DependencyCheck/pull/5789))
+- fix: [#5671](https://github.com/dependency-check/DependencyCheck/pull/5671) Exit method as soon as we detect a loop to prevent an infinite loop leading to an OutOfMemoryError
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/66?closed=1).
 
@@ -402,16 +482,16 @@ Re-release of 8.3.0 as 8.3.1.
 
 ### Added
 
- - Add LibmanAnalyzer (#5652)
- - Update HTML report Dependencies header based on display settings (#5619)
- - Add link to suppressed vulnerabilities header in HTML report (#5620)
- - Enable local proxy configuration in maven plugin configuration (#5696)
+ - Add LibmanAnalyzer ([#5652](https://github.com/dependency-check/DependencyCheck/pull/5652))
+ - Update HTML report Dependencies header based on display settings ([#5619](https://github.com/dependency-check/DependencyCheck/pull/5619))
+ - Add link to suppressed vulnerabilities header in HTML report ([#5620](https://github.com/dependency-check/DependencyCheck/pull/5620))
+ - Enable local proxy configuration in maven plugin configuration ([#5696](https://github.com/dependency-check/DependencyCheck/pull/5696))
 
 ### Fixed
 
- - Fix npm alias present in requires of dependencies (#5703)
- - Make Central URL configurable via CLI (#5667)
- - Ensure support of CVSSv3.1 (#5602)
+ - Fix npm alias present in requires of dependencies ([#5703](https://github.com/dependency-check/DependencyCheck/pull/5703))
+ - Make Central URL configurable via CLI ([#5667](https://github.com/dependency-check/DependencyCheck/pull/5667))
+ - Ensure support of CVSSv3.1 ([#5602](https://github.com/dependency-check/DependencyCheck/pull/5602))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/65?closed=1).
 
@@ -419,9 +499,9 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
- - NullPointerException in MSBuildAnalyzer (#5589)
- - SQL Syntax for Oracle (#5590)
- - Use `https://` URLs in report templates (#5582)
+ - NullPointerException in MSBuildAnalyzer ([#5589](https://github.com/dependency-check/DependencyCheck/pull/5589))
+ - SQL Syntax for Oracle ([#5590](https://github.com/dependency-check/DependencyCheck/pull/5590))
+ - Use `https://` URLs in report templates ([#5582](https://github.com/dependency-check/DependencyCheck/pull/5582))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/64?closed=1).
 
@@ -429,14 +509,14 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Added
 
- - Support msbuild Directory.build.props (#5475)
+ - Support msbuild Directory.build.props ([#5475](https://github.com/dependency-check/DependencyCheck/pull/5475))
  - better display of NPM audit references
  - Add CVSS V3 results from NPM Audit results
 
 ### Fixed
 
- - Fix several issues on NPM Audit reporting (#5546)
- - Case issue in SQL (#5557)
+ - Fix several issues on NPM Audit reporting ([#5546](https://github.com/dependency-check/DependencyCheck/pull/5546))
+ - Case issue in SQL ([#5557](https://github.com/dependency-check/DependencyCheck/pull/5557))
  - Fix CWE(s) extraction for NPM Audit advisories
  - Use the stable github_advisory_id instead of the now unstable id in NPM audit results
 
@@ -446,7 +526,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
- - Fix `NullPointerException` in the Jar Analyzer introduced in 8.1.1 (#5512)
+ - Fix `NullPointerException` in the Jar Analyzer introduced in 8.1.1 ([#5512](https://github.com/dependency-check/DependencyCheck/pull/5512))
  
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/62?closed=1).
 
@@ -454,13 +534,13 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
- - allow hosted suppressions file to be disabled (#5509)
- - Several FPs not suitable for our automation (#5504)
- - Fix incorrect defaults for nexus and central-analyzer in gradle plugin documentation (#5503)
- - Erroneous error-log for deprecated CLI flag usage when using properyfile based disablement of Node Audit Analyzer (#5487)
- - Prefer pom.properties G/A/V over pom.xml G/A/V to resolve GAV interpolation issues (#5473)
- - Node package dependencies ending up as related dependency of the wrong version of the package (#5479)
- - do not throw error if pyproject.toml is in node_modules (#5470)
+ - allow hosted suppressions file to be disabled ([#5509](https://github.com/dependency-check/DependencyCheck/pull/5509))
+ - Several FPs not suitable for our automation ([#5504](https://github.com/dependency-check/DependencyCheck/pull/5504))
+ - Fix incorrect defaults for nexus and central-analyzer in gradle plugin documentation ([#5503](https://github.com/dependency-check/DependencyCheck/pull/5503))
+ - Erroneous error-log for deprecated CLI flag usage when using properyfile based disablement of Node Audit Analyzer ([#5487](https://github.com/dependency-check/DependencyCheck/pull/5487))
+ - Prefer pom.properties G/A/V over pom.xml G/A/V to resolve GAV interpolation issues ([#5473](https://github.com/dependency-check/DependencyCheck/pull/5473))
+ - Node package dependencies ending up as related dependency of the wrong version of the package ([#5479](https://github.com/dependency-check/DependencyCheck/pull/5479))
+ - do not throw error if pyproject.toml is in node_modules ([#5470](https://github.com/dependency-check/DependencyCheck/pull/5470))
  
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/61?closed=1).
 
@@ -542,7 +622,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Resolved issue processing NVD CVE data due to column width (#5229)
+- Resolved issue processing NVD CVE data due to column width ([#5229](https://github.com/dependency-check/DependencyCheck/pull/5229))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/56?closed=1).
 
@@ -550,8 +630,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Fixed NPE when analyzing version ranges in NPM (#5158 & #5190)
-- Resolved several FP (#5191)
+- Fixed NPE when analyzing version ranges in NPM ([#5158](https://github.com/dependency-check/DependencyCheck/pull/5158) & [#5190](https://github.com/dependency-check/DependencyCheck/pull/5190))
+- Resolved several FP ([#5191](https://github.com/dependency-check/DependencyCheck/pull/5191))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/55?closed=1).
 
@@ -559,11 +639,11 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Fixes maven 3.1 compatibility issue (#5152)
-- Fixed issue with invalid `node_module` paths in some scans (#5135)
-- Fixed missing option to disable the Poetry Analyzer in the CLI (#5160)
-- Fixed missing option to configure the OSS Index URL in the CLI (#5180)
-- Fixed NPE when analyzing version ranges in NPM (#5158)
+- Fixes maven 3.1 compatibility issue ([#5152](https://github.com/dependency-check/DependencyCheck/pull/5152))
+- Fixed issue with invalid `node_module` paths in some scans ([#5135](https://github.com/dependency-check/DependencyCheck/pull/5135))
+- Fixed missing option to disable the Poetry Analyzer in the CLI ([#5160](https://github.com/dependency-check/DependencyCheck/pull/5160))
+- Fixed missing option to configure the OSS Index URL in the CLI ([#5180](https://github.com/dependency-check/DependencyCheck/pull/5180))
+- Fixed NPE when analyzing version ranges in NPM ([#5158](https://github.com/dependency-check/DependencyCheck/pull/5158))
 - Fixed issue with non-proxy host in the gradle plugin (https://github.com/dependency-check/dependency-check-gradle/pull/298)
 - Resolved several FP
 
@@ -573,8 +653,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Fixed bug when setting the proxy port in gradle (#5123)
-- Fixed issue with invalid `node_module` paths in some scans (#5127)
+- Fixed bug when setting the proxy port in gradle ([#5123](https://github.com/dependency-check/DependencyCheck/pull/5123))
+- Fixed issue with invalid `node_module` paths in some scans ([#5127](https://github.com/dependency-check/DependencyCheck/pull/5127))
 - Resolved several FP
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/53?closed=1).
@@ -583,20 +663,20 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Added
 
-- Add support for npm package lock v2 and v3 (#5078)
-- Added experimental support for Python Poetry (#5025)
-- Added a vanilla HTML report for use in Jenkins (#5053)
+- Add support for npm package lock v2 and v3 ([#5078](https://github.com/dependency-check/DependencyCheck/pull/5078))
+- Added experimental support for Python Poetry ([#5025](https://github.com/dependency-check/DependencyCheck/pull/5025))
+- Added a vanilla HTML report for use in Jenkins ([#5053](https://github.com/dependency-check/DependencyCheck/pull/5053))
 
 ### Changed
 
 - Renamed `RELEASE_NOTES.md` to `CHANGELOG.md` to be more conventional
-- Optimized checksum calculation to improve performance (#5112)
-- Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
+- Optimized checksum calculation to improve performance ([#5112](https://github.com/dependency-check/DependencyCheck/pull/5112))
+- Added support for scanning .NET assemblies when only the dotnet runtime is installed ([#5087](https://github.com/dependency-check/DependencyCheck/pull/5087))
 - Bumped several dependencies
 
 ### Fixed
 
-- Fixed bug when setting the proxy port (#5076)
+- Fixed bug when setting the proxy port ([#5076](https://github.com/dependency-check/DependencyCheck/pull/5076))
 - Resolved several FP and FN
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/52?closed=1).
@@ -607,8 +687,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 - Automated release of 7.3.1 failed and only published to Central; 7.3.2 is a re-release of 7.3.1.
 - Resolved several false positives and false negatives.
-- Use Jackson Afterburner if still on Java 8 (#4966).
-- Exclude `node_modules` from the Maven plugin's scan path (#4974).
+- Use Jackson Afterburner if still on Java 8 ([#4966](https://github.com/dependency-check/DependencyCheck/pull/4966)).
+- Exclude `node_modules` from the Maven plugin's scan path ([#4974](https://github.com/dependency-check/DependencyCheck/pull/4974)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/51?closed=1).
 
@@ -617,8 +697,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 ### Changed
 
 - Resolved several false positives and false negatives.
-- Use Jackson Afterburner if still on Java 8 (#4966).
-- Exclude `node_modules` from the Maven plugin's scan path (#4974).
+- Use Jackson Afterburner if still on Java 8 ([#4966](https://github.com/dependency-check/DependencyCheck/pull/4966)).
+- Exclude `node_modules` from the Maven plugin's scan path ([#4974](https://github.com/dependency-check/DependencyCheck/pull/4974)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/51?closed=1).
 
@@ -626,15 +706,15 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Added
 
-- Added an experimental Dart analyzer (#4869).
+- Added an experimental Dart analyzer ([#4869](https://github.com/dependency-check/DependencyCheck/pull/4869)).
 
 ### Changed
 
-- Migrated from Jackson Afterburner to Blackbird (#4905).
+- Migrated from Jackson Afterburner to Blackbird ([#4905](https://github.com/dependency-check/DependencyCheck/pull/4905)).
 
 ### Fixed
 
-- Fixed issue with the Maven plugin that caused concurrent modification exceptions (#4935).
+- Fixed issue with the Maven plugin that caused concurrent modification exceptions ([#4935](https://github.com/dependency-check/DependencyCheck/pull/4935)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/50?closed=1).
 
@@ -642,7 +722,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Fixed logging issue (#4846).
+- Fixed logging issue ([#4846](https://github.com/dependency-check/DependencyCheck/pull/4846)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/49?closed=1).
 
@@ -650,8 +730,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Add support for Bazel's pinned `maven_install.json` (#4772).
-- Fixed bug preventing the use of custom report templates (#4800).
+- Add support for Bazel's pinned `maven_install.json` ([#4772](https://github.com/dependency-check/DependencyCheck/pull/4772)).
+- Fixed bug preventing the use of custom report templates ([#4800](https://github.com/dependency-check/DependencyCheck/pull/4800)).
 - Updated several dependencies including upgrades for dependencies with CVEs.
 - Several bug fixes made and suppression rules were added.
 
@@ -661,8 +741,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- The maven plugin now includes pnpm and yarn lock files in the scan by default (#4753).
-- If a suppression rule is no longer used a log entry will be written (#4685).
+- The maven plugin now includes pnpm and yarn lock files in the scan by default ([#4753](https://github.com/dependency-check/DependencyCheck/pull/4753)).
+- If a suppression rule is no longer used a log entry will be written ([#4685](https://github.com/dependency-check/DependencyCheck/pull/4685)).
 - Several bug fixes made and suppression rules added.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/47?closed=1).
@@ -690,7 +770,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Update to `jackson-databind` (see #4285).
+- Update to `jackson-databind` (see [#4285](https://github.com/dependency-check/DependencyCheck/pull/4285)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/43?closed=1).
 
@@ -698,7 +778,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Update to `jackson-databind` (see #4285).
+- Update to `jackson-databind` (see [#4285](https://github.com/dependency-check/DependencyCheck/pull/4285)).
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/42?closed=1).
 
@@ -725,7 +805,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 - **Breaking:** The H2 database version has been upgraded.
   - if you use the `dataDirectory` option you will need to run a purge after upgrading.
 - **Breaking:** Upgraded to dotnet core 6.0. If analyzing dotnet assemblies the system will need to have the dotnet core 6.0.x runtime available.
-- The Sarif report format has been fixed and can now be imported into GitHub if desired (See #3993).
+- The Sarif report format has been fixed and can now be imported into GitHub if desired (See [#3993](https://github.com/dependency-check/DependencyCheck/pull/3993)).
 - Introduced IssueOps for False Positive reports to assist the team in evaluating FP reports.
   - [Create New FP Report Issue](https://github.com/dependency-check/DependencyCheck/issues/new?assignees=&labels=FP+Report&template=false-positive-report.yml&title=%5BFP%5D%3A+).
 - When analyzing Java projects ODC now includes data from the developers section. 
@@ -738,9 +818,9 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Performance improvements for some Maven projects (see #3923 and #3931).
-- Fixed bug in npm version handling introduced in 6.5.2 (see #3956).
-- Improved the node package analyzer to correctly report the origin of a dependency (see #3970).
+- Performance improvements for some Maven projects (see [#3923](https://github.com/dependency-check/DependencyCheck/pull/3923) and [#3931](https://github.com/dependency-check/DependencyCheck/pull/3931)).
+- Fixed bug in npm version handling introduced in 6.5.2 (see [#3956](https://github.com/dependency-check/DependencyCheck/pull/3956)).
+- Improved the node package analyzer to correctly report the origin of a dependency (see [#3970](https://github.com/dependency-check/DependencyCheck/pull/3970)).
 - General code maintenance and false positive reductions.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/39?closed=1).
@@ -749,9 +829,9 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Fixed false positives around log4j-api and Log4j-web (#3910 & #3937).
-- Bug fix when processing NPM lock files (#3893).
-- Added missing `pnpm` argmument to the CLI (#3916).
+- Fixed false positives around log4j-api and Log4j-web ([#3910](https://github.com/dependency-check/DependencyCheck/pull/3910) & [#3937](https://github.com/dependency-check/DependencyCheck/pull/3937)).
+- Bug fix when processing NPM lock files ([#3893](https://github.com/dependency-check/DependencyCheck/pull/3893)).
+- Added missing `pnpm` argmument to the CLI ([#3916](https://github.com/dependency-check/DependencyCheck/pull/3916)).
 - General code maintenance and false positive reductions.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/38?closed=1).
@@ -760,8 +840,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Updated the dependency-check-maven plugin to correctly support SNAPSHOT version when a classifier is specified (#3787).
-- Improved the analysis of Swift package manager (package.resolved - see #3813).
+- Updated the dependency-check-maven plugin to correctly support SNAPSHOT version when a classifier is specified ([#3787](https://github.com/dependency-check/DependencyCheck/pull/3787)).
+- Improved the analysis of Swift package manager (package.resolved - see [#3813](https://github.com/dependency-check/DependencyCheck/pull/3813)).
 - General code maintenance and false positive reductions.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/37?closed=1).
@@ -773,8 +853,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 - Updated build configuration to create [reproducible builds](https://reproducible-builds.org/).
 - Updated automated release process to work with branch protection.
 - Resolved several false positives in the Java ecosystem.
-- Enabled the Swift Resolved analyzer per #3735
-- Improved iOS support per #3168 and #3765
+- Enabled the Swift Resolved analyzer per [#3735](https://github.com/dependency-check/DependencyCheck/pull/3735)
+- Improved iOS support per [#3168](https://github.com/dependency-check/DependencyCheck/pull/3168) and [#3765](https://github.com/dependency-check/DependencyCheck/pull/3765)
 - Added the a new pnpm Analyzer
 - Fixed issue with some npm and yarn analysis failing due to large audit output
 
@@ -859,8 +939,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Resolved issue with Sarif report (#3243)
-- Resolved issue with Ruby Bundle Audit (#3256)
+- Resolved issue with Sarif report ([#3243](https://github.com/dependency-check/DependencyCheck/pull/3243))
+- Resolved issue with Ruby Bundle Audit ([#3256](https://github.com/dependency-check/DependencyCheck/pull/3256))
 - Several minor bug fixes and updates to reduce false positives
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/26?closed=1).
@@ -869,7 +949,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Fixed
 
-- Fixed a second NPE introduced in 6.1.3 (see #3246)
+- Fixed a second NPE introduced in 6.1.3 (see [#3246](https://github.com/dependency-check/DependencyCheck/pull/3246))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/25?closed=1).
 
@@ -877,7 +957,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Fixed an NPE introduced in 6.1.3 (see #3212)
+- Fixed an NPE introduced in 6.1.3 (see [#3212](https://github.com/dependency-check/DependencyCheck/pull/3212))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/24?closed=1).
 
@@ -885,8 +965,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Modified the new CPE matching strategy to be more performant (#3207)
-- Upgraded a vulnerable dependency (velocity-engine-core/CVE-2020-13936) (#3205)
+- Modified the new CPE matching strategy to be more performant ([#3207](https://github.com/dependency-check/DependencyCheck/pull/3207))
+- Upgraded a vulnerable dependency (velocity-engine-core/CVE-2020-13936) ([#3205](https://github.com/dependency-check/DependencyCheck/pull/3205))
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/23?closed=1).
 
@@ -925,7 +1005,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Added missing command line arguments per #3028 and #3035.
+- Added missing command line arguments per [#3028](https://github.com/dependency-check/DependencyCheck/pull/3028) and [#3035](https://github.com/dependency-check/DependencyCheck/pull/3035).
 - False positive reduction and minor bug fixes.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/19?closed=1).
@@ -942,20 +1022,20 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Added a bash command completion script (see #2916); to add completion to your shell
+- Added a bash command completion script (see [#2916](https://github.com/dependency-check/DependencyCheck/pull/2916)); to add completion to your shell
   `completion-for-dependency-check.sh` can be found in the bin directory of the CLI:
 
    ```bash
    $ source completion-for-dependency-check.sh
    ```
 
-- An experimental PIP File Analyzer was added (see #2877).
-- Analysis of Node JS produced several false positives (see #2796); the analysis has
+- An experimental PIP File Analyzer was added (see [#2877](https://github.com/dependency-check/DependencyCheck/pull/2877)).
+- Analysis of Node JS produced several false positives (see [#2796](https://github.com/dependency-check/DependencyCheck/pull/2796)); the analysis has
   been updated to reduce the number of false positives.
   - If analyzing Node JS projects it is highly recommended to disable the Node JS Analyzer
     and solely rely on the Node Audit Analyzer. There are plans to rework Node JS analysis
     in a future release.
-- Support for external Oracle databases has been add for the 6.x releases (see #2899)
+- Support for external Oracle databases has been add for the 6.x releases (see [#2899](https://github.com/dependency-check/DependencyCheck/pull/2899))
 - Resolved several reported false positives.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/17?closed=1).
@@ -966,8 +1046,8 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 - The project is migrating from hosting the release archives on Bintray and moving them to Github under the assets for each [release](https://github.com/dependency-check/DependencyCheck/releases)
   - **Please update any automation you have to point to the new location.**
-- Npm Audit Analyzer now correctly skips dev dependencies (`--nodeAuditSkipDevDependencies`); see #2482.
-- GoLang Analyzer now scans transitive dependencies; see #2680.
+- Npm Audit Analyzer now correctly skips dev dependencies (`--nodeAuditSkipDevDependencies`); see [#2482](https://github.com/dependency-check/DependencyCheck/pull/2482).
+- GoLang Analyzer now scans transitive dependencies; see [#2680](https://github.com/dependency-check/DependencyCheck/pull/2680).
 - Several bug fixes found in 6.0.1.
 
 See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/16?closed=1).
@@ -990,7 +1070,7 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 - Updated database schema; this is a *breaking change* and anyone using an external database or those whom
   specify the data directory will need recreate the database (including users of the docker image). The schema
   changes were made to:
-  - Improve the CVSS data, when available, per #2547
+  - Improve the CVSS data, when available, per [#2547](https://github.com/dependency-check/DependencyCheck/pull/2547)
   - Improve the way that ecosystems are determined
   - Improve the update performance of external databases
 - Users with an **external Oracle** database will not be able to upgrade as https://github.com/dependency-check/DependencyCheck/issues/2755
@@ -1011,55 +1091,55 @@ See the full listing of [changes](https://github.com/dependency-check/Dependency
 
 ### Changed
 
-- Added an experimental PE Analyzer that reads the PE headers of DLL and EXE files; see [#2448](https://github.com/jeremylong/DependencyCheck/pull/2448) and [#2446](https://github.com/jeremylong/DependencyCheck/pull/2446).
+- Added an experimental PE Analyzer that reads the PE headers of DLL and EXE files; see [#2448](https://github.com/dependency-check/DependencyCheck/pull/2448) and [#2446](https://github.com/dependency-check/DependencyCheck/pull/2446).
 - Lots of bug fixes and updates to false positives and false negatives
   - You may see a large one time performance hit when updating the database after updating to 5.3.1
 
-See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/12?closed=1).
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/12?closed=1).
 
-## [Version 5.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.3.0) (2020-01-15)
+## [Version 5.3.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.3.0) (2020-01-15)
 
 ### Changed
 
-- Updated the JSON report to include a new field for unscored vulnerabilities (see #2392).
-- Updated the XML report to include a new attribute to flag unscored vulnerabilities (see #2392)
-  - see https://github.com/jeremylong/DependencyCheck/blob/main/core/src/main/resources/schema/dependency-check.2.3.xsd
-- Added an experimental analyzer that will lookup Node libraries in the NVD data feeds (see #1249)
+- Updated the JSON report to include a new field for unscored vulnerabilities (see [#2392](https://github.com/dependency-check/DependencyCheck/pull/2392)).
+- Updated the XML report to include a new attribute to flag unscored vulnerabilities (see [#2392](https://github.com/dependency-check/DependencyCheck/pull/2392))
+  - see https://github.com/dependency-check//DependencyCheck/blob/main/core/src/main/resources/schema/dependency-check.2.3.xsd
+- Added an experimental analyzer that will lookup Node libraries in the NVD data feeds (see [#1249](https://github.com/dependency-check/DependencyCheck/pull/1249))
   - `NpmCPEAnalyzer`, experimental analyzers must be enabled, controlled via property `analyzer.npm.cpe.enabled` which will be exposed as a configuration option in the next release.
 
-See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/11?closed=1).
+See the full listing of [changes](https://github.com/dependency-check/DependencyCheck/milestone/11?closed=1).
 
-## [Version 5.2.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.4) (2019-11-12)
+## [Version 5.2.4](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.2.4) (2019-11-12)
 
 ### Changed
 
 - Reverted a in 5.2.3 that caused the dependency-check.sh script to fail on some systems (including the docker image).
 - Fixed issue with pretty printing the XML report.
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.4).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.4).
 
-## [Version 5.2.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.3) (2019-11-11)
+## [Version 5.2.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.2.3) (2019-11-11)
 
 ### Changed
 
-- Updated to use the NVD JSON 1.1 schema (see [#2273](https://github.com/jeremylong/DependencyCheck/issues/2273)).
+- Updated to use the NVD JSON 1.1 schema (see [#2273](https://github.com/dependency-check/DependencyCheck/issues/2273)).
   - This update is 100% backward compatible with the 1.0 schema if you are mirroring the 1.0 JSON files.
 - Added `nonProxyHosts` to the CLI and gradle plugin.
 - False positive corrections.
 - General code cleanup/bug fix.
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.3) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.2.3+is%3Aclosed+).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.3) and [pull requests](https://github.com/dependency-check/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.2.3+is%3Aclosed+).
 
-## [Version 5.2.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.2) (2019-09-22)
+## [Version 5.2.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.2.2) (2019-09-22)
 
 ### Changed
 
 - False positive corrections
 - General code cleanup/bug fix
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.2).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.2).
 
-## [Version 5.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.1) (2019-08-04)
+## [Version 5.2.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.2.1) (2019-08-04)
 
 ### Changed
 
@@ -1068,29 +1148,29 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
 - False positive corrections
 - General code cleanup/bug fix
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.1).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.1).
 
-## [Version 5.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.0) (2019-07-21)
+## [Version 5.2.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.2.0) (2019-07-21)
 
 ### Changed
 
 - Resolved formatting issues within the CSV report
 - False positive corrections
 - Renamed three properties within the `dependencycheck.properties`; there is no impact unless you are using a properties file in your build to control the CLI.
-- Added support for rbenv for Bundle Audit Analysis (see https://github.com/jeremylong/DependencyCheck/issues/2060).
+- Added support for rbenv for Bundle Audit Analysis (see https://github.com/dependency-check/DependencyCheck/issues/2060).
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.0).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.0).
 
-## [Version 5.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.1.1) (2019-07-15)
+## [Version 5.1.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.1.1) (2019-07-15)
 
 ### Changed
 
 - False positive corrections
 - General code cleanup
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?q=is%3Aissue+milestone%3A5.1.1+is%3Aclosed).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?q=is%3Aissue+milestone%3A5.1.1+is%3Aclosed).
 
-## [Version 5.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.1.0) (2019-06-28)
+## [Version 5.1.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.1.0) (2019-06-28)
 
 ### Changed
 
@@ -1101,16 +1181,16 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
 - Added optional configuration to add credentials to the OSS Index analysis.
 - Resolved issues when Oracle or MySQL were used as a centralized database in 5.0.0.
 
-See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.1.0) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.1.0).
+See the full listing of [resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.1.0) and [pull requests](https://github.com/dependency-check/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.1.0).
 
-## [Version 5.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0) (2019-06-09)
+## [Version 5.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.0.0) (2019-06-09)
 
 ### Changed
 
 - Add caching of OSS-Index, Central Analyzer, and Node Audit analysis results.
-- General bug fixes identified in the previous milestone releases; see [5.0.0 resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.0.0+) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.0.0).
+- General bug fixes identified in the previous milestone releases; see [5.0.0 resolved issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.0.0+) and [pull requests](https://github.com/dependency-check/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.0.0).
 
-## [Version 5.0.0-M3](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M3) (2019-05-06)
+## [Version 5.0.0-M3](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.0.0-M3) (2019-05-06)
 
 ### Changed
 
@@ -1118,7 +1198,7 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
 
 ### Changed
 
-- Several bug fixes and minor enhancements have been made; see the related [issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+).
+- Several bug fixes and minor enhancements have been made; see the related [issues](https://github.com/dependency-check/DependencyCheck/issues?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+) and [pull requests](https://github.com/dependency-check/DependencyCheck/pulls?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+).
 - Multiple report formats can be specified; if you wanted just two of the reports you no longer need to use ALL.
 - A new JUNIT formatted report has been added; this provides a different way to integrate with Jenkins builds; the following example creates a JUNIT report with failures for any CVE with a CVSS score greater than or equal to 7.0 the Jenkins pipeline script shows how to publish the report:
 
@@ -1161,14 +1241,14 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
   }
   ```
 
-## [Version 5.0.0-M2](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M2) (2019-03-11)
+## [Version 5.0.0-M2](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.0.0-M2) (2019-03-11)
 
 ### Changed
 
 - **Breaking:** [dotnet core](https://dotnet.microsoft.com/download/dotnet-core/2.2) must be installed to analyze .NET assemblies.
 - **Breaking:** The retire.js analyzer is no longer considered experimental and is enabled by default.
 
-## [Version 5.0.0-M1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M1) (2019-02-17)
+## [Version 5.0.0-M1](https://github.com/dependency-check/DependencyCheck/releases/tag/v5.0.0-M1) (2019-02-17)
 
 ### Changed
 
@@ -1185,7 +1265,7 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
   from one technology stack do not appear on a dependency built using a completely different stack (e.g.
   NodeJS vulnerabilities should not show up on a .NET DLL).
 
-## [Version 4.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.2) (2019-01-01)
+## [Version 4.0.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v4.0.2) (2019-01-01)
 
 ### Added
 
@@ -1194,91 +1274,91 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
   To enable this feature set `<skipDependencyManagement>false</skipDependencyManagement>`.
 - If using a local Nexus server (v2 or v3 pro) it is now possible to provide authentication credentials.
   - Previous versions only worked with anonymous/unauthenticated access.
-  - See [issue #977](https://github.com/jeremylong/DependencyCheck/issues/977)
+  - See [issue #977](https://github.com/dependency-check/DependencyCheck/issues/977)
 
 ### Fixed
 
 - Updated fix for transitive dependencies with known vulnerabilities (guava and commons-collections)
   so that the upgrade occurs correctly in other integrations that utilize core; see
-  [issue #1562](https://github.com/jeremylong/DependencyCheck/issues/1561#issuecomment-450112110).
+  [issue #1562](https://github.com/dependency-check/DependencyCheck/issues/1561#issuecomment-450112110).
 - Resolved several false positives
 
-## [Version 4.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.1) (2018-12-17)
+## [Version 4.0.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v4.0.1) (2018-12-17)
 
 ### Fixed
 
-- Fixed issue with false positives due to Lucene upgrade. See [#1531](https://github.com/jeremylong/DependencyCheck/issues/1580).
+- Fixed issue with false positives due to Lucene upgrade. See [#1531](https://github.com/dependency-check/DependencyCheck/issues/1580).
 - Resolved several false positives.
 - Resolved typo in documentation.
 
-## [Version 4.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.0) (2018-11-21)
+## [Version 4.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v4.0.0) (2018-11-21)
 
 ### Changed
 
-- OWASP dependency-check no longer supports running in JRE/JDK 7; JRE/JDK 8 or higher is required run dependency-check. See [#1531](https://github.com/jeremylong/DependencyCheck/issues/1531).
+- OWASP dependency-check no longer supports running in JRE/JDK 7; JRE/JDK 8 or higher is required run dependency-check. See [#1531](https://github.com/dependency-check/DependencyCheck/issues/1531).
 
 ### Fixed
 
-- Upgraded dependencies to resolve published vulnerabilities (Guava and Lucene); See [#1561](https://github.com/jeremylong/DependencyCheck/issues/1561).
+- Upgraded dependencies to resolve published vulnerabilities (Guava and Lucene); See [#1561](https://github.com/dependency-check/DependencyCheck/issues/1561).
 
-## [Version 3.3.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.4) (2018-10-28)
+## [Version 3.3.4](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.3.4) (2018-10-28)
 
 ### Fixed
 
 - Resolved bug with parsing license information during analysis of Node.js modules.
 
-## [Version 3.3.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.3) (2018-10-27)
+## [Version 3.3.3](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.3.3) (2018-10-27)
 
 ### Changed
 
-- Migrated the NSP Analyzer to use the Node Audit APIs instead; see [#1366](https://github.com/jeremylong/DependencyCheck/issues/1366).
+- Migrated the NSP Analyzer to use the Node Audit APIs instead; see [#1366](https://github.com/dependency-check/DependencyCheck/issues/1366).
   - Note that the analyzer and configuration was changed to NodeAuditAnalyzer.
   - Configurations for the NSP analyzer have been deprecated and will control the NodeAuditAnalyzer if used; note that the NSP configuration options will be removed in a future release.
-- The [dependency-check-gradle](https://github.com/jeremylong/dependency-check-gradle) plugin was updated to include a default scan set
+- The [dependency-check-gradle](https://github.com/dependency-check/Dependency-check-gradle) plugin was updated to include a default scan set
   of ['src/main/resources','src/main/webapp'] and any dependencies contained in these directories will be analyzed. The purpose of this
   enhancement is to enable the RetireJS Analyzer to scan JavaScript files that may be included.
 
 ### Fixed
 
-- Resolved **false negative** on Bouncy Castle JAR files; see [#1500](https://github.com/jeremylong/DependencyCheck/issues/1500).
-- Resolved **false negatives** that may occur when using the Maven plugin if transitive dependencies of a library in use and is also declared as a primary dependency in a scope that is not used; see [#1512](https://github.com/jeremylong/DependencyCheck/issues/1512).
-- Resolved **false negatives** on libraries that contain an update version or timestamp tacked onto the end of the version number; see [#1537](https://github.com/jeremylong/DependencyCheck/issues/1537).
+- Resolved **false negative** on Bouncy Castle JAR files; see [#1500](https://github.com/dependency-check/DependencyCheck/issues/1500).
+- Resolved **false negatives** that may occur when using the Maven plugin if transitive dependencies of a library in use and is also declared as a primary dependency in a scope that is not used; see [#1512](https://github.com/dependency-check/DependencyCheck/issues/1512).
+- Resolved **false negatives** on libraries that contain an update version or timestamp tacked onto the end of the version number; see [#1537](https://github.com/dependency-check/DependencyCheck/issues/1537).
   - The resolution for these false negatives may generate some false positives, please continue to report false positives and the engine can continue to be tuned.
-- Fixed bug preventing multiple proxies from being defined for Maven; see [#831](https://github.com/jeremylong/DependencyCheck/issues/831).
-- Updated the suppress buttons in the HTML report to generate the XML using the latest suppression schema; see [#489](https://github.com/jeremylong/DependencyCheck/issues/1489).
-- Added the `--artifactoryUrl` argument to the CLI - this was missed when the Artifactory Analyzer was previously added; see [#1492](https://github.com/jeremylong/DependencyCheck/issues/1492).
-- Updated test cases so that they no longer fail behind a proxy; see [#1493](https://github.com/jeremylong/DependencyCheck/issues/1493).
-- Resolved several reported false positives; see [#1504](https://github.com/jeremylong/DependencyCheck/issues/1504), [#1513](https://github.com/jeremylong/DependencyCheck/issues/1513),
-  [#1515](https://github.com/jeremylong/DependencyCheck/issues/1515), [#1529](https://github.com/jeremylong/DependencyCheck/issues/1529), [#1535](https://github.com/jeremylong/DependencyCheck/issues/1535),
-  and [#1437](https://github.com/jeremylong/DependencyCheck/issues/1437).
-- Fixed copy/paste error in JavaDoc; see [#1509](https://github.com/jeremylong/DependencyCheck/issues/1509).
+- Fixed bug preventing multiple proxies from being defined for Maven; see [#831](https://github.com/dependency-check/DependencyCheck/issues/831).
+- Updated the suppress buttons in the HTML report to generate the XML using the latest suppression schema; see [#489](https://github.com/dependency-check/DependencyCheck/issues/1489).
+- Added the `--artifactoryUrl` argument to the CLI - this was missed when the Artifactory Analyzer was previously added; see [#1492](https://github.com/dependency-check/DependencyCheck/issues/1492).
+- Updated test cases so that they no longer fail behind a proxy; see [#1493](https://github.com/dependency-check/DependencyCheck/issues/1493).
+- Resolved several reported false positives; see [#1504](https://github.com/dependency-check/DependencyCheck/issues/1504), [#1513](https://github.com/dependency-check/DependencyCheck/issues/1513),
+  [#1515](https://github.com/dependency-check/DependencyCheck/issues/1515), [#1529](https://github.com/dependency-check/DependencyCheck/issues/1529), [#1535](https://github.com/dependency-check/DependencyCheck/issues/1535),
+  and [#1437](https://github.com/dependency-check/DependencyCheck/issues/1437).
+- Fixed copy/paste error in JavaDoc; see [#1509](https://github.com/dependency-check/DependencyCheck/issues/1509).
 
-## [Version 3.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.2) (2018-09-14)
+## [Version 3.3.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.3.2) (2018-09-14)
 
 ### Fixed
 
-- Gradle plugin was updated to include backward compatibility with gradle < v4.0; see [#95](https://github.com/jeremylong/dependency-check-gradle/issues/95).
-- Gradle plugin improved handling of Android project; see [#94](https://github.com/jeremylong/dependency-check-gradle/issues/94)
-- CLI used an incorrect key for RetireJS causing the analyzer to not be loaded in some cases; see [#1440](https://github.com/jeremylong/DependencyCheck/issues/1440).
-- Resolved failure in the `CentralAnalyzer` when the pom.xml is not available in Central; see [#1439](https://github.com/jeremylong/DependencyCheck/issues/1439).
-- Resolved exception when JAR files contain invalid pom.xml files outside of META-INF; see [#1438](https://github.com/jeremylong/DependencyCheck/issues/1438).
+- Gradle plugin was updated to include backward compatibility with gradle < v4.0; see [#95](https://github.com/dependency-check/Dependency-check-gradle/issues/95).
+- Gradle plugin improved handling of Android project; see [#94](https://github.com/dependency-check/Dependency-check-gradle/issues/94)
+- CLI used an incorrect key for RetireJS causing the analyzer to not be loaded in some cases; see [#1440](https://github.com/dependency-check/DependencyCheck/issues/1440).
+- Resolved failure in the `CentralAnalyzer` when the pom.xml is not available in Central; see [#1439](https://github.com/dependency-check/DependencyCheck/issues/1439).
+- Resolved exception when JAR files contain invalid pom.xml files outside of META-INF; see [#1438](https://github.com/dependency-check/DependencyCheck/issues/1438).
 - Resolved several reported false positives.
 
-## [Version 3.3.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.1) (2018-08-06)
+## [Version 3.3.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.3.1) (2018-08-06)
 
 ### Changed
 
-- An Nuget Packages.config Analyzer was added; see [#1412](https://github.com/jeremylong/DependencyCheck/issues/1412).
+- An Nuget Packages.config Analyzer was added; see [#1412](https://github.com/dependency-check/DependencyCheck/issues/1412).
 
 ### Fixed
 
-- Fixed error handling with regard to invalid manifest files contained within JAR files; see [#1024](https://github.com/jeremylong/DependencyCheck/issues/1024).
-- Fixed parsing of pom.xml files, in some cases a SAX Exception would be thrown; see [#1400](https://github.com/jeremylong/DependencyCheck/issues/1400).
-- Fixed bug that caused dependency-check to crash if the temporary directory and data directory were on different drives; see [#1394](https://github.com/jeremylong/DependencyCheck/issues/1394).
-- Fixed bug in dependency-check-maven where an aggregate analysis did not scan all files defined in the ScanSet; see [#1421](https://github.com/jeremylong/DependencyCheck/issues/1421).
-- Fixed NPE in dependency-check-gradle that occurred when artifacts where included using `implementation files("./lib/some.jar")`; see [#91](https://github.com/jeremylong/dependency-check-gradle/issues/91).
+- Fixed error handling with regard to invalid manifest files contained within JAR files; see [#1024](https://github.com/dependency-check/DependencyCheck/issues/1024).
+- Fixed parsing of pom.xml files, in some cases a SAX Exception would be thrown; see [#1400](https://github.com/dependency-check/DependencyCheck/issues/1400).
+- Fixed bug that caused dependency-check to crash if the temporary directory and data directory were on different drives; see [#1394](https://github.com/dependency-check/DependencyCheck/issues/1394).
+- Fixed bug in dependency-check-maven where an aggregate analysis did not scan all files defined in the ScanSet; see [#1421](https://github.com/dependency-check/DependencyCheck/issues/1421).
+- Fixed NPE in dependency-check-gradle that occurred when artifacts where included using `implementation files("./lib/some.jar")`; see [#91](https://github.com/dependency-check/Dependency-check-gradle/issues/91).
 
-## [Version 3.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.0) (2018-07-22)
+## [Version 3.3.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.3.0) (2018-07-22)
 
 ### Changed
 
@@ -1287,52 +1367,52 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
 - An experimental Retire JS analyzer has been added to analyze client side JavaScript.
   - This utilizes information from the RetireJS repo on github. If you have a proxy that prevents access you will either need to have access granted to https://raw.githubusercontent.com/Retirejs/retire.js/main/repository/jsrepository.json or host the file internally, update the environment variable `analyzer.retirejs.repo.js.ur`, and periodically update the file.
   - This analyzer is considered experimental, but the team expects this to be promoted quickly.
-- NuGet dependencies contained in MSBuild files are now included in the scan. See [Issue #1131](https://github.com/jeremylong/DependencyCheck/issues/1131) for more details.
-- Cocoapod's Podfile.lock is now analyzed when present. See [PR #1324](https://github.com/jeremylong/DependencyCheck/pull/1324) for more information.
+- NuGet dependencies contained in MSBuild files are now included in the scan. See [Issue #1131](https://github.com/dependency-check/DependencyCheck/issues/1131) for more details.
+- Cocoapod's Podfile.lock is now analyzed when present. See [PR #1324](https://github.com/dependency-check/DependencyCheck/pull/1324) for more information.
 
 ### Fixed
 
-- The dependency-check-gradle plugin can now analyze multi-project android builds. See [PR #09](https://github.com/jeremylong/dependency-check-gradle/pull/90) for more information.
-- In some cases extremely large project may cause dependency-check to fail due to the analysis time. Previously, the analysis was capped at 10 minutes; the timeout was increased to 20 minutes and made configurable if this continues to be an issue for some users. See [issue #936](https://github.com/jeremylong/DependencyCheck/issues/936) for more information.
+- The dependency-check-gradle plugin can now analyze multi-project android builds. See [PR #09](https://github.com/dependency-check/Dependency-check-gradle/pull/90) for more information.
+- In some cases extremely large project may cause dependency-check to fail due to the analysis time. Previously, the analysis was capped at 10 minutes; the timeout was increased to 20 minutes and made configurable if this continues to be an issue for some users. See [issue #936](https://github.com/dependency-check/DependencyCheck/issues/936) for more information.
 - Some pom.xml files could not be analyzed because they contained a doctype definition. The parser has been enhanced to strip the doctype definitions.
 - Fixed issue where, in some cases, temporary files were not correctly cleaned up in Jenkins and gradle builds.
-- Fixed issue where, in some cases, files were retrieved from Maven Central using HTTP instead of HTTPS. See [issue #1325](https://github.com/jeremylong/DependencyCheck/issues/1325) for more information.
+- Fixed issue where, in some cases, files were retrieved from Maven Central using HTTP instead of HTTPS. See [issue #1325](https://github.com/dependency-check/DependencyCheck/issues/1325) for more information.
   - Additionally, a retry count was added when attempting to download pom.xml files during analysis.
-- Fixed issue where nodejs dependencies were not correctly analyzed. See [issue #1355](https://github.com/jeremylong/DependencyCheck/issues/1355) for more information.
+- Fixed issue where nodejs dependencies were not correctly analyzed. See [issue #1355](https://github.com/dependency-check/DependencyCheck/issues/1355) for more information.
 - Fixed issue where the CWE was not written to the CSV report.
 - In addition, general bug fixes, code cleanup, and false positive/negatives updates were made.
 
-## [Version 3.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.2.1) (2018-05-28)
+## [Version 3.2.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.2.1) (2018-05-28)
 
 ### Fixed
 
-- In some cases when using the Maven or Gradle plugins the GAV coordinates were not being added as an Identifier causing suppression rules to fail; this has been resolved (#1298)
-- Documentation Update (SCM links in the maven site were broken) (#1297)
-- False positive reduction (#1290)
-- Enhanced logging output for TLS failures to better assist with debugging (#1269)
-- Resolved a Null Pointer Exception (#1296)
+- In some cases when using the Maven or Gradle plugins the GAV coordinates were not being added as an Identifier causing suppression rules to fail; this has been resolved ([#1298](https://github.com/dependency-check/DependencyCheck/pull/1298))
+- Documentation Update (SCM links in the maven site were broken) ([#1297](https://github.com/dependency-check/DependencyCheck/pull/1297))
+- False positive reduction ([#1290](https://github.com/dependency-check/DependencyCheck/pull/1290))
+- Enhanced logging output for TLS failures to better assist with debugging ([#1269](https://github.com/dependency-check/DependencyCheck/pull/1269))
+- Resolved a Null Pointer Exception ([#1296](https://github.com/dependency-check/DependencyCheck/pull/1296))
 
-## [Version 3.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.2.0) (2018-05-21)
+## [Version 3.2.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.2.0) (2018-05-21)
 
 ### Changed
 
 - Excess white space has been removed from the XML and HTML reports; the JSON report is still pretty printed (a future release will convert this to a configurable option)
 - Better error reporting
 - Changed to use commons-text instead of commons-lang3 as a portion of commons-lang3 was moved to commonts-text
-- Added more flexible suppression rules with the introduction of the `until` attribute (see [#1145](https://github.com/jeremylong/DependencyCheck/issues/1145) and [dependency-suppression.1.2.xsd](https://dependency-check.github.io/DependencyCheck/dependency-suppression.1.2.xsd)
+- Added more flexible suppression rules with the introduction of the `until` attribute (see [#1145](https://github.com/dependency-check/DependencyCheck/issues/1145) and [dependency-suppression.1.2.xsd](https://dependency-check.github.io/DependencyCheck/dependency-suppression.1.2.xsd)
 
 ### Fixed
 
 - Unsafe unzip operations ([zip slip](https://github.com/snyk/zip-slip-vulnerability)), as reported by the Snyk Security Research Team, have been corrected. CVE-2018-12036 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
 - The dependency-check-maven plugin no longer uses the [Central Analyzer](https://dependency-check.github.io/DependencyCheck/analyzers/central-analyzer.html) by default
-- Updated dependency-check-maven so that it will not fail when your multi-module build has dependencies that have not yet been built in the reactor (See [#740](https://github.com/jeremylong/DependencyCheck/issues/740))
+- Updated dependency-check-maven so that it will not fail when your multi-module build has dependencies that have not yet been built in the reactor (See [#740](https://github.com/dependency-check/DependencyCheck/issues/740))
   - Note if the required dependency has not yet been built in the reactor and the dependency is available in a configured repository dependency-check-maven, as expected, would pull the dependency from the repository for analysis.
 - Minor documentation updates
 - False positive reduction
 - Fixed the Gradle Plugin and Ant Task so that the temp directory is properly cleaned up after execution
-- Removed TLSv1 from the list of protocols used by default (See [#1237](https://github.com/jeremylong/DependencyCheck/pull/1237))
+- Removed TLSv1 from the list of protocols used by default (See [#1237](https://github.com/dependency-check/DependencyCheck/pull/1237))
 
-## [Version 3.1.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.2) (2018-04-02)
+## [Version 3.1.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.1.2) (2018-04-02)
 
 ### Fixed
 
@@ -1342,11 +1422,11 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
   will include a reference to the project/module where they were found
 - The configuration option `versionCheckEnabled` was added to Maven to allow users to disable the check for
   new versions of dependency-check; this will be added to gradle plugin, Ant Task, and the CLI in a future release
-- The XML and JSON reports were fixed so that the correct version number is displayed see [issue #1109](https://github.com/jeremylong/DependencyCheck/issues/1109)
+- The XML and JSON reports were fixed so that the correct version number is displayed see [issue #1109](https://github.com/dependency-check/DependencyCheck/issues/1109)
 - The initial database creation time for H2 databases was improved
 - Changes made to decrease false positive and false negatives
 
-## [Version 3.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.1) (2018-01-29)
+## [Version 3.1.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.1.1) (2018-01-29)
 
 ### Fixed
 
@@ -1355,7 +1435,7 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
 - False positive reduction.
 - Minor documentation cleanup.
 
-## [Version 3.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.0) (2018-01-02)
+## [Version 3.1.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.1.0) (2018-01-02)
 
 ### Changed
 
@@ -1375,19 +1455,19 @@ See the full listing of [resolved issues](https://github.com/jeremylong/Dependen
   the query to break.
 - General cleanup, false positive, and false negative reduction.
 
-## [Version 3.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.2) (2017-11-13)
+## [Version 3.0.2](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.0.2) (2017-11-13)
 
 ### Fixed
 
 - Updated the query format for the CentralAnalyzer; the old format caused the CentralAnalyzer to fail
 
-## [Version 3.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.1) (2017-10-20)
+## [Version 3.0.1](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.0.1) (2017-10-20)
 
 ### Fixed
 
 - Fixed a database connection issue that affected some usages.
 
-## [Version 3.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.0) (2017-10-16)
+## [Version 3.0.0](https://github.com/dependency-check/DependencyCheck/releases/tag/v3.0.0) (2017-10-16)
 
 - Several bug fixes and false positive reduction
   - The 2.x branch introduced several new false positives – but also reduced the false negatives
diff --git a/Dockerfile b/Dockerfile
index 936f976331c..d45176bc3d9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,10 @@
-FROM golang:1.24.2-alpine AS go
+FROM golang:1.25.2-alpine AS go
 
-FROM azul/zulu-openjdk-alpine:21 AS jlink
+FROM azul/zulu-openjdk-alpine:25 AS jlink
 
-RUN "$JAVA_HOME/bin/jlink" --compress=2 --module-path /opt/java/openjdk/jmods --add-modules java.base,java.compiler,java.datatransfer,jdk.crypto.ec,java.desktop,java.instrument,java.logging,java.management,java.naming,java.rmi,java.scripting,java.security.sasl,java.sql,java.transaction.xa,java.xml,jdk.unsupported --output /jlinked
+RUN "$JAVA_HOME/bin/jlink" --compress=zip-6 --module-path /opt/java/openjdk/jmods --add-modules java.base,java.compiler,java.datatransfer,jdk.crypto.ec,java.desktop,java.instrument,java.logging,java.management,java.naming,java.rmi,java.scripting,java.security.sasl,java.sql,java.transaction.xa,java.xml,jdk.unsupported --output /jlinked
 
-FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine3.18
+FROM mcr.microsoft.com/dotnet/runtime:8.0-alpine3.22
 
 ARG VERSION
 ARG POSTGRES_DRIVER_VERSION=42.7.5
@@ -47,7 +47,7 @@ RUN apk update
     apk del .build-deps
 
 ### remove any suid sgid - we don't need them
-RUN find / -perm +6000 -type f -exec chmod a-s {} \;
+RUN find / -path /proc -prune -perm +6000 -type f -exec chmod a-s {} \;
 USER ${UID}
 
 VOLUME ["/src", "/report"]
diff --git a/README.md b/README.md
index 7f8bf13bc48..50a2edfec1a 100644
--- a/README.md
+++ b/README.md
@@ -175,7 +175,7 @@ For instructions on the use of the Ant Task, please see the [dependency-check-an
 
 For installation to pass, you must have the following components installed:
 * Java: `java -version` 11.0
-* Maven: `mvn -version` 3.5.0 and higher
+* Maven: `mvn -version` 3.6.3 and higher
 
 Tests cases require:
 * dotnet core version 8.0
@@ -341,7 +341,7 @@ Building the documentation
 
 The documentation on the [github pages](https://dependency-check.github.io/DependencyCheck/) is generated from this repository:
 
-    mvn -s settings.xml site  site:staging
+    mvn -s settings.xml site site:stage
 
 Once done, point your browser to `./target/staging/index.html`.
 
@@ -363,7 +363,9 @@ Dependency-Check makes use of several other open source libraries. Please see th
 
 This product uses the NVD API but is not endorsed or certified by the NVD.
 
-Copyright (c) 2012-2024 Jeremy Long. All Rights Reserved.
+Copyright (c) 2012-2025 Jeremy Long. All Rights Reserved.
 
   [wiki]: https://github.com/dependency-check/DependencyCheck/wiki
   [notices]: https://github.com/dependency-check/DependencyCheck/blob/main/NOTICE.txt
+
+<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=c78174f3-f898-4a5d-b3ab-1202b7db8ef6" />
diff --git a/SECURITY.md b/SECURITY.md
index ec0093618a1..08e36f7633f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -3,9 +3,9 @@
 ## Supported Versions
 
 | Version   | Supported          |
-| ----------|--------------------|
-| 10.0.2+   | :white_check_mark: |
-| <= 10.0.1 | :x:                |
+|-----------|--------------------|
+| 12.1.3+   | :white_check_mark: |
+| <= 12.1.2 | :x:                |
 
 ## Reporting a Vulnerability
 
diff --git a/ant/README.md b/ant/README.md
index 6d7f2fe67f7..3338cd1f12d 100644
--- a/ant/README.md
+++ b/ant/README.md
@@ -17,3 +17,5 @@ Dependency-Check is Copyright (c) 2012-2014 Jeremy Long. All Rights Reserved.
 Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE.txt](https://github.com/dependency-check/DependencyCheck/blob/main/LICENSE.txt) file for the full license.
 
 Dependency-Check-Ant makes use of other open source libraries. Please see the [NOTICE.txt](https://github.com/dependency-check/DependencyCheck/blob/main/ant/NOTICE.txt) file for more information.
+
+<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=c78174f3-f898-4a5d-b3ab-1202b7db8ef6" />
\ No newline at end of file
diff --git a/ant/pom.xml b/ant/pom.xml
index 87ee99d07b2..46436bd8888 100644
--- a/ant/pom.xml
+++ b/ant/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
     </parent>
 
     <artifactId>dependency-check-ant</artifactId>
@@ -32,7 +32,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/main/ant</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <build>
         <resources>
diff --git a/ant/src/site/markdown/config-purge.md b/ant/src/site/markdown/config-purge.md
index 728fe248d54..e048190e5bb 100644
--- a/ant/src/site/markdown/config-purge.md
+++ b/ant/src/site/markdown/config-purge.md
@@ -14,8 +14,8 @@ Configuration: dependency-check-purge Task
 --------------------
 The following properties can be set on the dependency-check-purge task.
 
- Property      | Description                                                                | Default Value                                    
----------------|----------------------------------------------------------------------------|--------------------------------------------------
- dataDirectory | Data directory that is used to store the local caches and NVD CVE database | `<folder-of-dependency-check-ant.jar>/data/11.0` 
- failOnError   | Whether the build should fail if there is an error executing the purge     | true                                             
+| Property      | Description                                                                | Default Value                                    |
+|---------------|----------------------------------------------------------------------------|--------------------------------------------------|
+| dataDirectory | Data directory that is used to store the local caches and NVD CVE database | `<folder-of-dependency-check-ant.jar>/data/11.0` |
+| failOnError   | Whether the build should fail if there is an error executing the purge     | true                                             |
 
diff --git a/ant/src/site/markdown/config-update.md b/ant/src/site/markdown/config-update.md
index 08a67f39761..9d86a179987 100644
--- a/ant/src/site/markdown/config-update.md
+++ b/ant/src/site/markdown/config-update.md
@@ -17,54 +17,54 @@ Configuration: dependency-check-update Task
 --------------------
 The following properties can be set on the dependency-check-update task.
 
- Property                | Description                                                                                    | Default Value                                    
--------------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------
- dataDirectory           | Data directory that is used to store the local caches and NVD CVE database                     | `<folder-of-dependency-check-ant.jar>/data/11.0` 
- failOnError             | Whether the build should fail if there is an error executing the update                        | true                                             
- proxyServer             | The Proxy Server; see the [proxy configuration](../data/proxy.html) page for more information. | &nbsp;                                           
- proxyPort               | The Proxy Port.                                                                                | &nbsp;                                           
- proxyUsername           | Defines the proxy user name.                                                                   | &nbsp;                                           
- proxyPassword           | Defines the proxy password.                                                                    | &nbsp;                                           
- nonProxyHosts           | Defines the hosts that will not be proxied.                                                    | &nbsp;                                           
- connectionTimeout       | The URL Connection Timeout (in milliseconds).                                                  | 10000                                            
- readtimeout             | The URL Read Timeout (in milliseconds).                                                        | 60000                                            
- retireJsAnalyzerEnabled | Sets whether the RetireJS Analyzer update and analyzer are enabled.                            | true                                             
+| Property                | Description                                                                                    | Default Value                                    |
+|-------------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------|
+| dataDirectory           | Data directory that is used to store the local caches and NVD CVE database                     | `<folder-of-dependency-check-ant.jar>/data/11.0` |
+| failOnError             | Whether the build should fail if there is an error executing the update                        | true                                             |
+| proxyServer             | The Proxy Server; see the [proxy configuration](../data/proxy.html) page for more information. | &nbsp;                                           |
+| proxyPort               | The Proxy Port.                                                                                | &nbsp;                                           |
+| proxyUsername           | Defines the proxy user name.                                                                   | &nbsp;                                           |
+| proxyPassword           | Defines the proxy password.                                                                    | &nbsp;                                           |
+| nonProxyHosts           | Defines the hosts that will not be proxied.                                                    | &nbsp;                                           |
+| connectionTimeout       | The URL Connection Timeout (in milliseconds).                                                  | 10000                                            |
+| readtimeout             | The URL Read Timeout (in milliseconds).                                                        | 60000                                            |
+| retireJsAnalyzerEnabled | Sets whether the RetireJS Analyzer update and analyzer are enabled.                            | true                                             |
 
 Advanced Configuration
 ====================
 The following properties can be configured in the plugin. However, they are less frequently changed.
 
- Property                        | Description                                                                                                                                                                                                                        | Default Value                                                                          
----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------
- nvdApiKey                       | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                | &nbsp;                                                                                 
- nvdApiEndpoint                  | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                | https://services.nvd.nist.gov/rest/json/cves/2.0                                       
- nvdMaxRetryCount                | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                             | 10                                                                                     
- nvdApiDelay                     | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                   | 3500 with an NVD API Key or 8000 without an API Key                                    
- nvdApiResultsPerPage            | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                | 2000                                                                                   
- nvdDatafeedUrl                  | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz` | &nbsp;                                                                                 
- nvdUser                         | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                               | &nbsp;                                                                                 
- nvdPassword                     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                               | &nbsp;                                                                                 
- nvdValidForHours                | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                  | 4                                                                                      
- databaseDriverName              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                       | &nbsp;                                                                                 
- databaseDriverPath              | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                             | &nbsp;                                                                                 
- connectionString                | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                                                       | &nbsp;                                                                                 
- databaseUser                    | The username used when connecting to the database.                                                                                                                                                                                 | &nbsp;                                                                                 
- databasePassword                | The password used when connecting to the database.                                                                                                                                                                                 | &nbsp;                                                                                 
- hostedSuppressionsEnabled       | Whether the hosted suppression file will be used.                                                                                                                                                                                  | true                                                                                   
- hostedSuppressionsUrl           | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                   | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml    
- hostedSuppressionsUser          | The user for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                            | &nbsp;                                                                                 
- hostedSuppressionsPassword      | The password/token for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                  | &nbsp;                                                                                 
- hostedSuppressionsBearerToken   | The bearer token for a Bearer-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                   | &nbsp;                                                                                 
- hostedSuppressionsValidForHours | Sets the number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                   | 2                                                                                      
- hostedSuppressionsForceUpdate   | Sets whether the hosted suppressions file should update regardless of the `autoupdate` and validForHours settings                                                                                                                  | false                                                                                  
- retireJsForceUpdate             | Sets whether the RetireJS repository should update regardless of the `autoupdate` setting.                                                                                                                                         | false                                                                                  
- retireJsUrl                     | The URL to a mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                                        | https://raw.githubusercontent.com/Retirejs/retire.js/main/repository/jsrepository.json 
- retireJsUrlUser                 | The user for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                 | &nbsp;                                                                                 
- retireJsUrlPassword             | The password/token for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                       | &nbsp;                                                                                 
- retireJsUrlBearerToken          | The bearer token for a Bearer-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                        | &nbsp;                                                                                 
- knownExploitedEnabled           | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                    | true                                                                                   
- knownExploitedUrl               | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                               | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json    
- knownExploitedUser              | The user for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                                 | &nbsp;                                                                                 
- knownExploitedPassword          | The password/token for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                      | &nbsp;                                                                                 
- knownExploitedBearerToken       | The bearer token for a Bearer-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                      | &nbsp;                                                                                 
- knownExploitedValidForHours     | Sets the number of hours to wait before checking for new updates of the CISA Known Exploited Vulnerabilities JSON data feed                                                                                                        | 24                                                                                     
+| Property                        | Description                                                                                                                                                                                                                          | Default Value                                                                             |
+|---------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| nvdApiKey                       | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                  | &nbsp;                                                                                    |
+| nvdApiEndpoint                  | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                  | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvdMaxRetryCount                | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                               | 10                                                                                        |
+| nvdApiDelay                     | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                     | 3500 with an NVD API Key or 8000 without an API Key                                       |
+| nvdApiResultsPerPage            | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                  | 2000                                                                                      |
+| nvdDatafeedUrl                  | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz` | &nbsp;                                                                                    |
+| nvdUser                         | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                 | &nbsp;                                                                                    |
+| nvdPassword                     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                 | &nbsp;                                                                                    |
+| nvdValidForHours                | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                    | 4                                                                                         |
+| databaseDriverName              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                         | &nbsp;                                                                                    |
+| databaseDriverPath              | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                               | &nbsp;                                                                                    |
+| connectionString                | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                                                         | &nbsp;                                                                                    |
+| databaseUser                    | The username used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| databasePassword                | The password used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressionsEnabled       | Whether the hosted suppression file will be used.                                                                                                                                                                                    | true                                                                                      |
+| hostedSuppressionsUrl           | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                     | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressionsUser          | The user for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                              | &nbsp;                                                                                    |
+| hostedSuppressionsPassword      | The password/token for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                    | &nbsp;                                                                                    |
+| hostedSuppressionsBearerToken   | The bearer token for a Bearer-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                     | &nbsp;                                                                                    |
+| hostedSuppressionsValidForHours | Sets the number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                     | 2                                                                                         |
+| hostedSuppressionsForceUpdate   | Sets whether the hosted suppressions file should update regardless of the `autoupdate` and validForHours settings                                                                                                                    | false                                                                                     |
+| retireJsForceUpdate             | Sets whether the RetireJS repository should update regardless of the `autoupdate` setting.                                                                                                                                           | false                                                                                     |
+| retireJsUrl                     | The URL to a mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                                          | https://raw.githubusercontent.com/Retirejs/retire.js/main/repository/jsrepository.json    |
+| retireJsUrlUser                 | The user for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                   | &nbsp;                                                                                    |
+| retireJsUrlPassword             | The password/token for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                         | &nbsp;                                                                                    |
+| retireJsUrlBearerToken          | The bearer token for a Bearer-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                          | &nbsp;                                                                                    |
+| knownExploitedEnabled           | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                      | true                                                                                      |
+| knownExploitedUrl               | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                 | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json       |
+| knownExploitedUser              | The user for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                                   | &nbsp;                                                                                    |
+| knownExploitedPassword          | The password/token for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                         | &nbsp;                                                                                    |
+| knownExploitedBearerToken       | The bearer token for a Bearer-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                          | &nbsp;                                                                                    |
+| knownExploitedValidForHours     | Sets the number of hours to wait before checking for new updates of the CISA Known Exploited Vulnerabilities JSON data feed                                                                                                          | 24                                                                                        |
diff --git a/ant/src/site/markdown/configuration.md b/ant/src/site/markdown/configuration.md
index 7907177320c..2eeb1a5b566 100644
--- a/ant/src/site/markdown/configuration.md
+++ b/ant/src/site/markdown/configuration.md
@@ -34,37 +34,37 @@ Configuration: dependency-check Task
 --------------------
 The following properties can be set on the dependency-check task.
 
- Property                         | Description                                                                                                                                                                                                                                                                                                                     | Default Value                                    
-----------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------
- autoUpdate                       | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                              | true                                             
- failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                | 11                                               
- junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                | 0                                                
- prettyPrint                      | Whether the XML and JSON formatted reports should be pretty printed.                                                                                                                                                                                                                                                            | false                                            
- projectName                      | The name of the project being scanned.                                                                                                                                                                                                                                                                                          | Dependency-Check                                 
- reportFormat                     | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                   | HTML                                             
- reportOutputDirectory            | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build                                                                                                                                                                                                              | 'target'                                         
- hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                 | &nbsp;                                           
- dataDirectory                    | Data directory that is used to store the local caches and NVD CVE database                                                                                                                                                                                                                                                      | `<folder-of-dependency-check-ant.jar>/data/11.0` 
- failOnError                      | Whether the build should fail if there is an error executing the dependency-check analysis                                                                                                                                                                                                                                      | true                                             
- proxyServer                      | The Proxy Server; see the [proxy configuration](../data/proxy.html) page for more information.                                                                                                                                                                                                                                  | &nbsp;                                           
- proxyPort                        | The Proxy Port.                                                                                                                                                                                                                                                                                                                 | &nbsp;                                           
- proxyUsername                    | Defines the proxy user name.                                                                                                                                                                                                                                                                                                    | &nbsp;                                           
- proxyPassword                    | Defines the proxy password.                                                                                                                                                                                                                                                                                                     | &nbsp;                                           
- nonProxyHosts                    | Defines the hosts that will not be proxied.                                                                                                                                                                                                                                                                                     | &nbsp;                                           
- connectionTimeout                | The URL Connection Timeout (in milliseconds).                                                                                                                                                                                                                                                                                   | 10000                                            
- readtimeout                      | The URL Read Timeout (in milliseconds).                                                                                                                                                                                                                                                                                         | 60000                                            
- enableExperimental               | Enable the [experimental analyzers](../analyzers/index.html). If not enabled the experimental analyzers (see below) will not be loaded or used.                                                                                                                                                                                 | false                                            
- enableRetired                    | Enable the [retired analyzers](../analyzers/index.html). If not enabled the retired analyzers (see below) will not be loaded or used.                                                                                                                                                                                           | false                                            
- suppressionFile                  | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The parameter value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;                                           
- failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail.                                                                                                                                                                                                                                                    | false                                            
- junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                | 0                                                
+| Property                         | Description                                                                                                                                                                                                                                                                                                                           | Default Value                                    |
+|----------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
+| autoUpdate                       | Sets whether auto-updating of the NVD CVE/CPE data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                                    | true                                             |
+| failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                      | 11                                               |
+| junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                      | 0                                                |
+| prettyPrint                      | Whether the XML and JSON formatted reports should be pretty printed.                                                                                                                                                                                                                                                                  | false                                            |
+| projectName                      | The name of the project being scanned.                                                                                                                                                                                                                                                                                                | Dependency-Check                                 |
+| reportFormat                     | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                         | HTML                                             |
+| reportOutputDirectory            | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build                                                                                                                                                                                                                    | 'target'                                         |
+| hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                       | &nbsp;                                           |
+| dataDirectory                    | Data directory that is used to store the local caches and NVD CVE database                                                                                                                                                                                                                                                            | `<folder-of-dependency-check-ant.jar>/data/11.0` |
+| failOnError                      | Whether the build should fail if there is an error executing the dependency-check analysis                                                                                                                                                                                                                                            | true                                             |
+| proxyServer                      | The Proxy Server; see the [proxy configuration](../data/proxy.html) page for more information.                                                                                                                                                                                                                                        | &nbsp;                                           |
+| proxyPort                        | The Proxy Port.                                                                                                                                                                                                                                                                                                                       | &nbsp;                                           |
+| proxyUsername                    | Defines the proxy user name.                                                                                                                                                                                                                                                                                                          | &nbsp;                                           |
+| proxyPassword                    | Defines the proxy password.                                                                                                                                                                                                                                                                                                           | &nbsp;                                           |
+| nonProxyHosts                    | Defines the hosts that will not be proxied.                                                                                                                                                                                                                                                                                           | &nbsp;                                           |
+| connectionTimeout                | The URL Connection Timeout (in milliseconds).                                                                                                                                                                                                                                                                                         | 10000                                            |
+| readtimeout                      | The URL Read Timeout (in milliseconds).                                                                                                                                                                                                                                                                                               | 60000                                            |
+| enableExperimental               | Enable the [experimental analyzers](../analyzers/index.html). If not enabled the experimental analyzers (see below) will not be loaded or used.                                                                                                                                                                                       | false                                            |
+| enableRetired                    | Enable the [retired analyzers](../analyzers/index.html). If not enabled the retired analyzers (see below) will not be loaded or used.                                                                                                                                                                                                 | false                                            |
+| suppressionFile                  | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The parameter value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;                                           |
+| failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail.                                                                                                                                                                                                                                                          | false                                            |
+| junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                      | 0                                                |
 
 The following nested elements can be set on the dependency-check task.
 
- Element         | Property | Description                                                                                                                                                                                                                                                                                                                                                              | Default Value 
------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------
- suppressionFile | path     | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). Element can be specified multiple times. The parameter value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;        | &nbsp;
- reportFormat    | format   | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). Element can be specified multiple times.                                                                                                                                                                                                                                   | &nbsp;        
+| Element         | Property | Description                                                                                                                                                                                                                                                                                                                                                                    | Default Value |
+|-----------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------|
+| suppressionFile | path     | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). Element can be specified multiple times. The parameter value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;        | &nbsp;
+| reportFormat    | format   | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). Element can be specified multiple times.                                                                                                                                                                                                                                         | &nbsp;        |
 
 Analyzer Configuration
 ====================
@@ -74,115 +74,115 @@ Note, that specific analyzers will automatically disable themselves if no file
 types that they support are detected - so specifically disabling them may not
 be needed.
 
- Property                               | Description                                                                                                                                                                                                                                                                                                                                    | Default Value                                                                       
-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------
- archiveAnalyzerEnabled                 | Sets whether the Archive Analyzer will be used.                                                                                                                                                                                                                                                                                                | true                                                                                
- zipExtensions                          | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                                                                                               | &nbsp;                                                                              
- jarAnalyzer                            | Sets whether the Jar Analyzer will be used.                                                                                                                                                                                                                                                                                                    | true                                                                                
- centralAnalyzerEnabled                 | Sets whether the Central Analyzer will be used. **Disabling this analyzer for Ant builds is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled there is a good chance you also want to disable the Nexus Analyzer (see below). | true                                                                                
- centralAnalyzerUseCache                | Sets whether the Central Analyer will cache results. Cached results expire after 30 days.                                                                                                                                                                                                                                                      | true                                                                                
- dartAnalyzerEnabled                    | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                                                                                                                                                                                                                                                           | true                                                                                
- knownExploitedEnabled                  | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                                                                                                                                | true                                                                                
- knownExploitedUrl                      | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                                                                           | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json 
- ossIndexAnalyzerEnabled                | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection.                                                                                                                                                                                                    | true                                                                                
- ossindexAnalyzerUseCache               | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                                                                                  | true                                                                                
- ossindexAnalyzerUsername               | Sets the username for OSS Index - note an account with OSS Index is not required.                                                                                                                                                                                                                                                              | &nbsp;                                                                              
- ossindexAnalyzerPassword               | Sets the password for OSS Index.                                                                                                                                                                                                                                                                                                               | &nbsp;                                                                              
- ossIndexAnalyzerWarnOnlyOnRemoteErrors | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely.                                                                                                                                                                                                                                              | &nbsp;                                                                              
- nexusAnalyzerEnabled                   | Sets whether Nexus Analyzer will be used (requires Nexus Pro). This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation.                                                                                                                                                   | true                                                                                
- nexusUrl                               | Defines the Nexus web service endpoint (example http://domain.enterprise/nexus/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                                                                                                | &nbsp;                                                                              
- nexusUser                              | The username to authenticate to the Nexus Server's web service end point. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                                | &nbsp;                                                                              
- nexusPassword                          | The password to authenticate to the Nexus Server's web service end point. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                                | &nbsp;                                                                              
- nexusUsesProxy                         | Whether the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                                                                                             | true                                                                                
- artifactoryAnalyzerEnabled             | Sets whether Artifactory analyzer will be used                                                                                                                                                                                                                                                                                                 | false                                                                               
- artifactoryAnalyzerUrl                 | The Artifactory server URL.                                                                                                                                                                                                                                                                                                                    |  &nbsp;                                                                             
- artifactoryAnalyzerUseProxy            | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                                                                                                                                                                 | false                                                                               
- artifactoryAnalyzerParallelAnalysis    | Whether the Artifactory analyzer should be run in parallel or not                                                                                                                                                                                                                                                                              |  true                                                                               
- artifactoryAnalyzerUsername            | The user name (only used with API token) to connect to Artifactory instance                                                                                                                                                                                                                                                                    | &nbsp;                                                                              
- artifactoryAnalyzerApiToken            | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken                                                                                                                                           | &nbsp;                                                                              
- artifactoryAnalyzerBearerToken         | The bearer token to connect to Artifactory instance                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              
- pyDistributionAnalyzerEnabled          | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                  | true                                                                                
- pyPackageAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                       | true                                                                                
- rubygemsAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                         | true                                                                                
- opensslAnalyzerEnabled                 | Sets whether the openssl Analyzer should be used.                                                                                                                                                                                                                                                                                              | true                                                                                
- cmakeAnalyzerEnabled                   | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                              | true                                                                                
- autoconfAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                           | true                                                                                
- pipAnalyzerEnabled                     | Sets whether the [experimental](../analyzers/index.html) pip Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                                | true                                                                                
- pipfileAnalyzerEnabled                 | Sets whether the [experimental](../analyzers/index.html) Pipfile Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                            | true                                                                                
- poetryAnalyzerEnabled                  | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                             | true                                                                                
- composerAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                             | true                                                                                
- composerAnalyzerSkipDev                | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev"                                                                                                                                                                                                                            | false                                                                               
- cpanfileAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                     | true                                                                                
- nodeAnalyzerEnabled                    | Sets whether the [retired](../analyzers/index.html) Node.js Analyzer should be used.                                                                                                                                                                                                                                                           | true                                                                                
- nodeAuditAnalyzerEnabled               | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                                                                                                                                                                                                            | true                                                                                
- nodeAuditAnalyzerUseCache              | Sets whether the Node Audit Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                                                                                 | true                                                                                
- nodeAuditSkipDevDependencies           | Sets whether the Node Audit Analyzer will skip devDependencies.                                                                                                                                                                                                                                                                                | false                                                                               
- nodePackageSkipDevDependencies         | Sets whether the Node Package Analyzer will skip devDependencies.                                                                                                                                                                                                                                                                              | false                                                                               
- yarnAuditAnalyzerEnabled               | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection. Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                                                      | true                                                                                
- pnpmAuditAnalyzerEnabled               | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection. Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                                                      | true                                                                                
- pathToYarn                             | The path to `yarn`.                                                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              
- pathToPnpm                             | The path to `pnpm`.                                                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              
- retireJsAnalyzerEnabled                | Sets whether the RetireJS Analyzer update and analyzer are enabled.                                                                                                                                                                                                                                                                            | true                                                                                
- retirejsFilterNonVulnerable            | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                                                                                                                                                                                                                                                     | false                                                                               
- retirejsFilter                         | A nested configuration that can be specified multple times; The regex defined is used to filter JS files based on content.                                                                                                                                                                                                                     | &nbsp;                                                                              
- nuspecAnalyzerEnabled                  | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                                                                                      | true                                                                                
- nugetconfAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                           | true                                                                                
- libmanAnalyzerEnabled                  | Sets whether the Libman Analyzer will be used.                                                                                                                                                                                                                                                                                                 | true                                                                                
- cocoapodsAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                          | true                                                                                
- carthageAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                           | true                                                                                
- mixAuditAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Mix Audit Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                          | true                                                                                
- mixAuditPath                           | Sets the path to the mix_audit executable; only used if mix audit analyzer is enabled and experimental analyzers are enabled.                                                                                                                                                                                                                  | &nbsp;                                                                              
- bundleAuditAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Bundle Audit Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                       | true                                                                                
- bundleAuditPath                        | Sets the path to the bundle audit executable; only used if bundle audit analyzer is enabled and experimental analyzers are enabled.                                                                                                                                                                                                            | &nbsp;                                                                              
- swiftPackageManagerAnalyzerEnabled     | Sets whether the [experimental](../analyzers/index.html) Swift Package Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                      | true                                                                                
- swiftPackageResolvedAnalyzerEnabled    | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                      | true                                                                                
- assemblyAnalyzerEnabled                | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                                                                                        | true                                                                                
- msbuildAnalyzerEnabled                 | Sets whether the MSBuild Analyzer should be used.                                                                                                                                                                                                                                                                                              | true                                                                                
- pathToCore                             | The path to dotnet core .NET assembly analysis on non-windows systems.                                                                                                                                                                                                                                                                         | &nbsp;                                                                              
- golangDepEnabled                       | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                  | true                                                                                
- golangModEnabled                       | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `enableExperimental` must be set to true.                                                                                                                                                                       | true                                                                                
- pathToGo                               | The path to `go`.                                                                                                                                                                                                                                                                                                                              | &nbsp;                                                                              
- versionCheckEnabled                    | Whether dependency-check should check if a new version of dependency-check-maven exists.                                                                                                                                                                                                                                                       | true                                                                                
+| Property                               | Description                                                                                                                                                                                                                                                                                                                                    | Default Value                                                                       |
+|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------|
+| archiveAnalyzerEnabled                 | Sets whether the Archive Analyzer will be used.                                                                                                                                                                                                                                                                                                | true                                                                                |
+| zipExtensions                          | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                                                                                               | &nbsp;                                                                              |
+| jarAnalyzer                            | Sets whether the Jar Analyzer will be used.                                                                                                                                                                                                                                                                                                    | true                                                                                |
+| centralAnalyzerEnabled                 | Sets whether the Central Analyzer will be used. **Disabling this analyzer for Ant builds is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled there is a good chance you also want to disable the Nexus Analyzer (see below). | true                                                                                |
+| centralAnalyzerUseCache                | Sets whether the Central Analyer will cache results. Cached results expire after 30 days.                                                                                                                                                                                                                                                      | true                                                                                |
+| dartAnalyzerEnabled                    | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                                                                                                                                                                                                                                                           | true                                                                                |
+| knownExploitedEnabled                  | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                                                                                                                                | true                                                                                |
+| knownExploitedUrl                      | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                                                                           | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json |
+| ossIndexAnalyzerEnabled                | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection.                                                                                                                                                                                                    | true                                                                                |
+| ossindexAnalyzerUseCache               | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                                                                                  | true                                                                                |
+| ossindexAnalyzerUsername               | Sets the username for OSS Index - note an account with OSS Index is not required.                                                                                                                                                                                                                                                              | &nbsp;                                                                              |
+| ossindexAnalyzerPassword               | Sets the password for OSS Index.                                                                                                                                                                                                                                                                                                               | &nbsp;                                                                              |
+| ossIndexAnalyzerWarnOnlyOnRemoteErrors | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely.                                                                                                                                                                                                                                              | &nbsp;                                                                              |
+| nexusAnalyzerEnabled                   | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing retrieval from Sonatype Nexus installations.                                                                                                                                                                       | true                                                                                |
+| nexusUrl                               | Defines the Nexus web service endpoint (example http://domain.enterprise/nexus/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                                                                                                | &nbsp;                                                                              |
+| nexusUser                              | The username to authenticate to the Nexus Server's web service end point. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                                | &nbsp;                                                                              |
+| nexusPassword                          | The password to authenticate to the Nexus Server's web service end point. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                                | &nbsp;                                                                              |
+| nexusUsesProxy                         | Whether the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                                                                                             | true                                                                                |
+| artifactoryAnalyzerEnabled             | Sets whether Artifactory analyzer will be used                                                                                                                                                                                                                                                                                                 | false                                                                               |
+| artifactoryAnalyzerUrl                 | The Artifactory server URL.                                                                                                                                                                                                                                                                                                                    | &nbsp;                                                                              |
+| artifactoryAnalyzerUseProxy            | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                                                                                                                                                                 | false                                                                               |
+| artifactoryAnalyzerParallelAnalysis    | Whether the Artifactory analyzer should be run in parallel or not                                                                                                                                                                                                                                                                              | true                                                                                |
+| artifactoryAnalyzerUsername            | The user name (only used with API token) to connect to Artifactory instance                                                                                                                                                                                                                                                                    | &nbsp;                                                                              |
+| artifactoryAnalyzerApiToken            | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken                                                                                                                                           | &nbsp;                                                                              |
+| artifactoryAnalyzerBearerToken         | The bearer token to connect to Artifactory instance                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              |
+| pyDistributionAnalyzerEnabled          | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                  | true                                                                                |
+| pyPackageAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                       | true                                                                                |
+| rubygemsAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                                         | true                                                                                |
+| opensslAnalyzerEnabled                 | Sets whether the openssl Analyzer should be used.                                                                                                                                                                                                                                                                                              | true                                                                                |
+| cmakeAnalyzerEnabled                   | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                              | true                                                                                |
+| autoconfAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                           | true                                                                                |
+| pipAnalyzerEnabled                     | Sets whether the [experimental](../analyzers/index.html) pip Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                                | true                                                                                |
+| pipfileAnalyzerEnabled                 | Sets whether the [experimental](../analyzers/index.html) Pipfile Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                            | true                                                                                |
+| poetryAnalyzerEnabled                  | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                             | true                                                                                |
+| composerAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                             | true                                                                                |
+| composerAnalyzerSkipDev                | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev"                                                                                                                                                                                                                            | false                                                                               |
+| cpanfileAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                     | true                                                                                |
+| nodeAnalyzerEnabled                    | Sets whether the [retired](../analyzers/index.html) Node.js Analyzer should be used.                                                                                                                                                                                                                                                           | true                                                                                |
+| nodeAuditAnalyzerEnabled               | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                                                                                                                                                                                                            | true                                                                                |
+| nodeAuditAnalyzerUseCache              | Sets whether the Node Audit Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                                                                                 | true                                                                                |
+| nodeAuditSkipDevDependencies           | Sets whether the Node Audit Analyzer will skip devDependencies.                                                                                                                                                                                                                                                                                | false                                                                               |
+| nodePackageSkipDevDependencies         | Sets whether the Node Package Analyzer will skip devDependencies.                                                                                                                                                                                                                                                                              | false                                                                               |
+| yarnAuditAnalyzerEnabled               | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection. Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                                                      | true                                                                                |
+| pnpmAuditAnalyzerEnabled               | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection. Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                                                      | true                                                                                |
+| pathToYarn                             | The path to `yarn`.                                                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              |
+| pathToPnpm                             | The path to `pnpm`.                                                                                                                                                                                                                                                                                                                            | &nbsp;                                                                              |
+| retireJsAnalyzerEnabled                | Sets whether the RetireJS Analyzer update and analyzer are enabled.                                                                                                                                                                                                                                                                            | true                                                                                |
+| retirejsFilterNonVulnerable            | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                                                                                                                                                                                                                                                     | false                                                                               |
+| retirejsFilter                         | A nested configuration that can be specified multple times; The regex defined is used to filter JS files based on content.                                                                                                                                                                                                                     | &nbsp;                                                                              |
+| nuspecAnalyzerEnabled                  | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                                                                                      | true                                                                                |
+| nugetconfAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                                                                           | true                                                                                |
+| libmanAnalyzerEnabled                  | Sets whether the Libman Analyzer will be used.                                                                                                                                                                                                                                                                                                 | true                                                                                |
+| cocoapodsAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                          | true                                                                                |
+| carthageAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                           | true                                                                                |
+| mixAuditAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) Mix Audit Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                          | true                                                                                |
+| mixAuditPath                           | Sets the path to the mix_audit executable; only used if mix audit analyzer is enabled and experimental analyzers are enabled.                                                                                                                                                                                                                  | &nbsp;                                                                              |
+| bundleAuditAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Bundle Audit Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                       | true                                                                                |
+| bundleAuditPath                        | Sets the path to the bundle audit executable; only used if bundle audit analyzer is enabled and experimental analyzers are enabled.                                                                                                                                                                                                            | &nbsp;                                                                              |
+| swiftPackageManagerAnalyzerEnabled     | Sets whether the [experimental](../analyzers/index.html) Swift Package Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                      | true                                                                                |
+| swiftPackageResolvedAnalyzerEnabled    | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                      | true                                                                                |
+| assemblyAnalyzerEnabled                | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                                                                                        | true                                                                                |
+| msbuildAnalyzerEnabled                 | Sets whether the MSBuild Analyzer should be used.                                                                                                                                                                                                                                                                                              | true                                                                                |
+| pathToCore                             | The path to dotnet core .NET assembly analysis on non-windows systems.                                                                                                                                                                                                                                                                         | &nbsp;                                                                              |
+| golangDepEnabled                       | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                                                                  | true                                                                                |
+| golangModEnabled                       | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `enableExperimental` must be set to true.                                                                                                                                                                       | true                                                                                |
+| pathToGo                               | The path to `go`.                                                                                                                                                                                                                                                                                                                              | &nbsp;                                                                              |
+| versionCheckEnabled                    | Whether dependency-check should check if a new version of dependency-check-maven exists.                                                                                                                                                                                                                                                       | true                                                                                |
 
 Advanced Configuration
 ====================
 The following properties can be configured in the plugin. However, they are less frequently changed.
 
- Property                        | Description                                                                                                                                                                                                                        | Default Value                                                                          
----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------
- nvdApiKey                       | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                | &nbsp;                                                                                 
- nvdApiEndpoint                  | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                | https://services.nvd.nist.gov/rest/json/cves/2.0                                       
- nvdMaxRetryCount                | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                             | 10                                                                                     
- nvdApiDelay                     | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                   | 3500 with an NVD API Key or 8000 without an API Key                                    
- nvdApiResultsPerPage            | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                | 2000                                                                                   
- nvdDatafeedUrl                  | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz` | &nbsp;                                                                                 
- nvdUser                         | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                               | &nbsp;                                                                                 
- nvdPassword                     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                               | &nbsp;                                                                                 
- nvdValidForHours                | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                  | 4                                                                                      
- databaseDriverName              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                       | &nbsp;                                                                                 
- databaseDriverPath              | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                             | &nbsp;                                                                                 
- connectionString                | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                                                       | &nbsp;                                                                                 
- databaseUser                    | The username used when connecting to the database.                                                                                                                                                                                 | &nbsp;                                                                                 
- databasePassword                | The password used when connecting to the database.                                                                                                                                                                                 | &nbsp;                                                                                 
- hostedSuppressionsEnabled       | Whether the hosted suppression file will be used.                                                                                                                                                                                  | true                                                                                   
- hostedSuppressionsUrl           | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                   | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml    
- hostedSuppressionsUser          | The user for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                            | &nbsp;                                                                                 
- hostedSuppressionsPassword      | The password/token for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                  | &nbsp;                                                                                 
- hostedSuppressionsBearerToken   | The bearer token for a Bearer-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                   | &nbsp;                                                                                 
- hostedSuppressionsValidForHours | Sets the number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                   | 2                                                                                      
- hostedSuppressionsForceUpdate   | Sets whether the hosted suppressions file should update regardless of the `autoupdate` and validForHours settings                                                                                                                  | false                                                                                  
- retireJsForceUpdate             | Sets whether the RetireJS repository should update regardless of the `autoupdate` setting.                                                                                                                                         | false                                                                                  
- retireJsUrl                     | The URL to a mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                                        | https://raw.githubusercontent.com/Retirejs/retire.js/main/repository/jsrepository.json 
- retireJsUrlUser                 | The user for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                 | &nbsp;                                                                                 
- retireJsUrlPassword             | The password/token for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                       | &nbsp;                                                                                 
- retireJsUrlBearerToken          | The bearer token for a Bearer-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                        | &nbsp;                                                                                 
- suppressionFileUser             | The user for Basic-auth-protected suppression files hosted on a webserver                                                                                                                                                          | &nbsp;                                                                                 
- suppressionFilePassword         | The password/token for Basic-auth-protected suppression files hosted on a webserver                                                                                                                                                | &nbsp;                                                                                 
- suppressionFileBearerToken      | The bearer token for Bearer-auth-protected suppression files hosted on a webserver                                                                                                                                                 | &nbsp;                                                                                 
- knownExploitedEnabled           | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                    | true                                                                                   
- knownExploitedUrl               | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                               | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json    
- knownExploitedUser              | The user for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                                 | &nbsp;                                                                                 
- knownExploitedPassword          | The password/token for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                       | &nbsp;                                                                                 
- knownExploitedBearerToken       | The bearer token for a Bearer-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                        | &nbsp;                                                                                 
- knownExploitedValidForHours     | Sets the number of hours to wait before checking for new updates of the CISA Known Exploited Vulnerabilities JSON data feed                                                                                                        | 24                                                                                     
+| Property                        | Description                                                                                                                                                                                                                          | Default Value                                                                             |
+|---------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| nvdApiKey                       | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                  | &nbsp;                                                                                    |
+| nvdApiEndpoint                  | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                  | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvdMaxRetryCount                | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                               | 10                                                                                        |
+| nvdApiDelay                     | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                     | 3500 with an NVD API Key or 8000 without an API Key                                       |
+| nvdApiResultsPerPage            | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                  | 2000                                                                                      |
+| nvdDatafeedUrl                  | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz` | &nbsp;                                                                                    |
+| nvdUser                         | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                 | &nbsp;                                                                                    |
+| nvdPassword                     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                 | &nbsp;                                                                                    |
+| nvdValidForHours                | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                    | 4                                                                                         |
+| databaseDriverName              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                         | &nbsp;                                                                                    |
+| databaseDriverPath              | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                               | &nbsp;                                                                                    |
+| connectionString                | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                                                         | &nbsp;                                                                                    |
+| databaseUser                    | The username used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| databasePassword                | The password used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressionsEnabled       | Whether the hosted suppression file will be used.                                                                                                                                                                                    | true                                                                                      |
+| hostedSuppressionsUrl           | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                     | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressionsUser          | The user for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                              | &nbsp;                                                                                    |
+| hostedSuppressionsPassword      | The password/token for a Basic-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                    | &nbsp;                                                                                    |
+| hostedSuppressionsBearerToken   | The bearer token for a Bearer-auth-protected mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                     | &nbsp;                                                                                    |
+| hostedSuppressionsValidForHours | Sets the number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                     | 2                                                                                         |
+| hostedSuppressionsForceUpdate   | Sets whether the hosted suppressions file should update regardless of the `autoupdate` and validForHours settings                                                                                                                    | false                                                                                     |
+| retireJsForceUpdate             | Sets whether the RetireJS repository should update regardless of the `autoupdate` setting.                                                                                                                                           | false                                                                                     |
+| retireJsUrl                     | The URL to a mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                                          | https://raw.githubusercontent.com/Retirejs/retire.js/main/repository/jsrepository.json    |
+| retireJsUrlUser                 | The user for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                                   | &nbsp;                                                                                    |
+| retireJsUrlPassword             | The password/token for a Basic-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                         | &nbsp;                                                                                    |
+| retireJsUrlBearerToken          | The bearer token for a Bearer-auth-protected mirrored copy of the RetireJS repository for internet-constrained environments                                                                                                          | &nbsp;                                                                                    |
+| suppressionFileUser             | The user for Basic-auth-protected suppression files hosted on a webserver                                                                                                                                                            | &nbsp;                                                                                    |
+| suppressionFilePassword         | The password/token for Basic-auth-protected suppression files hosted on a webserver                                                                                                                                                  | &nbsp;                                                                                    |
+| suppressionFileBearerToken      | The bearer token for Bearer-auth-protected suppression files hosted on a webserver                                                                                                                                                   | &nbsp;                                                                                    |
+| knownExploitedEnabled           | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                      | true                                                                                      |
+| knownExploitedUrl               | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                 | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json       |
+| knownExploitedUser              | The user for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                                   | &nbsp;                                                                                    |
+| knownExploitedPassword          | The password/token for a Basic-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                         | &nbsp;                                                                                    |
+| knownExploitedBearerToken       | The bearer token for a Bearer-auth-protected mirrored copy of the CISA Known Exploited Vulnerabilities JSON data feed for internet-constrained environments                                                                          | &nbsp;                                                                                    |
+| knownExploitedValidForHours     | Sets the number of hours to wait before checking for new updates of the CISA Known Exploited Vulnerabilities JSON data feed                                                                                                          | 24                                                                                        |
  
\ No newline at end of file
diff --git a/ant/src/site/markdown/index.md.vm b/ant/src/site/markdown/index.md.vm
index 5a7f9a44526..77f85c1bd90 100644
--- a/ant/src/site/markdown/index.md.vm
+++ b/ant/src/site/markdown/index.md.vm
@@ -35,7 +35,10 @@ Installation
 
 It is important to understand that the first time this task is executed it may
 take 10 minutes or more as it downloads and processes the data from the National
-Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov
+Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov.
 
 After the first batch download, as long as the task is executed at least once every
 seven days the update will only take a few seconds.
+
+The Dependency-Check team strongly recommends to [mirror the NVD database](../data/mirrornvd.html) for any operational
+integration. If not done, any service disruption of the NVD database will make the usage of Dependency-Check difficult.
diff --git a/ant/src/site/site.xml b/ant/src/site/site.xml
index b0ac38e0f38..797f326f273 100644
--- a/ant/src/site/site.xml
+++ b/ant/src/site/site.xml
@@ -31,5 +31,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <item name="Configuration" href="configuration.html"/>
         </menu>
         <menu ref="reports" />
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
\ No newline at end of file
diff --git a/ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskIT.java b/ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskIT.java
index a020d72092e..67b23f4819f 100644
--- a/ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskIT.java
+++ b/ant/src/test/java/org/owasp/dependencycheck/taskdefs/DependencyCheckTaskIT.java
@@ -17,29 +17,28 @@
  */
 package org.owasp.dependencycheck.taskdefs;
 
-import java.io.File;
-
 import org.apache.tools.ant.BuildException;
 import org.apache.tools.ant.BuildFileRule;
 import org.apache.tools.ant.types.LogLevel;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 
-import static org.junit.Assert.assertTrue;
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DependencyCheckTaskIT extends BaseDBTestCase {
+class DependencyCheckTaskIT extends BaseDBTestCase {
 
-    @Rule
-    public final BuildFileRule buildFileRule = new BuildFileRule();
+    private final BuildFileRule buildFileRule = new BuildFileRule();
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -47,17 +46,28 @@ public void setUp() throws Exception {
         buildFileRule.configureProject(buildFile, LogLevel.VERBOSE.getLevel());
     }
 
+    @AfterEach
+    @Override
+    public void tearDown() throws Exception {
+        if (buildFileRule.getProject() != null) {
+            if (this.buildFileRule.getProject().getTargets().containsKey("tearDown")) {
+                this.buildFileRule.getProject().executeTarget("tearDown");
+            }
+        }
+        super.tearDown();
+    }
+
     /**
      * Test of addFileSet method, of class DependencyCheckTask.
      */
     @Test
-    public void testAddFileSet() throws Exception {
+    void testAddFileSet() throws Exception {
         File report = new File("target/dependency-check-report.html");
         if (report.exists() && !report.delete()) {
             throw new Exception("Unable to delete 'target/dependency-check-report.html' prior to test.");
         }
         buildFileRule.executeTarget("test.fileset");
-        assertTrue("DependencyCheck report was not generated", report.exists());
+        assertTrue(report.exists(), "DependencyCheck report was not generated");
     }
 
     /**
@@ -66,7 +76,7 @@ public void testAddFileSet() throws Exception {
      * @throws Exception
      */
     @Test
-    public void testAddFileList() throws Exception {
+    void testAddFileList() throws Exception {
         File report = new File("target/dependency-check-report.xml");
         if (report.exists()) {
             if (!report.delete()) {
@@ -75,7 +85,7 @@ public void testAddFileList() throws Exception {
         }
         buildFileRule.executeTarget("test.filelist");
 
-        assertTrue("DependencyCheck report was not generated", report.exists());
+        assertTrue(report.exists(), "DependencyCheck report was not generated");
     }
 
     /**
@@ -84,7 +94,7 @@ public void testAddFileList() throws Exception {
      * @throws Exception
      */
     @Test
-    public void testAddDirSet() throws Exception {
+    void testAddDirSet() throws Exception {
         File report = new File("target/dependency-check-report.csv");
         if (report.exists()) {
             if (!report.delete()) {
@@ -92,11 +102,11 @@ public void testAddDirSet() throws Exception {
             }
         }
         buildFileRule.executeTarget("test.dirset");
-        assertTrue("DependencyCheck report was not generated", report.exists());
+        assertTrue(report.exists(), "DependencyCheck report was not generated");
     }
 
     @Test
-    public void testNestedReportFormat() throws Exception {
+    void testNestedReportFormat() throws Exception {
         File reportHTML = new File("target/dependency-check-report.html");
         File reportCSV = new File("target/dependency-check-report.csv");
         if (reportCSV.exists()) {
@@ -110,38 +120,37 @@ public void testNestedReportFormat() throws Exception {
             }
         }
         buildFileRule.executeTarget("test.formatNested");
-        assertTrue("DependencyCheck CSV report was not generated", reportCSV.exists());
-        assertTrue("DependencyCheck HTML report was not generated", reportHTML.exists());
+        assertTrue(reportCSV.exists(), "DependencyCheck CSV report was not generated");
+        assertTrue(reportHTML.exists(), "DependencyCheck HTML report was not generated");
     }
 
     @Test
-    public void testNestedBADReportFormat() throws Exception {
-        try {
-            buildFileRule.executeTarget("test.formatBADNested");
-            Assert.fail("Should have had a buildExceotion for a bad format attribute");
-        } catch (BuildException e) {
-            assertTrue("Message did not have BAD, unexpected exception: " + e.getMessage(), e.getMessage().contains("BAD is not a legal value for this attribute"));
-        }
+    void testNestedBADReportFormat() {
+        BuildException e = assertThrows(BuildException.class,
+                () -> buildFileRule.executeTarget("test.formatBADNested"),
+                "Should have had a buildException for a bad format attribute");
+        assertTrue(e.getMessage().contains("BAD is not a legal value for this attribute"),
+                "Message did not have BAD, unexpected exception: " + e.getMessage());
     }
 
     /**
      * Test of getFailBuildOnCVSS method, of class DependencyCheckTask.
      */
     @Test
-    public void testGetFailBuildOnCVSS() {
-        Exception exception = Assert.assertThrows(BuildException.class, () -> buildFileRule.executeTarget("failCVSS"));
+    void testGetFailBuildOnCVSS() {
+        Exception exception = assertThrows(BuildException.class, () -> buildFileRule.executeTarget("failCVSS"));
 
         String expectedMessage = String.format("One or more dependencies were identified with vulnerabilities that "
                 + "have a CVSS score greater than or equal to '%.1f':", 3.0f);
 
-        Assert.assertTrue(exception.getMessage().contains(expectedMessage));
+        assertTrue(exception.getMessage().contains(expectedMessage));
     }
 
     /**
      * Test the DependencyCheckTask where a CVE is suppressed.
      */
     @Test
-    public void testSuppressingCVE() {
+    void testSuppressingCVE() {
         // GIVEN an ant task with a vulnerability
         final String antTaskName = "suppression";
 
@@ -157,7 +166,7 @@ public void testSuppressingCVE() {
 
         // THEN the ant task executed without error
         final File report = new File("target/suppression-report.html");
-        assertTrue("Expected the DependencyCheck report to be generated", report.exists());
+        assertTrue(report.exists(), "Expected the DependencyCheck report to be generated");
     }
 
     /**
@@ -165,7 +174,7 @@ public void testSuppressingCVE() {
      * exception with a warning.
      */
     @Test
-    public void testSuppressingSingle() {
+    void testSuppressingSingle() {
         // GIVEN an ant task with a vulnerability using the legacy property
         final String antTaskName = "suppression-single";
         // WHEN executing the ant task
@@ -173,7 +182,7 @@ public void testSuppressingSingle() {
 
         // THEN the ant task executed without error
         final File report = new File("target/suppression-single-report.html");
-        assertTrue("Expected the DependencyCheck report to be generated", report.exists());
+        assertTrue(report.exists(), "Expected the DependencyCheck report to be generated");
     }
 
     /**
@@ -181,7 +190,7 @@ public void testSuppressingSingle() {
      * exception with a warning.
      */
     @Test
-    public void testSuppressingMultiple() {
+    void testSuppressingMultiple() {
         // GIVEN an ant task with a vulnerability using multiple was to configure the suppression file
         final String antTaskName = "suppression-multiple";
         // WHEN executing the ant task
@@ -189,14 +198,14 @@ public void testSuppressingMultiple() {
 
         // THEN the ant task executed without error
         final File report = new File("target/suppression-multiple-report.html");
-        assertTrue("Expected the DependencyCheck report to be generated", report.exists());
+        assertTrue(report.exists(), "Expected the DependencyCheck report to be generated");
     }
 
     /**
      * Test the DependencyCheckTask retireJS configuration.
      */
     @Test
-    public void testRetireJsConfiguration() {
+    void testRetireJsConfiguration() {
         // GIVEN an ant task with a vulnerability using multiple was to configure the suppression file
         final String antTaskName = "retireJS";
 
@@ -205,6 +214,6 @@ public void testRetireJsConfiguration() {
 
         // THEN the ant task executed without error
         final File report = new File("target/retirejs-report.html");
-        assertTrue("Expected the DependencyCheck report to be generated", report.exists());
+        assertTrue(report.exists(), "Expected the DependencyCheck report to be generated");
     }
 }
diff --git a/archetype/pom.xml b/archetype/pom.xml
index ceffb22eb4c..6b9a55ed673 100644
--- a/archetype/pom.xml
+++ b/archetype/pom.xml
@@ -20,20 +20,20 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
     </parent>
     <artifactId>dependency-check-plugin</artifactId>
     <name>Dependency-Check Plugin Archetype</name>
     <packaging>jar</packaging>
     <properties>
         <!--reproducible build-->
-        <project.build.outputTimestamp>2025-04-05T11:23:00Z</project.build.outputTimestamp>
+        <project.build.outputTimestamp>2025-10-13T14:23:32Z</project.build.outputTimestamp>
     </properties>
     <scm>
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/main/archetype</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-      <tag>v12.1.1</tag>
+      <tag>v12.1.8</tag>
   </scm>
     <build>
         <plugins>
diff --git a/archetype/src/main/resources/archetype-resources/pom.xml b/archetype/src/main/resources/archetype-resources/pom.xml
index 805d8f39ae0..44343deafab 100644
--- a/archetype/src/main/resources/archetype-resources/pom.xml
+++ b/archetype/src/main/resources/archetype-resources/pom.xml
@@ -4,10 +4,10 @@
     <groupId>\${groupId}</groupId>
     <artifactId>\${artifactId}</artifactId>
     <version>\${version}</version>
-    
+
     <name>\${artifactId}</name>
     <packaging>jar</packaging>
-    
+
     <licenses>
         <license>
             <name>The Apache Software License, Version 2.0</name>
@@ -37,10 +37,22 @@
             <version>${slf4j.version}</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <version>5.12.2</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-engine</artifactId>
-            <version>5.8.2</version>
+            <version>5.12.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-params</artifactId>
+            <version>5.12.2</version>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/archetype/src/main/resources/archetype-resources/src/test/java/__analyzerName__Test.java b/archetype/src/main/resources/archetype-resources/src/test/java/__analyzerName__Test.java
index 89942160280..69ecf2c8b16 100644
--- a/archetype/src/main/resources/archetype-resources/src/test/java/__analyzerName__Test.java
+++ b/archetype/src/main/resources/archetype-resources/src/test/java/__analyzerName__Test.java
@@ -13,43 +13,45 @@
  */
 package ${package};
 
-import java.io.File;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeAll;
-import org.junit.jupiter.api.AfterAll;
-import static org.junit.jupiter.api.Assertions.*;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.AnalysisPhase;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.*;
+
 /**
  * Test cases for ${analyzerName}
  */
-public class ${analyzerName}Test {
-    
+class ${analyzerName}Test {
+
     Settings settings = null;
-	
-    public ${analyzerName}Test() {
+
+    ${analyzerName}Test() {
     }
-    
+
     @BeforeAll
-    public static void setUpClass() {
+    static void setUpClass() {
     }
-    
+
     @AfterAll
-    public static void tearDownClass() {
+    static void tearDownClass() {
     }
-    
+
     @BeforeEach
-    public void setUp() {
+    void setUp() {
         settings = new Settings();
     }
 
     @AfterEach
-    public void tearDown() {
+    void tearDown() {
         settings.cleanup();
     }
 
@@ -57,7 +59,7 @@ public void tearDown() {
      * Test of accept method, of class ${analyzerName}.
      */
     @Test
-    public void testAccept() {
+    void testAccept() {
         File pathname = new File("test.file");
         ${analyzerName} instance = new ${analyzerName}();
         boolean expResult = true;
@@ -69,13 +71,13 @@ public void testAccept() {
      * Test of analyze method, of class ${analyzerName}.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         //The engine is generally null for most analyzer test cases but can be instantiated if needed.
         Engine engine = null;
         ${analyzerName} instance = new ${analyzerName}();
         instance.initialize(settings);
         instance.prepare(engine);
-		
+
         File file = new File(${analyzerName}.class.getClassLoader().getResource("test.file").toURI().getPath());
         Dependency dependency = new Dependency(file);
 
@@ -87,7 +89,7 @@ public void testAnalyze() throws Exception {
      * Test of getName method, of class ${analyzerName}.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         ${analyzerName} instance = new ${analyzerName}();
         String expResult = "${analyzerName}";
         String result = instance.getName();
@@ -98,7 +100,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class ${analyzerName}.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         ${analyzerName} instance = new ${analyzerName}();
         AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -109,7 +111,7 @@ public void testGetAnalysisPhase() {
      * Test of initialize method, of class ${analyzerName}.
      */
     @Test
-    public void testInitialize() throws Exception {
+    void testInitialize() throws Exception {
         ${analyzerName} instance = new ${analyzerName}();
         instance.initialize(settings);
     }
@@ -118,7 +120,7 @@ public void testInitialize() throws Exception {
      * Test of close method, of class ${analyzerName}.
      */
     @Test
-    public void testClose() throws Exception {
+    void testClose() throws Exception {
         ${analyzerName} instance = new ${analyzerName}();
         instance.close();
     }
@@ -127,7 +129,7 @@ public void testClose() throws Exception {
      * Test of supportsParallelProcessing method, of class ${analyzerName}.
      */
     @Test
-    public void testSupportsParallelProcessing() {
+    void testSupportsParallelProcessing() {
         ${analyzerName} instance = new ${analyzerName}();
         boolean expResult = true;
         boolean result = instance.supportsParallelProcessing();
@@ -138,7 +140,7 @@ public void testSupportsParallelProcessing() {
      * Test of isEnabled method, of class ${analyzerName}.
      */
     @Test
-    public void testIsEnabled() {
+    void testIsEnabled() {
         ${analyzerName} instance = new ${analyzerName}();
         boolean expResult = true;
         boolean result = instance.isEnabled();
diff --git a/archetype/src/site/site.xml b/archetype/src/site/site.xml
index 3311724ad80..17e1defd4b7 100644
--- a/archetype/src/site/site.xml
+++ b/archetype/src/site/site.xml
@@ -30,5 +30,6 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved.
             <item name="Usage" href="index.html"/>
         </menu>
         <menu ref="reports"/>
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
\ No newline at end of file
diff --git a/build-docker.sh b/build-docker.sh
index 355a6ab0da4..297ecc4cbd7 100755
--- a/build-docker.sh
+++ b/build-docker.sh
@@ -1,18 +1,27 @@
-#!/bin/bash -e
+#!/bin/bash
+set -euo pipefail
 
 VERSION=$(mvn -q \
     -Dexec.executable="echo" \
     -Dexec.args='${project.version}' \
     --non-recursive \
-    org.codehaus.mojo:exec-maven-plugin:1.3.1:exec)
+    org.codehaus.mojo:exec-maven-plugin:3.5.1:exec)
 
 FILE=./cli/target/dependency-check-$VERSION-release.zip
-if [ -f "$FILE" ]; then
-    docker build . --build-arg VERSION=$VERSION -t owasp/dependency-check:$VERSION
-    if [[ ! $VERSION = *"SNAPSHOT"* ]]; then
-        docker tag owasp/dependency-check:$VERSION owasp/dependency-check:latest
-    fi
-else 
+if [ ! -f "$FILE" ]; then
     echo "$FILE does not exist - run 'mvn package' first"
     exit 1
 fi
+
+if ! docker info -f '{{ .DriverStatus }}' | grep "driver-type io.containerd.snapshotter" >/dev/null; then
+    echo "Docker Engine is not running with the containerd snapshotter - this is currently needed to build and test ODC multi-platform images using docker buildx."
+    echo "If using Docker Desktop, enable \"Use containerd for pulling and storing images\" per https://docs.docker.com/desktop/settings-and-maintenance/settings/#general"
+    echo "For more technical information on Docker Engine, see https://docs.docker.com/engine/storage/containerd/"
+    exit 1
+fi
+
+extra_tag_args="$([[ ! $VERSION = *"SNAPSHOT"* ]] && echo "--tag owasp/dependency-check:latest" || echo "")"
+
+docker buildx build --pull --load --platform linux/amd64,linux/arm64 . \
+    --build-arg VERSION=$VERSION \
+    --tag owasp/dependency-check:$VERSION ${extra_tag_args}
diff --git a/cli/README.md b/cli/README.md
index 4d45aa217b9..7ab25b589d9 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -16,3 +16,5 @@ Dependency-Check is Copyright (c) 2012-2014 Jeremy Long. All Rights Reserved.
 Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE.txt](https://github.com/dependency-check/DependencyCheck/blob/main/cli/LICENSE.txt) file for the full license.
 
 Dependency-Check Command Line makes use of other open source libraries. Please see the [NOTICE.txt](https://github.com/dependency-check/DependencyCheck/blob/main/cli/NOTICE.txt) file for more information.
+
+<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=c78174f3-f898-4a5d-b3ab-1202b7db8ef6" />
\ No newline at end of file
diff --git a/cli/pom.xml b/cli/pom.xml
index 1d8e808ceab..d0eabc1cd3a 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
     </parent>
 
     <artifactId>dependency-check-cli</artifactId>
@@ -32,7 +32,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/main/cli</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <build>
         <finalName>dependency-check-${project.version}</finalName>
@@ -92,16 +92,43 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
                     <configurationDirectory>plugins/*</configurationDirectory>
                     <includeConfigurationDirectoryInClasspath>true</includeConfigurationDirectoryInClasspath>
                     <unixScriptTemplate>${project.basedir}/src/main/conf/unixBinTemplate</unixScriptTemplate>
+                    <!--
+                       enable-native-access=ALL-UNNAMED
+                            Java 21+: Needed by Lucene indexes unless we do -Dorg.apache.lucene.store.MMapDirectory.enableMemorySegments=false
+                                      to go back to regular ByteBuffer (non-native) usage.
+                       -XX:+IgnoreUnrecognizedVMOptions
+                            Java <21: Allow use of enable-native-access on Java 11 JVMs without errors -->
+                    <extraJvmArguments>--enable-native-access=ALL-UNNAMED -XX:+IgnoreUnrecognizedVMOptions</extraJvmArguments>
                 </configuration>
                 <executions>
                     <execution>
                         <id>assemble</id>
+                        <phase>package</phase>
                         <goals>
                             <goal>assemble</goal>
                         </goals>
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-antrun-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>fix-windows-shell-script</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>run</goal>
+                        </goals>
+                        <configuration>
+                            <!-- Hack/workaround for https://github.com/mojohaus/appassembler/issues/114 -->
+                            <target>
+                                <replace file="${project.build.directory}/release/bin/dependency-check.bat" token="%JAVACMD% %JAVA_OPTS%" value="&quot;%JAVACMD%&quot; %JAVA_OPTS%" failOnNoReplacements="true" />
+                            </target>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-assembly-plugin</artifactId>
diff --git a/cli/src/main/resources/logback.xml b/cli/src/main/resources/logback.xml
index fef9b5c1b47..da49803591a 100644
--- a/cli/src/main/resources/logback.xml
+++ b/cli/src/main/resources/logback.xml
@@ -10,6 +10,7 @@
         </encoder>
     </appender>
 
+    <logger name="org.apache.lucene" level="ERROR" />
     <logger name="org.apache.commons.jcs" level="ERROR" />
     <logger name="org.apache.hc" level="ERROR" />
 
diff --git a/cli/src/site/markdown/arguments.md b/cli/src/site/markdown/arguments.md
index 775cabdc490..28f99c21090 100644
--- a/cli/src/site/markdown/arguments.md
+++ b/cli/src/site/markdown/arguments.md
@@ -3,142 +3,142 @@ Command Line Arguments
 
 The following table lists the command line arguments:
 
-| Short | Argument Name          | Parameter       | Description                            | Requirement |
-|-------|------------------------|-----------------|----------------------------------------|-------------|
-|       | \-\-project            | \<name\>        | The name of the project being scanned. | Optional    |
-| \-s   | \-\-scan               | \<path\>        | The path to scan \- this option can be specified multiple times. It is also possible to specify Ant style paths (e.g. 'directory/**/*.jar'); if using an Ant style path it is highly recommended that you use single quotes around the path so that the shell itself does not automatically perform replacements (see [issue #1812](https://github.com/dependency-check/DependencyCheck/issues/1812). | Required |
-|       | \-\-exclude            | \<pattern\>     | The path patterns to exclude from the scan \- this option can be specified multiple times. This accepts Ant style path patterns (e.g. **/exclude/**). | Optional |
-|       | \-\-symLink            | \<depth\>       | The depth that symbolic links will be followed; the default is 0 meaning symbolic links will not be followed. | Optional |
-| \-o   | \-\-out                | \<path\>        | The folder to write reports to. This defaults to the current directory. If the format is not set to ALL one could specify a specific file name. | Optional |
-| \-f   | \-\-format             | \<format\>      | The output format to write to (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). Multiple formats can be specified by specifying the parameter multiple times. The default is HTML. | Required |
-|       | \-\-junitFailOnCVSS    | \<score\>       | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure. The default is 0. | Optional |
-|       | \-\-prettyPrint        |                 | When specified the JSON and XML report formats will be pretty printed. | Optional |
-|       | \-\-failOnCVSS         | \<score\>       | If the score set between 0 and 10 the exit code from dependency-check will indicate if a vulnerability with a CVSS score equal to or higher was identified. | Optional |
-| \-l   | \-\-log                | \<file\>        | The file path to write verbose logging information. | Optional |
-| \-n   | \-\-noupdate           |                 | Disables the automatic updating of the NVD-CVE, hosted-suppressions and RetireJS data. | Optional |
-|       | \-\-suppression        | \<files\>       | The file paths to the suppression XML files; used to suppress [false positives](../general/suppression.html). This can be specified more than once to utilize multiple suppression files. The argument can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | Optional |
-| \-h   | \-\-help               |                 | Print the help message. | Optional |
-|       | \-\-advancedHelp       |                 | Print the advanced help message. | Optional |
-| \-v   | \-\-version            |                 | Print the version information. | Optional |
-|       | \-\-enableExperimental |                 | Enable the [experimental analyzers](../analyzers/index.html). If not set the analyzers marked as experimental below will not be loaded or used. | Optional |
-|       | \-\-enableRetired      |                 | Enable the [retired analyzers](../analyzers/index.html). If not set the analyzers marked as retired below will not be loaded or used. | Optional |
+| Short | Argument Name          | Parameter   | Description                                                                                                                                                                                                                                                                                                                                                                                                | Requirement |
+|-------|------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
+|       | \-\-project            | \<name\>    | The name of the project being scanned.                                                                                                                                                                                                                                                                                                                                                                     | Optional    |
+| \-s   | \-\-scan               | \<path\>    | The path to scan \- this option can be specified multiple times. It is also possible to specify Ant style paths (e.g. 'directory/**/*.jar'); if using an Ant style path it is highly recommended that you use single quotes around the path so that the shell itself does not automatically perform replacements (see [issue #1812](https://github.com/dependency-check/DependencyCheck/issues/1812).      | Required    |
+|       | \-\-exclude            | \<pattern\> | The path patterns to exclude from the scan \- this option can be specified multiple times. This accepts Ant style path patterns (e.g. **/exclude/**).                                                                                                                                                                                                                                                      | Optional    |
+|       | \-\-symLink            | \<depth\>   | The depth that symbolic links will be followed; the default is 0 meaning symbolic links will not be followed.                                                                                                                                                                                                                                                                                              | Optional    |
+| \-o   | \-\-out                | \<path\>    | The folder to write reports to. This defaults to the current directory. If the format is not set to ALL one could specify a specific file name.                                                                                                                                                                                                                                                            | Optional    |
+| \-f   | \-\-format             | \<format\>  | The output format to write to (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). Multiple formats can be specified by specifying the parameter multiple times. The default is HTML.                                                                                                                                                                                                               | Required    |
+|       | \-\-junitFailOnCVSS    | \<score\>   | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure. The default is 0.                                                                                                                                                                                                                                                                         | Optional    |
+|       | \-\-prettyPrint        |             | When specified the JSON and XML report formats will be pretty printed.                                                                                                                                                                                                                                                                                                                                     | Optional    |
+|       | \-\-failOnCVSS         | \<score\>   | If the score set between 0 and 10 the exit code from dependency-check will indicate if a vulnerability with a CVSS score equal to or higher was identified.                                                                                                                                                                                                                                                | Optional    |
+| \-l   | \-\-log                | \<file\>    | The file path to write verbose logging information.                                                                                                                                                                                                                                                                                                                                                        | Optional    |
+| \-n   | \-\-noupdate           |             | Disables the automatic updating of the NVD-CVE, hosted-suppressions and RetireJS data.                                                                                                                                                                                                                                                                                                                     | Optional    |
+|       | \-\-suppression        | \<files\>   | The file paths to the suppression XML files; used to suppress [false positives](../general/suppression.html). This can be specified more than once to utilize multiple suppression files. The argument can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | Optional    |
+| \-h   | \-\-help               |             | Print the help message.                                                                                                                                                                                                                                                                                                                                                                                    | Optional    |
+|       | \-\-advancedHelp       |             | Print the advanced help message.                                                                                                                                                                                                                                                                                                                                                                           | Optional    |
+| \-v   | \-\-version            |             | Print the version information.                                                                                                                                                                                                                                                                                                                                                                             | Optional    |
+|       | \-\-enableExperimental |             | Enable the [experimental analyzers](../analyzers/index.html). If not set the analyzers marked as experimental below will not be loaded or used.                                                                                                                                                                                                                                                            | Optional    |
+|       | \-\-enableRetired      |             | Enable the [retired analyzers](../analyzers/index.html). If not set the analyzers marked as retired below will not be loaded or used.                                                                                                                                                                                                                                                                      | Optional    |
 
 Advanced Options
 ================
-| Short | Argument Name                         | Parameter       | Description                                                                                                                                                                                                                                                                                                                        | Default Value |
-|-------|---------------------------------------|-----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------|
-|       | \-\-nvdApiKey                         | \<apiKey\>      | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-nvdApiEndpoint                    | \<endpoint\>    | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                                                                                                                | https://services.nvd.nist.gov/rest/json/cves/2.0 |
-|       | \-\-nvdMaxRetryCount                  | \<count\>       | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                                                                                                                             | 10            |
-|       | \-\-nvdApiDelay                       | \<milliseconds\>| The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                                                                                                                   | 3500 with an NVD API Key or 8000 without an API Key |
-|       | \-\-nvdApiResultsPerPage              | \<number\>      | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                                                                                                                | 2000 |
-|       | \-\-nvdDatafeed                       | \<url\>         | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz`                                                                                                 | &nbsp; |
-|       | \-\-nvdUser                           | \<username\>    | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                                                                                                               | &nbsp;        |
-|       | \-\-nvdPassword                       | \<password\>    | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                                                                                                               | &nbsp;        |
-|       | \-\-nvdBearerToken                    | \<Token\>       | Credentials used for bearer authentication for the NVD API Data feed.                                                                                                                                                                                                                                                              | &nbsp;        |
-|       | \-\-nvdValidForHours                  | \<hours\>       | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                                                                                                                  | 4             |
-|       | \-\-hints                             | \<file\>        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                    | &nbsp;        |
-| \-P   | \-\-propertyfile                      | \<file\>        | Specifies a file that contains properties to use instead of application defaults. The key values used in the properties file are not the same as the arguments listed on this page; use the keys here: https://github.com/dependency-check/DependencyCheck/blob/main/core/src/main/resources/dependencycheck.properties            | &nbsp; |
-|       | \-\-updateonly                        |                 | If set only the update phase of dependency-check will be executed; no scan will be executed and no report will be generated.                                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-disableKnownExploited             |                 | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                                                                                                                    | &nbsp;        |
-|       | \-\-kevURL                            | \<url\>         | URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                                                                    | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json |
-|       | \-\-kevUser                           | \<user\>        | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                             | &nbsp;        |
-|       | \-\-kevPassword                       | \<password\>    | Credentials used for basic authentication for URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                      | &nbsp;        |
-|       | \-\-kevBearerToken                    | \<token\>       | Credentials used for bearer authentication for URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                     | &nbsp;        |
-|       | \-\-disableFileName                   |                 | Disables the File Name Analyzer; in generally, this should not be disabled.                                                                                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-disablePyDist                     |                 | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used.                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-disablePyPkg                      |                 | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used.                                                                                                                                                                                                                                     | &nbsp;        |
-|       | \-\-disableMSBuild                    |                 | Sets whether the MS Build Project Analyzer will be used.                                                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableNodeJS                     |                 | Sets whether the Node.js Package Analyzer will be used.                                                                                                                                                                                                                                                                            | &nbsp;        |
-|       | \-\-disableYarnAudit                  |                 | Sets whether the yarn Audit Analyzer will be used. This analyzer requires an internet connection and that yarn is installed.   Use `--nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                      | &nbsp;        |
-|       | \-\-yarn                              | \<path\>        | The path to `yarn`.                                                                                                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-disablePnpmAudit                  |                 | Sets whether the pnpm Audit Analyzer will be used. This analyzer requires an internet connection and that pnpm is installed.   Use `--nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                      | &nbsp;        |
-|       | \-\-pnpm                              | \<path\>        | The path to `pnpm`.                                                                                                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-disableNodeAudit                  |                 | Sets whether the Node Audit Analyzer will be used. This analyzer requires an internet connection.                                                                                                                                                                                                                                  | &nbsp;        |
-|       | \-\-disableNodeAuditCache             |                 | When the argument is present the Node Audit Analyzer will not cache results. By default the results are cached for 24 hours.                                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-nodeAuditSkipDevDependencies      |                 | Configures the Node Audit Analyzer to skip devDependencies.                                                                                                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-nodePackageSkipDevDependencies    |                 | Configures the Node Package Analyzer to skip devDependencies.                                                                                                                                                                                                                                                                      | &nbsp;        |
-|       | \-\-disableRetireJS                   |                 | Sets whether the RetireJS Analyzer will be used.                                                                                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-retireJsForceUpdate               |                 | Sets whether the RetireJS Analyzer will update regardless of the `noupdate` argument.                                                                                                                                                                                                                                              | false         |
-|       | \-\-retireJsUrl                       | \<url\>         | The URL to the Retire JS repository.                                                                                                                                                                                                                                                                                               | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
-|       | \-\-retirejsFilter                    | \<pattern\>     | The RetireJS Analyzers content filter used to exclude JS files when the content contains the given regular expression; this option can be specified multiple times.                                                                                                                                                                | &nbsp;        |
-|       | \-\-retirejsFilterNonVulnerable       |                 | Specifies that the Retire JS Analyzer should filter out non-vulnerable JS files from the report.                                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-retireJsUrlUser                   | \<username\>    | Credentials used for basic authentication for the RetireJS data.                                                                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-retirejsUrlPassword               | \<password\>    | Credentials used for basic authentication for the RetireJS data.                                                                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-retirejsUrlBearerToken            | \<token\>       | Credentials used for bearer authentication for the RetireJS data.                                                                                                                                                                                                                                                                  | &nbsp;        |
-|       | \-\-disableRubygems                   |                 | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used.                                                                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-disableBundleAudit                |                 | Sets whether the [experimental](../analyzers/index.html) Ruby Bundler Audit Analyzer will be used.                                                                                                                                                                                                                                 | &nbsp;        |
-|       | \-\-disableCocoapodsAnalyzer          |                 | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer will be used.                                                                                                                                                                                                                                          | &nbsp;        |
-|       | \-\-disableCarthageAnalyzer           |                 | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer will be used.                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableSwiftPackageManagerAnalyzer |                 | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer will be used.                                                                                                                                                                                                                              | &nbsp;        |
-|       | \-\-disableSwiftPackageResolvedAnalyzer|                 | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer will be used.                                                                                                                                                                                                                             | &nbsp;        |
-|       | \-\-disableAutoconf                   |                 | Sets whether the [experimental](../analyzers/index.html) Autoconf Analyzer will be used.                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableOpenSSL                    |                 | Sets whether the OpenSSL Analyzer will be used.                                                                                                                                                                                                                                                                                    | &nbsp;        |
-|       | \-\-disableCmake                      |                 | Sets whether the [experimental](../analyzers/index.html) Cmake Analyzer will be disabled.                                                                                                                                                                                                                                          | &nbsp;        |
-|       | \-\-disableArchive                    |                 | Sets whether the Archive Analyzer will be disabled.                                                                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-zipExtensions                     | \<strings\>     | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-disableJar                        |                 | Sets whether the Jar Analyzer will be disabled.                                                                                                                                                                                                                                                                                    | &nbsp;        |
-|       | \-\-disableComposer                   |                 | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer will be disabled.                                                                                                                                                                                                                         | &nbsp;        |
-|       | \-\-composerSkipDev                   |                 | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev".                                                                                                                                                                                                               | &nbsp;        |
-|       | \-\-disableCpan                       |                 | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer will be disabled.                                                                                                                                                                                                                                 | &nbsp;        |
-|       | \-\-disableDart                       |                 | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be disabled.                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableOssIndex                   |                 | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be disabled. This analyzer requires an internet connection.                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-disableOssIndexCache              |                 | When the argument is present the OSS Index Analyzer will not cache results. By default results are cached for 24 hours.                                                                                                                                                                                                            | &nbsp;        |
-|       | \-\-ossIndexUsername                  | \<username\>    | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none.                                                                                                                                   | &nbsp;        |
-|       | \-\-ossIndexPassword                  | \<password\>    | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none.                                                                                                                                                                                                            | &nbsp;        |
-|       | \-\-ossIndexRemoteErrorWarnOnly       | \<true\|false\> | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely.                                                                                                                                                                                                                                  | &nbsp;        |
-|       | \-\-ossIndexUrl                       | \<url\>         | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used.                                                                                                                                                                                                                                          | https://ossindex.sonatype.org |
-|       | \-\-disableCentral                    |                 | Sets whether the Central Analyzer will be used. **Disabling this analyzer is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled there is a good chance you also want to disable the Artifactory or Nexus Analyzer. | &nbsp; |
-|       | \-\-disableCentralCache               |                 | When the argument is present the Central Analyzer will not cache results locally. By default results are cached locally for 30 days.                                                                                                                                                                                               | &nbsp;        |
-|       | \-\-centralUrl                        |                 | Alternative URL for Maven Central Search. If not set the public Sonatype Maven Central will be used.                                                                                                                                                                                                                               | https://search.maven.org/solrsearch/select |
-|       | \-\-centralUsername                   | \<username\>    | The username to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                     | &nbsp;        |
-|       | \-\-centralPassword                   | \<password\>    | The password to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                     | &nbsp;        |
-|       | \-\-centralBearerToken                | \<token\>       | The token to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                        | &nbsp;        |
-|       | \-\-enableNexus                       |                 | Sets whether the Nexus Analyzer will be used (requires Nexus v2 or Pro v3). You can configure the Nexus URL to utilize an internally hosted Nexus server.                                                                                                                                                                          | &nbsp;        |
-|       | \-\-enableArtifactory                 |                 | Sets whether Artifactory analyzer will be used                                                                                                                                                                                                                                                                                     | &nbsp;        |
-|       | \-\-artifactoryUrl                    | \<url\>         | The Artifactory server URL.                                                                                                                                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-artifactoryUseProxy               | \<true\|false\> | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                                                                                                                                                     | false         |
-|       | \-\-artifactoryParallelAnalysis       | \<true\|false\> | Whether the Artifactory analyzer should be run in parallel or not                                                                                                                                                                                                                                                                  | true          |
-|       | \-\-artifactoryUsername               | \<username\>    | The user name (only used with API token) to connect to Artifactory instance                                                                                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-artifactoryApiToken               | \<token\>       | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId, artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken.                                                                                                                             | &nbsp;        |
-|       | \-\-artifactoryBearerToken            | \<token\>       | The bearer token to connect to Artifactory instance                                                                                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-nexus                             | \<url\>         | The url to the Nexus Server's web service end point (example: http://domain.enterprise/nexus/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                                                                      | &nbsp;        |
-|       | \-\-nexusUser                         | \<username\>    | The username to authenticate to the Nexus Server's REST API Endpoint. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-nexusPass                         | \<password\>    | The password to authenticate to the Nexus Server's REST API Endpoint. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                        | &nbsp;        |
-|       | \-\-nexusUsesProxy                    | \<true\|false\> | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                                                                          | true          |
-|       | \-\-disableNuspec                     |                 | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                                                                          | &nbsp;        |
-|       | \-\-disableNugetconf                  |                 | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used.                                                                                                                                                                                                                         | &nbsp;        |
-|       | \-\-disableAssembly                   |                 | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                                                                            | &nbsp;        |
-|       | \-\-dotnet                            | \<path\>        | The path to dotnet core for .NET Assembly analysis on non-windows systems.                                                                                                                                                                                                                                                         | &nbsp;        |
-|       | \-\-disableGolangDep                  |                 | Sets whether the [experimental](../analyzers/index.html) Go Dependency Analyzer should be used.                                                                                                                                                                                                                                    | &nbsp;        |
-|       | \-\-disableGolangMod                  |                 | Sets whether the [experimental](../analyzers/index.html) Go Mod Analyzer should be used.                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableMixAudit                   |                 | Sets whether the [experimental](../analyzers/index.html) Elixir mix audit Analyze should be used.                                                                                                                                                                                                                                  | &nbsp;        |
-|       | \-\-disablePoetry                     |                 | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used.                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-disableVersionCheck               |                 | Sets whether dependency-check should check if a new version is available.                                                                                                                                                                                                                                                          | &nbsp;        |
-|       | \-\-go                                | \<path\>        | The path to `go` executable for the Go Mode Analyzer; only necessary if `go` is not on the path.                                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-bundleAudit                       |                 | The path to the bundle-audit executable.                                                                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-bundleAuditWorkingDirectory       | \<path\>        | The path to working directory that the bundle-audit command should be executed from when doing Gem bundle analysis.                                                                                                                                                                                                                | &nbsp;        |
-|       | \-\-proxyserver                       | \<server\>      | The proxy server to use when downloading resources; see the [proxy configuration](../data/proxy.html) page for more information.                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-proxyport                         | \<port\>        | The proxy port to use when downloading resources.                                                                                                                                                                                                                                                                                  | &nbsp;        |
-|       | \-\-nonProxyHosts                     | \<list\>        | The proxy exclusion list: hostnames (or patterns) for which proxy should not be used. Use pipe, comma or colon as list separator. Example: `something.com\|*.something.com\|www.somethingelse.*`                                                                                                                                   | &nbsp;        |
-| \-c   | \-\-connectiontimeout                 | \<timeout\>     | The connection timeout (in milliseconds) to use when downloading resources.                                                                                                                                                                                                                                                        | 10000         |
-|       | \-\-readtimeout                       | \<timeout\>     | The read timeout (in milliseconds) to use when downloading resources.                                                                                                                                                                                                                                                              | 60000         |
-|       | \-\-proxypass                         | \<pass\>        | The proxy password to use when downloading resources.                                                                                                                                                                                                                                                                              | &nbsp;        |
-|       | \-\-proxyuser                         | \<user\>        | The proxy username to use when downloading resources.                                                                                                                                                                                                                                                                              | &nbsp;        |
-|       | \-\-connectionString                  | \<connStr\>     | The connection string to the database. See using a [database server](../data/database.html).                                                                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-dbDriverName                      | \<driver\>      | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-dbDriverPath                      | \<path\>        | The path to the database driver; note, this does not need to be set unless the JAR is outside of the class path.                                                                                                                                                                                                                   | &nbsp;        |
-|       | \-\-dbPassword                        | \<password\>    | The password for connecting to the database.                                                                                                                                                                                                                                                                                       | &nbsp;        |
-|       | \-\-dbUser                            | \<user\>        | The username used to connect to the database.                                                                                                                                                                                                                                                                                      | &nbsp;        |
-| \-d   | \-\-data                              | \<path\>        | The location of the data directory used to store persistent data.                                                                                                                                                                                                                                                                  | /usr/local/var/dependencycheck if installed through brew (→ [formula](https://github.com/Homebrew/homebrew-core/blob/master/Formula/d/dependency-check.rb#L29)). Otherwise, the data directory is created inside the install directory i.e. as a sibling to the `<install-dir>/bin`, `<install-dir>/lib` directories.       |
-|       | \-\-purge                             |                 | Delete the local copy of the NVD. This is used to force a refresh of the data.                                                                                                                                                                                                                                                     | &nbsp;        |
-|       | \-\-disableHostedSuppressions         |                 | Whether the usage of the hosted suppressions file will be disabled.                                                                                                                                                                                                                                                                | false         |
-|       | \-\-hostedSuppressionsForceUpdate     |                 | Whether the hosted suppressions file will update regardless of the `noupdate` argument.                                                                                                                                                                                                                                            | false         |
-|       | \-\-hostedSuppressionsValidForHours   | \<hours\>       | The number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                                                                                                                        | 2             |
-|       | \-\-hostedSuppressionsUrl             | \<url\>         | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                                                                                                                   | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
-|       | \-\-hostedSuppressionsUser            | \<user\>        | The user for basic authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                               | &nbsp;        |
-|       | \-\-hostedSuppressionsPassword        | \<password\>    | The password for basic authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                           | &nbsp;        |
-|       | \-\-hostedSuppressionsBearerToken     | \<token\>       | The token for bearer authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                             | &nbsp;        |
-|       | \-\-suppressionUser                   | \<user\>        | The user for basic authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                         | &nbsp;        |
-|       | \-\-suppressionPassword               | \<password\>    | The password for basic authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                     | &nbsp;        |
-|       | \-\-suppressionBearerToken            | \<token\>       | The token for bearer authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                       | &nbsp;        |
+| Short | Argument Name                           | Parameter        | Description                                                                                                                                                                                                                                                                                                                        | Default Value                                                                                                                                                                                                                                                                                                         |
+|-------|-----------------------------------------|------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+|       | \-\-nvdApiKey                           | \<apiKey\>       | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nvdApiEndpoint                      | \<endpoint\>     | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                                                                                                                | https://services.nvd.nist.gov/rest/json/cves/2.0                                                                                                                                                                                                                                                                      |
+|       | \-\-nvdMaxRetryCount                    | \<count\>        | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                                                                                                                             | 10                                                                                                                                                                                                                                                                                                                    |
+|       | \-\-nvdApiDelay                         | \<milliseconds\> | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                                                                                                                   | 3500 with an NVD API Key or 8000 without an API Key                                                                                                                                                                                                                                                                   |
+|       | \-\-nvdApiResultsPerPage                | \<number\>       | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                                                                                                                | 2000                                                                                                                                                                                                                                                                                                                  |
+|       | \-\-nvdDatafeed                         | \<url\>          | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz`                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nvdUser                             | \<username\>     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nvdPassword                         | \<password\>     | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                                                                                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nvdBearerToken                      | \<Token\>        | Credentials used for bearer authentication for the NVD API Data feed.                                                                                                                                                                                                                                                              | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nvdValidForHours                    | \<hours\>        | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                                                                                                                  | 4                                                                                                                                                                                                                                                                                                                     |
+|       | \-\-hints                               | \<file\>         | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                    | &nbsp;                                                                                                                                                                                                                                                                                                                |
+| \-P   | \-\-propertyfile                        | \<file\>         | Specifies a file that contains properties to use instead of application defaults. The key values used in the properties file are not the same as the arguments listed on this page; use the keys here: https://github.com/dependency-check/DependencyCheck/blob/main/core/src/main/resources/dependencycheck.properties            | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-updateonly                          |                  | If set only the update phase of dependency-check will be executed; no scan will be executed and no report will be generated.                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableKnownExploited               |                  | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                                                                                                                    | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-kevURL                              | \<url\>          | URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                                                                    | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json                                                                                                                                                                                                                                   |
+|       | \-\-kevUser                             | \<user\>         | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                             | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-kevPassword                         | \<password\>     | Credentials used for basic authentication for URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-kevBearerToken                      | \<token\>        | Credentials used for bearer authentication for URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableFileName                     |                  | Disables the File Name Analyzer; in generally, this should not be disabled.                                                                                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disablePyDist                       |                  | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used.                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disablePyPkg                        |                  | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used.                                                                                                                                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableMSBuild                      |                  | Sets whether the MS Build Project Analyzer will be used.                                                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableNodeJS                       |                  | Sets whether the Node.js Package Analyzer will be used.                                                                                                                                                                                                                                                                            | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableYarnAudit                    |                  | Sets whether the yarn Audit Analyzer will be used. This analyzer requires an internet connection and that yarn is installed.   Use `--nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-yarn                                | \<path\>         | The path to `yarn`.                                                                                                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disablePnpmAudit                    |                  | Sets whether the pnpm Audit Analyzer will be used. This analyzer requires an internet connection and that pnpm is installed.   Use `--nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-pnpm                                | \<path\>         | The path to `pnpm`.                                                                                                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableNodeAudit                    |                  | Sets whether the Node Audit Analyzer will be used. This analyzer requires an internet connection.                                                                                                                                                                                                                                  | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableNodeAuditCache               |                  | When the argument is present the Node Audit Analyzer will not cache results. By default the results are cached for 24 hours.                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nodeAuditSkipDevDependencies        |                  | Configures the Node Audit Analyzer to skip devDependencies.                                                                                                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nodePackageSkipDevDependencies      |                  | Configures the Node Package Analyzer to skip devDependencies.                                                                                                                                                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableRetireJS                     |                  | Sets whether the RetireJS Analyzer will be used.                                                                                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-retireJsForceUpdate                 |                  | Sets whether the RetireJS Analyzer will update regardless of the `noupdate` argument.                                                                                                                                                                                                                                              | false                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-retireJsUrl                         | \<url\>          | The URL to the Retire JS repository.                                                                                                                                                                                                                                                                                               | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json                                                                                                                                                                                                                              |
+|       | \-\-retirejsFilter                      | \<pattern\>      | The RetireJS Analyzers content filter used to exclude JS files when the content contains the given regular expression; this option can be specified multiple times.                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-retirejsFilterNonVulnerable         |                  | Specifies that the Retire JS Analyzer should filter out non-vulnerable JS files from the report.                                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-retireJsUrlUser                     | \<username\>     | Credentials used for basic authentication for the RetireJS data.                                                                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-retirejsUrlPassword                 | \<password\>     | Credentials used for basic authentication for the RetireJS data.                                                                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-retirejsUrlBearerToken              | \<token\>        | Credentials used for bearer authentication for the RetireJS data.                                                                                                                                                                                                                                                                  | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableRubygems                     |                  | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used.                                                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableBundleAudit                  |                  | Sets whether the [experimental](../analyzers/index.html) Ruby Bundler Audit Analyzer will be used.                                                                                                                                                                                                                                 | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableCocoapodsAnalyzer            |                  | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer will be used.                                                                                                                                                                                                                                          | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableCarthageAnalyzer             |                  | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer will be used.                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableSwiftPackageManagerAnalyzer  |                  | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer will be used.                                                                                                                                                                                                                              | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableSwiftPackageResolvedAnalyzer |                  | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer will be used.                                                                                                                                                                                                                             | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableAutoconf                     |                  | Sets whether the [experimental](../analyzers/index.html) Autoconf Analyzer will be used.                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableOpenSSL                      |                  | Sets whether the OpenSSL Analyzer will be used.                                                                                                                                                                                                                                                                                    | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableCmake                        |                  | Sets whether the [experimental](../analyzers/index.html) Cmake Analyzer will be disabled.                                                                                                                                                                                                                                          | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableArchive                      |                  | Sets whether the Archive Analyzer will be disabled.                                                                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-zipExtensions                       | \<strings\>      | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableJar                          |                  | Sets whether the Jar Analyzer will be disabled.                                                                                                                                                                                                                                                                                    | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableComposer                     |                  | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer will be disabled.                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-composerSkipDev                     |                  | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev".                                                                                                                                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableCpan                         |                  | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer will be disabled.                                                                                                                                                                                                                                 | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableDart                         |                  | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be disabled.                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableOssIndex                     |                  | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be disabled. This analyzer requires an internet connection.                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableOssIndexCache                |                  | When the argument is present the OSS Index Analyzer will not cache results. By default results are cached for 24 hours.                                                                                                                                                                                                            | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-ossIndexUsername                    | \<username\>     | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none.                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-ossIndexPassword                    | \<password\>     | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none.                                                                                                                                                                                                            | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-ossIndexRemoteErrorWarnOnly         | \<true\|false\>  | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely.                                                                                                                                                                                                                                  | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-ossIndexUrl                         | \<url\>          | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used.                                                                                                                                                                                                                                          | https://ossindex.sonatype.org                                                                                                                                                                                                                                                                                         |
+|       | \-\-disableCentral                      |                  | Sets whether the Central Analyzer will be used to enrich Java dependencies. **Disabling this analyzer is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled, you can use the Artifactory Analyzer or Nexus Analyzer as a replacement. | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableCentralCache                 |                  | When the argument is present the Central Analyzer will not cache results locally. By default results are cached locally for 30 days.                                                                                                                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-centralUrl                          |                  | Alternative URL for Maven Central Search. If not set the public Sonatype Maven Central will be used.                                                                                                                                                                                                                               | https://search.maven.org/solrsearch/select                                                                                                                                                                                                                                                                            |
+|       | \-\-centralUsername                     | \<username\>     | The username to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-centralPassword                     | \<password\>     | The password to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-centralBearerToken                  | \<token\>        | The token to authenticate with bearer auth to the alternative Maven Central url set by the 'centralUrl' argument. If neither basic nor bearer auth config is set it will use an unauthenticated connection.                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-enableNexus                         |                  | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing retrieval from Sonatype Nexus installations.                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-enableArtifactory                   |                  | Sets whether Artifactory analyzer will be used to enrich Java dependencies. **To use Artifactory, you will need to disable the central analyzer by adding the --disableCentral parameter.**                                                                                                                                                                                                                                                                 | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-artifactoryUrl                      | \<url\>          | The Artifactory server URL.                                                                                                                                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-artifactoryUseProxy                 | \<true\|false\>  | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                                                                                                                                                     | false                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-artifactoryParallelAnalysis         | \<true\|false\>  | Whether the Artifactory analyzer should be run in parallel or not                                                                                                                                                                                                                                                                  | true                                                                                                                                                                                                                                                                                                                  |
+|       | \-\-artifactoryUsername                 | \<username\>     | The user name (only used with API token) to connect to Artifactory instance                                                                                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-artifactoryApiToken                 | \<token\>        | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId, artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken.                                                                                                                             | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-artifactoryBearerToken              | \<token\>        | The bearer token to connect to Artifactory instance                                                                                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nexus                               | \<url\>          | The url to the Nexus Server's web service end point (example: http://domain.enterprise/nexus/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nexusUser                           | \<username\>     | The username to authenticate to the Nexus Server's REST API Endpoint. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nexusPass                           | \<password\>     | The password to authenticate to the Nexus Server's REST API Endpoint. If not set the Nexus Analyzer will use an unauthenticated connection.                                                                                                                                                                                        | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nexusUsesProxy                      | \<true\|false\>  | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                                                                          | true                                                                                                                                                                                                                                                                                                                  |
+|       | \-\-disableNuspec                       |                  | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                                                                          | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableNugetconf                    |                  | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used.                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableAssembly                     |                  | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                                                                            | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-dotnet                              | \<path\>         | The path to dotnet core for .NET Assembly analysis on non-windows systems.                                                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableGolangDep                    |                  | Sets whether the [experimental](../analyzers/index.html) Go Dependency Analyzer should be used.                                                                                                                                                                                                                                    | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableGolangMod                    |                  | Sets whether the [experimental](../analyzers/index.html) Go Mod Analyzer should be used.                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableMixAudit                     |                  | Sets whether the [experimental](../analyzers/index.html) Elixir mix audit Analyze should be used.                                                                                                                                                                                                                                  | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disablePoetry                       |                  | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used.                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableVersionCheck                 |                  | Sets whether dependency-check should check if a new version is available.                                                                                                                                                                                                                                                          | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-go                                  | \<path\>         | The path to `go` executable for the Go Mode Analyzer; only necessary if `go` is not on the path.                                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-bundleAudit                         |                  | The path to the bundle-audit executable.                                                                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-bundleAuditWorkingDirectory         | \<path\>         | The path to working directory that the bundle-audit command should be executed from when doing Gem bundle analysis.                                                                                                                                                                                                                | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-proxyserver                         | \<server\>       | The proxy server to use when downloading resources; see the [proxy configuration](../data/proxy.html) page for more information.                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-proxyport                           | \<port\>         | The proxy port to use when downloading resources.                                                                                                                                                                                                                                                                                  | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-nonProxyHosts                       | \<list\>         | The proxy exclusion list: hostnames (or patterns) for which proxy should not be used. Use pipe, comma or colon as list separator. Example: `something.com\|*.something.com\|www.somethingelse.*`                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+| \-c   | \-\-connectiontimeout                   | \<timeout\>      | The connection timeout (in milliseconds) to use when downloading resources.                                                                                                                                                                                                                                                        | 10000                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-readtimeout                         | \<timeout\>      | The read timeout (in milliseconds) to use when downloading resources.                                                                                                                                                                                                                                                              | 60000                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-proxypass                           | \<pass\>         | The proxy password to use when downloading resources.                                                                                                                                                                                                                                                                              | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-proxyuser                           | \<user\>         | The proxy username to use when downloading resources.                                                                                                                                                                                                                                                                              | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-connectionString                    | \<connStr\>      | The connection string to the database. See using a [database server](../data/database.html).                                                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-dbDriverName                        | \<driver\>       | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-dbDriverPath                        | \<path\>         | The path to the database driver; note, this does not need to be set unless the JAR is outside of the class path.                                                                                                                                                                                                                   | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-dbPassword                          | \<password\>     | The password for connecting to the database.                                                                                                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-dbUser                              | \<user\>         | The username used to connect to the database.                                                                                                                                                                                                                                                                                      | &nbsp;                                                                                                                                                                                                                                                                                                                |
+| \-d   | \-\-data                                | \<path\>         | The location of the data directory used to store persistent data.                                                                                                                                                                                                                                                                  | /usr/local/var/dependencycheck if installed through brew (→ [formula](https://github.com/Homebrew/homebrew-core/blob/master/Formula/d/dependency-check.rb#L29)). Otherwise, the data directory is created inside the install directory i.e. as a sibling to the `<install-dir>/bin`, `<install-dir>/lib` directories. |
+|       | \-\-purge                               |                  | Delete the local copy of the NVD. This is used to force a refresh of the data.                                                                                                                                                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-disableHostedSuppressions           |                  | Whether the usage of the hosted suppressions file will be disabled.                                                                                                                                                                                                                                                                | false                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-hostedSuppressionsForceUpdate       |                  | Whether the hosted suppressions file will update regardless of the `noupdate` argument.                                                                                                                                                                                                                                            | false                                                                                                                                                                                                                                                                                                                 |
+|       | \-\-hostedSuppressionsValidForHours     | \<hours\>        | The number of hours to wait before checking for new updates of the hosted suppressions file                                                                                                                                                                                                                                        | 2                                                                                                                                                                                                                                                                                                                     |
+|       | \-\-hostedSuppressionsUrl               | \<url\>          | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments                                                                                                                                                                                                                                   | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml                                                                                                                                                                                                                             |
+|       | \-\-hostedSuppressionsUser              | \<user\>         | The user for basic authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                               | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-hostedSuppressionsPassword          | \<password\>     | The password for basic authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-hostedSuppressionsBearerToken       | \<token\>        | The token for bearer authentication to a mirrored copy of the hosted suppressions file                                                                                                                                                                                                                                             | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-suppressionUser                     | \<user\>         | The user for basic authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-suppressionPassword                 | \<password\>     | The password for basic authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                     | &nbsp;                                                                                                                                                                                                                                                                                                                |
+|       | \-\-suppressionBearerToken              | \<token\>        | The token for bearer authentication to web-hosted suppression XML files (as configured with `--suppression`)                                                                                                                                                                                                                       | &nbsp;                                                                                                                                                                                                                                                                                                                |
diff --git a/cli/src/site/site.xml b/cli/src/site/site.xml
index 7918edc3e74..87e2776f51f 100644
--- a/cli/src/site/site.xml
+++ b/cli/src/site/site.xml
@@ -31,5 +31,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <item name="Configuration" href="arguments.html"/>
         </menu>
         <menu ref="reports" />
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
\ No newline at end of file
diff --git a/cli/src/test/java/org/owasp/dependencycheck/AppTest.java b/cli/src/test/java/org/owasp/dependencycheck/AppTest.java
index ea41abb957e..45f10d8c2cb 100644
--- a/cli/src/test/java/org/owasp/dependencycheck/AppTest.java
+++ b/cli/src/test/java/org/owasp/dependencycheck/AppTest.java
@@ -17,35 +17,34 @@
  */
 package org.owasp.dependencycheck;
 
-import static org.hamcrest.core.Is.is;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import org.apache.commons.cli.ParseException;
+import org.apache.commons.cli.UnrecognizedOptionException;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.utils.InvalidSettingException;
+import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.Settings.KEYS;
 
 import java.io.File;
 import java.io.FileNotFoundException;
-import java.net.URISyntaxException;
 import java.util.HashMap;
 import java.util.Map;
 
-import org.apache.commons.cli.ParseException;
-import org.apache.commons.cli.UnrecognizedOptionException;
 import static org.hamcrest.MatcherAssert.assertThat;
-import org.junit.Assert;
-import org.junit.Test;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
-import org.owasp.dependencycheck.utils.Settings;
-import org.owasp.dependencycheck.utils.Settings.KEYS;
+import static org.hamcrest.core.Is.is;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Tests for the {@link AppTest} class.
  */
-public class AppTest extends BaseTest {
+class AppTest extends BaseTest {
 
     /**
      * Test of ensureCanonicalPath method, of class App.
      */
     @Test
-    public void testEnsureCanonicalPath() {
+    void testEnsureCanonicalPath() {
         String file = "../*.jar";
         App instance = new App(getSettings());
         String result = instance.ensureCanonicalPath(file);
@@ -55,7 +54,7 @@ public void testEnsureCanonicalPath() {
         file = "../some/skip/../path/file.txt";
         String expResult = "/some/path/file.txt";
         result = instance.ensureCanonicalPath(file);
-        assertTrue("result=" + result, result.endsWith(expResult));
+        assertTrue(result.endsWith(expResult), "result=" + result);
     }
 
     /**
@@ -65,7 +64,7 @@ public void testEnsureCanonicalPath() {
      * @throws Exception the unexpected {@link Exception}.
      */
     @Test
-    public void testPopulateSettings() throws Exception {
+    void testPopulateSettings() throws Exception {
         File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
         String[] args = {"-P", prop.getAbsolutePath()};
         Map<String, Boolean> expected = new HashMap<>();
@@ -115,13 +114,12 @@ public void testPopulateSettings() throws Exception {
      * Assert that an {@link UnrecognizedOptionException} is thrown when a
      * property that is not supported is specified on the CLI.
      *
-     * @throws Exception the unexpected {@link Exception}.
      */
     @Test
-    public void testPopulateSettingsException() throws Exception {
+    void testPopulateSettingsException() {
         String[] args = {"-invalidPROPERTY"};
-        Exception exception = Assert.assertThrows(UnrecognizedOptionException.class, () -> testBooleanProperties(args, null));
-        Assert.assertTrue(exception.getMessage().contains("Unrecognized option: -invalidPROPERTY"));
+        UnrecognizedOptionException exception = assertThrows(UnrecognizedOptionException.class, () -> testBooleanProperties(args, null));
+        assertTrue(exception.getMessage().contains("Unrecognized option: -invalidPROPERTY"));
     }
 
     /**
@@ -130,7 +128,7 @@ public void testPopulateSettingsException() throws Exception {
      * @throws Exception the unexpected {@link Exception}.
      */
     @Test
-    public void testPopulatingSuppressionSettingsWithASingleFile() throws Exception {
+    void testPopulatingSuppressionSettingsWithASingleFile() throws Exception {
         // GIVEN CLI properties with the mandatory arguments
         File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
 
@@ -154,7 +152,7 @@ public void testPopulatingSuppressionSettingsWithASingleFile() throws Exception
      * @throws Exception the unexpected {@link Exception}.
      */
     @Test
-    public void testPopulatingSuppressionSettingsWithMultipleFiles() throws Exception {
+    void testPopulatingSuppressionSettingsWithMultipleFiles() throws Exception {
         // GIVEN CLI properties with the mandatory arguments
         File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
 
@@ -172,7 +170,7 @@ public void testPopulatingSuppressionSettingsWithMultipleFiles() throws Exceptio
     }
 
 
-    private boolean testBooleanProperties(String[] args, Map<String, Boolean> expected) throws URISyntaxException, FileNotFoundException, ParseException, InvalidSettingException {
+    private boolean testBooleanProperties(String[] args, Map<String, Boolean> expected) throws FileNotFoundException, ParseException, InvalidSettingException {
         this.reloadSettings();
         final CliParser cli = new CliParser(getSettings());
         cli.parse(args);
diff --git a/cli/src/test/java/org/owasp/dependencycheck/BaseTest.java b/cli/src/test/java/org/owasp/dependencycheck/BaseTest.java
index b486fa6a089..072baf8593b 100644
--- a/cli/src/test/java/org/owasp/dependencycheck/BaseTest.java
+++ b/cli/src/test/java/org/owasp/dependencycheck/BaseTest.java
@@ -15,8 +15,8 @@
  */
 package org.owasp.dependencycheck;
 
-import org.junit.After;
-import org.junit.Before;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
 import org.owasp.dependencycheck.utils.Settings;
 
 /**
@@ -33,7 +33,7 @@ public abstract class BaseTest {
     /**
      * Initialize the {@link Settings}.
      */
-    @Before
+    @BeforeEach
     public void setUp() {
         settings = new Settings();
     }
@@ -41,7 +41,7 @@ public void setUp() {
     /**
      * Clean the {@link Settings}.
      */
-    @After
+    @AfterEach
     public void tearDown() {
         settings.cleanup(true);
     }
diff --git a/cli/src/test/java/org/owasp/dependencycheck/CliParserTest.java b/cli/src/test/java/org/owasp/dependencycheck/CliParserTest.java
index 6800f4c4489..f92288c6ade 100644
--- a/cli/src/test/java/org/owasp/dependencycheck/CliParserTest.java
+++ b/cli/src/test/java/org/owasp/dependencycheck/CliParserTest.java
@@ -17,21 +17,28 @@
  */
 package org.owasp.dependencycheck;
 
+import org.apache.commons.cli.ParseException;
+import org.junit.jupiter.api.Test;
+
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.PrintStream;
+
 import static java.nio.charset.StandardCharsets.UTF_8;
-import org.apache.commons.cli.ParseException;
-import org.junit.Assert;
-import org.junit.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CliParserTest extends BaseTest {
+class CliParserTest extends BaseTest {
 
     /**
      * Test of parse method, of class CliParser.
@@ -39,7 +46,7 @@ public class CliParserTest extends BaseTest {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse() throws Exception {
+    void testParse() throws Exception {
 
         String[] args = {};
 
@@ -49,9 +56,9 @@ public void testParse() throws Exception {
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
 
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
@@ -60,16 +67,16 @@ public void testParse() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_help() throws Exception {
+    void testParse_help() throws Exception {
 
         String[] args = {"-help"};
 
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
 
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertTrue(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertFalse(instance.isGetVersion());
+        assertTrue(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
@@ -78,38 +85,35 @@ public void testParse_help() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_version() throws Exception {
+    void testParse_version() throws Exception {
 
         String[] args = {"-version"};
 
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
-        Assert.assertTrue(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertTrue(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
 
     }
 
     /**
      * Test of parse method with failOnCVSS without an argument
      *
-     * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_failOnCVSSNoArg() throws Exception {
+    void testParse_failOnCVSSNoArg() {
 
         String[] args = {"--failOnCVSS"};
 
         CliParser instance = new CliParser(getSettings());
-        try {
-            instance.parse(args);
-            Assert.fail("an argument for failOnCVSS was missing and an exception was not thrown");
-        } catch (ParseException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Missing argument"));
-        }
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        ParseException ex = assertThrows(ParseException.class, () -> instance.parse(args),
+                "an argument for failOnCVSS was missing and an exception was not thrown");
+        assertTrue(ex.getMessage().contains("Missing argument"));
+
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
@@ -119,16 +123,16 @@ public void testParse_failOnCVSSNoArg() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_failOnCVSSInvalidArgument() throws Exception {
+    void testParse_failOnCVSSInvalidArgument() throws Exception {
 
         String[] args = {"--failOnCVSS", "bad"};
 
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
-        Assert.assertEquals("Default should be 11", 11.0, instance.getFailOnCVSS(), 0);
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertEquals(11.0, instance.getFailOnCVSS(), 0, "Default should be 11");
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
@@ -138,25 +142,24 @@ public void testParse_failOnCVSSInvalidArgument() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_failOnCVSSValidArgument() throws Exception {
+    void testParse_failOnCVSSValidArgument() throws Exception {
 
         String[] args = {"--failOnCVSS", "6"};
 
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
-        Assert.assertEquals(6.0, instance.getFailOnCVSS(), 0);
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertEquals(6.0, instance.getFailOnCVSS(), 0);
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
      * Test of parse method with jar and cpe args, of class CliParser.
      *
-     * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_unknown() throws Exception {
+    void testParse_unknown() {
 
         String[] args = {"-unknown"};
 
@@ -167,62 +170,53 @@ public void testParse_unknown() throws Exception {
 
         CliParser instance = new CliParser(getSettings());
 
-        try {
-            instance.parse(args);
-            Assert.fail("Unrecognized option should have caused an exception");
-        } catch (ParseException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Unrecognized option"));
-        }
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        ParseException ex = assertThrows(ParseException.class, () -> instance.parse(args) ,
+                "Unrecognized option should have caused an exception");
+        assertTrue(ex.getMessage().contains("Unrecognized option"));
+
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
      * Test of parse method with scan arg, of class CliParser.
      *
-     * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_scan() throws Exception {
+    void testParse_scan() {
 
         String[] args = {"-scan"};
 
         CliParser instance = new CliParser(getSettings());
 
-        try {
-            instance.parse(args);
-            Assert.fail("Missing argument should have caused an exception");
-        } catch (ParseException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Missing argument"));
-        }
+        ParseException ex = assertThrows(ParseException.class, () -> instance.parse(args),
+                "Missing argument should have caused an exception");
+        assertTrue(ex.getMessage().contains("Missing argument"));
 
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
      * Test of parse method with jar arg, of class CliParser.
      *
-     * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_scan_unknownFile() throws Exception {
+    void testParse_scan_unknownFile() {
 
         String[] args = {"-scan", "jar.that.does.not.exist", "--project", "test"};
 
         CliParser instance = new CliParser(getSettings());
-        try {
-            instance.parse(args);
-            Assert.fail("An exception should have been thrown");
-        } catch (FileNotFoundException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
-        }
 
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertFalse(instance.isRunScan());
+        FileNotFoundException ex = assertThrows(FileNotFoundException.class, () -> instance.parse(args),
+                "An exception should have been thrown");
+        assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
+
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertFalse(instance.isRunScan());
     }
 
     /**
@@ -231,28 +225,27 @@ public void testParse_scan_unknownFile() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testParse_scan_withFileExists() throws Exception {
+    void testParse_scan_withFileExists() throws Exception {
         File path = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         String[] args = {"--scan", path.getCanonicalPath(), "--out", "./", "--project", "test"};
 
         CliParser instance = new CliParser(getSettings());
         instance.parse(args);
 
-        Assert.assertEquals(path.getCanonicalPath(), instance.getScanFiles()[0]);
+        assertEquals(path.getCanonicalPath(), instance.getScanFiles()[0]);
 
-        Assert.assertFalse(instance.isGetVersion());
-        Assert.assertFalse(instance.isGetHelp());
-        Assert.assertTrue(instance.isRunScan());
+        assertFalse(instance.isGetVersion());
+        assertFalse(instance.isGetHelp());
+        assertTrue(instance.isRunScan());
     }
 
     /**
      * Test of printVersionInfo, of class CliParser.
      *
-     * @throws Exception thrown when an exception occurs.
      */
     @Test
     @SuppressWarnings("StringSplitter")
-    public void testParse_printVersionInfo() throws Exception {
+    void testParse_printVersionInfo() {
 
         PrintStream out = System.out;
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -262,14 +255,14 @@ public void testParse_printVersionInfo() throws Exception {
         instance.printVersionInfo();
         try {
             baos.flush();
-            String text = new String(baos.toByteArray(), UTF_8).toLowerCase();
-            String[] lines = text.split(System.getProperty("line.separator"));
-            Assert.assertTrue(lines.length >= 1);
-            Assert.assertTrue(text.contains("version"));
-            Assert.assertFalse(text.contains("unknown"));
+            String text = baos.toString(UTF_8).toLowerCase();
+            String[] lines = text.split(System.lineSeparator());
+            assertTrue(lines.length >= 1);
+            assertTrue(text.contains("version"));
+            assertFalse(text.contains("unknown"));
         } catch (IOException ex) {
             System.setOut(out);
-            Assert.fail("CliParser.printVersionInfo did not write anything to system.out.");
+            fail("CliParser.printVersionInfo did not write anything to system.out.", ex);
         } finally {
             System.setOut(out);
         }
@@ -282,7 +275,7 @@ public void testParse_printVersionInfo() throws Exception {
      */
     @Test
     @SuppressWarnings("StringSplitter")
-    public void testParse_printHelp() throws Exception {
+    void testParse_printHelp() throws Exception {
 
         PrintStream out = System.out;
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -297,13 +290,13 @@ public void testParse_printHelp() throws Exception {
         instance.printHelp();
         try {
             baos.flush();
-            String text = (new String(baos.toByteArray(), UTF_8));
-            String[] lines = text.split(System.getProperty("line.separator"));
-            Assert.assertTrue(lines[0].startsWith("usage: "));
-            Assert.assertTrue((lines.length > 2));
+            String text = (baos.toString(UTF_8));
+            String[] lines = text.split(System.lineSeparator());
+            assertTrue(lines[0].startsWith("usage: "));
+            assertTrue((lines.length > 2));
         } catch (IOException ex) {
             System.setOut(out);
-            Assert.fail("CliParser.printVersionInfo did not write anything to system.out.");
+            fail("CliParser.printVersionInfo did not write anything to system.out.");
         } finally {
             System.setOut(out);
         }
@@ -313,70 +306,66 @@ public void testParse_printHelp() throws Exception {
      * Test of getBooleanArgument method, of class CliParser.
      */
     @Test
-    public void testGetBooleanArgument() throws ParseException {
+    void testGetBooleanArgument() {
         String[] args = {"--scan", "missing.file", "--artifactoryUseProxy", "false", "--artifactoryParallelAnalysis", "true", "--project", "test"};
 
         CliParser instance = new CliParser(getSettings());
-        try {
-            instance.parse(args);
-            Assert.fail("invalid scan should have caused an error");
-        } catch (FileNotFoundException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
-        }
+
+        FileNotFoundException ex = assertThrows(FileNotFoundException.class, () -> instance.parse(args),
+                "invalid scan should have caused an error");
+        assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
+
         boolean expResult;
         Boolean result = instance.getBooleanArgument("missingArgument");
-        Assert.assertNull(result);
+        assertNull(result);
 
         expResult = false;
         result = instance.getBooleanArgument(CliParser.ARGUMENT.ARTIFACTORY_USES_PROXY);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
         expResult = true;
         result = instance.getBooleanArgument(CliParser.ARGUMENT.ARTIFACTORY_PARALLEL_ANALYSIS);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of getStringArgument method, of class CliParser.
      */
     @Test
-    public void testGetStringArgument() throws ParseException {
+    void testGetStringArgument() {
 
         String[] args = {"--scan", "missing.file", "--artifactoryUsername", "blue42", "--project", "test"};
 
         CliParser instance = new CliParser(getSettings());
-        try {
-            instance.parse(args);
-            Assert.fail("invalid scan argument should have caused an exception");
-        } catch (FileNotFoundException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
-        }
+
+        FileNotFoundException ex = assertThrows(FileNotFoundException.class, () -> instance.parse(args),
+                "invalid scan argument should have caused an exception");
+        assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
+
         String expResult;
         String result = instance.getStringArgument("missingArgument");
-        Assert.assertNull(result);
+        assertNull(result);
 
         expResult = "blue42";
         result = instance.getStringArgument(CliParser.ARGUMENT.ARTIFACTORY_USERNAME);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     @Test
-    public void testHasOption() throws ParseException {
+    void testHasOption() {
 
         String[] args = {"--scan", "missing.file", "--artifactoryUsername", "blue42", "--project", "test"};
 
         CliParser instance = new CliParser(getSettings());
-        try {
-            instance.parse(args);
-            Assert.fail("invalid scan argument should have caused an exception");
-        } catch (FileNotFoundException ex) {
-            Assert.assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
-        }
+
+        FileNotFoundException ex = assertThrows(FileNotFoundException.class, () -> instance.parse(args),
+                "invalid scan argument should have caused an exception");
+        assertTrue(ex.getMessage().contains("Invalid 'scan' argument"));
 
         Boolean result = instance.hasOption("missingOption");
-        Assert.assertNull(result);
+        assertNull(result);
 
         Boolean expResult = true;
         result = instance.hasOption(CliParser.ARGUMENT.PROJECT);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 }
diff --git a/core/README.md b/core/README.md
index 31f3f9b26cd..1b6c759cb08 100644
--- a/core/README.md
+++ b/core/README.md
@@ -15,3 +15,5 @@ Dependency-Check makes use of several other open source libraries. Please see th
 
   [wiki]: https://github.com/dependency-check/DependencyCheck/wiki
   [notices]: https://github.com/dependency-check/DependencyCheck/blob/main/NOTICE.txt
+
+<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=c78174f3-f898-4a5d-b3ab-1202b7db8ef6" />
\ No newline at end of file
diff --git a/core/pom.xml b/core/pom.xml
index f8bf2b1cc60..99ea6357823 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
     </parent>
 
     <artifactId>dependency-check-core</artifactId>
@@ -32,7 +32,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/main/core</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <build>
         <resources>
@@ -279,6 +279,11 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             <groupId>org.apache.lucene</groupId>
             <artifactId>lucene-queryparser</artifactId>
         </dependency>
+        <!-- Allow redirection of lucene logs to slf4j -->
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jul-to-slf4j</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.apache.velocity</groupId>
             <artifactId>velocity-engine-core</artifactId>
@@ -335,7 +340,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
         </dependency>
         <dependency>
             <groupId>org.mockito</groupId>
-            <artifactId>mockito-core</artifactId>
+            <artifactId>mockito-junit-jupiter</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -466,7 +471,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                 <dependency>
                     <groupId>org.postgresql</groupId>
                     <artifactId>postgresql</artifactId>
-                    <version>42.7.5</version>
+                    <version>42.7.8</version>
                 </dependency>
             </dependencies>
             <build>
diff --git a/core/src/main/java/org/owasp/dependencycheck/Engine.java b/core/src/main/java/org/owasp/dependencycheck/Engine.java
index 594af3f1c51..625da29a419 100644
--- a/core/src/main/java/org/owasp/dependencycheck/Engine.java
+++ b/core/src/main/java/org/owasp/dependencycheck/Engine.java
@@ -647,8 +647,7 @@ public void analyzeDependencies() throws ExceptionCollection {
                 + "performed, or the resulting report.\n\n\n"
                 + "   About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html\n"
                 + "   False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html\n"
-                + "\n"
-                + "💖 Sponsor: https://github.com/sponsors/jeremylong\n\n");
+                + "\n");
         LOGGER.debug("\n----------------------------------------------------\nBEGIN ANALYSIS\n----------------------------------------------------");
         LOGGER.info("Analysis Started");
         final long analysisStart = System.currentTimeMillis();
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzer.java
index 0943648b428..a02e3d40d74 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzer.java
@@ -393,8 +393,11 @@ public void gatherEvidence(final JsonObject json, Dependency dependency) {
                     }
                 }
                 dependency.setLicense(sb.toString());
-            } else {
-                dependency.setLicense(json.getJsonObject("license").getString("type"));
+            } else if (value instanceof JsonObject) {
+                final JsonObject object = (JsonObject) value;
+                if (object.containsKey("type") && !object.isNull("type")) {
+                    dependency.setLicense(object.getString("type"));
+                }
             }
         }
     }
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java
index e5b9284179f..f03d2f6157f 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzer.java
@@ -200,6 +200,10 @@ private void loadPackagedSuppressionBaseData(final SuppressionParser parser, fin
         String suppressionFileLocation = jarLocation.getFile();
         if (suppressionFileLocation.endsWith(".jar")) {
             suppressionFileLocation = "jar:file:" + suppressionFileLocation + "!/" + BASE_SUPPRESSION_FILE;
+        } else if (suppressionFileLocation.startsWith("nested:") && suppressionFileLocation.endsWith(".jar!/")) {
+            // suppressionFileLocation -> nested:/app/app.jar/!BOOT-INF/lib/dependency-check-core-<version>.jar!/
+            // goal->                 jar:nested:/app/app.jar/!BOOT-INF/lib/dependency-check-core-<version>.jar!/dependencycheck-base-suppression.xml
+            suppressionFileLocation = "jar:" + suppressionFileLocation + BASE_SUPPRESSION_FILE;
         } else {
             suppressionFileLocation = "file:" + suppressionFileLocation + BASE_SUPPRESSION_FILE;
         }
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
index f15a7fd93aa..d9cd109f3ba 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
@@ -427,7 +427,9 @@ private File extractGrokAssembly() throws InitializationException {
      */
     @Override
     public void closeAnalyzer() throws Exception {
-        FileUtils.delete(grokAssembly.getParentFile());
+        if (grokAssembly != null) {
+            FileUtils.delete(grokAssembly.getParentFile());
+        }
     }
 
     @Override
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java
index 40061f6d840..d2fe65a1460 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java
@@ -20,8 +20,6 @@
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -111,24 +109,7 @@ public class CPEAnalyzer extends AbstractAnalyzer {
      * alpha characters.
      */
     private static final String CLEANSE_NONALPHA_RX = "[^A-Za-z]*";
-    /**
-     * UTF-8 character set name.
-     */
-    private static final String UTF8 = StandardCharsets.UTF_8.name();
-    /**
-     * The URL to search the NVD CVE data at NIST. This is used by calling:
-     * <pre>String.format(NVD_SEARCH_URL, vendor, product, version);</pre>
-     */
-    public static final String NVD_SEARCH_URL = "https://nvd.nist.gov/vuln/search/results?form_type=Advanced&"
-            + "results_type=overview&search_type=all&cpe_vendor=cpe%%3A%%2F%%3A%1$s&cpe_product=cpe%%3A%%2F%%3A%1$s%%3A%2$s&"
-            + "cpe_version=cpe%%3A%%2F%%3A%1$s%%3A%2$s%%3A%3$s";
 
-    /**
-     * The URL to search the NVD CVE data at NIST. This is used by calling:
-     * <pre>String.format(NVD_SEARCH_URL, vendor, product);</pre>
-     */
-    public static final String NVD_SEARCH_BROAD_URL = "https://nvd.nist.gov/vuln/search/results?form_type=Advanced&"
-            + "results_type=overview&search_type=all&cpe_vendor=cpe%%3A%%2F%%3A%1$s&cpe_product=cpe%%3A%%2F%%3A%1$s%%3A%2$s";
     /**
      * The CPE in memory index.
      */
@@ -806,12 +787,11 @@ protected void analyzeDependency(Dependency dependency, Engine engine) throws An
      * analysis
      * @return <code>true</code> if an identifier was added to the dependency;
      * otherwise <code>false</code>
-     * @throws UnsupportedEncodingException is thrown if UTF-8 is not supported
      * @throws AnalysisException thrown if the suppression rules failed
      */
     @SuppressWarnings("StringSplitter")
     protected boolean determineIdentifiers(Dependency dependency, String vendor, String product,
-            Confidence currentConfidence) throws UnsupportedEncodingException, AnalysisException {
+            Confidence currentConfidence) throws AnalysisException {
 
         final CpeBuilder cpeBuilder = new CpeBuilder();
 
@@ -864,8 +844,7 @@ protected boolean determineIdentifiers(Dependency dependency, String vendor, Str
                         dbVerUpdate = DependencyVersionUtil.parseVersion(vs.getVersion() + '.' + vs.getUpdate(), true);
                     }
                     if (dbVer == null) { //special case, no version specified - everything is vulnerable
-                        final String url = String.format(NVD_SEARCH_BROAD_URL, URLEncoder.encode(vs.getVendor(), UTF8),
-                                URLEncoder.encode(vs.getProduct(), UTF8));
+                        final String url = CpeIdentifier.nvdProductSearchUrlFor(vs);
                         final IdentifierMatch match = new IdentifierMatch(vs, url, IdentifierConfidence.BROAD_MATCH, conf);
                         collected.add(match);
                     } else if (evVer.equals(dbVer)) {
@@ -875,8 +854,7 @@ protected boolean determineIdentifiers(Dependency dependency, String vendor, Str
                         bestGuessConf = conf;
                         bestGuess = dbVer;
                         bestGuessUpdate = evBaseVerUpdate;
-                        bestGuessURL = String.format(NVD_SEARCH_URL, URLEncoder.encode(vs.getVendor(), UTF8),
-                                URLEncoder.encode(vs.getProduct(), UTF8), URLEncoder.encode(vs.getVersion(), UTF8));
+                        bestGuessURL = CpeIdentifier.nvdSearchUrlFor(vs);
                     } else if (dbVerUpdate != null && evVer.getVersionParts().size() <= dbVerUpdate.getVersionParts().size()
                             && evVer.matchesAtLeastThreeLevels(dbVerUpdate)) {
                         if (bestGuessConf == null || bestGuessConf.compareTo(conf) > 0) {
@@ -983,14 +961,12 @@ protected boolean determineIdentifiers(Dependency dependency, String vendor, Str
      * @param updateVersion the update version
      * @param conf the current confidence
      * @param collected a reference to the collected identifiers
-     * @throws UnsupportedEncodingException thrown if UTF-8 is not supported
      */
     private void addExactMatch(Cpe vs, String updateVersion, Confidence conf,
-            final Set<IdentifierMatch> collected) throws UnsupportedEncodingException {
+            final Set<IdentifierMatch> collected) {
 
         final CpeBuilder cpeBuilder = new CpeBuilder();
-        final String url = String.format(NVD_SEARCH_URL, URLEncoder.encode(vs.getVendor(), UTF8),
-                URLEncoder.encode(vs.getProduct(), UTF8), URLEncoder.encode(vs.getVersion(), UTF8));
+        final String url = CpeIdentifier.nvdSearchUrlFor(vs);
         Cpe useCpe;
         if (updateVersion != null && "*".equals(vs.getUpdate())) {
             try {
@@ -1022,13 +998,11 @@ private void addExactMatch(Cpe vs, String updateVersion, Confidence conf,
      * @param collected a reference to the identifiers matched
      * @throws AnalysisException thrown if aliens attacked and valid input could
      * not be used to construct a CPE
-     * @throws UnsupportedEncodingException thrown if run on a system that
-     * doesn't support UTF-8
      */
     private void considerDependencyVersion(Dependency dependency,
             String vendor, String product, Confidence confidence,
             final Set<IdentifierMatch> collected)
-            throws AnalysisException, UnsupportedEncodingException {
+            throws AnalysisException {
 
         if (dependency.getVersion() != null && !dependency.getVersion().isEmpty()) {
             final CpeBuilder cpeBuilder = new CpeBuilder();
@@ -1051,8 +1025,7 @@ private void considerDependencyVersion(Dependency dependency,
                     addVersionAndUpdate(depVersion, cpeBuilder);
                     try {
                         final Cpe depCpe = cpeBuilder.build();
-                        final String url = String.format(NVD_SEARCH_URL, URLEncoder.encode(vendor, UTF8),
-                                URLEncoder.encode(product, UTF8), URLEncoder.encode(depCpe.getVersion(), UTF8));
+                        final String url = CpeIdentifier.nvdSearchUrlFor(vendor, product, depCpe.getVersion());
                         final IdentifierMatch match = new IdentifierMatch(depCpe, url, IdentifierConfidence.EXACT_MATCH, confidence);
                         collected.add(match);
                     } catch (CpeValidationException ex) {
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java
index 098585c22dd..be270c96e8e 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java
@@ -34,6 +34,7 @@
 import org.owasp.dependencycheck.utils.Downloader;
 import org.owasp.dependencycheck.utils.FileFilterBuilder;
 import org.owasp.dependencycheck.utils.FileUtils;
+import org.owasp.dependencycheck.utils.ForbiddenException;
 import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.ResourceNotFoundException;
 import org.owasp.dependencycheck.utils.Settings;
@@ -246,6 +247,7 @@ public void analyzeDependency(Dependency dependency, Engine engine) throws Analy
                         long sleepingTimeBetweenRetriesInMillis = BASE_RETRY_WAIT;
                         boolean success = false;
                         Model model = null;
+                        DownloadFailedException lastException = null;
                         if (cache != null) {
                             model = cache.get(ma.getPomUrl());
                         }
@@ -260,6 +262,7 @@ public void analyzeDependency(Dependency dependency, Engine engine) throws Analy
                                     Downloader.getInstance().fetchFile(new URL(ma.getPomUrl()), pomFile);
                                     success = true;
                                 } catch (DownloadFailedException ex) {
+                                    lastException = ex;
                                     try {
                                         Thread.sleep(sleepingTimeBetweenRetriesInMillis);
                                     } catch (InterruptedException ex1) {
@@ -286,6 +289,10 @@ public void analyzeDependency(Dependency dependency, Engine engine) throws Analy
                         } else {
                             LOGGER.warn("Unable to download pom.xml for {} from Central; "
                                     + "this could result in undetected CPE/CVEs.", dependency.getFileName());
+                            setEnabled(false);
+                            LOGGER.warn("Disabling the Central Analyzer due to repeated download failures; Central Search "
+                                    + "may be down see https://status.maven.org/\n Note that this could result in both false "
+                                    + "positives and false negatives", lastException);
                         }
 
                     } catch (AnalysisException ex) {
@@ -302,15 +309,25 @@ public void analyzeDependency(Dependency dependency, Engine engine) throws Analy
             }
         } catch (TooManyRequestsException tre) {
             this.setEnabled(false);
-            final String message = "Connections to Central search refused. Analysis failed.";
+            final String message = "Connections to Central search refused. Analysis failed. Disabling Central analyzer - this " +
+                    "could lead to both false positives and false negatives.";
             LOGGER.error(message, tre);
             throw new AnalysisException(message, tre);
         } catch (IllegalArgumentException iae) {
             LOGGER.info("invalid sha1-hash on {}", dependency.getFileName());
         } catch (FileNotFoundException fnfe) {
             LOGGER.debug("Artifact not found in repository: '{}", dependency.getFileName());
+        } catch (ForbiddenException e) {
+            this.setEnabled(false);
+            final String message = "Connection to Central search refused. This is most likely not a problem with " +
+                    "Dependency-Check itself and is related to network connectivity. Please check " +
+                    "https://central.sonatype.org/faq/403-error-central/.";
+            LOGGER.error(message);
+            throw new AnalysisException(message, e);
         } catch (IOException ioe) {
-            final String message = "Could not connect to Central search. Analysis failed.";
+            this.setEnabled(false);
+            final String message = "Could not connect to Central search. Analysis failed; disabling Central analyzer - this " +
+                    "could lead to both false positives and false negatives.";
             LOGGER.error(message, ioe);
             throw new AnalysisException(message, ioe);
         }
@@ -330,7 +347,8 @@ public void analyzeDependency(Dependency dependency, Engine engine) throws Analy
      * @throws TooManyRequestsException if Central has received too many
      * requests.
      */
-    protected List<MavenArtifact> fetchMavenArtifacts(Dependency dependency) throws IOException, TooManyRequestsException {
+    protected List<MavenArtifact> fetchMavenArtifacts(Dependency dependency) throws IOException,
+            TooManyRequestsException {
         IOException lastException = null;
         long sleepingTimeBetweenRetriesInMillis = BASE_RETRY_WAIT;
         int triesLeft = numberOfRetries;
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
index d59d58f1ede..650bcf9ce8c 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
@@ -196,7 +196,8 @@ private boolean isNodeAuditEnabled(Engine engine) {
                     try {
                         ((AbstractNpmAnalyzer) a).prepareFileTypeAnalyzer(engine);
                     } catch (InitializationException ex) {
-                        LOGGER.debug("Error initializing the {}", a.getName());
+                        String message = "Error initializing the " + a.getName();
+                        LOGGER.debug(message, ex);
                     }
                 }
                 return a.isEnabled();
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzer.java
index 185189a1d50..cae89d79467 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzer.java
@@ -19,6 +19,7 @@
 
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
+import io.github.jeremylong.openvulnerability.client.nvd.CvssV4;
 import org.sonatype.ossindex.service.api.componentreport.ComponentReport;
 import org.sonatype.ossindex.service.api.componentreport.ComponentReportVulnerability;
 import org.sonatype.ossindex.service.api.cvss.Cvss2Severity;
@@ -36,7 +37,9 @@
 import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
+import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.Settings.KEYS;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import us.springett.parsers.cpe.exceptions.CpeValidationException;
@@ -126,6 +129,17 @@ protected void closeAnalyzer() throws Exception {
         }
     }
 
+    @Override
+    protected void prepareAnalyzer(Engine engine) throws InitializationException {
+      synchronized (FETCH_MUTIX) {
+        if (StringUtils.isEmpty(getSettings().getString(KEYS.ANALYZER_OSSINDEX_USER, StringUtils.EMPTY)) ||
+            StringUtils.isEmpty(getSettings().getString(KEYS.ANALYZER_OSSINDEX_PASSWORD, StringUtils.EMPTY))) {
+          LOG.warn("Disabling OSS Index analyzer due to missing user/password credentials. Authentication is now required: https://ossindex.sonatype.org/doc/auth-required");
+          setEnabled(false);
+        }
+      }
+    }
+
     @Override
     protected void analyzeDependency(final Dependency dependency, final Engine engine) throws AnalysisException {
         // batch request component-reports for all dependencies
@@ -134,40 +148,45 @@ protected void analyzeDependency(final Dependency dependency, final Engine engin
                 try {
                     requestDelay();
                     reports = requestReports(engine.getDependencies());
-                } catch (TransportException ex) {
+                } catch (SocketTimeoutException e) {
+                    final boolean warnOnly = getSettings().getBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, false);
+                    this.setEnabled(false);
+                    if (warnOnly) {
+                        LOG.warn("OSS Index socket timeout, disabling the analyzer", e);
+                    } else {
+                        LOG.debug("OSS Index socket timeout", e);
+                        throw new AnalysisException("Failed to establish socket to OSS Index", e);
+                    }
+                } catch (Exception ex) {
                     final String message = ex.getMessage();
                     final boolean warnOnly = getSettings().getBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, false);
                     this.setEnabled(false);
-                    if (StringUtils.endsWith(message, "401")) {
-                        LOG.error("Invalid credentials for the OSS Index, disabling the analyzer");
-                        throw new AnalysisException("Invalid credentials provided for OSS Index", ex);
-                    } else if (StringUtils.endsWith(message, "403")) {
-                        LOG.error("OSS Index access forbidden, disabling the analyzer");
-                        throw new AnalysisException("OSS Index access forbidden", ex);
-                    } else if (StringUtils.endsWith(message, "429")) {
+                    if (StringUtils.contains(message, "401")) {
+                        if (warnOnly) {
+                            LOG.warn("Invalid credentials for the OSS Index, disabling the analyzer");
+                        } else {
+                            LOG.error("Invalid credentials for the OSS Index, disabling the analyzer");
+                            throw new AnalysisException("Invalid credentials provided for OSS Index", ex);
+                        }
+                    } else if (StringUtils.contains(message, "403")) {
+                        if (warnOnly) {
+                            LOG.warn("OSS Index access forbidden, disabling the analyzer");
+                        } else {
+                            LOG.error("OSS Index access forbidden, disabling the analyzer");
+                            throw new AnalysisException("OSS Index access forbidden", ex);
+                        }
+                    } else if (StringUtils.contains(message, "429")) {
                         if (warnOnly) {
                             LOG.warn("OSS Index rate limit exceeded, disabling the analyzer", ex);
                         } else {
                             throw new AnalysisException("OSS Index rate limit exceeded, disabling the analyzer", ex);
                         }
                     } else if (warnOnly) {
-                        LOG.warn("Error requesting component reports, disabling the analyzer", ex);
+                        LOG.warn("Error requesting component reports, disabling the analyzer. " + ex.getMessage(), ex);
                     } else {
                         LOG.debug("Error requesting component reports, disabling the analyzer", ex);
-                        throw new AnalysisException("Failed to request component-reports", ex);
-                    }
-                } catch (SocketTimeoutException e) {
-                    final boolean warnOnly = getSettings().getBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, false);
-                    this.setEnabled(false);
-                    if (warnOnly) {
-                        LOG.warn("OSS Index socket timeout, disabling the analyzer", e);
-                    } else {
-                        LOG.debug("OSS Index socket timeout", e);
-                        throw new AnalysisException("Failed to establish socket to OSS Index", e);
+                        throw new AnalysisException("Failed to request component-reports. " + ex.getMessage(), ex);
                     }
-                } catch (Exception e) {
-                    LOG.debug("Error requesting component reports", e);
-                    throw new AnalysisException("Failed to request component-reports", e);
                 }
             }
 
@@ -321,7 +340,9 @@ private Vulnerability transform(final ComponentReport report, final ComponentRep
         final double cvssScore = source.getCvssScore() != null ? source.getCvssScore().doubleValue() : -1;
 
         if (source.getCvssVector() != null) {
-            if (source.getCvssVector().startsWith("CVSS:3")) {
+            if (source.getCvssVector().startsWith("CVSS:4")) {
+                result.setCvssV4(CvssUtil.vectorToCvssV4("ossindex", CvssV4.Type.PRIMARY, cvssScore, source.getCvssVector()));
+            } else if (source.getCvssVector().startsWith("CVSS:3")) {
                 result.setCvssV3(CvssUtil.vectorToCvssV3(source.getCvssVector(), cvssScore));
             } else {
                 // convert cvss details
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java
index 52ad40c958d..25c7f0b58e6 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java
@@ -188,12 +188,14 @@ protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationExcep
                     case yarnExecutableNotFoundExitValue:
                     default:
                         this.setEnabled(false);
-                        LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());
+                        LOGGER.warn("The {} has been disabled after receiving exit value {}. Yarn executable was not " +
+                                        "found or received a non-zero exit value.", getName(), exitValue);
                 }
             }
         } catch (Exception ex) {
             this.setEnabled(false);
-            LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());
+            LOGGER.warn("The {} has been disabled after receiving an exception. This can occur when Yarn executable " +
+                    "is not found.", getName());
             throw new InitializationException("Unable to read yarn audit output.", ex);
         }
     }
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearch.java b/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearch.java
index 534b5d899eb..630e8af0d0b 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearch.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearch.java
@@ -33,6 +33,7 @@
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Checksum;
 import org.owasp.dependencycheck.utils.Downloader;
+import org.owasp.dependencycheck.utils.ForbiddenException;
 import org.owasp.dependencycheck.utils.ResourceNotFoundException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.owasp.dependencycheck.utils.TooManyRequestsException;
@@ -44,13 +45,20 @@
  * Class of methods to search Artifactory for hashes and determine Maven GAV
  * from there.
  *
- * Data classes copied from JFrog's artifactory-client-java project.
+ * <p>Data classes copied from JFrog's artifactory-client-java project.</p>
  *
  * @author nhenneaux
  */
 @ThreadSafe
 public class ArtifactorySearch {
 
+    /**
+     * Required to add all extra information of the found artifact.
+     * Source: https://jfrog.com/help/r/jfrog-rest-apis/property-search
+     */
+    @SuppressWarnings("JavadocLinkAsPlainText")
+    public static final String X_RESULT_DETAIL_HEADER = "X-Result-Detail";
+
     /**
      * Used for logging.
      */
@@ -107,15 +115,21 @@ public List<MavenArtifact> search(Dependency dependency) throws IOException {
         final StringBuilder msg = new StringBuilder("Could not connect to Artifactory at")
                 .append(url);
         try {
-            final BasicHeader artifactoryResultDetail = new BasicHeader("X-Result-Detail", "info");
-            return Downloader.getInstance().fetchAndHandle(url, new ArtifactorySearchResponseHandler(dependency), List.of(artifactoryResultDetail),
-                    allowUsingProxy);
+            final BasicHeader artifactoryResultDetail = new BasicHeader(X_RESULT_DETAIL_HEADER, "info");
+            return Downloader.getInstance().fetchAndHandle(
+                    url,
+                    new ArtifactorySearchResponseHandler(url, dependency),
+                    List.of(artifactoryResultDetail),
+                    allowUsingProxy
+            );
         } catch (TooManyRequestsException e) {
             throw new IOException(msg.append(" (429): Too manu requests").toString(), e);
         } catch (URISyntaxException e) {
             throw new IOException(msg.append(" (400): Invalid URL").toString(), e);
         } catch (ResourceNotFoundException e) {
             throw new IOException(msg.append(" (404): Not found").toString(), e);
+        } catch (ForbiddenException e) {
+            throw new IOException(msg.append(" (403): Forbidden").toString(), e);
         }
     }
 
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandler.java b/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandler.java
index adaf1bc1ecc..711bfc657e0 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandler.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandler.java
@@ -32,6 +32,7 @@
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.net.URL;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.List;
@@ -39,6 +40,8 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import static org.owasp.dependencycheck.data.artifactory.ArtifactorySearch.X_RESULT_DETAIL_HEADER;
+
 class ArtifactorySearchResponseHandler implements HttpClientResponseHandler<List<MavenArtifact>> {
     /**
      * Pattern to match the path returned by the Artifactory AQL API.
@@ -61,13 +64,20 @@ class ArtifactorySearchResponseHandler implements HttpClientResponseHandler<List
     private final Dependency expectedDependency;
 
     /**
-     * Creates a responsehandler for the response on a single dependency-search attempt.
+     * The search request URL i.e., the location at which to search artifacts with checksum information
+     */
+    private final URL sourceUrl;
+
+    /**
+     * Creates a response handler for the response on a single dependency-search attempt.
      *
+     * @param sourceUrl The search request URL
      * @param dependency The dependency that is expected to be in the response when found (for validating the FileItem(s) in the response)
      */
-    ArtifactorySearchResponseHandler(Dependency dependency) {
+    ArtifactorySearchResponseHandler(URL sourceUrl, Dependency dependency) {
         this.fileImplReader = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false).readerFor(FileImpl.class);
         this.expectedDependency = dependency;
+        this.sourceUrl = sourceUrl;
     }
 
     protected boolean init(JsonParser parser) throws IOException {
@@ -114,7 +124,7 @@ private boolean checkHashes(ChecksumsImpl checksums) {
             match = false;
         }
         final String sha256sum = expectedDependency.getSha256sum();
-        /* For sha256 we need to validate that the checksum is non-null in the artifactory response.
+        /* For SHA-256, we need to validate that the checksum is non-null in the artifactory response.
          * Extract from Artifactory documentation:
          * New artifacts that are uploaded to Artifactory 5.5 and later will automatically have their SHA-256 checksum calculated.
          * However, artifacts that were already hosted in Artifactory before the upgrade will not have their SHA-256 checksum in the database yet.
@@ -132,7 +142,7 @@ private boolean checkHashes(ChecksumsImpl checksums) {
      * Process the Artifactory response.
      *
      * @param response the HTTP response
-     * @return a list of the Maven Artifact informations that match the searched dependency hash
+     * @return a list of the Maven Artifact information that matches the searched dependency hash
      * @throws FileNotFoundException When a matching artifact is not found
      * @throws IOException           thrown if there is an I/O error
      */
@@ -149,8 +159,11 @@ public List<MavenArtifact> handleResponse(ClassicHttpResponse response) throws I
                     final FileImpl file = fileImplReader.readValue(parser);
 
                     if (file.getChecksums() == null) {
-                        LOGGER.warn("No checksums found in artifactory search result of uri {}. Please make sure that header X-Result-Detail is retained on any (reverse)-proxy, loadbalancer or WebApplicationFirewall in the network path to your Artifactory Server",
-                                file.getUri());
+                        LOGGER.warn(
+                                "No checksums found in Artifactory search result for '{}'. " +
+                                "Specifically, the result set contains URI '{}' but it is missing the 'checksums' property. " +
+                                "Please make sure that the '{}' header is retained on any (reverse-)proxy, load-balancer or Web Application Firewall in the network path to your Artifactory server.",
+                                sourceUrl, file.getUri(), X_RESULT_DETAIL_HEADER);
                         continue;
                     }
 
@@ -174,7 +187,7 @@ public List<MavenArtifact> handleResponse(ClassicHttpResponse response) throws I
         }
         if (result.isEmpty()) {
             throw new FileNotFoundException("Artifact " + expectedDependency
-                    + " not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts");
+                    + " not found in Artifactory; discovered SHA1 hits not recognized as matching Maven artifacts");
         }
         return result;
     }
@@ -182,10 +195,10 @@ public List<MavenArtifact> handleResponse(ClassicHttpResponse response) throws I
     /**
      * Validate the FileImpl result for usability as a dependency.
      * <br/>
-     * Checks that the actually matches all known hashes and the path appears to match a maven repository G/A/V pattern.
+     * Checks that the file actually matches all known hashes and the path appears to match a maven repository G/A/V pattern.
      *
      * @param file The FileImpl from an Artifactory search response
-     * @return An Optional with the Matcher for the file path to retrieve the Maven G/A/V coordinates in case result is usable for further
+     * @return An Optional with the Matcher for the file path to retrieve the Maven G/A/V coordinates in case the result is usable for further
      * processing, otherwise an empty Optional.
      */
     private Optional<Matcher> validateUsability(FileImpl file) {
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java b/core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java
index 0b598684e99..3ee1135a1ec 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java
@@ -21,6 +21,7 @@
 import org.apache.hc.core5.http.message.BasicHeader;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.Downloader;
+import org.owasp.dependencycheck.utils.ForbiddenException;
 import org.owasp.dependencycheck.utils.ResourceNotFoundException;
 import org.owasp.dependencycheck.utils.TooManyRequestsException;
 import java.io.FileNotFoundException;
@@ -135,14 +136,14 @@ public CentralSearch(Settings settings) throws MalformedURLException {
      * @throws TooManyRequestsException if Central has received too many
      * requests.
      */
-    public List<MavenArtifact> searchSha1(String sha1) throws IOException, TooManyRequestsException {
+    public List<MavenArtifact> searchSha1(String sha1) throws IOException, TooManyRequestsException, ForbiddenException {
         if (null == sha1 || !sha1.matches("^[0-9A-Fa-f]{40}$")) {
             throw new IllegalArgumentException("Invalid SHA1 format");
         }
         if (cache != null) {
             final List<MavenArtifact> cached = cache.get(sha1);
             if (cached != null) {
-                LOGGER.debug("cache hit for Central: " + sha1);
+                LOGGER.debug("cache hit for Central: {}", sha1);
                 if (cached.isEmpty()) {
                     throw new FileNotFoundException("Artifact not found in Central");
                 }
@@ -180,6 +181,9 @@ public List<MavenArtifact> searchSha1(String sha1) throws IOException, TooManyRe
         } catch (URISyntaxException e) {
             final String errorMessage = "Could not convert central search URL to a URI " + e.getMessage();
             throw new IOException(errorMessage, e);
+        } catch (ForbiddenException e) {
+            final String errorMessage = "Forbidden access to MavenCentral " + e.getMessage();
+            throw new ForbiddenException(errorMessage, e);
         }
         if (cache != null) {
             cache.put(sha1, result);
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/cpe/AbstractMemoryIndex.java b/core/src/main/java/org/owasp/dependencycheck/data/cpe/AbstractMemoryIndex.java
index d3613a73c8c..5f1b35c5fff 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/cpe/AbstractMemoryIndex.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/cpe/AbstractMemoryIndex.java
@@ -50,6 +50,7 @@
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.slf4j.bridge.SLF4JBridgeHandler;
 
 /**
  * <p>
@@ -67,6 +68,12 @@
 @ThreadSafe
 public abstract class AbstractMemoryIndex implements MemoryIndex {
 
+    static {
+        // Ensure Lucene uses SLF4J for logging
+        SLF4JBridgeHandler.removeHandlersForRootLogger();
+        SLF4JBridgeHandler.install();
+    }
+
     /**
      * The logger.
      */
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV2Search.java b/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV2Search.java
index 3c8766fceb9..9e2401fc3e8 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV2Search.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV2Search.java
@@ -34,6 +34,7 @@
 import org.apache.hc.core5.http.message.BasicHeader;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.Downloader;
+import org.owasp.dependencycheck.utils.ForbiddenException;
 import org.owasp.dependencycheck.utils.ResourceNotFoundException;
 import org.owasp.dependencycheck.utils.Settings;
 
@@ -147,7 +148,7 @@ public MavenArtifact searchSha1(String sha1) throws IOException {
                 throw new IOException("Could not connect to Nexus");
         } catch (ResourceNotFoundException e) {
             throw new FileNotFoundException("Artifact not found in Nexus");
-        } catch (XPathExpressionException | URISyntaxException e) {
+        } catch (XPathExpressionException | URISyntaxException | ForbiddenException e) {
             throw new IOException(e.getMessage(), e);
         }
     }
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV3Search.java b/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV3Search.java
index 943e21f3f84..8bb31bc7573 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV3Search.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusV3Search.java
@@ -27,6 +27,7 @@
 import org.jetbrains.annotations.Nullable;
 import org.owasp.dependencycheck.utils.DownloadFailedException;
 import org.owasp.dependencycheck.utils.Downloader;
+import org.owasp.dependencycheck.utils.ForbiddenException;
 import org.owasp.dependencycheck.utils.ResourceNotFoundException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.owasp.dependencycheck.utils.TooManyRequestsException;
@@ -146,7 +147,7 @@ private String retrievePageAndAddMatchingArtifact(CloseableHttpClient client, Li
         try {
             return Downloader.getInstance().fetchAndHandle(client, url, handler, List.of(new BasicHeader(HttpHeaders.ACCEPT,
                             ContentType.APPLICATION_JSON)));
-        } catch (TooManyRequestsException | ResourceNotFoundException | DownloadFailedException e) {
+        } catch (TooManyRequestsException | ResourceNotFoundException | DownloadFailedException | ForbiddenException e) {
             if (LOGGER.isDebugEnabled()) {
                 int responseCode = -1;
                 String responseMessage = "";
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapper.java b/core/src/main/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapper.java
index 1a713cd9022..f201ffddae7 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapper.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapper.java
@@ -84,6 +84,7 @@ public String getEcosystem(DefCveItem cve) {
     private boolean hasMultipleVendorProductConfigurations(DefCveItem cve) {
         if (cve.getCve().getConfigurations() != null && !cve.getCve().getConfigurations().isEmpty()) {
             final List<CpeMatch> cpeEntries = cve.getCve().getConfigurations().stream()
+                    .filter(config -> config.getNodes() != null)
                     .map(Config::getNodes)
                     .flatMap(List::stream)
                     .filter(cpe -> cpe.getCpeMatch() != null)
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java b/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
index fbc52a29677..1e4b64baff1 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java
@@ -1611,6 +1611,7 @@ private List<VulnerableSoftware> parseCpes(DefCveItem cve) throws CpeValidationE
         final List<VulnerableSoftware> software = new ArrayList<>();
 
         final List<CpeMatch> cpeEntries = cve.getCve().getConfigurations().stream()
+                .filter(config -> config.getNodes() != null)
                 .map(Config::getNodes)
                 .flatMap(List::stream)
                 .map(Node::getCpeMatch)
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperator.java b/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperator.java
index 53603228358..9d22ec4093b 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperator.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperator.java
@@ -222,6 +222,7 @@ boolean testCveCpeStartWithFilter(final DefCveItem cve) {
         if (cve.getCve().getConfigurations() != null) {
             //cycle through to see if this is a CPE we care about (use the CPE filters
             return cve.getCve().getConfigurations().stream()
+                    .filter(config -> config.getNodes() != null)
                     .map(Config::getNodes)
                     .flatMap(List::stream)
                     .filter(Objects::nonNull)
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/update/NvdApiDataSource.java b/core/src/main/java/org/owasp/dependencycheck/data/update/NvdApiDataSource.java
index 45d558d68b8..43f530cc562 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/update/NvdApiDataSource.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/update/NvdApiDataSource.java
@@ -387,7 +387,7 @@ private boolean processApi() throws UpdateException {
                     final String msg;
                     if (key != null) {
                         msg = "Error updating the NVD Data; the NVD returned a 403 or 404 error\n\nPlease ensure your API Key is valid; "
-                                + "see https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#api-key-is-used-and-a-403-or-404-error-occurs\n\n"
+                                + "see https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#api-key-is-used-and-a-403-or-404-error-occurs\n\n"
                                 + "If your NVD API Key is valid try increasing the NVD API Delay.\n\n"
                                 + "If this is occurring in a CI environment";
                     } else {
diff --git a/core/src/main/java/org/owasp/dependencycheck/data/update/exception/CorruptedDatastreamException.java b/core/src/main/java/org/owasp/dependencycheck/data/update/exception/CorruptedDatastreamException.java
index 2794adb98bf..3ce88bf2f26 100644
--- a/core/src/main/java/org/owasp/dependencycheck/data/update/exception/CorruptedDatastreamException.java
+++ b/core/src/main/java/org/owasp/dependencycheck/data/update/exception/CorruptedDatastreamException.java
@@ -27,6 +27,8 @@
 @ThreadSafe
 public class CorruptedDatastreamException extends Exception {
 
+    private static final long serialVersionUID = 1L;
+
     /**
      * Create a new CorruptedDatastreamException.
      */
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java b/core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
index ad6538d979a..ad33bd8a585 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
@@ -625,7 +625,7 @@ public synchronized Set<Vulnerability> getVulnerabilities(boolean sorted) {
         if (sorted) {
             vulnerabilitySet = new TreeSet<>(vulnerabilities);
         } else {
-            vulnerabilitySet = vulnerabilities;
+            vulnerabilitySet = new HashSet<>(vulnerabilities);
         }
         return Collections.unmodifiableSet(vulnerabilitySet);
     }
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java b/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
index 73bb74e97c3..31763bf21e9 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/VulnerableSoftware.java
@@ -28,6 +28,7 @@
 import org.apache.commons.lang3.builder.HashCodeBuilder;
 import org.jetbrains.annotations.NotNull;
 import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
+import org.owasp.dependencycheck.dependency.naming.CpeIdentifier;
 import org.owasp.dependencycheck.utils.DependencyVersion;
 import us.springett.parsers.cpe.Cpe;
 import us.springett.parsers.cpe.ICpe;
@@ -123,16 +124,25 @@ public VulnerableSoftware(Part part, String vendor, String product, String versi
     }
     //CSON: ParameterNumber
 
+    /**
+     * Normalizes null and empty strings to null for consistent comparison.
+     * @param s the string to normalize
+     * @return null if s is null or empty, otherwise s
+     */
+    private static String normalizeForComparison(String s) {
+        return (s == null || s.isEmpty()) ? null : s;
+    }
+
     @Override
     public int compareTo(@NotNull ICpe o) {
         if (o instanceof VulnerableSoftware) {
             final VulnerableSoftware other = (VulnerableSoftware) o;
             return new CompareToBuilder()
                     .appendSuper(super.compareTo(other))
-                    .append(versionStartIncluding, other.versionStartIncluding)
-                    .append(versionStartExcluding, other.versionStartExcluding)
-                    .append(versionEndIncluding, other.versionEndIncluding)
-                    .append(versionEndExcluding, other.versionEndExcluding)
+                    .append(normalizeForComparison(versionStartIncluding), normalizeForComparison(other.versionStartIncluding))
+                    .append(normalizeForComparison(versionStartExcluding), normalizeForComparison(other.versionStartExcluding))
+                    .append(normalizeForComparison(versionEndIncluding), normalizeForComparison(other.versionEndIncluding))
+                    .append(normalizeForComparison(versionEndExcluding), normalizeForComparison(other.versionEndExcluding))
                     .append(this.vulnerable, other.vulnerable)
                     .build();
         } else if (o instanceof Cpe) {
@@ -517,4 +527,8 @@ public String toString() {
         }
         return sb.toString();
     }
+
+    public String toNvdSearchUrl() {
+        return CpeIdentifier.nvdSearchUrlFor(this);
+    }
 }
diff --git a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
index 7ed914d87a5..0f6dc48006b 100644
--- a/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
+++ b/core/src/main/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifier.java
@@ -20,6 +20,7 @@
 import org.apache.commons.lang3.builder.CompareToBuilder;
 import org.apache.commons.lang3.builder.EqualsBuilder;
 import org.apache.commons.lang3.builder.HashCodeBuilder;
+import org.apache.hc.core5.net.PercentCodec;
 import org.jetbrains.annotations.NotNull;
 import org.owasp.dependencycheck.dependency.Confidence;
 import us.springett.parsers.cpe.Cpe;
@@ -27,6 +28,8 @@
 import us.springett.parsers.cpe.exceptions.CpeValidationException;
 import us.springett.parsers.cpe.values.Part;
 
+import static java.nio.charset.StandardCharsets.UTF_8;
+
 /**
  * A CPE Identifier for a dependency object.
  *
@@ -203,4 +206,41 @@ public int compareTo(@NotNull Identifier o) {
                 .append(this.confidence, o.getConfidence())
                 .toComparison();
     }
+
+    /**
+     * Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including all populated parts
+     * of the given CPE.
+     * <p/>
+     * The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).
+     */
+    public static String nvdSearchUrlFor(Cpe cpe) {
+        // Use PercentCodec to force `*` to be encoded for CPE strings inside the URL. Technically '*' is not a reserved
+        // character in the fragment of URLs, but not all browsers handle this consistently, so better to encode aggressively.
+        // URlEncoder does not distinguish between parts of URLs appropriately, as well as not forcing encoding of these.
+        return String.format("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&cpeName=%s",
+                PercentCodec.encode(cpe.toCpe23FS(), UTF_8));
+    }
+
+    /**
+     * Produces an NVD search URL for a given application vendor/product/version combination to find all applicable vulnerabilities.
+     * <p/>
+     * The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).
+     */
+    public static String nvdSearchUrlFor(String vendor, String product, String version) throws CpeValidationException {
+        return nvdSearchUrlFor(new CpeBuilder().part(Part.APPLICATION).vendor(vendor).product(product).version(version).build());
+    }
+
+    /**
+     * Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including only the part, vendor,
+     * and product of the given CPE (if populated). Discards all other parts/discriminators of the CPE in the generated search.
+     * <p/>
+     * The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).
+     */
+    public static String nvdProductSearchUrlFor(Cpe cpe) {
+        try {
+            return nvdSearchUrlFor(new CpeBuilder().part(cpe.getPart()).vendor(cpe.getVendor()).product(cpe.getProduct()).build());
+        } catch (CpeValidationException e) {
+            throw new RuntimeException(e);
+        }
+    }
 }
diff --git a/core/src/main/java/org/owasp/dependencycheck/utils/CvssUtil.java b/core/src/main/java/org/owasp/dependencycheck/utils/CvssUtil.java
index cae334833d9..411f27bb4fc 100644
--- a/core/src/main/java/org/owasp/dependencycheck/utils/CvssUtil.java
+++ b/core/src/main/java/org/owasp/dependencycheck/utils/CvssUtil.java
@@ -21,9 +21,14 @@
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data;
+
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
+
+import io.github.jeremylong.openvulnerability.client.nvd.CvssV4;
+import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data;
 import org.sonatype.ossindex.service.api.cvss.Cvss3Severity;
 
 /**
@@ -36,6 +41,7 @@ public final class CvssUtil {
     private CvssUtil() {
         //empty constructor for utility class.
     }
+
     /**
      * The CVSS v3 Base Metrics (that are required by the spec for any CVSS v3
      * Vector String)
@@ -221,6 +227,129 @@ public static CvssV3 vectorToCvssV3(String vectorString, Double baseScore) {
                 baseSeverity, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null);
         final CvssV3 cvss = new CvssV3(null, null, data, null, null);
         return cvss;
+    }
+
+    public static CvssV4Data.SeverityType cvssV4ScoreToSeverity(double baseScore) {
+        if (baseScore == 0.0) {
+            return CvssV4Data.SeverityType.NONE;
+        } else if (baseScore > 0.0 && baseScore < 4.0) {
+            return CvssV4Data.SeverityType.LOW;
+        } else if (baseScore >= 4.0 && baseScore < 7.0) {
+            return CvssV4Data.SeverityType.MEDIUM;
+        } else if (baseScore >= 7.0 && baseScore < 9.0) {
+            return CvssV4Data.SeverityType.HIGH;
+        } else if (baseScore >= 9.0 && baseScore <= 10.0) {
+            return CvssV4Data.SeverityType.CRITICAL;
+        } else {
+            throw new IllegalArgumentException("Invalid CVSS base score: " + baseScore);
+        }
+    }
+
+    /**
+     * Convert a CVSSv4 vector String into a CvssV4 Object.
+     *
+     * @param source the source of the CVSS data
+     * @param type the type of CVSS data (primary or secondary)
+     * @param baseScore the base score
+     * @param vectorString the vector string
+     * @return the CVSSv4 object
+     */
+    public static CvssV4 vectorToCvssV4(String source, CvssV4.Type type, Double baseScore, String vectorString) {
+        // Remove "CVSS:" prefix and split by "/"
+        String[] parts = vectorString.replaceFirst("^CVSS:", "").split("/");
+        Map<String, String> values = new HashMap<>();
+        for (String part : parts) {
+            String[] kv = part.split(":");
+            if (kv.length == 2) {
+                values.put(kv[0], kv[1]);
+            }
+        }
+
+        CvssV4Data.Version version = CvssV4Data.Version.fromValue(values.getOrDefault("4.0", "4.0"));
+
+        CvssV4Data.AttackVectorType attackVector = values.containsKey("AV") ? CvssV4Data.AttackVectorType.fromValue(values.get("AV")) : null;
+        CvssV4Data.AttackComplexityType attackComplexity = values.containsKey("AC") ? CvssV4Data.AttackComplexityType.fromValue(values.get("AC")) : null;
+        CvssV4Data.AttackRequirementsType attackRequirements = values.containsKey("AT") ? CvssV4Data.AttackRequirementsType.fromValue(values.get("AT")) : null;
+        CvssV4Data.PrivilegesRequiredType privilegesRequired = values.containsKey("PR") ? CvssV4Data.PrivilegesRequiredType.fromValue(values.get("PR")) : null;
+        CvssV4Data.UserInteractionType userInteraction = values.containsKey("UI") ? CvssV4Data.UserInteractionType.fromValue(values.get("UI")) : null;
+        CvssV4Data.CiaType vulnConfidentialityImpact = values.containsKey("VC") ? CvssV4Data.CiaType.fromValue(values.get("VC")) : null;
+        CvssV4Data.CiaType vulnIntegrityImpact = values.containsKey("VI") ? CvssV4Data.CiaType.fromValue(values.get("VI")) : null;
+        CvssV4Data.CiaType vulnAvailabilityImpact = values.containsKey("VA") ? CvssV4Data.CiaType.fromValue(values.get("VA")) : null;
+        CvssV4Data.CiaType subConfidentialityImpact = values.containsKey("SC") ? CvssV4Data.CiaType.fromValue(values.get("SC")) : null;
+        CvssV4Data.CiaType subIntegrityImpact = values.containsKey("SI") ? CvssV4Data.CiaType.fromValue(values.get("SI")) : null;
+        CvssV4Data.CiaType subAvailabilityImpact = values.containsKey("SA") ? CvssV4Data.CiaType.fromValue(values.get("SA")) : null;
+        CvssV4Data.ExploitMaturityType exploitMaturity = values.containsKey("E") ? CvssV4Data.ExploitMaturityType.fromValue(values.get("E")) : CvssV4Data.ExploitMaturityType.NOT_DEFINED;
+        CvssV4Data.CiaRequirementType confidentialityRequirement = values.containsKey("CR") ? CvssV4Data.CiaRequirementType.fromValue(values.get("CR")) : CvssV4Data.CiaRequirementType.NOT_DEFINED;
+        CvssV4Data.CiaRequirementType integrityRequirement = values.containsKey("IR") ? CvssV4Data.CiaRequirementType.fromValue(values.get("IR")) : CvssV4Data.CiaRequirementType.NOT_DEFINED;
+        CvssV4Data.CiaRequirementType availabilityRequirement = values.containsKey("AR") ? CvssV4Data.CiaRequirementType.fromValue(values.get("AR")) : CvssV4Data.CiaRequirementType.NOT_DEFINED;
+        CvssV4Data.ModifiedAttackVectorType modifiedAttackVector = values.containsKey("MAV") ? CvssV4Data.ModifiedAttackVectorType.fromValue(values.get("MAV")) : CvssV4Data.ModifiedAttackVectorType.NOT_DEFINED;
+        CvssV4Data.ModifiedAttackComplexityType modifiedAttackComplexity = values.containsKey("MAC") ? CvssV4Data.ModifiedAttackComplexityType.fromValue(values.get("MAC")) : CvssV4Data.ModifiedAttackComplexityType.NOT_DEFINED;
+        CvssV4Data.ModifiedAttackRequirementsType modifiedAttackRequirements = values.containsKey("MAT") ? CvssV4Data.ModifiedAttackRequirementsType.fromValue(values.get("MAT")) : CvssV4Data.ModifiedAttackRequirementsType.NOT_DEFINED;
+        CvssV4Data.ModifiedPrivilegesRequiredType modifiedPrivilegesRequired = values.containsKey("MPR") ? CvssV4Data.ModifiedPrivilegesRequiredType.fromValue(values.get("MPR")) : CvssV4Data.ModifiedPrivilegesRequiredType.NOT_DEFINED;
+        CvssV4Data.ModifiedUserInteractionType modifiedUserInteraction = values.containsKey("MUI") ? CvssV4Data.ModifiedUserInteractionType.fromValue(values.get("MUI")) : CvssV4Data.ModifiedUserInteractionType.NOT_DEFINED;
+        CvssV4Data.ModifiedCiaType modifiedVulnConfidentialityImpact = values.containsKey("MVC") ? CvssV4Data.ModifiedCiaType.fromValue(values.get("MVC")) : CvssV4Data.ModifiedCiaType.NOT_DEFINED;
+        CvssV4Data.ModifiedCiaType modifiedVulnIntegrityImpact = values.containsKey("MVI") ? CvssV4Data.ModifiedCiaType.fromValue(values.get("MVI")) : CvssV4Data.ModifiedCiaType.NOT_DEFINED;
+        CvssV4Data.ModifiedCiaType modifiedVulnAvailabilityImpact = values.containsKey("MVA") ? CvssV4Data.ModifiedCiaType.fromValue(values.get("MVA")) : CvssV4Data.ModifiedCiaType.NOT_DEFINED;
+        CvssV4Data.ModifiedSubCType modifiedSubConfidentialityImpact = values.containsKey("MSC") ? CvssV4Data.ModifiedSubCType.fromValue(values.get("MSC")) : CvssV4Data.ModifiedSubCType.NOT_DEFINED;
+        CvssV4Data.ModifiedSubIaType modifiedSubIntegrityImpact = values.containsKey("MSI") ? CvssV4Data.ModifiedSubIaType.fromValue(values.get("MSI")) : CvssV4Data.ModifiedSubIaType.NOT_DEFINED;
+        CvssV4Data.ModifiedSubIaType modifiedSubAvailabilityImpact = values.containsKey("MSA") ? CvssV4Data.ModifiedSubIaType.fromValue(values.get("MSA")) : CvssV4Data.ModifiedSubIaType.NOT_DEFINED;
+        CvssV4Data.SafetyType safety = values.containsKey("S") ? CvssV4Data.SafetyType.fromValue(values.get("S")) : CvssV4Data.SafetyType.NOT_DEFINED;
+        CvssV4Data.AutomatableType automatable = values.containsKey("AU") ? CvssV4Data.AutomatableType.fromValue(values.get("AU")) : CvssV4Data.AutomatableType.NOT_DEFINED;
+        CvssV4Data.RecoveryType recovery = values.containsKey("R") ? CvssV4Data.RecoveryType.fromValue(values.get("R")) : CvssV4Data.RecoveryType.NOT_DEFINED;
+        CvssV4Data.ValueDensityType valueDensity = values.containsKey("V") ? CvssV4Data.ValueDensityType.fromValue(values.get("V")) : CvssV4Data.ValueDensityType.NOT_DEFINED;
+        CvssV4Data.VulnerabilityResponseEffortType vulnerabilityResponseEffort = values.containsKey("RE") ? CvssV4Data.VulnerabilityResponseEffortType.fromValue(values.get("RE")) : CvssV4Data.VulnerabilityResponseEffortType.NOT_DEFINED;
+        CvssV4Data.ProviderUrgencyType providerUrgency = values.containsKey("U") ? CvssV4Data.ProviderUrgencyType.fromValue(values.get("U")) : CvssV4Data.ProviderUrgencyType.NOT_DEFINED;
+
+        CvssV4Data.SeverityType baseSeverity = cvssV4ScoreToSeverity(baseScore);
+        // Scores and severities are not present in the vector string, set to null/defaults
+        Double threatScore = null;
+        CvssV4Data.SeverityType threatSeverity = null;
+        Double environmentalScore = null;
+        CvssV4Data.SeverityType environmentalSeverity = null;
+
+        CvssV4Data cvssData = new CvssV4Data(
+                version,
+                vectorString,
+                attackVector,
+                attackComplexity,
+                attackRequirements,
+                privilegesRequired,
+                userInteraction,
+                vulnConfidentialityImpact,
+                vulnIntegrityImpact,
+                vulnAvailabilityImpact,
+                subConfidentialityImpact,
+                subIntegrityImpact,
+                subAvailabilityImpact,
+                exploitMaturity,
+                confidentialityRequirement,
+                integrityRequirement,
+                availabilityRequirement,
+                modifiedAttackVector,
+                modifiedAttackComplexity,
+                modifiedAttackRequirements,
+                modifiedPrivilegesRequired,
+                modifiedUserInteraction,
+                modifiedVulnConfidentialityImpact,
+                modifiedVulnIntegrityImpact,
+                modifiedVulnAvailabilityImpact,
+                modifiedSubConfidentialityImpact,
+                modifiedSubIntegrityImpact,
+                modifiedSubAvailabilityImpact,
+                safety,
+                automatable,
+                recovery,
+                valueDensity,
+                vulnerabilityResponseEffort,
+                providerUrgency,
+                baseScore,
+                baseSeverity,
+                threatScore,
+                threatSeverity,
+                environmentalScore,
+                environmentalSeverity
+        );
 
+        return new CvssV4(source, type, cvssData);
     }
 }
diff --git a/core/src/main/resources/dependencycheck-base-suppression.xml b/core/src/main/resources/dependencycheck-base-suppression.xml
index 518a9329450..d244aafc1d8 100644
--- a/core/src/main/resources/dependencycheck-base-suppression.xml
+++ b/core/src/main/resources/dependencycheck-base-suppression.xml
@@ -19,7 +19,7 @@
         obvious fp - currently not returning any CVEs
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/joda\-time/joda\-time@.*$</packageUrl>
-        <cpe>cpe:/a:time_project:time</cpe>
+        <cpe regex="true">cpe:/a:time(_project)?:time.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -33,7 +33,7 @@
         obvious fp - currently not returning any CVEs
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.sonatype\.ossindex/ossindex\-service\-api@.*$</packageUrl>
-        <cpe>cpe:/a:service_project:service</cpe>
+        <cpe regex="true">cpe:/a:service(_project)?:service.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -54,7 +54,7 @@
             fp per #3940
             ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.james/apache\-mime4j\-storage@.*$</packageUrl>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
         <cpe>cpe:/a:apache:james</cpe>
     </suppress>
     <suppress base="true">
@@ -136,14 +136,14 @@
 	    ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.seleniumhq\.selenium/selenium\-chromium\-driver@.*$</packageUrl>
         <cpe>cpe:/a:chromium:chromium</cpe>
-        <cpe>cpe:/a:chromium_project:chromium</cpe>
+        <cpe regex="true">cpe:/a:chromium(_project)?:chromium.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
 	    FP per #3756
 	    ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.geronimo\.specs/geronimo\-ws\-metadata_2\.0_spec@.*$</packageUrl>
-        <cpe>cpe:/a:tad_web_project:tad_web</cpe>
+        <cpe regex="true">cpe:/a:tad_web(_project)?:tad_web.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -157,7 +157,7 @@
 	    FP per #3572
 	    ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.directory\.server/apacheds\-i18n@.*$</packageUrl>
-        <cpe>cpe:/a:i18n_project:i18n</cpe>
+        <cpe regex="true">cpe:/a:i18n(_project)?:i18n.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -186,7 +186,7 @@
       	nio-stream-storage is not 'github.com/containers/storage'. see #3273
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.synchronoss\.cloud/nio\-stream\-storage@.*$</packageUrl>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -195,14 +195,14 @@
         <gav regex="true">^io\.awspring\.cloud:spring-cloud-.*$</gav>
         <cpe>cpe:/a:pivotal_software:spring_framework</cpe>
         <cpe>cpe:/a:pivotal_software:spring_framework</cpe>
-        <cpe>cpe:/a:context_project:context</cpe>
+        <cpe regex="true">cpe:/a:context(_project)?:context.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #3230
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.github\.x\-stream/mxparser@.*$</packageUrl>
-        <cpe>cpe:/a:xstream_project:xstream</cpe>
+        <cpe regex="true">cpe:/a:xstream(_project)?:xstream.*</cpe>
         <cpe>cpe:/a:oracle:jdk</cpe>
     </suppress>
     <suppress base="true">
@@ -271,14 +271,14 @@
         FP per #3005
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.google\.apis/google\-api\-services\-sqladmin@.*$</packageUrl>
-        <cpe>cpe:/a:www-sql_project:www-sql</cpe>
+        <cpe regex="true">cpe:/a:www-sql(_project)?:www-sql.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #3005
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.google\.cloud\.sql/jdbc\-socket\-factory\-core@.*$</packageUrl>
-        <cpe>cpe:/a:www-sql_project:www-sql</cpe>
+        <cpe regex="true">cpe:/a:www-sql(_project)?:www-sql.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -360,42 +360,62 @@
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per #2972
-        hyphenated PHP library vendor names
+        FP per #2972 + #7444
+        hyphenated PHP library product names
+        (PHP framework will not be loaded via Composer)
         ]]></notes>
-        <packageUrl regex="true">^pkg:composer/php\-.*$</packageUrl>
+        <packageUrl regex="true">^pkg:composer/[^/]+/[^/]+@.*$</packageUrl>
         <cpe>cpe:/a:php:php</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per #2972 + #7444
-        hyphenated PHP library product names (prefix)
+        FP per #7542 and #7984 (prefixed symfony vendor packages which are not part of core symfony product)
         ]]></notes>
-        <packageUrl regex="true">^pkg:composer/[^/]+/php[\-_].*$</packageUrl>
-        <cpe>cpe:/a:php:php</cpe>
+        <packageUrl regex="true">^pkg:composer/symfony/(polyfill-|ux-|panther|webpack-encore-bundle|mercure@|mercure-bundle|monolog-bundle).*$</packageUrl>
+        <cpe>cpe:/a:sensiolabs:symfony</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per #2972 + #7444
-        hyphenated PHP library product names (suffix)
-        including number suffix, e.g., `symfony/polyfill-php80`
+        FP per #7545 and #7984 (suffixed symfony vendor packages which are not part of core symfony product)
         ]]></notes>
-        <packageUrl regex="true">^pkg:composer/[^/]+/.*[\-_]php[0-9]*@.*$</packageUrl>
-        <cpe>cpe:/a:php:php</cpe>
+        <packageUrl regex="true">^pkg:composer/symfony/.*(contracts|-pack)@.*$</packageUrl>
+        <cpe>cpe:/a:sensiolabs:symfony</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per #7542
+        FP per #7984 - only the pimcore/pimcore package reflects the actual pimcore product
         ]]></notes>
-        <packageUrl regex="true">^pkg:composer/symfony/polyfill-.*$</packageUrl>
-        <cpe>cpe:/a:sensiolabs:symfony</cpe>
+        <packageUrl regex="true">^pkg:composer/(?!pimcore/pimcore@).*$</packageUrl>
+        <cpe>cpe:/a:pimcore:pimcore</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per #7545
+        FP per #7984 - only the pear/pear-core-minimal packages reflect the actual pear product
         ]]></notes>
-        <packageUrl regex="true">^pkg:composer/symfony/.*-contracts@.*$</packageUrl>
-        <cpe>cpe:/a:sensiolabs:symfony</cpe>
+        <packageUrl regex="true">^pkg:composer/(?!pear/pear@|pear/pear-core-minimal@).*$</packageUrl>
+        <cpe>cpe:/a:pear:pear</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        FP per #7984 - only the laravel/framework packages reflect the actual laravel products (each have their own CPE)
+        ]]></notes>
+        <packageUrl regex="true">^pkg:composer/(?!laravel/framework@|laravel/laravel@).*$</packageUrl>
+        <cpe>cpe:/a:laravel:laravel</cpe>
+        <cpe>cpe:/a:laravel:framework</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        FP per #7984 - only the drupal/services package represents the drupal services project
+        ]]></notes>
+        <packageUrl regex="true">^pkg:composer/(?!drupal/services@).*$</packageUrl>
+        <cpe>cpe:/a:services_project:services</cpe>
+    </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        FP per #7984 - only the doctrine/orm package represents the core doctrine project
+        ]]></notes>
+        <packageUrl regex="true">^pkg:composer/(?!doctrine/orm@).*$</packageUrl>
+        <cpe>cpe:/a:doctrine-project:doctrine</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -416,7 +436,7 @@
         FP per #2940
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/cross\-env@.*$</packageUrl>
-        <cpe>cpe:/a:crossenv_project:crossenv</cpe>
+        <cpe regex="true">cpe:/a:crossenv(_project)?:crossenv.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -661,65 +681,65 @@
         <cpe>cpe:/a:file_project:file</cpe>
         <cpe>cpe:/a:file:file</cpe>
         <cpe>cpe:/a:shim:shim</cpe>
-        <cpe>cpe:/a:shim_project:shim</cpe>        
-        <cpe>cpe:/a:date_project:date</cpe>
+        <cpe regex="true">cpe:/a:shim(_project)?:shim.*</cpe>
+        <cpe regex="true">cpe:/a:date(_project)?:date.*</cpe>
         <cpe>cpe:/a:net_dns:net_dns</cpe>
         <cpe>cpe:/a:nodejs:node.js</cpe>
         <cpe>cpe:/a:nodejs:nodejs</cpe>
-        <cpe>cpe:/a:context_project:context</cpe>
-        <cpe>cpe:/a:mail_project:mail</cpe>
-        <cpe>cpe:/a:ldap_project:ldap</cpe>
-        <cpe>cpe:/a:user_import_project:user_import</cpe>
+        <cpe regex="true">cpe:/a:context(_project)?:context.*</cpe>
+        <cpe regex="true">cpe:/a:mail(_project)?:mail.*</cpe>
+        <cpe regex="true">cpe:/a:ldap(_project)?:ldap.*</cpe>
+        <cpe regex="true">cpe:/a:user_import(_project)?:user_import.*</cpe>
         <cpe>cpe:/a:root:root</cpe>
-        <cpe>cpe:/a:xmlsec_project:xmlsec</cpe>
-        <cpe>cpe:/a:rest-client_project:rest-client</cpe>
-        <cpe>cpe:/a:hub_project:hub</cpe>
-        <cpe>cpe:/a:views_project:views</cpe>
-        <cpe>cpe:/a:restful_web_services_project:restful_web_services</cpe>
+        <cpe regex="true">cpe:/a:xmlsec(_project)?:xmlsec.*</cpe>
+        <cpe regex="true">cpe:/a:rest-client(_project)?:rest-client.*</cpe>
+        <cpe regex="true">cpe:/a:hub(_project)?:hub.*</cpe>
+        <cpe regex="true">cpe:/a:views(_project)?:views.*</cpe>
+        <cpe regex="true">cpe:/a:restful_web_services(_project)?:restful_web_services.*</cpe>
         <cpe>cpe:/a:php:php</cpe>
-        <cpe>cpe:/a:font_project:font</cpe>
-        <cpe>cpe:/a:amazon_aws_project:amazon_aws</cpe>
+        <cpe regex="true">cpe:/a:font(_project)?:font.*</cpe>
+        <cpe regex="true">cpe:/a:amazon_aws(_project)?:amazon_aws.*</cpe>
         <cpe>cpe:/a:google:android</cpe>
-        <cpe>cpe:/a:first_project:first</cpe>
+        <cpe regex="true">cpe:/a:first(_project)?:first.*</cpe>
         <cpe>cpe:/a:interact:interact</cpe>
-        <cpe>cpe:/a:finder_project:finder</cpe>
-        <cpe>cpe:/a:archiver_project:archiver</cpe>
-        <cpe>cpe:/a:r_project:r</cpe>
-        <cpe>cpe:/a:jwt_project:jwt</cpe>
-        <cpe>cpe:/a:git_project:git</cpe>
+        <cpe regex="true">cpe:/a:finder(_project)?:finder.*</cpe>
+        <cpe regex="true">cpe:/a:archiver(_project)?:archiver.*</cpe>
+        <cpe regex="true">cpe:/a:r(_project)?:r.*</cpe>
+        <cpe regex="true">cpe:/a:jwt(_project)?:jwt.*</cpe>
+        <cpe regex="true">cpe:/a:git(_project)?:git.*</cpe>
         <cpe>cpe:/a:git:git</cpe>
-        <cpe>cpe:/a:git_for_windows_project:git_for_windows</cpe>
+        <cpe regex="true">cpe:/a:git_for_windows(_project)?:git_for_windows.*</cpe>
         <cpe>cpe:/a:mono-project:mono</cpe>
         <cpe>cpe:/a:mono:mono</cpe>
-        <cpe>cpe:/a:mono_project:mono</cpe>
-        <cpe>cpe:/a:app_project:app</cpe>
-        <cpe>cpe:/a:json-jwt_project:json-jwt</cpe>
-        <cpe>cpe:/a:zip_project:zip</cpe>
-        <cpe>cpe:/a:echo_project:echo</cpe>
-        <cpe>cpe:/a:util-linux_project:util-linux</cpe>
-        <cpe>cpe:/a:bitmap_project:bitmap</cpe>
-        <cpe>cpe:/a:security-framework_project:security-framework</cpe>
+        <cpe regex="true">cpe:/a:mono(_project)?:mono.*</cpe>
+        <cpe regex="true">cpe:/a:app(_project)?:app.*</cpe>
+        <cpe regex="true">cpe:/a:json-jwt(_project)?:json-jwt.*</cpe>
+        <cpe regex="true">cpe:/a:zip(_project)?:zip.*</cpe>
+        <cpe regex="true">cpe:/a:echo(_project)?:echo.*</cpe>
+        <cpe regex="true">cpe:/a:util-linux(_project)?:util-linux.*</cpe>
+        <cpe regex="true">cpe:/a:bitmap(_project)?:bitmap.*</cpe>
+        <cpe regex="true">cpe:/a:security-framework(_project)?:security-framework.*</cpe>
         <cpe>cpe:/a:next:next</cpe>
         <cpe>cpe:/a:property_pro:property_pro</cpe>
         <cve>CVE-2020-10663</cve>
         <cpe>cpe:/a:facebook:facebook</cpe>
         <cpe>cpe:/a:gitlab:gitlab</cpe>
         <cpe>cpe:/a:delegate:delegate</cpe>
-        <cpe>cpe:/a:thread_project:thread</cpe>
-        <cpe>cpe:/a:data_tools_project:data_tools</cpe>
-        <cpe>cpe:/a:tag_project:tag</cpe>
+        <cpe regex="true">cpe:/a:thread(_project)?:thread.*</cpe>
+        <cpe regex="true">cpe:/a:data_tools(_project)?:data_tools.*</cpe>
+        <cpe regex="true">cpe:/a:tag(_project)?:tag.*</cpe>
         <cpe>cpe:/a:kubernetes:kubernetes</cpe>
-        <cpe>cpe:/a:websockets_project:websockets</cpe>
-        <cpe>cpe:/a:cron_project:cron</cpe>
-        <cpe>cpe:/a:html2pdf_project:html2pdf</cpe>
-        <cpe>cpe:/a:shadow_project:shadow</cpe>
+        <cpe regex="true">cpe:/a:websockets(_project)?:websockets.*</cpe>
+        <cpe regex="true">cpe:/a:cron(_project)?:cron.*</cpe>
+        <cpe regex="true">cpe:/a:html2pdf(_project)?:html2pdf.*</cpe>
+        <cpe regex="true">cpe:/a:shadow(_project)?:shadow.*</cpe>
         <cpe>cpe:/a:cde:cde</cpe>
         <cpe>cpe:/a:docker:docker</cpe>
         <cpe>cpe:/a:travis-ci:travis_ci</cpe>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
         <cpe>cpe:/a:pivotal_software:rabbitmq</cpe>
-        <cpe>cpe:/a:saml_project:saml</cpe>
-        <cpe>cpe:/a:yaml_project:yaml</cpe>
+        <cpe regex="true">cpe:/a:saml(_project)?:saml.*</cpe>
+        <cpe regex="true">cpe:/a:yaml(_project)?:yaml.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -747,7 +767,7 @@
         ]]></notes>
         <filePath regex="true">.*(\.(jar|ear|war|pom)|pom\.xml)$</filePath>
         <cpe>cpe:/a:dash:dash</cpe>
-        <cpe>cpe:/a:mustache.js_project:mustache.js</cpe>
+        <cpe  regex="true">cpe:/a:mustache.js(_project)?:mustache.js</cpe>
         <cpe>cpe:/a:microsoft:active_directory</cpe>
         <cpe>cpe:/a:microsoft:active_directory_federation_services</cpe>
         <cpe>cpe:/a:microsoft:active_directory_services</cpe>
@@ -756,14 +776,14 @@
         <cpe>cpe:/a:python:python</cpe>
         <cpe>cpe:/a:python_software_foundation:python</cpe>
         <cve>CVE-2017-16046</cve>
-        <cpe>cpe:/a:sqlserver_project:sqlserver</cpe>
+        <cpe  regex="true">cpe:/a:sqlserver(_project)?:sqlserver</cpe>
         <cpe>cpe:/a:auth0:auth0</cpe>
         <cpe>cpe:/a:github:github</cpe>
-        <cpe>cpe:/a:data-tools_project:data_tools</cpe>
-        <cpe>cpe:/a:flow_project:flow</cpe>
+        <cpe regex="true">cpe:/a:data-tools(_project)?:data_tools.*</cpe>
+        <cpe regex="true">cpe:/a:flow(_project)?:flow.*</cpe>
         <cpe>cpe:/a:ghost:ghost</cpe>
-        <cpe>cpe:/a:ws_project:ws</cpe>
-        <cpe>cpe:/a:i18n_project:i18n</cpe>
+        <cpe regex="true">cpe:/a:ws(_project)?:ws.*</cpe>
+        <cpe regex="true">cpe:/a:i18n(_project)?:i18n.*</cpe>
         <cpe>cpe:/a:redis:redis</cpe>
         <cpe>cpe:/a:perl:perl</cpe>
     </suppress>
@@ -772,7 +792,7 @@
         Suppresses false positives per #2511
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.vaadin/vaadin\-sass\-compiler@.*$</packageUrl>
-        <cpe>cpe:/a:compile-sass_project:compile-sass</cpe>
+        <cpe regex="true">cpe:/a:compile-sass(_project)?:compile-sass.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -793,7 +813,7 @@
         Suppresses false positives
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/rc@.*$</packageUrl>
-        <cpe>cpe:/a:rc_project:rc</cpe>
+        <cpe regex="true">cpe:/a:rc(_project)?:rc.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -843,7 +863,7 @@
         Suppresses false positive per #3827 - this library is not the github.com/containers/storage project
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.smallrye/smallrye\-context\-propagation\-storage@.*$</packageUrl>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -902,7 +922,7 @@
         Suppresses false positives per issue #1614.
         ]]></notes>
         <gav regex="true">^eu\.bitwalker:UserAgentUtils:.*$</gav>
-        <cpe>cpe:/a:useragent_project:useragent</cpe>
+        <cpe regex="true">cpe:/a:useragent(_project)?:useragent.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -930,7 +950,7 @@
         Suppresses false positives per issue #1590
         ]]></notes>
         <gav regex="true">^com\.cybersource:flex-server-sdk:.*$</gav>
-        <cpe>cpe:/a:flex_project:flex</cpe>
+        <cpe regex="true">cpe:/a:flex(_project)?:flex.*</cpe>
         <cpe>cpe:/a:id:id-software</cpe>
     </suppress>
     <suppress base="true">
@@ -952,7 +972,7 @@
         Suppresses false positives per issue #1587
         ]]></notes>
         <gav regex="true">^org\.apache\.felix:org\.apache\.felix\.configadmin:.*$</gav>
-        <cpe>cpe:/a:cm_project:cm</cpe>
+        <cpe regex="true">cpe:/a:cm(_project)?:cm.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1002,7 +1022,7 @@
         FP per #2768
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.evolvis\.tartools/rfc822@.*$</packageUrl>
-        <cpe>cpe:/a:man-cgi_project:man-cgi</cpe>
+        <cpe regex="true">cpe:/a:man-cgi(_project)?:man-cgi.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1111,7 +1131,7 @@
         Suppresses false positives per issue #1587
         ]]></notes>
         <gav regex="true">^com\.liferay:org\.apache\.felix\.configadmin:.*$</gav>
-        <cpe>cpe:/a:cm_project:cm</cpe>
+        <cpe regex="true">cpe:/a:cm(_project)?:cm.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1269,14 +1289,14 @@
         Suppresses false positives per issue #2865
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.microsoft\.azure/msal4j@.*$</packageUrl>
-        <cpe>cpe:/a:http_authentication_library_project:http_authentication_library</cpe>
+        <cpe regex="true">cpe:/a:http_authentication_library(_project)?:http_authentication_library.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         Suppresses false positives per issue #2896
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.microsoft\.azure/msal4j@.*$</packageUrl>
-        <cpe>cpe:/a:http_authentication_library_project:http_authentication_library</cpe>
+        <cpe regex="true">cpe:/a:http_authentication_library(_project)?:http_authentication_library.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1398,7 +1418,7 @@
         FP per #872
         ]]></notes>
         <packageUrl regex="true">^pkg:(generic|nuget)/Microsoft\.AspNetCore\.JsonPatch@.*$</packageUrl>
-        <cpe>cpe:/a:json-patch_project:json-patch</cpe>
+        <cpe regex="true">cpe:/a:json-patch(_project)?:json-patch.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1419,21 +1439,21 @@
         FP per #1485
         ]]></notes>
         <gav regex="true">^org\.sonatype\.plexus:plexus-sec-dispatcher:.*$</gav>
-        <cpe>cpe:/a:sec_project:sec</cpe>
+        <cpe regex="true">cpe:/a:sec(_project)?:sec.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #1479
         ]]></notes>
         <gav regex="true">^com.amazonaws:aws-java-sdk-simpleworkflow:.*$</gav>
-        <cpe>cpe:/a:flow_project:flow</cpe>
+        <cpe regex="true">cpe:/a:flow(_project)?:flow.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #1479
         ]]></notes>
         <gav regex="true">^com.amazonaws:aws-java-sdk-swf-libraries:.*$</gav>
-        <cpe>cpe:/a:flow_project:flow</cpe>
+        <cpe regex="true">cpe:/a:flow(_project)?:flow.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1587,7 +1607,7 @@
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        False positives found while investigating https://github.com/jeremylong/dependency-check-gradle/issues/103
+        False positives found while investigating https://github.com/dependency-check/dependency-check-gradle/issues/103
         ]]></notes>
         <gav regex="true">^org\.jetbrains:annotations:.*$</gav>
         <cpe>cpe:/a:jetbrains:intellij_idea</cpe>
@@ -1631,7 +1651,7 @@
         FP found when researching #1091
         ]]></notes>
         <gav regex="true">^com\.nimbusds:nimbus-jose-jwt:.*$</gav>
-        <cpe>cpe:/a:jwt_project:jwt</cpe>
+        <cpe regex="true">cpe:/a:jwt(_project)?:jwt.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1700,7 +1720,7 @@
         Suppresses false positives for components within guava.
         ]]></notes>        
         <packageUrl regex="true">^pkg:maven/com\.h3xstream\.retirejs/retirejs\-core@.*$</packageUrl>
-        <cpe>cpe:/a:xstream_project:xstream</cpe>
+        <cpe regex="true">cpe:/a:xstream(_project)?:xstream.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1895,7 +1915,7 @@
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.gagravarr/vorbis\-java\-tika@.*$</packageUrl>
         <cpe>cpe:/a:apache:tika</cpe>
-        <cpe>cpe:/a:flac_project:flac</cpe>
+        <cpe regex="true">cpe:/a:flac(_project)?:flac.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -1975,7 +1995,7 @@
         FP per #1659
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.ops4j\.pax\..*$</packageUrl>
-        <cpe>cpe:/a:pax_project:pax</cpe>
+        <cpe regex="true">cpe:/a:pax(_project)?:pax.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2007,7 +2027,7 @@
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        FP per issue https://github.com/jeremylong/dependency-check-gradle/issues/61
+        FP per issue https://github.com/dependency-check/dependency-check-gradle/issues/61
         ]]></notes>
         <gav regex="true">^org\.eclipse\.jetty\.toolchain:jetty-schemas:.*$</gav>
         <cpe>cpe:/a:mortbay_jetty:jetty</cpe>
@@ -2030,7 +2050,7 @@
         <cpe>cpe:/a:apache:apache_http_server</cpe>
         <cpe>cpe:/a:apache:directory_studio</cpe>
         <cpe>cpe:/a:apache:ldap_studio</cpe>
-        <cpe>cpe:/a:net-ldap_project:net-ldap</cpe>
+        <cpe regex="true">cpe:/a:net-ldap(_project)?:net-ldap.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2228,8 +2248,8 @@
         Grizzly is not Async Http Client
         ]]></notes>
         <gav regex="true">^org\.glassfish\.grizzly:grizzly-http-client:.*$</gav>
-        <cpe>cpe:/a:async-http-client_project:async-http-client</cpe>
-        <cpe>cpe:/a:asynchttpclient_project:async-http-client</cpe>
+        <cpe regex="true">cpe:/a:async-http-client(_project)?:async-http-client.*</cpe>
+        <cpe regex="true">cpe:/a:asynchttpclient(_project)?:async-http-client.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2371,7 +2391,7 @@
         FP per #3829 the eclipse Microprofile config file provider project is not the Jenkins config file provider plugin
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.eclipse\.microprofile\.config/.*@.*$</packageUrl>
-        <cpe>cpe:/a:config_file_provider_project:config_file_provider</cpe>
+        <cpe regex="true">cpe:/a:config_file_provider(_project)?:config_file_provider.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2393,8 +2413,8 @@
         Pyro is a python project.
         ]]></notes>
         <filePath regex="true">.*(\.(jar|ear|war|pom)|pom\.xml)</filePath>
-        <cpe>cpe:/a:services_project:services</cpe>
-        <cpe>cpe:/a:pyro_project:pyro</cpe>
+        <cpe regex="true">cpe:/a:services(_project)?:services.*</cpe>
+        <cpe regex="true">cpe:/a:pyro(_project)?:pyro.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2422,7 +2442,7 @@
         false positive per issue #777
         ]]></notes>
         <gav regex="true">^org\.glassfish\.jersey\.ext:jersey-metainf-services:.*$</gav>
-        <cpe>cpe:/a:services_project:services:</cpe>
+        <cpe regex="true">cpe:/a:services(_project)?:services:.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2480,17 +2500,17 @@
         False positives per issue #2873
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/faye\-websocket@.*$</packageUrl>
-        <cpe>cpe:/a:faye_project:faye</cpe>
+        <cpe regex="true">cpe:/a:faye(_project)?:faye.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         Node.js false positives per issues #512 and #510
         ]]></notes>
         <filePath regex="true">.*package\.json$</filePath>
-        <cpe>cpe:/a:file_project:file</cpe>
+        <cpe regex="true">cpe:/a:file(_project)?:file.*</cpe>
         <cpe>cpe:/a:file:file</cpe>
         <cpe>cpe:/a:shim:shim</cpe>
-        <cpe>cpe:/a:shim_project:shim</cpe>
+        <cpe regex="true">cpe:/a:shim(_project)?:shim.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2646,6 +2666,40 @@
         <cpe>cpe:/a:apple:java</cpe>
         <cpe>cpe:/a:unicode:unicode:</cpe>
     </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        False positive per issue #7706; DUPlICATE of above rule
+        the CVEs listed are in the C++ part of the ICU project (and are currently all CVEs listed
+        against ICU project; nevertheless we should not suppress the CPE itself to avoid false negatives
+        when the CVE is in the icu4j (cpe:2.3:a:icu-project:international_components_for_unicode:*:*:*:*:*:java:*:*
+        / cpe:2.3:a:unicode:international_components_for_unicode:*:*:*:*:*:java:*:*) CPE
+        cpe cpe:/a:unicode:unicode is the unicode specification
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/org\.graalvm\.shadowed/icu4j@.*$</packageUrl>
+        <cve>CVE-2020-21913</cve>
+        <cve>CVE-2014-9654</cve>
+        <cve>CVE-2014-9911</cve>
+        <cve>CVE-2016-6293</cve>
+        <cve>CVE-2016-7415</cve>
+        <cve>CVE-2017-14952</cve>
+        <cve>CVE-2017-17484</cve>
+        <cve>CVE-2015-5922</cve>
+        <cve>CVE-2007-4771</cve>
+        <cve>CVE-2020-10531</cve>
+        <cve>CVE-2011-4599</cve>
+        <cve>CVE-2014-7923</cve>
+        <cve>CVE-2014-7926</cve>
+        <cve>CVE-2014-7940</cve>
+        <cve>CVE-2014-8146</cve>
+        <cve>CVE-2014-8147</cve>
+        <cve>CVE-2017-7867</cve>
+        <cve>CVE-2017-7868</cve>
+        <cve>CVE-2007-4770</cve>
+        <cve>CVE-2017-15396</cve>
+        <cve>CVE-2017-15422</cve>
+        <cpe>cpe:/a:apple:java</cpe>
+        <cpe>cpe:/a:unicode:unicode:</cpe>
+    </suppress>
     <suppress base="true">
         <notes><![CDATA[
         False positive per issue #854
@@ -2667,14 +2721,14 @@
         <filePath regex="true">.*activerecord.*oracle.*\.gemspec</filePath>
         <cpe>cpe:/a:ruby-i18n:i18n</cpe>
         <cpe>cpe:/a:mikel_lindsaar:mail</cpe>
-        <cpe>cpe:/a:rest-client_project:rest-client</cpe>
+        <cpe regex="true">cpe:/a:rest-client(_project)?:rest-client.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         false positives per issue #915
         ]]></notes>
         <gav regex="true">^net\.thisptr:jackson-jq:.*$</gav>
-        <cpe>cpe:/a:jq_project:jq</cpe>
+        <cpe regex="true">cpe:/a:jq(_project)?:jq.*</cpe>
         <cpe>cpe:/a:id:id-software</cpe>
     </suppress>
     <suppress base="true">
@@ -2713,7 +2767,7 @@
         false positives per issue #915
         ]]></notes>
         <gav regex="true">^javax\.validation:validation-api:.*$</gav>
-        <cpe>cpe:/a:bean_project:bean</cpe>
+        <cpe regex="true">cpe:/a:bean(_project)?:bean.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2727,49 +2781,49 @@
         FP per #1398
         ]]></notes>
         <gav regex="true">^net\.lingala\.zip4j:zip4j:.*$</gav>
-        <cpe>cpe:/a:zip_project:zip</cpe>
+        <cpe regex="true">cpe:/a:zip(_project)?:zip.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #1398
         ]]></notes>
         <gav regex="true">^net\.java\.truevfs:truevfs-comp-zip:.*$</gav>
-        <cpe>cpe:/a:zip_project:zip</cpe>
+        <cpe regex="true">cpe:/a:zip(_project)?:zip.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #1398
         ]]></notes>
         <gav regex="true">^net\.java\.truevfs:truevfs-driver-zip:.*$</gav>
-        <cpe>cpe:/a:zip_project:zip</cpe>
+        <cpe regex="true">cpe:/a:zip(_project)?:zip.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #1424
         ]]></notes>
         <gav regex="true">^stax:stax-api:.*$</gav>
-        <cpe>cpe:/a:st_project:st</cpe>
+        <cpe regex="true">cpe:/a:st(_project)?:st.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         false positive per issue #894
         ]]></notes>
         <gav regex="true">^org\.apache\.pdfbox:fontbox:.*$</gav>
-        <cpe>cpe:/a:font_project:font</cpe>
+        <cpe regex="true">cpe:/a:font(_project)?:font.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         false positive per issue #1093
         ]]></notes>
         <gav regex="true">^com\.itextpdf:font-asian:.*$</gav>
-        <cpe>cpe:/a:font_project:font</cpe>
+        <cpe regex="true">cpe:/a:font(_project)?:font.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         false positive per issue #859
         ]]></notes>
         <gav regex="true">^org\.kohsuke:github-api:.*$</gav>
-        <cpe>cpe:/a:hub_project:hub</cpe>
+        <cpe regex="true">cpe:/a:hub(_project)?:hub.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2783,22 +2837,22 @@
         False positive per issue #1068
         ]]></notes>
         <gav regex="true">^org\.asynchttpclient:netty-codec-dns:.*$</gav>
-        <cpe>cpe:/a:dns-sync_project:dns-sync</cpe>
+        <cpe regex="true">cpe:/a:dns-sync(_project)?:dns-sync.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         False positive per issue #1068
         ]]></notes>
         <gav regex="true">^org\.asynchttpclient:async-http-client-netty-utils:.*$</gav>
-        <cpe>cpe:/a:async-http-client_project:async-http-client</cpe>
-        <cpe>cpe:/a:asynchttpclient_project:async-http-client</cpe>
+        <cpe regex="true">cpe:/a:async-http-client(_project)?:async-http-client.*</cpe>
+        <cpe regex="true">cpe:/a:asynchttpclient(_project)?:async-http-client.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         False positive per issue #1068
         ]]></notes>   
         <gav regex="true">^org\.asynchttpclient:netty-resolver-dns:.*$</gav>
-        <cpe>cpe:/a:dns-sync_project:dns-sync</cpe>
+        <cpe regex="true">cpe:/a:dns-sync(_project)?:dns-sync.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2827,7 +2881,7 @@
         file name: xbean-finder-3.11.1.jar
         ]]></notes>
         <gav regex="true">^org\.apache\.xbean:xbean-finder:.*$</gav>
-        <cpe>cpe:/a:finder_project:finder</cpe>
+        <cpe regex="true">cpe:/a:finder(_project)?:finder.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2841,7 +2895,7 @@
         false positive per issue #871
         ]]></notes>
         <gav regex="true">^org\.sonatype\..*$</gav>
-        <cpe>cpe:/a:spice_project:spice</cpe>
+        <cpe regex="true">cpe:/a:spice(_project)?:spice.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2862,7 +2916,7 @@
         file name: jersey-core-1.11.jar
         ]]></notes>
         <gav regex="true">^com\.sun\.jersey:jersey-core:.*$</gav>
-        <cpe>cpe:/a:restful_web_services_project:restful_web_services</cpe>
+        <cpe regex="true">cpe:/a:restful_web_services(_project)?:restful_web_services.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -2948,8 +3002,8 @@
         FP on sttp for http-client
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.softwaremill\.sttp.*$</packageUrl>
-        <cpe>cpe:/a:async-http-client_project:async-http-client</cpe>
-        <cpe>cpe:/a:asynchttpclient_project:async-http-client</cpe>
+        <cpe regex="true">cpe:/a:async-http-client(_project)?:async-http-client.*</cpe>
+        <cpe regex="true">cpe:/a:asynchttpclient(_project)?:async-http-client.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3035,7 +3089,7 @@
         FP per issue #1003
         ]]></notes>   
         <gav regex="true">^org\.mapstruct:mapstruct:.*$</gav>
-        <cpe>cpe:/a:bean_project:bean</cpe>
+        <cpe regex="true">cpe:/a:bean(_project)?:bean.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3110,7 +3164,7 @@
         general FP cleanup: com.amazonaws is a drupal project
         ]]></notes>
         <gav regex="true">^com\.amazonaws:jmespath-java:.*$</gav>
-        <cpe>cpe:/a:amazon_aws_project:amazon_aws</cpe>
+        <cpe regex="true">cpe:/a:amazon_aws(_project)?:amazon_aws.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3204,14 +3258,14 @@
         general FP cleanup
         ]]></notes>
         <gav regex="true">^org\.codehaus\.plexus:plexus-utils:.*$</gav>
-        <cpe>cpe:/a:spice_project:spice</cpe>
+        <cpe regex="true">cpe:/a:spice(_project)?:spice.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP #1064
         ]]></notes>
         <gav regex="true">^org\.projectlombok:lombok:.*$</gav>
-        <cpe>cpe:/a:spice_project:spice</cpe>
+        <cpe regex="true">cpe:/a:spice(_project)?:spice.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3596,7 +3650,7 @@
         caused by cpe:/a:gpg-pgp_project::gpg-pgp and cpe:/a:openpgp:openpgp
         ]]></notes>
         <gav regex="true">^name\.neuhalfen\.projects\.crypto\.bouncycastle\.openpgp:bouncy-gpg:.*$</gav>
-        <cpe>cpe:/a:gpg-pgp_project::gpg-pgp</cpe>
+        <cpe regex="true">cpe:/a:gpg-pgp(_project)?::gpg-pgp.*</cpe>
         <cpe>cpe:/a:openpgp:openpgp</cpe>
     </suppress>
     <suppress base="true">
@@ -3665,7 +3719,7 @@
         false positive per #3271 on org.apache.sis.storage
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.sis\.storage/sis\-.*$</packageUrl>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3695,7 +3749,7 @@
         false positive per #3284 on com.amazonaws:aws-java-sdk-storagegateway
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.amazonaws/aws\-java\-sdk\-storagegateway@.*$</packageUrl>
-        <cpe>cpe:/a:storage_project:storage</cpe>
+        <cpe regex="true">cpe:/a:storage(_project)?:storage.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3837,14 +3891,14 @@
         suppress false CPE for mssql-on-azure backend for django #3500
         ]]></notes>
         <packageUrl regex="true">^pkg:pypi/mssql\-django@.*$</packageUrl>
-        <cpe>cpe:/a:django_project:django</cpe>
+        <cpe regex="true">cpe:/a:django(_project)?:django.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: fast-uuid-0.1.jar #3336
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.eatthepath/fast\-uuid@.*$</packageUrl>
-        <cpe>cpe:/a:fast_ber_project:fast_ber</cpe>
+        <cpe regex="true">cpe:/a:fast_ber(_project)?:fast_ber.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -3862,10 +3916,10 @@
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
-        several python-* PyPI packages hit a FP CPE match #3233 & #3017 & #5335
+        several python-* PyPI packages hit a FP CPE match #3233 & #3017 & #5335 & #7968
         as Python itself is not a PyPI package suppress it with a broad regex
         ]]></notes>
-        <packageUrl regex="true">^pkg:pypi/.*python\-.*$</packageUrl>
+        <packageUrl regex="true">^pkg:pypi/.*python.*$</packageUrl>
         <cpe>cpe:/a:python:python</cpe>
         <cpe>cpe:/a:python_software_foundation:python</cpe>
     </suppress>
@@ -3920,42 +3974,42 @@
         file name: 'DateTime::Format::MySQL', '0.04'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/DateTime%3A%3AFormat/MySQL@.*$</packageUrl>
-        <cpe>cpe:/a:www-sql_project:www-sql</cpe>
+        <cpe regex="true">cpe:/a:www-sql(_project)?:www-sql.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: 'MARC::File::XML', '1.0.1'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/MARC%3A%3AFile.*$</packageUrl>
-        <cpe>cpe:/a:file_project:file</cpe>
+        <cpe regex="true">cpe:/a:file(_project)?:file.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: 'File::Spec', '0'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/(IO%3A%3A)?File.*$</packageUrl>
-        <cpe>cpe:/a:file_project:file</cpe>
+        <cpe regex="true">cpe:/a:file(_project)?:file.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: 'SQL::Abstract', '0'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/SQL/.*$</packageUrl>
-        <cpe>cpe:/a:www-sql_project:www-sql</cpe>
+        <cpe regex="true">cpe:/a:www-sql(_project)?:www-sql.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: 'DBIx::Class::InflateColumn::DateTime', '0'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/.*DateTime.*$</packageUrl>
-        <cpe>cpe:/a:time_project:time</cpe>
+        <cpe regex="true">cpe:/a:time(_project)?:time.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         file name: 'Dist::Zilla::Plugin::Git::NextVersion', '1.120370'
         ]]></notes>
         <packageUrl regex="true">^pkg:cpan/Dist%3A%3AZilla%3A%3APlugin%3A%3AGit.*$</packageUrl>
-        <cpe>cpe:/a:git_project:git</cpe>
+        <cpe regex="true">cpe:/a:git(_project)?:git.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4111,7 +4165,7 @@
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.netty/netty-tcnative-boringssl-static@.*$</packageUrl>
         <cpe>cpe:/a:chromium:chromium</cpe>
-        <cpe>cpe:/a:chromium_project:chromium</cpe>
+        <cpe regex="true">cpe:/a:chromium(_project)?:chromium.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4190,7 +4244,7 @@
         FP per issue #4227 simple-xml-safe is a security-patched fork of the unmaintained simple-xml
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.carrotsearch\.thirdparty/simple-xml-safe@.*$</packageUrl>
-        <cpe>cpe:/a:simplexml_project:simplexml</cpe>
+        <cpe regex="true">cpe:/a:simplexml(_project)?:simplexml.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4241,7 +4295,7 @@
    	    FP per issue #4368, #4384, #4369 async_project:async is an npm package
    	    ]]></notes>
         <packageUrl regex="true">^pkg:maven/.*async.*@.*$</packageUrl>
-        <cpe>cpe:/a:async_project:async</cpe>
+        <cpe regex="true">cpe:/a:async(_project)?:async.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4295,7 +4349,7 @@
         <packageUrl regex="true">^pkg:maven/org\.pac4j/ratpack\-pac4j@.*$</packageUrl>
         <cpe>cpe:/a:pac4j:pac4j</cpe>
         <cpe>cpe:/a:ratpack:ratpack</cpe>
-        <cpe>cpe:/a:ratpack_project:ratpack</cpe>
+        <cpe regex="true">cpe:/a:ratpack(_project)?:ratpack.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4432,7 +4486,7 @@
         FP per issue #4518; http-swagger is a SwagGo Go-librarie, not one of the swagger.io libraries
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.swagger/.*$</packageUrl>
-        <cpe>cpe:/a:http-swagger_project:http-swagger</cpe>
+        <cpe regex="true">cpe:/a:http-swagger(_project)?:http-swagger.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4446,7 +4500,7 @@
         FP per issue #4554; archiver_project:archiver is a go-module, not the NPM package
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/archiver@.*$</packageUrl>
-        <cpe>cpe:/a:archiver_project:archiver</cpe>
+        <cpe regex="true">cpe:/a:archiver(_project)?:archiver.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4532,7 +4586,7 @@
         <cpe>cpe:/a:pivotal_software:spring_security</cpe>
         <cpe>cpe:/a:vmware:spring_security</cpe>
         <cpe>cpe:/a:vmware:springsource_spring_security</cpe>
-        <cpe>cpe:/a:security-framework_project:security-framework</cpe>
+        <cpe regex="true">cpe:/a:security-framework(_project)?:security-framework.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4542,7 +4596,7 @@
         <cpe>cpe:/a:vmware:springsource_spring_security</cpe>
         <cpe>cpe:/a:vmware:spring_security</cpe>
         <cpe>cpe:/a:pivotal_software:spring_security</cpe>
-        <cpe>cpe:/a:security-framework_project:security-framework</cpe>
+        <cpe regex="true">cpe:/a:security-framework(_project)?:security-framework.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4551,7 +4605,7 @@
         <packageUrl regex="true">^pkg:maven/org\.springframework\.security/spring-security-jwt@.*$</packageUrl>
         <cpe>cpe:/a:pivotal:spring_security_oauth</cpe>
         <cpe>cpe:/a:pivotal_software:spring_security_oauth</cpe>
-        <cpe>cpe:/a:jwt_project:jwt</cpe>
+        <cpe regex="true">cpe:/a:jwt(_project)?:jwt.*</cpe>
     </suppress>
 
     <suppress base="true">
@@ -4559,7 +4613,7 @@
         FP per issue #4576; spring-security-saml2-core is an (end-of-life) extension project separate from spring-security https://github.com/spring-projects/spring-security-saml
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.security\.extensions/spring-security-saml2-core@.*$</packageUrl>
-        <cpe>cpe:/a:saml_project:saml</cpe>
+        <cpe regex="true">cpe:/a:saml(_project)?:saml.*</cpe>
         <cpe>cpe:/a:vmware:spring_security</cpe>
     </suppress>
     <suppress base="true">
@@ -4570,7 +4624,7 @@
         <cpe>cpe:/a:pivotal_software:spring_security</cpe>
         <cpe>cpe:/a:vmware:springsource_spring_security</cpe>
         <cpe>cpe:/a:vmware:spring_security</cpe>
-        <cpe>cpe:/a:security-framework_project:security-framework</cpe>
+        <cpe regex="true">cpe:/a:security-framework(_project)?:security-framework.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4580,7 +4634,7 @@
         <cpe>cpe:/a:pivotal_software:spring_security</cpe>
         <cpe>cpe:/a:vmware:springsource_spring_security</cpe>
         <cpe>cpe:/a:vmware:spring_security</cpe>
-        <cpe>cpe:/a:security-framework_project:security-framework</cpe>
+        <cpe regex="true">cpe:/a:security-framework(_project)?:security-framework.*</cpe>
     </suppress>
 
     <suppress base="true">
@@ -4755,7 +4809,7 @@
         False positives per issue #642
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework/spring-context@.*$</packageUrl>
-        <cpe>cpe:/a:context_project:context</cpe>
+        <cpe regex="true">cpe:/a:context(_project)?:context.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4769,7 +4823,7 @@
         False positive per issue #700 and #3579
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.cloud/spring-cloud-.*$</packageUrl>
-        <cpe>cpe:/a:context_project:context</cpe>
+        <cpe regex="true">cpe:/a:context(_project)?:context.*</cpe>
         <cpe>cpe:/a:pivotal_software:spring_batch</cpe>
     </suppress>
     <suppress base="true">
@@ -4801,7 +4855,7 @@
         spring ldap cleanup per issue #1060
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.ldap/spring-ldap-core@.*$</packageUrl>
-        <cpe>cpe:/a:net-ldap_project:net-ldap</cpe>
+        <cpe regex="true">cpe:/a:net-ldap(_project)?:net-ldap.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4909,7 +4963,7 @@
         FP because cpe make reference to IonicaBizau/parse-url dependency
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/parseurl@.*$</packageUrl>
-        <cpe>cpe:/a:parse-url_project:parse-url</cpe>
+        <cpe regex="true">cpe:/a:parse-url(_project)?:parse-url.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -4930,14 +4984,14 @@
         FP per issue #4852
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-java-kickstart@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4803
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/net\.sourceforge\.htmlunit/htmlunit-cssparser@.*$</packageUrl>
-        <cpe>cpe:/a:htmlunit_project:htmlunit</cpe>
+        <cpe regex="true">cpe:/a:htmlunit(_project)?:htmlunit.*</cpe>
     </suppress>
 
     <suppress base="true">
@@ -4945,49 +4999,49 @@
         FP per issue #4853
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-java-servlet@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4859
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.federation/federation-graphql-java-support@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4851
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java/graphql-java-extended-scalars@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4860
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.federation/federation-graphql-java-support-api@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4862
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.github\.graphql-java/graphql-java-annotations@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4863
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java/java-dataloader@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4854
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-java-tools@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5099,7 +5153,7 @@
         FP per issue #4907
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/net\.minidev/accessors-smart@.*$</packageUrl>
-        <cpe>cpe:/a:json-smart_project:json-smart-v1</cpe>
+        <cpe regex="true">cpe:/a:json-smart(_project)?:json-smart-v1.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5134,7 +5188,7 @@
         FP per issue #4962
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.github\.pagehelper/pagehelper-spring-boot-starter@.*$</packageUrl>
-        <cpe>cpe:/a:pagehelper_project:pagehelper</cpe>
+        <cpe regex="true">cpe:/a:pagehelper(_project)?:pagehelper.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5190,7 +5244,7 @@
         FP per issue #2575, #4820
         ]]></notes>
         <packageUrl regex="true">^pkg:cocoapods/GoogleUtilities%2FAppDelegateSwizzler@.*$</packageUrl>
-        <cpe>cpe:/a:app_project:app</cpe>
+        <cpe regex="true">cpe:/a:app(_project)?:app.*</cpe>
         <cpe>cpe:/a:delegate:delegate</cpe>
     </suppress>
     <suppress base="true">
@@ -5224,7 +5278,7 @@
            FP per issue https://github.com/dependency-check/DependencyCheck/issues/5060
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.msgpack/.*@.*$</packageUrl>
-        <cpe>cpe:/a:messagepack_project:messagepack</cpe>
+        <cpe regex="true">cpe:/a:messagepack(_project)?:messagepack.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5357,21 +5411,21 @@
         FP per issue #4693
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.zipkin\.reporter2/zipkin-reporter@.*$</packageUrl>
-        <cpe>cpe:/a:pki-core_project:pki-core</cpe>
+        <cpe regex="true">cpe:/a:pki-core(_project)?:pki-core.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4692
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.zipkin\.zipkin2/zipkin@.*$</packageUrl>
-        <cpe>cpe:/a:pki-core_project:pki-core</cpe>
+        <cpe regex="true">cpe:/a:pki-core(_project)?:pki-core.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #4669
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.junit\.jupiter/junit-jupiter-engine@.*$</packageUrl>
-        <cpe>cpe:/a:fan_platform_project:fan_platform</cpe>
+        <cpe regex="true">cpe:/a:fan_platform(_project)?:fan_platform.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5407,7 +5461,7 @@
         FP per issue #5083
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.github\.pagehelper/pagehelper-spring-boot-autoconfigure@.*$</packageUrl>
-        <cpe>cpe:/a:pagehelper_project:pagehelper</cpe>
+        <cpe regex="true">cpe:/a:pagehelper(_project)?:pagehelper.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5464,7 +5518,7 @@
         FP per issue #5131
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.zipkin\.zipkin2/zipkin-collector@.*$</packageUrl>
-        <cpe>cpe:/a:pki-core_project:pki-core</cpe>
+        <cpe regex="true">cpe:/a:pki-core(_project)?:pki-core.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5520,21 +5574,21 @@
        FP per issue #5212
        ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.github\.java-json-tools/json-patch@.*$</packageUrl>
-        <cpe>cpe:/a:json-patch_project:json-patch</cpe>
+        <cpe regex="true">cpe:/a:json-patch(_project)?:json-patch.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
        FP per issue #5217
        ]]></notes>
         <packageUrl regex="true">^pkg:maven/net\.pwall\.json/json-pointer@.*$</packageUrl>
-        <cpe>cpe:/a:json-pointer_project:json-pointer</cpe>
+        <cpe regex="true">cpe:/a:json-pointer(_project)?:json-pointer.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
        FP per issue #5275
        ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-spring-boot-starter@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5555,21 +5609,21 @@
        FP per issue #5280
        ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.camel/camel-ftp@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
        FP per issue #5253
        ]]></notes>
         <packageUrl regex="true">^pkg:npm/jsonpointer@.*$</packageUrl>
-        <cpe>cpe:/a:json-pointer_project:json-pointer</cpe>
+        <cpe regex="true">cpe:/a:json-pointer(_project)?:json-pointer.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
        FP per issue #5252
        ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.google\.flatbuffers/flatbuffers-java@.*$</packageUrl>
-        <cpe>cpe:/a:flat_project:flat</cpe>
+        <cpe regex="true">cpe:/a:flat(_project)?:flat.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5593,7 +5647,7 @@
         FP per issue #5367
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql\-java\-kickstart/.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5616,7 +5670,7 @@
         FP per #5502
         ]]></notes>
         <packageUrl regex="true">^(?!pkg:maven/org\.json/json@).+$</packageUrl>
-        <cpe>cpe:/a:json-java_project:json-java</cpe>
+        <cpe regex="true">cpe:/a:json-java(_project)?:json-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5624,7 +5678,7 @@
         FP per #5454
         ]]></notes>
         <packageUrl regex="true">^(?!pkg:npm/flat@).+$</packageUrl>
-        <cpe>cpe:/a:flat_project:flat</cpe>
+        <cpe regex="true">cpe:/a:flat(_project)?:flat.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5638,7 +5692,7 @@
         FP per issue #5381, apollo_project:apollo is a PHP project unrelated to apollographql
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.apollo/.*$</packageUrl>
-        <cpe>cpe:/a:apollo_project:apollo</cpe>
+        <cpe regex="true">cpe:/a:apollo(_project)?:apollo.*</cpe>
     </suppress>
     <!-- generated suppressions added to main in 8.1.1 -->
     <suppress base="true">
@@ -5646,7 +5700,7 @@
         FP per issue #5333
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-kickstart-spring-support@.*$</packageUrl>
-        <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
+        <cpe regex="true">cpe:/a:graphql-java(_project)?:graphql-java.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5667,21 +5721,21 @@
         FP per issue #5373
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.locationtech\.spatial4j/spatial4j@.*$</packageUrl>
-        <cpe>cpe:/a:voyager_project:voyager</cpe>
+        <cpe regex="true">cpe:/a:voyager(_project)?:voyager.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5372
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.locationtech\.spatial4j/spatial4j@.*$</packageUrl>
-        <cpe>cpe:/a:smiley_project:smiley</cpe>
+        <cpe regex="true">cpe:/a:smiley(_project)?:smiley.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5380
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/dev\.ludovic\.netlib/lapack@.*$</packageUrl>
-        <cpe>cpe:/a:lapack_project:lapack</cpe>
+        <cpe regex="true">cpe:/a:lapack(_project)?:lapack.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5702,7 +5756,7 @@
         FP per issue #5325
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.enterprisedt/edtFTPj@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5730,7 +5784,7 @@
         FP per issue #5501
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.jsonschema2pojo/jsonschema2pojo-jdk-annotation@.*$</packageUrl>
-        <cpe>cpe:/a:json-schema_project:json-schema</cpe>
+        <cpe regex="true">cpe:/a:json-schema(_project)?:json-schema.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5779,14 +5833,14 @@
         FP per issue #5491
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.microsoft\.azure/azure-cosmosdb@.*$</packageUrl>
-        <cpe>cpe:/a:www-sql_project:www-sql</cpe>
+        <cpe regex="true">cpe:/a:www-sql(_project)?:www-sql.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5490
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.microsoft\.azure/azure-cosmosdb@.*$</packageUrl>
-        <cpe>cpe:/a:async_project:async</cpe>
+        <cpe regex="true">cpe:/a:async(_project)?:async.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5800,7 +5854,7 @@
         FP per issue #5462
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom-impl@.*$</packageUrl>
-        <cpe>cpe:/a:web_project:web</cpe>
+        <cpe regex="true">cpe:/a:web(_project)?:web.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5837,7 +5891,7 @@
         FP per issue #5593
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.camel\.springboot/camel-ftp-starter@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5865,7 +5919,7 @@
         FP per issue #5622
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/net\.minidev/accessors-smart@.*$</packageUrl>
-        <cpe>cpe:/a:json-smart_project:json-smart</cpe>
+        <cpe regex="true">cpe:/a:json-smart(_project)?:json-smart.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5914,7 +5968,7 @@
         FP per issue #5685
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.bouncycastle/bcpg-jdk15on@.*$</packageUrl>
-        <cpe>cpe:/a:open_cas_project:open_cas</cpe>
+        <cpe regex="true">cpe:/a:open_cas(_project)?:open_cas.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5956,7 +6010,7 @@
         FP per issue #5737
         ]]></notes>
         <packageUrl regex="true">^pkg:nuget/MagicFileEncoding@.*$</packageUrl>
-        <cpe>cpe:/a:file_project:file</cpe>
+        <cpe regex="true">cpe:/a:file(_project)?:file.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -5991,7 +6045,7 @@
         FP per issue #5754 #6441
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.swagger\.parser\.v3/swagger-parser-safe-url-resolver@.*$</packageUrl>
-        <cpe>cpe:/a:parse-url_project:</cpe>
+        <cpe regex="true">cpe:/a:parse-url(_project)?:.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6005,28 +6059,28 @@
         FP per issue #5753
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.bazaarvoice\.jolt/json-utils@.*$</packageUrl>
-        <cpe>cpe:/a:utils_project:utils</cpe>
+        <cpe regex="true">cpe:/a:utils(_project)?:utils.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5765
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.integration/spring-integration-ftp@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5766
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.mockftpserver/MockFtpServer@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5770
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.sun\.xml\.bind\.jaxb/isorelax@.*$</packageUrl>
-        <cpe>cpe:/a:xml_library_project:xml_library</cpe>
+        <cpe regex="true">cpe:/a:xml_library_project:xml_library.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6057,7 +6111,7 @@
         FP per issue #5785
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/cloud\.localstack/localstack-utils@.*$</packageUrl>
-        <cpe>cpe:/a:utils_project:utils</cpe>
+        <cpe>cpe:/a:utils(_project)?:utils</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6078,7 +6132,7 @@
         FP per issue #5777
         ]]></notes>
         <packageUrl regex="true">^pkg:nuget/RazorEngine\.NetCore@.*$</packageUrl>
-        <cpe>cpe:/a:razorengine_project:razorengine</cpe>
+        <cpe regex="true">cpe:/a:razorengine(_project)?:razorengine.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6127,14 +6181,14 @@
         FP per issue #5796
         ]]></notes>
         <packageUrl regex="true">^pkg:nuget/Microsoft\.Win32\.SystemEvents@.*$</packageUrl>
-        <cpe>cpe:/a:events_project:events</cpe>
+        <cpe regex="true">cpe:/a:events(_project)?:events.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         hand-curated better suppression for FP per issue #5797
         ]]></notes>
         <packageUrl regex="true">^(?!pkg:maven/net\.pwall\.json/jsonutil).*$</packageUrl>
-        <cpe>cpe:/a:jsonutil_project:jsonutil</cpe>
+        <cpe regex="true">cpe:/a:jsonutil(_project)?:jsonutil.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6143,7 +6197,7 @@
         bundled suppression-file
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.apollo3/.*$</packageUrl>
-        <cpe>cpe:/a:apollo_project:apollo</cpe>
+        <cpe regex="true">cpe:/a:apollo(_project)?:apollo.*</cpe>
     </suppress>
 
     <suppress base="true">
@@ -6151,7 +6205,7 @@
         FP per issue #5794
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.apollo3/apollo-annotations-jvm@.*$</packageUrl>
-        <cpe>cpe:/a:apollo_project:apollo</cpe>
+        <cpe regex="true">cpe:/a:apollo(_project)?:apollo.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6172,14 +6226,14 @@
         FP per issue #5821
         ]]></notes>
         <packageUrl regex="true">^pkg:npm/wordwrap@.*$</packageUrl>
-        <cpe>cpe:/a:word-wrap_project:word-wrap</cpe>
+        <cpe regex="true">cpe:/a:word-wrap(_project)?:word-wrap.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5829
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.exactpro\.th2/netty-bytebuf-utils@.*$</packageUrl>
-        <cpe>cpe:/a:utils_project:utils</cpe>
+        <cpe regex="true">cpe:/a:utils(_project)?:utils.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6193,14 +6247,14 @@
         FP per issue #5843
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.avro/avro@.*$</packageUrl>
-        <cpe>cpe:/a:avro_project:avro</cpe>
+        <cpe regex="true">cpe:/a:avro(_project)?:avro.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #5846
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/commons-logging/commons-logging@.*$</packageUrl>
-        <cpe>cpe:/a:morgan_project:morgan</cpe>
+        <cpe regex="true">cpe:/a:morgan(_project)?:morgan.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6270,7 +6324,7 @@
         FP per issue #5879
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.netty\.incubator/netty-incubator-codec-classes-quic@.*$</packageUrl>
-        <cpe>cpe:/a:quic_project:quic</cpe>
+        <cpe regex="true">cpe:/a:quic(_project)?:quic.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6296,24 +6350,12 @@
     <!-- end generated suppressions added to main in 8.4.0 -->
     <suppress base="true">
         <notes><![CDATA[
-            FP per #4321
+            FP per #4321, #7444, #7740, 8016
+            Redis client packages within various languages are not the same as the redis server
+            NOTE: the additional colon in the CPE is required to not match on prefix with cpe:/a:redis:redis.js etc
             ]]></notes>
-        <packageUrl regex="true">^pkg:(pypi/redis|generic/Microsoft\.Extensions\.Caching\.StackExchangeRedis|generic/HealthChecks\.Redis)@.*$</packageUrl>
-        <cve>CVE-2021-32626</cve>
-        <cve>CVE-2021-32627</cve>
-        <cve>CVE-2021-32628</cve>
-        <cve>CVE-2021-32675</cve>
-        <cve>CVE-2021-32687</cve>
-        <cve>CVE-2021-32762</cve>
-        <cve>CVE-2021-41099</cve>
-        <cve>CVE-2022-24735</cve>
-        <cve>CVE-2022-24834</cve>
-        <cve>CVE-2021-31294</cve>
-        <cve>CVE-2021-32672</cve>
-        <cve>CVE-2022-24736</cve>
-        <cve>CVE-2022-36021</cve>
-        <cve>CVE-2023-25155</cve>
-        <cve>CVE-2023-28856</cve>
+        <packageUrl regex="true">^pkg:(pypi|nuget|generic|npm|composer)/.*[rR]edis.*@.*$</packageUrl>
+        <cpe>cpe:/a:redis:redis:</cpe>
     </suppress>
     <!-- generated suppression 8.4.0 up to 9.1.0 -->
     <suppress base="true">
@@ -6356,14 +6398,14 @@
    FP per issue #5910
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.adobe\.cq/core\.wcm\.components\.core@.*$</packageUrl>
-        <cpe>cpe:/a:oembed_project:oembed</cpe>
+        <cpe regex="true">cpe:/a:oembed(_project)?:oembed.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
    FP per issue #5911
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.adobe\.cq/core\.wcm\.components\.core@.*$</packageUrl>
-        <cpe>cpe:/a:xml_library_project:xml_library</cpe>
+        <cpe regex="true">cpe:/a:xml_library(_project)?:xml_library.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6398,7 +6440,7 @@
    FP per issue #5913
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.projectreactor\.netty\.incubator/reactor-netty-incubator-quic@.*$</packageUrl>
-        <cpe>cpe:/a:quic_project:quic</cpe>
+        <cpe regex="true">cpe:/a:quic(_project)?:quic.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6419,7 +6461,7 @@
    FP per issue #5956
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.netty\.incubator/netty-incubator-codec-native-quic@.*$</packageUrl>
-        <cpe>cpe:/a:quic_project:quic</cpe>
+        <cpe regex="true">cpe:/a:quic(_project)?:quic.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6440,7 +6482,7 @@
    FP per issue #5968
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.netty\.incubator/netty-incubator-codec-native-quic@.*$</packageUrl>
-        <cpe>cpe:/a:chromium_project:chromium</cpe>
+        <cpe regex="true">cpe:/a:chromium(_project)?:chromium.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6468,7 +6510,7 @@
    FP per issue #6056
    ]]></notes>
         <packageUrl regex="true">^pkg:nuget/Serilog\.Sinks\.Async@.*$</packageUrl>
-        <cpe>cpe:/a:async_project:async</cpe>
+        <cpe regex="true">cpe:/a:async(_project)?:async.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6503,7 +6545,7 @@
    FP per issue #6169
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/commons-net/commons-net@.*$</packageUrl>
-        <cpe>cpe:/a:ftp_project:ftp</cpe>
+        <cpe regex="true">cpe:/a:ftp(_project)?:ftp.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6524,7 +6566,7 @@
    FP per issue #6242
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.jruby\.rack/jruby-rack@.*$</packageUrl>
-        <cpe>cpe:/a:rack_project:rack</cpe>
+        <cpe regex="true">cpe:/a:rack(_project)?:rack.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6545,7 +6587,7 @@
    FP per issue #6340
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.idealista/format-preserving-encryption@.*$</packageUrl>
-        <cpe>cpe:/a:vega_project:vega</cpe>
+        <cpe regex="true">cpe:/a:vega(_project)?:vega.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6559,7 +6601,7 @@
    FP per issue #6369
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.wildfly\.security\.elytron-web/undertow-server@.*$</packageUrl>
-        <cpe>cpe:/a:web_project:web</cpe>
+        <cpe regex="true">cpe:/a:web(_project)?:web.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6587,7 +6629,7 @@
    FP per issue #6421
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.swagger/swagger-parser-safe-url-resolver@.*$</packageUrl>
-        <cpe>cpe:/a:parse-url_project:parse-url</cpe>
+        <cpe regex="true">cpe:/a:parse-url(_project)?:parse-url.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6608,7 +6650,7 @@
    FP per issue #6463
    ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.ktor/ktor-server-metrics-micrometer-jvm@.*$</packageUrl>
-        <cpe>cpe:/a:csm_server_project:csm_server</cpe>
+        <cpe regex="true">cpe:/a:csm_server(_project)?:csm_server.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6735,35 +6777,35 @@
         FP per issue #6696
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.lz4/lz4-java@.*$</packageUrl>
-        <cpe>cpe:/a:lz4_project:lz4</cpe>
+        <cpe regex="true">cpe:/a:lz4(_project)?:lz4.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6695
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.apache\.logging\.log4j/log4j-slf4j2-impl@.*$</packageUrl>
-        <cpe>cpe:/a:log4js_project:log4js</cpe>
+        <cpe regex="true">cpe:/a:log4js(_project)?:log4js.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6694
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.ktor/ktor-server-call-logging-jvm@.*$</packageUrl>
-        <cpe>cpe:/a:call_project:call</cpe>
+        <cpe regex="true">cpe:/a:call(_project)?:call.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6693
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.ktor/ktor-client-content-negotiation-jvm@.*$</packageUrl>
-        <cpe>cpe:/a:content_project:content</cpe>
+        <cpe regex="true">cpe:/a:content(_project)?:content.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6692
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.hibernate\.validator/hibernate-validator@.*$</packageUrl>
-        <cpe>cpe:/a:validator_project:validator</cpe>
+        <cpe regex="true">cpe:/a:validator(_project)?:validator.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6784,7 +6826,7 @@
         FP per issue #6707
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.prometheus/prometheus-metrics-model@.*$</packageUrl>
-        <cpe>cpe:/a:model_project:model</cpe>
+        <cpe regex="true">cpe:/a:model(_project)?:model.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6841,14 +6883,14 @@
         FP per issue #6856
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.security/spring-security-oauth2-authorization-server@.*$</packageUrl>
-        <cpe>cpe:/a:oauth2-server_project:oauth2-server</cpe>
+        <cpe regex="true">cpe:/a:oauth2-server(_project)?:oauth2-server.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6855
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/commons-validator/commons-validator@.*$</packageUrl>
-        <cpe>cpe:/a:validator_project:validator</cpe>
+        <cpe regex="true">cpe:/a:validator(_project)?:validator.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6862,7 +6904,7 @@
         FP per issue #6906
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.jeecgframework/autopoi-web@.*$</packageUrl>
-        <cpe>cpe:/a:web_project:web</cpe>
+        <cpe regex="true">cpe:/a:web(_project)?:web.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6876,14 +6918,14 @@
         FP per issue #6874
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/org\.springframework\.boot/spring-boot-starter-cache@.*$</packageUrl>
-        <cpe>cpe:/a:cache_project:cache</cpe>
+        <cpe regex="true">cpe:/a:cache(_project)?:cache.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6873
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/javax\.cache/cache-api@.*$</packageUrl>
-        <cpe>cpe:/a:cache_project:cache</cpe>
+        <cpe regex="true">cpe:/a:cache(_project)?:cache.*</cpe>
     </suppress>
 
     <suppress base="true">
@@ -6933,14 +6975,14 @@
         cpe:/a:services_project:services is Drupal services module in PHP #6448
         ]]></notes>
         <filePath regex="true">.*(\.(dll|jar|ear|war|pom|nupkg|nuspec|aar)|pom\.xml|package.json|packages.config)$</filePath>
-        <cpe>cpe:/a:services_project:services</cpe>
+        <cpe regex="true">cpe:/a:services(_project)?:services.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per issue #6851
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/io\.github\.reactivecircus\.cache4k/cache4k-jvm@.*$</packageUrl>
-        <cpe>cpe:/a:cache_project:cache</cpe>
+        <cpe regex="true">cpe:/a:cache(_project)?:cache.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -6961,7 +7003,7 @@
         FP per issue #6991
         ]]></notes>
         <packageUrl regex="true">^pkg:maven/com\.apollographql\.federation/federation-graphql-java-support@.*$</packageUrl>
-        <cpe>cpe:/a:apollo_project:apollo</cpe>
+        <cpe regex="true">cpe:/a:apollo(_project)?:apollo.*</cpe>
     </suppress>
     <suppress base="true">
         <notes><![CDATA[
@@ -7031,4 +7073,11 @@
         <packageUrl regex="true">^pkg:nuget/IronPython@.*$</packageUrl>
         <cpe>cpe:/a:python:python</cpe>
     </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        FP per issue #7664
+        ]]></notes>
+        <packageUrl regex="true">^pkg:maven/(?!.*org\.eclipse\.equinox\.p2).*$</packageUrl>
+        <cve>CVE-2021-41033</cve>
+    </suppress>
 </suppressions>
diff --git a/core/src/main/resources/dependencycheck.properties b/core/src/main/resources/dependencycheck.properties
index 0b14242596b..edfc4f96b06 100644
--- a/core/src/main/resources/dependencycheck.properties
+++ b/core/src/main/resources/dependencycheck.properties
@@ -78,7 +78,7 @@ analyzer.central.url=https://search.maven.org/solrsearch/select
 # Note - the central query is used in a String.format(query, url, sha1)).analyzer.jar.enabled
 # As such, it must have two %s and any other % must be escapped by doubling it
 analyzer.central.query=%s?q=1:%s&wt=xml
-analyzer.central.retry.count=7
+analyzer.central.retry.count=3
 analyzer.central.parallel.analysis=false
 analyzer.central.use.cache=true
 central.content.url=https://search.maven.org/remotecontent?filepath=
diff --git a/core/src/main/resources/templates/htmlReport.vsl b/core/src/main/resources/templates/htmlReport.vsl
index c1211aec3bc..c91f549ca0a 100644
--- a/core/src/main/resources/templates/htmlReport.vsl
+++ b/core/src/main/resources/templates/htmlReport.vsl
@@ -22,7 +22,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
 
 #[[
 <!DOCTYPE html>
-<html>
+<html lang="en">
     <head>
         <title>Dependency-Check Report</title>
         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
@@ -211,7 +211,14 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             } else {
                 dependenciesHeader.text(dependenciesHeaderAllText);
             }
-            return toggleDisplay(event.target, '.notvulnerable', 'Showing Vulnerable Dependencies (click to show all)', 'Showing All Dependencies (click to show less)');
+            const plainCaptionPart = $('#tablecaption-plain');
+            const plainCaptionPartAllText = 'Summary of All Dependencies';
+            if (plainCaptionPart.text() == plainCaptionPartAllText) {
+                plainCaptionPart.text('Summary of Vulnerable Dependencies');
+            } else {
+                plainCaptionPart.text(plainCaptionPartAllText);
+            }
+            return toggleDisplay(event.target, '.notvulnerable', '(click to show all)', '(click to show less)');
           });
           $( ".versionToggle" ).bind( "click", function( event ) {
             var lnk = event.target;
@@ -230,7 +237,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
 
 
         </script>
-        <style type="text/css">
+        <style>
             #modal-background {
                 display: none;
                 position: fixed;
@@ -606,9 +613,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             .notvulnerable {
                 display:none;
             }
-            .hidden {
-                display:none;
-            }
             .infolink {
                 text-decoration:none;
                 color: blue;
@@ -620,7 +624,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
                 float:right;
             }
             .disclaimer {
-                color: #888888;
+                color: #595959;
                 font: 9px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
             }
             .sortable {
@@ -682,8 +686,7 @@ is at the user’s risk. In no event shall the copyright holder or OWASP be held
 arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>
 <h3><a href="https://dependency-check.github.io/DependencyCheck/general/thereport.html" target="_blank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> |
 <a href="https://dependency-check.github.io/DependencyCheck/general/suppression.html" target="_blank">Suppressing false positives</a> |
-Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issues" target="_blank">github issues</a><br/><br/>
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="10pt" height="10pt" viewBox="0 0 10 10" version="1.1"><g id="surface1"><path style=" stroke:none;fill-rule:nonzero;fill:rgb(0%,0%,0%);fill-opacity:1;" d="M 8.125 4.167969 C 7.089844 4.167969 6.25 5.007812 6.25 6.042969 C 6.25 7.078125 7.089844 7.917969 8.125 7.917969 C 9.160156 7.917969 10 7.078125 10 6.042969 C 10 5.007812 9.160156 4.167969 8.125 4.167969 Z M 9.167969 6.25 L 8.332031 6.25 L 8.332031 7.082031 L 7.917969 7.082031 L 7.917969 6.25 L 7.082031 6.25 L 7.082031 5.832031 L 7.917969 5.832031 L 7.917969 5 L 8.332031 5 L 8.332031 5.832031 L 9.167969 5.832031 Z M 6.445312 8.164062 C 5.984375 8.617188 5.5 9.089844 5 9.582031 C 2.320312 6.925781 0 4.9375 0 2.996094 C 0 1.328125 1.289062 0.417969 2.617188 0.417969 C 3.53125 0.417969 4.464844 0.851562 5 1.769531 C 5.53125 0.855469 6.46875 0.421875 7.386719 0.421875 C 8.710938 0.421875 10 1.324219 10 2.996094 C 10 3.308594 9.933594 3.621094 9.824219 3.933594 C 9.605469 3.757812 9.355469 3.617188 9.085938 3.511719 C 9.136719 3.335938 9.167969 3.164062 9.167969 2.996094 C 9.167969 1.800781 8.242188 1.253906 7.386719 1.253906 C 6.027344 1.253906 5.3125 2.703125 5 3.347656 C 4.6875 2.703125 3.964844 1.25 2.617188 1.25 C 1.652344 1.25 0.832031 1.882812 0.832031 2.996094 C 0.832031 4.429688 2.808594 6.265625 5 8.414062 L 5.878906 7.554688 C 6.035156 7.785156 6.226562 7.988281 6.445312 8.164062 Z M 6.445312 8.164062 "/></g></svg>&nbsp;<a aria-label="Sponsor @jeremylong" target="_blank" href="https://github.com/sponsors/jeremylong">Sponsor</a></h3>
+Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issues" target="_blank">github issues</a></h3>
 ]]#
             <h2 class="">Project:&nbsp;$enc.html($applicationName)</h2>
             #if ($groupID && $artifactID && $applicationVersion)
@@ -756,9 +759,9 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
         <br/>
 #end
 <h2>Summary</h2>
-                Display:&nbsp;<a href="#" title="Click to toggle display" id="vulnerabilityDisplayToggle">Showing Vulnerable Dependencies (click to show all)</a><br/><br/>
+                <p><span id="tablecaption-plain">Summary of Vulnerable Dependencies </span><a href="#" title="Click to toggle display" id="vulnerabilityDisplayToggle">(click to show all)</a></p>
                 #set($lnkcnt=0)
-                <table id="summaryTable" class="lined">
+                <table id="summaryTable" class="lined" aria-labelledby="tablecaption-plain">
                     <thead><tr style="text-align:left">
                         <th class="sortable" data-sort="string" title="The name of the dependency">Dependency</th>
                         <th class="sortable" data-sort="string" title="The Common Platform Enumeration">Vulnerability&nbsp;IDs</th>
@@ -941,7 +944,6 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                         #end
                         #set($cnt=$cnt+1)
                         <h4 id="header$cnt" class="subsectionheader white">Identifiers</h4>
-                        ##:&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($cpevalue)" target="_blank">$enc.html($cpevalue)</a></h4>
                         <div id="content$cnt" class="subsectioncontent standardsubsection">
                         #set($supressPkgUrl='')
                         #if ($dependency.getSoftwareIdentifiers().size()==0 && $dependency.getVulnerableSoftwareIdentifiers().size()==0)
@@ -1056,14 +1058,14 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                             #if ($vuln.getSource().name().equals("NVD") && $vuln.matchedVulnerableSoftware)
                                 #if ($vuln.getVulnerableSoftware().size()<2)
                                     <p>Vulnerable Software &amp; Versions:<ul>
-                                        <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                        <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                     </ul></p>
                                 #else
                                     <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs$vsctr">show all</a>)<ul>
-                                        <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                        <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                         <li class="vs$vsctr">...</li>
                                     #foreach($vs in $vuln.getVulnerableSoftware(true))
-                                        <li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.toCpe22Uri())">$enc.html($vs.toString())</a></li>
+                                        <li class="vs$vsctr hidden"><a target="_blank" href="$enc.html($vs.toNvdSearchUrl())">$enc.html($vs.toString())</a></li>
                                     #end
                                     </ul></p>
                                 #end
@@ -1170,7 +1172,6 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                                 #end
                                 #set($cnt=$cnt+1)
                                 <h4 id="header$cnt" class="subsectionheader white">Suppressed Identifiers</h4>
-                                ##:&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($cpevalue)" target="_blank">$enc.html($cpevalue)</a></h4>
                                 <div id="content$cnt" class="subsectioncontent standardsubsection">
                                 #if ($dependency.getSuppressedIdentifiers().size()==0)
                                     <ul><li><b>None</b></li></ul>
@@ -1263,14 +1264,14 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                                      #if ($vuln.getSource().name().equals("NVD") && $vuln.matchedVulnerableSoftware)
                                         #if ($vuln.getVulnerableSoftware().size()<2)
                                             <p>Vulnerable Software &amp; Versions:<ul>
-                                                <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                                <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                             </ul></p>
                                         #else
                                             <p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs$vsctr">show all</a>)<ul>
-                                                <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                                <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                                 <li class="vs$vsctr">...</li>
                                             #foreach($vs in $vuln.getVulnerableSoftware(true))
-                                                <li class="vs$vsctr hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.toCpe22Uri())">$enc.html($vs.toString())</a></li>
+                                                <li class="vs$vsctr hidden"><a target="_blank" href="$enc.html($vs.toNvdSearchUrl())">$enc.html($vs.toString())</a></li>
                                             #end
                                             </ul></p>
                                         #end
diff --git a/core/src/main/resources/templates/jenkinsReport.vsl b/core/src/main/resources/templates/jenkinsReport.vsl
index 82fda112625..ad0f43b216d 100644
--- a/core/src/main/resources/templates/jenkinsReport.vsl
+++ b/core/src/main/resources/templates/jenkinsReport.vsl
@@ -441,8 +441,7 @@ is at the user’s risk. In no event shall the copyright holder or OWASP be held
 arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>
 <h3><a href="https://dependency-check.github.io/DependencyCheck/general/thereport.html" target="_blank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> |
 <a href="https://dependency-check.github.io/DependencyCheck/general/suppression.html" target="_blank">Suppressing false positives</a> |
-Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issues" target="_blank">github issues</a><br/><br/>
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="10pt" height="10pt" viewBox="0 0 10 10" version="1.1"><g id="surface1"><path style=" stroke:none;fill-rule:nonzero;fill:rgb(0%,0%,0%);fill-opacity:1;" d="M 8.125 4.167969 C 7.089844 4.167969 6.25 5.007812 6.25 6.042969 C 6.25 7.078125 7.089844 7.917969 8.125 7.917969 C 9.160156 7.917969 10 7.078125 10 6.042969 C 10 5.007812 9.160156 4.167969 8.125 4.167969 Z M 9.167969 6.25 L 8.332031 6.25 L 8.332031 7.082031 L 7.917969 7.082031 L 7.917969 6.25 L 7.082031 6.25 L 7.082031 5.832031 L 7.917969 5.832031 L 7.917969 5 L 8.332031 5 L 8.332031 5.832031 L 9.167969 5.832031 Z M 6.445312 8.164062 C 5.984375 8.617188 5.5 9.089844 5 9.582031 C 2.320312 6.925781 0 4.9375 0 2.996094 C 0 1.328125 1.289062 0.417969 2.617188 0.417969 C 3.53125 0.417969 4.464844 0.851562 5 1.769531 C 5.53125 0.855469 6.46875 0.421875 7.386719 0.421875 C 8.710938 0.421875 10 1.324219 10 2.996094 C 10 3.308594 9.933594 3.621094 9.824219 3.933594 C 9.605469 3.757812 9.355469 3.617188 9.085938 3.511719 C 9.136719 3.335938 9.167969 3.164062 9.167969 2.996094 C 9.167969 1.800781 8.242188 1.253906 7.386719 1.253906 C 6.027344 1.253906 5.3125 2.703125 5 3.347656 C 4.6875 2.703125 3.964844 1.25 2.617188 1.25 C 1.652344 1.25 0.832031 1.882812 0.832031 2.996094 C 0.832031 4.429688 2.808594 6.265625 5 8.414062 L 5.878906 7.554688 C 6.035156 7.785156 6.226562 7.988281 6.445312 8.164062 Z M 6.445312 8.164062 "/></g></svg>&nbsp;<a aria-label="Sponsor @jeremylong" target="_blank" href="https://github.com/sponsors/jeremylong">Sponsor</a></h3>
+Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issues" target="_blank">github issues</a></h3>
 ]]#
             <h2 class="">Project:&nbsp;$enc.html($applicationName)</h2>
             #if ($groupID && $artifactID && $applicationVersion)
@@ -670,7 +669,6 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                         #end
                         #set($cnt=$cnt+1)
                         <h4 id="header$cnt" class="subsectionheader white">Identifiers</h4>
-                        ##:&nbsp;<a href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($cpevalue)" target="_blank">$enc.html($cpevalue)</a></h4>
                         <div id="content$cnt" class="subsectioncontent standardsubsection">
                         #if ($dependency.getSoftwareIdentifiers().size()==0 && $dependency.getVulnerableSoftwareIdentifiers().size()==0)
                             <ul><li><b>None</b></li></ul>
@@ -764,13 +762,13 @@ Getting Help: <a href="https://github.com/dependency-check/DependencyCheck/issue
                             #if ($vuln.getSource().name().equals("NVD") && $vuln.matchedVulnerableSoftware)
                                 #if ($vuln.getVulnerableSoftware().size()<2)
                                     <p>Vulnerable Software &amp; Versions:<ul>
-                                        <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                        <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                     </ul></p>
                                 #else
                                     <p>Vulnerable Software &amp; Versions:<ul>
-                                        <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vuln.matchedVulnerableSoftware.toCpe22Uri())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
+                                        <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vuln.matchedVulnerableSoftware.toString())</a></li>
                                     #foreach($vs in $vuln.getVulnerableSoftware(true))
-                                        <li class="vs$vsctr"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=$enc.url($vs.toCpe22Uri())">$enc.html($vs.toString())</a></li>
+                                        <li class="vs$vsctr"><a target="_blank" href="$enc.html($vuln.matchedVulnerableSoftware.toNvdSearchUrl())">$enc.html($vs.toString())</a></li>
                                     #end
                                     </ul></p>
                                 #end
diff --git a/core/src/main/resources/templates/jsonReport.vsl b/core/src/main/resources/templates/jsonReport.vsl
index 05387cb7cbd..336ed9eef46 100644
--- a/core/src/main/resources/templates/jsonReport.vsl
+++ b/core/src/main/resources/templates/jsonReport.vsl
@@ -447,6 +447,136 @@
 #if($vuln.cvssV3.cvssData.version),"version": "$enc.json($vuln.cvssV3.cvssData.version)"#end
                     },
 #end
+#if($vuln.cvssV4)
+                    "cvssv4": {
+#if($vuln.cvssV4.cvssData.vectorString)
+                        "vectorString": "$enc.json($vuln.cvssV4.cvssData.vectorString)"
+#end
+#if($vuln.cvssV4.source)
+                        ,"source": "$enc.json($vuln.cvssV4.source)"
+#end
+#if($vuln.cvssV4.type)
+                        ,"type": "$enc.json($vuln.cvssV4.type)"
+#end
+#if($vuln.cvssV4.cvssData.version)
+                        ,"version": "$enc.json($vuln.cvssV4.cvssData.version)"
+#end
+#if($vuln.cvssV4.cvssData.attackVector)
+                        ,"attackVector": "$enc.json($vuln.cvssV4.cvssData.attackVector)"
+#end
+#if($vuln.cvssV4.cvssData.attackComplexity)
+                        ,"attackComplexity": "$enc.json($vuln.cvssV4.cvssData.attackComplexity)"
+#end
+#if($vuln.cvssV4.cvssData.attackRequirements)
+                        ,"attackRequirements": "$enc.json($vuln.cvssV4.cvssData.attackRequirements)"
+#end
+#if($vuln.cvssV4.cvssData.privilegesRequired)
+                        ,"privilegesRequired": "$enc.json($vuln.cvssV4.cvssData.privilegesRequired)"
+#end
+#if($vuln.cvssV4.cvssData.userInteraction)
+                        ,"userInteraction": "$enc.json($vuln.cvssV4.cvssData.userInteraction)"
+#end
+#if($vuln.cvssV4.cvssData.vulnerableSystemConfidentiality)
+                        ,"vulnerableSystemConfidentiality": "$enc.json($vuln.cvssV4.cvssData.vulnerableSystemConfidentiality)"
+#end
+#if($vuln.cvssV4.cvssData.vulnerableSystemIntegrity)
+                        ,"vulnerableSystemIntegrity": "$enc.json($vuln.cvssV4.cvssData.vulnerableSystemIntegrity)"
+#end
+#if($vuln.cvssV4.cvssData.vulnerableSystemAvailability)
+                        ,"vulnerableSystemAvailability": "$enc.json($vuln.cvssV4.cvssData.vulnerableSystemAvailability)"
+#end
+#if($vuln.cvssV4.cvssData.subsequentSystemConfidentiality)
+                        ,"subsequentSystemConfidentiality": "$enc.json($vuln.cvssV4.cvssData.subsequentSystemConfidentiality)"
+#end
+#if($vuln.cvssV4.cvssData.subsequentSystemIntegrity)
+                        ,"subsequentSystemIntegrity": "$enc.json($vuln.cvssV4.cvssData.subsequentSystemIntegrity)"
+#end
+#if($vuln.cvssV4.cvssData.subsequentSystemAvailability)
+                        ,"subsequentSystemAvailability": "$enc.json($vuln.cvssV4.cvssData.subsequentSystemAvailability)"
+#end
+#if($vuln.cvssV4.cvssData.exploitMaturity)
+                        ,"exploitMaturity": "$enc.json($vuln.cvssV4.cvssData.exploitMaturity)"
+#end
+#if($vuln.cvssV4.cvssData.confidentialityRequirements)
+                        ,"confidentialityRequirements": "$enc.json($vuln.cvssV4.cvssData.confidentialityRequirements)"
+#end
+#if($vuln.cvssV4.cvssData.integrityRequirements)
+                        ,"integrityRequirements": "$enc.json($vuln.cvssV4.cvssData.integrityRequirements)"
+#end
+#if($vuln.cvssV4.cvssData.availabilityRequirements)
+                        ,"availabilityRequirements": "$enc.json($vuln.cvssV4.cvssData.availabilityRequirements)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedAttackVector)
+                        ,"modifiedAttackVector": "$enc.json($vuln.cvssV4.cvssData.modifiedAttackVector)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedAttackComplexity)
+                        ,"modifiedAttackComplexity": "$enc.json($vuln.cvssV4.cvssData.modifiedAttackComplexity)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedAttackRequirements)
+                        ,"modifiedAttackRequirements": "$enc.json($vuln.cvssV4.cvssData.modifiedAttackRequirements)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedPrivilegesRequired)
+                        ,"modifiedPrivilegesRequired": "$enc.json($vuln.cvssV4.cvssData.modifiedPrivilegesRequired)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedUserInteraction)
+                        ,"modifiedUserInteraction": "$enc.json($vuln.cvssV4.cvssData.modifiedUserInteraction)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedVulnerableSystemConfidentiality)
+                        ,"modifiedVulnerableSystemConfidentiality": "$enc.json($vuln.cvssV4.cvssData.modifiedVulnerableSystemConfidentiality)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedVulnerableSystemIntegrity)
+                        ,"modifiedVulnerableSystemIntegrity": "$enc.json($vuln.cvssV4.cvssData.modifiedVulnerableSystemIntegrity)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedVulnerableSystemAvailability)
+                        ,"modifiedVulnerableSystemAvailability": "$enc.json($vuln.cvssV4.cvssData.modifiedVulnerableSystemAvailability)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedSubsequentSystemConfidentiality)
+                        ,"modifiedSubsequentSystemConfidentiality": "$enc.json($vuln.cvssV4.cvssData.modifiedSubsequentSystemConfidentiality)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedSubsequentSystemIntegrity)
+                        ,"modifiedSubsequentSystemIntegrity": "$enc.json($vuln.cvssV4.cvssData.modifiedSubsequentSystemIntegrity)"
+#end
+#if($vuln.cvssV4.cvssData.modifiedSubsequentSystemAvailability)
+                        ,"modifiedSubsequentSystemAvailability": "$enc.json($vuln.cvssV4.cvssData.modifiedSubsequentSystemAvailability)"
+#end
+#if($vuln.cvssV4.cvssData.safety)
+                        ,"safety": "$enc.json($vuln.cvssV4.cvssData.safety)"
+#end
+#if($vuln.cvssV4.cvssData.automatable)
+                        ,"automatable": "$enc.json($vuln.cvssV4.cvssData.automatable)"
+#end
+#if($vuln.cvssV4.cvssData.recovery)
+                        ,"recovery": "$enc.json($vuln.cvssV4.cvssData.recovery)"
+#end
+#if($vuln.cvssV4.cvssData.valueDensity)
+                        ,"valueDensity": "$enc.json($vuln.cvssV4.cvssData.valueDensity)"
+#end
+#if($vuln.cvssV4.cvssData.vulnerabilityResponseEffort)
+                        ,"vulnerabilityResponseEffort": "$enc.json($vuln.cvssV4.cvssData.vulnerabilityResponseEffort)"
+#end
+#if($vuln.cvssV4.cvssData.providerUrgency)
+                        ,"providerUrgency": "$enc.json($vuln.cvssV4.cvssData.providerUrgency)"
+#end
+#if($vuln.cvssV4.cvssData.baseScore)
+                        ,"baseScore": $vuln.cvssV4.cvssData.baseScore
+#end
+#if($vuln.cvssV4.cvssData.baseSeverity)
+                        ,"baseSeverity": "$enc.json($vuln.cvssV4.cvssData.baseSeverity)"
+#end
+#if($vuln.cvssV4.cvssData.threatScore)
+                        ,"threatScore": $vuln.cvssV4.cvssData.threatScore
+#end
+#if($vuln.cvssV4.cvssData.threatSeverity)
+                        ,"threatSeverity": "$enc.json($vuln.cvssV4.cvssData.threatSeverity)"
+#end
+#if($vuln.cvssV4.cvssData.environmentalScore)
+                        ,"environmentalScore": $vuln.cvssV4.cvssData.environmentalScore
+#end
+#if($vuln.cvssV4.cvssData.environmentalSeverity)
+                        ,"environmentalSeverity": "$enc.json($vuln.cvssV4.cvssData.environmentalSeverity)"
+#end
+                    },
+#end
 #if (!$vuln.cwes.isEmpty())
                     "cwes": [
 #set($addComma=0)
diff --git a/core/src/site/site.xml b/core/src/site/site.xml
index 7802e391623..5760e035643 100644
--- a/core/src/site/site.xml
+++ b/core/src/site/site.xml
@@ -30,5 +30,6 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
             <item collapse="false" name="About" href="./index.html"/>
         </menu>
         <menu ref="reports" />
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
\ No newline at end of file
diff --git a/core/src/test/java/org/owasp/dependencycheck/AnalysisTaskTest.java b/core/src/test/java/org/owasp/dependencycheck/AnalysisTaskTest.java
index 50c51ccfeb5..2a7d57cca28 100644
--- a/core/src/test/java/org/owasp/dependencycheck/AnalysisTaskTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/AnalysisTaskTest.java
@@ -1,23 +1,23 @@
 package org.owasp.dependencycheck;
 
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
 import org.owasp.dependencycheck.analyzer.FileTypeAnalyzer;
 import org.owasp.dependencycheck.analyzer.HintAnalyzer;
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.when;
-import static org.mockito.Mockito.verify;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 
-@RunWith(MockitoJUnitRunner.class)
-public class AnalysisTaskTest extends BaseTest {
+@ExtendWith(MockitoExtension.class)
+class AnalysisTaskTest extends BaseTest {
 
     @Mock
     private FileTypeAnalyzer fileTypeAnalyzer;
@@ -30,14 +30,14 @@ public class AnalysisTaskTest extends BaseTest {
 
 
     @Test
-    public void shouldAnalyzeReturnsTrueForNonFileTypeAnalyzers() {
+    void shouldAnalyzeReturnsTrueForNonFileTypeAnalyzers() {
         AnalysisTask instance = new AnalysisTask(new HintAnalyzer(), null, null, null);
         boolean shouldAnalyze = instance.shouldAnalyze();
         assertTrue(shouldAnalyze);
     }
 
     @Test
-    public void shouldAnalyzeReturnsTrueIfTheFileTypeAnalyzersAcceptsTheDependency() {
+    void shouldAnalyzeReturnsTrueIfTheFileTypeAnalyzersAcceptsTheDependency() {
         final File dependencyFile = new File("");
         when(dependency.getActualFile()).thenReturn(dependencyFile);
         when(fileTypeAnalyzer.accept(dependencyFile)).thenReturn(true);
@@ -49,7 +49,7 @@ public void shouldAnalyzeReturnsTrueIfTheFileTypeAnalyzersAcceptsTheDependency()
     }
 
     @Test
-    public void shouldAnalyzeReturnsFalseIfTheFileTypeAnalyzerDoesNotAcceptTheDependency() {
+    void shouldAnalyzeReturnsFalseIfTheFileTypeAnalyzerDoesNotAcceptTheDependency() {
         final File dependencyFile = new File("");
         when(dependency.getActualFile()).thenReturn(dependencyFile);
         when(fileTypeAnalyzer.accept(dependencyFile)).thenReturn(false);
@@ -61,7 +61,7 @@ public void shouldAnalyzeReturnsFalseIfTheFileTypeAnalyzerDoesNotAcceptTheDepend
     }
 
     @Test
-    public void taskAnalyzes() throws Exception {
+    void taskAnalyzes() throws Exception {
         final AnalysisTask analysisTask = new AnalysisTask(fileTypeAnalyzer, dependency, engine, null);
         when(fileTypeAnalyzer.accept(dependency.getActualFile())).thenReturn(true);
 
@@ -71,7 +71,7 @@ public void taskAnalyzes() throws Exception {
     }
 
     @Test
-    public void taskDoesNothingIfItShouldNotAnalyze() throws Exception {
+    void taskDoesNothingIfItShouldNotAnalyze() throws Exception {
         final AnalysisTask analysisTask = new AnalysisTask(fileTypeAnalyzer, dependency, engine, null);
         when(fileTypeAnalyzer.accept(dependency.getActualFile())).thenReturn(false);
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java b/core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java
index 1fa9d365732..4c0b7b10ebb 100644
--- a/core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java
+++ b/core/src/test/java/org/owasp/dependencycheck/BaseDBTestCase.java
@@ -17,6 +17,14 @@
  */
 package org.owasp.dependencycheck;
 
+import org.apache.commons.io.IOUtils;
+import org.junit.jupiter.api.BeforeEach;
+import org.owasp.dependencycheck.data.nvdcve.DatabaseManager;
+import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.WriteLock;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
 import java.io.File;
@@ -24,13 +32,6 @@
 import java.io.FileOutputStream;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
-import org.apache.commons.io.IOUtils;
-import org.junit.Before;
-import org.owasp.dependencycheck.data.nvdcve.DatabaseManager;
-import org.owasp.dependencycheck.utils.WriteLock;
-import org.owasp.dependencycheck.utils.Settings;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * An abstract database test case that is used to ensure the H2 DB exists prior
@@ -40,11 +41,11 @@
  */
 public abstract class BaseDBTestCase extends BaseTest {
 
-    protected final static int BUFFER_SIZE = 2048;
+    protected static final int BUFFER_SIZE = 2048;
 
-    private final static Logger LOGGER = LoggerFactory.getLogger(BaseDBTestCase.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(BaseDBTestCase.class);
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
diff --git a/core/src/test/java/org/owasp/dependencycheck/BaseTest.java b/core/src/test/java/org/owasp/dependencycheck/BaseTest.java
index 3998f241ed3..793c38dde4f 100644
--- a/core/src/test/java/org/owasp/dependencycheck/BaseTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/BaseTest.java
@@ -16,15 +16,16 @@
 package org.owasp.dependencycheck;
 
 import io.github.jeremylong.jcs3.slf4j.Slf4jAdapter;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.owasp.dependencycheck.utils.Settings;
+
 import java.io.File;
 import java.io.InputStream;
 import java.net.URISyntaxException;
-import org.junit.After;
 
-import org.junit.AfterClass;
-import org.junit.Assume;
-import org.junit.Before;
-import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  *
@@ -40,7 +41,7 @@ public abstract class BaseTest {
     /**
      * Initialize the {@link Settings}.
      */
-    @Before
+    @BeforeEach
     public void setUp() throws Exception {
         System.setProperty("jcs.logSystem", "slf4j");
         Slf4jAdapter.muteLogging(true);
@@ -50,13 +51,13 @@ public void setUp() throws Exception {
     /**
      * Clean the {@link Settings}.
      */
-    @After
+    @AfterEach
     public void tearDown() throws Exception {
         settings.cleanup(true);
     }
 
-    @AfterClass
-    public static void tearDownClass() throws Exception {
+    @AfterAll
+    public static void tearDownClass() {
         File f = new File("./target/data/odc.mv.db");
         if (f.exists() && f.isFile() && f.length() < 71680) {
             System.err.println("------------------------------------------------");
@@ -93,7 +94,7 @@ public static InputStream getResourceAsStream(Object o, String resource) {
     public static File getResourceAsFile(Object o, String resource) {
         try {
             File f = new File(o.getClass().getClassLoader().getResource(resource).toURI().getPath());
-            Assume.assumeTrue(String.format("%n%n[SEVERE] Unable to load resource for test case: %s%n%n", resource), f.exists());
+            assumeTrue(f.exists(), String.format("%n%n[SEVERE] Unable to load resource for test case: %s%n%n", resource));
             return f;
         } catch (URISyntaxException e) {
             throw new UnsupportedOperationException(e);
diff --git a/core/src/test/java/org/owasp/dependencycheck/EngineIT.java b/core/src/test/java/org/owasp/dependencycheck/EngineIT.java
index 8917aa57e9b..a46d2504ca3 100644
--- a/core/src/test/java/org/owasp/dependencycheck/EngineIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/EngineIT.java
@@ -17,8 +17,17 @@
  */
 package org.owasp.dependencycheck;
 
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.owasp.dependencycheck.analyzer.Analyzer;
+import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
+import org.owasp.dependencycheck.exception.ExceptionCollection;
+import org.owasp.dependencycheck.exception.ReportException;
+import org.owasp.dependencycheck.utils.Settings;
+
 import java.io.File;
-import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.List;
@@ -26,31 +35,20 @@
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.doReturn;
 import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.when;
 
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
-import org.owasp.dependencycheck.exception.ExceptionCollection;
-import org.owasp.dependencycheck.exception.ReportException;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
-import org.owasp.dependencycheck.utils.Settings;
-import org.owasp.dependencycheck.analyzer.Analyzer;
-
 /**
  *
  * @author Jeremy Long
  */
-@RunWith(MockitoJUnitRunner.class)
-public class EngineIT extends BaseDBTestCase {
+@ExtendWith(MockitoExtension.class)
+class EngineIT extends BaseDBTestCase {
 
     @Mock
     private Analyzer analyzer;
@@ -60,7 +58,7 @@ public class EngineIT extends BaseDBTestCase {
 
 
     @Test
-    public void exceptionDuringAnalysisTaskExecutionIsFatal() throws DatabaseException, ExceptionCollection {
+    void exceptionDuringAnalysisTaskExecutionIsFatal() throws DatabaseException {
          final ExecutorService executorService = Executors.newFixedThreadPool(3);
          try (Engine instance = spy(new Engine(new Settings()))) {
              final List<Throwable> exceptions = new ArrayList<>();
@@ -74,9 +72,9 @@ public void exceptionDuringAnalysisTaskExecutionIsFatal() throws DatabaseExcepti
              when(instance.getExecutorService(analyzer)).thenReturn(executorService);
              doReturn(failingAnalysisTask).when(instance).getAnalysisTasks(analyzer, exceptions);
 
-             instance.executeAnalysisTasks(analyzer, exceptions);
-             fail("ExceptionCollection exception was expected");
-         } catch (ExceptionCollection expected) {
+             ExceptionCollection expected = assertThrows(ExceptionCollection.class,
+                     () -> instance.executeAnalysisTasks(analyzer, exceptions),
+                     "ExceptionCollection exception was expected");
              List<Throwable> collected = expected.getExceptions();
              assertEquals(1, collected.size());
              assertEquals(java.util.concurrent.ExecutionException.class, collected.get(0).getClass());
@@ -88,14 +86,12 @@ public void exceptionDuringAnalysisTaskExecutionIsFatal() throws DatabaseExcepti
     /**
      * Test running the entire engine.
      *
-     * @throws java.io.IOException
-     * @throws org.owasp.dependencycheck.utils.InvalidSettingException
      * @throws org.owasp.dependencycheck.data.nvdcve.DatabaseException
      * @throws org.owasp.dependencycheck.exception.ReportException
      * @throws org.owasp.dependencycheck.exception.ExceptionCollection
      */
     @Test
-    public void testEngine() throws IOException, InvalidSettingException, DatabaseException, ReportException, ExceptionCollection {
+    void testEngine() throws DatabaseException, ReportException, ExceptionCollection {
         String testClasses = "target/test-classes";
         getSettings().setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         getSettings().setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, false);
diff --git a/core/src/test/java/org/owasp/dependencycheck/EngineTest.java b/core/src/test/java/org/owasp/dependencycheck/EngineTest.java
index f511b14122b..0b83cfd9951 100644
--- a/core/src/test/java/org/owasp/dependencycheck/EngineTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/EngineTest.java
@@ -17,20 +17,19 @@
  */
 package org.owasp.dependencycheck;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.analyzer.JarAnalyzer;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
 
-import static org.junit.Assert.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * @author Jeremy Long
  */
-public class EngineTest extends BaseDBTestCase {
-
+class EngineTest extends BaseDBTestCase {
 
 
     /**
@@ -40,7 +39,7 @@ public class EngineTest extends BaseDBTestCase {
      * there is an exception
      */
     @Test
-    public void testScanFile() throws DatabaseException {
+    void testScanFile() throws DatabaseException {
         try (Engine instance = new Engine(getSettings())) {
             instance.addFileTypeAnalyzer(new JarAnalyzer());
             File file = BaseTest.getResourceAsFile(this, "dwr.jar");
diff --git a/core/src/test/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgentIT.java b/core/src/test/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgentIT.java
index 959ec75bcee..6af495f1ce2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgentIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/agent/DependencyCheckScanAgentIT.java
@@ -17,32 +17,35 @@
  */
 package org.owasp.dependencycheck.agent;
 
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.reporting.ReportGenerator;
 import org.owasp.dependencycheck.utils.FileUtils;
+
 import java.io.File;
 import java.util.ArrayList;
 import java.util.List;
-import org.owasp.dependencycheck.BaseDBTestCase;
 
-public class DependencyCheckScanAgentIT extends BaseDBTestCase {
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class DependencyCheckScanAgentIT extends BaseDBTestCase {
 
     private static final File REPORT_DIR = new File("target/test-scan-agent/report");
 
-    @BeforeClass
-    public static void beforeClass() {
+    @BeforeAll
+    static void beforeClass() {
         if (!REPORT_DIR.exists()) {
             REPORT_DIR.mkdirs();
         }
     }
 
     @Test
-    public void testComponentMetadata() throws Exception {
+    void testComponentMetadata() throws Exception {
         List<Dependency> dependencies = new ArrayList<>();
         dependencies.add(createDependency("apache", "tomcat", "5.0.5"));
         DependencyCheckScanAgent scanAgent = createScanAgent();
@@ -50,10 +53,10 @@ public void testComponentMetadata() throws Exception {
         scanAgent.execute();
 
         Dependency tomcat = scanAgent.getDependencies().get(0);
-        Assert.assertTrue(tomcat.getVulnerableSoftwareIdentifiers().size() >= 1);
+        assertFalse(tomcat.getVulnerableSoftwareIdentifiers().isEmpty());
 
         // This will change over time
-        Assert.assertTrue(tomcat.getVulnerabilities().size() > 5);
+        assertTrue(tomcat.getVulnerabilities().size() > 5);
     }
 
     private DependencyCheckScanAgent createScanAgent() {
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzerTest.java
index 37c0de5ac29..2a9de6cbe15 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractFileTypeAnalyzerTest.java
@@ -17,23 +17,25 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.util.Set;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class AbstractFileTypeAnalyzerTest extends BaseTest {
+class AbstractFileTypeAnalyzerTest extends BaseTest {
 
     /**
      * Test of newHashSet method, of class AbstractAnalyzer.
      */
     @Test
-    public void testNewHashSet() {
+    void testNewHashSet() {
         Set<String> result = AbstractFileTypeAnalyzer.newHashSet("one", "two");
         assertEquals(2, result.size());
         assertTrue(result.contains("one"));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzerIT.java
index 84b2f82b729..c8ed7c3296c 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractNpmAnalyzerIT.java
@@ -17,22 +17,24 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
+import org.junit.jupiter.api.Test;
+
 import java.util.ArrayList;
 import java.util.Collection;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author jeremy long
  */
-public class AbstractNpmAnalyzerIT {
+class AbstractNpmAnalyzerIT {
 
     /**
      * Test of determineVersionFromMap method, of class AbstractNpmAnalyzer.
      */
     @Test
-    public void testDetermineVersionFromMap() {
+    void testDetermineVersionFromMap() {
         String versionRange = ">2.1.1 <5.0.1";
         Collection<String> availableVersions = new ArrayList<>();
         availableVersions.add("2.0.2");
@@ -49,7 +51,7 @@ public void testDetermineVersionFromMap() {
     }
 
     @Test
-    public void testDetermineVersionFromMap_1() {
+    void testDetermineVersionFromMap_1() {
         String versionRange = ">2.1.1 <5.0.1";
         Collection<String> availableVersions = new ArrayList<>();
         availableVersions.add("10.1.0");
@@ -59,7 +61,7 @@ public void testDetermineVersionFromMap_1() {
     }
 
     @Test
-    public void testDetermineVersionFromMap_2() {
+    void testDetermineVersionFromMap_2() {
         String versionRange = ">2.1.1 <5.0.1";
         Collection<String> availableVersions = new ArrayList<>();
         availableVersions.add("2.0.2");
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzerTest.java
index 33c656ba9b5..38da80bc54a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AbstractSuppressionAnalyzerTest.java
@@ -17,19 +17,11 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-import static org.hamcrest.MatcherAssert.assertThat;
-
-import java.util.Set;
-
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.Engine.Mode;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Downloader;
@@ -37,10 +29,18 @@
 import org.owasp.dependencycheck.utils.Settings.KEYS;
 import org.owasp.dependencycheck.xml.suppression.SuppressionRule;
 
+import java.util.Set;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
 /**
  * @author Jeremy Long
  */
-public class AbstractSuppressionAnalyzerTest extends BaseTest {
+class AbstractSuppressionAnalyzerTest extends BaseTest {
 
     /**
      * A second suppression file to test with.
@@ -54,8 +54,8 @@ public class AbstractSuppressionAnalyzerTest extends BaseTest {
 
     private AbstractSuppressionAnalyzer instance;
 
-    @Before
-    public void createObjectUnderTest() throws Exception {
+    @BeforeEach
+    void createObjectUnderTest() {
         instance = new AbstractSuppressionAnalyzerImpl();
     }
 
@@ -64,7 +64,7 @@ public void createObjectUnderTest() throws Exception {
      * AbstractSuppressionAnalyzer.
      */
     @Test
-    public void testGetSupportedExtensions() {
+    void testGetSupportedExtensions() {
         Set<String> result = instance.getSupportedExtensions();
         assertNull(result);
     }
@@ -74,10 +74,10 @@ public void testGetSupportedExtensions() {
      * suppression file declared as URL.
      */
     @Test
-    public void testGetRulesFromSuppressionFileFromURL() throws Exception {
+    void testGetRulesFromSuppressionFileFromURL() throws Exception {
         final String fileUrl = getClass().getClassLoader().getResource(SUPPRESSIONS_FILE).toURI().toURL().toString();
         final int numberOfExtraLoadedRules = getNumberOfRulesLoadedFromPath(fileUrl) - getNumberOfRulesLoadedInCoreFile();
-        assertEquals("Expected 5 extra rules in the given path", 5, numberOfExtraLoadedRules);
+        assertEquals(5, numberOfExtraLoadedRules, "Expected 5 extra rules in the given path");
     }
 
     /**
@@ -85,9 +85,9 @@ public void testGetRulesFromSuppressionFileFromURL() throws Exception {
      * suppression file on the class path.
      */
     @Test
-    public void testGetRulesFromSuppressionFileInClasspath() throws Exception {
+    void testGetRulesFromSuppressionFileInClasspath() throws Exception {
         final int numberOfExtraLoadedRules = getNumberOfRulesLoadedFromPath(SUPPRESSIONS_FILE) - getNumberOfRulesLoadedInCoreFile();
-        assertEquals("Expected 5 extra rules in the given file", 5, numberOfExtraLoadedRules);
+        assertEquals(5, numberOfExtraLoadedRules, "Expected 5 extra rules in the given file");
     }
 
     /**
@@ -95,7 +95,7 @@ public void testGetRulesFromSuppressionFileInClasspath() throws Exception {
      * defined in the {@link Settings}.
      */
     @Test
-    public void testGetRulesFromMultipleSuppressionFiles() throws Exception {
+    void testGetRulesFromMultipleSuppressionFiles() throws Exception {
         final int rulesInCoreFile = getNumberOfRulesLoadedInCoreFile();
 
         // GIVEN suppression rules from one file
@@ -116,12 +116,13 @@ public void testGetRulesFromMultipleSuppressionFiles() throws Exception {
         assertThat("Expected suppressions from both files", instance.getRuleCount(engine), is(expectedSize));
     }
 
-    @Test(expected = InitializationException.class)
-    public void testFailureToLocateSuppressionFileAnywhere() throws Exception {
+    @Test
+    void testFailureToLocateSuppressionFileAnywhere() {
         getSettings().setString(Settings.KEYS.SUPPRESSION_FILE, "doesnotexist.xml");
         instance.initialize(getSettings());
         Engine engine = new Engine(Mode.EVIDENCE_COLLECTION, getSettings());
-        instance.prepare(engine);
+        assertThrows(InitializationException.class, () ->
+            instance.prepare(engine));
     }
 
     /**
@@ -163,7 +164,7 @@ private int getNumberOfRulesLoadedFromPath(final String path) throws Exception {
     public static class AbstractSuppressionAnalyzerImpl extends AbstractSuppressionAnalyzer {
 
         @Override
-        public void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
+        public void analyzeDependency(Dependency dependency, Engine engine) {
             throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
         }
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java
index 1ee93bc6ea8..850ebd0eca1 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AnalyzerServiceTest.java
@@ -17,15 +17,15 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.utils.Settings;
 
 import java.util.List;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
 import static org.owasp.dependencycheck.analyzer.AnalysisPhase.FINAL;
 import static org.owasp.dependencycheck.analyzer.AnalysisPhase.INITIAL;
 
@@ -33,13 +33,13 @@
  *
  * @author Jeremy Long
  */
-public class AnalyzerServiceTest extends BaseDBTestCase {
+class AnalyzerServiceTest extends BaseDBTestCase {
 
     /**
      * Test of getAnalyzers method, of class AnalyzerService.
      */
     @Test
-    public void testGetAnalyzers() {
+    void testGetAnalyzers() {
         AnalyzerService instance = new AnalyzerService(Thread.currentThread().getContextClassLoader(), getSettings());
         List<Analyzer> result = instance.getAnalyzers();
 
@@ -50,14 +50,14 @@ public void testGetAnalyzers() {
                 break;
             }
         }
-        assertTrue("JarAnalyzer loaded", found);
+        assertTrue(found, "JarAnalyzer loaded");
     }
 
     /**
      * Test of getAnalyzers method, of class AnalyzerService.
      */
     @Test
-    public void testGetAnalyzers_SpecificPhases() throws Exception {
+    void testGetAnalyzers_SpecificPhases() {
         AnalyzerService instance = new AnalyzerService(Thread.currentThread().getContextClassLoader(), getSettings());
         List<Analyzer> result = instance.getAnalyzers(INITIAL, FINAL);
 
@@ -72,7 +72,7 @@ public void testGetAnalyzers_SpecificPhases() throws Exception {
      * Test of getAnalyzers method, of class AnalyzerService.
      */
     @Test
-    public void testGetExperimentalAnalyzers() {
+    void testGetExperimentalAnalyzers() {
         AnalyzerService instance = new AnalyzerService(Thread.currentThread().getContextClassLoader(), getSettings());
         List<Analyzer> result = instance.getAnalyzers();
         String experimental = "CMake Analyzer";
@@ -83,8 +83,8 @@ public void testGetExperimentalAnalyzers() {
                 found = true;
             }
         }
-        assertFalse("Experimental analyzer loaded when set to false", found);
-        assertFalse("Retired analyzer loaded when set to false", retiredFound);
+        assertFalse(found, "Experimental analyzer loaded when set to false");
+        assertFalse(retiredFound, "Retired analyzer loaded when set to false");
 
         getSettings().setBoolean(Settings.KEYS.ANALYZER_EXPERIMENTAL_ENABLED, true);
         instance = new AnalyzerService(Thread.currentThread().getContextClassLoader(), getSettings());
@@ -96,8 +96,8 @@ public void testGetExperimentalAnalyzers() {
                 found = true;
             }
         }
-        assertTrue("Experimental analyzer not loaded when set to true", found);
-        assertFalse("Retired analyzer loaded when set to false", retiredFound);
+        assertTrue(found, "Experimental analyzer not loaded when set to true");
+        assertFalse(retiredFound, "Retired analyzer loaded when set to false");
 
         getSettings().setBoolean(Settings.KEYS.ANALYZER_EXPERIMENTAL_ENABLED, false);
         getSettings().setBoolean(Settings.KEYS.ANALYZER_RETIRED_ENABLED, true);
@@ -109,6 +109,6 @@ public void testGetExperimentalAnalyzers() {
                 found = true;
             }
         }
-        assertFalse("Experimental analyzer loaded when set to false", found);
+        assertFalse(found, "Experimental analyzer loaded when set to false");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
index c4e8b52232b..981011e45d3 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerIT.java
@@ -17,29 +17,34 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.util.HashSet;
-import java.util.Set;
-import static org.junit.Assert.*;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.io.File;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class ArchiveAnalyzerIT extends BaseDBTestCase {
+class ArchiveAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of getSupportedExtensions method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testSupportsExtensions() {
+    void testSupportsExtensions() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         Set<String> expResult = new HashSet<>();
@@ -57,7 +62,7 @@ public void testSupportsExtensions() {
         expResult.add("tbz2");
         expResult.add("rpm");
         for (String ext : expResult) {
-            assertTrue(ext, instance.accept(new File("test." + ext)));
+            assertTrue(instance.accept(new File("test." + ext)), ext);
         }
     }
 
@@ -65,7 +70,7 @@ public void testSupportsExtensions() {
      * Test of getName method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         String expResult = "Archive Analyzer";
@@ -77,18 +82,18 @@ public void testGetName() {
      * Test of supportsExtension method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testSupportsExtension() {
+    void testSupportsExtension() {
         String extension = "test.7z"; //not supported
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
-        assertFalse(extension, instance.accept(new File(extension)));
+        assertFalse(instance.accept(new File(extension)), extension);
     }
 
     /**
      * Test of getAnalysisPhase method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         AnalysisPhase expResult = AnalysisPhase.INITIAL;
@@ -100,21 +105,15 @@ public void testGetAnalysisPhase() {
      * Test of prepare and close methods, of class ArchiveAnalyzer.
      */
     @Test
-    public void testInitialize() {
+    void testInitialize() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         try {
             instance.setEnabled(true);
             instance.setFilesMatched(true);
-            instance.prepare(null);
-        } catch (InitializationException ex) {
-            fail(ex.getMessage());
+            assertDoesNotThrow(() -> instance.prepare(null));
         } finally {
-            try {
-                instance.close();
-            } catch (Exception ex) {
-                fail(ex.getMessage());
-            }
+            assertDoesNotThrow(instance::close);
         }
     }
 
@@ -124,7 +123,7 @@ public void testInitialize() {
      * @throws java.lang.Exception when an error occurs
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -154,7 +153,7 @@ public void testAnalyze() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer, with an executable jar.
      */
     @Test
-    public void testAnalyzeExecutableJar() throws Exception {
+    void testAnalyzeExecutableJar() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -181,7 +180,7 @@ public void testAnalyzeExecutableJar() throws Exception {
     }
 
     @Test
-    public void testAnalyzeJarStaticResources() throws Exception {
+    void testAnalyzeJarStaticResources() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -217,7 +216,7 @@ public void testAnalyzeJarStaticResources() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeTar() throws Exception {
+    void testAnalyzeTar() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -249,7 +248,7 @@ public void testAnalyzeTar() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeTarGz() throws Exception {
+    void testAnalyzeTarGz() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -282,7 +281,7 @@ public void testAnalyzeTarGz() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeTarBz2() throws Exception {
+    void testAnalyzeTarBz2() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -310,7 +309,7 @@ public void testAnalyzeTarBz2() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeTgz() throws Exception {
+    void testAnalyzeTgz() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -340,7 +339,7 @@ public void testAnalyzeTgz() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeTbz2() throws Exception {
+    void testAnalyzeTbz2() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -367,7 +366,7 @@ public void testAnalyzeTbz2() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyzeRpm() throws Exception {
+    void testAnalyzeRpm() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
@@ -380,7 +379,7 @@ public void testAnalyzeRpm() throws Exception {
         instance.accept(new File("struts-1.2.9-162.35.1.uyuni.noarch.rpm"));
         try (Engine engine = new Engine(settings)) {
             instance.prepare(null);
-            
+
             File file = BaseTest.getResourceAsFile(this, "xmlsec-2.0.7-3.7.uyuni.noarch.rpm");
             Dependency dependency = new Dependency(file);
 
@@ -397,7 +396,7 @@ public void testAnalyzeRpm() throws Exception {
      * Test of analyze method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testAnalyze_badZip() throws Exception {
+    void testAnalyze_badZip() throws Exception {
         Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
         settings.setBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED, false);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerTest.java
index 594641edae8..1afa4740d47 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzerTest.java
@@ -15,27 +15,23 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import org.junit.Before;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import static org.junit.Assume.assumeFalse;
-
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author jeremy long
  */
-public class ArchiveAnalyzerTest extends BaseTest {
+class ArchiveAnalyzerTest extends BaseTest {
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -46,7 +42,7 @@ public void setUp() throws Exception {
      * Test of analyzeDependency method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testZippableExtensions() throws Exception {
+    void testZippableExtensions() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         assertTrue(instance.getFileFilter().accept(new File("c:/test.zip")));
@@ -59,7 +55,7 @@ public void testZippableExtensions() throws Exception {
      * Test of analyzeDependency method, of class ArchiveAnalyzer.
      */
     @Test
-    public void testRpmExtension() throws Exception {
+    void testRpmExtension() {
         ArchiveAnalyzer instance = new ArchiveAnalyzer();
         instance.initialize(getSettings());
         assertTrue(instance.getFileFilter().accept(new File("/srv/struts-1.2.9-162.35.1.uyuni.noarch.rpm")));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzerTest.java
index 3c405bfd5c1..1d5fe726bef 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzerTest.java
@@ -17,18 +17,9 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.io.IOException;
-import org.junit.After;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Assume;
-import static org.junit.Assume.assumeFalse;
-import static org.junit.Assume.assumeNotNull;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
@@ -41,13 +32,21 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeFalse;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
 /**
  * Tests for the AssemblyAnalyzer.
  *
  * @author colezlaw
  *
  */
-public class AssemblyAnalyzerTest extends BaseTest {
+class AssemblyAnalyzerTest extends BaseTest {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(AssemblyAnalyzerTest.class);
 
@@ -60,7 +59,7 @@ public class AssemblyAnalyzerTest extends BaseTest {
      *
      * @throws Exception if anything goes sideways
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -76,28 +75,28 @@ public void setUp() throws Exception {
             } else {
                 LOGGER.warn("Exception setting up AssemblyAnalyzer. Tests will be incomplete");
             }
-            Assume.assumeNoException("Is dotnet installed? TESTS WILL BE INCOMPLETE", e);
+            assumeTrue(false, "Is dotnet installed? TESTS WILL BE INCOMPLETE: " + e);
         }
     }
 
-    private void assertGrokAssembly() throws IOException {
+    private void assertGrokAssembly() {
         // There must be an .exe and a .config files created in the temp
         // directory and they must match the resources they were created from.
         File grokAssemblyExeFile = analyzer.getGrokAssemblyPath();
-        assertTrue("The GrokAssembly executable was not created.", grokAssemblyExeFile.isFile());
+        assertTrue(grokAssemblyExeFile.isFile(), "The GrokAssembly executable was not created.");
     }
 
     /**
      * Tests to make sure the name is correct.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("Assembly Analyzer", analyzer.getName());
     }
 
     @Test
-    public void testAnalysis() throws Exception {
-        assumeNotNull(analyzer.buildArgumentList());
+    void testAnalysis() throws Exception {
+        assumeTrue(analyzer.buildArgumentList() != null);
         File f = analyzer.getGrokAssemblyPath();
         Dependency d = new Dependency(f);
         analyzer.analyze(d, null);
@@ -106,8 +105,8 @@ public void testAnalysis() throws Exception {
     }
 
     @Test
-    public void testLog4Net() throws Exception {
-        assumeNotNull(analyzer.buildArgumentList());
+    void testLog4Net() throws Exception {
+        assumeTrue(analyzer.buildArgumentList() != null);
         File f = BaseTest.getResourceAsFile(this, "log4net.dll");
 
         Dependency d = new Dependency(f);
@@ -120,8 +119,8 @@ public void testLog4Net() throws Exception {
     }
 
     @Test
-    public void testNonexistent() {
-        assumeNotNull(analyzer.buildArgumentList());
+    void testNonexistent() {
+        assumeTrue(analyzer.buildArgumentList() != null);
 
         // Tweak the log level so the warning doesn't show in the console
         String oldProp = System.getProperty(LOG_KEY, "info");
@@ -130,9 +129,8 @@ public void testNonexistent() {
         Dependency d = new Dependency(test);
 
         try {
-            analyzer.analyze(d, null);
-            fail("Expected an AnalysisException");
-        } catch (AnalysisException ae) {
+            AnalysisException ae = assertThrows(AnalysisException.class, () -> analyzer.analyze(d, null),
+                "Expected an AnalysisException");
             assertTrue(ae.getMessage().contains("nonexistent.dll does not exist and cannot be analyzed by dependency-check"));
         } finally {
             System.setProperty(LOG_KEY, oldProp);
@@ -140,7 +138,7 @@ public void testNonexistent() {
     }
 
     @Test
-    public void testWithSettingMono() throws Exception {
+    void testWithSettingMono() {
 
         //This test doesn't work on Windows.
         assumeFalse(System.getProperty("os.name").startsWith("Windows"));
@@ -160,9 +158,9 @@ public void testWithSettingMono() throws Exception {
             AssemblyAnalyzer aanalyzer = new AssemblyAnalyzer();
             aanalyzer.initialize(getSettings());
             aanalyzer.accept(new File("test.dll")); // trick into "thinking it is active"
-            aanalyzer.prepare(null);
-            fail("Expected an InitializationException");
-        } catch (InitializationException ae) {
+
+            InitializationException ae = assertThrows(InitializationException.class, () -> aanalyzer.prepare(null),
+                    "Expected an InitializationException");
             assertEquals("An error occurred with the .NET AssemblyAnalyzer, is the dotnet 8.0 runtime or sdk installed?", ae.getMessage());
         } finally {
             System.setProperty(LOG_KEY, oldProp);
@@ -177,7 +175,7 @@ public void testWithSettingMono() throws Exception {
         }
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         try {
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/AutoconfAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/AutoconfAnalyzerTest.java
index 3e0cb0899ab..042f74fba07 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/AutoconfAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/AutoconfAnalyzerTest.java
@@ -17,20 +17,20 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.owasp.dependencycheck.dependency.Confidence;
-import org.owasp.dependencycheck.dependency.Evidence;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for AutoconfAnalyzer. The test resources under autoconf/ were
@@ -43,7 +43,7 @@
  * @see <a href="https://gnu.org/software/binutils/">GNU Binutils</a>
  * @see <a href="https://gnu.org/software/ghostscript/">GNU Ghostscript</a>
  */
-public class AutoconfAnalyzerTest extends BaseTest {
+class AutoconfAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -55,7 +55,7 @@ public class AutoconfAnalyzerTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -70,7 +70,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -84,7 +84,7 @@ public void tearDown() throws Exception {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeConfigureAC1() throws AnalysisException {
+    void testAnalyzeConfigureAC1() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "autoconf/ghostscript/configure.ac"));
         analyzer.analyze(result, null);
@@ -100,7 +100,7 @@ public void testAnalyzeConfigureAC1() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeConfigureAC2() throws AnalysisException {
+    void testAnalyzeConfigureAC2() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "autoconf/readable-code/configure.ac"));
         analyzer.analyze(result, null);
@@ -117,7 +117,7 @@ public void testAnalyzeConfigureAC2() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeConfigureScript() throws AnalysisException {
+    void testAnalyzeConfigureScript() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "autoconf/binutils/configure"));
         analyzer.analyze(result, null);
@@ -133,7 +133,7 @@ public void testAnalyzeConfigureScript() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeReadableConfigureScript() throws AnalysisException {
+    void testAnalyzeReadableConfigureScript() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "autoconf/readable-code/configure"));
         analyzer.analyze(result, null);
@@ -148,21 +148,22 @@ public void testAnalyzeReadableConfigureScript() throws AnalysisException {
      * Test of getName method, of {@link AutoconfAnalyzer}.
      */
     @Test
-    public void testGetName() {
-        assertEquals("Analyzer name wrong.", "Autoconf Analyzer",
-                analyzer.getName());
+    void testGetName() {
+        assertEquals("Autoconf Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     /**
      * Test of {@link AutoconfAnalyzer#accept(File)}.
      */
     @Test
-    public void testSupportsFileExtension() {
-        assertTrue("Should support \"ac\" extension.",
-                analyzer.accept(new File("configure.ac")));
-        assertTrue("Should support \"in\" extension.",
-                analyzer.accept(new File("configure.in")));
-        assertTrue("Should support \"configure\" extension.",
-                analyzer.accept(new File("configure")));
+    void testSupportsFileExtension() {
+        assertTrue(analyzer.accept(new File("configure.ac")),
+                "Should support \"ac\" extension.");
+        assertTrue(analyzer.accept(new File("configure.in")),
+                "Should support \"in\" extension.");
+        assertTrue(analyzer.accept(new File("configure")),
+                "Should support \"configure\" extension.");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzerTest.java
index faf116501ab..810217a1dff 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/CMakeAnalyzerTest.java
@@ -17,15 +17,17 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 import java.util.HashMap;
@@ -34,20 +36,17 @@
 
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertTrue;
-
-import org.owasp.dependencycheck.dependency.Evidence;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for CmakeAnalyzer.
  *
  * @author Dale Visser
  */
-public class CMakeAnalyzerTest extends BaseDBTestCase {
+class CMakeAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The package analyzer to test.
@@ -59,7 +58,7 @@ public class CMakeAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -74,7 +73,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         try {
@@ -88,7 +87,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PythonPackageAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is(equalTo("CMake Analyzer")));
     }
 
@@ -96,11 +95,11 @@ public void testGetName() {
      * Test of supportsExtension method, of class PythonPackageAnalyzer.
      */
     @Test
-    public void testAccept() {
-        assertTrue("Should support \"CMakeLists.txt\" name.",
-                analyzer.accept(new File("CMakeLists.txt")));
-        assertTrue("Should support \"cmake\" extension.",
-                analyzer.accept(new File("test.cmake")));
+    void testAccept() {
+        assertTrue(analyzer.accept(new File("CMakeLists.txt")),
+                "Should support \"CMakeLists.txt\" name.");
+        assertTrue(analyzer.accept(new File("test.cmake")),
+                "Should support \"cmake\" extension.");
     }
 
     /**
@@ -109,7 +108,7 @@ public void testAccept() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeCMakeListsOpenCV() throws AnalysisException {
+    void testAnalyzeCMakeListsOpenCV() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "cmake/opencv/CMakeLists.txt"));
         analyzer.analyze(result, null);
@@ -123,7 +122,7 @@ public void testAnalyzeCMakeListsOpenCV() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeCMakeListsZlib() throws AnalysisException {
+    void testAnalyzeCMakeListsZlib() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "cmake/zlib/CMakeLists.txt"));
         analyzer.analyze(result, null);
@@ -137,7 +136,7 @@ public void testAnalyzeCMakeListsZlib() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeCMakeListsPython() throws AnalysisException {
+    void testAnalyzeCMakeListsPython() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "cmake/opencv/cmake/OpenCVDetectPython.cmake"));
         analyzer.analyze(result, null);
@@ -154,7 +153,7 @@ private void assertProductEvidence(Dependency result, String product) {
                 break;
             }
         }
-        assertTrue("Expected product evidence to contain \"" + product + "\".", found);
+        assertTrue(found, "Expected product evidence to contain \"" + product + "\".");
     }
 
     /**
@@ -164,7 +163,7 @@ private void assertProductEvidence(Dependency result, String product) {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeCMakeListsOpenCV3rdParty() throws AnalysisException, DatabaseException {
+    void testAnalyzeCMakeListsOpenCV3rdParty() throws AnalysisException, DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                     this, "cmake/opencv/3rdparty/ffmpeg/ffmpeg_version.cmake"));
@@ -172,10 +171,10 @@ public void testAnalyzeCMakeListsOpenCV3rdParty() throws AnalysisException, Data
             analyzer.analyze(result, engine);
             assertProductEvidence(result, "libavcodec");
             assertVersionEvidence(result, "55.18.102");
-            assertFalse("ALIASOF_ prefix shouldn't be present.",
-                    Pattern.compile("\\bALIASOF_\\w+").matcher(result.getEvidence(EvidenceType.PRODUCT).toString()).find());
+            assertFalse(Pattern.compile("\\bALIASOF_\\w+").matcher(result.getEvidence(EvidenceType.PRODUCT).toString()).find(),
+                    "ALIASOF_ prefix shouldn't be present.");
             final Dependency[] dependencies = engine.getDependencies();
-            assertEquals("Number of additional dependencies should be 4.", 4, dependencies.length);
+            assertEquals(4, dependencies.length, "Number of additional dependencies should be 4.");
             final Dependency last = dependencies[3];
             assertProductEvidence(last, "libavresample");
             assertVersionEvidence(last, "1.0.1");
@@ -190,11 +189,11 @@ private void assertVersionEvidence(Dependency result, String version) {
                 break;
             }
         }
-        assertTrue("Expected version evidence to contain \"" + version + "\".", found);
+        assertTrue(found, "Expected version evidence to contain \"" + version + "\".");
     }
 
     @Test
-    public void testRemoveSelfReferences() {
+    void testRemoveSelfReferences() {
         // Given
         Map<String, String> input = new HashMap<>();
         input.put("Deflate_OLD_FIND_LIBRARY_PREFIXES", "${CMAKE_FIND_LIBRARY_PREFIXES}");
@@ -220,7 +219,7 @@ public void testRemoveSelfReferences() {
     }
 
     @Test
-    public void testRemoveSelfReferences2() {
+    void testRemoveSelfReferences2() {
         // Given
         Map<String, String> input = new HashMap<>();
         input.put("FLTK2_DIR", "${FLTK2_INCLUDE_DIR}");
@@ -274,7 +273,7 @@ public void testRemoveSelfReferences2() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeCMakeTempVariable() throws AnalysisException {
+    void testAnalyzeCMakeTempVariable() throws AnalysisException {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                     this, "cmake/libtiff/FindDeflate.cmake"));
@@ -285,7 +284,7 @@ public void testAnalyzeCMakeTempVariable() throws AnalysisException {
     }
 
     @Test
-    public void testAnalyzeCMakeInfiniteLoop() throws AnalysisException {
+    void testAnalyzeCMakeInfiniteLoop() throws AnalysisException {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                     this, "cmake/cmake-modules/FindFLTK2.cmake"));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
index 30829316718..30721c8b149 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerIT.java
@@ -17,32 +17,36 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
 import org.apache.commons.lang3.mutable.MutableInt;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
+import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.data.cpe.IndexEntry;
+import org.owasp.dependencycheck.data.nvd.ecosystem.Ecosystem;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.owasp.dependencycheck.data.nvd.ecosystem.Ecosystem;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 
+import java.io.File;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+
 /**
  *
  * @author Jeremy Long
  */
-public class CPEAnalyzerIT extends BaseDBTestCase {
+class CPEAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Tests of buildSearch of class CPEAnalyzer.
@@ -50,9 +54,9 @@ public class CPEAnalyzerIT extends BaseDBTestCase {
      * @throws Exception is thrown when an IO Exception occurs.
      */
     @Test
-    public void testBuildSearch() throws Exception {
+    void testBuildSearch() throws Exception {
         Set<String> productWeightings = new HashSet<>();//Collections.singleton("struts2");
-        Set<String> vendorWeightings = new HashSet<>();//Collections.singleton("apache");        
+        Set<String> vendorWeightings = new HashSet<>();//Collections.singleton("apache");
         Map<String, MutableInt> vendor = new HashMap<>();
         Map<String, MutableInt> product = new HashMap<>();
         vendor.put("apache software foundation", new MutableInt(1));
@@ -62,14 +66,14 @@ public void testBuildSearch() throws Exception {
         instance.initialize(getSettings());
         String queryText = instance.buildSearch(vendor, product, vendorWeightings, productWeightings);
         String expResult = "product:(struts 2 core) AND vendor:(apache software foundation)";
-        assertTrue(expResult.equals(queryText));
+        assertEquals(expResult, queryText);
 
         vendorWeightings.add("apache");
         productWeightings.add("struts2");
 
         queryText = instance.buildSearch(vendor, product, vendorWeightings, productWeightings);
         expResult = "product:(struts^2 2 core struts2^2) AND vendor:(apache^2 software foundation)";
-        assertTrue(expResult.equals(queryText));
+        assertEquals(expResult, queryText);
         instance.close();
     }
 
@@ -79,7 +83,7 @@ public void testBuildSearch() throws Exception {
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testDetermineCPE_full() throws Exception {
+    void testDetermineCPE_full() throws Exception {
         CPEAnalyzer cpeAnalyzer = new CPEAnalyzer();
         try (Engine e = new Engine(getSettings())) {
             //update needs to be performed so that xtream can be tested
@@ -130,7 +134,7 @@ public void testDetermineCPE_full() throws Exception {
      * @param cpeSuppression the CPE suppression analyzer
      * @throws Exception is thrown when an exception occurs
      */
-    public void callDetermineCPE_full(String depName, String expResult, CPEAnalyzer cpeAnalyzer, FileNameAnalyzer fnAnalyzer,
+    private void callDetermineCPE_full(String depName, String expResult, CPEAnalyzer cpeAnalyzer, FileNameAnalyzer fnAnalyzer,
             JarAnalyzer jarAnalyzer, HintAnalyzer hAnalyzer, FalsePositiveAnalyzer fp, CpeSuppressionAnalyzer cpeSuppression) throws Exception {
 
         //File file = new File(this.getClass().getClassLoader().getResource(depName).getPath());
@@ -153,9 +157,9 @@ public void callDetermineCPE_full(String depName, String expResult, CPEAnalyzer
                     break;
                 }
             }
-            assertTrue("Match not found: { dep:'" + dep.getFileName() + "', exp:'" + expResult + "' }", found);
+            assertTrue(found, "Match not found: { dep:'" + dep.getFileName() + "', exp:'" + expResult + "' }");
         } else {
-            dep.getVulnerableSoftwareIdentifiers().forEach((id) -> fail("Unexpected match found: { dep:'" + dep.getFileName() + "', found:'" + id + "' }"));
+            dep.getVulnerableSoftwareIdentifiers().forEach(id -> fail("Unexpected match found: { dep:'" + dep.getFileName() + "', found:'" + id + "' }"));
         }
     }
 
@@ -165,7 +169,7 @@ public void callDetermineCPE_full(String depName, String expResult, CPEAnalyzer
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testDetermineCPE() throws Exception {
+    void testDetermineCPE() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         //File file = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
@@ -218,10 +222,10 @@ public void testDetermineCPE() throws Exception {
             instance.close();
 
             suppressionAnalyzer.analyze(commonValidator, engine);
-            commonValidator.getVulnerableSoftwareIdentifiers().forEach((i) -> fail("Apache Common Validator found an unexpected CPE identifier - " + i.getValue()));
+            commonValidator.getVulnerableSoftwareIdentifiers().forEach(i -> fail("Apache Common Validator found an unexpected CPE identifier - " + i.getValue()));
 
             String expResult = "cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*";
-            assertTrue("Incorrect match size - struts", struts.getVulnerableSoftwareIdentifiers().size() >= 1);
+            assertFalse(struts.getVulnerableSoftwareIdentifiers().isEmpty(), "Incorrect match size - struts");
             boolean found = false;
             for (Identifier i : struts.getVulnerableSoftwareIdentifiers()) {
                 if (expResult.equals(i.getValue())) {
@@ -229,8 +233,8 @@ public void testDetermineCPE() throws Exception {
                     break;
                 }
             }
-            assertTrue("Incorrect match - struts", found);
-            assertTrue("Incorrect match size - spring3 - " + spring3.getVulnerableSoftwareIdentifiers().size(), spring3.getVulnerableSoftwareIdentifiers().size() >= 1);
+            assertTrue(found, "Incorrect match - struts");
+            assertFalse(spring3.getVulnerableSoftwareIdentifiers().isEmpty(), "Incorrect match size - spring3 - " + spring3.getVulnerableSoftwareIdentifiers().size());
 
             jarAnalyzer.close();
             suppressionAnalyzer.close();
@@ -243,7 +247,7 @@ public void testDetermineCPE() throws Exception {
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testDetermineIdentifiers() throws Exception {
+    void testDetermineIdentifiers() throws Exception {
 
         CPEAnalyzer instance = new CPEAnalyzer();
         try (Engine engine = new Engine(getSettings())) {
@@ -284,7 +288,7 @@ private void callDetermieIdentifiers(String vendor, String product, String versi
             System.out.println(id.getValue());
             return expectedCpe.equals(id.getValue());
         });
-        assertTrue(String.format("%s:%s:%s identifier not found", vendor, product, version), found);
+        assertTrue(found, String.format("%s:%s:%s identifier not found", vendor, product, version));
     }
 
     /**
@@ -293,7 +297,7 @@ private void callDetermieIdentifiers(String vendor, String product, String versi
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testAnalyzeDependency() throws Exception {
+    void testAnalyzeDependency() throws Exception {
 
         CPEAnalyzer instance = new CPEAnalyzer();
         try (Engine engine = new Engine(getSettings())) {
@@ -344,7 +348,7 @@ private void callAnalyzeDependency(String vendor, String product, String version
             System.out.println(id.getValue());
             return expectedCpe.equals(id.getValue());
         });
-        assertTrue(String.format("%s:%s:%s identifier not found", vendor, product, version), found);
+        assertTrue(found, String.format("%s:%s:%s identifier not found", vendor, product, version));
     }
 
     /**
@@ -353,7 +357,7 @@ private void callAnalyzeDependency(String vendor, String product, String version
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testSearchCPE() throws Exception {
+    void testSearchCPE() throws Exception {
         Map<String, MutableInt> vendor = new HashMap<>();
         Map<String, MutableInt> product = new HashMap<>();
         vendor.put("apache software foundation", new MutableInt(1));
@@ -379,7 +383,7 @@ public void testSearchCPE() throws Exception {
                     break;
                 }
             }
-            assertTrue("apache:struts was not identified", found);
+            assertTrue(found, "apache:struts was not identified");
         }
         instance.close();
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerTest.java
index da302c9a8bb..d64a009f6af 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerTest.java
@@ -17,30 +17,34 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
+import org.apache.commons.lang3.mutable.MutableInt;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.dependency.Confidence;
+import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.utils.Settings;
+
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import org.apache.commons.lang3.mutable.MutableInt;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.dependency.Confidence;
-import org.owasp.dependencycheck.dependency.Evidence;
-import org.owasp.dependencycheck.utils.Settings;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author jeremy long
  */
-public class CPEAnalyzerTest {
+class CPEAnalyzerTest {
 
     /**
      * Test of getName method, of class CPEAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         CPEAnalyzer instance = new CPEAnalyzer();
         String expResult = "CPE Analyzer";
         String result = instance.getName();
@@ -51,7 +55,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class CPEAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         CPEAnalyzer instance = new CPEAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.IDENTIFIER_ANALYSIS;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -62,7 +66,7 @@ public void testGetAnalysisPhase() {
      * Test of getAnalyzerEnabledSettingKey method, of class CPEAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         CPEAnalyzer instance = new CPEAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_CPE_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
@@ -73,7 +77,7 @@ public void testGetAnalyzerEnabledSettingKey() {
      * Test of collectTerms method, of class CPEAnalyzer.
      */
     @Test
-    public void testAddEvidenceWithoutDuplicateTerms() {
+    void testAddEvidenceWithoutDuplicateTerms() {
         Map<String, MutableInt> terms = new HashMap<>();
         List<Evidence> evidence = new ArrayList<>();
         evidence.add(new Evidence("test case", "value", "test", Confidence.HIGHEST));
@@ -191,7 +195,7 @@ public void testAddEvidenceWithoutDuplicateTerms() {
     }
 
     @Test
-    public void testCollectTerms() {
+    void testCollectTerms() {
         Map<String, MutableInt> terms = new HashMap<>();
         List<Evidence> evidence = new ArrayList<>();
         evidence.add(new Evidence("\\@", "\\*", "\\+", Confidence.HIGHEST));
@@ -204,7 +208,7 @@ public void testCollectTerms() {
      * Test of buildSearch method, of class CPEAnalyzer.
      */
     @Test
-    public void testBuildSearch() {
+    void testBuildSearch() {
         Map<String, MutableInt> vendor = new HashMap<>();
         Map<String, MutableInt> product = new HashMap<>();
         vendor.put("apache software foundation", new MutableInt(1));
@@ -279,7 +283,7 @@ public void testBuildSearch() {
     }
 
     @Test
-    public void testBuildSearchBlank() {
+    void testBuildSearchBlank() {
         Map<String, MutableInt> vendor = new HashMap<>();
         Map<String, MutableInt> product = new HashMap<>();
         vendor.put("   ", new MutableInt(1));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/CentralAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/CentralAnalyzerTest.java
index fb17c03ea2f..8628ff53366 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/CentralAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/CentralAnalyzerTest.java
@@ -17,32 +17,28 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.central.CentralSearch;
-import org.owasp.dependencycheck.utils.TooManyRequestsException;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.TooManyRequestsException;
 
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.util.Collections;
 import java.util.List;
-import org.apache.commons.lang3.StringUtils;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.junit.Assume;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.utils.Settings;
 
 /**
  * Tests for the CentralAnalyzer.
  */
-public class CentralAnalyzerTest extends BaseTest {
+class CentralAnalyzerTest extends BaseTest {
 
     private static final String SHA1_SUM = "my-sha1-sum";
     final CentralSearch centralSearch = mock(CentralSearch.class);
@@ -50,7 +46,7 @@ public class CentralAnalyzerTest extends BaseTest {
 
     @Test
     @SuppressWarnings("PMD.NonStaticInitializer")
-    public void testFetchMavenArtifactsWithoutException() throws IOException, TooManyRequestsException {
+    void testFetchMavenArtifactsWithoutException() throws IOException, TooManyRequestsException {
             CentralAnalyzer instance = new CentralAnalyzer();
             instance.setCentralSearch(centralSearch);
             when(dependency.getSha1sum()).thenReturn(SHA1_SUM);
@@ -61,30 +57,28 @@ public void testFetchMavenArtifactsWithoutException() throws IOException, TooMan
             assertTrue(actualMavenArtifacts.isEmpty());
     }
 
-    @Test(expected = FileNotFoundException.class)
+    @Test
     @SuppressWarnings("PMD.NonStaticInitializer")
-    public void testFetchMavenArtifactsRethrowsFileNotFoundException()
-            throws IOException, TooManyRequestsException {
+    void testFetchMavenArtifactsRethrowsFileNotFoundException() throws Exception {
         CentralAnalyzer instance = new CentralAnalyzer();
         instance.setCentralSearch(centralSearch);
         when(dependency.getSha1sum()).thenReturn(SHA1_SUM);
         when(centralSearch.searchSha1(SHA1_SUM)).thenThrow(FileNotFoundException.class);
-        instance.fetchMavenArtifacts(dependency);
+        assertThrows(FileNotFoundException.class, () ->
+            instance.fetchMavenArtifacts(dependency));
     }
 
-    @Test(expected = IOException.class)
+    @Test
     @SuppressWarnings("PMD.NonStaticInitializer")
-    public void testFetchMavenArtifactsAlwaysThrowsIOException()
-            throws IOException, TooManyRequestsException {
+    void testFetchMavenArtifactsAlwaysThrowsIOException() throws Exception {
         getSettings().setInt(Settings.KEYS.ANALYZER_CENTRAL_RETRY_COUNT, 1);
         getSettings().setBoolean(Settings.KEYS.ANALYZER_CENTRAL_USE_CACHE, false);
         CentralAnalyzer instance = new CentralAnalyzer();
         instance.initialize(getSettings());
-        
         instance.setCentralSearch(centralSearch);
         when(dependency.getSha1sum()).thenReturn(SHA1_SUM);
         when(centralSearch.searchSha1(SHA1_SUM)).thenThrow(IOException.class);
-
-        instance.fetchMavenArtifacts(dependency);
+        assertThrows(IOException.class, () ->
+            instance.fetchMavenArtifacts(dependency));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java
index 2ba74f1c4a5..ebb3607cdd0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/ComposerLockAnalyzerTest.java
@@ -17,9 +17,10 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.apache.commons.lang3.ArrayUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
@@ -27,20 +28,19 @@
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
-import org.apache.commons.lang3.ArrayUtils;
 
-import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for NodePackageAnalyzer.
  *
  * @author Dale Visser
  */
-public class ComposerLockAnalyzerTest extends BaseDBTestCase {
+class ComposerLockAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The analyzer to test.
@@ -52,7 +52,7 @@ public class ComposerLockAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -67,7 +67,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -78,7 +78,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class ComposerLockAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("Composer.lock analyzer", analyzer.getName());
     }
 
@@ -86,7 +86,7 @@ public void testGetName() {
      * Test of supportsExtension method, of class ComposerLockAnalyzer.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertTrue(analyzer.accept(new File("composer.lock")));
     }
 
@@ -96,7 +96,7 @@ public void testSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzePackageJson() throws Exception {
+    void testAnalyzePackageJson() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                     "composer.lock"));
@@ -115,7 +115,7 @@ public void testAnalyzePackageJson() throws Exception {
                     assertEquals(ComposerLockAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem());
                 }
             }
-            assertTrue("Expeced to find classpreloader", found);
+            assertTrue(found, "Expeced to find classpreloader");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/CpeSuppressionAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/CpeSuppressionAnalyzerIT.java
index 6e49c507d2d..8e61259f6e1 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/CpeSuppressionAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/CpeSuppressionAnalyzerIT.java
@@ -17,28 +17,30 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Testing the CPE suppression analyzer.
  *
  * @author Jeremy Long
  */
-public class CpeSuppressionAnalyzerIT extends BaseDBTestCase {
+class CpeSuppressionAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of getName method, of class CpeSuppressionAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         CpeSuppressionAnalyzer instance = new CpeSuppressionAnalyzer();
         instance.initialize(getSettings());
         String expResult = "Cpe Suppression Analyzer";
@@ -50,7 +52,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class CpeSuppressionAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         CpeSuppressionAnalyzer instance = new CpeSuppressionAnalyzer();
         instance.initialize(getSettings());
         AnalysisPhase expResult = AnalysisPhase.POST_IDENTIFIER_ANALYSIS;
@@ -62,7 +64,7 @@ public void testGetAnalysisPhase() {
      * Test of analyze method, of class CpeSuppressionAnalyzer.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
 
         File file = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.jar");
         File suppression = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.suppression.xml");
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/DartAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/DartAnalyzerTest.java
index f7b01851726..a47a4d79b3b 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/DartAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/DartAnalyzerTest.java
@@ -1,30 +1,29 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.dependency.naming.GenericIdentifier;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
 
 import java.io.File;
-import java.util.Set;
 
-import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for DartAnalyzer
  *
  * @author Marc Rödder
  */
-public class DartAnalyzerTest extends BaseTest {
+class DartAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -36,7 +35,7 @@ public class DartAnalyzerTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -51,7 +50,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         dartAnalyzer.close();
@@ -64,7 +63,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class DartAnalyzer.
      */
     @Test
-    public void testDartAnalyzerGetName() {
+    void testDartAnalyzerGetName() {
         assertThat(dartAnalyzer.getName(), is("Dart Package Analyzer"));
     }
 
@@ -73,7 +72,7 @@ public void testDartAnalyzerGetName() {
      * Test of supportsFiles method, of class DartAnalyzer.
      */
     @Test
-    public void testAnalyzerSupportsFiles() {
+    void testAnalyzerSupportsFiles() {
         assertThat(dartAnalyzer.accept(new File("pubspec.yaml")), is(true));
         assertThat(dartAnalyzer.accept(new File("pubspec.lock")), is(true));
     }
@@ -84,7 +83,7 @@ public void testAnalyzerSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testDartPubspecLockAnalyzer() throws AnalysisException {
+    void testDartPubspecLockAnalyzer() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "dart/pubspec.lock"));
@@ -123,7 +122,7 @@ public void testDartPubspecLockAnalyzer() throws AnalysisException {
     }
 
     @Test
-    public void testDartPubspecYamlAnalyzer() throws AnalysisException {
+    void testDartPubspecYamlAnalyzer() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "dart.yaml/pubspec.yaml"));
@@ -187,10 +186,10 @@ public void testDartPubspecYamlAnalyzer() throws AnalysisException {
 
     /**
      * Test case for issue #5008.
-     * @throws AnalysisException 
+     * @throws AnalysisException
      */
     @Test
-    public void testDartPubspecYamlAnalyzerAddressbook() throws AnalysisException {
+    void testDartPubspecYamlAnalyzerAddressbook() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "dart.addressbook/pubspec.yaml"));
@@ -199,13 +198,13 @@ public void testDartPubspecYamlAnalyzerAddressbook() throws AnalysisException {
         assertThat(engine.getDependencies().length, equalTo(1));
 
         Dependency dependency1 = engine.getDependencies()[0];
-       
+
         assertThat(dependency1.getName(), equalTo("protobuf"));
         assertThat(dependency1.getVersion(), equalTo(""));
     }
-    
+
     @Test
-    public void testIsEnabledIsTrueByDefault() {
+    void testIsEnabledIsTrueByDefault() {
         assertTrue(dartAnalyzer.isEnabled());
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
index 3378cf94ab1..629a0d22e2e 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerIT.java
@@ -17,20 +17,20 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DependencyBundlingAnalyzerIT extends BaseDBTestCase {
+class DependencyBundlingAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of analyze method, of class DependencyBundlingAnalyzer.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() {
 //        Engine engine = null;
 //        JarAnalyzer ja = null;
 //        FileNameAnalyzer fna = null;
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerTest.java
index 5aad595e7a4..d3cc9f6261d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyBundlingAnalyzerTest.java
@@ -18,30 +18,30 @@
 package org.owasp.dependencycheck.analyzer;
 
 import com.github.packageurl.MalformedPackageURLException;
-import java.io.File;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Answers;
 import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
+
+import java.io.File;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 
-import org.owasp.dependencycheck.dependency.Confidence;
-import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
-
 /**
  * @author Jeremy Long
  */
-@RunWith(MockitoJUnitRunner.class)
-public class DependencyBundlingAnalyzerTest extends BaseTest {
+@ExtendWith(MockitoExtension.class)
+class DependencyBundlingAnalyzerTest extends BaseTest {
 
     @Mock(answer = Answers.RETURNS_SMART_NULLS)
     private Engine engineMock;
@@ -50,7 +50,7 @@ public class DependencyBundlingAnalyzerTest extends BaseTest {
      * Test of getName method, of class DependencyBundlingAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         DependencyBundlingAnalyzer instance = new DependencyBundlingAnalyzer();
         String expResult = "Dependency Bundling Analyzer";
         String result = instance.getName();
@@ -61,7 +61,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class DependencyBundlingAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         DependencyBundlingAnalyzer instance = new DependencyBundlingAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.FINAL;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -73,7 +73,7 @@ public void testGetAnalysisPhase() {
      * passed dependency does not matter. The analyzer only runs once.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         DependencyBundlingAnalyzer instance = new DependencyBundlingAnalyzer();
 
         // the actual dependency does not matter
@@ -93,7 +93,7 @@ public void testAnalyze() throws Exception {
      * Test of isCore method, of class DependencyBundlingAnalyzer.
      */
     @Test
-    public void testIsCore() {
+    void testIsCore() {
         Dependency left = new Dependency();
         Dependency right = new Dependency();
 
@@ -120,7 +120,7 @@ public void testIsCore() {
     }
 
     @Test
-    public void testFirstPathIsShortest() {
+    void testFirstPathIsShortest() {
         String left = "./a/c.jar";
         String right = "./d/e/f.jar";
         boolean expResult = true;
@@ -153,7 +153,7 @@ public void testFirstPathIsShortest() {
     }
 
     @Test
-    public void testIsShaded() throws MalformedPackageURLException {
+    void testIsShaded() throws MalformedPackageURLException {
         DependencyBundlingAnalyzer instance = new DependencyBundlingAnalyzer();
 
         Dependency left = null;
@@ -221,7 +221,7 @@ public void testIsShaded() throws MalformedPackageURLException {
     }
 
     @Test
-    public void testIsWebJar() throws MalformedPackageURLException {
+    void testIsWebJar() throws MalformedPackageURLException {
         DependencyBundlingAnalyzer instance = new DependencyBundlingAnalyzer();
 
         Dependency left = null;
@@ -273,8 +273,8 @@ public void testIsWebJar() throws MalformedPackageURLException {
         expResult = true;
         result = instance.isWebJar(left, right);
         assertEquals(expResult, result);
-        
-        
+
+
         left = new Dependency(new File("/path/spring-core.jar"), true);
         left.addSoftwareIdentifier(new PurlIdentifier("maven", "org.springframework", "spring-core", "3.0.0", Confidence.HIGHEST));
         expResult = false;
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyCheckPropertiesTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyCheckPropertiesTest.java
index a991d4d5501..7a28f19a0e1 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyCheckPropertiesTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyCheckPropertiesTest.java
@@ -1,10 +1,8 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 
 import java.io.BufferedReader;
-import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
@@ -22,10 +20,13 @@
 import java.util.Set;
 import java.util.stream.Collectors;
 
-public class DependencyCheckPropertiesTest {
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class DependencyCheckPropertiesTest {
 
     @Test
-    public void should_each_analyzer_have_default_enabled_property()
+    void should_each_analyzer_have_default_enabled_property()
             throws IOException, InstantiationException, IllegalAccessException {
         String packageName = "org.owasp.dependencycheck.analyzer";
         Set<Class<AbstractAnalyzer>> analyzerImplementations = findAllAnalyzerImplementations(packageName);
@@ -45,16 +46,16 @@ public void should_each_analyzer_have_default_enabled_property()
             properties.load(fis);
         }
 
-        Assert.assertFalse(analyzerEnabledSettingKeys.isEmpty());
+        assertFalse(analyzerEnabledSettingKeys.isEmpty());
 
         Set<String> absentKeys = analyzerEnabledSettingKeys.stream()
                 .filter(key -> !properties.containsKey(key))
                 .collect(Collectors.toSet());
 
-        Assert.assertTrue(absentKeys.isEmpty());
+        assertTrue(absentKeys.isEmpty());
     }
 
-    public Set<Class<AbstractAnalyzer>> findAllAnalyzerImplementations(String packageName)
+    private Set<Class<AbstractAnalyzer>> findAllAnalyzerImplementations(String packageName)
             throws IOException {
 
         Set<Class<?>> packageClasses = findAllClasses(packageName);
@@ -88,7 +89,7 @@ private boolean isATestAnalyzer(Class<?> clazz) {
         return clazz == AbstractSuppressionAnalyzerTest.AbstractSuppressionAnalyzerImpl.class;
     }
 
-    public Set<Class<?>> findAllClasses(String packageName) throws IOException {
+    private Set<Class<?>> findAllClasses(String packageName) throws IOException {
         String parsedPackageName = packageName.replaceAll("[.]", "/");
 
         Set<Class<?>> classes = new HashSet<>();
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyMergingAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyMergingAnalyzerTest.java
index eddec091aa5..1b1a23a393b 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyMergingAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/DependencyMergingAnalyzerTest.java
@@ -17,11 +17,7 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.util.HashSet;
-import java.util.Set;
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.data.nvd.ecosystem.Ecosystem;
@@ -30,17 +26,25 @@
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.io.File;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class DependencyMergingAnalyzerTest extends BaseTest {
+class DependencyMergingAnalyzerTest extends BaseTest {
 
     /**
      * Test of getName method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         DependencyMergingAnalyzer instance = new DependencyMergingAnalyzer();
         String expResult = "Dependency Merging Analyzer";
         String result = instance.getName();
@@ -51,7 +55,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         DependencyMergingAnalyzer instance = new DependencyMergingAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.POST_INFORMATION_COLLECTION1;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -63,7 +67,7 @@ public void testGetAnalysisPhase() {
      * DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         DependencyMergingAnalyzer instance = new DependencyMergingAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_DEPENDENCY_MERGING_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
@@ -74,7 +78,7 @@ public void testGetAnalyzerEnabledSettingKey() {
      * Test of evaluateDependencies method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testEvaluateDependencies() {
+    void testEvaluateDependencies() {
 //        Dependency dependency = null;
 //        Dependency nextDependency = null;
 //        Set<Dependency> dependenciesToRemove = null;
@@ -88,7 +92,7 @@ public void testEvaluateDependencies() {
      * Test of mergeDependencies method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testMergeDependencies() {
+    void testMergeDependencies() {
         Dependency dependency = new Dependency(true);
         dependency.setName("main");
         dependency.addEvidence(EvidenceType.VENDOR, "test", "vendor", "main", Confidence.HIGHEST);
@@ -114,7 +118,7 @@ public void testMergeDependencies() {
      * Test of isSameRubyGem method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testIsSameRubyGem() {
+    void testIsSameRubyGem() {
         Dependency dependency1 = new Dependency(new File("some.gemspec"), true);
         Dependency dependency2 = new Dependency(new File("another.gemspec"), true);
         dependency1.setPackagePath("path1");
@@ -135,7 +139,7 @@ public void testIsSameRubyGem() {
      * DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetMainGemspecDependency() {
+    void testGetMainGemspecDependency() {
         Dependency dependency1 = null;
         Dependency dependency2 = null;
         DependencyMergingAnalyzer instance = new DependencyMergingAnalyzer();
@@ -168,7 +172,7 @@ public void testGetMainGemspecDependency() {
      * Test of isSameSwiftPackage method, of class DependencyMergingAnalyzer.
      */
     @Test
-    public void testIsSameSwiftPackage() {
+    void testIsSameSwiftPackage() {
         Dependency dependency1 = new Dependency(new File("Package.swift"), true);
         Dependency dependency2 = new Dependency(new File("Package.swift"), true);
         dependency1.setPackagePath("path1");
@@ -189,7 +193,7 @@ public void testIsSameSwiftPackage() {
      * DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetMainSwiftDependency() {
+    void testGetMainSwiftDependency() {
 
         Dependency dependency1 = null;
         Dependency dependency2 = null;
@@ -226,7 +230,7 @@ public void testGetMainSwiftDependency() {
      * @throws Exception thrown if there is an analysis exception
      */
     @Test
-    public void testGetMainAndroidDependency() throws Exception {
+    void testGetMainAndroidDependency() throws Exception {
         ArchiveAnalyzer aa = null;
         try (Engine engine = new Engine(Engine.Mode.EVIDENCE_COLLECTION, getSettings())) {
             Dependency dependency1 = new Dependency(BaseTest.getResourceAsFile(this, "aar-1.0.0.aar"));
@@ -245,7 +249,7 @@ public void testGetMainAndroidDependency() throws Exception {
                     break;
                 }
             }
-            assertNotNull("classes.jar was not found", dependency2);
+            assertNotNull(dependency2, "classes.jar was not found");
             dependency2.setEcosystem(Ecosystem.JAVA);
             DependencyMergingAnalyzer instance = new DependencyMergingAnalyzer();
             Dependency expResult = dependency1;
@@ -263,7 +267,7 @@ public void testGetMainAndroidDependency() throws Exception {
      * DependencyMergingAnalyzer.
      */
     @Test
-    public void testGetMainDotnetDependency() {
+    void testGetMainDotnetDependency() {
         Dependency dependency1 = new Dependency(BaseTest.getResourceAsFile(this, "log4net.dll"));
         dependency1.setEcosystem(AssemblyAnalyzer.DEPENDENCY_ECOSYSTEM);
         dependency1.setName("log4net");
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerIT.java
index 09d636804b2..b666e36e295 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerIT.java
@@ -1,25 +1,32 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
-import org.owasp.dependencycheck.dependency.*;
+import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
+import org.owasp.dependencycheck.dependency.Vulnerability;
+import org.owasp.dependencycheck.dependency.VulnerableSoftware;
 import org.owasp.dependencycheck.exception.ExceptionCollection;
 import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import static org.hamcrest.Matchers.is;
-import static org.junit.Assert.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
-public class ElixirMixAuditAnalyzerIT extends BaseDBTestCase {
+class ElixirMixAuditAnalyzerIT extends BaseDBTestCase {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(ElixirMixAuditAnalyzerIT.class);
 
@@ -31,7 +38,7 @@ public class ElixirMixAuditAnalyzerIT extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -48,7 +55,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         if (analyzer != null) {
@@ -62,10 +69,9 @@ public void tearDown() throws Exception {
     /**
      * Test Elixir MixAudit analysis.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalysis() throws AnalysisException, DatabaseException {
+    void testAnalysis() throws DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             engine.openDatabase();
             analyzer.prepare(engine);
@@ -74,7 +80,7 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
             analyzer.analyze(result, engine);
 
             final Dependency[] dependencies = engine.getDependencies();
-            assertEquals("should be one result exactly", 1, dependencies.length);
+            assertEquals(1, dependencies.length, "should be one result exactly");
 
             Dependency d = dependencies[0];
             assertTrue(d.isVirtual());
@@ -91,7 +97,7 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
             assertEquals("1.3.4", versionEvidence.getValue());
 
             assertTrue(d.getFilePath().endsWith(resource));
-            assertTrue(d.getFileName().equals("mix.lock"));
+            assertEquals("mix.lock", d.getFileName());
 
             Vulnerability v = d.getVulnerabilities().iterator().next();
             assertEquals("2018-1000883", v.getName());
@@ -103,7 +109,7 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
 
         } catch (InitializationException | DatabaseException | AnalysisException e) {
             LOGGER.warn("Exception setting up ElixirAuditAnalyzer. Make sure Elixir and the mix_audit escript is installed. You may also need to set property \"analyzer.mix.audit.path\".");
-            Assume.assumeNoException("Exception setting up ElixirMixAuditAnalyzer; mix_audit may not be installed, or property \"analyzer.mix.audit.path\" may not be set.", e);
+            assumeTrue(false, "Exception setting up ElixirMixAuditAnalyzer; mix_audit may not be installed, or property \"analyzer.mix.audit.path\" may not be set: " + e);
         }
     }
 
@@ -111,10 +117,9 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
     /**
      * Test when mix_audit is not available on the system or wrongly configured.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testInvalidMixAuditExecutable() throws AnalysisException, DatabaseException {
+    void testInvalidMixAuditExecutable() throws DatabaseException {
 
         String path = BaseTest.getResourceAsFile(this, "elixir/invalid_executable").getAbsolutePath();
         getSettings().setString(Settings.KEYS.ANALYZER_MIX_AUDIT_PATH, path);
@@ -133,11 +138,10 @@ public void testInvalidMixAuditExecutable() throws AnalysisException, DatabaseEx
     /**
      * Test Mix dependencies and their paths.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      * @throws DatabaseException thrown when an exception occurs
      */
     @Test
-    public void testDependenciesPath() throws AnalysisException, DatabaseException {
+    void testDependenciesPath() throws DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             try {
                 engine.scan(BaseTest.getResourceAsFile(this, "elixir/mix.lock"));
@@ -146,12 +150,12 @@ public void testDependenciesPath() throws AnalysisException, DatabaseException {
                 LOGGER.error("NPE", ex);
                 fail(ex.getMessage());
             } catch (ExceptionCollection ex) {
-                Assume.assumeNoException("Exception setting up ElixirMixAuditAnalyzer; mix_audit may not be installed, or property \"analyzer.mix.audit.path\" may not be set.", ex);
+                assumeTrue(false, "Exception setting up ElixirMixAuditAnalyzer; mix_audit may not be installed, or property \"analyzer.mix.audit.path\" may not be set: "+ ex);
                 return;
             }
             Dependency[] dependencies = engine.getDependencies();
             LOGGER.info("{} dependencies found.", dependencies.length);
-            assertEquals("should find 0 (vulnerable) dependencies", 0, dependencies.length);
+            assertEquals(0, dependencies.length, "should find 0 (vulnerable) dependencies");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerTest.java
index eeee6dbc391..4822258a8aa 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/ElixirMixAuditAnalyzerTest.java
@@ -1,20 +1,9 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseDBTestCase;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
-import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
-import org.owasp.dependencycheck.data.update.exception.UpdateException;
-import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.dependency.EvidenceType;
-import org.owasp.dependencycheck.dependency.Vulnerability;
-import org.owasp.dependencycheck.exception.ExceptionCollection;
-import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -23,14 +12,13 @@
 
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.*;
 
-public class ElixirMixAuditAnalyzerTest extends BaseTest {
+class ElixirMixAuditAnalyzerTest extends BaseTest {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(ElixirMixAuditAnalyzerTest.class);
     private ElixirMixAuditAnalyzer analyzer;
 
-    @Before
+    @BeforeEach
     public void setUp() throws Exception {
         super.setUp();
         getSettings().setBoolean(Settings.KEYS.AUTO_UPDATE, false);
@@ -39,7 +27,7 @@ public void setUp() throws Exception {
         analyzer.setFilesMatched(true);
     }
 
-    @After
+    @AfterEach
     public void tearDown() throws Exception {
         if (analyzer != null) {
             analyzer.close();
@@ -48,12 +36,12 @@ public void tearDown() throws Exception {
     }
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is("Elixir Mix Audit Analyzer"));
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("mix.lock")), is(true));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzerTest.java
index 24606a5f138..451e98391b3 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzerTest.java
@@ -15,9 +15,7 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Confidence;
@@ -29,11 +27,14 @@
 import us.springett.parsers.cpe.CpeBuilder;
 import us.springett.parsers.cpe.values.Part;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class FalsePositiveAnalyzerTest extends BaseTest {
+class FalsePositiveAnalyzerTest extends BaseTest {
 
     /**
      * A CPE builder object.
@@ -44,7 +45,7 @@ public class FalsePositiveAnalyzerTest extends BaseTest {
      * Test of getName method, of class FalsePositiveAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         FalsePositiveAnalyzer instance = new FalsePositiveAnalyzer();
         String expResult = "False Positive Analyzer";
         String result = instance.getName();
@@ -55,7 +56,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class FalsePositiveAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         FalsePositiveAnalyzer instance = new FalsePositiveAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.POST_IDENTIFIER_ANALYSIS;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -67,7 +68,7 @@ public void testGetAnalysisPhase() {
      * FalsePositiveAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         FalsePositiveAnalyzer instance = new FalsePositiveAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_FALSE_POSITIVE_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
@@ -78,7 +79,7 @@ public void testGetAnalyzerEnabledSettingKey() {
      * Test of analyzeDependency method, of class FalsePositiveAnalyzer.
      */
     @Test
-    public void testAnalyzeDependency() throws Exception {
+    void testAnalyzeDependency() throws Exception {
         Dependency dependency = new Dependency();
         dependency.setFileName("pom.xml");
         dependency.setFilePath("pom.xml");
@@ -97,7 +98,7 @@ public void testAnalyzeDependency() throws Exception {
      * Test of removeBadMatches method, of class FalsePositiveAnalyzer.
      */
     @Test
-    public void testRemoveBadMatches() throws Exception {
+    void testRemoveBadMatches() throws Exception {
         Dependency dependency = new Dependency();
         dependency.setFileName("some.jar");
         dependency.setFilePath("some.jar");
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java
index 33bde854b21..437368d3312 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/FileNameAnalyzerTest.java
@@ -17,27 +17,28 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
-import org.owasp.dependencycheck.exception.InitializationException;
+
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class FileNameAnalyzerTest extends BaseTest {
+class FileNameAnalyzerTest extends BaseTest {
 
     /**
      * Test of getName method, of class FileNameAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         FileNameAnalyzer instance = new FileNameAnalyzer();
         String expResult = "File Name Analyzer";
         String result = instance.getName();
@@ -48,7 +49,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class FileNameAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         FileNameAnalyzer instance = new FileNameAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -59,7 +60,7 @@ public void testGetAnalysisPhase() {
      * Test of analyze method, of class FileNameAnalyzer.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         //File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency resultStruts = new Dependency(struts);
@@ -79,14 +80,12 @@ public void testAnalyze() throws Exception {
      * Test of prepare method, of class FileNameAnalyzer.
      */
     @Test
-    public void testInitialize() {
+    void testInitialize() {
         FileNameAnalyzer instance = new FileNameAnalyzer();
-        try {
+        assertDoesNotThrow(() -> {
             instance.initialize(getSettings());
             instance.prepare(null);
-        } catch (InitializationException ex) {
-            fail(ex.getMessage());
-        }
+        });
         assertTrue(instance.isEnabled());
     }
 
@@ -94,12 +93,8 @@ public void testInitialize() {
      * Test of close method, of class FileNameAnalyzer.
      */
     @Test
-    public void testClose() {
+    void testClose() {
         FileNameAnalyzer instance = new FileNameAnalyzer();
-        try {
-            instance.close();
-        } catch (Exception ex) {
-            fail(ex.getMessage());
-        }
+        assertDoesNotThrow(instance::close);
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangDepAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangDepAnalyzerTest.java
index 0f92c891083..b957e9774ce 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangDepAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangDepAnalyzerTest.java
@@ -17,26 +17,26 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.assertEquals;
-import static org.hamcrest.MatcherAssert.assertThat;
-
-import java.io.File;
-
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 
-public class GolangDepAnalyzerTest extends BaseTest {
+import java.io.File;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+class GolangDepAnalyzerTest extends BaseTest {
 
     private GolangDepAnalyzer analyzer;
     private Engine engine;
 
     @Override
-    @Before
+    @BeforeEach
     public void setUp() throws Exception {
         super.setUp();
         analyzer = new GolangDepAnalyzer();
@@ -44,18 +44,19 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testName() {
-        assertEquals("Analyzer name wrong.", "Golang Dep Analyzer",
-                analyzer.getName());
+    void testName() {
+        assertEquals("Golang Dep Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("Gopkg.lock")), is(true));
     }
 
     @Test
-    public void testGopkgLock() throws AnalysisException {
+    void testGopkgLock() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "golang/Gopkg.lock"));
         analyzer.analyze(result, engine);
         assertEquals(12, engine.getDependencies().length);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangModAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangModAnalyzerTest.java
index b2a0ed974e3..1404c1bcb53 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangModAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/GolangModAnalyzerTest.java
@@ -17,36 +17,36 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.exception.InitializationException;
+import org.owasp.dependencycheck.utils.Settings;
 
 import java.io.File;
 
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for GolangModAnalyzer.
  *
  * @author Matthijs van den Bos
  */
-public class GolangModAnalyzerTest extends BaseTest {
+class GolangModAnalyzerTest extends BaseTest {
 
     private GolangModAnalyzer analyzer;
     private Engine engine;
 
     @Override
-    @Before
+    @BeforeEach
     public void setUp() throws Exception {
         super.setUp();
         getSettings().setBoolean(Settings.KEYS.AUTO_UPDATE, false);
@@ -71,7 +71,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         if (analyzer != null) {
@@ -82,18 +82,19 @@ public void tearDown() throws Exception {
     }
 
     @Test
-    public void testName() {
-        assertEquals("Analyzer name wrong.", "Golang Mod Analyzer",
-                analyzer.getName());
+    void testName() {
+        assertEquals("Golang Mod Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("go.mod")), is(true));
     }
 
     @Test
-    public void testGoMod() throws AnalysisException, InitializationException {
+    void testGoMod() throws AnalysisException, InitializationException {
         analyzer.prepare(engine);
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "golang/go.mod"));
         analyzer.analyze(result, engine);
@@ -112,6 +113,6 @@ public void testGoMod() throws AnalysisException, InitializationException {
                 assertTrue(d.getEvidence(EvidenceType.VERSION).toString().toLowerCase().contains("1.5.0"));
             }
         }
-        assertTrue("Expected to find gitea/gitea", found);
+        assertTrue(found, "Expected to find gitea/gitea");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.java
index 88c36b6de9f..8bb6619dbaf 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/HintAnalyzerTest.java
@@ -15,33 +15,33 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import java.util.Set;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Evidence;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class HintAnalyzerTest extends BaseDBTestCase {
+class HintAnalyzerTest extends BaseDBTestCase {
 
     /**
      * Test of getName method, of class HintAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         HintAnalyzer instance = new HintAnalyzer();
         String expResult = "Hint Analyzer";
         String result = instance.getName();
@@ -52,7 +52,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class HintAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         HintAnalyzer instance = new HintAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.POST_INFORMATION_COLLECTION2;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -63,7 +63,7 @@ public void testGetAnalysisPhase() {
      * Test of analyze method, of class HintAnalyzer.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         //File guice = new File(this.getClass().getClassLoader().getResource("guice-3.0.jar").getPath());
         File guice = BaseTest.getResourceAsFile(this, "guice-3.0.jar");
         //Dependency guice = new EngineDependency(fileg);
@@ -110,7 +110,7 @@ public void testAnalyze() throws Exception {
      * Test of analyze method, of class HintAnalyzer.
      */
     @Test
-    public void testAnalyze_1() throws Exception {
+    void testAnalyze_1() throws Exception {
         File path = BaseTest.getResourceAsFile(this, "hints_12.xml");
         getSettings().setString(Settings.KEYS.HINTS_FILE, path.getPath());
         HintAnalyzer instance = new HintAnalyzer();
@@ -125,13 +125,13 @@ public void testAnalyze_1() throws Exception {
         d.addEvidence(EvidenceType.VENDOR, "hint analyzer", "other vendor name", "vendor", Confidence.HIGH);
         d.addEvidence(EvidenceType.PRODUCT, "hint analyzer", "other product name", "product", Confidence.HIGH);
 
-        assertEquals("vendor evidence mismatch", 2, d.getEvidence(EvidenceType.VENDOR).size());
-        assertEquals("product evidence mismatch", 2, d.getEvidence(EvidenceType.PRODUCT).size());
-        assertEquals("version evidence mismatch", 3, d.getEvidence(EvidenceType.VERSION).size());
+        assertEquals(2, d.getEvidence(EvidenceType.VENDOR).size(), "vendor evidence mismatch");
+        assertEquals(2, d.getEvidence(EvidenceType.PRODUCT).size(), "product evidence mismatch");
+        assertEquals(3, d.getEvidence(EvidenceType.VERSION).size(), "version evidence mismatch");
         instance.analyze(d, null);
-        assertEquals("vendor evidence mismatch", 1, d.getEvidence(EvidenceType.VENDOR).size());
-        assertEquals("product evidence mismatch", 1, d.getEvidence(EvidenceType.PRODUCT).size());
-        assertEquals("version evidence mismatch", 2, d.getEvidence(EvidenceType.VERSION).size());
+        assertEquals(1, d.getEvidence(EvidenceType.VENDOR).size(), "vendor evidence mismatch");
+        assertEquals(1, d.getEvidence(EvidenceType.PRODUCT).size(), "product evidence mismatch");
+        assertEquals(2, d.getEvidence(EvidenceType.VERSION).size(), "version evidence mismatch");
 
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java
index 5b88190bf6b..86c6ee6d11f 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/JarAnalyzerTest.java
@@ -17,7 +17,7 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
@@ -32,14 +32,14 @@
 import java.util.Collections;
 import java.util.List;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * @author Jeremy Long
  */
-public class JarAnalyzerTest extends BaseTest {
+class JarAnalyzerTest extends BaseTest {
 
     /**
      * Test of inspect method, of class JarAnalyzer.
@@ -47,7 +47,7 @@ public class JarAnalyzerTest extends BaseTest {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency result = new Dependency(file);
@@ -65,12 +65,12 @@ public void testAnalyze() throws Exception {
         boolean found = false;
         for (Evidence e : result.getEvidence(EvidenceType.VENDOR)) {
             if (e.getName().equals("url")) {
-                assertEquals("Project url was not as expected in dwr.jar", "http://getahead.ltd.uk/dwr", e.getValue());
+                assertEquals("http://getahead.ltd.uk/dwr", e.getValue(), "Project url was not as expected in dwr.jar");
                 found = true;
                 break;
             }
         }
-        assertTrue("Project url was not found in dwr.jar", found);
+        assertTrue(found, "Project url was not found in dwr.jar");
 
         //file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
         file = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar");
@@ -84,7 +84,7 @@ public void testAnalyze() throws Exception {
                 break;
             }
         }
-        assertTrue("package-title of org.mortbay.http not found in org.mortbay.jetty.jar", found);
+        assertTrue(found, "package-title of org.mortbay.http not found in org.mortbay.jetty.jar");
 
         found = false;
         for (Evidence e : result.getEvidence(EvidenceType.VENDOR)) {
@@ -94,7 +94,7 @@ public void testAnalyze() throws Exception {
                 break;
             }
         }
-        assertTrue("implementation-url of http://jetty.mortbay.org not found in org.mortbay.jetty.jar", found);
+        assertTrue(found, "implementation-url of http://jetty.mortbay.org not found in org.mortbay.jetty.jar");
 
         found = false;
         for (Evidence e : result.getEvidence(EvidenceType.VERSION)) {
@@ -104,17 +104,17 @@ public void testAnalyze() throws Exception {
                 break;
             }
         }
-        assertTrue("implementation-version of 4.2.27 not found in org.mortbay.jetty.jar", found);
+        assertTrue(found, "implementation-version of 4.2.27 not found in org.mortbay.jetty.jar");
 
         //file = new File(this.getClass().getClassLoader().getResource("org.mortbay.jmx.jar").getPath());
         file = BaseTest.getResourceAsFile(this, "org.mortbay.jmx.jar");
         result = new Dependency(file);
         instance.analyze(result, null);
-        assertEquals("org.mortbar.jmx.jar has version evidence?", 0, result.getEvidence(EvidenceType.VERSION).size());
+        assertEquals(0, result.getEvidence(EvidenceType.VERSION).size(), "org.mortbar.jmx.jar has version evidence?");
     }
 
     @Test
-    public void testAddMatchingValues() throws Exception {
+    void testAddMatchingValues() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency dependency = new Dependency(file);
         JarAnalyzer instance = new JarAnalyzer();
@@ -148,14 +148,14 @@ public void testAddMatchingValues() throws Exception {
      * Test of getSupportedExtensions method, of class JarAnalyzer.
      */
     @Test
-    public void testAcceptSupportedExtensions() throws Exception {
+    void testAcceptSupportedExtensions() throws Exception {
         JarAnalyzer instance = new JarAnalyzer();
         instance.initialize(getSettings());
         instance.prepare(null);
         instance.setEnabled(true);
         String[] files = {"test.jar", "test.war"};
         for (String name : files) {
-            assertTrue(name, instance.accept(new File(name)));
+            assertTrue(instance.accept(new File(name)), name);
         }
     }
 
@@ -163,7 +163,7 @@ public void testAcceptSupportedExtensions() throws Exception {
      * Test of getName method, of class JarAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         JarAnalyzer instance = new JarAnalyzer();
         String expResult = "Jar Analyzer";
         String result = instance.getName();
@@ -171,7 +171,7 @@ public void testGetName() {
     }
 
     @Test
-    public void testParseManifest() throws Exception {
+    void testParseManifest() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "xalan-2.7.0.jar");
         Dependency result = new Dependency(file);
         JarAnalyzer instance = new JarAnalyzer();
@@ -185,7 +185,7 @@ public void testParseManifest() throws Exception {
      * Test of getAnalysisPhase method, of class JarAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         JarAnalyzer instance = new JarAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -196,7 +196,7 @@ public void testGetAnalysisPhase() {
      * Test of getAnalyzerEnabledSettingKey method, of class JarAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         JarAnalyzer instance = new JarAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_JAR_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
@@ -204,7 +204,7 @@ public void testGetAnalyzerEnabledSettingKey() {
     }
 
     @Test
-    public void testClassInformation() {
+    void testClassInformation() {
         JarAnalyzer.ClassNameInformation instance = new JarAnalyzer.ClassNameInformation("org/owasp/dependencycheck/analyzer/JarAnalyzer");
         assertEquals("org/owasp/dependencycheck/analyzer/JarAnalyzer", instance.getName());
         List<String> expected = Arrays.asList("owasp", "dependencycheck", "analyzer", "jaranalyzer");
@@ -213,7 +213,7 @@ public void testClassInformation() {
     }
 
     @Test
-    public void testAnalyzeDependency_SkipsMacOSMetaDataFile() throws Exception {
+    void testAnalyzeDependency_SkipsMacOSMetaDataFile() throws Exception {
         JarAnalyzer instance = new JarAnalyzer();
         Dependency macOSMetaDataFile = new Dependency();
 
@@ -232,7 +232,7 @@ public void testAnalyzeDependency_SkipsMacOSMetaDataFile() throws Exception {
     }
 
     @Test
-    public void testAnalyseDependency_SkipsNonZipFile() throws Exception {
+    void testAnalyseDependency_SkipsNonZipFile() throws Exception {
         JarAnalyzer instance = new JarAnalyzer();
         Dependency textFileWithJarExtension = new Dependency();
         textFileWithJarExtension
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/LibmanAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/LibmanAnalyzerTest.java
index 6feec92f2dc..54814d5abfa 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/LibmanAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/LibmanAnalyzerTest.java
@@ -17,9 +17,8 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Before;
-import org.junit.Test;
-
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
@@ -28,18 +27,18 @@
 
 import java.io.File;
 
-import static junit.framework.TestCase.assertTrue;
-import static org.junit.Assert.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * @author Arjen Korevaar
  */
-public class LibmanAnalyzerTest extends BaseTest {
+class LibmanAnalyzerTest extends BaseTest {
 
     private Engine engine;
     private LibmanAnalyzer analyzer;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -54,7 +53,7 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testGetAnalyzerName() {
+    void testGetAnalyzerName() {
         String expected = "Libman Analyzer";
         String actual = analyzer.getName();
 
@@ -62,14 +61,14 @@ public void testGetAnalyzerName() {
     }
 
     @Test
-    public void testSupportedFileNames() {
+    void testSupportedFileNames() {
         boolean condition = analyzer.accept(new File("libman.json"));
 
         assertTrue(condition);
     }
 
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         String expected = Settings.KEYS.ANALYZER_LIBMAN_ENABLED;
         String actual = analyzer.getAnalyzerEnabledSettingKey();
 
@@ -77,7 +76,7 @@ public void testGetAnalyzerEnabledSettingKey() {
     }
 
     @Test
-    public void testLibmanAnalysis() throws Exception {
+    void testLibmanAnalysis() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             File file = BaseTest.getResourceAsFile(this, "libman/libman.json");
             Dependency dependency = new Dependency(file);
@@ -118,7 +117,7 @@ public void testLibmanAnalysis() throws Exception {
                 }
             }
 
-            assertEquals("4 dependencies should be found", 4, count);
+            assertEquals(4, count, "4 dependencies should be found");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/MSBuildProjectAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/MSBuildProjectAnalyzerTest.java
index fd4b560e598..2b09483d30e 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/MSBuildProjectAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/MSBuildProjectAnalyzerTest.java
@@ -17,26 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.Evidence;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 import java.util.stream.Collectors;
 
-import static junit.framework.TestCase.assertTrue;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.owasp.dependencycheck.analyzer.NuspecAnalyzer.DEPENDENCY_ECOSYSTEM;
 
-public class MSBuildProjectAnalyzerTest extends BaseTest {
+class MSBuildProjectAnalyzerTest extends BaseTest {
 
     private MSBuildProjectAnalyzer instance;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -48,24 +49,24 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testGetAnalyzerName() {
+    void testGetAnalyzerName() {
         assertEquals("MSBuild Project Analyzer", instance.getName());
     }
 
     @Test
-    public void testSupportsFileExtensions() {
+    void testSupportsFileExtensions() {
         assertTrue(instance.accept(new File("test.csproj")));
         assertTrue(instance.accept(new File("test.vbproj")));
         assertFalse(instance.accept(new File("test.nuspec")));
     }
 
     @Test
-    public void testGetAnalysisPhaze() {
+    void testGetAnalysisPhaze() {
         assertEquals(AnalysisPhase.INFORMATION_COLLECTION, instance.getAnalysisPhase());
     }
 
     @Test
-    public void testMSBuildProjectAnalysis() throws Exception {
+    void testMSBuildProjectAnalysis() throws Exception {
 
         try (Engine engine = new Engine(getSettings())) {
             File file = BaseTest.getResourceAsFile(this, "msbuild/test.csproj");
@@ -77,7 +78,7 @@ public void testMSBuildProjectAnalysis() throws Exception {
             analyzer.setEnabled(true);
             analyzer.analyze(toScan, engine);
 
-            assertEquals("5 dependencies should be found", 5, engine.getDependencies().length);
+            assertEquals(5, engine.getDependencies().length, "5 dependencies should be found");
 
             int foundCount = 0;
 
@@ -120,7 +121,7 @@ public void testMSBuildProjectAnalysis() throws Exception {
                             foundCount++;
                             assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("NodaTime"));
                             assertTrue(result.getEvidence(EvidenceType.PRODUCT).toString().contains("NodaTime"));
-                            assertTrue("Expected 3.0.0; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(e -> e.toString()).collect(Collectors.joining(",", "{", "}")), result.getEvidence(EvidenceType.VERSION).toString().contains("3.0.0"));
+                            assertTrue(result.getEvidence(EvidenceType.VERSION).toString().contains("3.0.0"), "Expected 3.0.0; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(Evidence::toString).collect(Collectors.joining(",", "{", "}")));
                             break;
                         default:
                             break;
@@ -128,12 +129,12 @@ public void testMSBuildProjectAnalysis() throws Exception {
                 }
             }
 
-            assertEquals("5 expected dependencies should be found", 5, foundCount);
+            assertEquals(5, foundCount, "5 expected dependencies should be found");
         }
     }
 
     @Test
-    public void testMSBuildProjectAnalysis_WithImports() throws Exception {
+    void testMSBuildProjectAnalysis_WithImports() throws Exception {
         testMSBuildProjectAnalysisWithImport("msbuild/ProjectA/ProjectA.csproj", "3.0.0", "1.0.0");
         testMSBuildProjectAnalysisWithImport("msbuild/ProjectB/ProjectB.csproj", "3.0.0", "2.0.0");
         testMSBuildProjectAnalysisWithImport("msbuild/ProjectC/ProjectC.csproj", "3.0.0", "3.0.0");
@@ -154,7 +155,7 @@ public void testMSBuildProjectAnalysisWithImport(String path, String nodaVersion
             analyzer.setEnabled(true);
             analyzer.analyze(toScan, engine);
 
-            assertEquals("2 dependencies should be found", 2, engine.getDependencies().length);
+            assertEquals(2, engine.getDependencies().length, "2 dependencies should be found");
 
             int foundCount = 0;
 
@@ -168,13 +169,13 @@ public void testMSBuildProjectAnalysisWithImport(String path, String nodaVersion
                             foundCount++;
                             assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("Humanizer"));
                             assertTrue(result.getEvidence(EvidenceType.PRODUCT).toString().contains("Humanizer"));
-                            assertTrue("Expected " + humanizerVersion + "; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(e -> e.toString()).collect(Collectors.joining(",", "{", "}")), result.getEvidence(EvidenceType.VERSION).toString().contains(humanizerVersion));
+                            assertTrue(result.getEvidence(EvidenceType.VERSION).toString().contains(humanizerVersion), "Expected " + humanizerVersion + "; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(Evidence::toString).collect(Collectors.joining(",", "{", "}")));
                             break;
                         case "NodaTime":
                             foundCount++;
                             assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("NodaTime"));
                             assertTrue(result.getEvidence(EvidenceType.PRODUCT).toString().contains("NodaTime"));
-                            assertTrue("Expected " + nodaVersion + "; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(e -> e.toString()).collect(Collectors.joining(",", "{", "}")), result.getEvidence(EvidenceType.VERSION).toString().contains(nodaVersion));
+                            assertTrue(result.getEvidence(EvidenceType.VERSION).toString().contains(nodaVersion), "Expected " + nodaVersion + "; contained: " + result.getEvidence(EvidenceType.VERSION).stream().map(Evidence::toString).collect(Collectors.joining(",", "{", "}")));
                             break;
                         default:
                             break;
@@ -182,7 +183,7 @@ public void testMSBuildProjectAnalysisWithImport(String path, String nodaVersion
                 }
             }
 
-            assertEquals("2 expected dependencies should be found", 2, foundCount);
+            assertEquals(2, foundCount, "2 expected dependencies should be found");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerIT.java
index fa4fd775a81..6dfb02c8a28 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerIT.java
@@ -1,23 +1,24 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
-import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.*;
-import org.junit.Assume;
-import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.Settings;
 
-public class NodeAuditAnalyzerIT extends BaseTest {
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
+class NodeAuditAnalyzerIT extends BaseTest {
 
     @Test
-    public void testAnalyzePackage() throws AnalysisException, InitializationException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testAnalyzePackage() throws AnalysisException, InitializationException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         try (Engine engine = new Engine(getSettings())) {
             NodeAuditAnalyzer analyzer = new NodeAuditAnalyzer();
             analyzer.setFilesMatched(true);
@@ -26,7 +27,7 @@ public void testAnalyzePackage() throws AnalysisException, InitializationExcepti
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, "nodeaudit/package-lock.json"));
             analyzer.analyze(toScan, engine);
             boolean found = false;
-            assertTrue("More then 1 dependency should be identified", 1 < engine.getDependencies().length);
+            assertTrue(1 < engine.getDependencies().length, "More then 1 dependency should be identified");
             for (Dependency result : engine.getDependencies()) {
                 if ("package-lock.json?uglify-js".equals(result.getFileName())) {
                     found = true;
@@ -36,13 +37,13 @@ public void testAnalyzePackage() throws AnalysisException, InitializationExcepti
                     assertTrue(result.isVirtual());
                 }
             }
-            assertTrue("Uglify was not found", found);
+            assertTrue(found, "Uglify was not found");
         }
     }
 
     @Test
-    public void testAnalyzeEmpty() throws AnalysisException, InitializationException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testAnalyzeEmpty() throws AnalysisException, InitializationException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         try (Engine engine = new Engine(getSettings())) {
             NodeAuditAnalyzer analyzer = new NodeAuditAnalyzer();
             analyzer.setFilesMatched(true);
@@ -58,8 +59,8 @@ public void testAnalyzeEmpty() throws AnalysisException, InitializationException
     }
 
     @Test
-    public void testAnalyzePackageJsonInNodeModulesDirectory() throws AnalysisException, InitializationException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testAnalyzePackageJsonInNodeModulesDirectory() throws AnalysisException, InitializationException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         try (Engine engine = new Engine(getSettings())) {
             NodeAuditAnalyzer analyzer = new NodeAuditAnalyzer();
             analyzer.setFilesMatched(true);
@@ -68,7 +69,7 @@ public void testAnalyzePackageJsonInNodeModulesDirectory() throws AnalysisExcept
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, "nodejs/node_modules/dns-sync/package.json"));
             engine.addDependency(toScan);
             analyzer.analyze(toScan, engine);
-            assertEquals("No dependencies should exist", 0, engine.getDependencies().length);
+            assertEquals(0, engine.getDependencies().length, "No dependencies should exist");
         }
     }
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerTest.java
index 5fe4caef275..bacb52681a2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodeAuditAnalyzerTest.java
@@ -1,21 +1,23 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
+
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
 
-public class NodeAuditAnalyzerTest extends BaseTest {
+class NodeAuditAnalyzerTest extends BaseTest {
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         NodeAuditAnalyzer analyzer = new NodeAuditAnalyzer();
         assertThat(analyzer.getName(), is("Node Audit Analyzer"));
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         NodeAuditAnalyzer analyzer = new NodeAuditAnalyzer();
         assertThat(analyzer.accept(new File("package-lock.json")), is(true));
         assertThat(analyzer.accept(new File("npm-shrinkwrap.json")), is(true));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
index c05193b80f4..b202b7f7ee6 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzerTest.java
@@ -17,33 +17,34 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
+import org.owasp.dependencycheck.exception.InitializationException;
+import org.owasp.dependencycheck.utils.InvalidSettingException;
+import org.owasp.dependencycheck.utils.Settings;
 
 import java.io.File;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.*;
-
-import org.junit.Assume;
-import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.dependency.EvidenceType;
-import org.owasp.dependencycheck.exception.InitializationException;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
-import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  * Unit tests for NodePackageAnalyzer.
  *
  * @author Dale Visser
  */
-public class NodePackageAnalyzerTest extends BaseTest {
+class NodePackageAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -89,7 +90,7 @@ private NodePackageAnalyzer getNodePackageAnalyzer(Engine engine) {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -115,7 +116,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         if (getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED)) {
@@ -130,9 +131,9 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PythonDistributionAnalyzer.
      */
     @Test
-    public void testGetName() throws InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testGetName() throws InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         assertThat(analyzer.getName(), is("Node.js Package Analyzer"));
     }
 
@@ -140,9 +141,9 @@ public void testGetName() throws InvalidSettingException {
      * Test of supportsExtension method, of class PythonDistributionAnalyzer.
      */
     @Test
-    public void testSupportsFiles() throws InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testSupportsFiles() throws InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         assertThat(analyzer.accept(new File("package-lock.json")), is(true));
         assertThat(analyzer.accept(new File("npm-shrinkwrap.json")), is(true));
     }
@@ -153,9 +154,9 @@ public void testSupportsFiles() throws InvalidSettingException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeShrinkwrapJson() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testAnalyzeShrinkwrapJson() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/npm-shrinkwrap.json"));
         final Dependency toCombine = new Dependency(BaseTest.getResourceAsFile(this,
@@ -206,9 +207,9 @@ private void testLock() {
             }
         }
 
-        assertTrue("need to contain braces", bracesFound);
+        assertTrue(bracesFound, "need to contain braces");
         //check if dependencies of dependencies are imported
-        assertTrue("need to contain expand-range (dependency of braces)", expandRangeFound);
+        assertTrue(expandRangeFound, "need to contain expand-range (dependency of braces)");
 
         final String vendorString = result.getEvidence(EvidenceType.VENDOR).toString();
         assertThat(vendorString, containsString("Sanjeev Koranga"));
@@ -232,9 +233,9 @@ private void testLock() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzePackageJsonWithShrinkwrap() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testAnalyzePackageJsonWithShrinkwrap() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         final Dependency packageJson = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/package.json"));
         final Dependency shrinkwrap = new Dependency(BaseTest.getResourceAsFile(this,
@@ -256,16 +257,16 @@ public void testAnalyzePackageJsonWithShrinkwrap() throws AnalysisException, Inv
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testWithoutLock() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testWithoutLock() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         final Dependency packageJson = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/no_lock/package.json"));
         engine.addDependency(packageJson);
         analyzer.analyze(packageJson, engine);
 
         //final boolean isMac = !System.getProperty("os.name").toLowerCase().contains("mac");
-        assertEquals("Expected 1 dependencies", 1, engine.getDependencies().length);
+        assertEquals(1, engine.getDependencies().length, "Expected 1 dependencies");
     }
 
     /**
@@ -274,9 +275,9 @@ public void testWithoutLock() throws AnalysisException, InvalidSettingException
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testPackageLockV2() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testPackageLockV2() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         final Dependency packageJson = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/test_lockv2/package.json"));
         final Dependency packageLockJson = new Dependency(BaseTest.getResourceAsFile(this,
@@ -284,9 +285,9 @@ public void testPackageLockV2() throws AnalysisException, InvalidSettingExceptio
         engine.addDependency(packageJson);
         engine.addDependency(packageLockJson);
         analyzer.analyze(packageJson, engine);
-        assertEquals("Expected 1 dependencies", 1, engine.getDependencies().length);
+        assertEquals(1, engine.getDependencies().length, "Expected 1 dependencies");
         analyzer.analyze(packageLockJson, engine);
-        assertEquals("Expected 1 dependencies", 6, engine.getDependencies().length);
+        assertEquals(6, engine.getDependencies().length, "Expected 1 dependencies");
     }
 
     /**
@@ -295,9 +296,9 @@ public void testPackageLockV2() throws AnalysisException, InvalidSettingExceptio
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testPackageLockV3() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED), is(true));
+    void testPackageLockV3() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_AUDIT_ENABLED));
         final Dependency packageJson = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/test_lockv3/package.json"));
         final Dependency packageLockJson = new Dependency(BaseTest.getResourceAsFile(this,
@@ -305,9 +306,9 @@ public void testPackageLockV3() throws AnalysisException, InvalidSettingExceptio
         engine.addDependency(packageJson);
         engine.addDependency(packageLockJson);
         analyzer.analyze(packageJson, engine);
-        assertEquals("Expected 1 dependencies", 1, engine.getDependencies().length);
+        assertEquals(1, engine.getDependencies().length, "Expected 1 dependencies");
         analyzer.analyze(packageLockJson, engine);
-        assertEquals("Expected 1 dependencies", 6, engine.getDependencies().length);
+        assertEquals(6, engine.getDependencies().length, "Expected 1 dependencies");
     }
 
     /**
@@ -318,8 +319,8 @@ public void testPackageLockV3() throws AnalysisException, InvalidSettingExceptio
      * @throws AnalysisException if there was a problem with the analysis
      */
     @Test
-    public void testLocalPackageDependency() throws AnalysisException, InvalidSettingException {
-        Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED), is(true));
+    void testLocalPackageDependency() throws AnalysisException, InvalidSettingException {
+        assumeTrue(getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_ENABLED));
         final Dependency packageJson = new Dependency(BaseTest.getResourceAsFile(this,
                 "nodejs/local_package/package.json"));
         final Dependency packageLockJson = new Dependency(BaseTest.getResourceAsFile(this,
@@ -327,8 +328,8 @@ public void testLocalPackageDependency() throws AnalysisException, InvalidSettin
         engine.addDependency(packageJson);
         engine.addDependency(packageLockJson);
         analyzer.analyze(packageJson, engine);
-        assertEquals("Expected 1 dependencies", 1, engine.getDependencies().length);
+        assertEquals(1, engine.getDependencies().length, "Expected 1 dependencies");
         analyzer.analyze(packageLockJson, engine);
-        assertEquals("Expected 2 dependencies", 2, engine.getDependencies().length);
+        assertEquals(2, engine.getDependencies().length, "Expected 2 dependencies");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerIT.java
index 94aa6bbff6b..2d00812e37b 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerIT.java
@@ -17,20 +17,21 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
-import static org.junit.Assert.assertTrue;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class NpmCPEAnalyzerIT extends BaseDBTestCase {
+class NpmCPEAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of analyzeDependency method, of class CPEAnalyzer.
@@ -38,7 +39,7 @@ public class NpmCPEAnalyzerIT extends BaseDBTestCase {
      * @throws Exception is thrown when an exception occurs
      */
     @Test
-    public void testAnalyzeDependency() throws Exception {
+    void testAnalyzeDependency() throws Exception {
 
         NpmCPEAnalyzer instance = new NpmCPEAnalyzer();
         try (Engine engine = new Engine(getSettings())) {
@@ -82,11 +83,11 @@ private void callAnalyzeDependency(String vendor, String product, String version
             System.out.println(id.getValue());
             return expectedCpe.equals(id.getValue());
         });
-        assertTrue(String.format("%s:%s:%s identifier not found", vendor, product, version), found);
+        assertTrue(found, String.format("%s:%s:%s identifier not found", vendor, product, version));
     }
 
     @Test
-    public void testAnalyzeDependencyNoMatch() throws Exception {
+    void testAnalyzeDependencyNoMatch() throws Exception {
 
         NpmCPEAnalyzer instance = new NpmCPEAnalyzer();
         try (Engine engine = new Engine(getSettings())) {
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerTest.java
index 86294c9d534..f20e68d5bb4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NpmCPEAnalyzerTest.java
@@ -17,22 +17,23 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.utils.Settings;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
 /**
  *
  * @author jeremy long
  */
-public class NpmCPEAnalyzerTest extends BaseDBTestCase {
+class NpmCPEAnalyzerTest extends BaseDBTestCase {
 
     /**
      * Test of getName method, of class CPEAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         NpmCPEAnalyzer instance = new NpmCPEAnalyzer();
         String expResult = "NPM CPE Analyzer";
         String result = instance.getName();
@@ -43,7 +44,7 @@ public void testGetName() {
      * Test of getAnalyzerEnabledSettingKey method, of class CPEAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         NpmCPEAnalyzer instance = new NpmCPEAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_NPM_CPE_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NugetconfAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NugetconfAnalyzerTest.java
index 884f329fb5f..1e405150871 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NugetconfAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NugetconfAnalyzerTest.java
@@ -17,8 +17,8 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
@@ -26,16 +26,16 @@
 
 import java.io.File;
 
-import static junit.framework.TestCase.assertTrue;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.owasp.dependencycheck.analyzer.NuspecAnalyzer.DEPENDENCY_ECOSYSTEM;
 
-public class NugetconfAnalyzerTest extends BaseTest {
+class NugetconfAnalyzerTest extends BaseTest {
 
     private NugetconfAnalyzer instance;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -46,18 +46,18 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testGetAnalyzerName() {
+    void testGetAnalyzerName() {
         assertEquals("Nugetconf Analyzer", instance.getName());
     }
 
     @Test
-    public void testSupportedFileNames() {
+    void testSupportedFileNames() {
         assertTrue(instance.accept(new File("packages.config")));
         assertFalse(instance.accept(new File("packages.json")));
     }
 
     @Test
-    public void testNugetconfAnalysis() throws Exception {
+    void testNugetconfAnalysis() throws Exception {
 
         try (Engine engine = new Engine(getSettings())) {
             File file = BaseTest.getResourceAsFile(this, "nugetconf/packages.config");
@@ -99,12 +99,12 @@ public void testNugetconfAnalysis() throws Exception {
                         assertTrue(result.getEvidence(EvidenceType.PRODUCT).toString().contains("Newtonsoft.Json"));
                         assertTrue(result.getEvidence(EvidenceType.VERSION).toString().contains("10.0.3"));
                         break;
-                    
+
                     default :
                         break;
                     }
                 }
-            assertEquals("4 dependencies should be found", 4, foundCount);
+            assertEquals(4, foundCount, "4 dependencies should be found");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzerTest.java
index 12dc3eaf64d..d9a57b2d383 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/NuspecAnalyzerTest.java
@@ -17,24 +17,23 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
-import org.owasp.dependencycheck.dependency.EvidenceType;
 
-public class NuspecAnalyzerTest extends BaseTest {
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class NuspecAnalyzerTest extends BaseTest {
 
     private NuspecAnalyzer instance;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -45,23 +44,23 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testGetAnalyzerName() {
+    void testGetAnalyzerName() {
         assertEquals("Nuspec Analyzer", instance.getName());
     }
 
     @Test
-    public void testSupportsFileExtensions() {
+    void testSupportsFileExtensions() {
         assertTrue(instance.accept(new File("test.nuspec")));
         assertFalse(instance.accept(new File("test.nupkg")));
     }
 
     @Test
-    public void testGetAnalysisPhaze() {
+    void testGetAnalysisPhaze() {
         assertEquals(AnalysisPhase.INFORMATION_COLLECTION, instance.getAnalysisPhase());
     }
 
     @Test
-    public void testNuspecAnalysis() throws Exception {
+    void testNuspecAnalysis() throws Exception {
 
         File file = BaseTest.getResourceAsFile(this, "nuspec/test.nuspec");
         Dependency result = new Dependency(file);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java
index d6749e03f90..a9b14445a9a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/OpenSSLAnalyzerTest.java
@@ -17,27 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for OpenSSLAnalyzerAnalyzer.
  *
  * @author Dale Visser
  */
-public class OpenSSLAnalyzerTest extends BaseTest {
+class OpenSSLAnalyzerTest extends BaseTest {
 
     /**
      * The package analyzer to test.
@@ -49,7 +49,7 @@ public class OpenSSLAnalyzerTest extends BaseTest {
      *
      * @throws Exception if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -64,7 +64,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -75,21 +75,21 @@ public void tearDown() throws Exception {
      * Test of getName method, of class OpenSSLAnalyzer.
      */
     @Test
-    public void testGetName() {
-        assertEquals("Analyzer name wrong.", "OpenSSL Source Analyzer", analyzer.getName());
+    void testGetName() {
+        assertEquals("OpenSSL Source Analyzer", analyzer.getName(), "Analyzer name wrong.");
     }
 
     /**
      * Test of supportsExtension method, of class PythonPackageAnalyzer.
      */
     @Test
-    public void testAccept() {
-        assertTrue("Should support files named \"opensslv.h\".",
-                analyzer.accept(new File("opensslv.h")));
+    void testAccept() {
+        assertTrue(analyzer.accept(new File("opensslv.h")),
+                "Should support files named \"opensslv.h\".");
     }
 
     @Test
-    public void testVersionConstantExamples() {
+    void testVersionConstantExamples() {
         final long[] constants = {0x1000203fL, 0x00903000L, 0x00903001L, 0x00903002L, 0x0090300fL, 0x0090301fL, 0x0090400fL, 0x102031afL};
         final String[] versions = {"1.0.2c",
             "0.9.3-dev",
@@ -106,7 +106,7 @@ public void testVersionConstantExamples() {
     }
 
     @Test
-    public void testOpenSSLVersionHeaderFile() throws AnalysisException {
+    void testOpenSSLVersionHeaderFile() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this,
                 "openssl/opensslv.h"));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzerTest.java
index 641f9e5a31e..288e64b0269 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/OssIndexAnalyzerTest.java
@@ -1,20 +1,6 @@
 package org.owasp.dependencycheck.analyzer;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-
-import java.net.SocketTimeoutException;
-
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
@@ -23,16 +9,33 @@
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
 import org.owasp.dependencycheck.utils.Settings;
+import org.owasp.dependencycheck.utils.Settings.KEYS;
 
 import org.sonatype.goodies.packageurl.PackageUrl;
 import org.sonatype.ossindex.service.api.componentreport.ComponentReport;
 import org.sonatype.ossindex.service.client.OssindexClient;
 import org.sonatype.ossindex.service.client.transport.Transport;
 
-public class OssIndexAnalyzerTest extends BaseTest {
+import java.net.SocketTimeoutException;
+import java.net.URI;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class OssIndexAnalyzerTest extends BaseTest {
 
     @Test
-    public void should_enrich_be_included_in_mutex_to_prevent_NPE()
+    void should_enrich_be_included_in_mutex_to_prevent_NPE()
             throws Exception {
 
         // Given
@@ -44,10 +47,12 @@ public void should_enrich_be_included_in_mutex_to_prevent_NPE()
         Dependency dependency = new Dependency();
         dependency.addSoftwareIdentifier(identifier);
         Settings settings = getSettings();
+        setCredentials(settings);
         Engine engine = new Engine(settings);
         engine.setDependencies(Collections.singletonList(dependency));
 
         analyzer.initialize(settings);
+        analyzer.prepareAnalyzer(engine);
 
         String expectedOutput = "https://ossindex.sonatype.org/component/pkg:maven/test/test@1.0";
 
@@ -77,6 +82,11 @@ public void should_enrich_be_included_in_mutex_to_prevent_NPE()
      */
     static final class SproutOssIndexAnalyzer extends OssIndexAnalyzer {
         private Future<?> pendingClosureTask;
+        @Override
+        OssindexClient newOssIndexClient() {
+                return new OssIndexClientOk();
+        }
+
         @Override
         void enrich(Dependency dependency) {
             ExecutorService executor = Executors.newSingleThreadExecutor();
@@ -95,19 +105,79 @@ void awaitPendingClosure() throws ExecutionException, InterruptedException {
         }
     }
 
+    private static final class OssIndexClientOk implements OssindexClient {
+
+        @Override
+        public Map<PackageUrl, ComponentReport> requestComponentReports(List<PackageUrl> coordinates) throws Exception {
+            HashMap<PackageUrl, ComponentReport> reports = new HashMap<>();
+            ComponentReport report = new ComponentReport();
+            PackageUrl packageUrl = coordinates.get(0);
+            report.setCoordinates(packageUrl);
+            report.setReference(new URI("https://ossindex.sonatype.org/component/pkg:maven/test/test@1.0?utm_source=dependency-check&utm_medium=integration&utm_content=12.1.4-SNAPSHOT"));
+            reports.put(packageUrl, report);
+            return reports;
+        }
+
+        @Override
+        public ComponentReport requestComponentReport(PackageUrl coordinates) throws Exception {
+            return new ComponentReport();
+        }
+
+        @Override
+        public void close() {
+
+        }
+    }
+
+    @Test
+    void should_analyzeDependency_return_a_dedicated_error_message_when_401_response_from_sonatype() throws Exception {
+        // Given
+        OssIndexAnalyzer analyzer = new OssIndexAnalyzer();
+        Settings settings = getSettings();
+        setCredentials(settings);
+        settings.setBoolean(KEYS.ANALYZER_OSSINDEX_USE_CACHE, false);
+        try (Engine engine = new Engine(settings)) {
+
+            analyzer.initialize(settings);
+            analyzer.prepareAnalyzer(engine);
+
+            Identifier identifier = new PurlIdentifier("maven", "test", "test", "1.0",
+                    Confidence.HIGHEST);
+
+            Dependency dependency = new Dependency();
+            dependency.addSoftwareIdentifier(identifier);
+            engine.setDependencies(Collections.singletonList(dependency));
+
+            // When
+            AnalysisException output = new AnalysisException();
+            try {
+                analyzer.analyzeDependency(dependency, engine);
+            } catch (AnalysisException e) {
+                output = e;
+            }
+
+            // Then
+            assertEquals("Invalid credentials provided for OSS Index", output.getMessage());
+            analyzer.close();
+        }
+    }
+
     @Test
-    public void should_analyzeDependency_return_a_dedicated_error_message_when_403_response_from_sonatype() throws Exception {
+    void should_analyzeDependency_return_a_dedicated_error_message_when_403_response_from_sonatype() throws Exception {
         // Given
         OssIndexAnalyzer analyzer = new OssIndexAnalyzerThrowing403();
-        analyzer.initialize(getSettings());
+        Settings settings = getSettings();
+        setCredentials(settings);
+        Engine engine = new Engine(settings);
+
+        analyzer.initialize(settings);
+        analyzer.prepareAnalyzer(engine);
 
         Identifier identifier = new PurlIdentifier("maven", "test", "test", "1.0",
                 Confidence.HIGHEST);
 
         Dependency dependency = new Dependency();
         dependency.addSoftwareIdentifier(identifier);
-        Settings settings = getSettings();
-        Engine engine = new Engine(settings);
         engine.setDependencies(Collections.singletonList(dependency));
 
         // When
@@ -123,80 +193,81 @@ public void should_analyzeDependency_return_a_dedicated_error_message_when_403_r
         analyzer.close();
     }
 
-    
+
     @Test
-    public void should_analyzeDependency_only_warn_when_transport_error_from_sonatype() throws Exception {
+    void should_analyzeDependency_only_warn_when_transport_error_from_sonatype() throws Exception {
         // Given
         OssIndexAnalyzer analyzer = new OssIndexAnalyzerThrowing502();
-        
-        getSettings().setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, true);
-        analyzer.initialize(getSettings());
+        Settings settings = getSettings();
+        setCredentials(settings);
+        settings.setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, true);
+        Engine engine = new Engine(settings);
+
+        analyzer.initialize(settings);
+        analyzer.prepareAnalyzer(engine);
 
         Identifier identifier = new PurlIdentifier("maven", "test", "test", "1.0",
                 Confidence.HIGHEST);
 
         Dependency dependency = new Dependency();
         dependency.addSoftwareIdentifier(identifier);
-        Settings settings = getSettings();
-        Engine engine = new Engine(settings);
-        engine.setDependencies(Collections.singletonList(dependency));
 
         // When
-        try {
-            analyzer.analyzeDependency(dependency, engine);
-        } catch (AnalysisException e) {
-            Assert.fail("Analysis exception thrown upon remote error although only a warning should have been logged");
+        try (engine) {
+            engine.setDependencies(Collections.singletonList(dependency));
+            assertDoesNotThrow(() -> analyzer.analyzeDependency(dependency, engine),
+                    "Analysis exception thrown upon remote error although only a warning should have been logged");
         } finally {
             analyzer.close();
-            engine.close();
         }
     }
 
-
     @Test
-    public void should_analyzeDependency_only_warn_when_socket_error_from_sonatype() throws Exception {
+    void should_analyzeDependency_only_warn_when_socket_error_from_sonatype() throws Exception {
         // Given
         OssIndexAnalyzer analyzer = new OssIndexAnalyzerThrowingSocketTimeout();
+        Settings settings = getSettings();
+        setCredentials(settings);
+        settings.setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, true);
+        analyzer.initialize(settings);
 
-        getSettings().setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, true);
-        analyzer.initialize(getSettings());
+        Engine engine = new Engine(settings);
+        analyzer.prepareAnalyzer(engine);
 
         Identifier identifier = new PurlIdentifier("maven", "test", "test", "1.0",
                 Confidence.HIGHEST);
 
         Dependency dependency = new Dependency();
         dependency.addSoftwareIdentifier(identifier);
-        Settings settings = getSettings();
-        Engine engine = new Engine(settings);
-        engine.setDependencies(Collections.singletonList(dependency));
 
         // When
-        try {
-            analyzer.analyzeDependency(dependency, engine);
-        } catch (AnalysisException e) {
-            Assert.fail("Analysis exception thrown upon remote error although only a warning should have been logged");
+        try (engine) {
+            engine.setDependencies(Collections.singletonList(dependency));
+            assertDoesNotThrow(() -> analyzer.analyzeDependency(dependency, engine),
+                    "Analysis exception thrown upon remote error although only a warning should have been logged");
         } finally {
             analyzer.close();
-            engine.close();
         }
     }
 
 
     @Test
-    public void should_analyzeDependency_fail_when_socket_error_from_sonatype() throws Exception {
+    void should_analyzeDependency_fail_when_socket_error_from_sonatype() throws Exception {
         // Given
         OssIndexAnalyzer analyzer = new OssIndexAnalyzerThrowingSocketTimeout();
+        Settings settings = getSettings();
+        setCredentials(settings);
+        settings.setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, false);
+        Engine engine = new Engine(settings);
 
-        getSettings().setBoolean(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, false);
-        analyzer.initialize(getSettings());
+        analyzer.initialize(settings);
+        analyzer.prepareAnalyzer(engine);
 
         Identifier identifier = new PurlIdentifier("maven", "test", "test", "1.0",
                 Confidence.HIGHEST);
 
         Dependency dependency = new Dependency();
         dependency.addSoftwareIdentifier(identifier);
-        Settings settings = getSettings();
-        Engine engine = new Engine(settings);
         engine.setDependencies(Collections.singletonList(dependency));
 
         // When
@@ -212,7 +283,28 @@ public void should_analyzeDependency_fail_when_socket_error_from_sonatype() thro
         analyzer.close();
     }
 
+    @Test
+    void should_prepareAnalyzer_disable_when_credentials_not_set() throws Exception {
+        // Given
+        OssIndexAnalyzer analyzer = new OssIndexAnalyzer();
+        Settings settings = getSettings();
+        Engine engine = new Engine(settings);
+        analyzer.initialize(settings);
+
+        // When
+        analyzer.prepareAnalyzer(engine);
 
+        // Then
+        boolean enabled = analyzer.isEnabled();
+        analyzer.close();
+        engine.close();
+        assertFalse(enabled);
+    }
+
+    private static void setCredentials(final Settings settings) {
+        settings.setString(KEYS.ANALYZER_OSSINDEX_USER, "user");
+        settings.setString(KEYS.ANALYZER_OSSINDEX_PASSWORD, "pass");
+    }
 
     static final class OssIndexAnalyzerThrowing403 extends OssIndexAnalyzer {
         @Override
@@ -234,7 +326,7 @@ public ComponentReport requestComponentReport(PackageUrl coordinates) throws Exc
         }
 
         @Override
-        public void close() throws Exception {
+        public void close() {
 
         }
     }
@@ -259,7 +351,7 @@ public ComponentReport requestComponentReport(PackageUrl coordinates) throws Exc
         }
 
         @Override
-        public void close() throws Exception {
+        public void close() {
 
         }
     }
@@ -284,7 +376,7 @@ public ComponentReport requestComponentReport(PackageUrl coordinates) throws Exc
         }
 
         @Override
-        public void close() throws Exception {
+        public void close() {
 
         }
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PEAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PEAnalyzerTest.java
index 441ff498647..794c475e863 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PEAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PEAnalyzerTest.java
@@ -17,16 +17,10 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import org.junit.After;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.analyzer.exception.UnexpectedAnalysisException;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
@@ -35,13 +29,18 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  * Tests for the PEAnalyzer.
  *
  * @author Jeremy Long
  *
  */
-public class PEAnalyzerTest extends BaseTest {
+class PEAnalyzerTest extends BaseTest {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(PEAnalyzerTest.class);
 
@@ -54,7 +53,7 @@ public class PEAnalyzerTest extends BaseTest {
      *
      * @throws Exception if anything goes sideways
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -68,12 +67,12 @@ public void setUp() throws Exception {
      * Tests to make sure the name is correct.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("PE Analyzer", analyzer.getName());
     }
 
     @Test
-    public void testAnalysis() throws Exception {
+    void testAnalysis() throws Exception {
         File f = BaseTest.getResourceAsFile(this, "log4net.dll");
 
         Dependency d = new Dependency(f);
@@ -85,7 +84,7 @@ public void testAnalysis() throws Exception {
         assertEquals("log4net", d.getName());
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         try {
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PerlCpanfileAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PerlCpanfileAnalyzerTest.java
index f95c64ff916..4ff1d2f9195 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PerlCpanfileAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PerlCpanfileAnalyzerTest.java
@@ -17,29 +17,30 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.util.Arrays;
-import java.util.List;
-import org.junit.Test;
-import static org.junit.Assert.*;
-
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
 
+import java.util.Arrays;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
 /**
  *
  * @author jeremy long
  */
 @SuppressWarnings("unchecked")
-public class PerlCpanfileAnalyzerTest extends BaseTest {
+class PerlCpanfileAnalyzerTest extends BaseTest {
 
     /**
      * Test of getName method, of class PerlCpanfileAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         String expResult = "Perl cpanfile Analyzer";
         String result = instance.getName();
@@ -50,7 +51,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class PerlCpanfileAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         AnalysisPhase expResult = AnalysisPhase.INFORMATION_COLLECTION;
         AnalysisPhase result = instance.getAnalysisPhase();
@@ -62,7 +63,7 @@ public void testGetAnalysisPhase() {
      * PerlCpanfileAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         String expResult = Settings.KEYS.ANALYZER_CPANFILE_ENABLED;
         String result = instance.getAnalyzerEnabledSettingKey();
@@ -70,16 +71,14 @@ public void testGetAnalyzerEnabledSettingKey() {
     }
 
     @Test
-    public void testProcessFileContents() throws AnalysisException {
+    void testProcessFileContents() throws AnalysisException {
         Dependency d = new Dependency();
-        List<String> dependencyLines = Arrays.asList(new String[]{
-            "requires 'Plack', '1.0'",
-            "requires 'JSON', '>= 2.00, < 2.80'",
-            "requires 'Mojolicious::Plugin::ZAPI' => '>= 2.015",
-            "requires 'Hash::MoreUtils' => '>= 0.05",
-            "requires 'JSON::MaybeXS' => '>= 1.002004'",
-            "requires 'Test::MockModule'"
-        });
+        List<String> dependencyLines = Arrays.asList("requires 'Plack', '1.0'",
+                "requires 'JSON', '>= 2.00, < 2.80'",
+                "requires 'Mojolicious::Plugin::ZAPI' => '>= 2.015",
+                "requires 'Hash::MoreUtils' => '>= 0.05",
+                "requires 'JSON::MaybeXS' => '>= 1.002004'",
+                "requires 'Test::MockModule'");
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         Engine engine = new Engine(getSettings());
         instance.processFileContents(dependencyLines, "./cpanfile", engine);
@@ -88,10 +87,9 @@ public void testProcessFileContents() throws AnalysisException {
     }
 
     @Test
-    public void testProcessSingleFileContents() throws AnalysisException {
+    void testProcessSingleFileContents() throws AnalysisException {
         Dependency d = new Dependency();
-        List<String> dependencyLines = Arrays.asList(new String[]{
-            "requires 'JSON', '>= 2.00, < 2.80'",});
+        List<String> dependencyLines = Arrays.asList("requires 'JSON', '>= 2.00, < 2.80'");
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         Engine engine = new Engine(getSettings());
         instance.processFileContents(dependencyLines, "./cpanfile", engine);
@@ -104,10 +102,9 @@ public void testProcessSingleFileContents() throws AnalysisException {
     }
 
     @Test
-    public void testProcessDefaultZero() throws AnalysisException {
+    void testProcessDefaultZero() throws AnalysisException {
         Dependency d = new Dependency();
-        List<String> dependencyLines = Arrays.asList(new String[]{
-            "requires 'JSON'",});
+        List<String> dependencyLines = Arrays.asList("requires 'JSON'");
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         Engine engine = new Engine(getSettings());
         instance.processFileContents(dependencyLines, "./cpanfile", engine);
@@ -121,24 +118,24 @@ public void testProcessDefaultZero() throws AnalysisException {
 
     @Test
     @SuppressWarnings("unchecked")
-    public void testPrepareContent() {
+    void testPrepareContent() {
         PerlCpanfileAnalyzer instance = new PerlCpanfileAnalyzer();
         String content = "requires 'JSON'; #any version";
-        List<String> expResult = Arrays.asList(new String[]{"requires 'JSON'"});
+        List<String> expResult = Arrays.asList("requires 'JSON'");
         List<String> result = instance.prepareContents(content);
         assertEquals(expResult, result);
 
         content = "requires 'JSON'; requires 'XML';";
-        expResult = Arrays.asList(new String[]{"requires 'JSON'", "requires 'XML'"});
+        expResult = Arrays.asList("requires 'JSON'", "requires 'XML'");
         result = instance.prepareContents(content);
         assertEquals(expResult, result);
         content = "requires 'JSON';\n     requires 'XML';";
-        expResult = Arrays.asList(new String[]{"requires 'JSON'", "requires 'XML'"});
+        expResult = Arrays.asList("requires 'JSON'", "requires 'XML'");
         result = instance.prepareContents(content);
         assertEquals(expResult, result);
 
         content = "requires 'JSON';# requires 'XML';";
-        expResult = Arrays.asList(new String[]{"requires 'JSON'"});
+        expResult = Arrays.asList("requires 'JSON'");
         result = instance.prepareContents(content);
         assertEquals(expResult, result);
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PinnedMavenInstallAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PinnedMavenInstallAnalyzerTest.java
index c339e4234ae..873caae6545 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PinnedMavenInstallAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PinnedMavenInstallAnalyzerTest.java
@@ -18,26 +18,25 @@
 package org.owasp.dependencycheck.analyzer;
 
 import org.apache.commons.lang3.ArrayUtils;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.nvd.ecosystem.Ecosystem;
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
 
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for {@link PinnedMavenInstallAnalyzer}.
  */
-public class PinnedMavenInstallAnalyzerTest extends BaseDBTestCase {
+class PinnedMavenInstallAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The analyzer to test.
@@ -49,7 +48,7 @@ public class PinnedMavenInstallAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -64,7 +63,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -72,19 +71,19 @@ public void tearDown() throws Exception {
     }
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("Pinned Maven install Analyzer", analyzer.getName());
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertTrue(analyzer.accept(new File("install_maven.json")));
         assertTrue(analyzer.accept(new File("maven_install.json")));
         assertTrue(analyzer.accept(new File("maven_install_v010.json")));
         assertTrue(analyzer.accept(new File("maven_install_v2.json")));
         assertTrue(analyzer.accept(new File("rules_jvm_external_install.json")));
         assertTrue(analyzer.accept(new File("pinned_install_gplonly.json")));
-        assertFalse("should not accept Cloudflare install.json", analyzer.accept(new File("install.json")));
+        assertFalse(analyzer.accept(new File("install.json")), "should not accept Cloudflare install.json");
         assertFalse(analyzer.accept(new File("maven_install.txt")));
         assertFalse(analyzer.accept(new File("pinned.json")));
         assertFalse(analyzer.accept(new File("install.json.zip")));
@@ -94,7 +93,7 @@ public void testSupportsFiles() {
      * Tests that the analyzer correctly pulls dependencies out of a pinned v0.1.0 {@code maven_install.json}.
      */
     @Test
-    public void testAnalyzePinnedInstallJsonV010() throws Exception {
+    void testAnalyzePinnedInstallJsonV010() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "maven_install_v010.json"));
             engine.addDependency(result);
@@ -109,7 +108,7 @@ public void testAnalyzePinnedInstallJsonV010() throws Exception {
                     assertEquals(Ecosystem.JAVA, d.getEcosystem());
                 }
             }
-            assertTrue("Expected to find com.google.errorprone:error_prone_annotations:2.3.4", found);
+            assertTrue(found, "Expected to find com.google.errorprone:error_prone_annotations:2.3.4");
         }
     }
 
@@ -117,7 +116,7 @@ public void testAnalyzePinnedInstallJsonV010() throws Exception {
      * Tests that the analyzer correctly pulls dependencies out of a pinned v2 {@code maven_install.json}.
      */
     @Test
-    public void testAnalyzePinnedInstallJsonV2() throws Exception {
+    void testAnalyzePinnedInstallJsonV2() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "maven_install_v2.json"));
             engine.addDependency(result);
@@ -132,7 +131,7 @@ public void testAnalyzePinnedInstallJsonV2() throws Exception {
                     assertEquals(Ecosystem.JAVA, d.getEcosystem());
                 }
             }
-            assertTrue("Expected to find com.google.errorprone:error_prone_annotations:2.3.4", found);
+            assertTrue(found, "Expected to find com.google.errorprone:error_prone_annotations:2.3.4");
         }
     }
 
@@ -140,7 +139,7 @@ public void testAnalyzePinnedInstallJsonV2() throws Exception {
      * Tests that the analyzer ignores a Cloudflare-style {@code install.json}.
      */
     @Test
-    public void testAnalyzeOtherInstallJson() throws Exception {
+    void testAnalyzeOtherInstallJson() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "install.json"));
             engine.addDependency(result);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerIT.java
index c2b8b6fa666..00b8d5697e3 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerIT.java
@@ -1,27 +1,26 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.exception.InitializationException;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  *
  * @author anupamjuniwal
  */
-public class PipAnalyzerIT extends BaseTest {
+class PipAnalyzerIT extends BaseTest {
     private static final Logger LOGGER = LoggerFactory.getLogger(PipAnalyzerIT.class);
 
     /**
@@ -34,7 +33,7 @@ public class PipAnalyzerIT extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -49,7 +48,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         if (analyzer != null) {
@@ -66,13 +65,13 @@ public void tearDown() throws Exception {
      * @throws AnalysisException thrown if there is a problem
      */
     @Test
-    public void testAnalyzePipAnalyzer() throws AnalysisException{
+    void testAnalyzePipAnalyzer() throws AnalysisException{
         try (Engine engine = new Engine(getSettings())) {
             analyzer.prepare(engine);
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, "requirements.txt"));
             analyzer.analyze(toScan, engine);
             boolean found = false;
-            assertTrue("More then 1 dependency should be identified", 1 < engine.getDependencies().length);
+            assertTrue(1 < engine.getDependencies().length, "More then 1 dependency should be identified");
             for (Dependency result : engine.getDependencies()) {
                 if ("PyYAML".equals(result.getName())) {
                     found = true;
@@ -82,10 +81,10 @@ public void testAnalyzePipAnalyzer() throws AnalysisException{
                     assertTrue(result.isVirtual());
                 }
             }
-            assertTrue("Expeced to find PyYAML", found);
+            assertTrue(found, "Expeced to find PyYAML");
         } catch (InitializationException ex) {
             //yarn is not installed - skip the test case.
-            Assume.assumeNoException(ex);
+            assumeTrue(false, ex.toString());
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java
index 331b13b115d..bbbf54679a0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipAnalyzerTest.java
@@ -17,9 +17,10 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.apache.commons.lang3.ArrayUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
@@ -27,18 +28,17 @@
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
-import org.apache.commons.lang3.ArrayUtils;
 
-import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for PipAnalyzerTest.
  */
-public class PipAnalyzerTest extends BaseDBTestCase {
+class PipAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The analyzer to test.
@@ -50,7 +50,7 @@ public class PipAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -65,7 +65,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -76,7 +76,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PipAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("pip Analyzer", analyzer.getName());
     }
 
@@ -84,7 +84,7 @@ public void testGetName() {
      * Test of supportsExtension method, of class PipAnalyzer.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertTrue(analyzer.accept(new File("requirements.txt")));
         assertFalse(analyzer.accept(new File("requirements2.txt")));
         assertFalse(analyzer.accept(new File("requirements.py")));
@@ -97,7 +97,7 @@ public void testSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzePackageJson() throws Exception {
+    void testAnalyzePackageJson() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "requirements.txt"));
             engine.addDependency(result);
@@ -120,8 +120,8 @@ public void testAnalyzePackageJson() throws Exception {
                     assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem());
                 }
             }
-            assertTrue("Expected to find PyYAML", foundPyYAML);
-            assertTrue("Expected to find cryptography", foundCryptography);
+            assertTrue(foundPyYAML, "Expected to find PyYAML");
+            assertTrue(foundCryptography, "Expected to find cryptography");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java
index f19c62fad24..3c026897bcf 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfileAnalyzerTest.java
@@ -17,9 +17,10 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.apache.commons.lang3.ArrayUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
@@ -27,18 +28,17 @@
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
-import org.apache.commons.lang3.ArrayUtils;
 
-import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for PipAnalyzerTest.
  */
-public class PipfileAnalyzerTest extends BaseDBTestCase {
+class PipfileAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The analyzer to test.
@@ -50,7 +50,7 @@ public class PipfileAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -65,7 +65,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -76,7 +76,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PipAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("Pipfile Analyzer", analyzer.getName());
     }
 
@@ -84,7 +84,7 @@ public void testGetName() {
      * Test of supportsExtension method, of class PipAnalyzer.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertTrue(analyzer.accept(new File("Pipfile")));
         assertFalse(analyzer.accept(new File("Pipfile.lock")));
     }
@@ -95,7 +95,7 @@ public void testSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzePackageJson() throws Exception {
+    void testAnalyzePackageJson() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "Pipfile"));
             engine.addDependency(result);
@@ -118,8 +118,8 @@ public void testAnalyzePackageJson() throws Exception {
                     assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem());
                 }
             }
-            assertTrue("Expeced to find urllib3", foundUrllib3);
-            assertTrue("Expeced to find cryptography", foundCryptography);
+            assertTrue(foundUrllib3, "Expeced to find urllib3");
+            assertTrue(foundCryptography, "Expeced to find cryptography");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfilelockAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfilelockAnalyzerTest.java
index 7410909dbfe..33a5eae223a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfilelockAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PipfilelockAnalyzerTest.java
@@ -17,28 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.apache.commons.lang3.ArrayUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 
 import java.io.File;
-import org.apache.commons.lang3.ArrayUtils;
 
-import static org.hamcrest.CoreMatchers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for PipfilelockAnalyzerTest.
  */
-public class PipfilelockAnalyzerTest extends BaseDBTestCase {
+class PipfilelockAnalyzerTest extends BaseDBTestCase {
 
     /**
      * The analyzer to test.
@@ -50,7 +49,7 @@ public class PipfilelockAnalyzerTest extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -65,7 +64,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -76,7 +75,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PipAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertEquals("Pipfile.lock Analyzer", analyzer.getName());
     }
 
@@ -84,13 +83,13 @@ public void testGetName() {
      * Test of supportsExtension method, of class PipAnalyzer.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertFalse(analyzer.accept(new File("Pipfile")));
         assertTrue(analyzer.accept(new File("Pipfile.lock")));
     }
 
     @Test
-    public void testAnalyzePackageLock() throws Exception {
+    void testAnalyzePackageLock() throws Exception {
         try (Engine engine = new Engine(getSettings())) {
             final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "pip/Pipfile.lock"));
             engine.addDependency(result);
@@ -107,7 +106,7 @@ public void testAnalyzePackageLock() throws Exception {
                     break;
                 }
             }
-            assertTrue("Expeced to find urllib3", found);
+            assertTrue(found, "Expeced to find urllib3");
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerIT.java
index 1a896c01f3f..f3ec07d1563 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerIT.java
@@ -1,7 +1,7 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Assume;
-import org.junit.Test;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
@@ -9,14 +9,14 @@
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.exception.InitializationException;
 
-import static org.junit.Assert.assertTrue;
-import org.junit.Ignore;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
-public class PnpmAuditAnalyzerIT extends BaseTest {
+class PnpmAuditAnalyzerIT extends BaseTest {
 
     @Test
-    @Ignore("unfortunately pnpm and brew are somewhat broken on my machine atm...")
-    public void testAnalyzePackagePnpm() throws AnalysisException {
+    @Disabled("unfortunately pnpm and brew are somewhat broken on my machine atm...")
+    void testAnalyzePackagePnpm() throws AnalysisException {
 
         try (Engine engine = new Engine(getSettings())) {
             PnpmAuditAnalyzer analyzer = new PnpmAuditAnalyzer();
@@ -27,7 +27,7 @@ public void testAnalyzePackagePnpm() throws AnalysisException {
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, "pnpmaudit/pnpm-lock.yaml"));
             analyzer.analyze(toScan, engine);
             boolean found = false;
-            assertTrue("More than 1 dependency should be identified", 1 < engine.getDependencies().length);
+            assertTrue(1 < engine.getDependencies().length, "More than 1 dependency should be identified");
             for (Dependency result : engine.getDependencies()) {
                 if ("pnpm-lock.yaml?dns-sync".equals(result.getFileName())) {
                     found = true;
@@ -36,10 +36,10 @@ public void testAnalyzePackagePnpm() throws AnalysisException {
                     assertTrue(result.isVirtual());
                 }
             }
-            assertTrue("dns-sync was not found", found);
+            assertTrue(found, "dns-sync was not found");
         } catch (InitializationException ex) {
             //yarn is not installed - skip the test case.
-            Assume.assumeNoException(ex);
+            assumeTrue(false, ex.toString());
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerTest.java
index 3a9382835f4..faf000c38a6 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PnpmAuditAnalyzerTest.java
@@ -3,29 +3,24 @@
 import org.apache.commons.io.IOUtils;
 import org.json.JSONException;
 import org.json.JSONObject;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.nodeaudit.Advisory;
 import org.owasp.dependencycheck.data.nodeaudit.NpmAuditParser;
-import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.utils.Settings;
 
 import java.io.File;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
-import java.util.Properties;
 
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
 
-public class PnpmAuditAnalyzerTest extends BaseTest
+class PnpmAuditAnalyzerTest extends BaseTest
 {
 
     @Test
-    public void testNpmAuditParserCompatibility() throws IOException, JSONException
+    void testNpmAuditParserCompatibility() throws IOException, JSONException
     {
         NpmAuditParser npmAuditParser = new NpmAuditParser();
         JSONObject vulnsAuditJson = new JSONObject(IOUtils.toString(getResourceAsStream(this, "pnpmaudit/pnpm-audit.json"), StandardCharsets.UTF_8));
@@ -34,7 +29,7 @@ public void testNpmAuditParserCompatibility() throws IOException, JSONException
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         PnpmAuditAnalyzer analyzer = new PnpmAuditAnalyzer();
         assertThat(analyzer.accept(new File("package-lock.json")), is(false));
         assertThat(analyzer.accept(new File("npm-shrinkwrap.json")), is(false));
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PoetryAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PoetryAnalyzerTest.java
index faf7ee120ab..31d6d266dbf 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PoetryAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PoetryAnalyzerTest.java
@@ -15,28 +15,29 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import static org.hamcrest.CoreMatchers.is;
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.hamcrest.MatcherAssert.assertThat;
-
-import java.io.File;
-
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 
-public class PoetryAnalyzerTest extends BaseTest {
+import java.io.File;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class PoetryAnalyzerTest extends BaseTest {
 
     private PoetryAnalyzer analyzer;
     private Engine engine;
 
     @Override
-    @Before
+    @BeforeEach
     public void setUp() throws Exception {
         super.setUp();
         analyzer = new PoetryAnalyzer();
@@ -44,18 +45,19 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testName() {
-        assertEquals("Analyzer name wrong.", "Poetry Analyzer",
-                analyzer.getName());
+    void testName() {
+        assertEquals("Poetry Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("poetry.lock")), is(true));
     }
 
     @Test
-    public void testPoetryLock() throws AnalysisException {
+    void testPoetryLock() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "poetry.lock"));
         analyzer.analyze(result, engine);
         assertEquals(88, engine.getDependencies().length);
@@ -68,27 +70,28 @@ public void testPoetryLock() throws AnalysisException {
                 assertEquals(PythonDistributionAnalyzer.DEPENDENCY_ECOSYSTEM, d.getEcosystem());
             }
         }
-        assertTrue("Expeced to find PyYAML", found);
+        assertTrue(found, "Expeced to find PyYAML");
     }
 
     @Test
-    public void testPyprojectToml() throws AnalysisException {
+    void testPyprojectToml() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "python-myproject-toml/pyproject.toml"));
         //returns with no error.
         analyzer.analyze(result, engine);
     }
 
     @Test
-    public void testNodeGypToml() throws AnalysisException {
+    void testNodeGypToml() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "node-gyp-toml/pyproject.toml"));
         //returns with no error.
         analyzer.analyze(result, engine);
     }
 
-    @Test(expected = AnalysisException.class)
-    public void testPoetryToml() throws AnalysisException {
+    @Test
+    void testPoetryToml() {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this, "python-poetry-toml/pyproject.toml"));
-        //causes an exception.
-        analyzer.analyze(result, engine);
+        assertThrows(AnalysisException.class, () ->
+            //causes an exception.
+            analyzer.analyze(result, engine));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzerTest.java
index 3a2ba7c8c1c..0266853e71b 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonDistributionAnalyzerTest.java
@@ -17,27 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for PythonDistributionAnalyzer.
  *
  * @author Dale Visser
  */
-public class PythonDistributionAnalyzerTest extends BaseTest {
+class PythonDistributionAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -49,7 +49,7 @@ public class PythonDistributionAnalyzerTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -64,7 +64,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -75,39 +75,36 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PythonDistributionAnalyzer.
      */
     @Test
-    public void testGetName() {
-        assertEquals("Analyzer name wrong.", "Python Distribution Analyzer",
-                analyzer.getName());
+    void testGetName() {
+        assertEquals("Python Distribution Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     /**
      * Test of supportsExtension method, of class PythonDistributionAnalyzer.
      */
     @Test
-    public void testSupportsFiles() {
-        assertTrue("Should support \"whl\" extension.",
-                analyzer.accept(new File("test.whl")));
-        assertTrue("Should support \"egg\" extension.",
-                analyzer.accept(new File("test.egg")));
-        assertTrue("Should support \"zip\" extension.",
-                analyzer.accept(new File("test.zip")));
-        assertTrue("Should support \"METADATA\" extension.",
-                analyzer.accept(new File("METADATA")));
-        assertTrue("Should support \"PKG-INFO\" extension.",
-                analyzer.accept(new File("PKG-INFO")));
+    void testSupportsFiles() {
+        assertTrue(analyzer.accept(new File("test.whl")),
+                "Should support \"whl\" extension.");
+        assertTrue(analyzer.accept(new File("test.egg")),
+                "Should support \"egg\" extension.");
+        assertTrue(analyzer.accept(new File("test.zip")),
+                "Should support \"zip\" extension.");
+        assertTrue(analyzer.accept(new File("METADATA")),
+                "Should support \"METADATA\" extension.");
+        assertTrue(analyzer.accept(new File("PKG-INFO")),
+                "Should support \"PKG-INFO\" extension.");
     }
 
     /**
      * Test of inspect method, of class PythonDistributionAnalyzer.
      */
     @Test
-    public void testAnalyzeWheel() {
-        try {
-            djangoAssertions(new Dependency(BaseTest.getResourceAsFile(this,
-                    "python/Django-1.7.2-py2.py3-none-any.whl")));
-        } catch (AnalysisException ex) {
-            fail(ex.getMessage());
-        }
+    void testAnalyzeWheel() {
+        assertDoesNotThrow(() -> djangoAssertions(new Dependency(BaseTest.getResourceAsFile(this,
+                "python/Django-1.7.2-py2.py3-none-any.whl"))));
     }
 
     /**
@@ -116,7 +113,7 @@ public void testAnalyzeWheel() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeSitePackage() throws AnalysisException {
+    void testAnalyzeSitePackage() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "python/site-packages/Django-1.7.2.dist-info/METADATA"));
         djangoAssertions(result);
@@ -126,15 +123,15 @@ private void djangoAssertions(final Dependency result)
             throws AnalysisException {
         boolean found = false;
         analyzer.analyze(result, null);
-        assertTrue("Expected vendor evidence to contain \"djangoproject\".",
-                result.getEvidence(EvidenceType.VENDOR).toString().contains("djangoproject"));
+        assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("djangoproject"),
+                "Expected vendor evidence to contain \"djangoproject\".");
         for (final Evidence e : result.getEvidence(EvidenceType.VERSION)) {
             if ("Version".equals(e.getName()) && "1.7.2".equals(e.getValue())) {
                 found = true;
                 break;
             }
         }
-        assertTrue("Version 1.7.2 not found in Django dependency.", found);
+        assertTrue(found, "Version 1.7.2 not found in Django dependency.");
         assertEquals("1.7.2",result.getVersion());
         assertEquals("Django",result.getName());
         assertEquals("Django:1.7.2",result.getDisplayFileName());
@@ -142,55 +139,39 @@ private void djangoAssertions(final Dependency result)
     }
 
     @Test
-    public void testAnalyzeEggInfoFolder() {
-        try {
-            eggtestAssertions(this, "python/site-packages/EggTest.egg-info/PKG-INFO");
-        } catch (AnalysisException ex) {
-            fail(ex.getMessage());
-        }
+    void testAnalyzeEggInfoFolder() {
+        assertDoesNotThrow(() -> eggtestAssertions(this, "python/site-packages/EggTest.egg-info/PKG-INFO"));
     }
 
     @Test
-    public void testAnalyzeEggArchive() {
-        try {
-            eggtestAssertions(this, "python/dist/EggTest-0.0.1-py2.7.egg");
-        } catch (AnalysisException ex) {
-            fail(ex.getMessage());
-        }
+    void testAnalyzeEggArchive() {
+        assertDoesNotThrow(() -> eggtestAssertions(this, "python/dist/EggTest-0.0.1-py2.7.egg"));
     }
 
     @Test
-    public void testAnalyzeEggArchiveNamedZip() {
-        try {
-            eggtestAssertions(this, "python/dist/EggTest-0.0.1-py2.7.zip");
-        } catch (AnalysisException ex) {
-            fail(ex.getMessage());
-        }
+    void testAnalyzeEggArchiveNamedZip() {
+        assertDoesNotThrow(() -> eggtestAssertions(this, "python/dist/EggTest-0.0.1-py2.7.zip"));
     }
 
     @Test
-    public void testAnalyzeEggFolder() {
-        try {
-            eggtestAssertions(this, "python/site-packages/EggTest-0.0.1-py2.7.egg/EGG-INFO/PKG-INFO");
-        } catch (AnalysisException ex) {
-            fail(ex.getMessage());
-        }
+    void testAnalyzeEggFolder() {
+        assertDoesNotThrow(() -> eggtestAssertions(this, "python/site-packages/EggTest-0.0.1-py2.7.egg/EGG-INFO/PKG-INFO"));
     }
 
-    public void eggtestAssertions(Object context, final String resource) throws AnalysisException {
+    private void eggtestAssertions(Object context, final String resource) throws AnalysisException {
         boolean found = false;
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 context, resource));
         analyzer.analyze(result, null);
-        assertTrue("Expected vendor evidence to contain \"example\".", result
-                .getEvidence(EvidenceType.VENDOR).toString().contains("example"));
+        assertTrue(result
+                .getEvidence(EvidenceType.VENDOR).toString().contains("example"), "Expected vendor evidence to contain \"example\".");
         for (final Evidence e : result.getEvidence(EvidenceType.VERSION)) {
             if ("0.0.1".equals(e.getValue())) {
                 found = true;
                 break;
             }
         }
-        assertTrue("Version 0.0.1 not found in EggTest dependency.", found);
+        assertTrue(found, "Version 0.0.1 not found in EggTest dependency.");
         assertEquals("0.0.1",result.getVersion());
         assertEquals("EggTest",result.getName());
         assertEquals("EggTest:0.0.1",result.getDisplayFileName());
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzerTest.java
index 165db83cb49..2767701adaf 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/PythonPackageAnalyzerTest.java
@@ -17,26 +17,26 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Evidence;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for PythonPackageAnalyzer.
  *
  * @author Dale Visser
  */
-public class PythonPackageAnalyzerTest extends BaseTest {
+class PythonPackageAnalyzerTest extends BaseTest {
 
     /**
      * The package analyzer to test.
@@ -48,7 +48,7 @@ public class PythonPackageAnalyzerTest extends BaseTest {
      *
      * @throws Exception if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -63,7 +63,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -74,35 +74,36 @@ public void tearDown() throws Exception {
      * Test of getName method, of class PythonPackageAnalyzer.
      */
     @Test
-    public void testGetName() {
-        assertEquals("Analyzer name wrong.", "Python Package Analyzer",
-                analyzer.getName());
+    void testGetName() {
+        assertEquals("Python Package Analyzer",
+                analyzer.getName(),
+                "Analyzer name wrong.");
     }
 
     /**
      * Test of supportsExtension method, of class PythonPackageAnalyzer.
      */
     @Test
-    public void testSupportsFileExtension() {
-        assertTrue("Should support \"py\" extension.",
-                analyzer.accept(new File("test.py")));
+    void testSupportsFileExtension() {
+        assertTrue(analyzer.accept(new File("test.py")),
+                "Should support \"py\" extension.");
     }
 
     @Test
-    public void testAnalyzeSourceMetadata() throws AnalysisException {
+    void testAnalyzeSourceMetadata() throws AnalysisException {
         boolean found = false;
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(
                 this, "python/eggtest/__init__.py"));
         analyzer.analyze(result, null);
-        assertTrue("Expected vendor evidence to contain \"example\".", 
-                result.getEvidence(EvidenceType.VENDOR).toString().contains("example"));
+        assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("example"),
+                "Expected vendor evidence to contain \"example\".");
         for (final Evidence e : result.getEvidence(EvidenceType.VERSION)) {
             if ("0.0.1".equals(e.getValue())) {
                 found = true;
                 break;
             }
         }
-        assertTrue("Version 0.0.1 not found in EggTest dependency.", found);
+        assertTrue(found, "Version 0.0.1 not found in EggTest dependency.");
         assertEquals("0.0.1",result.getVersion());
         assertEquals("eggtest",result.getName());
         assertEquals("eggtest:0.0.1",result.getDisplayFileName());
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerFiltersTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerFiltersTest.java
index 0d7d249ed7e..9b9c24c6b62 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerFiltersTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerFiltersTest.java
@@ -17,20 +17,21 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.data.update.RetireJSDataSource;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
+
 import java.io.File;
 import java.util.List;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseDBTestCase;
-import org.owasp.dependencycheck.data.update.RetireJSDataSource;
 
-public class RetireJsAnalyzerFiltersTest extends BaseDBTestCase {
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class RetireJsAnalyzerFiltersTest extends BaseDBTestCase {
 
     /**
      * Test of filters method.
@@ -38,7 +39,7 @@ public class RetireJsAnalyzerFiltersTest extends BaseDBTestCase {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testFilters() throws Exception {
+    void testFilters() throws Exception {
 
         String[] filter = {"jQuery JavaScript Library"};
         getSettings().setArrayIfNotEmpty(Settings.KEYS.ANALYZER_RETIREJS_FILTERS, filter);
@@ -63,7 +64,7 @@ public void testFilters() throws Exception {
             //remove non-vulnerable
             file = BaseTest.getResourceAsFile(this, "javascript/custom.js");
             scanned = engine.scan(file);
-            assertTrue(scanned.size() == 1);
+            assertEquals(1, scanned.size());
             assertEquals(1, engine.getDependencies().length);
             analyzer.analyze(scanned.get(0), engine);
             assertEquals(0, engine.getDependencies().length);
@@ -71,7 +72,7 @@ public void testFilters() throws Exception {
             //kept because it is does not match the filter and is vulnerable
             file = BaseTest.getResourceAsFile(this, "javascript/ember.js");
             scanned = engine.scan(file);
-            assertTrue(scanned.size() == 1);
+            assertEquals(1, scanned.size());
             assertEquals(1, engine.getDependencies().length);
             analyzer.analyze(scanned.get(0), engine);
             assertEquals(1, engine.getDependencies().length);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerIT.java
index 913ae225548..b66467cdf6d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/RetireJsAnalyzerIT.java
@@ -17,11 +17,13 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.data.update.RetireJSDataSource;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Evidence;
 import org.owasp.dependencycheck.dependency.EvidenceType;
@@ -32,18 +34,15 @@
 
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import org.owasp.dependencycheck.BaseDBTestCase;
-import org.owasp.dependencycheck.data.update.RetireJSDataSource;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
-public class RetireJsAnalyzerIT extends BaseDBTestCase {
+class RetireJsAnalyzerIT extends BaseDBTestCase {
 
     private RetireJsAnalyzer analyzer;
     private Engine engine;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -57,7 +56,7 @@ public void setUp() throws Exception {
         analyzer.prepare(engine);
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -66,7 +65,7 @@ public void tearDown() throws Exception {
     }
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is("RetireJS Analyzer"));
     }
 
@@ -74,11 +73,11 @@ public void testGetName() {
      * Test of getSupportedExtensions method.
      */
     @Test
-    public void testAcceptSupportedExtensions() throws Exception {
+    void testAcceptSupportedExtensions() {
         analyzer.setEnabled(true);
         String[] files = {"test.js", "test.min.js"};
         for (String name : files) {
-            assertTrue(name, analyzer.accept(new File(name)));
+            assertTrue(analyzer.accept(new File(name)), name);
         }
     }
 
@@ -86,7 +85,7 @@ public void testAcceptSupportedExtensions() throws Exception {
      * Test of getAnalysisPhase method.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         AnalysisPhase expResult = AnalysisPhase.FINDING_ANALYSIS;
         AnalysisPhase result = analyzer.getAnalysisPhase();
         assertEquals(expResult, result);
@@ -96,7 +95,7 @@ public void testGetAnalysisPhase() {
      * Test of getAnalyzerEnabledSettingKey method.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         String expResult = Settings.KEYS.ANALYZER_RETIREJS_ENABLED;
         String result = analyzer.getAnalyzerEnabledSettingKey();
         assertEquals(expResult, result);
@@ -108,7 +107,7 @@ public void testGetAnalyzerEnabledSettingKey() {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testJquery() throws Exception {
+    void testJquery() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "javascript/jquery-1.6.2.js");
         Dependency dependency = new Dependency(file);
         analyzer.analyze(dependency, engine);
@@ -138,7 +137,7 @@ public void testJquery() throws Exception {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testAngular() throws Exception {
+    void testAngular() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "javascript/angular.safe.js");
         Dependency dependency = new Dependency(file);
         analyzer.analyze(dependency, engine);
@@ -156,8 +155,8 @@ public void testAngular() throws Exception {
         assertEquals("version", version.getName());
         assertEquals("1.2.27", version.getValue());
 
-        assertTrue("At leats 6 vulnerabilities should be detected",
-                dependency.getVulnerabilities().size() >= 6);
+        assertTrue(dependency.getVulnerabilities().size() >= 6,
+                "At leats 6 vulnerabilities should be detected");
         assertTrue(dependency.getVulnerabilities().contains(new Vulnerability("Universal CSP bypass via add-on in Firefox")));
         assertTrue(dependency.getVulnerabilities().contains(new Vulnerability("XSS in $sanitize in Safari/Firefox")));
         assertTrue(dependency.getVulnerabilities().contains(new Vulnerability("DOS in $sanitize")));
@@ -170,7 +169,7 @@ public void testAngular() throws Exception {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testEmber() throws Exception {
+    void testEmber() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "javascript/ember.js");
         Dependency dependency = new Dependency(file);
         analyzer.analyze(dependency, engine);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerIT.java
index 51ff3b93da1..1dd96d9d346 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzerIT.java
@@ -17,39 +17,40 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-
-import org.junit.After;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
+import org.owasp.dependencycheck.data.update.exception.UpdateException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.exception.ExceptionCollection;
+import org.owasp.dependencycheck.exception.InitializationException;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.owasp.dependencycheck.data.update.exception.UpdateException;
-import org.owasp.dependencycheck.exception.InitializationException;
+
+import java.io.File;
+
 import static org.hamcrest.CoreMatchers.is;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  * Unit tests for {@link RubyBundleAuditAnalyzer}.
  *
  * @author Dale Visser
  */
-public class RubyBundleAuditAnalyzerIT extends BaseDBTestCase {
+class RubyBundleAuditAnalyzerIT extends BaseDBTestCase {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(RubyBundleAuditAnalyzerIT.class);
 
@@ -63,7 +64,7 @@ public class RubyBundleAuditAnalyzerIT extends BaseDBTestCase {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -80,7 +81,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         if (analyzer != null) {
@@ -94,7 +95,7 @@ public void tearDown() throws Exception {
      * Test Ruby Gemspec name.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is("Ruby Bundle Audit Analyzer"));
     }
 
@@ -102,17 +103,16 @@ public void testGetName() {
      * Test Ruby Bundler Audit file support.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("Gemfile.lock")), is(true));
     }
 
     /**
      * Test Ruby BundlerAudit analysis.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalysis() throws AnalysisException, DatabaseException {
+    void testAnalysis() throws DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             engine.openDatabase();
             analyzer.prepare(engine);
@@ -132,11 +132,11 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
                     break;
                 }
             }
-            assertTrue("redcarpet was not identified", found);
+            assertTrue(found, "redcarpet was not identified");
 
         } catch (InitializationException | DatabaseException | AnalysisException e) {
             LOGGER.warn("Exception setting up RubyBundleAuditAnalyzer. Make sure Ruby gem bundle-audit is installed. You may also need to set property \"analyzer.bundle.audit.path\".");
-            Assume.assumeNoException("Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set.", e);
+            assumeTrue(false, "Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set: " + e);
         }
     }
 
@@ -144,7 +144,7 @@ public void testAnalysis() throws AnalysisException, DatabaseException {
      * Test Ruby addCriticalityToVulnerability
      */
     @Test
-    public void testAddCriticalityToVulnerability() throws AnalysisException, DatabaseException {
+    void testAddCriticalityToVulnerability() throws DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             engine.doUpdates(true);
             analyzer.prepare(engine);
@@ -162,20 +162,19 @@ public void testAddCriticalityToVulnerability() throws AnalysisException, Databa
                     break;
                 }
             }
-            assertTrue("CVE-2015-3225 was not found among the vulnerabilities",found);
+            assertTrue(found,"CVE-2015-3225 was not found among the vulnerabilities");
         } catch (InitializationException | DatabaseException | AnalysisException | UpdateException e) {
             LOGGER.warn("Exception setting up RubyBundleAuditAnalyzer. Make sure Ruby gem bundle-audit is installed. You may also need to set property \"analyzer.bundle.audit.path\".");
-            Assume.assumeNoException("Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set.", e);
+            assumeTrue(false, "Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set: " + e);
         }
     }
 
     /**
      * Test when Ruby bundle-audit is not available on the system.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testInvalidBundleAudit() throws AnalysisException, DatabaseException {
+    void testInvalidBundleAudit() throws DatabaseException {
 
         String path = BaseTest.getResourceAsFile(this, "ruby/invalid-bundle-audit").getAbsolutePath();
         getSettings().setString(Settings.KEYS.ANALYZER_BUNDLE_AUDIT_PATH, path);
@@ -195,11 +194,10 @@ public void testInvalidBundleAudit() throws AnalysisException, DatabaseException
     /**
      * Test Ruby dependencies and their paths.
      *
-     * @throws AnalysisException is thrown when an exception occurs.
      * @throws DatabaseException thrown when an exception occurs
      */
     @Test
-    public void testDependenciesPath() throws AnalysisException, DatabaseException {
+    void testDependenciesPath() throws DatabaseException {
         try (Engine engine = new Engine(getSettings())) {
             try {
                 engine.scan(BaseTest.getResourceAsFile(this, "ruby/vulnerable/gems/rails-4.1.15/"));
@@ -208,7 +206,7 @@ public void testDependenciesPath() throws AnalysisException, DatabaseException {
                 LOGGER.error("NPE", ex);
                 fail(ex.getMessage());
             } catch (ExceptionCollection ex) {
-                Assume.assumeNoException("Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set.", ex);
+                assumeTrue(false, "Exception setting up RubyBundleAuditAnalyzer; bundle audit may not be installed, or property \"analyzer.bundle.audit.path\" may not be set: " + ex);
                 return;
             }
             Dependency[] dependencies = engine.getDependencies();
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java
index ce4ef9e3019..a700672df2a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyBundlerAnalyzerTest.java
@@ -17,27 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * Unit tests for {@link RubyBundlerAnalyzer}.
  *
  * @author Bianca Jiang
  */
-public class RubyBundlerAnalyzerTest extends BaseTest {
+class RubyBundlerAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -49,7 +49,7 @@ public class RubyBundlerAnalyzerTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -64,7 +64,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -75,7 +75,7 @@ public void tearDown() throws Exception {
      * Test Analyzer name.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is("Ruby Bundler Analyzer"));
     }
 
@@ -83,7 +83,7 @@ public void testGetName() {
      * Test Ruby Gemspec file support.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("test.gemspec")), is(false));
         assertThat(analyzer.accept(new File("specifications" + File.separator + "test.gemspec")), is(true));
         assertThat(analyzer.accept(new File("gemspec.lock")), is(false));
@@ -95,7 +95,7 @@ public void testSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzeGemspec() throws AnalysisException {
+    void testAnalyzeGemspec() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "ruby/vulnerable/gems/rails-4.1.15/vendor/bundle/ruby/2.2.0/specifications/dalli-2.7.5.gemspec"));
         analyzer.analyze(result, null);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java
index b5f68f6aa34..b0389cdcd9b 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/RubyGemspecAnalyzerTest.java
@@ -17,27 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
 
 import java.io.File;
 
 import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertEquals;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * Unit tests for {@link RubyGemspecAnalyzer}.
  *
  * @author Dale Visser
  */
-public class RubyGemspecAnalyzerTest extends BaseTest {
+class RubyGemspecAnalyzerTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -49,7 +49,7 @@ public class RubyGemspecAnalyzerTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -64,7 +64,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         analyzer.close();
@@ -75,7 +75,7 @@ public void tearDown() throws Exception {
      * Test Ruby Gemspec name.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         assertThat(analyzer.getName(), is("Ruby Gemspec Analyzer"));
     }
 
@@ -83,7 +83,7 @@ public void testGetName() {
      * Test Ruby Gemspec file support.
      */
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         assertThat(analyzer.accept(new File("test.gemspec")), is(true));
         assertThat(analyzer.accept(new File("gemspec.lock")), is(false));
 //        assertThat(analyzer.accept(new File("Rakefile")), is(true));
@@ -95,7 +95,7 @@ public void testSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testAnalyzePackageJson() throws AnalysisException {
+    void testAnalyzePackageJson() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "ruby/vulnerable/gems/specifications/rest-client-1.7.2.gemspec"));
         analyzer.analyze(result, null);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/SwiftAnalyzersTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/SwiftAnalyzersTest.java
index b807f564fe9..0bba3a585b9 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/SwiftAnalyzersTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/SwiftAnalyzersTest.java
@@ -1,21 +1,21 @@
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.dependency.EvidenceType;
+
+import java.io.File;
 
 import static org.hamcrest.CoreMatchers.containsString;
+import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import org.owasp.dependencycheck.dependency.EvidenceType;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Unit tests for CocoaPodsAnalyzer, CarthageAnalyzer and SwiftPackageManagerAnalyzer.
@@ -24,7 +24,7 @@
  * @author Jorge Mendes
  * @author Alin Radut
  */
-public class SwiftAnalyzersTest extends BaseTest {
+class SwiftAnalyzersTest extends BaseTest {
 
     /**
      * The analyzer to test.
@@ -39,7 +39,7 @@ public class SwiftAnalyzersTest extends BaseTest {
      *
      * @throws Exception thrown if there is a problem
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -69,7 +69,7 @@ public void setUp() throws Exception {
      *
      * @throws Exception thrown if there is a problem
      */
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         podsAnalyzer.close();
@@ -85,7 +85,7 @@ public void tearDown() throws Exception {
      * Test of getName method, of class CocoaPodsAnalyzer.
      */
     @Test
-    public void testPodsGetName() {
+    void testPodsGetName() {
         assertThat(podsAnalyzer.getName(), is("CocoaPods Package Analyzer"));
     }
 
@@ -93,7 +93,7 @@ public void testPodsGetName() {
      * Test of getName method, of class CarthageAnalyzer.
      */
     @Test
-    public void testCarthageGetName() {
+    void testCarthageGetName() {
         assertThat(carthageAnalyzer.getName(), is("Carthage Package Analyzer"));
     }
 
@@ -101,7 +101,7 @@ public void testCarthageGetName() {
      * Test of getName method, of class SwiftPackageManagerAnalyzer.
      */
     @Test
-    public void testSPMGetName() {
+    void testSPMGetName() {
         assertThat(spmAnalyzer.getName(), is("SWIFT Package Manager Analyzer"));
     }
 
@@ -109,7 +109,7 @@ public void testSPMGetName() {
      * Test of supportsFiles method, of class CocoaPodsAnalyzer.
      */
     @Test
-    public void testPodsSupportsFiles() {
+    void testPodsSupportsFiles() {
         assertThat(podsAnalyzer.accept(new File("test.podspec")), is(true));
         assertThat(podsAnalyzer.accept(new File("Podfile.lock")), is(true));
     }
@@ -118,7 +118,7 @@ public void testPodsSupportsFiles() {
      * Test of supportsFiles method, of class CocoaPodsAnalyzer.
      */
     @Test
-    public void testCarthageSupportsFiles() {
+    void testCarthageSupportsFiles() {
         assertThat(carthageAnalyzer.accept(new File("Cartfile.resolved")), is(true));
     }
 
@@ -126,7 +126,7 @@ public void testCarthageSupportsFiles() {
      * Test of supportsFiles method, of class SwiftPackageManagerAnalyzer.
      */
     @Test
-    public void testSPMSupportsFiles() {
+    void testSPMSupportsFiles() {
         assertThat(spmAnalyzer.accept(new File("Package.swift")), is(true));
         assertThat(sprAnalyzer.accept(new File("Package.resolved")), is(true));
     }
@@ -137,7 +137,7 @@ public void testSPMSupportsFiles() {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testCocoaPodsPodfileAnalyzer() throws AnalysisException {
+    void testCocoaPodsPodfileAnalyzer() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/cocoapods/Podfile.lock"));
@@ -165,7 +165,7 @@ public void testCocoaPodsPodfileAnalyzer() throws AnalysisException {
     }
 
     @Test
-    public void testCocoaPodsPodspecAnalyzer() throws AnalysisException {
+    void testCocoaPodsPodspecAnalyzer() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/cocoapods/EasyPeasy.podspec"));
         podsAnalyzer.analyze(result, null);
@@ -188,7 +188,7 @@ public void testCocoaPodsPodspecAnalyzer() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testCarthageCartfileResolvedAnalyzer() throws AnalysisException {
+    void testCarthageCartfileResolvedAnalyzer() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/carthage/Cartfile.resolved"));
@@ -221,7 +221,7 @@ public void testCarthageCartfileResolvedAnalyzer() throws AnalysisException {
      * @throws AnalysisException is thrown when an exception occurs.
      */
     @Test
-    public void testSPMAnalyzer() throws AnalysisException {
+    void testSPMAnalyzer() throws AnalysisException {
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/Gloss/Package.swift"));
         spmAnalyzer.analyze(result, null);
@@ -234,7 +234,7 @@ public void testSPMAnalyzer() throws AnalysisException {
     }
 
     @Test
-    public void testSPMResolvedAnalyzerV1() throws AnalysisException {
+    void testSPMResolvedAnalyzerV1() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/spm/Package.resolved"));
@@ -250,7 +250,7 @@ public void testSPMResolvedAnalyzerV1() throws AnalysisException {
     }
 
     @Test
-    public void testSPMResolvedAnalyzerV2() throws AnalysisException {
+    void testSPMResolvedAnalyzerV2() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/spmV2/Package.resolved"));
@@ -266,7 +266,7 @@ public void testSPMResolvedAnalyzerV2() throws AnalysisException {
     }
 
     @Test
-    public void testSPMResolvedAnalyzerV3() throws AnalysisException {
+    void testSPMResolvedAnalyzerV3() throws AnalysisException {
         final Engine engine = new Engine(getSettings());
         final Dependency result = new Dependency(BaseTest.getResourceAsFile(this,
                 "swift/spmV3/Package.resolved"));
@@ -282,7 +282,7 @@ public void testSPMResolvedAnalyzerV3() throws AnalysisException {
     }
 
     @Test
-    public void testIsEnabledIsTrueByDefault() {
+    void testIsEnabledIsTrueByDefault() {
         assertTrue(spmAnalyzer.isEnabled());
         assertTrue(sprAnalyzer.isEnabled());
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/UnusedSuppressionRuleAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/UnusedSuppressionRuleAnalyzerTest.java
index 4eb933b8431..865e95f5c91 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/UnusedSuppressionRuleAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/UnusedSuppressionRuleAnalyzerTest.java
@@ -1,42 +1,42 @@
 package org.owasp.dependencycheck.analyzer;
 
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertEquals;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
-import static org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.SUPPRESSION_OBJECT_KEY;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
-import static org.owasp.dependencycheck.analyzer.UnusedSuppressionRuleAnalyzer.EXCEPTION_MSG;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
 import org.owasp.dependencycheck.utils.Settings;
-import org.owasp.dependencycheck.xml.suppression.SuppressionRule;
 import org.owasp.dependencycheck.xml.suppression.PropertyType;
+import org.owasp.dependencycheck.xml.suppression.SuppressionRule;
 
-public class UnusedSuppressionRuleAnalyzerTest extends BaseTest {
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.owasp.dependencycheck.analyzer.AbstractSuppressionAnalyzer.SUPPRESSION_OBJECT_KEY;
+import static org.owasp.dependencycheck.analyzer.UnusedSuppressionRuleAnalyzer.EXCEPTION_MSG;
+
+class UnusedSuppressionRuleAnalyzerTest extends BaseTest {
 	private static final String NAME = "Unused Suppression Rule Analyzer";
 	private static final String PACKAGE_NAME = "CoolAsACucumber";
 	private static final String EXPECTED_EX = "should have thrown an AnalysisException";
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         UnusedSuppressionRuleAnalyzer analyzer = new UnusedSuppressionRuleAnalyzer();
         assertEquals(NAME, analyzer.getName());
     }
 
     @Test
-    public void testException() throws Exception {
+    void testException() throws Exception {
 		boolean shouldFail = true;
 		Dependency dependency10 = getDependency("1.0");
 		Dependency dependency11 = getDependency("1.1");
-		
+
 		UnusedSuppressionRuleAnalyzer analyzer = getAnalyzer(shouldFail);
 		Engine engine = getEngine(true, false, dependency10, dependency11);
 		try {
@@ -45,7 +45,7 @@ public void testException() throws Exception {
 		} catch(AnalysisException ok){
 			assertEquals(String.format(EXCEPTION_MSG, 1), ok.getMessage());
 		}
-		
+
 		// no exception
 		shouldFail = false;
 		analyzer = getAnalyzer(shouldFail);
@@ -53,14 +53,14 @@ public void testException() throws Exception {
 		analyzer.analyzeDependency(dependency10, engine);
     	assertEquals(1, analyzer.getUnusedSuppressionRuleCount());
 	}
-	
+
     @Test
-    public void testCheckUnusedRules() throws Exception {
+    void testCheckUnusedRules() throws Exception {
 		// flag unset
 		boolean shouldFail = false;
 		Dependency dependency10 = getDependency("1.0");
 		Dependency dependency11 = getDependency("1.1");
-		
+
 		// a run without any suppression rule ➫ no unused suppression
 		checkUnusedRules(shouldFail, 0, false, false, dependency10);
 
@@ -70,7 +70,7 @@ public void testCheckUnusedRules() throws Exception {
 		// a run with the vulnerable package ➫ no unused suppression
 		checkUnusedRules(shouldFail, 0, true, true, dependency10, dependency11);
 
-			
+
 		// set flag
 		shouldFail = true;
 
@@ -83,31 +83,31 @@ public void testCheckUnusedRules() throws Exception {
 		// a run with the vulnerable package ➫ no unused suppression
 		checkUnusedRules(shouldFail, 0, true, true, dependency10, dependency11);
     }
-	
-	private void checkUnusedRules(boolean shouldFail, int expectedCount, 
+
+	private void checkUnusedRules(boolean shouldFail, int expectedCount,
 		boolean withSuppressionRules, boolean matching,
-		Dependency ... dependencies) throws Exception {
+		Dependency ... dependencies) {
         UnusedSuppressionRuleAnalyzer analyzer = getAnalyzer(shouldFail);
 		assertNotNull(analyzer);
 		Engine engine = getEngine(withSuppressionRules, matching, dependencies);
 		analyzer.checkUnusedRules(engine);
 		assertEquals(expectedCount, analyzer.getUnusedSuppressionRuleCount());
 	}
-	
-		
+
+
 	private Dependency getDependency(String type, String namespace, String name, String version) throws Exception {
         Dependency dependency = new Dependency();
 		Identifier id = new PurlIdentifier(type,namespace,name,version,Confidence.HIGHEST);
         dependency.addSoftwareIdentifier(id);
 		return dependency;
 	}
-	
+
 	private Dependency getDependency(String version) throws Exception {
 		return getDependency("maven", "test", PACKAGE_NAME, version);
-	}	
+	}
 
-	
-	private Engine getEngine(boolean hasSuppressionRules, boolean matching, Dependency ... dependencies) throws Exception {
+
+	private Engine getEngine(boolean hasSuppressionRules, boolean matching, Dependency ... dependencies) {
         Engine engine = new Engine(getSettings());
 		List<Dependency> dependencyList = new ArrayList<>();
 		if (dependencies!=null) {
@@ -121,20 +121,20 @@ private Engine getEngine(boolean hasSuppressionRules, boolean matching, Dependen
 		engine.putObject(SUPPRESSION_OBJECT_KEY,rules);
 		return engine;
 	}
-	
-	private UnusedSuppressionRuleAnalyzer getAnalyzer(boolean flag) throws AnalysisException {
+
+	private UnusedSuppressionRuleAnalyzer getAnalyzer(boolean flag) {
         UnusedSuppressionRuleAnalyzer analyzer = new UnusedSuppressionRuleAnalyzer();
 		assertNotNull(analyzer);
-		
+
 		Settings settings = getSettings();
         settings.setBoolean(Settings.KEYS.FAIL_ON_UNUSED_SUPPRESSION_RULE, flag);
         analyzer.initialize(settings);
         assertEquals(flag, analyzer.failsForUnusedSuppressionRule());
         assertEquals(0, analyzer.getUnusedSuppressionRuleCount());
-		
-		return analyzer;		
+
+		return analyzer;
 	}
-	
+
 	private SuppressionRule getSuppressionRule(boolean matching) {
         SuppressionRule instance = new SuppressionRule();
 		instance.addVulnerabilityName(getPropertyType("CVE-2023-5072", false, false));
@@ -144,7 +144,7 @@ private SuppressionRule getSuppressionRule(boolean matching) {
 		instance.setMatched(matching);
 		return instance;
     }
-	
+
 	private PropertyType getPropertyType(String value, boolean regex, boolean caseSensitive) {
 		PropertyType property = new PropertyType();
 		property.setValue(value);
@@ -152,6 +152,6 @@ private PropertyType getPropertyType(String value, boolean regex, boolean caseSe
 		property.setCaseSensitive(caseSensitive);
 		return property;
 	}
-	
+
 
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzerTest.java
index eabae8571c8..e9e348bd448 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzerTest.java
@@ -17,25 +17,27 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.utils.Settings;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
 /**
  *
  * @author Jeremy Long
  */
-public class VersionFilterAnalyzerTest extends BaseTest {
+class VersionFilterAnalyzerTest extends BaseTest {
 
     /**
      * Test of getName method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         VersionFilterAnalyzer instance = new VersionFilterAnalyzer();
         String expResult = "Version Filter Analyzer";
         String result = instance.getName();
@@ -46,7 +48,7 @@ public void testGetName() {
      * Test of getAnalysisPhase method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         VersionFilterAnalyzer instance = new VersionFilterAnalyzer();
         instance.initialize(getSettings());
         AnalysisPhase expResult = AnalysisPhase.POST_INFORMATION_COLLECTION3;
@@ -59,7 +61,7 @@ public void testGetAnalysisPhase() {
      * VersionFilterAnalyzer.
      */
     @Test
-    public void testGetAnalyzerEnabledSettingKey() {
+    void testGetAnalyzerEnabledSettingKey() {
         VersionFilterAnalyzer instance = new VersionFilterAnalyzer();
         instance.initialize(getSettings());
         String expResult = Settings.KEYS.ANALYZER_VERSION_FILTER_ENABLED;
@@ -71,7 +73,7 @@ public void testGetAnalyzerEnabledSettingKey() {
      * Test of analyzeDependency method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testAnalyzeDependency() throws Exception {
+    void testAnalyzeDependency() throws Exception {
         Dependency dependency = new Dependency();
 
         dependency.addEvidence(EvidenceType.VERSION, "util", "version", "33.3", Confidence.HIGHEST);
@@ -112,7 +114,7 @@ public void testAnalyzeDependency() throws Exception {
      * Test of analyzeDependency method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testAnalyzeDependencyFilePom() throws Exception {
+    void testAnalyzeDependencyFilePom() throws Exception {
         Dependency dependency = new Dependency();
 
         dependency.addEvidence(EvidenceType.VERSION, "util", "version", "33.3", Confidence.HIGHEST);
@@ -149,7 +151,7 @@ public void testAnalyzeDependencyFilePom() throws Exception {
      * Test of analyzeDependency method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testAnalyzeDependencyFileManifest() throws Exception {
+    void testAnalyzeDependencyFileManifest() throws Exception {
         Dependency dependency = new Dependency();
 
         dependency.addEvidence(EvidenceType.VERSION, "util", "version", "33.3", Confidence.HIGHEST);
@@ -176,7 +178,7 @@ public void testAnalyzeDependencyFileManifest() throws Exception {
      * Test of analyzeDependency method, of class VersionFilterAnalyzer.
      */
     @Test
-    public void testAnalyzeDependencyPomManifest() throws Exception {
+    void testAnalyzeDependencyPomManifest() throws Exception {
         Dependency dependency = new Dependency();
 
         dependency.addEvidence(EvidenceType.VERSION, "util", "version", "33.3", Confidence.HIGHEST);
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
index 26d17183ffc..46f7e79e676 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/VulnerabilitySuppressionAnalyzerIT.java
@@ -17,28 +17,30 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Testing the vulnerability suppression analyzer.
  *
  * @author Jeremy Long
  */
-public class VulnerabilitySuppressionAnalyzerIT extends BaseDBTestCase {
+class VulnerabilitySuppressionAnalyzerIT extends BaseDBTestCase {
 
     /**
      * Test of getName method, of class VulnerabilitySuppressionAnalyzer.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         VulnerabilitySuppressionAnalyzer instance = new VulnerabilitySuppressionAnalyzer();
         instance.initialize(getSettings());
         String expResult = "Vulnerability Suppression Analyzer";
@@ -51,7 +53,7 @@ public void testGetName() {
      * VulnerabilitySuppressionAnalyzer.
      */
     @Test
-    public void testGetAnalysisPhase() {
+    void testGetAnalysisPhase() {
         VulnerabilitySuppressionAnalyzer instance = new VulnerabilitySuppressionAnalyzer();
         instance.initialize(getSettings());
         AnalysisPhase expResult = AnalysisPhase.POST_FINDING_ANALYSIS;
@@ -63,7 +65,7 @@ public void testGetAnalysisPhase() {
      * Test of analyze method, of class VulnerabilitySuppressionAnalyzer.
      */
     @Test
-    public void testAnalyze() throws Exception {
+    void testAnalyze() throws Exception {
 
         File file = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.jar");
         File suppression = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.suppression.xml");
@@ -81,7 +83,7 @@ public void testAnalyze() throws Exception {
             cpeSize = dependency.getVulnerableSoftwareIdentifiers().size();
             assertTrue(cveSize > 0);
             assertTrue(cpeSize > 0);
-            
+
         }
         getSettings().setString(Settings.KEYS.SUPPRESSION_FILE, suppression.getAbsolutePath());
         try (Engine engine = new Engine(getSettings())) {
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerIT.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerIT.java
index dbaf0755458..98fd1afc218 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerIT.java
@@ -17,32 +17,32 @@
  */
 package org.owasp.dependencycheck.analyzer;
 
-import org.junit.Assume;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.EvidenceType;
 import org.owasp.dependencycheck.exception.InitializationException;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
 
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
-public class YarnAuditAnalyzerIT extends BaseTest {
+class YarnAuditAnalyzerIT extends BaseTest {
 
     @Test
-    public void testAnalyzePackageYarnClassic() throws AnalysisException, InitializationException, InvalidSettingException {
+    void testAnalyzePackageYarnClassic() throws AnalysisException {
         testAnalyzePackageYarn("yarn/yarn-classic-audit/yarn.lock");
     }
 
     @Test
-    public void testAnalyzePackageYarnBerry() throws AnalysisException, InitializationException, InvalidSettingException {
+    void testAnalyzePackageYarnBerry() throws AnalysisException {
         testAnalyzePackageYarn("yarn/yarn-berry-audit/yarn.lock");
     }
 
     @Test
-    public void testAnalyzePackageYarnBerryNoVulnerability() throws AnalysisException, InitializationException, InvalidSettingException {
+    void testAnalyzePackageYarnBerryNoVulnerability() throws AnalysisException {
         //Assume.assumeThat(getSettings().getBoolean(Settings.KEYS.ANALYZER_YARN_AUDIT_ENABLED), is(true));
         try (Engine engine = new Engine(getSettings())) {
             var analyzer = new YarnAuditAnalyzer();
@@ -51,10 +51,10 @@ public void testAnalyzePackageYarnBerryNoVulnerability() throws AnalysisExceptio
             analyzer.prepare(engine);
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, "yarn/yarn-berry-audit-no-vulnerability/yarn.lock"));
             analyzer.analyze(toScan, engine);
-            assertTrue("No dependency should be identified", engine.getDependencies().length == 0);
+            assertEquals(0, engine.getDependencies().length, "No dependency should be identified");
         } catch (InitializationException ex) {
             //yarn is not installed - skip the test case.
-            Assume.assumeNoException(ex);
+            assumeTrue(false, ex.toString());
         }
     }
 
@@ -68,20 +68,20 @@ private void testAnalyzePackageYarn(String yarnLockFile) throws AnalysisExceptio
             final Dependency toScan = new Dependency(BaseTest.getResourceAsFile(this, yarnLockFile));
             analyzer.analyze(toScan, engine);
             boolean found = false;
-            assertTrue("More then 1 dependency should be identified", 1 < engine.getDependencies().length);
+            assertTrue(1 < engine.getDependencies().length, "More then 1 dependency should be identified");
             for (Dependency result : engine.getDependencies()) {
                 if ("yarn.lock?uglify-js".equals(result.getFileName())) {
                     found = true;
                     assertTrue(result.getEvidence(EvidenceType.VENDOR).toString().contains("uglify-js"));
                     assertTrue(result.getEvidence(EvidenceType.PRODUCT).toString().contains("uglify-js"));
-                    assertTrue("Unable to find version 2.4.24: " + result.getEvidence(EvidenceType.VERSION).toString(), result.getEvidence(EvidenceType.VERSION).toString().contains("2.4.24"));
+                    assertTrue(result.getEvidence(EvidenceType.VERSION).toString().contains("2.4.24"), "Unable to find version 2.4.24: " + result.getEvidence(EvidenceType.VERSION).toString());
                     assertTrue(result.isVirtual());
                 }
             }
-            assertTrue("Uglify was not found", found);
+            assertTrue(found, "Uglify was not found");
         } catch (InitializationException ex) {
             //yarn is not installed - skip the test case.
-            Assume.assumeNoException(ex);
+            assumeTrue(false, ex.toString());
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerTest.java
index 029e7f294a0..8f34b7ceb97 100644
--- a/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzerTest.java
@@ -1,23 +1,23 @@
 package org.owasp.dependencycheck.analyzer;
 
-import java.io.File;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import java.io.File;
+
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
 
-public class YarnAuditAnalyzerTest extends BaseTest {
+class YarnAuditAnalyzerTest extends BaseTest {
 
     @Test
-    public void testGetName() {
+    void testGetName() {
         YarnAuditAnalyzer analyzer = new YarnAuditAnalyzer();
         assertThat(analyzer.getName(), is("Yarn Audit Analyzer"));
     }
 
     @Test
-    public void testSupportsFiles() {
+    void testSupportsFiles() {
         YarnAuditAnalyzer analyzer = new YarnAuditAnalyzer();
         assertThat(analyzer.accept(new File("package-lock.json")), is(false));
         assertThat(analyzer.accept(new File("npm-shrinkwrap.json")), is(false));
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchIT.java b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchIT.java
index 99b0e10706b..0e030d42a09 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchIT.java
@@ -17,8 +17,8 @@
  */
 package org.owasp.dependencycheck.data.artifactory;
 
-import org.junit.Ignore;
-import org.junit.Test;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
@@ -27,15 +27,15 @@
 import java.io.IOException;
 import java.util.List;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
-@Ignore
-public class ArtifactorySearchIT {
+@Disabled
+class ArtifactorySearchIT {
 
 
     @Test
-    public void testWithRealInstanceUsingBearerToken() throws IOException {
+    void testWithRealInstanceUsingBearerToken() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -63,7 +63,7 @@ public void testWithRealInstanceUsingBearerToken() throws IOException {
     }
 
     @Test
-    public void testWithRealInstanceAnonymous() throws IOException {
+    void testWithRealInstanceAnonymous() {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -72,17 +72,14 @@ public void testWithRealInstanceAnonymous() throws IOException {
         settings.setString(Settings.KEYS.ANALYZER_ARTIFACTORY_URL, "https://artifactory.techno.ingenico.com/artifactory");
         final ArtifactorySearch artifactorySearch = new ArtifactorySearch(settings);
         // When
-        try {
-            artifactorySearch.search(dependency);
-            fail("No Match found, should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory", e.getMessage());
-        }
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> artifactorySearch.search(dependency),
+                "No Match found, should throw an exception!");
+        // Then
+        assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory", e.getMessage());
     }
 
     @Test
-    public void testWithRealInstanceWithUserToken() throws IOException {
+    void testWithRealInstanceWithUserToken() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("0695b63d702f505b9b916e02272e3b6381bade7f");
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandlerTest.java b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandlerTest.java
index 251b61a7fb6..861aaf1f9cb 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandlerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchResponseHandlerTest.java
@@ -23,8 +23,8 @@
 import ch.qos.logback.core.read.ListAppender;
 import org.apache.hc.core5.http.ClassicHttpResponse;
 import org.apache.hc.core5.http.HttpEntity;
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
 import org.owasp.dependencycheck.dependency.Dependency;
@@ -33,24 +33,38 @@
 import java.io.ByteArrayInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
-public class ArtifactorySearchResponseHandlerTest extends BaseTest {
+@SuppressWarnings("resource")
+class ArtifactorySearchResponseHandlerTest extends BaseTest {
 
-    @Before
+    private static final URL TEST_URL;
+    private static final String EXCEPTION_MESSAGE = "Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered SHA1 hits not recognized as matching Maven artifacts";
+
+    static {
+        try {
+            TEST_URL = new URL("https://example.com/artifactory/api/search/checksum?sha1=43515aa4b2f4bce7c431145e8c0a7bcc441e0532");
+        } catch (MalformedURLException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswerWithoutSha256() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswerWithoutSha256() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("2e66da15851f9f5b5079228f856c2f090ba98c38");
@@ -88,7 +102,7 @@ public void shouldProcessCorrectlyArtifactoryAnswerWithoutSha256() throws IOExce
 
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
         final List<MavenArtifact> mavenArtifacts = handler.handleResponse(response);
 
         // Then
@@ -105,7 +119,7 @@ public void shouldProcessCorrectlyArtifactoryAnswerWithoutSha256() throws IOExce
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswerWithMultipleMatches() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswerWithMultipleMatches() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("94a9ce681a42d0352b3ad22659f67835e560d107");
@@ -118,7 +132,7 @@ public void shouldProcessCorrectlyArtifactoryAnswerWithMultipleMatches() throws
 
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
         final List<MavenArtifact> mavenArtifacts = handler.handleResponse(response);
 
         // Then
@@ -146,12 +160,13 @@ public void shouldProcessCorrectlyArtifactoryAnswerWithMultipleMatches() throws
      * @throws IOException
      */
     @Test
-    public void shouldProcessCorrectlyForMissingXResultDetailHeader() throws IOException {
+    void shouldProcessCorrectlyForMissingXResultDetailHeader() throws IOException {
         // Inject logback ListAppender to capture test-logs from ArtifactorySearchResponseHandler
         final Logger sutLogger = (Logger) LoggerFactory.getLogger(ArtifactorySearchResponseHandler.class);
         final ListAppender<ILoggingEvent> listAppender = new ListAppender<>();
         listAppender.start();
         sutLogger.addAppender(listAppender);
+        final String logMessage = "No checksums found in Artifactory search result for '{}'. Specifically, the result set contains URI '{}' but it is missing the 'checksums' property. Please make sure that the '{}' header is retained on any (reverse-)proxy, load-balancer or Web Application Firewall in the network path to your Artifactory server.";
 
         // Given
         final Dependency dependency = new Dependency();
@@ -167,41 +182,40 @@ public void shouldProcessCorrectlyForMissingXResultDetailHeader() throws IOExcep
 
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("Result with no details due to missing X-Result-Detail header, should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact Dependency{ fileName='freemarker-2.3.33.jar', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts",
-                    e.getMessage());
-
-            // There should be a WARN-log for for each of the results regarding the absence of X-Result-Detail header driven attributes
-            final List<ILoggingEvent> logsList = listAppender.list;
-            assertEquals("Number of log entries for the ArtifactorySearchResponseHandler", 2, logsList.size());
-
-            ILoggingEvent logEvent = logsList.get(0);
-            assertEquals(Level.WARN, logEvent.getLevel());
-            assertEquals("No checksums found in artifactory search result of uri {}. Please make sure that header X-Result-Detail is retained on any (reverse)-proxy, loadbalancer or WebApplicationFirewall in the network path to your Artifactory Server", logEvent.getMessage());
-            Object[] args = logEvent.getArgumentArray();
-            assertEquals(1, args.length);
-            assertEquals("https://artifactory.example.com:443/artifactory/api/storage/maven-central-cache/org/freemarker/freemarker/2.3.33/freemarker-2.3.33.jar", args[0]);
-
-            logEvent = logsList.get(1);
-            assertEquals(Level.WARN, logEvent.getLevel());
-            assertEquals("No checksums found in artifactory search result of uri {}. Please make sure that header X-Result-Detail is retained on any (reverse)-proxy, loadbalancer or WebApplicationFirewall in the network path to your Artifactory Server", logEvent.getMessage());
-            args = logEvent.getArgumentArray();
-            assertEquals(1, args.length);
-            assertEquals("https://artifactory.example.com:443/artifactory/api/storage/gradle-plugins-extended-cache/org/freemarker/freemarker/2.3.33/freemarker-2.3.33.jar", args[0]);
-
-            // Remove our manually injected additional appender
-            sutLogger.detachAppender(listAppender);
-            listAppender.stop();
-        }
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "Result with no details due to missing X-Result-Detail header, should throw an exception!");
+
+        // Then
+        assertEquals("Artifact Dependency{ fileName='freemarker-2.3.33.jar', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered SHA1 hits not recognized as matching Maven artifacts",
+                e.getMessage());
+
+        // There should be a WARN-log for each of the results regarding the absence of X-Result-Detail header driven attributes
+        final List<ILoggingEvent> logsList = listAppender.list;
+        assertEquals(2, logsList.size(), "Number of log entries for the ArtifactorySearchResponseHandler");
+
+        ILoggingEvent logEvent = logsList.get(0);
+        assertEquals(Level.WARN, logEvent.getLevel());
+        assertEquals(logMessage, logEvent.getMessage());
+        Object[] args = logEvent.getArgumentArray();
+        assertEquals(3, args.length);
+        assertEquals("https://artifactory.example.com:443/artifactory/api/storage/maven-central-cache/org/freemarker/freemarker/2.3.33/freemarker-2.3.33.jar", args[1]);
+
+        logEvent = logsList.get(1);
+        assertEquals(Level.WARN, logEvent.getLevel());
+        assertEquals(logMessage, logEvent.getMessage());
+        args = logEvent.getArgumentArray();
+        assertEquals(3, args.length);
+        assertEquals("https://artifactory.example.com:443/artifactory/api/storage/gradle-plugins-extended-cache/org/freemarker/freemarker/2.3.33/freemarker-2.3.33.jar", args[1]);
+
+        // Remove our manually injected additional appender
+        sutLogger.detachAppender(listAppender);
+        listAppender.stop();
     }
 
     @Test
-    public void shouldHandleNoMatches() throws IOException {
+    void shouldHandleNoMatches() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("94a9ce681a42d0352b3ad22659f67835e560d108");
@@ -213,15 +227,12 @@ public void shouldHandleNoMatches() throws IOException {
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("No Match found, should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory",
-                    e.getMessage());
-        }
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "No Match found, should throw an exception!");
+        // Then
+        assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory",
+                e.getMessage());
     }
 
     private byte[] multipleMatchesPayload() {
@@ -289,7 +300,7 @@ private byte[] noXResultDetailHeaderResponse() {
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswer() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswer() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -302,7 +313,7 @@ public void shouldProcessCorrectlyArtifactoryAnswer() throws IOException {
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
         final List<MavenArtifact> mavenArtifacts = handler.handleResponse(response);
 
         // Then
@@ -410,7 +421,7 @@ private String payloadWithSha256() {
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswerMisMatchMd5() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswerMisMatchMd5() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -423,20 +434,17 @@ public void shouldProcessCorrectlyArtifactoryAnswerMisMatchMd5() throws IOExcept
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("MD5 mismatching should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact " + dependency.toString()
-                    + " not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts", e.getMessage());
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "MD5 mismatching should throw an exception!");
 
-        }
+        // Then
+        assertEquals("Artifact " + dependency
+                + " not found in Artifactory; discovered SHA1 hits not recognized as matching Maven artifacts", e.getMessage());
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha1() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha1() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0e");
@@ -449,18 +457,16 @@ public void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha1() throws IOExcep
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("SHA1 mismatching should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts", e.getMessage());
-        }
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "SHA1 mismatching should throw an exception!");
+
+        // Then
+        assertEquals(EXCEPTION_MESSAGE, e.getMessage());
     }
 
     @Test
-    public void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha256() throws IOException {
+    void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha256() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -473,18 +479,16 @@ public void shouldProcessCorrectlyArtifactoryAnswerMisMatchSha256() throws IOExc
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("SHA256 mismatching should throw an exception!");
-        } catch (FileNotFoundException e) {
-            // Then
-            assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts", e.getMessage());
-        }
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "SHA256 mismatching should throw an exception!");
+
+        // Then
+        assertEquals(EXCEPTION_MESSAGE, e.getMessage());
     }
 
     @Test
-    public void shouldThrowNotFoundWhenPatternCannotBeParsed() throws IOException {
+    void shouldThrowNotFoundWhenPatternCannotBeParsed() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -498,18 +502,16 @@ public void shouldThrowNotFoundWhenPatternCannotBeParsed() throws IOException {
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
-        try {
-            handler.handleResponse(response);
-            fail("Maven GAV pattern mismatch for filepath should throw a not found exception!");
-        } catch (FileNotFoundException e) {
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
+        FileNotFoundException e = assertThrows(FileNotFoundException.class, () -> handler.handleResponse(response),
+                "Maven GAV pattern mismatch for filepath should throw a not found exception!");
+
             // Then
-            assertEquals("Artifact Dependency{ fileName='null', actualFilePath='null', filePath='null', packagePath='null'} not found in Artifactory; discovered sha1 hits not recognized as matching maven artifacts", e.getMessage());
-        }
+            assertEquals(EXCEPTION_MESSAGE, e.getMessage());
     }
 
     @Test
-    public void shouldSkipResultsWherePatternCannotBeParsed() throws IOException {
+    void shouldSkipResultsWherePatternCannotBeParsed() throws IOException {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -522,7 +524,7 @@ public void shouldSkipResultsWherePatternCannotBeParsed() throws IOException {
         when(responseEntity.getContent()).thenReturn(new ByteArrayInputStream(payload));
 
         // When
-        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(dependency);
+        final ArtifactorySearchResponseHandler handler = new ArtifactorySearchResponseHandler(TEST_URL, dependency);
         List<MavenArtifact> result = handler.handleResponse(response);
         // Then
         assertEquals(1, result.size());
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchTest.java b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchTest.java
index 6ec808485b6..c2342ba00f2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/artifactory/ArtifactorySearchTest.java
@@ -17,28 +17,26 @@
  */
 package org.owasp.dependencycheck.data.artifactory;
 
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.utils.Settings;
 
-import java.io.IOException;
 import java.net.UnknownHostException;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
-public class ArtifactorySearchTest extends BaseTest {
+class ArtifactorySearchTest extends BaseTest {
     private static String httpsProxyHostOrig;
     private static String httpsPortOrig;
 
-    @BeforeClass
-    public static void tinkerProxies() {
+    @BeforeAll
+    static void tinkerProxies() {
         httpsProxyHostOrig = System.getProperty("https.proxyHost");
         if (httpsProxyHostOrig == null) {
             httpsProxyHostOrig = System.getenv("https.proxyHost");
@@ -51,8 +49,8 @@ public static void tinkerProxies() {
         System.setProperty("https.proxyPort", "");
     }
 
-    @AfterClass
-    public static void restoreProxies() {
+    @AfterAll
+    static void restoreProxies() {
         if (httpsProxyHostOrig != null) {
             System.setProperty("https.proxyHost", httpsProxyHostOrig);
         }
@@ -61,7 +59,7 @@ public static void restoreProxies() {
         }
     }
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -69,7 +67,7 @@ public void setUp() throws Exception {
 
 
     @Test
-    public void shouldFailWhenHostUnknown() throws IOException {
+    void shouldFailWhenHostUnknown() {
         // Given
         Dependency dependency = new Dependency();
         dependency.setSha1sum("c5b4c491aecb72e7c32a78da0b5c6b9cda8dee0f");
@@ -80,14 +78,12 @@ public void shouldFailWhenHostUnknown() throws IOException {
         settings.setString(Settings.KEYS.ANALYZER_ARTIFACTORY_URL, "https://artifactory.techno.ingenico.com.invalid/artifactory");
         final ArtifactorySearch artifactorySearch = new ArtifactorySearch(settings);
         // When
-        try {
-            artifactorySearch.search(dependency);
-            fail("Should have thrown an UnknownHostException");
-        } catch (UnknownHostException exception) {
-            // Then
-            assertNotNull(exception.getMessage());
-            assertTrue(exception.getMessage().contains("artifactory.techno.ingenico.com.invalid"));
-        }
+        UnknownHostException exception = assertThrows(UnknownHostException.class, () -> artifactorySearch.search(dependency),
+                "Should have thrown an UnknownHostException");
+
+        // Then
+        assertNotNull(exception.getMessage());
+        assertTrue(exception.getMessage().contains("artifactory.techno.ingenico.com.invalid"));
     }
 
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/cache/DataCacheFactoryTest.java b/core/src/test/java/org/owasp/dependencycheck/data/cache/DataCacheFactoryTest.java
index d16d877e550..636125d9569 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/cache/DataCacheFactoryTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/cache/DataCacheFactoryTest.java
@@ -17,26 +17,29 @@
  */
 package org.owasp.dependencycheck.data.cache;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.data.nexus.MavenArtifact;
+
 import java.io.File;
 import java.io.FilenameFilter;
 import java.io.IOException;
 import java.util.List;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.data.nexus.MavenArtifact;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DataCacheFactoryTest extends BaseTest {
+class DataCacheFactoryTest extends BaseTest {
 
     /**
      * Test of getCache method, of class DataCacheFactory.
      */
     @Test
-    public void testGetCache() throws IOException {
+    void testGetCache() throws IOException {
         DataCacheFactory instance = new DataCacheFactory(getSettings());
         DataCache<List<MavenArtifact>> result = instance.getCentralCache();
         assertNotNull(result);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/central/CentralSearchTest.java b/core/src/test/java/org/owasp/dependencycheck/data/central/CentralSearchTest.java
index f82c6e91916..3d36f5422da 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/central/CentralSearchTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/central/CentralSearchTest.java
@@ -1,56 +1,68 @@
 package org.owasp.dependencycheck.data.central;
 
-import org.junit.Before;
-import org.junit.Test;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
 
+import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.net.SocketTimeoutException;
 import java.util.List;
-import org.apache.commons.lang3.StringUtils;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.junit.Assume;
-import org.owasp.dependencycheck.utils.Settings;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertInstanceOf;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeFalse;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  * Created by colezlaw on 10/13/14.
  */
-public class CentralSearchTest extends BaseTest {
+class CentralSearchTest extends BaseTest {
 
     private CentralSearch searcher;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
         searcher = new CentralSearch(getSettings());
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    public void testNullSha1() throws Exception {
-        searcher.searchSha1(null);
+    @Test
+    void testNullSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1(null));
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    public void testMalformedSha1() throws Exception {
-        searcher.searchSha1("invalid");
+    @Test
+    void testMalformedSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1("invalid"));
     }
 
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
     @Test
-    public void testValidSha1() throws Exception {
+    void testValidSha1() throws Exception {
         try {
-        List<MavenArtifact> ma = searcher.searchSha1("9977a8d04e75609cf01badc4eb6a9c7198c4c5ea");
-        assertEquals("Incorrect group", "org.apache.maven.plugins", ma.get(0).getGroupId());
-        assertEquals("Incorrect artifact", "maven-compiler-plugin", ma.get(0).getArtifactId());
-        assertEquals("Incorrect version", "3.1", ma.get(0).getVersion());
-                } catch (IOException ex) {
-            //we hit a failure state on the CI
-            Assume.assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
+            List<MavenArtifact> ma = searcher.searchSha1("9977a8d04e75609cf01badc4eb6a9c7198c4c5ea");
+            assertEquals("org.apache.maven.plugins", ma.get(0).getGroupId(), "Incorrect group");
+            assertEquals("maven-compiler-plugin", ma.get(0).getArtifactId(), "Incorrect artifact");
+            assertEquals("3.1", ma.get(0).getVersion(), "Incorrect version");
+        } catch (SocketTimeoutException ex) {
+            // skip test if Maven Central times out
+            assumeTrue(false, "Skipping test due to SocketTimeoutException: " + ex.getMessage());
+        } catch (IOException ex) {
+            // abort if we hit a failure state on the CI
+            assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
+            assumeFalse(ex.getMessage().matches("^https://.+ - Server status: \\d{3} - Server reason: .+$"));
+
+            // otherwise fail the test
             throw ex;
         }
     }
@@ -58,26 +70,39 @@ public void testValidSha1() throws Exception {
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
-    @Test(expected = IOException.class)
-    public void testMissingSha1() throws Exception {
+    @Test
+    void testMissingSha1() throws Exception {
         try {
-        searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
-                } catch (IOException ex) {
-            //we hit a failure state on the CI
-            Assume.assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
-            throw ex;
+            searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
+        } catch (SocketTimeoutException ex) {
+            // skip test if Maven Central times out
+            assumeTrue(false, "Skipping test due to SocketTimeoutException: " + ex.getMessage());
+        } catch (IOException ex) {
+            // abort if we hit a failure state on the CI
+            assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
+            assumeFalse(ex.getMessage().matches("^https://.+ - Server status: \\d{3} - Server reason: .+$"));
+
+            // otherwise assert that the exception is a FileNotFoundException
+            assertInstanceOf(FileNotFoundException.class, ex);
+            assertEquals("Artifact not found in Central", ex.getMessage());
         }
     }
 
     // This test should give us multiple results back from Central
     @Test
-    public void testMultipleReturns() throws Exception {
+    void testMultipleReturns() throws Exception {
         try {
             List<MavenArtifact> ma = searcher.searchSha1("94A9CE681A42D0352B3AD22659F67835E560D107");
             assertTrue(ma.size() > 1);
+        } catch (SocketTimeoutException ex) {
+            // skip test if Maven Central times out
+            assumeTrue(false, "Skipping test due to SocketTimeoutException: " + ex.getMessage());
         } catch (IOException ex) {
-            //we hit a failure state on the CI
-            Assume.assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
+            // abort if we hit a failure state on the CI
+            assumeFalse(StringUtils.contains(ex.getMessage(), "Could not connect to MavenCentral"));
+            assumeFalse(ex.getMessage().matches("^https://.+ - Server status: \\d{3} - Server reason: .+$"));
+
+            // otherwise fail the test
             throw ex;
         }
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/composer/ComposerLockParserTest.java b/core/src/test/java/org/owasp/dependencycheck/data/composer/ComposerLockParserTest.java
index 4a2e9bfe724..9fce09dffa1 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/composer/ComposerLockParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/composer/ComposerLockParserTest.java
@@ -17,24 +17,27 @@
  */
 package org.owasp.dependencycheck.data.composer;
 
-import org.junit.Before;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.nio.charset.Charset;
 
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * Created by colezlaw on 9/5/15.
  */
-public class ComposerLockParserTest extends BaseTest  {
+class ComposerLockParserTest extends BaseTest {
 
     private InputStream inputStream;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -42,17 +45,17 @@ public void setUp() throws Exception {
     }
 
     @Test
-    public void testValidComposerLock() {
+    void testValidComposerLock() {
         ComposerLockParser clp = new ComposerLockParser(inputStream, false);
         clp.process();
         assertEquals(30, clp.getDependencies().size());
         assertTrue(clp.getDependencies().contains(new ComposerDependency("symfony", "translation", "2.7.3")));
         assertTrue(clp.getDependencies().contains(new ComposerDependency("vlucas", "phpdotenv", "1.1.1")));
     }
-    
-    
+
+
     @Test
-    public void testComposerLockSkipDev() {
+    void testComposerLockSkipDev() {
         ComposerLockParser clp = new ComposerLockParser(inputStream, true);
         clp.process();
         assertEquals(29, clp.getDependencies().size());
@@ -61,24 +64,24 @@ public void testComposerLockSkipDev() {
         assertFalse(clp.getDependencies().contains(new ComposerDependency("vlucas", "phpdotenv", "1.1.1")));
     }
 
-    @Test(expected = ComposerException.class)
-    public void testNotJSON() throws Exception {
+    @Test
+    void testNotJSON() {
         String input = "NOT VALID JSON";
         ComposerLockParser clp = new ComposerLockParser(new ByteArrayInputStream(input.getBytes(Charset.defaultCharset())), false);
-        clp.process();
+        assertThrows(ComposerException.class, clp::process);
     }
 
-    @Test(expected = ComposerException.class)
-    public void testNotComposer() throws Exception {
+    @Test
+    void testNotComposer() {
         String input = "[\"ham\",\"eggs\"]";
         ComposerLockParser clp = new ComposerLockParser(new ByteArrayInputStream(input.getBytes(Charset.defaultCharset())), false);
-        clp.process();
+        assertThrows(ComposerException.class, clp::process);
     }
 
-    @Test(expected = ComposerException.class)
-    public void testNotPackagesArray() throws Exception {
+    @Test
+    void testNotPackagesArray() {
         String input = "{\"packages\":\"eleventy\"}";
         ComposerLockParser clp = new ComposerLockParser(new ByteArrayInputStream(input.getBytes(Charset.defaultCharset())), false);
-        clp.process();
+        assertThrows(ComposerException.class, clp::process);
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndexTest.java b/core/src/test/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndexTest.java
index 6950e2c1526..49bdb4f36d9 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndexTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/cpe/CpeMemoryIndexTest.java
@@ -20,23 +20,26 @@
 import org.apache.lucene.document.Document;
 import org.apache.lucene.search.Query;
 import org.apache.lucene.search.TopDocs;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
 import org.owasp.dependencycheck.Engine;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author jeremy long
  */
-public class CpeMemoryIndexTest extends BaseDBTestCase {
+class CpeMemoryIndexTest extends BaseDBTestCase {
 
     private static final CpeMemoryIndex instance = CpeMemoryIndex.getInstance();
     private static Engine engine = null;
 
-    @AfterClass
+    @AfterAll
     public static void tearDownClass() {
         if (instance.isOpen()) {
             instance.close();
@@ -46,7 +49,7 @@ public static void tearDownClass() {
         }
     }
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -61,7 +64,7 @@ public void setUp() throws Exception {
      * Test of getInstance method, of class CpeMemoryIndex.
      */
     @Test
-    public void testGetInstance() {
+    void testGetInstance() {
         CpeMemoryIndex result = CpeMemoryIndex.getInstance();
         assertNotNull(result);
     }
@@ -70,7 +73,7 @@ public void testGetInstance() {
      * Test of isOpen method, of class CpeMemoryIndex.
      */
     @Test
-    public void testIsOpen() {
+    void testIsOpen() {
         boolean expResult = true;
         boolean result = instance.isOpen();
         assertEquals(expResult, result);
@@ -80,7 +83,7 @@ public void testIsOpen() {
      * Test of search method, of class CpeMemoryIndex.
      */
     @Test
-    public void testSearch_String_int() throws Exception {
+    void testSearch_String_int() throws Exception {
         String searchString = "product:(commons) AND vendor:(apache)";
         int maxQueryResults = 3;
         TopDocs result = instance.search(searchString, maxQueryResults);
@@ -92,7 +95,7 @@ public void testSearch_String_int() throws Exception {
      * Test of parseQuery method, of class CpeMemoryIndex.
      */
     @Test
-    public void testParseQuery() throws Exception {
+    void testParseQuery() throws Exception {
         String searchString = "product:(resteasy) AND vendor:(red hat)";
 
         String expResult = "+product:resteasy +(vendor:red vendor:redhat vendor:hat)";
@@ -111,7 +114,7 @@ public void testParseQuery() throws Exception {
      * Test of search method, of class CpeMemoryIndex.
      */
     @Test
-    public void testSearch_Query_int() throws Exception {
+    void testSearch_Query_int() throws Exception {
         String searchString = "product:(commons) AND vendor:(apache)";
         Query query = instance.parseQuery(searchString);
         int maxQueryResults = 3;
@@ -123,7 +126,7 @@ public void testSearch_Query_int() throws Exception {
      * Test of getDocument method, of class CpeMemoryIndex.
      */
     @Test
-    public void testGetDocument() throws Exception {
+    void testGetDocument() throws Exception {
         String searchString = "product:(commons) AND vendor:(apache)";
         int maxQueryResults = 1;
         TopDocs docs = instance.search(searchString, maxQueryResults);
@@ -136,7 +139,7 @@ public void testGetDocument() throws Exception {
      * Test of numDocs method, of class CpeMemoryIndex.
      */
     @Test
-    public void testNumDocs() {
+    void testNumDocs() {
         int result = instance.numDocs();
         assertTrue(result > 100);
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java b/core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java
index 68fd1fe993f..792e1c3c7e4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java
@@ -17,15 +17,16 @@
  */
 package org.owasp.dependencycheck.data.cpe;
 
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
 /**
  *
  * @author Jeremy Long
  */
-public class IndexEntryTest extends BaseTest  {
+class IndexEntryTest extends BaseTest {
 
     /**
      * Test of setName method, of class IndexEntry.
@@ -33,13 +34,13 @@ public class IndexEntryTest extends BaseTest  {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testSetName() throws Exception {
+    void testSetName() throws Exception {
         String name = "cpe:/a:apache:struts:1.1:rc2";
 
         IndexEntry instance = new IndexEntry();
         instance.parseName(name);
 
-        Assert.assertEquals("apache", instance.getVendor());
-        Assert.assertEquals("struts", instance.getProduct());
+        assertEquals("apache", instance.getVendor());
+        assertEquals("struts", instance.getProduct());
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java b/core/src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java
index d51f0539876..f28d9172565 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/cwe/CweDBTest.java
@@ -17,23 +17,23 @@
  */
 package org.owasp.dependencycheck.data.cwe;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
 /**
  *
  * @author Jeremy Long
  */
-public class CweDBTest extends BaseTest {
+class CweDBTest extends BaseTest {
 
     /**
      * Test of getName method, of class CweDB.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         String cweId = "CWE-16";
         String expResult = "Configuration";
         String result = CweDB.getName(cweId);
@@ -48,7 +48,7 @@ public void testGetName() {
      * Test of getFullName method, of class CweDB.
      */
     @Test
-    public void testGetFullName() {
+    void testGetFullName() {
         String cweId = "CWE-16";
         String expResult = "CWE-16 Configuration";
         String result = CweDB.getFullName(cweId);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/elixir/MixAuditJsonParserTest.java b/core/src/test/java/org/owasp/dependencycheck/data/elixir/MixAuditJsonParserTest.java
index 57de529e90e..3364da81c5d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/elixir/MixAuditJsonParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/elixir/MixAuditJsonParserTest.java
@@ -1,17 +1,19 @@
 package org.owasp.dependencycheck.data.elixir;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
 
-import java.io.*;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileReader;
 
-import static org.junit.Assert.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
-public class MixAuditJsonParserTest {
+class MixAuditJsonParserTest {
 
     @Test
-    public void testEmptyResult() throws AnalysisException, FileNotFoundException {
+    void testEmptyResult() throws AnalysisException, FileNotFoundException {
         MixAuditJsonParser parser;
 
         File jsonFixtureFile = BaseTest.getResourceAsFile(this, "elixir/mix_audit/empty.json");
@@ -20,11 +22,11 @@ public void testEmptyResult() throws AnalysisException, FileNotFoundException {
         parser = new MixAuditJsonParser(fir);
         parser.process();
 
-        assertEquals("results must be empty", 0, parser.getResults().size());
+        assertEquals(0, parser.getResults().size(), "results must be empty");
     }
 
     @Test
-    public void testSingleResult() throws AnalysisException, FileNotFoundException {
+    void testSingleResult() throws AnalysisException, FileNotFoundException {
         MixAuditJsonParser parser;
 
         File jsonFixtureFile = BaseTest.getResourceAsFile(this, "elixir/mix_audit/plug.json");
@@ -33,7 +35,7 @@ public void testSingleResult() throws AnalysisException, FileNotFoundException {
         parser = new MixAuditJsonParser(fir);
         parser.process();
 
-        assertEquals("must have 1 result", 1, parser.getResults().size());
+        assertEquals(1, parser.getResults().size(), "must have 1 result");
 
         MixAuditResult r = parser.getResults().get(0);
         assertEquals("dc96aba4-4462-4d3b-b73f-28b9349133d8", r.getId());
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/golang/GoModJsonParserTest.java b/core/src/test/java/org/owasp/dependencycheck/data/golang/GoModJsonParserTest.java
index e2536f98337..7abd6e68fb2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/golang/GoModJsonParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/golang/GoModJsonParserTest.java
@@ -17,17 +17,19 @@
  */
 package org.owasp.dependencycheck.data.golang;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.util.List;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author jeremy
  */
-public class GoModJsonParserTest {
+class GoModJsonParserTest {
 
     final String issue2891 = "{\n"
             + "	\"Path\": \"cloud.google.com/go\",\n"
@@ -783,7 +785,7 @@ public class GoModJsonParserTest {
      * Test of process method, of class GoModJsonParser.
      */
     @Test
-    public void testProcess() throws Exception {
+    void testProcess() throws Exception {
         InputStream inputStream = new ByteArrayInputStream(issue2891.getBytes());
         List<GoModDependency> expResult = null;
         List<GoModDependency> result = GoModJsonParser.process(inputStream);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
index 933255fa815..5f5c52ee148 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/AlphaNumericFilterTest.java
@@ -54,7 +54,7 @@ protected Analyzer.TokenStreamComponents createComponents(String fieldName) {
 
     /**
      * Test of incrementToken method, of class AlphaNumericFilter.
-     * 
+     *
      * @throws Exception thrown if there is a problem
      */
     @Test
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java
index fac0bf102b0..00ebb6f26f0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/FieldAnalyzerTest.java
@@ -17,9 +17,6 @@
  */
 package org.owasp.dependencycheck.data.lucene;
 
-import java.io.File;
-import java.io.IOException;
-import java.util.HashMap;
 import org.apache.lucene.analysis.Analyzer;
 import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
 import org.apache.lucene.analysis.standard.StandardAnalyzer;
@@ -37,21 +34,24 @@
 import org.apache.lucene.search.TopScoreDocCollector;
 import org.apache.lucene.store.Directory;
 import org.apache.lucene.store.MMapDirectory;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
+import java.io.File;
+import java.io.IOException;
+import java.util.HashMap;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 
 /**
  *
  * @author Jeremy Long
  */
-public class FieldAnalyzerTest extends BaseTest {
+class FieldAnalyzerTest extends BaseTest {
 
     @Test
-    public void testAnalyzers() throws Exception {
+    void testAnalyzers() throws Exception {
 
         Analyzer analyzer = new SearchFieldAnalyzer();
         File temp = getSettings().getTempDirectory();
@@ -92,7 +92,7 @@ public void testAnalyzers() throws Exception {
         searcher.search(q, collector);
         ScoreDoc[] hits = collector.topDocs().scoreDocs;
 
-        assertEquals("Did not find 1 document?", 1, hits.length);
+        assertEquals(1, hits.length, "Did not find 1 document?");
         assertEquals("springframework", searcher.doc(hits[0].doc).get(field1));
         assertEquals("springsource", searcher.doc(hits[0].doc).get(field2));
 
@@ -100,7 +100,7 @@ public void testAnalyzers() throws Exception {
 
         reset(searchAnalyzerProduct, searchAnalyzerVendor);
         Query q2 = parser.parse(querystr);
-        assertFalse("second parsing contains previousWord from the TokenPairConcatenatingFilter", q2.toString().contains("core"));
+        assertFalse(q2.toString().contains("core"), "second parsing contains previousWord from the TokenPairConcatenatingFilter");
 
         querystr = "product:(  x-stream^5 )  AND  vendor:(  thoughtworks.xstream )";
         reset(searchAnalyzerProduct, searchAnalyzerVendor);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java
index 88a6b2c219d..3c708f91f1a 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/LuceneUtilsTest.java
@@ -17,24 +17,24 @@
  */
 package org.owasp.dependencycheck.data.lucene;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class LuceneUtilsTest extends BaseTest {
+class LuceneUtilsTest extends BaseTest {
 
     /**
      * Test of appendEscapedLuceneQuery method, of class LuceneUtils.
      */
     @Test
-    public void testAppendEscapedLuceneQuery() {
+    void testAppendEscapedLuceneQuery() {
         StringBuilder buf = new StringBuilder();
         CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
         String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
@@ -46,7 +46,7 @@ public void testAppendEscapedLuceneQuery() {
      * Test of appendEscapedLuceneQuery method, of class LuceneUtils.
      */
     @Test
-    public void testAppendEscapedLuceneQuery_null() {
+    void testAppendEscapedLuceneQuery_null() {
         StringBuilder buf = new StringBuilder();
         CharSequence text = null;
         LuceneUtils.appendEscapedLuceneQuery(buf, text);
@@ -57,7 +57,7 @@ public void testAppendEscapedLuceneQuery_null() {
      * Test of escapeLuceneQuery method, of class LuceneUtils.
      */
     @Test
-    public void testEscapeLuceneQuery() {
+    void testEscapeLuceneQuery() {
         CharSequence text = "test encoding + - & | ! ( ) { } [ ] ^ \" ~ * ? : \\";
         String expResult = "test encoding \\+ \\- \\& \\| \\! \\( \\) \\{ \\} \\[ \\] \\^ \\\" \\~ \\* \\? \\: \\\\";
         String result = LuceneUtils.escapeLuceneQuery(text);
@@ -68,7 +68,7 @@ public void testEscapeLuceneQuery() {
      * Test of escapeLuceneQuery method, of class LuceneUtils.
      */
     @Test
-    public void testEscapeLuceneQuery_null() {
+    void testEscapeLuceneQuery_null() {
         CharSequence text = null;
         String expResult = null;
         String result = LuceneUtils.escapeLuceneQuery(text);
@@ -76,13 +76,13 @@ public void testEscapeLuceneQuery_null() {
     }
 
     @Test
-    public void testIsKeyword() {
-        assertTrue("'AND' is a keyword and should return true", LuceneUtils.isKeyword("And"));
-        assertTrue("'OR' is a keyword and should return true", LuceneUtils.isKeyword("OR"));
-        assertTrue("'NOT' is a keyword and should return true", LuceneUtils.isKeyword("nOT"));
-        assertTrue("'TO' is being considered a keyword and should return true", LuceneUtils.isKeyword("TO"));
-        assertTrue("'+' is being considered a keyword and should return true", LuceneUtils.isKeyword("+"));
-        assertTrue("'-' is being considered a keyword and should return true", LuceneUtils.isKeyword("-"));
-        assertFalse("'the' is not a keyword and should return false", LuceneUtils.isKeyword("test"));
+    void testIsKeyword() {
+        assertTrue(LuceneUtils.isKeyword("And"), "'AND' is a keyword and should return true");
+        assertTrue(LuceneUtils.isKeyword("OR"), "'OR' is a keyword and should return true");
+        assertTrue(LuceneUtils.isKeyword("nOT"), "'NOT' is a keyword and should return true");
+        assertTrue(LuceneUtils.isKeyword("TO"), "'TO' is being considered a keyword and should return true");
+        assertTrue(LuceneUtils.isKeyword("+"), "'+' is being considered a keyword and should return true");
+        assertTrue(LuceneUtils.isKeyword("-"), "'-' is being considered a keyword and should return true");
+        assertFalse(LuceneUtils.isKeyword("test"), "'the' is not a keyword and should return false");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzerTest.java b/core/src/test/java/org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzerTest.java
index 348ad0219b5..5dbfbf54f51 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/lucene/SearchFieldAnalyzerTest.java
@@ -18,20 +18,21 @@
 package org.owasp.dependencycheck.data.lucene;
 
 import org.apache.lucene.analysis.CharArraySet;
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author jeremy long
  */
-public class SearchFieldAnalyzerTest {
+class SearchFieldAnalyzerTest {
 
     /**
      * Test of getStopWords method, of class SearchFieldAnalyzer.
      */
     @Test
-    public void testGetStopWords() {
+    void testGetStopWords() {
         CharArraySet result = SearchFieldAnalyzer.getStopWords();
         assertTrue(result.size() > 20);
         assertTrue(result.contains("software"));
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nexus/MavenArtifactTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nexus/MavenArtifactTest.java
index 800b8fa5c1b..f45c765680d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nexus/MavenArtifactTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nexus/MavenArtifactTest.java
@@ -1,14 +1,14 @@
 package org.owasp.dependencycheck.data.nexus;
 
-import org.junit.Test;
-
-import static org.junit.Assert.assertEquals;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
-public class MavenArtifactTest extends BaseTest {
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+class MavenArtifactTest extends BaseTest {
 
     @Test
-    public void getPomUrl() {
+    void getPomUrl() {
         // Given
         final MavenArtifact mavenArtifact = new MavenArtifact("com.google.code.gson", "gson", "2.1",
                 "https://artifactory.techno.ingenico.com/artifactory/jcenter-cache/com/google/code/gson/gson/2.1/gson-2.1.jar", MavenArtifact.derivePomUrl("gson", "2.1",
@@ -21,7 +21,7 @@ public void getPomUrl() {
     }
 
     @Test
-    public void getPomUrlWithQualifier() {
+    void getPomUrlWithQualifier() {
         // Given
         final MavenArtifact mavenArtifact = new MavenArtifact("com.google.code.gson", "gson", "2.8.5",
                 "https://artifactory.techno.ingenico.com/artifactory/repo1-cache/com/google/code/gson/gson/2.8.5/gson-2.8.5-sources.jar", MavenArtifact.derivePomUrl("gson", "2.8.5",
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV2SearchTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV2SearchTest.java
index 8bc0a9fde81..b00985a6025 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV2SearchTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV2SearchTest.java
@@ -17,24 +17,27 @@
  */
 package org.owasp.dependencycheck.data.nexus;
 
-import java.io.FileNotFoundException;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Ignore;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class NexusV2SearchTest extends BaseTest {
+import java.io.FileNotFoundException;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
+class NexusV2SearchTest extends BaseTest {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(NexusV2SearchTest.class);
     private NexusV2Search searcher;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -45,40 +48,43 @@ public void setUp() throws Exception {
         String nexusUrl = sett.getString(Settings.KEYS.ANALYZER_NEXUS_URL);
         LOGGER.debug(nexusUrl);
         searcher = new NexusV2Search(sett, false);
-        Assume.assumeTrue(searcher.preflightRequest());
+        assumeTrue(searcher.preflightRequest());
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    @Ignore
-    public void testNullSha1() throws Exception {
-        searcher.searchSha1(null);
+    @Test
+    @Disabled
+    void testNullSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1(null));
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    @Ignore
-    public void testMalformedSha1() throws Exception {
-        searcher.searchSha1("invalid");
+    @Test
+    @Disabled
+    void testMalformedSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1("invalid"));
     }
 
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
     @Test
-    @Ignore
-    public void testValidSha1() throws Exception {
+    @Disabled
+    void testValidSha1() throws Exception {
         MavenArtifact ma = searcher.searchSha1("9977a8d04e75609cf01badc4eb6a9c7198c4c5ea");
-        assertEquals("Incorrect group", "org.apache.maven.plugins", ma.getGroupId());
-        assertEquals("Incorrect artifact", "maven-compiler-plugin", ma.getArtifactId());
-        assertEquals("Incorrect version", "3.1", ma.getVersion());
-        assertNotNull("URL Should not be null", ma.getArtifactUrl());
+        assertEquals("org.apache.maven.plugins", ma.getGroupId(), "Incorrect group");
+        assertEquals("maven-compiler-plugin", ma.getArtifactId(), "Incorrect artifact");
+        assertEquals("3.1", ma.getVersion(), "Incorrect version");
+        assertNotNull(ma.getArtifactUrl(), "URL Should not be null");
     }
 
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
-    @Test(expected = FileNotFoundException.class)
-    @Ignore
-    public void testMissingSha1() throws Exception {
-        searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
+    @Test
+    @Disabled
+    void testMissingSha1() {
+        assertThrows(FileNotFoundException.class, () ->
+            searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV3SearchTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV3SearchTest.java
index 166748899fc..7987fc079f2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV3SearchTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nexus/NexusV3SearchTest.java
@@ -17,10 +17,9 @@
  */
 package org.owasp.dependencycheck.data.nexus;
 
-import org.junit.Assume;
-import org.junit.Before;
-import org.junit.Ignore;
-import org.junit.Test;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.utils.Settings;
 import org.slf4j.Logger;
@@ -28,15 +27,17 @@
 
 import java.io.FileNotFoundException;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
-public class NexusV3SearchTest extends BaseTest {
+class NexusV3SearchTest extends BaseTest {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(NexusV3SearchTest.class);
     private NexusV3Search searcher;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -48,40 +49,43 @@ public void setUp() throws Exception {
 
         LOGGER.debug(nexusUrl);
         searcher = new NexusV3Search(sett, false);
-        Assume.assumeTrue(searcher.preflightRequest());
+        assumeTrue(searcher.preflightRequest());
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    @Ignore
-    public void testNullSha1() throws Exception {
-        searcher.searchSha1(null);
+    @Test
+    @Disabled
+    void testNullSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1(null));
     }
 
-    @Test(expected = IllegalArgumentException.class)
-    @Ignore
-    public void testMalformedSha1() throws Exception {
-        searcher.searchSha1("invalid");
+    @Test
+    @Disabled
+    void testMalformedSha1() {
+        assertThrows(IllegalArgumentException.class, () ->
+            searcher.searchSha1("invalid"));
     }
 
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
     @Test
-    @Ignore
-    public void testValidSha1() throws Exception {
+    @Disabled
+    void testValidSha1() throws Exception {
         MavenArtifact ma = searcher.searchSha1("9977a8d04e75609cf01badc4eb6a9c7198c4c5ea");
-        assertEquals("Incorrect group", "org.apache.maven.plugins", ma.getGroupId());
-        assertEquals("Incorrect artifact", "maven-compiler-plugin", ma.getArtifactId());
-        assertEquals("Incorrect version", "3.1", ma.getVersion());
-        assertNotNull("URL Should not be null", ma.getArtifactUrl());
+        assertEquals("org.apache.maven.plugins", ma.getGroupId(), "Incorrect group");
+        assertEquals("maven-compiler-plugin", ma.getArtifactId(), "Incorrect artifact");
+        assertEquals("3.1", ma.getVersion(), "Incorrect version");
+        assertNotNull(ma.getArtifactUrl(), "URL Should not be null");
     }
 
     // This test does generate network traffic and communicates with a host
     // you may not be able to reach. Remove the @Ignore annotation if you want to
     // test it anyway
-    @Test(expected = FileNotFoundException.class)
-    @Ignore
-    public void testMissingSha1() throws Exception {
-        searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
+    @Test
+    @Disabled
+    void testMissingSha1() {
+        assertThrows(FileNotFoundException.class, () ->
+            searcher.searchSha1("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NodeAuditSearchTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NodeAuditSearchTest.java
index 05409907069..18a4ee726c4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NodeAuditSearchTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NodeAuditSearchTest.java
@@ -18,45 +18,30 @@
 package org.owasp.dependencycheck.data.nodeaudit;
 
 import org.owasp.dependencycheck.BaseTest;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import jakarta.json.Json;
-import jakarta.json.JsonObject;
-import jakarta.json.JsonObjectBuilder;
-import jakarta.json.JsonReader;
-import java.io.InputStream;
-import java.util.List;
-import static org.junit.Assume.assumeFalse;
-import org.owasp.dependencycheck.utils.URLConnectionFailureException;
 
-public class NodeAuditSearchTest extends BaseTest {
+class NodeAuditSearchTest extends BaseTest {
 
 // Tested as part of the NodeAuditAnalyzerIT.  Adding this test can cause build failures due to an external service.
 //    private static final Logger LOGGER = LoggerFactory.getLogger(NodeAuditSearchTest.class);
 //    private NodeAuditSearch searcher;
 //
-//    @Before
+//    @BeforeEach
 //    @Override
-//    public void setUp() throws Exception {
+//    void setUp() throws Exception {
 //        super.setUp();
 //        searcher = new NodeAuditSearch(getSettings());
 //    }
 //
 //    @Test
-//    public void testNodeAuditSearchPositive() throws Exception {
+//    void testNodeAuditSearchPositive() throws Exception {
 //        InputStream in = BaseTest.getResourceAsStream(this, "nodeaudit/package-lock.json");
 //        try (JsonReader jsonReader = Json.createReader(in)) {
 //            final JsonObject packageJson = jsonReader.readObject();
 //            final JsonObject payload = SanitizePackage.sanitize(packageJson);
 //            final List<Advisory> advisories = searcher.submitPackage(payload);
-//            Assert.assertTrue(advisories.size() > 0);
-//        } catch (Exception ex) {
-//            assumeFalse(ex instanceof URLConnectionFailureException
-//                    && ex.getMessage().contains("Unable to connect to "));
-//            throw ex;
+//            URLConnectionFailureException ex = assertThrows(URLConnectionFailureException.class,
+//                    () -> searcher.submitPackage(payload));
+//            assumeFalse(ex.getMessage().contains("Unable to connect to "));
 //        }
 //
 //        //this should result in a cache hit
@@ -64,25 +49,20 @@ public class NodeAuditSearchTest extends BaseTest {
 //        try (JsonReader jsonReader = Json.createReader(in)) {
 //            final JsonObject packageJson = jsonReader.readObject();
 //            final JsonObject payload = SanitizePackage.sanitize(packageJson);
-//            final List<Advisory> advisories = searcher.submitPackage(payload);
-//            Assert.assertTrue(advisories.size() > 0);
-//        } catch (Exception ex) {
-//            assumeFalse(ex instanceof URLConnectionFailureException
-//                    && ex.getMessage().contains("Unable to connect to "));
-//            throw ex;
+//            URLConnectionFailureException ex = assertThrows(URLConnectionFailureException.class,
+//                    () -> searcher.submitPackage(payload));
+//            assumeFalse(ex.getMessage().contains("Unable to connect to "));
 //        }
 //    }
-//    @Test(expected = AnalysisException.class)
-//    public void testNodeAuditSearchNegative() throws Exception {
+//
+//    void testNodeAuditSearchNegative() throws Exception {
 //        InputStream in = BaseTest.getResourceAsStream(this, "nodeaudit/package.json");
 //        try (JsonReader jsonReader = Json.createReader(in)) {
 //            final JsonObject packageJson = jsonReader.readObject();
 //            final JsonObject sanitizedJson = SanitizePackage.sanitize(packageJson);
-//            searcher.submitPackage(sanitizedJson);
-//        } catch (Exception ex) {
-//            assumeFalse(ex instanceof URLConnectionFailureException
-//                    && ex.getMessage().contains("Unable to connect to "));
-//            throw ex;
+//            URLConnectionFailureException ex = assertThrows(URLConnectionFailureException.class,
+//                    () -> searcher.submitPackage(sanitizedJson));
+//            assumeFalse(ex.getMessage().contains("Unable to connect to "));
 //        }
 //    }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NpmPayloadBuilderTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NpmPayloadBuilderTest.java
index 667be558c32..59c612e6f2e 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NpmPayloadBuilderTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nodeaudit/NpmPayloadBuilderTest.java
@@ -17,24 +17,25 @@
  */
 package org.owasp.dependencycheck.data.nodeaudit;
 
-import java.io.InputStream;
-
-import org.junit.Assert;
-import org.junit.Test;
-
 import jakarta.json.Json;
 import jakarta.json.JsonObject;
 import jakarta.json.JsonObjectBuilder;
 import jakarta.json.JsonReader;
 import org.apache.commons.collections4.MultiValuedMap;
 import org.apache.commons.collections4.multimap.HashSetValuedHashMap;
-
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
-public class NpmPayloadBuilderTest {
+import java.io.InputStream;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class NpmPayloadBuilderTest {
 
     @Test
-    public void testSanitizer() {
+    void testSanitizer() {
         JsonObjectBuilder builder = Json.createObjectBuilder()
                 .add("name", "my app")
                 .add("version", "1.0.0")
@@ -61,26 +62,26 @@ public void testSanitizer() {
         final MultiValuedMap<String, String> dependencyMap = new HashSetValuedHashMap<>();
         JsonObject sanitized = NpmPayloadBuilder.build(packageJson, dependencyMap, false);
 
-        Assert.assertTrue(sanitized.containsKey("name"));
-        Assert.assertTrue(sanitized.containsKey("version"));
-        Assert.assertTrue(sanitized.containsKey("dependencies"));
-        Assert.assertTrue(sanitized.containsKey("requires"));
+        assertTrue(sanitized.containsKey("name"));
+        assertTrue(sanitized.containsKey("version"));
+        assertTrue(sanitized.containsKey("dependencies"));
+        assertTrue(sanitized.containsKey("requires"));
 
         JsonObject dependencies = sanitized.getJsonObject("dependencies");
-        Assert.assertTrue(dependencies.containsKey("node_modules/jest-resolve"));
+        assertTrue(dependencies.containsKey("node_modules/jest-resolve"));
 
         JsonObject requires = sanitized.getJsonObject("requires");
-        Assert.assertTrue(requires.containsKey("abbrev"));
-        Assert.assertEquals("^1.1.1", requires.getString("abbrev"));
-        Assert.assertEquals("*", requires.getString("node_modules/jest-resolve"));
+        assertTrue(requires.containsKey("abbrev"));
+        assertEquals("^1.1.1", requires.getString("abbrev"));
+        assertEquals("*", requires.getString("node_modules/jest-resolve"));
 
-        Assert.assertFalse(sanitized.containsKey("lockfileVersion"));
-        Assert.assertFalse(sanitized.containsKey("random"));
+        assertFalse(sanitized.containsKey("lockfileVersion"));
+        assertFalse(sanitized.containsKey("random"));
     }
 
 
     @Test
-    public void testSkippedDependencies() {
+    void testSkippedDependencies() {
         JsonObjectBuilder builder = Json.createObjectBuilder()
                 .add("name", "my app")
                 .add("version", "1.0.0")
@@ -110,47 +111,47 @@ public void testSkippedDependencies() {
         final MultiValuedMap<String, String> dependencyMap = new HashSetValuedHashMap<>();
         JsonObject sanitized = NpmPayloadBuilder.build(packageJson, dependencyMap, false);
 
-        Assert.assertTrue(sanitized.containsKey("name"));
-        Assert.assertTrue(sanitized.containsKey("version"));
-        Assert.assertTrue(sanitized.containsKey("dependencies"));
-        Assert.assertTrue(sanitized.containsKey("requires"));
+        assertTrue(sanitized.containsKey("name"));
+        assertTrue(sanitized.containsKey("version"));
+        assertTrue(sanitized.containsKey("dependencies"));
+        assertTrue(sanitized.containsKey("requires"));
 
         JsonObject requires = sanitized.getJsonObject("requires");
-        Assert.assertTrue(requires.containsKey("abbrev"));
-        Assert.assertEquals("^1.1.1", requires.getString("abbrev"));
+        assertTrue(requires.containsKey("abbrev"));
+        assertEquals("^1.1.1", requires.getString("abbrev"));
 
         //local and alias need to be skipped
-        Assert.assertFalse(requires.containsKey("react-dom"));
-        Assert.assertFalse(requires.containsKey("fake_submodule"));
+        assertFalse(requires.containsKey("react-dom"));
+        assertFalse(requires.containsKey("fake_submodule"));
 
-        Assert.assertFalse(sanitized.containsKey("lockfileVersion"));
-        Assert.assertFalse(sanitized.containsKey("random"));
+        assertFalse(sanitized.containsKey("lockfileVersion"));
+        assertFalse(sanitized.containsKey("random"));
     }
 
     @Test
-    public void testSanitizePackage() {
+    void testSanitizePackage() {
         InputStream in = BaseTest.getResourceAsStream(this, "nodeaudit/package-lock.json");
         final MultiValuedMap<String, String> dependencyMap = new HashSetValuedHashMap<>();
         try (JsonReader jsonReader = Json.createReader(in)) {
             JsonObject packageJson = jsonReader.readObject();
             JsonObject sanitized = NpmPayloadBuilder.build(packageJson, dependencyMap, false);
 
-            Assert.assertTrue(sanitized.containsKey("name"));
-            Assert.assertTrue(sanitized.containsKey("version"));
-            Assert.assertTrue(sanitized.containsKey("dependencies"));
-            Assert.assertTrue(sanitized.containsKey("requires"));
+            assertTrue(sanitized.containsKey("name"));
+            assertTrue(sanitized.containsKey("version"));
+            assertTrue(sanitized.containsKey("dependencies"));
+            assertTrue(sanitized.containsKey("requires"));
 
             JsonObject requires = sanitized.getJsonObject("requires");
-            Assert.assertTrue(requires.containsKey("bcrypt-nodejs"));
-            Assert.assertEquals("^0.0.3", requires.getString("bcrypt-nodejs"));
+            assertTrue(requires.containsKey("bcrypt-nodejs"));
+            assertEquals("^0.0.3", requires.getString("bcrypt-nodejs"));
 
-            Assert.assertFalse(sanitized.containsKey("lockfileVersion"));
-            Assert.assertFalse(sanitized.containsKey("random"));
+            assertFalse(sanitized.containsKey("lockfileVersion"));
+            assertFalse(sanitized.containsKey("random"));
         }
     }
 
     @Test
-    public void testPayloadWithLockAndPackage() {
+    void testPayloadWithLockAndPackage() {
         InputStream lock = BaseTest.getResourceAsStream(this, "nodeaudit/package-lock.json");
         InputStream json = BaseTest.getResourceAsStream(this, "nodeaudit/package.json");
         final MultiValuedMap<String, String> dependencyMap = new HashSetValuedHashMap<>();
@@ -159,26 +160,26 @@ public void testPayloadWithLockAndPackage() {
             JsonObject lockJson =    lockReader.readObject();
             JsonObject sanitized = NpmPayloadBuilder.build(lockJson, packageJson, dependencyMap, false);
 
-            Assert.assertTrue(sanitized.containsKey("name"));
-            Assert.assertTrue(sanitized.containsKey("version"));
-            Assert.assertTrue(sanitized.containsKey("dependencies"));
-            Assert.assertTrue(sanitized.containsKey("requires"));
+            assertTrue(sanitized.containsKey("name"));
+            assertTrue(sanitized.containsKey("version"));
+            assertTrue(sanitized.containsKey("dependencies"));
+            assertTrue(sanitized.containsKey("requires"));
 
             JsonObject requires = sanitized.getJsonObject("requires");
-            Assert.assertTrue(requires.containsKey("bcrypt-nodejs"));
-            Assert.assertEquals("0.0.3", requires.getString("bcrypt-nodejs"));
+            assertTrue(requires.containsKey("bcrypt-nodejs"));
+            assertEquals("0.0.3", requires.getString("bcrypt-nodejs"));
 
-            Assert.assertFalse(sanitized.containsKey("lockfileVersion"));
-            Assert.assertFalse(sanitized.containsKey("random"));
+            assertFalse(sanitized.containsKey("lockfileVersion"));
+            assertFalse(sanitized.containsKey("random"));
 
-            Assert.assertTrue(sanitized.containsKey("name"));
-            Assert.assertTrue(sanitized.containsKey("version"));
-            Assert.assertTrue(sanitized.containsKey("dependencies"));
-            Assert.assertTrue(sanitized.containsKey("requires"));
+            assertTrue(sanitized.containsKey("name"));
+            assertTrue(sanitized.containsKey("version"));
+            assertTrue(sanitized.containsKey("dependencies"));
+            assertTrue(sanitized.containsKey("requires"));
 
             //local and alias need to be skipped
-            Assert.assertFalse(requires.containsKey("react-dom"));
-            Assert.assertFalse(requires.containsKey("fake_submodule"));
+            assertFalse(requires.containsKey("react-dom"));
+            assertFalse(requires.containsKey("fake_submodule"));
         }
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nuget/XPathNuspecParserTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nuget/XPathNuspecParserTest.java
index ca3d2385cc1..01351bff062 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nuget/XPathNuspecParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nuget/XPathNuspecParserTest.java
@@ -17,19 +17,22 @@
  */
 package org.owasp.dependencycheck.data.nuget;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.ByteArrayOutputStream;
 import java.io.InputStream;
 import java.io.PrintStream;
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
  *
  * @author colezlaw
  *
  */
-public class XPathNuspecParserTest extends BaseTest {
+class XPathNuspecParserTest extends BaseTest {
 
     /**
      * Test all the valid components.
@@ -37,7 +40,7 @@ public class XPathNuspecParserTest extends BaseTest {
      * @throws Exception if anything goes sideways.
      */
     @Test
-    public void testGoodDocument() throws Exception {
+    void testGoodDocument() throws Exception {
         XPathNuspecParser parser = new XPathNuspecParser();
         //InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("log4net.2.0.3.nuspec");
         InputStream is = BaseTest.getResourceAsStream(this, "log4net.2.0.3.nuspec");
@@ -55,17 +58,15 @@ public void testGoodDocument() throws Exception {
      *
      * @throws Exception we expect this.
      */
-    @Test(expected = NuspecParseException.class)
-    public void testMissingDocument() throws Exception {
+    @Test
+    void testMissingDocument() {
         XPathNuspecParser parser = new XPathNuspecParser();
-        //InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("dependencycheck.properties");
         InputStream is = BaseTest.getResourceAsStream(this, "dependencycheck.properties");
-
-        //hide the fatal message from the core parser
         final ByteArrayOutputStream myOut = new ByteArrayOutputStream();
         System.setErr(new PrintStream(myOut));
+        assertThrows(NuspecParseException.class, () ->
 
-        parser.parse(is);
+            parser.parse(is));
     }
 
     /**
@@ -73,11 +74,11 @@ public void testMissingDocument() throws Exception {
      *
      * @throws Exception we expect this.
      */
-    @Test(expected = NuspecParseException.class)
-    public void testNotNuspec() throws Exception {
+    @Test
+    void testNotNuspec() {
         XPathNuspecParser parser = new XPathNuspecParser();
-        //InputStream is = XPathNuspecParserTest.class.getClassLoader().getResourceAsStream("suppressions.xml");
         InputStream is = BaseTest.getResourceAsStream(this, "suppressions.xml");
-        parser.parse(is);
+        assertThrows(NuspecParseException.class, () ->
+            parser.parse(is));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapperTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapperTest.java
index fa0e26a685a..4d2ce4615e4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapperTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/CveEcosystemMapperTest.java
@@ -19,28 +19,30 @@
 
 import io.github.jeremylong.openvulnerability.client.nvd.Config;
 import io.github.jeremylong.openvulnerability.client.nvd.CpeMatch;
-import java.util.ArrayList;
-import java.util.List;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.analyzer.JarAnalyzer;
-
-import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
 import io.github.jeremylong.openvulnerability.client.nvd.CveItem;
+import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
 import io.github.jeremylong.openvulnerability.client.nvd.LangString;
 import io.github.jeremylong.openvulnerability.client.nvd.Node;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.analyzer.JarAnalyzer;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CveEcosystemMapperTest {
+class CveEcosystemMapperTest {
 
     /**
      * Test of getEcosystem method, of class CveEcosystemMapper.
      */
     @Test
-    public void testGetEcosystem() {
+    void testGetEcosystem() {
         CveEcosystemMapper mapper = new CveEcosystemMapper();
         String value = "There is a vulnerability in some.java file";
         assertEquals(JarAnalyzer.DEPENDENCY_ECOSYSTEM, mapper.getEcosystem(asCve(value)));
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/DescriptionEcosystemMapperTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/DescriptionEcosystemMapperTest.java
index 4d7825e6312..6531d11c5af 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/DescriptionEcosystemMapperTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/DescriptionEcosystemMapperTest.java
@@ -1,8 +1,10 @@
 package org.owasp.dependencycheck.data.nvd.ecosystem;
 
 import io.github.jeremylong.openvulnerability.client.nvd.CveItem;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
+import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
+import io.github.jeremylong.openvulnerability.client.nvd.LangString;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.analyzer.JarAnalyzer;
 
 import java.io.BufferedReader;
 import java.io.File;
@@ -10,19 +12,16 @@
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.analyzer.JarAnalyzer;
-import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
-import io.github.jeremylong.openvulnerability.client.nvd.LangString;
-import java.time.LocalDate;
-import java.util.ArrayList;
-import java.util.List;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
-public class DescriptionEcosystemMapperTest {
+class DescriptionEcosystemMapperTest {
 
     private static final String POSTFIX = ".ecosystem.txt";
 
@@ -44,19 +43,19 @@ protected static Map<String, File> getEcosystemFiles() throws IOException {
     }
 
     @Test
-    public void testDescriptionEcosystemMapper() throws IOException {
+    void testDescriptionEcosystemMapper() throws IOException {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         Map<String, File> ecosystemFiles = getEcosystemFiles();
         for (Entry<String, File> entry : ecosystemFiles.entrySet()) {
             try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(entry.getValue()), StandardCharsets.UTF_8))) {
                 String description;
                 while ((description = bufferedReader.readLine()) != null) {
-                    if (description.length() > 0 && !description.startsWith("#")) {
+                    if (!description.isEmpty() && !description.startsWith("#")) {
                         String ecosystem = mapper.getEcosystem(asCve(description));
                         if (entry.getKey().equals("null")) {
-                            assertNull(description, ecosystem);
+                            assertNull(ecosystem, description);
                         } else {
-                            assertEquals(description, entry.getKey(), ecosystem);
+                            assertEquals(entry.getKey(), ecosystem, description);
                         }
                     }
                 }
@@ -65,42 +64,42 @@ public void testDescriptionEcosystemMapper() throws IOException {
     }
 
     @Test
-    public void testScoring() throws IOException {
+    void testScoring() {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         String value = "a.cpp b.java c.java";
         assertEquals(JarAnalyzer.DEPENDENCY_ECOSYSTEM, mapper.getEcosystem(asCve(value)));
     }
 
     @Test
-    public void testJspLinksDoNotCountScoring() throws IOException {
+    void testJspLinksDoNotCountScoring() {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         String value = "Read more at https://domain/help.jsp.";
         assertNull(mapper.getEcosystem(asCve(value)));
     }
 
     @Test
-    public void testSubsetFileExtensionsDoNotMatch() throws IOException {
+    void testSubsetFileExtensionsDoNotMatch() {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         String value = "Read more at index.html."; // i.e. does not match .h
         assertNull(mapper.getEcosystem(asCve(value)));
     }
 
     @Test
-    public void testSubsetKeywordsDoNotMatch() throws IOException {
+    void testSubsetKeywordsDoNotMatch() {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         String value = "Wonder if java senses the gc."; // i.e. does not match 'java se'
         assertNull(mapper.getEcosystem(asCve(value)));
     }
 
     @Test
-    public void testPhpLinksDoNotCountScoring() throws IOException {
+    void testPhpLinksDoNotCountScoring() {
         DescriptionEcosystemMapper mapper = new DescriptionEcosystemMapper();
         String value = "Read more at https://domain/help.php.";
         assertNull(mapper.getEcosystem(asCve(value)));
     }
 
     private DefCveItem asCve(String description) {
-        
+
         List<LangString> descriptions = new ArrayList<>();
         LangString desc = new LangString("en",description);
         descriptions.add(desc);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/UrlEcosystemMapperTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/UrlEcosystemMapperTest.java
index ebe4267470d..77e42e2d660 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/UrlEcosystemMapperTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvd/ecosystem/UrlEcosystemMapperTest.java
@@ -3,38 +3,39 @@
 import io.github.jeremylong.openvulnerability.client.nvd.CveItem;
 import io.github.jeremylong.openvulnerability.client.nvd.DefCveItem;
 import io.github.jeremylong.openvulnerability.client.nvd.Reference;
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.analyzer.PythonPackageAnalyzer;
+
 import java.util.ArrayList;
 import java.util.List;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.analyzer.PythonPackageAnalyzer;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
 
-public class UrlEcosystemMapperTest {
+class UrlEcosystemMapperTest {
 
     @Test
-    public void testUrlHostEcosystemMapper() {
-        
+    void testUrlHostEcosystemMapper() {
+
         UrlEcosystemMapper mapper = new UrlEcosystemMapper();
-        
+
         assertEquals(PythonPackageAnalyzer.DEPENDENCY_ECOSYSTEM, mapper.getEcosystem(asCve("https://python.org/path")));
     }
 
     private DefCveItem asCve(String url) {
-        
+
         List<Reference> references  = new ArrayList<>();
         Reference ref = new Reference(url, null, null);
         references.add(ref);
         CveItem cveItem = new CveItem(null, null, null, null, null, null, null, null, null, null, null, null, null, null, references, null, null, null, null);
         DefCveItem defCveItem = new DefCveItem(cveItem);
-        
+
         return defCveItem;
     }
 
     @Test
-    public void testGetEcosystemMustHandleNullCveReferences() {
+    void testGetEcosystemMustHandleNullCveReferences() {
         // Given
         UrlEcosystemMapper mapper = new UrlEcosystemMapper();
 
@@ -49,7 +50,7 @@ public void testGetEcosystemMustHandleNullCveReferences() {
     }
 
     @Test
-    public void testGetEcosystemMustHandleNullCve() {
+    void testGetEcosystemMustHandleNullCve() {
         // Given
         UrlEcosystemMapper mapper = new UrlEcosystemMapper();
 
@@ -63,7 +64,7 @@ public void testGetEcosystemMustHandleNullCve() {
     }
 
     @Test
-    public void testGetEcosystemMustHandleNullCveItem() {
+    void testGetEcosystemMustHandleNullCveItem() {
         // Given
         UrlEcosystemMapper mapper = new UrlEcosystemMapper();
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
index 70a321a21c2..376ddd217b0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBIT.java
@@ -17,37 +17,38 @@
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
-import java.sql.SQLException;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
+import org.owasp.dependencycheck.data.update.cpe.CpePlus;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.VulnerableSoftware;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import org.junit.After;
-import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Before;
-import org.owasp.dependencycheck.data.update.cpe.CpePlus;
 import org.owasp.dependencycheck.dependency.VulnerableSoftwareBuilder;
 import us.springett.parsers.cpe.Cpe;
 import us.springett.parsers.cpe.CpeBuilder;
 import us.springett.parsers.cpe.values.LogicalValue;
 import us.springett.parsers.cpe.values.Part;
 
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class CveDBIT extends BaseDBTestCase {
+class CveDBIT extends BaseDBTestCase {
 
     private CveDB instance = null;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -55,7 +56,7 @@ public void setUp() throws Exception {
         instance.open();
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         instance.close();
@@ -67,7 +68,7 @@ public void tearDown() throws Exception {
      * Test of getCPEs method, of class CveDB.
      */
     @Test
-    public void testGetCPEs() throws Exception {
+    void testGetCPEs() {
         String vendor = "apache";
         String product = "struts";
         Set<CpePlus> result = instance.getCPEs(vendor, product);
@@ -78,7 +79,7 @@ public void testGetCPEs() throws Exception {
      * Test of getVulnerability method, of class CveDB.
      */
     @Test
-    public void testgetVulnerability() throws Exception {
+    void testgetVulnerability() {
         Vulnerability result = instance.getVulnerability("CVE-2014-0094");
         assertTrue(result.getDescription().startsWith("The ParametersInterceptor in Apache Struts"));
     }
@@ -87,7 +88,7 @@ public void testgetVulnerability() throws Exception {
      * Test of getVulnerabilities method, of class CveDB.
      */
     @Test
-    public void testGetVulnerabilities() throws Exception {
+    void testGetVulnerabilities() throws Exception {
 
         CpeBuilder builder = new CpeBuilder();
         Cpe cpe = builder.part(Part.APPLICATION).vendor("apache").product("struts").version("2.1.2").build();
@@ -107,7 +108,7 @@ public void testGetVulnerabilities() throws Exception {
                 break;
             }
         }
-        assertTrue("Expected " + expected + ", but was not identified", found);
+        assertTrue(found, "Expected " + expected + ", but was not identified");
 
         found = false;
         expected = "CVE-2014-0096";
@@ -117,11 +118,11 @@ public void testGetVulnerabilities() throws Exception {
                 break;
             }
         }
-        assertTrue("Expected " + expected + ", but was not identified", found);
+        assertTrue(found, "Expected " + expected + ", but was not identified");
 
         cpe = builder.part(Part.APPLICATION).vendor("jenkins").product("mailer").version("1.13").build();
         results = instance.getVulnerabilities(cpe);
-        assertTrue(results.size() >= 1);
+        assertFalse(results.isEmpty());
 
         found = false;
         expected = "CVE-2017-2651";
@@ -131,11 +132,11 @@ public void testGetVulnerabilities() throws Exception {
                 break;
             }
         }
-        assertTrue("Expected " + expected + ", but was not identified", found);
+        assertTrue(found, "Expected " + expected + ", but was not identified");
 
         cpe = builder.part(Part.APPLICATION).vendor("fasterxml").product("jackson-databind").version("2.8.1").build();
         results = instance.getVulnerabilities(cpe);
-        assertTrue(results.size() >= 1);
+        assertFalse(results.isEmpty());
 
         found = false;
         expected = "CVE-2017-15095";
@@ -145,14 +146,14 @@ public void testGetVulnerabilities() throws Exception {
                 break;
             }
         }
-        assertTrue("Expected " + expected + ", but was not identified", found);
+        assertTrue(found, "Expected " + expected + ", but was not identified");
     }
 
     /**
      * Test of getMatchingSoftware method, of class CveDB.
      */
     @Test
-    public void testGetMatchingSoftware() throws Exception {
+    void testGetMatchingSoftware() throws Exception {
 
         VulnerableSoftwareBuilder vsBuilder = new VulnerableSoftwareBuilder();
         Set<VulnerableSoftware> software = new HashSet<>();
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
index e9f6bb111ae..89fb93f371e 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveDBMySqlIT.java
@@ -17,31 +17,30 @@
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
-import java.sql.SQLException;
-import java.util.List;
-import java.util.Set;
-import org.junit.After;
-
-import org.junit.Test;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.dependency.Vulnerability;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Before;
 import org.owasp.dependencycheck.data.update.cpe.CpePlus;
+import org.owasp.dependencycheck.dependency.Vulnerability;
 import us.springett.parsers.cpe.Cpe;
 import us.springett.parsers.cpe.CpeBuilder;
 import us.springett.parsers.cpe.values.Part;
 
+import java.util.List;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class CveDBMySqlIT extends BaseTest {
+class CveDBMySqlIT extends BaseTest {
 
     private CveDB instance = null;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -49,23 +48,23 @@ public void setUp() throws Exception {
         instance.open();
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         instance.close();
         super.tearDown();
-    }   
+    }
 
     /**
      * Test of getCPEs method, of class CveDB.
      */
     @Test
-    public void testGetCPEs() throws Exception {
+    void testGetCPEs() {
         try {
             String vendor = "apache";
             String product = "struts";
             Set<CpePlus> result = instance.getCPEs(vendor, product);
-            assertTrue("Has data been loaded into the MySQL DB? if not consider using the CLI to populate it", result.size() > 5);
+            assertTrue(result.size() > 5, "Has data been loaded into the MySQL DB? if not consider using the CLI to populate it");
         } catch (Exception ex) {
             System.out.println("Unable to access the My SQL database; verify that the db server is running and that the schema has been generated");
             throw ex;
@@ -76,7 +75,7 @@ public void testGetCPEs() throws Exception {
      * Test of getVulnerabilities method, of class CveDB.
      */
     @Test
-    public void testGetVulnerabilities() throws Exception {
+    void testGetVulnerabilities() throws Exception {
         CpeBuilder builder = new CpeBuilder();
         Cpe cpe = builder.part(Part.APPLICATION).vendor("apache").product("struts").version("2.1.2").build();
         try {
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperatorTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperatorTest.java
index f14c057f472..ceaf908d08c 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperatorTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/CveItemOperatorTest.java
@@ -28,25 +28,26 @@
 import io.github.jeremylong.openvulnerability.client.nvd.Reference;
 import io.github.jeremylong.openvulnerability.client.nvd.VendorComment;
 import io.github.jeremylong.openvulnerability.client.nvd.Weakness;
+import org.junit.jupiter.api.Test;
+
 import java.time.LocalDate;
 import java.time.ZonedDateTime;
 import java.util.ArrayList;
 import java.util.List;
-import org.junit.Test;
 
-import static org.junit.Assert.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author jeremy
  */
-public class CveItemOperatorTest {
+class CveItemOperatorTest {
 
     /**
      * Test of testCveCpeStartWithFilter method, of class CveItemOperator.
      */
     @Test
-    public void testTestCveCpeStartWithFilter() {
+    void testTestCveCpeStartWithFilter() {
 
         ZonedDateTime published = ZonedDateTime.now();
         ZonedDateTime lastModified = ZonedDateTime.now();
@@ -73,7 +74,7 @@ public void testTestCveCpeStartWithFilter() {
         nodes.add(first);
         nodes.add(second);
         nodes.add(third);
-        
+
         Config c = new Config(Config.Operator.AND, null, nodes);
         configurations.add(c);
         List<VendorComment> vendorComments = null;
@@ -91,7 +92,7 @@ public void testTestCveCpeStartWithFilter() {
     }
 
     @Test
-    public void testTestCveCpeStartWithFilterForConfigurationWithoutCpeMatches() {
+    void testTestCveCpeStartWithFilterForConfigurationWithoutCpeMatches() {
         ZonedDateTime published = ZonedDateTime.now();
         ZonedDateTime lastModified = ZonedDateTime.now();
         LocalDate cisaExploitAdd = null;
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabaseManagerTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabaseManagerTest.java
index 717375b48ac..42252b93ec7 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabaseManagerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabaseManagerTest.java
@@ -15,18 +15,19 @@
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
+
 import java.sql.Connection;
 import java.sql.SQLException;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseDBTestCase;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 /**
  *
  * @author jeremy long
  */
-public class DatabaseManagerTest extends BaseDBTestCase {
+class DatabaseManagerTest extends BaseDBTestCase {
 
     /**
      * Test of initialize method, of class DatabaseManager.
@@ -34,7 +35,7 @@ public class DatabaseManagerTest extends BaseDBTestCase {
      * @throws org.owasp.dependencycheck.data.nvdcve.DatabaseException
      */
     @Test
-    public void testInitialize() throws DatabaseException, SQLException {
+    void testInitialize() throws DatabaseException, SQLException {
         DatabaseManager factory = new DatabaseManager(getSettings());
         factory.open();
         try (Connection result = factory.getConnection()) {
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
index 324c090a342..3e2688e943d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DatabasePropertiesIT.java
@@ -17,24 +17,27 @@
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseDBTestCase;
+
 import java.util.Properties;
-import org.junit.After;
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import org.junit.Before;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DatabasePropertiesIT extends BaseDBTestCase {
+class DatabasePropertiesIT extends BaseDBTestCase {
 
     private CveDB cveDb = null;
 
-    @Before
+    @BeforeEach
     @Override
     public void setUp() throws Exception {
         super.setUp();
@@ -42,7 +45,7 @@ public void setUp() throws Exception {
         cveDb.open();
     }
 
-    @After
+    @AfterEach
     @Override
     public void tearDown() throws Exception {
         cveDb.close();
@@ -53,7 +56,7 @@ public void tearDown() throws Exception {
      * Test of isEmpty method, of class DatabaseProperties.
      */
     @Test
-    public void testIsEmpty() throws Exception {
+    void testIsEmpty() {
         DatabaseProperties prop = cveDb.getDatabaseProperties();
         assertNotNull(prop);
         //no exception means the call worked... whether or not it is empty depends on if the db is new
@@ -64,7 +67,7 @@ public void testIsEmpty() throws Exception {
      * Test of save method, of class DatabaseProperties.
      */
     @Test
-    public void testSave() throws Exception {
+    void testSave() {
         String key = "test";
         String value = "something";
         String expected = "something";
@@ -74,12 +77,12 @@ public void testSave() throws Exception {
         String results = instance.getProperty(key);
         assertEquals(expected, results);
     }
-    
+
     /**
      * Test of getProperty method, of class DatabaseProperties.
      */
     @Test
-    public void testGetProperty_String_String() throws Exception {
+    void testGetProperty_String_String() {
         String key = "doesn't exist";
         String defaultValue = "default";
         DatabaseProperties instance = cveDb.getDatabaseProperties();
@@ -92,13 +95,13 @@ public void testGetProperty_String_String() throws Exception {
      * Test of getProperty method, of class DatabaseProperties.
      */
     @Test
-    public void testGetProperty_String() throws DatabaseException {
+    void testGetProperty_String() throws DatabaseException {
         String key = "version";
         DatabaseProperties instance = cveDb.getDatabaseProperties();
         String result = instance.getProperty(key);
-        
+
         int major = Integer.parseInt(result.substring(0, result.indexOf('.')));
-       
+
         assertTrue(major >= 5);
     }
 
@@ -106,10 +109,10 @@ public void testGetProperty_String() throws DatabaseException {
      * Test of getProperties method, of class DatabaseProperties.
      */
     @Test
-    public void testGetProperties() throws DatabaseException {
+    void testGetProperties() throws DatabaseException {
         DatabaseProperties instance = cveDb.getDatabaseProperties();
         Properties result = instance.getProperties();
-        assertTrue(result.size() > 0);
+        assertFalse(result.isEmpty());
         cveDb.close();
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java
index 22979181df6..1d9aebcef07 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/nvdcve/DriverLoaderTest.java
@@ -17,23 +17,25 @@
  */
 package org.owasp.dependencycheck.data.nvdcve;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
 import java.sql.Driver;
 import java.sql.DriverManager;
 import java.sql.SQLException;
 
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DriverLoaderTest extends BaseTest {
+class DriverLoaderTest extends BaseTest {
 
     /**
      * Test of load method, of class DriverLoader.
@@ -42,13 +44,11 @@ public class DriverLoaderTest extends BaseTest {
      * the driver
      */
     @Test
-    public void testLoad_String() throws SQLException {
+    void testLoad_String() throws SQLException {
         String className = "org.h2.Driver";
         Driver d = null;
         try {
-            d = DriverLoader.load(className);
-        } catch (DriverLoadException ex) {
-            fail(ex.getMessage());
+            d = assertDoesNotThrow(() ->  DriverLoader.load(className));
         } finally {
             if (d != null) {
                 DriverManager.deregisterDriver(d);
@@ -60,23 +60,24 @@ public void testLoad_String() throws SQLException {
      * Test of load method, of class DriverLoader; expecting an exception due to
      * a bad driver class name.
      */
-    @Test(expected = DriverLoadException.class)
-    public void testLoad_String_ex() throws Exception {
+    @Test
+    void testLoad_String_ex() {
         final String className = "bad.Driver";
-        DriverLoader.load(className);
+        assertThrows(DriverLoadException.class, () ->
+            DriverLoader.load(className));
     }
 
     /**
      * Test of load method, of class DriverLoader.
      */
     @Test
-    public void testLoad_String_String() throws Exception {
+    void testLoad_String_String() throws Exception {
         String className = "com.mysql.jdbc.Driver";
         //we know this is in target/test-classes
         //File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
         File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
         File driver = new File(testClassPath, "../../src/test/resources/mysql-connector-java-5.1.27-bin.jar");
-        assertTrue("MySQL Driver JAR file not found in src/test/resources?", driver.isFile());
+        assertTrue(driver.isFile(), "MySQL Driver JAR file not found in src/test/resources?");
 
         Driver d = null;
         try {
@@ -94,7 +95,7 @@ public void testLoad_String_String() throws Exception {
      * Test of load method, of class DriverLoader.
      */
     @Test
-    public void testLoad_String_String_multiple_paths()  {
+    void testLoad_String_String_multiple_paths() {
         final String className = "com.mysql.jdbc.Driver";
         //we know this is in target/test-classes
         //final File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
@@ -105,9 +106,7 @@ public void testLoad_String_String_multiple_paths()  {
 
         Driver d = null;
         try {
-            d = DriverLoader.load(className, paths);
-        } catch (DriverLoadException ex) {
-            fail(ex.getMessage());
+            d = assertDoesNotThrow(() -> DriverLoader.load(className, paths));
         } finally {
             if (d != null) {
                 try {
@@ -122,28 +121,25 @@ public void testLoad_String_String_multiple_paths()  {
     /**
      * Test of load method, of class DriverLoader with an incorrect class name.
      */
-    @Test(expected = DriverLoadException.class)
-    public void testLoad_String_String_badClassName() throws Exception {
+    @Test
+    void testLoad_String_String_badClassName() {
         String className = "com.mybad.jdbc.Driver";
-        //we know this is in target/test-classes
-        //File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
         File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
         File driver = new File(testClassPath, "../../src/test/resources/mysql-connector-java-5.1.27-bin.jar");
-        assertTrue("MySQL Driver JAR file not found in src/test/resources?", driver.isFile());
-
-        DriverLoader.load(className, driver.getAbsolutePath());
+        assertTrue(driver.isFile(), "MySQL Driver JAR file not found in src/test/resources?");
+        assertThrows(DriverLoadException.class, () ->
+            DriverLoader.load(className, driver.getAbsolutePath()));
     }
 
     /**
      * Test of load method, of class DriverLoader with an incorrect class path.
      */
-    @Test(expected = DriverLoadException.class)
-    public void testLoad_String_String_badPath() throws Exception {
+    @Test
+    void testLoad_String_String_badPath() {
         String className = "com.mysql.jdbc.Driver";
-        //we know this is in target/test-classes
-        //File testClassPath = (new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath())).getParentFile();
         File testClassPath = BaseTest.getResourceAsFile(this, "org.mortbay.jetty.jar").getParentFile();
         File driver = new File(testClassPath, "../../src/test/bad/mysql-connector-java-5.1.27-bin.jar");
-        DriverLoader.load(className, driver.getAbsolutePath());
+        assertThrows(DriverLoadException.class, () ->
+            DriverLoader.load(className, driver.getAbsolutePath()));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/update/EngineVersionCheckTest.java b/core/src/test/java/org/owasp/dependencycheck/data/update/EngineVersionCheckTest.java
index 10be1c564cf..50eb04f49ff 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/update/EngineVersionCheckTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/update/EngineVersionCheckTest.java
@@ -15,32 +15,32 @@
  */
 package org.owasp.dependencycheck.data.update;
 
-import java.time.LocalDate;
-import java.time.ZoneId;
-import java.time.format.DateTimeFormatter;
-import java.time.temporal.TemporalAccessor;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.doAnswer;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Spy;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
 import org.owasp.dependencycheck.utils.DependencyVersion;
 
+import java.time.LocalDate;
+import java.time.ZoneId;
+import java.time.format.DateTimeFormatter;
+import java.time.temporal.TemporalAccessor;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doAnswer;
+
 /**
  * @author Jeremy Long
  */
-@RunWith(MockitoJUnitRunner.class)
-public class EngineVersionCheckTest extends BaseTest {
+@ExtendWith(MockitoExtension.class)
+class EngineVersionCheckTest extends BaseTest {
 
     @Mock
     private CveDB cveDb;
@@ -53,7 +53,7 @@ public class EngineVersionCheckTest extends BaseTest {
      * Test of shouldUpdate method, of class EngineVersionCheck.
      */
     @Test
-    public void testShouldUpdate() throws Exception {
+    void testShouldUpdate() throws Exception {
 
         doAnswer(invocation -> null).when(dbProperties).save(anyString(), anyString());
 
@@ -128,7 +128,7 @@ public void testShouldUpdate() throws Exception {
      * Test of getCurrentReleaseVersion method, of class EngineVersionCheck.
      */
     @Test
-    public void testGetCurrentReleaseVersion() {
+    void testGetCurrentReleaseVersion() {
         EngineVersionCheck instance = new EngineVersionCheck(getSettings());
         DependencyVersion minExpResult = new DependencyVersion("1.2.6");
         String release = instance.getCurrentReleaseVersion();
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/update/NvdApiDataSourceTest.java b/core/src/test/java/org/owasp/dependencycheck/data/update/NvdApiDataSourceTest.java
index 73efe5bb01e..ae73fac49df 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/update/NvdApiDataSourceTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/update/NvdApiDataSourceTest.java
@@ -17,28 +17,22 @@
  */
 package org.owasp.dependencycheck.data.update;
 
-import java.time.ZonedDateTime;
-import java.util.Map;
-import java.util.Properties;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.Engine;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
 /**
  *
  * @author Jeremy Long
  */
-public class NvdApiDataSourceTest {
+class NvdApiDataSourceTest {
 
     /**
      * Test of extractUrlData method, of class NvdApiDataSource.
      */
     @Test
-    public void testExtractUrlData() {
+    void testExtractUrlData() {
         String nvdDataFeedUrl = "https://internal.server/nist/nvdcve-{0}.json.gz";
         NvdApiDataSource instance = new NvdApiDataSource();
         String expectedUrl = "https://internal.server/nist/";
@@ -51,7 +45,7 @@ public void testExtractUrlData() {
 
         assertEquals(expectedUrl, result.getUrl());
         assertNull(result.getPattern());
-        
+
         nvdDataFeedUrl = "https://internal.server/nist";
         expectedUrl = "https://internal.server/nist/";
         result = instance.extractUrlData(nvdDataFeedUrl);
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/update/cisa/KnownExploitedVulnerabilityParserTest.java b/core/src/test/java/org/owasp/dependencycheck/data/update/cisa/KnownExploitedVulnerabilityParserTest.java
index e69658be19e..41ea0fda7f8 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/update/cisa/KnownExploitedVulnerabilityParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/update/cisa/KnownExploitedVulnerabilityParserTest.java
@@ -17,24 +17,26 @@
  */
 package org.owasp.dependencycheck.data.update.cisa;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.data.knownexploited.json.KnownExploitedVulnerabilitiesSchema;
+
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.InputStream;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.data.knownexploited.json.KnownExploitedVulnerabilitiesSchema;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author jeremy
  */
-public class KnownExploitedVulnerabilityParserTest {
+class KnownExploitedVulnerabilityParserTest {
 
     /**
      * Test of parse method, of class KnownExploitedVulnerabilityParser.
      */
     @Test
-    public void testParse() throws Exception {
+    void testParse() throws Exception {
         File file = new File("./src/test/resources/update/cisa/known_exploited_vulnerabilities.json");
         try (InputStream in = new FileInputStream(file)) {
             KnownExploitedVulnerabilityParser instance = new KnownExploitedVulnerabilityParser();
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/update/cpe/CpeEcosystemCacheTest.java b/core/src/test/java/org/owasp/dependencycheck/data/update/cpe/CpeEcosystemCacheTest.java
index 9285c216e24..982f4388792 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/update/cpe/CpeEcosystemCacheTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/update/cpe/CpeEcosystemCacheTest.java
@@ -17,27 +17,28 @@
  */
 package org.owasp.dependencycheck.data.update.cpe;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.utils.Pair;
+
 import java.util.HashMap;
 import java.util.Map;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.utils.Pair;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CpeEcosystemCacheTest {
+class CpeEcosystemCacheTest {
 
     /**
      * Test of getEcosystem method, of class CpeEcosystemCache.
      */
     @Test
-    public void testGetEcosystem() {
+    void testGetEcosystem() {
         Pair<String, String> key = new Pair<>("apache", "zookeeper");
         Map<Pair<String, String>, String> map = new HashMap<>();
         map.put(key, "java");
@@ -46,28 +47,28 @@ public void testGetEcosystem() {
         String expected = "java";
         String result = CpeEcosystemCache.getEcosystem("apache", "zookeeper", null);
         assertEquals(expected, result);
-        
+
         //changes to MULTIPLE = which is returned as null
         result = CpeEcosystemCache.getEcosystem("apache", "zookeeper", "c++");
         assertNull(result);
-        
+
         result = CpeEcosystemCache.getEcosystem("pivotal", "spring-framework", null);
         assertNull(result);
-        
+
         expected = "java";
         result = CpeEcosystemCache.getEcosystem("pivotal", "spring-framework", "java");
         assertEquals(expected, result);
-        
+
         expected = "java";
         result = CpeEcosystemCache.getEcosystem("pivotal", "spring-framework", "java");
         assertEquals(expected, result);
-        
+
         result = CpeEcosystemCache.getEcosystem("microsoft", "word", null );
         assertNull(result);
-        
+
         result = CpeEcosystemCache.getEcosystem("microsoft", "word", null );
         assertNull(result);
-        
+
         result = CpeEcosystemCache.getEcosystem("microsoft", "word", "" );
         assertNull(result);
     }
@@ -76,7 +77,7 @@ public void testGetEcosystem() {
      * Test of setCache method, of class CpeEcosystemCache.
      */
     @Test
-    public void testSetCache() {
+    void testSetCache() {
         Map<Pair<String, String>, String> map = new HashMap<>();
         CpeEcosystemCache.setCache(map);
         assertTrue(CpeEcosystemCache.isEmpty());
@@ -93,7 +94,7 @@ public void testSetCache() {
      * Test of getChanged method, of class CpeEcosystemCache.
      */
     @Test
-    public void testGetChanged() {
+    void testGetChanged() {
         Pair<String, String> key = new Pair<>("apache", "zookeeper");
         Map<Pair<String, String>, String> map = new HashMap<>();
         map.put(key, "java");
@@ -120,7 +121,7 @@ public void testGetChanged() {
      * Test of isEmpty method, of class CpeEcosystemCache.
      */
     @Test
-    public void testIsEmpty() {
+    void testIsEmpty() {
         Map<Pair<String, String>, String> map = new HashMap<>();
         CpeEcosystemCache.setCache(map);
         boolean expResult = true;
diff --git a/core/src/test/java/org/owasp/dependencycheck/data/update/nvd/api/NvdApiProcessorTest.java b/core/src/test/java/org/owasp/dependencycheck/data/update/nvd/api/NvdApiProcessorTest.java
index 60e474ad683..23f13135981 100644
--- a/core/src/test/java/org/owasp/dependencycheck/data/update/nvd/api/NvdApiProcessorTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/data/update/nvd/api/NvdApiProcessorTest.java
@@ -16,26 +16,25 @@
 package org.owasp.dependencycheck.data.update.nvd.api;
 
 import com.fasterxml.jackson.core.JsonParseException;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.nvdcve.CveDB;
-import org.owasp.dependencycheck.utils.Settings;
 
 import java.io.File;
 import java.io.FileWriter;
 import java.io.IOException;
 import java.nio.file.NoSuchFileException;
 
-import static org.junit.Assert.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
  *
  * @author Jeremy Long
  */
-public class NvdApiProcessorTest extends BaseTest {
+class NvdApiProcessorTest extends BaseTest {
 
     @Test
-    public void doesNotExistFile() throws Exception {
+    void doesNotExistFile() {
         try (CveDB cve = new CveDB(getSettings())) {
             File file = new File("does_not_exist");
             NvdApiProcessor processor = new NvdApiProcessor(null, file);
@@ -44,7 +43,7 @@ public void doesNotExistFile() throws Exception {
     }
 
     @Test
-    public void unspecifiedFileName() throws Exception {
+    void unspecifiedFileName() throws Exception {
         try (CveDB cve = new CveDB(getSettings())) {
             File file = File.createTempFile("test", "test");
             writeFileString(file, "");
@@ -54,7 +53,7 @@ public void unspecifiedFileName() throws Exception {
     }
 
     @Test
-    public void invalidFileContent() throws Exception {
+    void invalidFileContent() throws Exception {
         try (CveDB cve = new CveDB(getSettings())) {
             File file = File.createTempFile("test", "test.json");
             // invalid content (broken array)
@@ -65,7 +64,7 @@ public void invalidFileContent() throws Exception {
     }
 
     @Test
-    public void processValidStructure() throws Exception {
+    void processValidStructure() throws Exception {
         try (CveDB cve = new CveDB(getSettings())) {
             File file = File.createTempFile("test", "test.json");
             writeFileString(file, "[]");
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/CweSetTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/CweSetTest.java
index 81bb9fee6b4..943190af0c0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/dependency/CweSetTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/CweSetTest.java
@@ -17,24 +17,28 @@
  */
 package org.owasp.dependencycheck.dependency;
 
+import org.junit.jupiter.api.Test;
+
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author jeremy
  */
-public class CweSetTest {
+class CweSetTest {
 
     /**
      * Test of getEntries method, of class CweSet.
      */
     @Test
-    public void testGetEntries() {
+    void testGetEntries() {
         CweSet instance = new CweSet();
         Set<String> result = instance.getEntries();
         assertTrue(result.isEmpty());
@@ -44,7 +48,7 @@ public void testGetEntries() {
      * Test of addCwe method, of class CweSet.
      */
     @Test
-    public void testAddCwe() {
+    void testAddCwe() {
         System.out.println("addCwe");
         String cwe = "CWE-89";
         CweSet instance = new CweSet();
@@ -56,7 +60,7 @@ public void testAddCwe() {
      * Test of toString method, of class CweSet.
      */
     @Test
-    public void testToString() {
+    void testToString() {
         CweSet instance = new CweSet();
         instance.addCwe("CWE-79");
         String expResult = "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')";
@@ -68,7 +72,7 @@ public void testToString() {
      * Test of stream method, of class CweSet.
      */
     @Test
-    public void testStream() {
+    void testStream() {
         CweSet instance = new CweSet();
         instance.addCwe("79");
         String expResult = "79";
@@ -80,7 +84,7 @@ public void testStream() {
      * Test of getFullCwes method, of class CweSet.
      */
     @Test
-    public void testGetFullCwes() {
+    void testGetFullCwes() {
         CweSet instance = new CweSet();
         instance.addCwe("CWE-89");
         instance.addCwe("CWE-79");
@@ -89,8 +93,8 @@ public void testGetFullCwes() {
         expResult.put("CWE-89", "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')");
         Map<String, String> result = instance.getFullCwes();
         for (Map.Entry<String,String> entry : expResult.entrySet()) {
-            assertTrue(result.get(entry.getKey()).equals(entry.getValue()));
+            assertEquals(result.get(entry.getKey()), entry.getValue());
         }
     }
-    
+
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java
index 612b408e718..fdb21b378b8 100644
--- a/core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/DependencyTest.java
@@ -17,35 +17,35 @@
  */
 package org.owasp.dependencycheck.dependency;
 
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
-
-import java.io.File;
-import java.util.HashSet;
-import java.util.Set;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
 import org.owasp.dependencycheck.dependency.naming.CpeIdentifier;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 import us.springett.parsers.cpe.Cpe;
 import us.springett.parsers.cpe.CpeBuilder;
 import us.springett.parsers.cpe.values.Part;
 
+import java.io.File;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  * @author Jeremy Long
  */
-public class DependencyTest extends BaseTest {
+class DependencyTest extends BaseTest {
 
     /**
      * Test of getFileName method, of class Dependency.
      */
     @Test
-    public void testGetFileName() {
+    void testGetFileName() {
         Dependency instance = new Dependency();
         String expResult = "filename";
         instance.setFileName(expResult);
@@ -57,7 +57,7 @@ public void testGetFileName() {
      * Test of setFileName method, of class Dependency.
      */
     @Test
-    public void testSetFileName() {
+    void testSetFileName() {
         String fileName = "file.tar";
         Dependency instance = new Dependency();
         instance.setFileName(fileName);
@@ -68,7 +68,7 @@ public void testSetFileName() {
      * Test of setActualFilePath method, of class Dependency.
      */
     @Test
-    public void testSetActualFilePath() {
+    void testSetActualFilePath() {
         String expectedPath = "file.tar";
         String actualPath = "file.tar";
         Dependency instance = new Dependency();
@@ -81,7 +81,7 @@ public void testSetActualFilePath() {
      * Test of getActualFilePath method, of class Dependency.
      */
     @Test
-    public void testGetActualFilePath() {
+    void testGetActualFilePath() {
         Dependency instance = new Dependency();
         String expResult = "file.tar";
         instance.setSha1sum("non-null value");
@@ -94,7 +94,7 @@ public void testGetActualFilePath() {
      * Test of setFilePath method, of class Dependency.
      */
     @Test
-    public void testSetFilePath() {
+    void testSetFilePath() {
         String filePath = "file.tar";
         Dependency instance = new Dependency();
         instance.setFilePath(filePath);
@@ -105,7 +105,7 @@ public void testSetFilePath() {
      * Test of getFilePath method, of class Dependency.
      */
     @Test
-    public void testGetFilePath() {
+    void testGetFilePath() {
         Dependency instance = new Dependency();
         String expResult = "file.tar";
         instance.setFilePath(expResult);
@@ -117,7 +117,7 @@ public void testGetFilePath() {
      * Test of getMd5sum method, of class Dependency.
      */
     @Test
-    public void testGetMd5sum() {
+    void testGetMd5sum() {
         //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
 
@@ -133,7 +133,7 @@ public void testGetMd5sum() {
      * Test of setMd5sum method, of class Dependency.
      */
     @Test
-    public void testSetMd5sum() {
+    void testSetMd5sum() {
         String md5sum = "test";
         Dependency instance = new Dependency();
         instance.setMd5sum(md5sum);
@@ -144,7 +144,7 @@ public void testSetMd5sum() {
      * Test of getSha1sum method, of class Dependency.
      */
     @Test
-    public void testGetSha1sum() {
+    void testGetSha1sum() {
         //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency instance = new Dependency(file);
@@ -158,7 +158,7 @@ public void testGetSha1sum() {
      * Test of getSha256sum method, of class Dependency.
      */
     @Test
-    public void testGetSha256sum() {
+    void testGetSha256sum() {
         File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency instance = new Dependency(file);
         String expResult = "5c1847a10800027254fcd0073385cceb46b1dacee061f3cd465e314bec592e81";
@@ -170,7 +170,7 @@ public void testGetSha256sum() {
      * Test of setSha1sum method, of class Dependency.
      */
     @Test
-    public void testSetSha1sum() {
+    void testSetSha1sum() {
         String sha1sum = "test";
         Dependency instance = new Dependency();
         instance.setSha1sum(sha1sum);
@@ -181,7 +181,7 @@ public void testSetSha1sum() {
      * Test of setSha256sum method, of class Dependency.
      */
     @Test
-    public void testSetSha256sum() {
+    void testSetSha256sum() {
         String sha256sum = "test";
         Dependency instance = new Dependency();
         instance.setSha256sum(sha256sum);
@@ -192,7 +192,7 @@ public void testSetSha256sum() {
      * Test of getSoftwareIdentifiers method, of class Dependency.
      */
     @Test
-    public void testGetSoftwareIdentifiers() {
+    void testGetSoftwareIdentifiers() {
         Dependency instance = new Dependency();
         Set<Identifier> result = instance.getSoftwareIdentifiers();
 
@@ -203,7 +203,7 @@ public void testGetSoftwareIdentifiers() {
      * Test of addSoftwareIdentifiers method, of class Dependency.
      */
     @Test
-    public void testAddSoftwareIdentifiers() {
+    void testAddSoftwareIdentifiers() {
         Set<Identifier> identifiers = new HashSet<>();
         Dependency instance = new Dependency();
         instance.addSoftwareIdentifiers(identifiers);
@@ -214,7 +214,7 @@ public void testAddSoftwareIdentifiers() {
      * Test of addVulnerableSoftwareIdentifier method, of class Dependency.
      */
     @Test
-    public void testAddVulnerableSoftwareIdentifier() throws Exception {
+    void testAddVulnerableSoftwareIdentifier() throws Exception {
         CpeBuilder builder = new CpeBuilder();
         Cpe cpe = builder.part(Part.APPLICATION).vendor("apache").product("struts").version("2.1.2").build();
         CpeIdentifier id = new CpeIdentifier(cpe, Confidence.HIGHEST);
@@ -225,14 +225,14 @@ public void testAddVulnerableSoftwareIdentifier() throws Exception {
         Dependency instance = new Dependency();
         instance.addVulnerableSoftwareIdentifier(id);
         assertEquals(1, instance.getVulnerableSoftwareIdentifiers().size());
-        assertTrue("Identifier doesn't contain expected result.", instance.getVulnerableSoftwareIdentifiers().contains(expResult));
+        assertTrue(instance.getVulnerableSoftwareIdentifiers().contains(expResult), "Identifier doesn't contain expected result.");
     }
 
     /**
      * Test of getEvidence method, of class Dependency.
      */
     @Test
-    public void testGetEvidence() {
+    void testGetEvidence() {
         Dependency instance = new Dependency();
         Set<Evidence> result = instance.getEvidence(EvidenceType.VENDOR);
         assertNotNull(result);
@@ -246,7 +246,7 @@ public void testGetEvidence() {
      * Test of addAsEvidence method, of class Dependency.
      */
     @Test
-    public void testAddAsEvidence() {
+    void testAddAsEvidence() {
         Dependency instance = new Dependency();
         MavenArtifact mavenArtifact = new MavenArtifact("group", "artifact", "version", "url");
         instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
@@ -259,12 +259,12 @@ public void testAddAsEvidence() {
      * Test of addAsEvidence method, of class Dependency.
      */
     @Test
-    public void testAddAsEvidenceWithEmptyArtifact() {
+    void testAddAsEvidenceWithEmptyArtifact() {
         Dependency instance = new Dependency();
         MavenArtifact mavenArtifact = new MavenArtifact(null, null, null, null);
         instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
         assertFalse(instance.getEvidence(EvidenceType.VENDOR).stream().anyMatch(e -> e.getConfidence() == Confidence.HIGH));
-        assertTrue(instance.size() == 0);
+        assertEquals(0, instance.size());
         assertTrue(instance.getSoftwareIdentifiers().isEmpty());
     }
 
@@ -272,12 +272,12 @@ public void testAddAsEvidenceWithEmptyArtifact() {
      * Test of addAsEvidence method, of class Dependency.
      */
     @Test
-    public void testAddAsEvidenceWithExisting() {
+    void testAddAsEvidenceWithExisting() {
         Dependency instance = new Dependency();
         MavenArtifact mavenArtifact = new MavenArtifact("group", "artifact", "version", null);
         instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
         assertTrue(instance.getEvidence(EvidenceType.VENDOR).stream().anyMatch(e -> e.getConfidence() == Confidence.HIGH));
-        assertTrue(instance.size() == 4);
+        assertEquals(4, instance.size());
         assertFalse(instance.getSoftwareIdentifiers().isEmpty());
 
         instance.getSoftwareIdentifiers().forEach((i) -> assertNull(i.getUrl()));
@@ -285,7 +285,7 @@ public void testAddAsEvidenceWithExisting() {
         mavenArtifact = new MavenArtifact("group", "artifact", "version", "url");
         instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH);
         assertTrue(instance.getEvidence(EvidenceType.VENDOR).stream().anyMatch(e -> e.getConfidence() == Confidence.HIGH));
-        assertTrue(instance.size() == 4);
+        assertEquals(4, instance.size());
         assertFalse(instance.getSoftwareIdentifiers().isEmpty());
 
         instance.getSoftwareIdentifiers().forEach((i) -> assertNotNull(i.getUrl()));
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/EvidenceTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/EvidenceTest.java
index c3526918d16..dffa447fd9c 100644
--- a/core/src/test/java/org/owasp/dependencycheck/dependency/EvidenceTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/EvidenceTest.java
@@ -17,25 +17,27 @@
  */
 package org.owasp.dependencycheck.dependency;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
-import org.junit.Test;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class EvidenceTest extends BaseTest {
+class EvidenceTest extends BaseTest {
 
     /**
      * Test of equals method, of class Evidence.
      */
     @Test
-    public void testEquals() {
+    void testEquals() {
         Evidence that0 = new Evidence("file", "name", "guice-3.0", Confidence.HIGHEST);
         Evidence that1 = new Evidence("jar", "package name", "dependency", Confidence.HIGHEST);
         Evidence that2 = new Evidence("jar", "package name", "google", Confidence.HIGHEST);
@@ -47,19 +49,19 @@ public void testEquals() {
         Evidence that8 = new Evidence("Manifest", "Implementation-Title", "Spring Framework", Confidence.HIGH);
 
         Evidence instance = new Evidence("Manifest", "Implementation-Title", "Spring Framework", Confidence.HIGH);
-        assertFalse(instance.equals(that0));
-        assertFalse(instance.equals(that1));
-        assertFalse(instance.equals(that2));
-        assertFalse(instance.equals(that3));
-        assertFalse(instance.equals(that4));
-        assertFalse(instance.equals(that5));
-        assertFalse(instance.equals(that6));
-        assertFalse(instance.equals(that7));
-        assertTrue(instance.equals(that8));
+        assertNotEquals(instance, that0);
+        assertNotEquals(instance, that1);
+        assertNotEquals(instance, that2);
+        assertNotEquals(instance, that3);
+        assertNotEquals(instance, that4);
+        assertNotEquals(instance, that5);
+        assertNotEquals(instance, that6);
+        assertNotEquals(instance, that7);
+        assertEquals(instance, that8);
     }
 
     @Test
-    public void testHashcodeContract() throws Exception {
+    void testHashcodeContract() {
         final Evidence titleCase = new Evidence("Manifest", "Implementation-Title", "Spring Framework", Confidence.HIGH);
         final Evidence lowerCase = new Evidence("manifest", "implementation-title", "spring framework", Confidence.HIGH);
         assertThat(titleCase, is(equalTo(lowerCase)));
@@ -70,7 +72,7 @@ public void testHashcodeContract() throws Exception {
      * Test of compareTo method, of class Evidence.
      */
     @Test
-    public void testCompareTo() {
+    void testCompareTo() {
         Evidence that0 = new Evidence("file", "name", "guice-3.0", Confidence.HIGHEST);
         Evidence that1 = new Evidence("jar", "package name", "dependency", Confidence.HIGHEST);
         Evidence that2 = new Evidence("jar", "package name", "google", Confidence.HIGHEST);
@@ -110,7 +112,7 @@ public void testCompareTo() {
         assertTrue(result > 0);
 
         result = instance.compareTo(that8);
-        assertTrue(result == 0);
+        assertEquals(0, result);
 
         result = instance.compareTo(that9);
         assertTrue(result < 0);
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerabilityTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerabilityTest.java
index 0408717eac1..fb732db15a4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerabilityTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerabilityTest.java
@@ -22,11 +22,7 @@
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import us.springett.parsers.cpe.exceptions.CpeValidationException;
 
@@ -35,17 +31,21 @@
 import java.util.List;
 import java.util.TreeSet;
 
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  * @author Jens Hausherr, Hans Aikema
  */
-public class VulnerabilityTest extends BaseTest {
+class VulnerabilityTest extends BaseTest {
 
     /**
      * Test of addVulnerableSoftware method, of class VulnerableSoftware.
      * @throws CpeValidationException
      */
     @Test
-    public void testDuplicateVersions() throws CpeValidationException {
+    void testDuplicateVersions() throws CpeValidationException {
         Vulnerability obj = new Vulnerability();
         VulnerableSoftwareBuilder builder = new VulnerableSoftwareBuilder();
         obj.addVulnerableSoftware(builder.vendor("owasp").product("dependency-check").version("3.0.0").build());
@@ -59,7 +59,7 @@ public void testDuplicateVersions() throws CpeValidationException {
      * Test of compareTo
      */
     @Test
-    public void compareTo_proper_sorting() {
+    void compareTo_proper_sorting() {
         // vulnerabilities take a name in reverse alphabetical order of expected sorting sequence
         // this way we ensure that the validated sorting was indeed due to the decreasing order of
         // severity and not by coincidence due to equal severity + alphabetical order on name.
@@ -112,28 +112,28 @@ public void compareTo_proper_sorting() {
         unscoredMedium.setUnscoredSeverity("meDiUm");
 
 
-        assertTrue("V2 HIGH 9.9 to V2 HIGH 9.0, 9.9 should be most severe", cvssV2Only99.compareTo(cvssV2Only90) < 0);
-        assertTrue("V2 HIGH 9.9 to V3 CRIT 9.0 should make V3 9.0 should be most severe to retain the CRITICAL rating",
-                   cvssV3Only90.compareTo(cvssV2Only99) < 0);
-        assertTrue("V3 CRIT 9.9 to V3 CRIT 9.0, 9.9 should be most severe", cvssV3OnlyCritHigh.compareTo(cvssV3Only90) < 0);
-        assertTrue("V3 CRIT 9.0 to V3 HIGH 8.0 V2 HIGH 9.9, V3 9.0 should be most severe",
-                   cvssV3Only90.compareTo(cvssV3_80v2_99) < 0);
-        assertTrue("CVSS v3 CRITICAL should be smaller (more severe) than unscored critical",
-                   cvssV3Only90.compareTo(unscoredCritical) < 0);
-        assertTrue("unscored critical should be smaller (more severe) than CVSS v2 HIGH 10.0 should be larger (less severe)",
-                   unscoredCritical.compareTo(cvssV2Only10_0) < 0);
-        assertTrue("CVSS v3 CRITICAL should be smaller (more severe) than unscored assumed critical",
-                   cvssV3Only90.compareTo(unscoredAssumedCritical) < 0);
-        assertTrue("Unscored CRITICAL should be smaller (more severe) than unscored assumed critical",
-                   unscoredCritical.compareTo(unscoredAssumedCritical) < 0);
-        assertTrue("unscored assumed critical should be smaller (more severe) than CVSS v2 HIGH 10.0",
-                   unscoredAssumedCritical.compareTo(cvssV2Only10_0) < 0);
-        assertTrue("unscored assumed critical should be smaller (more severe) CVSS v2 9.9 v3 8.0 (HIGH)",
-                   unscoredAssumedCritical.compareTo(cvssV3_80v2_99) < 0);
-        assertTrue("CVSS v3 score should be considered over V2 score; alphabetical sort determines final sequence",
-                   cvssV3_89v2_90.compareTo(cvssV3_89v2_99) < 0);
-        assertTrue("CVSS v3 medium top-range score should be smaller (more severe) than unscored medium",
-                   v3Medium69.compareTo(unscoredMedium) < 0);
+        assertTrue(cvssV2Only99.compareTo(cvssV2Only90) < 0, "V2 HIGH 9.9 to V2 HIGH 9.0, 9.9 should be most severe");
+        assertTrue(cvssV3Only90.compareTo(cvssV2Only99) < 0,
+                   "V2 HIGH 9.9 to V3 CRIT 9.0 should make V3 9.0 should be most severe to retain the CRITICAL rating");
+        assertTrue(cvssV3OnlyCritHigh.compareTo(cvssV3Only90) < 0, "V3 CRIT 9.9 to V3 CRIT 9.0, 9.9 should be most severe");
+        assertTrue(cvssV3Only90.compareTo(cvssV3_80v2_99) < 0,
+                   "V3 CRIT 9.0 to V3 HIGH 8.0 V2 HIGH 9.9, V3 9.0 should be most severe");
+        assertTrue(cvssV3Only90.compareTo(unscoredCritical) < 0,
+                   "CVSS v3 CRITICAL should be smaller (more severe) than unscored critical");
+        assertTrue(unscoredCritical.compareTo(cvssV2Only10_0) < 0,
+                   "unscored critical should be smaller (more severe) than CVSS v2 HIGH 10.0 should be larger (less severe)");
+        assertTrue(cvssV3Only90.compareTo(unscoredAssumedCritical) < 0,
+                   "CVSS v3 CRITICAL should be smaller (more severe) than unscored assumed critical");
+        assertTrue(unscoredCritical.compareTo(unscoredAssumedCritical) < 0,
+                   "Unscored CRITICAL should be smaller (more severe) than unscored assumed critical");
+        assertTrue(unscoredAssumedCritical.compareTo(cvssV2Only10_0) < 0,
+                   "unscored assumed critical should be smaller (more severe) than CVSS v2 HIGH 10.0");
+        assertTrue(unscoredAssumedCritical.compareTo(cvssV3_80v2_99) < 0,
+                   "unscored assumed critical should be smaller (more severe) CVSS v2 9.9 v3 8.0 (HIGH)");
+        assertTrue(cvssV3_89v2_90.compareTo(cvssV3_89v2_99) < 0,
+                   "CVSS v3 score should be considered over V2 score; alphabetical sort determines final sequence");
+        assertTrue(v3Medium69.compareTo(unscoredMedium) < 0,
+                   "CVSS v3 medium top-range score should be smaller (more severe) than unscored medium");
 
         List<Vulnerability> vulns = Arrays.asList(cvssV2Only99, cvssV2Only90, cvssV3Only90, cvssV3OnlyCritHigh, cvssV3_80v2_99,
                                                   cvssV2Only10_0, cvssV3_89v2_90,
@@ -142,9 +142,9 @@ public void compareTo_proper_sorting() {
         List<String> expectedStartLetters = Arrays.asList("Z", "Y", "X", "W", "V", "U", "T", "SA", "SB", "R", "Q", "P", "O");
 
         for (int i = 0; i < vulns.size(); i++) {
-            assertTrue("Expected start:" + expectedStartLetters.get(i) + " encountered start: " + vulns.get(i).getName()
-                                                                                                       .substring(0, 2),
-                       vulns.get(i).getName().startsWith(expectedStartLetters.get(i)));
+            assertTrue(vulns.get(i).getName().startsWith(expectedStartLetters.get(i)),
+                       "Expected start:" + expectedStartLetters.get(i) + " encountered start: " + vulns.get(i).getName()
+                                                                                                       .substring(0, 2));
         }
         testSortStabilityForPermutations(vulns);
     }
@@ -154,10 +154,10 @@ private CvssV3 createCvssV3(double score, String severity) {
                 CvssV3Data.AttackComplexityType.HIGH, CvssV3Data.PrivilegesRequiredType.HIGH,
                 CvssV3Data.UserInteractionType.NONE, CvssV3Data.ScopeType.CHANGED,
                 CvssV3Data.CiaType.NONE, CvssV3Data.CiaType.NONE, CvssV3Data.CiaType.LOW,
-                
-                score, CvssV3Data.SeverityType.valueOf(severity), 
-                
-                CvssV3Data.ExploitCodeMaturityType.PROOF_OF_CONCEPT, CvssV3Data.RemediationLevelType.NOT_DEFINED, 
+
+                score, CvssV3Data.SeverityType.valueOf(severity),
+
+                CvssV3Data.ExploitCodeMaturityType.PROOF_OF_CONCEPT, CvssV3Data.RemediationLevelType.NOT_DEFINED,
                 CvssV3Data.ConfidenceType.REASONABLE, Double.MAX_VALUE, CvssV3Data.SeverityType.MEDIUM,
                 CvssV3Data.CiaRequirementType.NOT_DEFINED, CvssV3Data.CiaRequirementType.NOT_DEFINED,
                 CvssV3Data.CiaRequirementType.NOT_DEFINED, CvssV3Data.ModifiedAttackVectorType.ADJACENT_NETWORK,
@@ -169,22 +169,22 @@ private CvssV3 createCvssV3(double score, String severity) {
         return cvssV3;
     }
 
-    
+
     private CvssV2 createCvssV2(double score, String severity) {
         CvssV2Data v2Data = new CvssV2Data(CvssV2Data.Version._2_0, severity, CvssV2Data.AccessVectorType.NETWORK,
-                CvssV2Data.AccessComplexityType.MEDIUM, CvssV2Data.AuthenticationType.MULTIPLE, 
-                CvssV2Data.CiaType.PARTIAL, CvssV2Data.CiaType.PARTIAL, CvssV2Data.CiaType.PARTIAL, 
-                
-                score, severity, 
-                
-                CvssV2Data.ExploitabilityType.UNPROVEN, CvssV2Data.RemediationLevelType.NOT_DEFINED, 
-                CvssV2Data.ReportConfidenceType.UNCONFIRMED, 0.0, CvssV2Data.CollateralDamagePotentialType.NOT_DEFINED, 
-                CvssV2Data.TargetDistributionType.MEDIUM, CvssV2Data.CiaRequirementType.NOT_DEFINED, 
+                CvssV2Data.AccessComplexityType.MEDIUM, CvssV2Data.AuthenticationType.MULTIPLE,
+                CvssV2Data.CiaType.PARTIAL, CvssV2Data.CiaType.PARTIAL, CvssV2Data.CiaType.PARTIAL,
+
+                score, severity,
+
+                CvssV2Data.ExploitabilityType.UNPROVEN, CvssV2Data.RemediationLevelType.NOT_DEFINED,
+                CvssV2Data.ReportConfidenceType.UNCONFIRMED, 0.0, CvssV2Data.CollateralDamagePotentialType.NOT_DEFINED,
+                CvssV2Data.TargetDistributionType.MEDIUM, CvssV2Data.CiaRequirementType.NOT_DEFINED,
                 CvssV2Data.CiaRequirementType.NOT_DEFINED, CvssV2Data.CiaRequirementType.NOT_DEFINED, 0.0);
         CvssV2 cvssV2 = new CvssV2("testing", CvssV2.Type.PRIMARY, v2Data, severity, 0.0, 0.0, Boolean.TRUE, Boolean.TRUE, Boolean.TRUE, Boolean.TRUE, Boolean.TRUE);
         return cvssV2;
     }
-    
+
     /**
      * Sorts the offered list of vulnerabilities four times starting with the vulnerabilities arranged in different sequences
      * before sorting to check that sorting is stable for permutations of input sequence.<br> The input array is added to a
@@ -244,8 +244,8 @@ private void testSortStabilityForPermutations(final List<Vulnerability> vulnerab
 
     private void assertPermutationSortedEqual(final Vulnerability[] prev, final Vulnerability[] current, final int[] permutation,
                                               final int[] prevPermutation) {
-        assertArrayEquals(String.format("Differently sorted for permutation '%s' versus '%s'", Arrays.toString(prevPermutation),
-                                        Arrays.toString(permutation)), prev, current);
+        assertArrayEquals(prev, current, String.format("Differently sorted for permutation '%s' versus '%s'", Arrays.toString(prevPermutation),
+                                        Arrays.toString(permutation)));
     }
 
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
index a2a55d5246e..6d68641c720 100644
--- a/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/VulnerableSoftwareTest.java
@@ -17,20 +17,28 @@
  */
 package org.owasp.dependencycheck.dependency;
 
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import us.springett.parsers.cpe.exceptions.CpeValidationException;
 import us.springett.parsers.cpe.values.LogicalValue;
 import us.springett.parsers.cpe.values.Part;
 
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class VulnerableSoftwareTest extends BaseTest {
+class VulnerableSoftwareTest extends BaseTest {
 
     /**
      * Test of equals method, of class VulnerableSoftware.
@@ -38,19 +46,19 @@ public class VulnerableSoftwareTest extends BaseTest {
      * @throws CpeValidationException
      */
     @Test
-    public void testEquals() throws CpeValidationException {
+    void testEquals() throws CpeValidationException {
         VulnerableSoftwareBuilder builder = new VulnerableSoftwareBuilder();
         VulnerableSoftware obj = null;
         VulnerableSoftware instance = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1").build();
-        assertFalse(instance.equals(obj));
+        assertNotEquals(obj, instance);
 
         obj = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1.0").build();
         instance = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1").build();
-        assertFalse(instance.equals(obj));
+        assertNotEquals(instance, obj);
 
         obj = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1.0").build();
         instance = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1.0").build();
-        assertTrue(instance.equals(obj));
+        assertEquals(instance, obj);
     }
 
     /**
@@ -59,7 +67,7 @@ public void testEquals() throws CpeValidationException {
      * @throws CpeValidationException
      */
     @Test
-    public void testCompareTo() throws CpeValidationException {
+    void testCompareTo() throws CpeValidationException {
         VulnerableSoftwareBuilder builder = new VulnerableSoftwareBuilder();
         VulnerableSoftware obj = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1.0").build();
         VulnerableSoftware instance = builder.part(Part.APPLICATION).vendor("mortbay").product("jetty").version("6.1").build();
@@ -73,7 +81,7 @@ public void testCompareTo() throws CpeValidationException {
     }
 
     @Test
-    public void testCompareVersionRange() throws CpeValidationException {
+    void testCompareVersionRange() throws CpeValidationException {
         VulnerableSoftwareBuilder builder = new VulnerableSoftwareBuilder();
         VulnerableSoftware instance = builder.version("2.0.0").build();
         assertTrue(instance.compareVersionRange("2.0.0"));
@@ -103,7 +111,7 @@ public void testCompareVersionRange() throws CpeValidationException {
     }
 
     @Test
-    public void testcompareUpdateAttributes() throws CpeValidationException {
+    void testCompareUpdateAttributes() {
 
         assertTrue(VulnerableSoftware.compareUpdateAttributes("update1", "u1"));
         assertTrue(VulnerableSoftware.compareUpdateAttributes("u1", "update1"));
@@ -115,4 +123,11 @@ public void testcompareUpdateAttributes() throws CpeValidationException {
 
     }
 
+    @Test
+    void testToNvdSearchUrl() throws Exception {
+        String encodedURL = new VulnerableSoftwareBuilder().part(Part.APPLICATION).vendor("apache").version("1.2.3").build().toNvdSearchUrl();
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&cpeName=cpe%3A2.3%3Aa%3Aapache%3A%2A%3A1.2.3%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A", encodedURL);
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&cpeName=cpe:2.3:a:apache:*:1.2.3:*:*:*:*:*:*:*", URLDecoder.decode(encodedURL, UTF_8));
+    }
+
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifierTest.java b/core/src/test/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifierTest.java
new file mode 100644
index 00000000000..96a3da1f41d
--- /dev/null
+++ b/core/src/test/java/org/owasp/dependencycheck/dependency/naming/CpeIdentifierTest.java
@@ -0,0 +1,50 @@
+package org.owasp.dependencycheck.dependency.naming;
+
+import org.junit.jupiter.api.Test;
+import us.springett.parsers.cpe.CpeBuilder;
+import us.springett.parsers.cpe.exceptions.CpeValidationException;
+import us.springett.parsers.cpe.values.Part;
+
+import java.net.URLDecoder;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.junit.jupiter.api.Assertions.*;
+
+class CpeIdentifierTest {
+
+    @Test
+    void testNvdSearchUrlFormatting() throws CpeValidationException {
+        String encodedUrl = CpeIdentifier.nvdSearchUrlFor(new CpeBuilder().part(Part.APPLICATION).vendor("apache").product("struts").version("1.9.0").build());
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe%3A2.3%3Aa%3Aapache%3Astruts%3A1.9.0%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A", encodedUrl);
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe:2.3:a:apache:struts:1.9.0:*:*:*:*:*:*:*", URLDecoder.decode(encodedUrl, UTF_8));
+    }
+
+    @Test
+    void testNvdSearchUrlFormattingEncodesChars() throws CpeValidationException {
+        String encodedUrl = CpeIdentifier.nvdSearchUrlFor(new CpeBuilder().part(Part.APPLICATION).vendor("apache$").product("struts$").version("1.9.0$").build());
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe%3A2.3%3Aa%3Aapache%5C%24%3Astruts%5C%24%3A1.9.0%5C%24%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A", encodedUrl);
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe:2.3:a:apache\\$:struts\\$:1.9.0\\$:*:*:*:*:*:*:*", URLDecoder.decode(encodedUrl, UTF_8));
+    }
+
+    @Test
+    void testNvdProductSearchFormatting() throws CpeValidationException {
+        String encodedUrl = CpeIdentifier.nvdProductSearchUrlFor(new CpeBuilder().part(Part.APPLICATION).vendor("apache").product("struts").version("1.9.0").build());
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe%3A2.3%3Aa%3Aapache%3Astruts%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A", encodedUrl);
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", URLDecoder.decode(encodedUrl, UTF_8));
+    }
+
+    @Test
+    void testNvdProductSearchUrlFormattingEncodesChars() throws CpeValidationException {
+        String encodedUrl = CpeIdentifier.nvdProductSearchUrlFor(new CpeBuilder().part(Part.APPLICATION).vendor("apache$").product("struts$").version("1.9.0$").build());
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe%3A2.3%3Aa%3Aapache%5C%24%3Astruts%5C%24%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A%3A%2A", encodedUrl);
+        assertEquals("https://nvd.nist.gov/vuln/search#/nvd/home?sortOrder=3&sortDirection=2&cpeFilterMode=applicability&resultType=records&" +
+                "cpeName=cpe:2.3:a:apache\\$:struts\\$:*:*:*:*:*:*:*:*", URLDecoder.decode(encodedUrl, UTF_8));
+    }
+}
\ No newline at end of file
diff --git a/core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java b/core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java
index ea8b9917925..81e6ae6f25f 100644
--- a/core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/reporting/EscapeToolTest.java
@@ -17,26 +17,28 @@
  */
 package org.owasp.dependencycheck.reporting;
 
-import java.util.HashSet;
-import java.util.Set;
-import org.junit.Test;
-import static org.junit.Assert.*;
-
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.naming.GenericIdentifier;
 import org.owasp.dependencycheck.dependency.naming.Identifier;
 
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
-* @author Jeremy Long
+ * @author Jeremy Long
  */
-public class EscapeToolTest {
+class EscapeToolTest {
 
     /**
      * Test of url method, of class EscapeTool.
      */
     @Test
-    public void testUrl() {
+    void testUrl() {
         String text = null;
         EscapeTool instance = new EscapeTool();
         String expResult = null;
@@ -58,7 +60,7 @@ public void testUrl() {
      * Test of html method, of class EscapeTool.
      */
     @Test
-    public void testHtml() {
+    void testHtml() {
         EscapeTool instance = new EscapeTool();
         String text = null;
         String expResult = null;
@@ -80,7 +82,7 @@ public void testHtml() {
      * Test of xml method, of class EscapeTool.
      */
     @Test
-    public void testXml() {
+    void testXml() {
         EscapeTool instance = new EscapeTool();
         String text = null;
         String expResult = null;
@@ -102,7 +104,7 @@ public void testXml() {
      * Test of json method, of class EscapeTool.
      */
     @Test
-    public void testJson() {
+    void testJson() {
         String text = null;
         EscapeTool instance = new EscapeTool();
         String expResult = null;
@@ -124,7 +126,7 @@ public void testJson() {
      * Test of csv method, of class EscapeTool.
      */
     @Test
-    public void testCsv() {
+    void testCsv() {
         String text = null;
         EscapeTool instance = new EscapeTool();
         String expResult = "\"\"";
@@ -146,7 +148,7 @@ public void testCsv() {
      * Test of csvIdentifiers method, of class EscapeTool.
      */
     @Test
-    public void testCsvIdentifiers() {
+    void testCsvIdentifiers() {
         EscapeTool instance = new EscapeTool();
         Set<Identifier> ids = null;
         String expResult = "\"\"";
@@ -177,7 +179,7 @@ public void testCsvIdentifiers() {
      * Test of csvCpeConfidence method, of class EscapeTool.
      */
     @Test
-    public void testCsvCpeConfidence() {
+    void testCsvCpeConfidence() {
         EscapeTool instance = new EscapeTool();
         Set<Identifier> ids = null;
         String expResult = "\"\"";
diff --git a/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java b/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
index 7e3fe8daad1..b484dc04cc5 100644
--- a/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
@@ -17,46 +17,43 @@
  */
 package org.owasp.dependencycheck.reporting;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseDBTestCase;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.Engine;
+import org.owasp.dependencycheck.data.update.exception.UpdateException;
+import org.owasp.dependencycheck.dependency.Dependency;
+import org.owasp.dependencycheck.exception.ExceptionCollection;
+import org.owasp.dependencycheck.utils.DownloadFailedException;
+import org.owasp.dependencycheck.utils.Settings;
+
+import javax.xml.XMLConstants;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+import javax.xml.validation.Validator;
 import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Arrays;
-import javax.xml.XMLConstants;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
-import javax.xml.validation.Validator;
-import org.junit.Assert;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseDBTestCase;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.Engine;
-import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
-import org.owasp.dependencycheck.exception.ExceptionCollection;
-import org.owasp.dependencycheck.exception.ReportException;
-import org.owasp.dependencycheck.utils.InvalidSettingException;
-import org.owasp.dependencycheck.utils.Settings;
-import org.xml.sax.SAXException;
-import static org.junit.Assert.fail;
-import org.owasp.dependencycheck.data.update.exception.UpdateException;
-import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.utils.DownloadFailedException;
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class ReportGeneratorIT extends BaseDBTestCase {
+class ReportGeneratorIT extends BaseDBTestCase {
 
     /**
      * Generates an XML report containing known vulnerabilities and realistic
      * data and validates the generated XML document against the XSD.
      */
     @Test
-    public void testGenerateReport() {
+    void testGenerateReport() {
         File writeTo = new File("target/test-reports/Report.xml");
         File writeJsonTo = new File("target/test-reports/Report.json");
         File writeHtmlTo = new File("target/test-reports/Report.html");
@@ -74,7 +71,7 @@ public void testGenerateReport() {
         settings.setBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED, false);
         settings.setBoolean(Settings.KEYS.PRETTY_PRINT, true);
 
-        generateReport(settings, writeTo, writeJsonTo, writeHtmlTo, writeJunitTo, writeCsvTo, writeSarifTo, suppressionFile);        
+        generateReport(settings, writeTo, writeJsonTo, writeHtmlTo, writeJunitTo, writeCsvTo, writeSarifTo, suppressionFile);
     }
 
     /**
@@ -82,7 +79,7 @@ public void testGenerateReport() {
      * data and validates the generated XML document against the XSD.
      */
     @Test
-    public void testGenerateNodeAuditReport() {
+    void testGenerateNodeAuditReport() {
         File writeTo = new File("target/test-reports/nodeAudit/Report.xml");
         File writeJsonTo = new File("target/test-reports/nodeAudit/Report.json");
         File writeHtmlTo = new File("target/test-reports/nodeAudit/Report.html");
@@ -108,7 +105,7 @@ public void testGenerateNodeAuditReport() {
      * data and validates the generated XML document against the XSD.
      */
     @Test
-    public void testGenerateRetireJsReport() {
+    void testGenerateRetireJsReport() {
         File writeTo = new File("target/test-reports/retireJS/Report.xml");
         File writeJsonTo = new File("target/test-reports/retireJS/Report.json");
         File writeHtmlTo = new File("target/test-reports/retireJS/Report.html");
@@ -127,12 +124,13 @@ public void testGenerateRetireJsReport() {
 
         generateReport(settings, writeTo, writeJsonTo, writeHtmlTo, writeJunitTo, writeCsvTo, writeSarifTo, suppressionFile);
     }
+
     /**
      * Generates an XML report containing known vulnerabilities and realistic
      * data and validates the generated XML document against the XSD.
      */
     @Test
-    public void testGenerateNodePackageReport() {
+    void testGenerateNodePackageReport() {
         File writeTo = new File("target/test-reports/NodePackage/Report.xml");
         File writeJsonTo = new File("target/test-reports/NodePackage/Report.json");
         File writeHtmlTo = new File("target/test-reports/NodePackage/Report.html");
@@ -153,8 +151,8 @@ public void testGenerateNodePackageReport() {
     }
 
 
-    public void generateReport(Settings settings, File writeTo, File writeJsonTo, File writeHtmlTo, File writeJunitTo, File writeCsvTo, File writeSarifTo, File suppressionFile){
-        try {
+    private void generateReport(Settings settings, File writeTo, File writeJsonTo, File writeHtmlTo, File writeJunitTo, File writeCsvTo, File writeSarifTo, File suppressionFile){
+        assertDoesNotThrow(() -> {
             //first check parent folder
             createParentFolder(writeTo);
             createParentFolder(writeJsonTo);
@@ -166,7 +164,7 @@ public void generateReport(Settings settings, File writeTo, File writeJsonTo, Fi
             File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
             File war = BaseTest.getResourceAsFile(this, "war-4.0.war");
             File cfu = BaseTest.getResourceAsFile(this, "commons-fileupload-1.2.1.jar");
-            
+
             //File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
             File axis = BaseTest.getResourceAsFile(this, "axis2-adb-1.4.1.jar");
             //File jetty = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
@@ -208,10 +206,8 @@ public void generateReport(Settings settings, File writeTo, File writeJsonTo, Fi
 
             //Test CSV
             int linesWritten = countLines(writeCsvTo);
-            Assert.assertEquals(vulnCount + 1, linesWritten);
-        } catch (DatabaseException | ExceptionCollection | ReportException | SAXException | IOException ex) {
-            fail(ex.getMessage());
-        }
+            assertEquals(vulnCount + 1, linesWritten);
+        });
     }
 
     /**
diff --git a/core/src/test/java/org/owasp/dependencycheck/resources/DependencyCheckBaseSuppressionTest.java b/core/src/test/java/org/owasp/dependencycheck/resources/DependencyCheckBaseSuppressionTest.java
index f13847023fe..dde361906f4 100644
--- a/core/src/test/java/org/owasp/dependencycheck/resources/DependencyCheckBaseSuppressionTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/resources/DependencyCheckBaseSuppressionTest.java
@@ -1,26 +1,26 @@
 package org.owasp.dependencycheck.resources;
 
-import java.io.File;
-import java.io.IOException;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-
-import javax.xml.XMLConstants;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 import org.xml.sax.SAXException;
 
-public class DependencyCheckBaseSuppressionTest {
+import javax.xml.XMLConstants;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+class DependencyCheckBaseSuppressionTest {
 
     @Test
-    public void testAllSuppressionsHaveBaseAttribute() throws ParserConfigurationException, SAXException, IOException {
+    void testAllSuppressionsHaveBaseAttribute() throws ParserConfigurationException, SAXException, IOException {
         DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
         factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 
@@ -45,6 +45,6 @@ public void testAllSuppressionsHaveBaseAttribute() throws ParserConfigurationExc
             }
         }
 
-        Assert.assertEquals(0, numberOfSuppressTagsWithoutBaseTrueAttribute);
+        assertEquals(0, numberOfSuppressTagsWithoutBaseTrueAttribute);
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/CvssUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/CvssUtilTest.java
index 3dfcd5faf20..fff6cec8120 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/CvssUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/CvssUtilTest.java
@@ -21,20 +21,25 @@
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2Data;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV3Data;
-import org.junit.Test;
-import static org.junit.Assert.*;
+import io.github.jeremylong.openvulnerability.client.nvd.CvssV4;
+import io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
  *
  * @author Jeremy Long
  */
-public class CvssUtilTest {
+class CvssUtilTest {
 
     /**
      * Test of vectorToCvssV2 method, of class CvssUtil.
      */
     @Test
-    public void testVectorToCvssV2() {
+    void testVectorToCvssV2() {
         String vectorString = "/AV:L/AC:L/Au:N/C:N/I:N/A:C";
         Double baseScore = 1.0;
         CvssV2 result = CvssUtil.vectorToCvssV2(vectorString, baseScore);
@@ -53,117 +58,45 @@ public void testVectorToCvssV2() {
      * Test of cvssV2ScoreToSeverity method, of class CvssUtil.
      */
     @Test
-    public void testCvssV2ScoreToSeverity() {
-        Double score = -1.0;
-        String expResult = "UNKNOWN";
-        String result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 0.0;
-        expResult = "LOW";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 1.0;
-        expResult = "LOW";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 3.9;
-        expResult = "LOW";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 4.0;
-        expResult = "MEDIUM";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 6.9;
-        expResult = "MEDIUM";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 7.0;
-        expResult = "HIGH";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 10.0;
-        expResult = "HIGH";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 11.0;
-        expResult = "UNKNOWN";
-        result = CvssUtil.cvssV2ScoreToSeverity(score);
-        assertEquals(expResult, result);
+    void testCvssV2ScoreToSeverity() {
+        assertEquals("UNKNOWN", CvssUtil.cvssV2ScoreToSeverity(-1.0));
+        assertEquals("LOW", CvssUtil.cvssV2ScoreToSeverity(0.0));
+        assertEquals("LOW", CvssUtil.cvssV2ScoreToSeverity(0.05));
+        assertEquals("LOW", CvssUtil.cvssV2ScoreToSeverity(1.0));
+        assertEquals("LOW", CvssUtil.cvssV2ScoreToSeverity(3.9));
+        assertEquals("MEDIUM", CvssUtil.cvssV2ScoreToSeverity(4.0));
+        assertEquals("MEDIUM", CvssUtil.cvssV2ScoreToSeverity(6.9));
+        assertEquals("MEDIUM", CvssUtil.cvssV2ScoreToSeverity((double) 6.9f)); // test low-precision floating point values
+        assertEquals("HIGH", CvssUtil.cvssV2ScoreToSeverity(7.0));
+        assertEquals("HIGH", CvssUtil.cvssV2ScoreToSeverity(10.0));
+        assertEquals("UNKNOWN", CvssUtil.cvssV2ScoreToSeverity(11.0));
     }
 
     /**
      * Test of cvssV3ScoreToSeverity method, of class CvssUtil.
      */
     @Test
-    public void testCvssV3ScoreToSeverity() {
-        Double score = 0.0;
-        CvssV3Data.SeverityType expResult = CvssV3Data.SeverityType.NONE;
-        CvssV3Data.SeverityType result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 1.0;
-        expResult = CvssV3Data.SeverityType.LOW;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 3.9;
-        expResult = CvssV3Data.SeverityType.LOW;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 4.0;
-        expResult = CvssV3Data.SeverityType.MEDIUM;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 6.9;
-        expResult = CvssV3Data.SeverityType.MEDIUM;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 7.0;
-        expResult = CvssV3Data.SeverityType.HIGH;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 8.9;
-        expResult = CvssV3Data.SeverityType.HIGH;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 9.0;
-        expResult = CvssV3Data.SeverityType.CRITICAL;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 10.0;
-        expResult = CvssV3Data.SeverityType.CRITICAL;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertEquals(expResult, result);
-
-        score = 11.0;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertNull(result);
-
-        score = -1.0;
-        result = CvssUtil.cvssV3ScoreToSeverity(score);
-        assertNull(result);
+    void testCvssV3ScoreToSeverity() {
+        assertEquals(CvssV3Data.SeverityType.NONE, CvssUtil.cvssV3ScoreToSeverity(0.0));
+        assertEquals(CvssV3Data.SeverityType.LOW, CvssUtil.cvssV3ScoreToSeverity(0.05));
+        assertEquals(CvssV3Data.SeverityType.LOW, CvssUtil.cvssV3ScoreToSeverity(1.0));
+        assertEquals(CvssV3Data.SeverityType.LOW, CvssUtil.cvssV3ScoreToSeverity(3.9));
+        assertEquals(CvssV3Data.SeverityType.MEDIUM, CvssUtil.cvssV3ScoreToSeverity(4.0));
+        assertEquals(CvssV3Data.SeverityType.MEDIUM, CvssUtil.cvssV3ScoreToSeverity(6.9));
+        assertEquals(CvssV3Data.SeverityType.MEDIUM, CvssUtil.cvssV3ScoreToSeverity((double) 6.9f)); // test low-precision floating point values
+        assertEquals(CvssV3Data.SeverityType.HIGH, CvssUtil.cvssV3ScoreToSeverity(7.0));
+        assertEquals(CvssV3Data.SeverityType.HIGH, CvssUtil.cvssV3ScoreToSeverity(8.9));
+        assertEquals(CvssV3Data.SeverityType.CRITICAL, CvssUtil.cvssV3ScoreToSeverity(9.0));
+        assertEquals(CvssV3Data.SeverityType.CRITICAL, CvssUtil.cvssV3ScoreToSeverity(10.0));
+        assertNull(CvssUtil.cvssV3ScoreToSeverity(11.0));
+        assertNull(CvssUtil.cvssV3ScoreToSeverity(-1.0));
     }
 
     /**
      * Test of vectorToCvssV3 method, of class CvssUtil.
      */
     @Test
-    public void testVectorToCvssV3() {
+    void testVectorToCvssV3() {
         String vectorString = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H";
         Double baseScore = 10.0;
         CvssV3 result = CvssUtil.vectorToCvssV3(vectorString, baseScore);
@@ -180,4 +113,52 @@ public void testVectorToCvssV3() {
         assertEquals(10.0, result.getCvssData().getBaseScore(), 0);
     }
 
+    /**
+     * Test of cvssV4ScoreToSeverity method, of class CvssUtil.
+     */
+    @Test
+    void testCvssV4ScoreToSeverity() {
+        assertEquals(CvssV4Data.SeverityType.NONE, CvssUtil.cvssV4ScoreToSeverity(0.0));
+        assertEquals(CvssV4Data.SeverityType.LOW, CvssUtil.cvssV4ScoreToSeverity(0.05));
+        assertEquals(CvssV4Data.SeverityType.LOW, CvssUtil.cvssV4ScoreToSeverity(1.0));
+        assertEquals(CvssV4Data.SeverityType.LOW, CvssUtil.cvssV4ScoreToSeverity(3.9));
+        assertEquals(CvssV4Data.SeverityType.MEDIUM, CvssUtil.cvssV4ScoreToSeverity(4.0));
+        assertEquals(CvssV4Data.SeverityType.MEDIUM, CvssUtil.cvssV4ScoreToSeverity(6.9));
+        assertEquals(CvssV4Data.SeverityType.MEDIUM, CvssUtil.cvssV4ScoreToSeverity(6.9f)); // test low-precision floating point values
+        assertEquals(CvssV4Data.SeverityType.HIGH, CvssUtil.cvssV4ScoreToSeverity(7.0));
+        assertEquals(CvssV4Data.SeverityType.HIGH, CvssUtil.cvssV4ScoreToSeverity(8.9));
+        assertEquals(CvssV4Data.SeverityType.CRITICAL, CvssUtil.cvssV4ScoreToSeverity(9.0));
+        assertEquals(CvssV4Data.SeverityType.CRITICAL, CvssUtil.cvssV4ScoreToSeverity(10.0));
+        assertThrows(IllegalArgumentException.class, () -> CvssUtil.cvssV4ScoreToSeverity(11.0));
+        assertThrows(IllegalArgumentException.class, () -> CvssUtil.cvssV4ScoreToSeverity(-1.0));
+    }
+
+    /**
+     * Test of vectorToCvssV4 method, of class CvssUtil.
+     */
+    @Test
+    void testVectorToCvssV4() {
+        String vectorString = "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N";
+        Double baseScore = 8.2;
+        String source = "ossIndex";
+        CvssV4.Type type = CvssV4.Type.PRIMARY;
+        CvssV4 result = CvssUtil.vectorToCvssV4(source, type, baseScore, vectorString);
+        assertEquals(CvssV4Data.Version._4_0, result.getCvssData().getVersion());
+        assertEquals(source, result.getSource());
+        assertEquals(type, result.getType());
+        assertEquals(CvssV4Data.AttackVectorType.NETWORK, result.getCvssData().getAttackVector());
+        assertEquals(CvssV4Data.AttackComplexityType.LOW, result.getCvssData().getAttackComplexity());
+        assertEquals(CvssV4Data.AttackRequirementsType.PRESENT, result.getCvssData().getAttackRequirements());
+        assertEquals(CvssV4Data.PrivilegesRequiredType.NONE, result.getCvssData().getPrivilegesRequired());
+        assertEquals(CvssV4Data.UserInteractionType.NONE, result.getCvssData().getUserInteraction());
+        assertEquals(CvssV4Data.CiaType.HIGH, result.getCvssData().getVulnConfidentialityImpact());
+        assertEquals(CvssV4Data.CiaType.NONE, result.getCvssData().getVulnIntegrityImpact());
+        assertEquals(CvssV4Data.CiaType.NONE, result.getCvssData().getVulnAvailabilityImpact());
+        assertEquals(CvssV4Data.CiaType.NONE, result.getCvssData().getSubConfidentialityImpact());
+        assertEquals(CvssV4Data.CiaType.NONE, result.getCvssData().getSubIntegrityImpact());
+        assertEquals(CvssV4Data.CiaType.NONE, result.getCvssData().getSubAvailabilityImpact());
+        assertEquals(CvssV4Data.SeverityType.HIGH, result.getCvssData().getBaseSeverity());
+        assertEquals(8.2, result.getCvssData().getBaseScore(), 0);
+    }
+
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/DateUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/DateUtilTest.java
index b6563d19e5d..6d9b0e3dbd0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/DateUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/DateUtilTest.java
@@ -15,26 +15,26 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.exception.ParseException;
+
 import java.time.ZonedDateTime;
 import java.util.Calendar;
 
-import static org.junit.Assert.assertEquals;
-
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.exception.ParseException;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DateUtilTest extends BaseTest {
+class DateUtilTest extends BaseTest {
 
     /**
      * Test of withinDateRange method, of class DateUtil.
      */
     @Test
-    public void testWithinDateRange() {
+    void testWithinDateRange() {
         Calendar c = Calendar.getInstance();
 
         long current = c.getTimeInMillis() / 1000;
@@ -49,12 +49,12 @@ public void testWithinDateRange() {
         result = DateUtil.withinDateRange(lastRun, current, range);
         assertEquals(expResult, result);
     }
-    
-       /**
+
+    /**
      * Test of withinDateRange method, of class DateUtil.
      */
     @Test
-    public void testWithinZonedDateRange() {
+    void testWithinZonedDateRange() {
         ZonedDateTime lastRun = ZonedDateTime.parse("2023-11-15T11:15:03Z");
         ZonedDateTime current = ZonedDateTime.parse("2023-11-17T11:15:03Z");
         int range = 5;
@@ -74,7 +74,7 @@ public void testWithinZonedDateRange() {
      * @throws ParseException thrown when there is a parse error
      */
     @Test
-    public void testParseXmlDate() throws ParseException {
+    void testParseXmlDate() throws ParseException {
         String xsDate = "2019-01-02Z";
         Calendar result = DateUtil.parseXmlDate(xsDate);
         assertEquals(2019, result.get(Calendar.YEAR));
@@ -84,7 +84,7 @@ public void testParseXmlDate() throws ParseException {
     }
 
     @Test
-    public void testGetEpochValueInSeconds() throws ParseException {
+    void testGetEpochValueInSeconds() {
         String milliseconds = "1550538553466";
         long expected = 1550538553;
         long result = DateUtil.getEpochValueInSeconds(milliseconds);
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java
index fd5a108e831..9dcb92399f0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionTest.java
@@ -17,26 +17,29 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.List;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DependencyVersionTest extends BaseTest {
+class DependencyVersionTest extends BaseTest {
 
     /**
      * Test of parseVersion method, of class DependencyVersion.
      */
     @Test
-    public void testParseVersion() {
+    void testParseVersion() {
         String version = "1.2r1";
         DependencyVersion instance = new DependencyVersion();
         instance.parseVersion(version);
@@ -70,14 +73,14 @@ public void testParseVersion() {
      * Test of iterator method, of class DependencyVersion.
      */
     @Test
-    public void testIterator() {
+    void testIterator() {
         DependencyVersion instance = new DependencyVersion("1.2.3");
         Iterator<String> result = instance.iterator();
         assertTrue(result.hasNext());
         int count = 1;
         while (result.hasNext()) {
             String v = result.next();
-            assertTrue(String.valueOf(count++).equals(v));
+            assertEquals(String.valueOf(count++), v);
         }
     }
 
@@ -85,7 +88,7 @@ public void testIterator() {
      * Test of toString method, of class DependencyVersion.
      */
     @Test
-    public void testToString() {
+    void testToString() {
         DependencyVersion instance = new DependencyVersion("1.2.3r1");
         String expResult = "1.2.3.r1";
         String result = instance.toString();
@@ -96,7 +99,7 @@ public void testToString() {
      * Test of equals method, of class DependencyVersion.
      */
     @Test
-    public void testEquals() {
+    void testEquals() {
         DependencyVersion obj = new DependencyVersion("1.2.3.r1");
         DependencyVersion instance = new DependencyVersion("1.2.3");
         boolean expResult = false;
@@ -106,26 +109,26 @@ public void testEquals() {
         expResult = true;
         result = instance.equals(obj);
         assertEquals(expResult, result);
-        
+
         instance = new DependencyVersion("2.0.0");
         obj = new DependencyVersion("2");
         expResult = false;
         result = instance.equals(obj);
         assertEquals(expResult, result);
-        
+
         obj = new DependencyVersion("2.0");
         expResult = true;
         result = instance.equals(obj);
         assertEquals(expResult, result);
-        
-        
+
+
     }
 
     /**
      * Test of hashCode method, of class DependencyVersion.
      */
     @Test
-    public void testHashCode() {
+    void testHashCode() {
         DependencyVersion instance = new DependencyVersion("3.2.1");
         int expResult = 80756;
         int result = instance.hashCode();
@@ -136,26 +139,26 @@ public void testHashCode() {
      * Test of matchesAtLeastThreeLevels method, of class DependencyVersion.
      */
     @Test
-    public void testMatchesAtLeastThreeLevels() {
+    void testMatchesAtLeastThreeLevels() {
 
         DependencyVersion instance = new DependencyVersion("2.3.16.3");
         DependencyVersion version = new DependencyVersion("2.3.16.4");
         //true tests
-        assertEquals(true, instance.matchesAtLeastThreeLevels(version));
+        assertTrue(instance.matchesAtLeastThreeLevels(version));
         version = new DependencyVersion("2.3");
-        assertEquals(true, instance.matchesAtLeastThreeLevels(version));
+        assertTrue(instance.matchesAtLeastThreeLevels(version));
         //false tests
         version = new DependencyVersion("2.3.16.1");
-        assertEquals(false, instance.matchesAtLeastThreeLevels(version));
+        assertFalse(instance.matchesAtLeastThreeLevels(version));
         version = new DependencyVersion("2");
-        assertEquals(false, instance.matchesAtLeastThreeLevels(version));
+        assertFalse(instance.matchesAtLeastThreeLevels(version));
     }
 
     /**
      * Test of compareTo method, of class DependencyVersion.
      */
     @Test
-    public void testCompareTo() {
+    void testCompareTo() {
         DependencyVersion instance = new DependencyVersion("1.2.3");
         DependencyVersion version = new DependencyVersion("1.2.3");
         assertEquals(0, instance.compareTo(version));
@@ -202,7 +205,7 @@ public void testCompareTo() {
      * Test of getVersionParts method, of class DependencyVersion.
      */
     @Test
-    public void testGetVersionParts() {
+    void testGetVersionParts() {
         DependencyVersion instance = new DependencyVersion();
         List<String> versionParts = Arrays.asList("1", "1", "1");
         instance.setVersionParts(versionParts);
@@ -215,7 +218,7 @@ public void testGetVersionParts() {
      * Test of setVersionParts method, of class DependencyVersion.
      */
     @Test
-    public void testSetVersionParts() {
+    void testSetVersionParts() {
         List<String> versionParts = Arrays.asList("1", "1", "1");
         DependencyVersion instance = new DependencyVersion();
         instance.setVersionParts(versionParts);
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java
index b32df7ade6e..23f89847e71 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/DependencyVersionUtilTest.java
@@ -17,23 +17,23 @@
  */
 package org.owasp.dependencycheck.utils;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+
 /**
  *
  * @author Jeremy Long
  */
-public class DependencyVersionUtilTest extends BaseTest {
+class DependencyVersionUtilTest extends BaseTest {
 
     /**
      * Test of parseVersion method, of class DependencyVersionUtil.
      */
     @Test
-    public void testParseVersion_String() {
+    void testParseVersion_String() {
         final String[] fileName = {"openssl1.0.1c", "something-0.9.5.jar", "lib2-1.1.jar", "lib1.5r4-someflag-R26.jar",
             "lib-1.2.5-dev-20050313.jar", "testlib_V4.4.0.jar", "lib-core-2.0.0-RC1-SNAPSHOT.jar",
             "lib-jsp-2.0.1_R114940.jar", "dev-api-2.3.11_R121413.jar", "lib-api-3.7-SNAPSHOT.jar",
@@ -49,14 +49,14 @@ public void testParseVersion_String() {
             if (version != null) {
                 result = version.toString();
             }
-            assertEquals("Failed extraction on \"" + fileName[i] + "\".", expResult[i], result);
+            assertEquals(expResult[i], result, "Failed extraction on \"" + fileName[i] + "\".");
         }
 
         String[] failingNames = {"no-version-identified.jar", "somelib-04aug2000r7-dev.jar", /*"no.version15.jar",*/
             "lib_1.0_spec-1.1.jar", "lib-api_1.0_spec-1.0.1.jar"};
         for (String failingName : failingNames) {
             final DependencyVersion version = DependencyVersionUtil.parseVersion(failingName);
-            assertNull("Found version in name that should have failed \"" + failingName + "\".", version);
+            assertNull(version, "Found version in name that should have failed \"" + failingName + "\".");
         }
     }
 
@@ -64,7 +64,7 @@ public void testParseVersion_String() {
      * Test of parseVersion method, of class DependencyVersionUtil.
      */
     @Test
-    public void testParseVersion_String_boolean() {
+    void testParseVersion_String_boolean() {
         //cpe:/a:playframework:play_framework:2.1.1:rc1-2.9.x-backport
         String text = "2.1.1.rc1.2.9.x-backport";
         boolean firstMatchOnly = false;
@@ -89,7 +89,7 @@ public void testParseVersion_String_boolean() {
      * Test of parsePreVersion method, of class DependencyVersionUtil.
      */
     @Test
-    public void testParsePreVersion() {
+    void testParsePreVersion() {
         String text = "library-name-1.4.1r2-release.jar";
         String expResult = "library-name";
         String result = DependencyVersionUtil.parsePreVersion(text);
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/ExtractionUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/ExtractionUtilTest.java
index 359947f652f..3cc54350d08 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/ExtractionUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/ExtractionUtilTest.java
@@ -17,49 +17,56 @@
  */
 package org.owasp.dependencycheck.utils;
 
-import java.io.File;
-import java.io.FilenameFilter;
 import org.apache.commons.io.filefilter.NameFileFilter;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.Engine;
 
+import java.io.File;
+import java.io.FilenameFilter;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
 /**
  *
  * @author Jeremy Long
  */
-public class ExtractionUtilTest extends BaseTest {
+class ExtractionUtilTest extends BaseTest {
 
     /**
      * Test of extractFiles method, of class ExtractionUtil.
      */
-    @Test(expected = org.owasp.dependencycheck.utils.ExtractionException.class)
-    public void testExtractFiles_File_File() throws Exception {
+    @Test
+    void testExtractFiles_File_File() throws Exception {
         File destination = getSettings().getTempDirectory();
         File archive = BaseTest.getResourceAsFile(this, "evil.zip");
-        ExtractionUtil.extractFiles(archive, destination);
+        assertThrows(org.owasp.dependencycheck.utils.ExtractionException.class, () ->
+            ExtractionUtil.extractFiles(archive, destination));
     }
 
     /**
      * Test of extractFiles method, of class ExtractionUtil.
      */
-    @Test(expected = org.owasp.dependencycheck.utils.ExtractionException.class)
-    public void testExtractFiles_3args() throws Exception {
+    @Test
+    void testExtractFiles_3args() throws Exception {
         File destination = getSettings().getTempDirectory();
         File archive = BaseTest.getResourceAsFile(this, "evil.zip");
         Engine engine = null;
-        ExtractionUtil.extractFiles(archive, destination, engine);
+        assertThrows(org.owasp.dependencycheck.utils.ExtractionException.class, () ->
+            ExtractionUtil.extractFiles(archive, destination, engine));
     }
 
     /**
      * Test of extractFilesUsingFilter method, of class ExtractionUtil.
      */
-    @Test(expected = org.owasp.dependencycheck.utils.ExtractionException.class)
-    public void testExtractFilesUsingFilter() throws Exception {
+    @Test
+    void testExtractFilesUsingFilter() throws Exception {
         File destination = getSettings().getTempDirectory();
         File archive = BaseTest.getResourceAsFile(this, "evil.zip");
-        ExtractionUtil.extractFiles(archive, destination);
+        assertThrows(org.owasp.dependencycheck.utils.ExtractionException.class, () ->
+            ExtractionUtil.extractFiles(archive, destination));
         FilenameFilter filter = new NameFileFilter("evil.txt");
-        ExtractionUtil.extractFilesUsingFilter(archive, destination, filter);
+        assertThrows(org.owasp.dependencycheck.utils.ExtractionException.class, () ->
+            ExtractionUtil.extractFilesUsingFilter(archive, destination, filter));
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/FilterTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/FilterTest.java
index dd4d96ca79c..eb0cd0919a6 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/FilterTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/FilterTest.java
@@ -17,37 +17,39 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.util.ArrayList;
 import java.util.List;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class FilterTest extends BaseTest {
+class FilterTest extends BaseTest {
 
     /**
      * Test of passes method, of class Filter.
      */
     @Test
-    public void testPasses() {
+    void testPasses() {
         String keep = "keep";
         String fail = "fail";
 
-        assertTrue("String contained keep - but passes returned false.", TEST_FILTER.passes(keep));
-        assertFalse("String contained fail - but passes returned true.", TEST_FILTER.passes(fail));
+        assertTrue(TEST_FILTER.passes(keep), "String contained keep - but passes returned false.");
+        assertFalse(TEST_FILTER.passes(fail), "String contained fail - but passes returned true.");
     }
 
     /**
      * Test of filter method, of class Filter.
      */
     @Test
-    public void testFilter_Iterable() {
+    void testFilter_Iterable() {
         List<String> testData = new ArrayList<>();
         testData.add("keep");
         testData.add("remove");
@@ -64,10 +66,10 @@ public void testFilter_Iterable() {
         assertArrayEquals(expResults.toArray(), actResults.toArray());
     }
     private static final Filter<String> TEST_FILTER
-            = new Filter<String>() {
-                @Override
-                public boolean passes(String str) {
-                    return str.contains("keep");
-                }
-            };
+            = new Filter<>() {
+        @Override
+        public boolean passes(String str) {
+            return str.contains("keep");
+        }
+    };
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/InterpolationUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/InterpolationUtilTest.java
index 9e0e38c5fb5..87c6906afc0 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/InterpolationUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/InterpolationUtilTest.java
@@ -17,21 +17,23 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+
 import java.util.Properties;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class InterpolationUtilTest {
+class InterpolationUtilTest {
 
     /**
      * Test of interpolate method, of class InterpolationUtil.
      */
     @Test
-    public void testInterpolate() {
+    void testInterpolate() {
         Properties prop = new Properties();
         prop.setProperty("key", "value");
         prop.setProperty("nested", "nested ${key}");
@@ -42,7 +44,7 @@ public void testInterpolate() {
     }
 
     @Test
-    public void testInterpolateNonexistentErased() {
+    void testInterpolateNonexistentErased() {
         Properties prop = new Properties();
         prop.setProperty("key", "value");
         String text = "This is a test of '${key}' and '${nothing}'";
@@ -52,7 +54,7 @@ public void testInterpolateNonexistentErased() {
     }
 
     @Test
-    public void testInterpolateMSBuild() {
+    void testInterpolateMSBuild() {
         Properties prop = new Properties();
         prop.setProperty("key", "value");
         prop.setProperty("nested", "nested $(key)");
@@ -63,7 +65,7 @@ public void testInterpolateMSBuild() {
     }
 
     @Test
-    public void testInterpolateNonexistentErasedMSBuild() {
+    void testInterpolateNonexistentErasedMSBuild() {
         Properties prop = new Properties();
         prop.setProperty("key", "value");
         String text = "This is a test of '$(key)' and '$(nothing)'";
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/PyPACoreMetadataParserTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/PyPACoreMetadataParserTest.java
index a09093b9cbb..d0e2caa2f86 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/PyPACoreMetadataParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/PyPACoreMetadataParserTest.java
@@ -1,29 +1,29 @@
 package org.owasp.dependencycheck.utils;
 
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.StringReader;
 import java.util.Properties;
 
-import static org.junit.Assert.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
-public class PyPACoreMetadataParserTest {
+class PyPACoreMetadataParserTest {
 
     @Test
-    public void getProperties_should_throw_exception_for_too_large_major() throws IOException {
-        try {
-            PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader("Metadata-Version: 3.0")));
-            Assert.fail("Expected IllegalArgumentException for too large major in Metadata-Version");
-        } catch (IllegalArgumentException e) {
-            Assert.assertTrue(e.getMessage().contains("Unsupported PyPA Wheel metadata"));
-        }
+    void getProperties_should_throw_exception_for_too_large_major() {
+        IllegalArgumentException e = assertThrows(IllegalArgumentException.class,
+                () -> PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader("Metadata-Version: 3.0"))),
+                "Expected IllegalArgumentException for too large major in Metadata-Version");
+        assertTrue(e.getMessage().contains("Unsupported PyPA Wheel metadata"));
     }
 
     @Test
-    public void getProperties_should_properly_parse_multiline_description() throws IOException {
+    void getProperties_should_properly_parse_multiline_description() throws IOException {
         String payload = "Metadata-Version: 1.0\r\n"
                          + "Description: This is the first line\r\n"
                          + "       | and this the second\r\n"
@@ -32,38 +32,40 @@ public void getProperties_should_properly_parse_multiline_description() throws I
                          + "\r\n"
                          + "This: is the body and it is ignored. It may contain an extensive description in various formats";
         Properties props = PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader(payload)));
-        Assert.assertEquals("1.0", props.get("Metadata-Version"));
-        Assert.assertEquals("This is the first line\n"
+        assertEquals("1.0", props.get("Metadata-Version"));
+        assertEquals("This is the first line\n"
                             + " and this the second\n"
                             + "\n"
                             + " and the fourth after an empty third", props.get("Description"));
-        Assert.assertFalse("Body was parsed as a header", props.containsKey("This"));
+        assertFalse(props.containsKey("This"), "Body was parsed as a header");
     }
 
     @Test
-    public void getProperties_should_support_colon_in_headerValue() throws IOException {
+    void getProperties_should_support_colon_in_headerValue() throws IOException {
         String payload = "Metadata-Version: 2.2\r\n"
                          + "Description: My value contains a : colon\r\n";
         Properties props = PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader(payload)));
-        Assert.assertEquals("2.2", props.getProperty("Metadata-Version"));
-        Assert.assertEquals("My value contains a : colon", props.getProperty("Description"));
+        assertEquals("2.2", props.getProperty("Metadata-Version"));
+        assertEquals("My value contains a : colon", props.getProperty("Description"));
     }
+
     @Test
-    public void getProperties_should_support_folding_in_headerValue() throws IOException {
+    void getProperties_should_support_folding_in_headerValue() throws IOException {
         String payload = "Metadata-Version: 2\r\n"
                          + " .2\r\n"
                          + "Description: My value\r\n"
                          + "  contains a \r\n"
                          + " : colon\r\n";
         Properties props = PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader(payload)));
-        Assert.assertEquals("2.2", props.getProperty("Metadata-Version"));
-        Assert.assertEquals("My value contains a : colon", props.getProperty("Description"));
+        assertEquals("2.2", props.getProperty("Metadata-Version"));
+        assertEquals("My value contains a : colon", props.getProperty("Description"));
     }
+
     @Test
-    public void getProperties_should_support_newer_minors() throws IOException {
+    void getProperties_should_support_newer_minors() throws IOException {
         String payload = "Metadata-Version: 2\r\n"
                          + " .5\r\n";
         Properties props = PyPACoreMetadataParser.getProperties(new BufferedReader(new StringReader(payload)));
-        Assert.assertEquals("2.5", props.getProperty("Metadata-Version"));
+        assertEquals("2.5", props.getProperty("Metadata-Version"));
     }
 }
\ No newline at end of file
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
index 90d7e3a8951..d333dd50ffb 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
@@ -13,34 +13,35 @@
  */
 package org.owasp.dependencycheck.utils;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.semver4j.Semver;
 
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class SemverTest {
+class SemverTest {
 
     /**
      * Test of semver4j. See https://github.com/dependency-check/DependencyCheck/issues/5128#issuecomment-1343080426
      */
     @Test
-    public void testSemver() {
+    void testSemver() {
         Semver semver = new Semver("3.1.4");
         assertTrue(semver.satisfies("^3.0.0-0"));
     }
+
     /**
      * Test of semver4j. See https://github.com/dependency-check/DependencyCheck/issues/5158
      */
     @Test
-    public void testSemverComplex() {
+    void testSemverComplex() {
         Semver semver = new Semver("18.11.5");
         assertFalse(semver.satisfies("^14.14.20 || ^16.0.0"));
-        
+
         semver = new Semver("14.15.0");
         assertTrue(semver.satisfies("^14.14.20 || ^16.0.0"));
     }
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/SeverityUtilTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/SeverityUtilTest.java
index 82e975ef6cb..bb35f710563 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/SeverityUtilTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/SeverityUtilTest.java
@@ -18,20 +18,21 @@
 package org.owasp.dependencycheck.utils;
 
 import org.hamcrest.Matchers;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
+
 import static org.hamcrest.MatcherAssert.assertThat;
 
 /**
  *
  * @author Jeremy Long
  */
-public class SeverityUtilTest {
+class SeverityUtilTest {
 
     /**
      * Test of estimateCvssV2 method, of class SeverityUtil.
      */
     @Test
-    public void testEstimateCvssV2() {
+    void testEstimateCvssV2() {
         String severity = null;
         double expResult = 0.0;
         Double result = SeverityUtil.estimateCvssV2(severity);
diff --git a/core/src/test/java/org/owasp/dependencycheck/utils/UrlStringUtilsTest.java b/core/src/test/java/org/owasp/dependencycheck/utils/UrlStringUtilsTest.java
index 2487c8b47b5..2dcbe2ca787 100644
--- a/core/src/test/java/org/owasp/dependencycheck/utils/UrlStringUtilsTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/utils/UrlStringUtilsTest.java
@@ -17,22 +17,26 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+
 import java.util.Arrays;
 import java.util.List;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author jeremy long
  */
-public class UrlStringUtilsTest {
+class UrlStringUtilsTest {
 
     /**
      * Test of containsUrl method, of class UrlStringUtils.
      */
     @Test
-    public void testContainsUrl() {
+    void testContainsUrl() {
         String text = "Test of https://github.com";
         assertTrue(UrlStringUtils.containsUrl(text));
         text = "Test of github.com";
@@ -43,7 +47,7 @@ public void testContainsUrl() {
      * Test of isUrl method, of class UrlStringUtils.
      */
     @Test
-    public void testIsUrl() {
+    void testIsUrl() {
         String text = "https://github.com";
         assertTrue(UrlStringUtils.isUrl(text));
         text = "simple text";
@@ -54,17 +58,17 @@ public void testIsUrl() {
      * Test of extractImportantUrlData method, of class UrlStringUtils.
      */
     @Test
-    public void testExtractImportantUrlData() throws Exception {
+    void testExtractImportantUrlData() throws Exception {
         String text = "http://github.com/dependency-check/DependencyCheck/.gitignore";
         List<String> expResult = Arrays.asList("dependency-check", "DependencyCheck", "gitignore");
         List<String> result = UrlStringUtils.extractImportantUrlData(text);
         assertEquals(expResult, result);
-        
+
         text = "https://dependency-check.github.io/DependencyCheck/index.html";
         expResult = Arrays.asList("dependency-check", "DependencyCheck", "index");
         result = UrlStringUtils.extractImportantUrlData(text);
         assertEquals(expResult, result);
-        
+
         text = "http://example.com/dependency-check/DependencyCheck/something";
         expResult = Arrays.asList("example", "dependency-check", "DependencyCheck", "something");
         result = UrlStringUtils.extractImportantUrlData(text);
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/XmlEntityTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/XmlEntityTest.java
index 6d143ddd8ed..5b297fe45a7 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/XmlEntityTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/XmlEntityTest.java
@@ -17,20 +17,21 @@
  */
 package org.owasp.dependencycheck.xml;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class XmlEntityTest {
+class XmlEntityTest {
 
     /**
      * Test of fromNamedReference method, of class XmlEntity.
      */
     @Test
-    public void testFromNamedReference() {
+    void testFromNamedReference() {
         CharSequence s = null;
         String expResult = null;
         String result = XmlEntity.fromNamedReference(s);
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/XmlInputStreamTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/XmlInputStreamTest.java
index 669c66e480c..9ee61e12f70 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/XmlInputStreamTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/XmlInputStreamTest.java
@@ -17,24 +17,28 @@
  */
 package org.owasp.dependencycheck.xml;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class XmlInputStreamTest {
+class XmlInputStreamTest {
 
     /**
      * Test of length method, of class XmlInputStream.
      */
     @Test
-    public void testLength() {
+    void testLength() {
         String data = "";
         InputStream stream = new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8));
         XmlInputStream instance = new XmlInputStream(stream);
@@ -53,7 +57,7 @@ public void testLength() {
      * Test of read method, of class XmlInputStream.
      */
     @Test
-    public void testRead_0args() throws Exception {
+    void testRead_0args() throws Exception {
         String data = "";
         InputStream stream = new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8));
         XmlInputStream instance = new XmlInputStream(stream);
@@ -73,7 +77,7 @@ public void testRead_0args() throws Exception {
      * Test of read method, of class XmlInputStream.
      */
     @Test
-    public void testRead_3args() throws Exception {
+    void testRead_3args() throws Exception {
         byte[] data = new byte[10];
         int offset = 0;
         int length = 10;
@@ -85,8 +89,8 @@ public void testRead_3args() throws Exception {
         int result = instance.read(data, offset, length);
         assertEquals(expResult, result);
         assertArrayEquals(expected, data);
-        
-        
+
+
         data = new byte[5];
         offset = 0;
         length = 5;
@@ -98,7 +102,7 @@ public void testRead_3args() throws Exception {
         result = instance.read(data, offset, length);
         assertEquals(expResult, result);
         assertArrayEquals(expected, data);
-        
+
         data = new byte[10];
         offset = 0;
         length = 10;
@@ -116,7 +120,7 @@ public void testRead_3args() throws Exception {
      * Test of toString method, of class XmlInputStream.
      */
     @Test
-    public void testToString() throws IOException {
+    void testToString() throws IOException {
         String data = "test";
         InputStream stream = new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8));
         XmlInputStream instance = new XmlInputStream(stream);
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokHandlerTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokHandlerTest.java
index 72ebc353bcd..3dd5064d712 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokHandlerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokHandlerTest.java
@@ -17,25 +17,27 @@
  */
 package org.owasp.dependencycheck.xml.assembly;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.utils.XmlUtils;
+import org.xml.sax.InputSource;
+import org.xml.sax.XMLReader;
+
+import javax.xml.parsers.SAXParser;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
 import java.nio.charset.StandardCharsets;
-import javax.xml.parsers.SAXParser;
-import static org.junit.Assert.assertEquals;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.utils.XmlUtils;
-import org.xml.sax.InputSource;
-import org.xml.sax.XMLReader;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class GrokHandlerTest extends BaseTest {
+class GrokHandlerTest extends BaseTest {
 
     /**
      * Test of getSuppressionRules method, of class SuppressionHandler.
@@ -43,7 +45,7 @@ public class GrokHandlerTest extends BaseTest {
      * @throws Exception thrown if there is an exception....
      */
     @Test
-    public void testHandler() throws Exception {
+    void testHandler() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "assembly/sample-grok.xml");
         InputStream schemaStream = BaseTest.getResourceAsStream(this, "schema/grok-assembly.1.0.xsd");
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokParserTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokParserTest.java
index 3bb7f284865..f8a904f9208 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/assembly/GrokParserTest.java
@@ -17,24 +17,25 @@
  */
 package org.owasp.dependencycheck.xml.assembly;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
-import org.junit.Assert;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * Test of the Grok Assembly parser.
  *
  * @author Jeremy Long
  */
-public class GrokParserTest extends BaseTest {
+class GrokParserTest extends BaseTest {
 
     @Test
-    public void testParseSuppressionRulesV1dot0() throws Exception {
+    void testParseSuppressionRulesV1dot0() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "assembly/sample-grok-error.xml");
         GrokParser instance = new GrokParser();
         AssemblyData result = instance.parse(file);
-        Assert.assertEquals("Unable to process file", result.getError());
+        assertEquals("Unable to process file", result.getError());
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/hints/EvidenceMatcherTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/hints/EvidenceMatcherTest.java
index 68568803050..452cbadc63c 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/hints/EvidenceMatcherTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/hints/EvidenceMatcherTest.java
@@ -17,18 +17,19 @@
  */
 package org.owasp.dependencycheck.xml.hints;
 
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.dependency.Confidence;
 import org.owasp.dependencycheck.dependency.Evidence;
 
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  * Unit tests for {@link EvidenceMatcher}.
- * 
+ *
  * @author Hans Aikema
  */
-public class EvidenceMatcherTest {
+class EvidenceMatcherTest {
 
     private static final Evidence EVIDENCE_HIGHEST = new Evidence("source", "name", "value", Confidence.HIGHEST);
     private static final Evidence EVIDENCE_HIGH = new Evidence("source", "name", "value", Confidence.HIGH);
@@ -44,76 +45,76 @@ public class EvidenceMatcherTest {
     private static final Evidence REGEX_EVIDENCE_LOW = new Evidence("source", "name", "val that should not match", Confidence.LOW);
 
     @Test
-    public void testExactMatching() throws Exception {
+    void testExactMatching() {
         final EvidenceMatcher exactMatcherHighest = new EvidenceMatcher("source", "name", "value", false, Confidence.HIGHEST);
-        assertTrue("exact matcher should match EVIDENCE_HIGHEST", exactMatcherHighest.matches(EVIDENCE_HIGHEST));
-        assertFalse("exact matcher should not match EVIDENCE_HIGH", exactMatcherHighest.matches(EVIDENCE_HIGH));
-        assertFalse("exact matcher should not match EVIDENCE_MEDIUM", exactMatcherHighest.matches(EVIDENCE_MEDIUM));
-        assertFalse("exact matcher should not match EVIDENCE_MEDIUM_SECOND_SOURCE", exactMatcherHighest.matches(EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertFalse("exact matcher should not match EVIDENCE_LOW", exactMatcherHighest.matches(EVIDENCE_LOW));
+        assertTrue(exactMatcherHighest.matches(EVIDENCE_HIGHEST), "exact matcher should match EVIDENCE_HIGHEST");
+        assertFalse(exactMatcherHighest.matches(EVIDENCE_HIGH), "exact matcher should not match EVIDENCE_HIGH");
+        assertFalse(exactMatcherHighest.matches(EVIDENCE_MEDIUM), "exact matcher should not match EVIDENCE_MEDIUM");
+        assertFalse(exactMatcherHighest.matches(EVIDENCE_MEDIUM_SECOND_SOURCE), "exact matcher should not match EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertFalse(exactMatcherHighest.matches(EVIDENCE_LOW), "exact matcher should not match EVIDENCE_LOW");
     }
 
     @Test
-    public void testWildcardConfidenceMatching() throws Exception {
+    void testWildcardConfidenceMatching() {
         final EvidenceMatcher wildcardCofidenceMatcher = new EvidenceMatcher("source", "name", "value", false, null);
-        assertTrue("wildcard confidence matcher should match EVIDENCE_HIGHEST", wildcardCofidenceMatcher.matches(EVIDENCE_HIGHEST));
-        assertTrue("wildcard confidence matcher should match EVIDENCE_HIGH", wildcardCofidenceMatcher.matches(EVIDENCE_HIGH));
-        assertTrue("wildcard confidence matcher should match EVIDENCE_MEDIUM", wildcardCofidenceMatcher.matches(EVIDENCE_MEDIUM));
-        assertFalse("wildcard confidence matcher should not match EVIDENCE_MEDIUM_SECOND_SOURCE", wildcardCofidenceMatcher.matches(EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertTrue("wildcard confidence matcher should match EVIDENCE_LOW", wildcardCofidenceMatcher.matches(EVIDENCE_LOW));
+        assertTrue(wildcardCofidenceMatcher.matches(EVIDENCE_HIGHEST), "wildcard confidence matcher should match EVIDENCE_HIGHEST");
+        assertTrue(wildcardCofidenceMatcher.matches(EVIDENCE_HIGH), "wildcard confidence matcher should match EVIDENCE_HIGH");
+        assertTrue(wildcardCofidenceMatcher.matches(EVIDENCE_MEDIUM), "wildcard confidence matcher should match EVIDENCE_MEDIUM");
+        assertFalse(wildcardCofidenceMatcher.matches(EVIDENCE_MEDIUM_SECOND_SOURCE), "wildcard confidence matcher should not match EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertTrue(wildcardCofidenceMatcher.matches(EVIDENCE_LOW), "wildcard confidence matcher should match EVIDENCE_LOW");
     }
 
     @Test
-    public void testWildcardSourceMatching() throws Exception {
+    void testWildcardSourceMatching() {
         final EvidenceMatcher wildcardSourceMatcher = new EvidenceMatcher(null, "name", "value", false, Confidence.MEDIUM);
-        assertFalse("wildcard source matcher should not match EVIDENCE_HIGHEST", wildcardSourceMatcher.matches(EVIDENCE_HIGHEST));
-        assertFalse("wildcard source matcher should not match EVIDENCE_HIGH", wildcardSourceMatcher.matches(EVIDENCE_HIGH));
-        assertTrue("wildcard source matcher should match EVIDENCE_MEDIUM", wildcardSourceMatcher.matches(EVIDENCE_MEDIUM));
-        assertTrue("wildcard source matcher should match EVIDENCE_MEDIUM_SECOND_SOURCE", wildcardSourceMatcher.matches(EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertFalse("wildcard source matcher should not match EVIDENCE_LOW", wildcardSourceMatcher.matches(EVIDENCE_LOW));
+        assertFalse(wildcardSourceMatcher.matches(EVIDENCE_HIGHEST), "wildcard source matcher should not match EVIDENCE_HIGHEST");
+        assertFalse(wildcardSourceMatcher.matches(EVIDENCE_HIGH), "wildcard source matcher should not match EVIDENCE_HIGH");
+        assertTrue(wildcardSourceMatcher.matches(EVIDENCE_MEDIUM), "wildcard source matcher should match EVIDENCE_MEDIUM");
+        assertTrue(wildcardSourceMatcher.matches(EVIDENCE_MEDIUM_SECOND_SOURCE), "wildcard source matcher should match EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertFalse(wildcardSourceMatcher.matches(EVIDENCE_LOW), "wildcard source matcher should not match EVIDENCE_LOW");
     }
 
     @Test
-    public void testRegExMatching() throws Exception {
+    void testRegExMatching() {
         final EvidenceMatcher regexMediumMatcher = new EvidenceMatcher("source 2", "name", ".*value.*", true, Confidence.MEDIUM);
-        assertFalse("regex medium matcher should not match REGEX_EVIDENCE_HIGHEST", regexMediumMatcher.matches(REGEX_EVIDENCE_HIGHEST));
-        assertFalse("regex medium matcher should not match REGEX_EVIDENCE_HIGH", regexMediumMatcher.matches(REGEX_EVIDENCE_HIGH));
-        assertFalse("regex medium matcher should not match REGEX_EVIDENCE_MEDIUM", regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM));
-        assertTrue("regex medium matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE", regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertFalse("regex medium matcher should not match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE", regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE));
-        assertFalse("regex medium matcher should not match REGEX_EVIDENCE_LOW", regexMediumMatcher.matches(REGEX_EVIDENCE_LOW));
+        assertFalse(regexMediumMatcher.matches(REGEX_EVIDENCE_HIGHEST), "regex medium matcher should not match REGEX_EVIDENCE_HIGHEST");
+        assertFalse(regexMediumMatcher.matches(REGEX_EVIDENCE_HIGH), "regex medium matcher should not match REGEX_EVIDENCE_HIGH");
+        assertFalse(regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM), "regex medium matcher should not match REGEX_EVIDENCE_MEDIUM");
+        assertTrue(regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE), "regex medium matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertFalse(regexMediumMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE), "regex medium matcher should not match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE");
+        assertFalse(regexMediumMatcher.matches(REGEX_EVIDENCE_LOW), "regex medium matcher should not match REGEX_EVIDENCE_LOW");
     }
 
     @Test
-    public void testRegExWildcardSourceMatching() throws Exception {
+    void testRegExWildcardSourceMatching() {
         final EvidenceMatcher regexMediumWildcardSourceMatcher = new EvidenceMatcher(null, "name", "^.*v[al]{2,2}ue[a-z ]+$", true, Confidence.MEDIUM);
-        assertFalse("regex medium wildcard source matcher should not match REGEX_EVIDENCE_HIGHEST", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST));
-        assertFalse("regex medium wildcard source matcher should not match REGEX_EVIDENCE_HIGH", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH));
-        assertFalse("regex medium wildcard source matcher should not match REGEX_EVIDENCE_MEDIUM", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM));
-        assertTrue("regex medium wildcard source matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertTrue("regex medium wildcard source matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE));
-        assertFalse("regex medium wildcard source matcher should not match REGEX_EVIDENCE_LOW", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW));
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST), "regex medium wildcard source matcher should not match REGEX_EVIDENCE_HIGHEST");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH), "regex medium wildcard source matcher should not match REGEX_EVIDENCE_HIGH");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM), "regex medium wildcard source matcher should not match REGEX_EVIDENCE_MEDIUM");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE), "regex medium wildcard source matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE), "regex medium wildcard source matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW), "regex medium wildcard source matcher should not match REGEX_EVIDENCE_LOW");
     }
 
     @Test
-    public void testRegExWildcardSourceWildcardConfidenceMatching() throws Exception {
+    void testRegExWildcardSourceWildcardConfidenceMatching() {
         final EvidenceMatcher regexMediumWildcardSourceMatcher = new EvidenceMatcher(null, "name", ".*value.*", true, null);
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_HIGHEST", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_HIGH", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH));
-        assertFalse("regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_MEDIUM", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE));
-        assertFalse("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_LOW", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW));
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_HIGHEST");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_HIGH");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM), "regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_MEDIUM");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_LOW");
     }
 
     @Test
-    public void testRegExWildcardSourceWildcardConfidenceFourMatching() throws Exception {
+    void testRegExWildcardSourceWildcardConfidenceFourMatching() {
         final EvidenceMatcher regexMediumWildcardSourceMatcher = new EvidenceMatcher(null, "name", "^.*[Vv][al]{2,2}[a-z ]+$", true, null);
-        assertFalse("regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_HIGHEST", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST));
-        assertFalse("regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_HIGH", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE));
-        assertTrue("regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_LOW", regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW));
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGHEST), "regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_HIGHEST");
+        assertFalse(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_HIGH), "regex wildcard source wildcard confidence matcher should not match REGEX_EVIDENCE_HIGH");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_SECOND_SOURCE");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_MEDIUM_THIRD_SOURCE");
+        assertTrue(regexMediumWildcardSourceMatcher.matches(REGEX_EVIDENCE_LOW), "regex wildcard source wildcard confidence matcher should match REGEX_EVIDENCE_LOW");
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintHandlerTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintHandlerTest.java
index bcab081b92c..07b63650a12 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintHandlerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintHandlerTest.java
@@ -17,36 +17,34 @@
  */
 package org.owasp.dependencycheck.xml.hints;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.XMLReader;
+
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
 import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
-import java.io.UnsupportedEncodingException;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.parsers.SAXParser;
-import javax.xml.parsers.SAXParserFactory;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
-import org.xml.sax.InputSource;
-import org.xml.sax.SAXException;
-import org.xml.sax.SAXNotRecognizedException;
-import org.xml.sax.SAXNotSupportedException;
-import org.xml.sax.XMLReader;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class HintHandlerTest extends BaseTest {
-    
+class HintHandlerTest extends BaseTest {
+
     @Test
-    public void testHandler() throws ParserConfigurationException, SAXException, IOException {
+    void testHandler() throws ParserConfigurationException, SAXException, IOException {
         File file = BaseTest.getResourceAsFile(this, "hints.xml");
         File schema = BaseTest.getResourceAsFile(this, "schema/dependency-hint.1.1.xsd");
         HintHandler handler = new HintHandler();
@@ -67,7 +65,7 @@ public void testHandler() throws ParserConfigurationException, SAXException, IOE
         xmlReader.parse(in);
 
         List<HintRule> result = handler.getHintRules();
-        assertEquals("two hint rules should have been loaded",2,result.size());
+        assertEquals(2,result.size(),"two hint rules should have been loaded");
     }
 
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintParserTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintParserTest.java
index fc9b92823cd..739b339ddd2 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/hints/HintParserTest.java
@@ -17,50 +17,54 @@
  */
 package org.owasp.dependencycheck.xml.hints;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
 import java.io.InputStream;
 import java.util.List;
-import org.junit.Assert;
-import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-import org.owasp.dependencycheck.BaseTest;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class HintParserTest extends BaseTest {
+class HintParserTest extends BaseTest {
 
     /**
      * Test of parseHints method, of class HintParser.
      */
     @Test
-    public void testParseHints_File() throws Exception {
+    void testParseHints_File() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "hints.xml");
         HintParser instance = new HintParser();
         instance.parseHints(file);
         List<HintRule> hintRules = instance.getHintRules();
         List<VendorDuplicatingHintRule> vendorRules = instance.getVendorDuplicatingHintRules();
-        assertEquals("Two duplicating hints should have been read", 2, vendorRules.size());
-        assertEquals("Two hint rules should have been read", 2, hintRules.size());
-
-        assertEquals("One add product should have been read", 1, hintRules.get(0).getAddProduct().size());
-        assertEquals("One add vendor should have been read", 1, hintRules.get(0).getAddVendor().size());
-        assertEquals("Two file name should have been read", 2, hintRules.get(1).getFileNames().size());
-
-        assertEquals("add product name not found", "add product name", hintRules.get(0).getAddProduct().get(0).getName());
-        assertEquals("add vendor name not found", "add vendor name", hintRules.get(0).getAddVendor().get(0).getName());
-        assertEquals("given product name not found", "given product name", hintRules.get(0).getGivenProduct().get(0).getName());
-        assertEquals("given vendor name not found", "given vendor name", hintRules.get(0).getGivenVendor().get(0).getName());
-
-        assertEquals("spring file name not found", "spring", hintRules.get(1).getFileNames().get(0).getValue());
-        assertEquals("file name 1 should not be case sensitive", false, hintRules.get(1).getFileNames().get(0).isCaseSensitive());
-        assertEquals("file name 1 should not be a regex", false, hintRules.get(1).getFileNames().get(0).isRegex());
-        assertEquals("file name 2 should be case sensitive", true, hintRules.get(1).getFileNames().get(1).isCaseSensitive());
-        assertEquals("file name 2 should be a regex", true, hintRules.get(1).getFileNames().get(1).isRegex());
-
-        assertEquals("sun duplicating vendor", "sun", vendorRules.get(0).getValue());
-        assertEquals("sun duplicates vendor oracle", "oracle", vendorRules.get(0).getDuplicate());
+        assertEquals(2, vendorRules.size(), "Two duplicating hints should have been read");
+        assertEquals(2, hintRules.size(), "Two hint rules should have been read");
+
+        assertEquals(1, hintRules.get(0).getAddProduct().size(), "One add product should have been read");
+        assertEquals(1, hintRules.get(0).getAddVendor().size(), "One add vendor should have been read");
+        assertEquals(2, hintRules.get(1).getFileNames().size(), "Two file name should have been read");
+
+        assertEquals("add product name", hintRules.get(0).getAddProduct().get(0).getName(), "add product name not found");
+        assertEquals("add vendor name", hintRules.get(0).getAddVendor().get(0).getName(), "add vendor name not found");
+        assertEquals("given product name", hintRules.get(0).getGivenProduct().get(0).getName(), "given product name not found");
+        assertEquals("given vendor name", hintRules.get(0).getGivenVendor().get(0).getName(), "given vendor name not found");
+
+        assertEquals("spring", hintRules.get(1).getFileNames().get(0).getValue(), "spring file name not found");
+        assertFalse(hintRules.get(1).getFileNames().get(0).isCaseSensitive(), "file name 1 should not be case sensitive");
+        assertFalse(hintRules.get(1).getFileNames().get(0).isRegex(), "file name 1 should not be a regex");
+        assertTrue(hintRules.get(1).getFileNames().get(1).isCaseSensitive(), "file name 2 should be case sensitive");
+        assertTrue(hintRules.get(1).getFileNames().get(1).isRegex(), "file name 2 should be a regex");
+
+        assertEquals("sun", vendorRules.get(0).getValue(), "sun duplicating vendor");
+        assertEquals("oracle", vendorRules.get(0).getDuplicate(), "sun duplicates vendor oracle");
     }
 
     /**
@@ -75,11 +79,11 @@ public void testParseHints_File() throws Exception {
      * error-message of the SAXParser in the exception's message.
      */
     @Test
-    public void testParseHintsXSDSelection() throws Exception {
+    void testParseHintsXSDSelection() {
         File file = BaseTest.getResourceAsFile(this, "hints_invalid.xml");
         HintParser instance = new HintParser();
-        Exception exception = Assert.assertThrows(org.owasp.dependencycheck.xml.hints.HintParseException.class, () -> instance.parseHints(file));
-        Assert.assertTrue(exception.getMessage().contains("Line=7, Column=133: cvc-enumeration-valid: Value 'version' is not facet-valid with respect to enumeration '[vendor, product]'. It must be a value from the enumeration."));
+        Exception exception = assertThrows(org.owasp.dependencycheck.xml.hints.HintParseException.class, () -> instance.parseHints(file));
+        assertTrue(exception.getMessage().contains("Line=7, Column=133: cvc-enumeration-valid: Value 'version' is not facet-valid with respect to enumeration '[vendor, product]'. It must be a value from the enumeration."));
 
     }
 
@@ -87,50 +91,50 @@ public void testParseHintsXSDSelection() throws Exception {
      * Test of parseHints method, of class HintParser.
      */
     @Test
-    public void testParseHints_InputStream() throws Exception {
+    void testParseHints_InputStream() throws Exception {
         InputStream ins = BaseTest.getResourceAsStream(this, "hints_12.xml");
         HintParser instance = new HintParser();
         instance.parseHints(ins);
         List<HintRule> hintRules = instance.getHintRules();
         List<VendorDuplicatingHintRule> vendorRules = instance.getVendorDuplicatingHintRules();
-        assertEquals("Zero duplicating hints should have been read", 0, vendorRules.size());
-        assertEquals("Two hint rules should have been read", 2, hintRules.size());
+        assertEquals(0, vendorRules.size(), "Zero duplicating hints should have been read");
+        assertEquals(2, hintRules.size(), "Two hint rules should have been read");
 
-        assertEquals("One given product should have been read in hint 0", 1, hintRules.get(0).getGivenProduct().size());
-        assertEquals("One given vendor should have been read in hint 0", 1, hintRules.get(0).getGivenVendor().size());
-        assertEquals("One given version should have been read in hint 0", 1, hintRules.get(0).getGivenVersion().size());
+        assertEquals(1, hintRules.get(0).getGivenProduct().size(), "One given product should have been read in hint 0");
+        assertEquals(1, hintRules.get(0).getGivenVendor().size(), "One given vendor should have been read in hint 0");
+        assertEquals(1, hintRules.get(0).getGivenVersion().size(), "One given version should have been read in hint 0");
 
-        assertEquals("One add product should have been read in hint 0", 1, hintRules.get(0).getAddProduct().size());
-        assertEquals("One add vendor should have been read in hint 0", 1, hintRules.get(0).getAddVendor().size());
-        assertEquals("One add version should have been read in hint 0", 1, hintRules.get(0).getAddVersion().size());
-        assertEquals("Zero remove product should have been read in hint 0", 0, hintRules.get(0).getRemoveProduct().size());
-        assertEquals("Zero remove vendor should have been read in hint 0", 0, hintRules.get(0).getRemoveVendor().size());
-        assertEquals("Zero remove version should have been read in hint 0", 0, hintRules.get(0).getRemoveVersion().size());
+        assertEquals(1, hintRules.get(0).getAddProduct().size(), "One add product should have been read in hint 0");
+        assertEquals(1, hintRules.get(0).getAddVendor().size(), "One add vendor should have been read in hint 0");
+        assertEquals(1, hintRules.get(0).getAddVersion().size(), "One add version should have been read in hint 0");
+        assertEquals(0, hintRules.get(0).getRemoveProduct().size(), "Zero remove product should have been read in hint 0");
+        assertEquals(0, hintRules.get(0).getRemoveVendor().size(), "Zero remove vendor should have been read in hint 0");
+        assertEquals(0, hintRules.get(0).getRemoveVersion().size(), "Zero remove version should have been read in hint 0");
 
-        assertEquals("Zero given product should have been read in hint 1", 0, hintRules.get(1).getGivenProduct().size());
-        assertEquals("Zero given vendor should have been read in hint 1", 0, hintRules.get(1).getGivenVendor().size());
-        assertEquals("One given version should have been read in hint 1", 1, hintRules.get(1).getGivenVersion().size());
+        assertEquals(0, hintRules.get(1).getGivenProduct().size(), "Zero given product should have been read in hint 1");
+        assertEquals(0, hintRules.get(1).getGivenVendor().size(), "Zero given vendor should have been read in hint 1");
+        assertEquals(1, hintRules.get(1).getGivenVersion().size(), "One given version should have been read in hint 1");
 
-        assertEquals("One remove product should have been read in hint 1", 1, hintRules.get(1).getRemoveProduct().size());
-        assertEquals("One remove vendor should have been read in hint 1", 1, hintRules.get(1).getRemoveVendor().size());
-        assertEquals("One remove version should have been read in hint 1", 1, hintRules.get(1).getRemoveVersion().size());
-        assertEquals("Zero add product should have been read in hint 1", 0, hintRules.get(1).getAddProduct().size());
-        assertEquals("Zero add vendor should have been read in hint 1", 0, hintRules.get(1).getAddVendor().size());
-        assertEquals("Zero add version should have been read in hint 1", 0, hintRules.get(1).getAddVersion().size());
+        assertEquals(1, hintRules.get(1).getRemoveProduct().size(), "One remove product should have been read in hint 1");
+        assertEquals(1, hintRules.get(1).getRemoveVendor().size(), "One remove vendor should have been read in hint 1");
+        assertEquals(1, hintRules.get(1).getRemoveVersion().size(), "One remove version should have been read in hint 1");
+        assertEquals(0, hintRules.get(1).getAddProduct().size(), "Zero add product should have been read in hint 1");
+        assertEquals(0, hintRules.get(1).getAddVendor().size(), "Zero add vendor should have been read in hint 1");
+        assertEquals(0, hintRules.get(1).getAddVersion().size(), "Zero add version should have been read in hint 1");
 
-        assertEquals("add product name not found in hint 0", "add product name", hintRules.get(0).getAddProduct().get(0).getName());
-        assertEquals("add vendor name not found in hint 0", "add vendor name", hintRules.get(0).getAddVendor().get(0).getName());
-        assertEquals("add version name not found in hint 0", "add version name", hintRules.get(0).getAddVersion().get(0).getName());
+        assertEquals("add product name", hintRules.get(0).getAddProduct().get(0).getName(), "add product name not found in hint 0");
+        assertEquals("add vendor name", hintRules.get(0).getAddVendor().get(0).getName(), "add vendor name not found in hint 0");
+        assertEquals("add version name", hintRules.get(0).getAddVersion().get(0).getName(), "add version name not found in hint 0");
 
-        assertEquals("given product name not found in hint 0", "given product name", hintRules.get(0).getGivenProduct().get(0).getName());
-        assertEquals("given vendor name not found in hint 0", "given vendor name", hintRules.get(0).getGivenVendor().get(0).getName());
-        assertEquals("given version name not found in hint 0", "given version name", hintRules.get(0).getGivenVersion().get(0).getName());
+        assertEquals("given product name", hintRules.get(0).getGivenProduct().get(0).getName(), "given product name not found in hint 0");
+        assertEquals("given vendor name", hintRules.get(0).getGivenVendor().get(0).getName(), "given vendor name not found in hint 0");
+        assertEquals("given version name", hintRules.get(0).getGivenVersion().get(0).getName(), "given version name not found in hint 0");
 
-        assertEquals("given version name not found in hint 1", "given version name", hintRules.get(1).getGivenVersion().get(0).getName());
+        assertEquals("given version name", hintRules.get(1).getGivenVersion().get(0).getName(), "given version name not found in hint 1");
 
-        assertEquals("add product name not found in hint 1", "remove product name", hintRules.get(1).getRemoveProduct().get(0).getName());
-        assertEquals("add vendor name not found in hint 1", "remove vendor name", hintRules.get(1).getRemoveVendor().get(0).getName());
-        assertEquals("add version name not found in hint 1", "remove version name", hintRules.get(1).getRemoveVersion().get(0).getName());
+        assertEquals("remove product name", hintRules.get(1).getRemoveProduct().get(0).getName(), "add product name not found in hint 1");
+        assertEquals("remove vendor name", hintRules.get(1).getRemoveVendor().get(0).getName(), "add vendor name not found in hint 1");
+        assertEquals("remove version name", hintRules.get(1).getRemoveVersion().get(0).getName(), "add version name not found in hint 1");
 
     }
 
@@ -138,58 +142,58 @@ public void testParseHints_InputStream() throws Exception {
      * Test of parseHints method, of class HintParser.
      */
     @Test
-    public void testParseHintsWithRegex() throws Exception {
+    void testParseHintsWithRegex() throws Exception {
         InputStream ins = BaseTest.getResourceAsStream(this, "hints_13.xml");
         HintParser instance = new HintParser();
         instance.parseHints(ins);
         List<VendorDuplicatingHintRule> vendor = instance.getVendorDuplicatingHintRules();
         List<HintRule> rules = instance.getHintRules();
 
-        assertEquals("Zero duplicating hints should have been read", 0, vendor.size());
-        assertEquals("Two hint rules should have been read", 2, rules.size());
-
-        assertEquals("One given product should have been read in hint 0", 1, rules.get(0).getGivenProduct().size());
-        assertEquals("One given vendor should have been read in hint 0", 1, rules.get(0).getGivenVendor().size());
-        assertEquals("One given version should have been read in hint 0", 1, rules.get(0).getGivenVersion().size());
-
-        assertEquals("One add product should have been read in hint 0", 1, rules.get(0).getAddProduct().size());
-        assertEquals("One add vendor should have been read in hint 0", 1, rules.get(0).getAddVendor().size());
-        assertEquals("One add version should have been read in hint 0", 1, rules.get(0).getAddVersion().size());
-        assertEquals("Zero remove product should have been read in hint 0", 0, rules.get(0).getRemoveProduct().size());
-        assertEquals("Zero remove vendor should have been read in hint 0", 0, rules.get(0).getRemoveVendor().size());
-        assertEquals("Zero remove version should have been read in hint 0", 0, rules.get(0).getRemoveVersion().size());
-
-        assertEquals("Zero given product should have been read in hint 1", 0, rules.get(1).getGivenProduct().size());
-        assertEquals("Zero given vendor should have been read in hint 1", 0, rules.get(1).getGivenVendor().size());
-        assertEquals("One given version should have been read in hint 1", 1, rules.get(1).getGivenVersion().size());
-
-        assertEquals("One remove product should have been read in hint 1", 1, rules.get(1).getRemoveProduct().size());
-        assertEquals("One remove vendor should have been read in hint 1", 1, rules.get(1).getRemoveVendor().size());
-        assertEquals("One remove version should have been read in hint 1", 1, rules.get(1).getRemoveVersion().size());
-        assertEquals("Zero add product should have been read in hint 1", 0, rules.get(1).getAddProduct().size());
-        assertEquals("Zero add vendor should have been read in hint 1", 0, rules.get(1).getAddVendor().size());
-        assertEquals("Zero add version should have been read in hint 1", 0, rules.get(1).getAddVersion().size());
-
-        assertEquals("add product name not found in hint 0", "add product name", rules.get(0).getAddProduct().get(0).getName());
-        assertEquals("add vendor name not found in hint 0", "add vendor name", rules.get(0).getAddVendor().get(0).getName());
-        assertEquals("add version name not found in hint 0", "add version name", rules.get(0).getAddVersion().get(0).getName());
-
-        assertEquals("given product name not found in hint 0", "given product name", rules.get(0).getGivenProduct().get(0).getName());
-        assertEquals("value not registered to be a regex for given product in hint 0", true, rules.get(0).getGivenProduct().get(0).isRegex());
-        assertEquals("given vendor name not found in hint 0", "given vendor name", rules.get(0).getGivenVendor().get(0).getName());
-        assertEquals("value not registered to be a regex for given vendor in hint 0", true, rules.get(0).getGivenVendor().get(0).isRegex());
-        assertEquals("given version name not found in hint 0", "given version name", rules.get(0).getGivenVersion().get(0).getName());
-        assertEquals("value not registered to not be a regex for given version in hint 0", false, rules.get(0).getGivenVersion().get(0).isRegex());
-
-        assertEquals("given version name not found in hint 1", "given version name", rules.get(1).getGivenVersion().get(0).getName());
-        assertEquals("value not registered to not be a regex by default for given version in hint 1", false, rules.get(1).getRemoveProduct().get(0).isRegex());
-
-        assertEquals("remove product name not found in hint 1", "remove product name", rules.get(1).getRemoveProduct().get(0).getName());
-        assertEquals("value not registered to not be a regex for product removal in hint 1", false, rules.get(1).getRemoveProduct().get(0).isRegex());
-        assertEquals("remove vendor name not found in hint 1", "remove vendor name", rules.get(1).getRemoveVendor().get(0).getName());
-        assertEquals("value not registered to not be a regex for vendor removal in hint 1", false, rules.get(1).getRemoveVendor().get(0).isRegex());
-        assertEquals("remove version name not found in hint 1", "remove version name", rules.get(1).getRemoveVersion().get(0).getName());
-        assertEquals("value not defaulted to not be a regex for vendor removal in hint 1", false, rules.get(1).getRemoveVersion().get(0).isRegex());
+        assertEquals(0, vendor.size(), "Zero duplicating hints should have been read");
+        assertEquals(2, rules.size(), "Two hint rules should have been read");
+
+        assertEquals(1, rules.get(0).getGivenProduct().size(), "One given product should have been read in hint 0");
+        assertEquals(1, rules.get(0).getGivenVendor().size(), "One given vendor should have been read in hint 0");
+        assertEquals(1, rules.get(0).getGivenVersion().size(), "One given version should have been read in hint 0");
+
+        assertEquals(1, rules.get(0).getAddProduct().size(), "One add product should have been read in hint 0");
+        assertEquals(1, rules.get(0).getAddVendor().size(), "One add vendor should have been read in hint 0");
+        assertEquals(1, rules.get(0).getAddVersion().size(), "One add version should have been read in hint 0");
+        assertEquals(0, rules.get(0).getRemoveProduct().size(), "Zero remove product should have been read in hint 0");
+        assertEquals(0, rules.get(0).getRemoveVendor().size(), "Zero remove vendor should have been read in hint 0");
+        assertEquals(0, rules.get(0).getRemoveVersion().size(), "Zero remove version should have been read in hint 0");
+
+        assertEquals(0, rules.get(1).getGivenProduct().size(), "Zero given product should have been read in hint 1");
+        assertEquals(0, rules.get(1).getGivenVendor().size(), "Zero given vendor should have been read in hint 1");
+        assertEquals(1, rules.get(1).getGivenVersion().size(), "One given version should have been read in hint 1");
+
+        assertEquals(1, rules.get(1).getRemoveProduct().size(), "One remove product should have been read in hint 1");
+        assertEquals(1, rules.get(1).getRemoveVendor().size(), "One remove vendor should have been read in hint 1");
+        assertEquals(1, rules.get(1).getRemoveVersion().size(), "One remove version should have been read in hint 1");
+        assertEquals(0, rules.get(1).getAddProduct().size(), "Zero add product should have been read in hint 1");
+        assertEquals(0, rules.get(1).getAddVendor().size(), "Zero add vendor should have been read in hint 1");
+        assertEquals(0, rules.get(1).getAddVersion().size(), "Zero add version should have been read in hint 1");
+
+        assertEquals("add product name", rules.get(0).getAddProduct().get(0).getName(), "add product name not found in hint 0");
+        assertEquals("add vendor name", rules.get(0).getAddVendor().get(0).getName(), "add vendor name not found in hint 0");
+        assertEquals("add version name", rules.get(0).getAddVersion().get(0).getName(), "add version name not found in hint 0");
+
+        assertEquals("given product name", rules.get(0).getGivenProduct().get(0).getName(), "given product name not found in hint 0");
+        assertTrue(rules.get(0).getGivenProduct().get(0).isRegex(), "value not registered to be a regex for given product in hint 0");
+        assertEquals("given vendor name", rules.get(0).getGivenVendor().get(0).getName(), "given vendor name not found in hint 0");
+        assertTrue(rules.get(0).getGivenVendor().get(0).isRegex(), "value not registered to be a regex for given vendor in hint 0");
+        assertEquals("given version name", rules.get(0).getGivenVersion().get(0).getName(), "given version name not found in hint 0");
+        assertFalse(rules.get(0).getGivenVersion().get(0).isRegex(), "value not registered to not be a regex for given version in hint 0");
+
+        assertEquals("given version name", rules.get(1).getGivenVersion().get(0).getName(), "given version name not found in hint 1");
+        assertFalse(rules.get(1).getRemoveProduct().get(0).isRegex(), "value not registered to not be a regex by default for given version in hint 1");
+
+        assertEquals("remove product name", rules.get(1).getRemoveProduct().get(0).getName(), "remove product name not found in hint 1");
+        assertFalse(rules.get(1).getRemoveProduct().get(0).isRegex(), "value not registered to not be a regex for product removal in hint 1");
+        assertEquals("remove vendor name", rules.get(1).getRemoveVendor().get(0).getName(), "remove vendor name not found in hint 1");
+        assertFalse(rules.get(1).getRemoveVendor().get(0).isRegex(), "value not registered to not be a regex for vendor removal in hint 1");
+        assertEquals("remove version name", rules.get(1).getRemoveVersion().get(0).getName(), "remove version name not found in hint 1");
+        assertFalse(rules.get(1).getRemoveVersion().get(0).isRegex(), "value not defaulted to not be a regex for vendor removal in hint 1");
 
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java
index 26cabf49cff..5b6a0ba9a5d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/pom/ModelTest.java
@@ -17,26 +17,27 @@
  */
 package org.owasp.dependencycheck.xml.pom;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Properties;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.utils.InterpolationUtil;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 /**
  *
  * @author jeremy long
  */
-public class ModelTest extends BaseTest {
+class ModelTest extends BaseTest {
 
     /**
      * Test of getName method, of class Model.
      */
     @Test
-    public void testGetName() {
+    void testGetName() {
         Model instance = new Model();
         instance.setName("");
         String expResult = "";
@@ -48,7 +49,7 @@ public void testGetName() {
      * Test of setName method, of class Model.
      */
     @Test
-    public void testSetName() {
+    void testSetName() {
         String name = "name";
         Model instance = new Model();
         instance.setName(name);
@@ -59,7 +60,7 @@ public void testSetName() {
      * Test of getOrganization method, of class Model.
      */
     @Test
-    public void testGetOrganization() {
+    void testGetOrganization() {
         Model instance = new Model();
         instance.setOrganization("");
         String expResult = "";
@@ -71,7 +72,7 @@ public void testGetOrganization() {
      * Test of setOrganization method, of class Model.
      */
     @Test
-    public void testSetOrganization() {
+    void testSetOrganization() {
         String organization = "apache";
         Model instance = new Model();
         instance.setOrganization(organization);
@@ -82,7 +83,7 @@ public void testSetOrganization() {
      * Test of getDescription method, of class Model.
      */
     @Test
-    public void testGetDescription() {
+    void testGetDescription() {
         Model instance = new Model();
         instance.setDescription("");
         String expResult = "";
@@ -94,7 +95,7 @@ public void testGetDescription() {
      * Test of setDescription method, of class Model.
      */
     @Test
-    public void testSetDescription() {
+    void testSetDescription() {
         String description = "description";
         String expected = "description";
         Model instance = new Model();
@@ -106,7 +107,7 @@ public void testSetDescription() {
      * Test of getGroupId method, of class Model.
      */
     @Test
-    public void testGetGroupId() {
+    void testGetGroupId() {
         Model instance = new Model();
         instance.setGroupId("");
         String expResult = "";
@@ -118,7 +119,7 @@ public void testGetGroupId() {
      * Test of setGroupId method, of class Model.
      */
     @Test
-    public void testSetGroupId() {
+    void testSetGroupId() {
         String groupId = "aaa";
         String expected = "aaa";
         Model instance = new Model();
@@ -130,7 +131,7 @@ public void testSetGroupId() {
      * Test of getArtifactId method, of class Model.
      */
     @Test
-    public void testGetArtifactId() {
+    void testGetArtifactId() {
         Model instance = new Model();
         instance.setArtifactId("");
         String expResult = "";
@@ -142,7 +143,7 @@ public void testGetArtifactId() {
      * Test of setArtifactId method, of class Model.
      */
     @Test
-    public void testSetArtifactId() {
+    void testSetArtifactId() {
         String artifactId = "aaa";
         String expected = "aaa";
         Model instance = new Model();
@@ -154,7 +155,7 @@ public void testSetArtifactId() {
      * Test of getVersion method, of class Model.
      */
     @Test
-    public void testGetVersion() {
+    void testGetVersion() {
         Model instance = new Model();
         instance.setVersion("");
         String expResult = "";
@@ -166,7 +167,7 @@ public void testGetVersion() {
      * Test of setVersion method, of class Model.
      */
     @Test
-    public void testSetVersion() {
+    void testSetVersion() {
         String version = "";
         Model instance = new Model();
         instance.setVersion(version);
@@ -177,7 +178,7 @@ public void testSetVersion() {
      * Test of getParentGroupId method, of class Model.
      */
     @Test
-    public void testGetParentGroupId() {
+    void testGetParentGroupId() {
         Model instance = new Model();
         instance.setParentGroupId("");
         String expResult = "";
@@ -189,7 +190,7 @@ public void testGetParentGroupId() {
      * Test of setParentGroupId method, of class Model.
      */
     @Test
-    public void testSetParentGroupId() {
+    void testSetParentGroupId() {
         String parentGroupId = "org.owasp";
         Model instance = new Model();
         instance.setParentGroupId(parentGroupId);
@@ -200,7 +201,7 @@ public void testSetParentGroupId() {
      * Test of getParentArtifactId method, of class Model.
      */
     @Test
-    public void testGetParentArtifactId() {
+    void testGetParentArtifactId() {
         Model instance = new Model();
         instance.setParentArtifactId("");
         String expResult = "";
@@ -212,7 +213,7 @@ public void testGetParentArtifactId() {
      * Test of setParentArtifactId method, of class Model.
      */
     @Test
-    public void testSetParentArtifactId() {
+    void testSetParentArtifactId() {
         String parentArtifactId = "something";
         Model instance = new Model();
         instance.setParentArtifactId(parentArtifactId);
@@ -223,7 +224,7 @@ public void testSetParentArtifactId() {
      * Test of getParentVersion method, of class Model.
      */
     @Test
-    public void testGetParentVersion() {
+    void testGetParentVersion() {
         Model instance = new Model();
         instance.setParentVersion("");
         String expResult = "";
@@ -235,7 +236,7 @@ public void testGetParentVersion() {
      * Test of setParentVersion method, of class Model.
      */
     @Test
-    public void testSetParentVersion() {
+    void testSetParentVersion() {
         String parentVersion = "1.0";
         Model instance = new Model();
         instance.setParentVersion(parentVersion);
@@ -246,7 +247,7 @@ public void testSetParentVersion() {
      * Test of getLicenses method, of class Model.
      */
     @Test
-    public void testGetLicenses() {
+    void testGetLicenses() {
         Model instance = new Model();
         instance.addLicense(new License("name", "url"));
         List<License> expResult = new ArrayList<>();
@@ -259,7 +260,7 @@ public void testGetLicenses() {
      * Test of addLicense method, of class Model.
      */
     @Test
-    public void testAddLicense() {
+    void testAddLicense() {
         License license = new License("name", "url");
         Model instance = new Model();
         instance.addLicense(license);
@@ -270,7 +271,7 @@ public void testAddLicense() {
      * Test of processProperties method, of class Model.
      */
     @Test
-    public void testProcessProperties() {
+    void testProcessProperties() {
 
         String text = "This is a test of '${key}' '${nested}'";
         Model instance = new Model();
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomParserTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomParserTest.java
index 584ccaceebe..60cc04060aa 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomParserTest.java
@@ -17,89 +17,92 @@
  */
 package org.owasp.dependencycheck.xml.pom;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
 import java.io.InputStream;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
  *
  * @author jeremy long
  */
-public class PomParserTest {
+class PomParserTest {
 
     /**
      * Test of parse method, of class PomParser.
      */
     @Test
-    public void testParse_File() throws Exception {
+    void testParse_File() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "pom/mailapi-1.4.3.pom");
         PomParser instance = new PomParser();
         String expVersion = "1.4.3";
         Model result = instance.parse(file);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+        assertEquals(expVersion, result.getParentVersion(), "Invalid version extracted");
     }
 
     /**
      * Test of parse method, of class PomParser.
      */
     @Test
-    public void testParse_InputStream() throws Exception {
+    void testParse_InputStream() throws Exception {
         InputStream inputStream = BaseTest.getResourceAsStream(this, "pom/plexus-utils-3.0.24.pom");
         PomParser instance = new PomParser();
         String expectedArtifactId = "plexus-utils";
         Model result = instance.parse(inputStream);
-        assertEquals("Invalid artifactId extracted", expectedArtifactId, result.getArtifactId());
+        assertEquals(expectedArtifactId, result.getArtifactId(), "Invalid artifactId extracted");
     }
 
     /**
      * Test of parse method, of class PomParser.
      */
     @Test
-    public void testParse_InputStreamWithDocType() throws Exception {
+    void testParse_InputStreamWithDocType() throws Exception {
         InputStream inputStream = BaseTest.getResourceAsStream(this, "pom/mailapi-1.4.3_doctype.pom");
         PomParser instance = new PomParser();
         String expVersion = "1.4.3";
         Model result = instance.parse(inputStream);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+        assertEquals(expVersion, result.getParentVersion(), "Invalid version extracted");
     }
 
     @Test
-    public void testParseWithoutDocTypeCleanup_InputStream() throws Exception {
+    void testParseWithoutDocTypeCleanup_InputStream() throws Exception {
         InputStream inputStream = BaseTest.getResourceAsStream(this, "pom/mailapi-1.4.3.pom");
         PomParser instance = new PomParser();
         String expVersion = "1.4.3";
         Model result = instance.parseWithoutDocTypeCleanup(inputStream);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+        assertEquals(expVersion, result.getParentVersion(), "Invalid version extracted");
     }
 
     @Test
-    public void testParseWithoutDocTypeCleanup() throws Exception {
+    void testParseWithoutDocTypeCleanup() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "pom/mailapi-1.4.3.pom");
         PomParser instance = new PomParser();
         String expVersion = "1.4.3";
         Model result = instance.parseWithoutDocTypeCleanup(file);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+        assertEquals(expVersion, result.getParentVersion(), "Invalid version extracted");
     }
 
-    
-    @Test(expected = PomParseException.class)
-    public void testParseWithoutDocTypeCleanup_InputStreamWithDocType() throws Exception {
+
+    @Test
+    void testParseWithoutDocTypeCleanup_InputStreamWithDocType() {
         InputStream inputStream = BaseTest.getResourceAsStream(this, "pom/mailapi-1.4.3_doctype.pom");
         PomParser instance = new PomParser();
-        String expVersion = "1.4.3";
-        Model result = instance.parseWithoutDocTypeCleanup(inputStream);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+
+        assertThrows(PomParseException.class, () ->
+            instance.parseWithoutDocTypeCleanup(inputStream));
     }
 
-    @Test(expected = PomParseException.class)
-    public void testParseWithoutDocTypeCleanup_WithDocType() throws Exception {
+    @Test
+    void testParseWithoutDocTypeCleanup_WithDocType() {
         File file = BaseTest.getResourceAsFile(this, "pom/mailapi-1.4.3_doctype.pom");
         PomParser instance = new PomParser();
-        String expVersion = "1.4.3";
-        Model result = instance.parseWithoutDocTypeCleanup(file);
-        assertEquals("Invalid version extracted", expVersion, result.getParentVersion());
+
+        assertThrows(PomParseException.class, () ->
+            instance.parseWithoutDocTypeCleanup(file));
     }
 
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomProjectInputStreamTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomProjectInputStreamTest.java
index 041dcffb5b1..6f3698fe530 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomProjectInputStreamTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomProjectInputStreamTest.java
@@ -17,19 +17,21 @@
  */
 package org.owasp.dependencycheck.xml.pom;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
 import java.nio.charset.StandardCharsets;
-import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class PomProjectInputStreamTest {
+class PomProjectInputStreamTest {
 
     private final String POM = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n"
             + "<!DOCTYPE xml [<!ENTITY quot \"&#34;\">\n"
@@ -62,7 +64,7 @@ public class PomProjectInputStreamTest {
             + "<blue></blue>";
 
     @Test
-    public void testFilter() throws IOException {
+    void testFilter() throws IOException {
         InputStream in = new ByteArrayInputStream(POM.getBytes(StandardCharsets.UTF_8));
         PomProjectInputStream instance = new PomProjectInputStream(in);
         byte[] expected = "<project></project>".getBytes(StandardCharsets.UTF_8);
@@ -85,7 +87,7 @@ public void testFilter() throws IOException {
      * Test of findSequence method, of class PomProjectInputStream.
      */
     @Test
-    public void testFindSequence() throws IOException {
+    void testFindSequence() {
 
         byte[] sequence = "project".getBytes(StandardCharsets.UTF_8);
         byte[] buffer = "my big project".getBytes(StandardCharsets.UTF_8);
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomUtilsTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomUtilsTest.java
index b47685c23a6..e848f9a53dc 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomUtilsTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/pom/PomUtilsTest.java
@@ -17,20 +17,21 @@
  */
 package org.owasp.dependencycheck.xml.pom;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+
 import java.io.File;
 import java.util.jar.JarFile;
 
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * Test the PomUtils object.
  *
  * @author Jeremy Long
  */
-public class PomUtilsTest extends BaseTest {
+class PomUtilsTest extends BaseTest {
 
     /**
      * Test of readPom method, of class PomUtils.
@@ -39,7 +40,7 @@ public class PomUtilsTest extends BaseTest {
      * exception
      */
     @Test
-    public void testReadPom_File() throws Exception {
+    void testReadPom_File() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "dwr-pom.xml");
         String expResult = "Direct Web Remoting";
         Model result = PomUtils.readPom(file);
@@ -62,7 +63,7 @@ public void testReadPom_File() throws Exception {
     }
 
     @Test
-    public void testReadPom_String_File() throws Exception {
+    void testReadPom_String_File() throws Exception {
         File fileCommonValidator = BaseTest.getResourceAsFile(this, "commons-validator-1.4.0.jar");
         JarFile jar = new JarFile(fileCommonValidator, false);
         String expResult = "Commons Validator";
@@ -71,7 +72,7 @@ public void testReadPom_String_File() throws Exception {
     }
 
     @Test
-    public void testReadPom_should_trim_version() throws AnalysisException {
+    void testReadPom_should_trim_version() throws AnalysisException {
         File input = BaseTest.getResourceAsFile(this, "pom/pom-with-new-line.xml");
         String expectedOutputVersion = "2.2.0";
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/PropertyTypeTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/PropertyTypeTest.java
index 6824e587863..3a62a73397d 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/PropertyTypeTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/PropertyTypeTest.java
@@ -17,24 +17,24 @@
  */
 package org.owasp.dependencycheck.xml.suppression;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  *
  * @author Jeremy Long
  */
-public class PropertyTypeTest extends BaseTest {
+class PropertyTypeTest extends BaseTest {
 
     /**
      * Test of set and getValue method, of class PropertyType.
      */
     @Test
-    public void testSetGetValue() {
+    void testSetGetValue() {
 
         PropertyType instance = new PropertyType();
         String expResult = "test";
@@ -47,7 +47,7 @@ public void testSetGetValue() {
      * Test of isRegex method, of class PropertyType.
      */
     @Test
-    public void testIsRegex() {
+    void testIsRegex() {
         PropertyType instance = new PropertyType();
         assertFalse(instance.isRegex());
         instance.setRegex(true);
@@ -58,7 +58,7 @@ public void testIsRegex() {
      * Test of isCaseSensitive method, of class PropertyType.
      */
     @Test
-    public void testIsCaseSensitive() {
+    void testIsCaseSensitive() {
         PropertyType instance = new PropertyType();
         assertFalse(instance.isCaseSensitive());
         instance.setCaseSensitive(true);
@@ -69,7 +69,7 @@ public void testIsCaseSensitive() {
      * Test of matches method, of class PropertyType.
      */
     @Test
-    public void testMatches() {
+    void testMatches() {
         String text = "Simple";
 
         PropertyType instance = new PropertyType();
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionHandlerTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionHandlerTest.java
index f304112eff3..0177ea12faa 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionHandlerTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionHandlerTest.java
@@ -17,6 +17,13 @@
  */
 package org.owasp.dependencycheck.xml.suppression;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+import org.owasp.dependencycheck.utils.XmlUtils;
+import org.xml.sax.InputSource;
+import org.xml.sax.XMLReader;
+
+import javax.xml.parsers.SAXParser;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.InputStream;
@@ -24,19 +31,14 @@
 import java.io.Reader;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
-import javax.xml.parsers.SAXParser;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
-import org.owasp.dependencycheck.utils.XmlUtils;
-import org.xml.sax.InputSource;
-import org.xml.sax.XMLReader;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class SuppressionHandlerTest extends BaseTest {
+class SuppressionHandlerTest extends BaseTest {
 
     /**
      * Test of getSuppressionRules method, of class SuppressionHandler.
@@ -44,7 +46,7 @@ public class SuppressionHandlerTest extends BaseTest {
      * @throws Exception thrown if there is an exception....
      */
     @Test
-    public void testHandler() throws Exception {
+    void testHandler() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "suppressions.xml");
         InputStream schemaStream = BaseTest.getResourceAsStream(this, "schema/suppression.xsd");
 
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionParserTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionParserTest.java
index 106b00e170e..a4f236271ed 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionParserTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionParserTest.java
@@ -17,31 +17,32 @@
  */
 package org.owasp.dependencycheck.xml.suppression;
 
+import org.junit.jupiter.api.Test;
+import org.owasp.dependencycheck.BaseTest;
+
 import java.io.File;
 import java.util.List;
-import org.junit.Assert;
 
-import org.junit.Test;
-import org.owasp.dependencycheck.BaseTest;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  * Test of the suppression parser.
  *
  * @author Jeremy Long
  */
-public class SuppressionParserTest extends BaseTest {
+class SuppressionParserTest extends BaseTest {
 
     /**
      * Test of parseSuppressionRules method, of class SuppressionParser for the
      * v1.0 suppression XML Schema.
      */
     @Test
-    public void testParseSuppressionRulesV1dot0() throws Exception {
+    void testParseSuppressionRulesV1dot0() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
         File file = BaseTest.getResourceAsFile(this, "suppressions.xml");
         SuppressionParser instance = new SuppressionParser();
         List<SuppressionRule> result = instance.parseSuppressionRules(file);
-        Assert.assertEquals(5, result.size());
+        assertEquals(5, result.size());
     }
 
     /**
@@ -49,12 +50,12 @@ public void testParseSuppressionRulesV1dot0() throws Exception {
      * v1.1 suppression XML Schema.
      */
     @Test
-    public void testParseSuppressionRulesV1dot1() throws Exception {
+    void testParseSuppressionRulesV1dot1() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
         File file = BaseTest.getResourceAsFile(this, "suppressions_1_1.xml");
         SuppressionParser instance = new SuppressionParser();
         List<SuppressionRule> result = instance.parseSuppressionRules(file);
-        Assert.assertEquals(5, result.size());
+        assertEquals(5, result.size());
     }
 
     /**
@@ -62,12 +63,12 @@ public void testParseSuppressionRulesV1dot1() throws Exception {
      * v1.2 suppression XML Schema.
      */
     @Test
-    public void testParseSuppressionRulesV1dot2() throws Exception {
+    void testParseSuppressionRulesV1dot2() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
         File file = BaseTest.getResourceAsFile(this, "suppressions_1_2.xml");
         SuppressionParser instance = new SuppressionParser();
         List<SuppressionRule> result = instance.parseSuppressionRules(file);
-        Assert.assertEquals(4, result.size());
+        assertEquals(4, result.size());
     }
 
     /**
@@ -75,11 +76,11 @@ public void testParseSuppressionRulesV1dot2() throws Exception {
      * v1.2 suppression XML Schema.
      */
     @Test
-    public void testParseSuppressionRulesV1dot3() throws Exception {
+    void testParseSuppressionRulesV1dot3() throws Exception {
         //File file = new File(this.getClass().getClassLoader().getResource("suppressions.xml").getPath());
         File file = BaseTest.getResourceAsFile(this, "suppressions_1_3.xml");
         SuppressionParser instance = new SuppressionParser();
         List<SuppressionRule> result = instance.parseSuppressionRules(file);
-        Assert.assertEquals(4, result.size());
+        assertEquals(4, result.size());
     }
 }
diff --git a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionRuleTest.java b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionRuleTest.java
index d7ef1dcebd0..148962cb79f 100644
--- a/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionRuleTest.java
+++ b/core/src/test/java/org/owasp/dependencycheck/xml/suppression/SuppressionRuleTest.java
@@ -19,16 +19,9 @@
 
 import com.github.packageurl.MalformedPackageURLException;
 import io.github.jeremylong.openvulnerability.client.nvd.CvssV2;
-import java.io.File;
-import java.util.ArrayList;
-import java.util.List;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.BaseTest;
 import org.owasp.dependencycheck.dependency.Confidence;
-
 import org.owasp.dependencycheck.dependency.Dependency;
 import org.owasp.dependencycheck.dependency.Vulnerability;
 import org.owasp.dependencycheck.dependency.naming.CpeIdentifier;
@@ -36,19 +29,27 @@
 import org.owasp.dependencycheck.utils.CvssUtil;
 import us.springett.parsers.cpe.exceptions.CpeValidationException;
 
+import java.io.File;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
 /**
  * Test of the suppression rule.
  *
  * @author Jeremy Long
  */
-public class SuppressionRuleTest extends BaseTest {
+class SuppressionRuleTest extends BaseTest {
 
     //<editor-fold defaultstate="collapsed" desc="Stupid tests of properties">
     /**
      * Test of FilePath property, of class SuppressionRule.
      */
     @Test
-    public void testFilePath() {
+    void testFilePath() {
         SuppressionRule instance = new SuppressionRule();
         PropertyType expResult = new PropertyType();
         expResult.setValue("test");
@@ -61,7 +62,7 @@ public void testFilePath() {
      * Test of Sha1 property, of class SuppressionRule.
      */
     @Test
-    public void testSha1() {
+    void testSha1() {
         SuppressionRule instance = new SuppressionRule();
         String expResult = "384FAA82E193D4E4B0546059CA09572654BC3970";
         instance.setSha1(expResult);
@@ -73,7 +74,7 @@ public void testSha1() {
      * Test of Cpe property, of class SuppressionRule.
      */
     @Test
-    public void testCpe() {
+    void testCpe() {
         SuppressionRule instance = new SuppressionRule();
         List<PropertyType> cpe = new ArrayList<>();
         instance.setCpe(cpe);
@@ -91,7 +92,7 @@ public void testCpe() {
      * Test of CvssBelow property, of class SuppressionRule.
      */
     @Test
-    public void testGetCvssBelow() {
+    void testGetCvssBelow() {
         SuppressionRule instance = new SuppressionRule();
         List<Double> cvss = new ArrayList<>();
         instance.setCvssBelow(cvss);
@@ -106,7 +107,7 @@ public void testGetCvssBelow() {
      * Test of Cwe property, of class SuppressionRule.
      */
     @Test
-    public void testCwe() {
+    void testCwe() {
         SuppressionRule instance = new SuppressionRule();
         List<String> cwe = new ArrayList<>();
         instance.setCwe(cwe);
@@ -121,7 +122,7 @@ public void testCwe() {
      * Test of Cve property, of class SuppressionRule.
      */
     @Test
-    public void testCve() {
+    void testCve() {
         SuppressionRule instance = new SuppressionRule();
         List<String> cve = new ArrayList<>();
         instance.setCve(cve);
@@ -136,12 +137,13 @@ public void testCve() {
      * Test of base property, of class SuppressionRule.
      */
     @Test
-    public void testBase() {
+    void testBase() {
         SuppressionRule instance = new SuppressionRule();
         assertFalse(instance.isBase());
         instance.setBase(true);
         assertTrue(instance.isBase());
     }
+
     //</editor-fold>
 
     //<editor-fold defaultstate="collapsed" desc="Ignored duplicate tests, left in, as empty tests, so IDE doesn't re-generate them">
@@ -150,7 +152,7 @@ public void testBase() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testGetFilePath() {
+    void testGetFilePath() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -159,7 +161,7 @@ public void testGetFilePath() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetFilePath() {
+    void testSetFilePath() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -168,7 +170,7 @@ public void testSetFilePath() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testGetSha1() {
+    void testGetSha1() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -177,7 +179,7 @@ public void testGetSha1() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetSha1() {
+    void testSetSha1() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -186,7 +188,7 @@ public void testSetSha1() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testGetCpe() {
+    void testGetCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -195,7 +197,7 @@ public void testGetCpe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetCpe() {
+    void testSetCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -204,7 +206,7 @@ public void testSetCpe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testAddCpe() {
+    void testAddCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -213,7 +215,7 @@ public void testAddCpe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testHasCpe() {
+    void testHasCpe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -222,7 +224,7 @@ public void testHasCpe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetCvssBelow() {
+    void testSetCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -231,7 +233,7 @@ public void testSetCvssBelow() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testAddCvssBelow() {
+    void testAddCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -240,7 +242,7 @@ public void testAddCvssBelow() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testHasCvssBelow() {
+    void testHasCvssBelow() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -249,7 +251,7 @@ public void testHasCvssBelow() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testGetCwe() {
+    void testGetCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -258,7 +260,7 @@ public void testGetCwe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetCwe() {
+    void testSetCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -267,7 +269,7 @@ public void testSetCwe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testAddCwe() {
+    void testAddCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -276,7 +278,7 @@ public void testAddCwe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testHasCwe() {
+    void testHasCwe() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -285,7 +287,7 @@ public void testHasCwe() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testGetCve() {
+    void testGetCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -294,7 +296,7 @@ public void testGetCve() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testSetCve() {
+    void testSetCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -303,7 +305,7 @@ public void testSetCve() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testAddCve() {
+    void testAddCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
 
@@ -312,16 +314,17 @@ public void testAddCve() {
      */
     @Test
     @SuppressWarnings("squid:S2699")
-    public void testHasCve() {
+    void testHasCve() {
         //already tested, this is just left so the IDE doesn't recreate it.
     }
+
     //</editor-fold>
 
     /**
      * Test of cpeHasNoVersion method, of class SuppressionRule.
      */
     @Test
-    public void testCpeHasNoVersion() {
+    void testCpeHasNoVersion() {
         PropertyType c = new PropertyType();
         c.setValue("cpe:/a:microsoft:.net_framework:4.5");
         SuppressionRule instance = new SuppressionRule();
@@ -336,7 +339,7 @@ public void testCpeHasNoVersion() {
      * Test of identifierMatches method, of class SuppressionRule.
      */
     @Test
-    public void testCpeMatches() throws CpeValidationException, MalformedPackageURLException {
+    void testCpeMatches() throws CpeValidationException, MalformedPackageURLException {
         CpeIdentifier identifier = new CpeIdentifier("microsoft", ".net_framework", "4.5", Confidence.HIGHEST);
 
         PropertyType cpe = new PropertyType();
@@ -412,7 +415,7 @@ public void testCpeMatches() throws CpeValidationException, MalformedPackageURLE
      * Test of process method, of class SuppressionRule.
      */
     @Test
-    public void testProcess() throws CpeValidationException {
+    void testProcess() throws CpeValidationException {
         //File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
         File struts = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar");
         Dependency dependency = new Dependency(struts);
@@ -462,7 +465,7 @@ public void testProcess() throws CpeValidationException {
         pt.setValue("cpe:/a:microsoft:.net_framework:4.0");
         instance.addCpe(pt);
         instance.process(dependency);
-        assertTrue(dependency.getVulnerableSoftwareIdentifiers().size() == 1);
+        assertEquals(1, dependency.getVulnerableSoftwareIdentifiers().size());
         pt = new PropertyType();
         pt.setValue("cpe:/a:microsoft:.net_framework:4.5");
         instance.addCpe(pt);
@@ -494,7 +497,7 @@ public void testProcess() throws CpeValidationException {
      * Test of process method, of class SuppressionRule.
      */
     @Test
-    public void testProcessGAV() throws CpeValidationException, MalformedPackageURLException {
+    void testProcessGAV() throws CpeValidationException, MalformedPackageURLException {
         //File spring = new File(this.getClass().getClassLoader().getResource("spring-security-web-3.0.0.RELEASE.jar").getPath());
         File spring = BaseTest.getResourceAsFile(this, "spring-security-web-3.0.0.RELEASE.jar");
         Dependency dependency = new Dependency(spring);
@@ -529,7 +532,7 @@ public void testProcessGAV() throws CpeValidationException, MalformedPackageURLE
     }
 
     @Test
-    public void testProcessVulnerabilityNames() throws CpeValidationException, MalformedPackageURLException {
+    void testProcessVulnerabilityNames() throws CpeValidationException, MalformedPackageURLException {
         File spring = BaseTest.getResourceAsFile(this, "spring-security-web-3.0.0.RELEASE.jar");
         Dependency dependency = new Dependency(spring);
         dependency.addVulnerableSoftwareIdentifier(new CpeIdentifier("vmware", "springsource_spring_security", "3.0.0", Confidence.HIGH));
@@ -552,11 +555,11 @@ public void testProcessVulnerabilityNames() throws CpeValidationException, Malfo
         assertEquals(1, dependency.getVulnerabilities().size());
         assertEquals(0, dependency.getSuppressedVulnerabilities().size());
 
-        
+
         pt = new PropertyType();
         pt.setValue("CVE-2013-1337");
         instance.addVulnerabilityName(pt);
-        
+
         instance.process(dependency);
         assertEquals(0, dependency.getVulnerabilities().size());
         assertEquals(1, dependency.getSuppressedVulnerabilities().size());
@@ -566,7 +569,7 @@ private Vulnerability createVulnerability() {
         Vulnerability v = new Vulnerability();
         v.addCwe("CWE-287 Improper Authentication");
         v.setName("CVE-2013-1337");
-        
+
         CvssV2 cvss = CvssUtil.vectorToCvssV2("/AV:N/AC:L/Au:N/C:P/I:P/A:P", 7.5);
         v.setCvssV2(cvss);
         return v;
diff --git a/core/src/test/resources/dependencycheck.properties b/core/src/test/resources/dependencycheck.properties
index 7635618f990..0f17a7ee43c 100644
--- a/core/src/test/resources/dependencycheck.properties
+++ b/core/src/test/resources/dependencycheck.properties
@@ -78,7 +78,7 @@ central.content.url=https://search.maven.org/remotecontent?filepath=
 # Note - the central query is used in a String.format(query, url, sha1)).
 # As such, it must have two %s and any other % must be escapped by doubling it
 analyzer.central.query=%s?q=1:%s&wt=xml
-analyzer.central.retry.count=7
+analyzer.central.retry.count=3
 analyzer.central.parallel.analysis=false
 
 # the URL for searching NPM Audit API
diff --git a/list-changes.sh b/list-changes.sh
index 47f1dc416b1..99eed75c718 100755
--- a/list-changes.sh
+++ b/list-changes.sh
@@ -1,3 +1,5 @@
 #!/bin/bash -e
 ##https://blogs.sap.com/2018/06/22/generating-release-notes-from-git-commit-messages-using-basic-shell-commands-gitgrep/
-git --no-pager log $(git describe --tags --abbrev=0)..HEAD --pretty=format:" - %s" | grep -v ' - Bump'
\ No newline at end of file
+git --no-pager log $(git describe --tags --abbrev=0)..HEAD --pretty=format:" - %s" \
+  | grep -v ' - Bump' \
+  | sed -E 's/#([0-9]+)/[#\1](https:\/\/github.com\/dependency-check\/DependencyCheck\/pull\/\1)/g'
diff --git a/maven/README.md b/maven/README.md
index 09be4fe2404..78e6c9705a8 100644
--- a/maven/README.md
+++ b/maven/README.md
@@ -15,3 +15,5 @@ Permission to modify and redistribute is granted under the terms of the Apache 2
 Dependency-Check makes use of several other open source libraries. Please see the [NOTICE.txt][notices] file for more information.
 
   [notices]: https://github.com/dependency-check/DependencyCheck/blob/main/maven/NOTICE.txt
+
+<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=c78174f3-f898-4a5d-b3ab-1202b7db8ef6" />
diff --git a/maven/pom.xml b/maven/pom.xml
index 769a982c987..4caca9516c9 100644
--- a/maven/pom.xml
+++ b/maven/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
     </parent>
     <artifactId>dependency-check-maven</artifactId>
     <packaging>maven-plugin</packaging>
@@ -34,7 +34,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/master/maven</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <prerequisites>
         <maven>3.6.3</maven>
@@ -119,6 +119,11 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <artifactId>mockito-core</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-junit-jupiter</artifactId>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>io.github.jeremylong</groupId>
             <artifactId>jcs3-slf4j</artifactId>
diff --git a/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
index 896c10b8f37..5b04b95a31a 100644
--- a/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
+++ b/maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
@@ -765,13 +765,34 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
     private String ossindexAnalyzerUrl;
 
     /**
-     * The id of a server defined in the settings.xml that configures the
-     * credentials (username and password) for a OSS Index service.
+     * The id of a server defined in the settings.xml to authenticate Sonatype
+     * OSS Index requests and profit from higher rate limits. Provide the OSS
+     * account email address as username and password or API token as password.
      */
     @SuppressWarnings("CanBeFinal")
     @Parameter(property = "ossIndexServerId")
     private String ossIndexServerId;
 
+    /**
+     * OSS account email address as an alternative to the indirection through
+     * the ossIndexServerId (see above). Both ossIndexUsername and
+     * ossIndexPassword must be set to use this approach instead of the server
+     * ID.
+     */
+    @SuppressWarnings("CanBeFinal")
+    @Parameter(property = "ossIndexUsername")
+    private String ossIndexUsername;
+
+    /**
+     * OSS password or API token as an alternative to the indirection through
+     * the ossIndexServerId (see above). Both ossIndexUsername and
+     * ossIndexPassword must be set to use this approach instead of the server
+     * ID.
+     */
+    @SuppressWarnings("CanBeFinal")
+    @Parameter(property = "ossIndexPassword")
+    private String ossIndexPassword;
+
     /**
      * Whether we should only warn about Sonatype OSS Index remote errors
      * instead of failing the goal completely.
@@ -1148,8 +1169,9 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
     private Retirejs retirejs;
 
     /**
-     * The list of artifacts (and their transitive dependencies) to exclude from
-     * the check.
+     * The list of patterns to exclude from the check. This is matched against the project dependencies (and will implicitly also remove transitive dependencies from matching dependencies). 
+     * Each pattern has the format {@code [groupId]:[artifactId]:[type]:[version]}. You can leave out unspecified parts (which is equal to using {@code *}).
+     * Examples: {@code org.apache.*} would match all artifacts whose group id starts with {@code org.apache.}, and {@code :::*-SNAPSHOT} would match all snapshot artifacts.
      */
     @Parameter(property = "odc.excludes")
     private List<String> excludes;
@@ -2427,7 +2449,12 @@ protected void populateSettings() throws MojoFailureException, MojoExecutionExce
         settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_SWIFT_PACKAGE_RESOLVED_ENABLED, swiftPackageResolvedAnalyzerEnabled);
         settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_OSSINDEX_ENABLED, ossindexAnalyzerEnabled);
         settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_OSSINDEX_URL, ossindexAnalyzerUrl);
-        configureServerCredentials(ossIndexServerId, Settings.KEYS.ANALYZER_OSSINDEX_USER, Settings.KEYS.ANALYZER_OSSINDEX_PASSWORD);
+        if (StringUtils.isEmpty(ossIndexUsername) || StringUtils.isEmpty(ossIndexPassword)) {
+            configureServerCredentials(ossIndexServerId, Settings.KEYS.ANALYZER_OSSINDEX_USER, Settings.KEYS.ANALYZER_OSSINDEX_PASSWORD);
+        } else {
+            settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_OSSINDEX_USER, ossIndexUsername);
+            settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_OSSINDEX_PASSWORD, ossIndexPassword);
+        }
         settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_OSSINDEX_USE_CACHE, ossindexAnalyzerUseCache);
         settings.setBooleanIfNotNull(Settings.KEYS.ANALYZER_OSSINDEX_WARN_ONLY_ON_REMOTE_ERRORS, ossIndexWarnOnlyOnRemoteErrors);
         if (retirejs != null) {
@@ -2517,8 +2544,8 @@ protected void populateSettings() throws MojoFailureException, MojoExecutionExce
      * <p>
      * When a serverId is given, then its values are used instead of the less secure direct values.<br />
      * A serverId with username/password will fill the `userKey` and `passwordKey` settings for Basic Auth. A serverId with only password
-     * filled will fill the `tokenKey` fro Bearer Auth.<br/>
-     * In absence of the serverId any non-null value will be transferred to the settings.
+     * filled will fill the `tokenKey` from Bearer Auth.<br/>
+     * In absence of the serverId, any non-null value will be transferred to the settings.
      *
      * @param serverId      The serverId specified for the connection or {@code null}
      * @param usernameValue The username specified for the connection or {@code null}
diff --git a/maven/src/site/markdown/configuration.md b/maven/src/site/markdown/configuration.md
index ff6f9abb224..c1cb891ca58 100644
--- a/maven/src/site/markdown/configuration.md
+++ b/maven/src/site/markdown/configuration.md
@@ -1,46 +1,46 @@
 Goals
 ====================
 
-Goal        | Description
-------------|-----------------------
-aggregate   | Runs dependency-check against the child projects and aggregates the results into a single report. **Warning**: if the aggregate goal is used within the site reporting a blank report will likely be present for any goal beyond site:site (i.e. site:stage or site:deploy will likely result in blank reports being staged or deployed); however, site:site will work. See issue [#325](https://github.com/dependency-check/DependencyCheck/issues/325) for more information.
-check       | Runs dependency-check against the project and generates a report.
-update-only | Updates the local cache of the NVD data from NIST.
-purge       | Deletes the local copy of the NVD. This is used to force a refresh of the data.
+| Goal        | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| aggregate   | Runs dependency-check against the child projects and aggregates the results into a single report. **Warning**: if the aggregate goal is used within the site reporting a blank report will likely be present for any goal beyond site:site (i.e. site:stage or site:deploy will likely result in blank reports being staged or deployed); however, site:site will work. See issue [#325](https://github.com/dependency-check/DependencyCheck/issues/325) for more information. |
+| check       | Runs dependency-check against the project and generates a report.                                                                                                                                                                                                                                                                                                                                                                                                              |
+| update-only | Updates the local cache of the NVD data from NIST.                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| purge       | Deletes the local copy of the NVD. This is used to force a refresh of the data.                                                                                                                                                                                                                                                                                                                                                                                                |
 
 Configuration
 ====================
 The following properties can be set on the dependency-check-maven plugin.
 
-Property                         | Description                        | Default Value
----------------------------------|------------------------------------|------------------
-autoUpdate                       | Sets whether auto-updating of the NVD CVE/CPE, retireJS and hosted suppressions data is enabled. It is not recommended that this be turned to false. | true
-format                           | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). This configuration is ignored if `formats` is defined. This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
-formats                          | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). This configuration overrides the value from `format`. This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | &nbsp;
-junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.   | 0
-prettyPrint                      | Whether the XML and JSON formatted reports should be pretty printed.                                               | false
-failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss) | 11
-failBuildOnAnyVulnerability      | Specifies that if any vulnerability is identified, the build will fail. | false
-failOnError                      | Whether the build should fail if there is an error executing the dependency-check analysis. | true
-name                             | The name of the report in the site. | dependency-check or dependency-check:aggregate
-outputDirectory                  | The location to write the report(s). This can be specified on the command line via `-Dodc.outputDirectory`. Note, this is not used if generating the report as part of a `mvn site` build. | 'target'
-scanSet                          | An optional collection of file sets that specify additional files and/or directories to analyze as part of the scan. If not specified, defaults to standard Maven conventions. This cannot be configured via the command line parameters (e.g. `-DscanSet=./path`) - use the below `scanDirectory` instead. Note that the scan sets specified should be relative from the base directory - do not use Maven project variable substitution (e.g. `${project.basedir}/src/webpack`). Using Maven project variable substitution can cause directories to be missed especially when using an aggregate build. | ['src/main/resources', 'src/main/filters', 'src/main/webapp', './package.json', './package-lock.json', './npm-shrinkwrap.json', './Gopkg.lock', './go.mod']
-scanDirectory                    | An optional collection of directories to include in the scan. This configuration should only be used via the command line - if configuring the scan directories within the `pom.xml` please consider using the above `scanSet`. | &nbsp;
-scanDependencies                 | Sets whether the dependencies should be scanned.                   | true
-scanPlugins                      | Sets whether the plugins and their dependencies should be scanned. | false
-skip                             | Skips the dependency-check analysis.                       | false
-skipProvidedScope                | Skip analysis for artifacts with Provided Scope.           | false
-skipRuntimeScope                 | Skip analysis for artifacts with Runtime Scope.            | false
-skipSystemScope                  | Skip analysis for artifacts with System Scope.             | false
-skipTestScope                    | Skip analysis for artifacts with Test Scope.               | true
-skipDependencyManagement         | Skip analysis for dependencyManagement sections.           | true
-skipArtifactType                 | A regular expression used to filter/skip artifact types.  This filters on the `type` of dependency as defined in the dependency section: jar, pom, test-jar, etc. | &nbsp;
-suppressionFiles                 | The file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configuration value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;
-failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail. | false
-hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html).       | &nbsp;
-enableExperimental               | Enable the [experimental analyzers](../analyzers/index.html). If not enabled the experimental analyzers (see below) will not be loaded or used. | false
-enableRetired                    | Enable the [retired analyzers](../analyzers/index.html). If not enabled the retired analyzers (see below) will not be loaded or used. | false
-versionCheckEnabled              | Whether dependency-check should check if a new version of dependency-check-maven exists. | true
+| Property                         | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | Default Value                                                                                                                                               |
+|----------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| autoUpdate                       | Sets whether auto-updating of the NVD CVE/CPE, retireJS and hosted suppressions data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                                                                                                                                                                                                                                                                      | true                                                                                                                                                        |
+| format                           | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). This configuration is ignored if `formats` is defined. This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true.                                                                                                                                                                                                                                                                                                                               | HTML                                                                                                                                                        |
+| formats                          | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL). This configuration overrides the value from `format`. This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true.                                                                                                                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                      |
+| junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | 0                                                                                                                                                           |
+| prettyPrint                      | Whether the XML and JSON formatted reports should be pretty printed.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | false                                                                                                                                                       |
+| failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11 which means since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                                                                                                                                                                                                                                                                                          | 11                                                                                                                                                          |
+| failBuildOnAnyVulnerability      | Specifies that if any vulnerability is identified, the build will fail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | false                                                                                                                                                       |
+| failOnError                      | Whether the build should fail if there is an error executing the dependency-check analysis.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | true                                                                                                                                                        |
+| name                             | The name of the report in the site.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | dependency-check or dependency-check:aggregate                                                                                                              |
+| outputDirectory                  | The location to write the report(s). This can be specified on the command line via `-Dodc.outputDirectory`. Note, this is not used if generating the report as part of a `mvn site` build.                                                                                                                                                                                                                                                                                                                                                                                                                | 'target'                                                                                                                                                    |
+| scanSet                          | An optional collection of file sets that specify additional files and/or directories to analyze as part of the scan. If not specified, defaults to standard Maven conventions. This cannot be configured via the command line parameters (e.g. `-DscanSet=./path`) - use the below `scanDirectory` instead. Note that the scan sets specified should be relative from the base directory - do not use Maven project variable substitution (e.g. `${project.basedir}/src/webpack`). Using Maven project variable substitution can cause directories to be missed especially when using an aggregate build. | ['src/main/resources', 'src/main/filters', 'src/main/webapp', './package.json', './package-lock.json', './npm-shrinkwrap.json', './Gopkg.lock', './go.mod'] |
+| scanDirectory                    | An optional collection of directories to include in the scan. This configuration should only be used via the command line - if configuring the scan directories within the `pom.xml` please consider using the above `scanSet`.                                                                                                                                                                                                                                                                                                                                                                           | &nbsp;                                                                                                                                                      |
+| scanDependencies                 | Sets whether the dependencies should be scanned.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | true                                                                                                                                                        |
+| scanPlugins                      | Sets whether the plugins and their dependencies should be scanned.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | false                                                                                                                                                       |
+| skip                             | Skips the dependency-check analysis.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | false                                                                                                                                                       |
+| skipProvidedScope                | Skip analysis for artifacts with Provided Scope.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | false                                                                                                                                                       |
+| skipRuntimeScope                 | Skip analysis for artifacts with Runtime Scope.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | false                                                                                                                                                       |
+| skipSystemScope                  | Skip analysis for artifacts with System Scope.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | false                                                                                                                                                       |
+| skipTestScope                    | Skip analysis for artifacts with Test Scope.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | true                                                                                                                                                        |
+| skipDependencyManagement         | Skip analysis for dependencyManagement sections.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | true                                                                                                                                                        |
+| skipArtifactType                 | A regular expression used to filter/skip artifact types.  This filters on the `type` of dependency as defined in the dependency section: jar, pom, test-jar, etc.                                                                                                                                                                                                                                                                                                                                                                                                                                         | &nbsp;                                                                                                                                                      |
+| suppressionFiles                 | The file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configuration value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799)                                                                                                                                                                                                                                                               | &nbsp;                                                                                                                                                      |
+| failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | false                                                                                                                                                       |
+| hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | &nbsp;                                                                                                                                                      |
+| enableExperimental               | Enable the [experimental analyzers](../analyzers/index.html). If not enabled the experimental analyzers (see below) will not be loaded or used.                                                                                                                                                                                                                                                                                                                                                                                                                                                           | false                                                                                                                                                       |
+| enableRetired                    | Enable the [retired analyzers](../analyzers/index.html). If not enabled the retired analyzers (see below) will not be loaded or used.                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | false                                                                                                                                                       |
+| versionCheckEnabled              | Whether dependency-check should check if a new version of dependency-check-maven exists.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | true                                                                                                                                                        |
 
 Analyzer Configuration
 ====================
@@ -50,74 +50,76 @@ Note, that specific analyzers will automatically disable themselves if no file
 types that they support are detected - so specifically disabling them may not
 be needed.
 
-Property                            | Description                                                                                                                                         | Default Value
-------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|------------------
-archiveAnalyzerEnabled              | Sets whether the Archive Analyzer will be used.                                                                                                     | true
-zipExtensions                       | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                    | &nbsp;
-excludes                            | A list of exclude patterns to filter out maven artifacts from being scanned.                                                                        | &nbsp;
-jarAnalyzerEnabled                  | Sets whether Jar Analyzer will be used.                                                                                                             | true
-centralAnalyzerEnabled              | Sets whether Central Analyzer will be used; by default in the Maven plugin this analyzer is disabled as all information gained from Central is already available in the build. | false
-centralAnalyzerUseCache             | Sets whether the Central Analyer will cache results. Cached results expire after 30 days.                                                           | true
-dartAnalyzerEnabled                 | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                                                                | true
-knownExploitedEnabled               | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                     | true
-knownExploitedUrl                   | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
-ossindexAnalyzerEnabled             | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection.         | true
-ossindexAnalyzerUseCache            | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours.                                                       | true
-ossIndexServerId                    | The id of [a server](https://maven.apache.org/settings.html#Servers) defined in the `settings.xml` to authenticate Sonatype OSS Index requests and profit from higher rate limits. Provide the OSS account email address as `username` and password or API token as `password`. | &nbsp;
-ossindexAnalyzerUrl                 | The OSS Index server URL | https://ossindex.sonatype.org
-ossIndexWarnOnlyOnRemoteErrors      | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution.    | false
-nexusAnalyzerEnabled                | Sets whether Nexus Analyzer will be used (requires Nexus Pro). This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | true
-nexusUrl                            | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled. | &nbsp;
-nexusServerId                       | The id of a server defined in the settings.xml that configures the credentials (username and password) for a Nexus server's REST API end point. When not specified the communication with the Nexus server's REST API will be unauthenticated. | &nbsp;
-nexusUsesProxy                      | Whether or not the defined proxy should be used when connecting to Nexus.                                                                           | true
-artifactoryAnalyzerEnabled          | Sets whether Artifactory analyzer will be used                                                                                                      | false
-artifactoryAnalyzerUrl              | The Artifactory server URL.                                                                                                                         | &nbsp;
-artifactoryAnalyzerUseProxy         | Whether Artifactory should be accessed through a proxy or not.                                                                                      | false
-artifactoryAnalyzerParallelAnalysis | Whether the Artifactory analyzer should be run in parallel or not                                                                                   | true
-artifactoryAnalyzerServerId         | The id of a server defined in the settings.xml to retrieve the credentials (username and API token) to connect to Artifactory instance. It is used in priority to artifactoryAnalyzerUsername and artifactoryAnalyzerApiToken | artifactory
-artifactoryAnalyzerUsername         | The user name (only used with API token) to connect to Artifactory instance                                                                         | &nbsp;
-artifactoryAnalyzerApiToken         | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken | &nbsp;
-artifactoryAnalyzerBearerToken      | The bearer token to connect to Artifactory instance                                                                                                 | &nbsp;
-pyDistributionAnalyzerEnabled       | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `enableExperimental` must be set to true.       | true
-pyPackageAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `enableExperimental` must be set to true.            | true
-rubygemsAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `enableExperimental` must be set to true.              | true
-opensslAnalyzerEnabled              | Sets whether the openssl Analyzer should be used.                                                                                                   | true
-cmakeAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `enableExperimental` must be set to true.                   | true
-autoconfAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `enableExperimental` must be set to true.                | true
-pipAnalyzerEnabled                  | Sets whether the [experimental](../analyzers/index.html) pip Analyzer should be used. `enableExperimental` must be set to true.                     | true
-pipfileAnalyzerEnabled              | Sets whether the [experimental](../analyzers/index.html) Pipfile Analyzer should be used. `enableExperimental` must be set to true.                 | true
-poetryAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used. `enableExperimental` must be set to true.                  | true
-composerAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `enableExperimental` must be set to true.  | true
-composerAnalyzerSkipDev             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev"                                 | false
-cpanfileAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `enableExperimental` must be set to true.          | true
-yarnAuditAnalyzerEnabled            | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.  Use `nodeAuditSkipDevDependencies` to skip dev dependencies. | true
-pnpmAuditAnalyzerEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.  Use `nodeAuditSkipDevDependencies` to skip dev dependencies. | true
-pathToYarn                          | The path to `yarn`.                                                                                                                                 | &nbsp;
-pathToPnpm                          | The path to `pnpm`.                                                                                                                                 | &nbsp;
-nodeAnalyzerEnabled                 | Sets whether the [retired](../analyzers/index.html) Node.js Analyzer should be used.                                                                | true
-nodeAuditAnalyzerEnabled            | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                 | true
-nodeAuditAnalyzerUseCache           | Sets whether the Node Audit Analyzer will cache results. Cached results expire after 24 hours.                                                      | true
-nodeAuditSkipDevDependencies        | Sets whether the Node Audit Analyzer will skip devDependencies.                                                                                     | false
-nodeAuditAnalyzerUrl                | The Node Audit API URL for the Node Audit Analyzer.                                                                                                 | https://registry.npmjs.org/-/npm/v1/security/audits
-nodePackageSkipDevDependencies      | Sets whether the Node Package Analyzer will skip devDependencies.                                                                                   | false
-retireJsAnalyzerEnabled             | Sets whether the RetireJS Analyzer should be used.                                                                                                  | true
-retireJsForceUpdate                 | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                                                            | false
-retireJsUrl                         | The URL to the Retire JS repository. **Note** the file name must be `jsrepository.json`.                                                            | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json
-nuspecAnalyzerEnabled               | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                           | true
-nugetconfAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `enableExperimental` must be set to true. | true
-libmanAnalyzerEnabled               | Sets whether the Libman Analyzer will be used.                                                                                                      | true
-cocoapodsAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `enableExperimental` must be set to true.               | true
-carthageAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `enableExperimental` must be set to true.                | true
-bundleAuditAnalyzerEnabled          | Sets whether the [experimental](../analyzers/index.html) Bundle Audit Analyzer should be used. `enableExperimental` must be set to true.            | true
-bundleAuditPath                     | Sets the path to the bundle audit executable; only used if bundle audit analyzer is enabled and experimental analyzers are enabled.                 | &nbsp;
-swiftPackageManagerAnalyzerEnabled  | Sets whether the [experimental](../analyzers/index.html) Swift Package Analyzer should be used. `enableExperimental` must be set to true.           | true
-swiftPackageResolvedAnalyzerEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved should be used. `enableExperimental` must be set to true.           | true
-assemblyAnalyzerEnabled             | Sets whether the .NET Assembly Analyzer should be used.                                                                                             | true
-msbuildAnalyzerEnabled              | Sets whether the MSBuild Analyzer should be used.                                                                                                   | true
-pathToCore                          | The path to dotnet core .NET assembly analysis on non-windows systems.                                                                              | &nbsp;
-golangDepEnabled                    | Sets whether or not the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `enableExperimental` must be set to true.| true
-golangModEnabled                    | Sets whether or not the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `enableExperimental` must be set to true. | true
-pathToGo                            | The path to `go`.                                                                                                                                   | &nbsp;
+| Property                            | Description                                                                                                                                                                                                                                                                     | Default Value                                                                            |
+|-------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
+| archiveAnalyzerEnabled              | Sets whether the Archive Analyzer will be used.                                                                                                                                                                                                                                 | true                                                                                     |
+| zipExtensions                       | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                                | &nbsp;                                                                                   |
+| excludes                            | A list of exclude patterns to filter out maven artifacts from being scanned.                                                                                                                                                                                                    | &nbsp;                                                                                   |
+| jarAnalyzerEnabled                  | Sets whether Jar Analyzer will be used.                                                                                                                                                                                                                                         | true                                                                                     |
+| centralAnalyzerEnabled              | Sets whether Central Analyzer will be used; by default in the Maven plugin this analyzer is disabled as all information gained from Central is already available in the build.                                                                                                  | false                                                                                    |
+| centralAnalyzerUseCache             | Sets whether the Central Analyer will cache results. Cached results expire after 30 days.                                                                                                                                                                                       | true                                                                                     |
+| dartAnalyzerEnabled                 | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                                                                                                                                                                                            | true                                                                                     |
+| knownExploitedEnabled               | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                                                                                                 | true                                                                                     |
+| knownExploitedUrl                   | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                                                                                                            | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
+| ossindexAnalyzerEnabled             | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection.                                                                                                                                     | true                                                                                     |
+| ossindexAnalyzerUseCache            | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                   | true                                                                                     |
+| ossIndexServerId                    | The id of [a server](https://maven.apache.org/settings.html#Servers) defined in the `settings.xml` to authenticate Sonatype OSS Index requests and profit from higher rate limits. Provide the OSS account email address as `username` and password or API token as `password`. | &nbsp;                                                                                   |
+| ossIndexUsername                    | OSS account email address as an alternative to the indirection through the `ossIndexServerId` (see above). Both `ossIndexUsername` and `ossIndexPassword` must be set to use this approach instead of the server ID.                                                            | &nbsp;                                                                                   |
+| ossIndexPassword                    | OSS password or API token as an alternative to the indirection through the `ossIndexServerId` (see above). Both `ossIndexUsername` and `ossIndexPassword` must be set to use this approach instead of the server ID.                                                            | &nbsp;                                                                                   |
+| ossindexAnalyzerUrl                 | The OSS Index server URL                                                                                                                                                                                                                                                        | https://ossindex.sonatype.org                                                            |
+| ossIndexWarnOnlyOnRemoteErrors      | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution.                                                                                                                                | false                                                                                    |
+| nexusAnalyzerEnabled                | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing retrieval from Sonatype Nexus installations.                                                                                                        | true                                                                                     |
+| nexusUrl                            | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                             | &nbsp;                                                                                   |
+| nexusServerId                       | The id of a server defined in the settings.xml that configures the credentials (username and password) for a Nexus server's REST API end point. When not specified the communication with the Nexus server's REST API will be unauthenticated.                                  | &nbsp;                                                                                   |
+| nexusUsesProxy                      | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                       | true                                                                                     |
+| artifactoryAnalyzerEnabled          | Sets whether Artifactory analyzer will be used                                                                                                                                                                                                                                  | false                                                                                    |
+| artifactoryAnalyzerUrl              | The Artifactory server URL.                                                                                                                                                                                                                                                     | &nbsp;                                                                                   |
+| artifactoryAnalyzerUseProxy         | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                                                                                                  | false                                                                                    |
+| artifactoryAnalyzerParallelAnalysis | Whether the Artifactory analyzer should be run in parallel or not                                                                                                                                                                                                               | true                                                                                     |
+| artifactoryAnalyzerServerId         | The id of a server defined in the settings.xml to retrieve the credentials (username and API token) to connect to Artifactory instance. It is used in priority to artifactoryAnalyzerUsername and artifactoryAnalyzerApiToken                                                   | artifactory                                                                              |
+| artifactoryAnalyzerUsername         | The user name (only used with API token) to connect to Artifactory instance                                                                                                                                                                                                     | &nbsp;                                                                                   |
+| artifactoryAnalyzerApiToken         | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken                                                                            | &nbsp;                                                                                   |
+| artifactoryAnalyzerBearerToken      | The bearer token to connect to Artifactory instance                                                                                                                                                                                                                             | &nbsp;                                                                                   |
+| pyDistributionAnalyzerEnabled       | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                   | true                                                                                     |
+| pyPackageAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                        | true                                                                                     |
+| rubygemsAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                                          | true                                                                                     |
+| opensslAnalyzerEnabled              | Sets whether the openssl Analyzer should be used.                                                                                                                                                                                                                               | true                                                                                     |
+| cmakeAnalyzerEnabled                | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                               | true                                                                                     |
+| autoconfAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                            | true                                                                                     |
+| pipAnalyzerEnabled                  | Sets whether the [experimental](../analyzers/index.html) pip Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                                 | true                                                                                     |
+| pipfileAnalyzerEnabled              | Sets whether the [experimental](../analyzers/index.html) Pipfile Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                             | true                                                                                     |
+| poetryAnalyzerEnabled               | Sets whether the [experimental](../analyzers/index.html) Poetry Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                              | true                                                                                     |
+| composerAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                              | true                                                                                     |
+| composerAnalyzerSkipDev             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev"                                                                                                                                                             | false                                                                                    |
+| cpanfileAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                      | true                                                                                     |
+| yarnAuditAnalyzerEnabled            | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.  Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                      | true                                                                                     |
+| pnpmAuditAnalyzerEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.  Use `nodeAuditSkipDevDependencies` to skip dev dependencies.                                                                                                      | true                                                                                     |
+| pathToYarn                          | The path to `yarn`.                                                                                                                                                                                                                                                             | &nbsp;                                                                                   |
+| pathToPnpm                          | The path to `pnpm`.                                                                                                                                                                                                                                                             | &nbsp;                                                                                   |
+| nodeAnalyzerEnabled                 | Sets whether the [retired](../analyzers/index.html) Node.js Analyzer should be used.                                                                                                                                                                                            | true                                                                                     |
+| nodeAuditAnalyzerEnabled            | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                                                                                                                                             | true                                                                                     |
+| nodeAuditAnalyzerUseCache           | Sets whether the Node Audit Analyzer will cache results. Cached results expire after 24 hours.                                                                                                                                                                                  | true                                                                                     |
+| nodeAuditSkipDevDependencies        | Sets whether the Node Audit Analyzer will skip devDependencies.                                                                                                                                                                                                                 | false                                                                                    |
+| nodeAuditAnalyzerUrl                | The Node Audit API URL for the Node Audit Analyzer.                                                                                                                                                                                                                             | https://registry.npmjs.org/-/npm/v1/security/audits                                      |
+| nodePackageSkipDevDependencies      | Sets whether the Node Package Analyzer will skip devDependencies.                                                                                                                                                                                                               | false                                                                                    |
+| retireJsAnalyzerEnabled             | Sets whether the RetireJS Analyzer should be used.                                                                                                                                                                                                                              | true                                                                                     |
+| retireJsForceUpdate                 | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                                                                                                                                                                                        | false                                                                                    |
+| retireJsUrl                         | The URL to the Retire JS repository. **Note** the file name must be `jsrepository.json`.                                                                                                                                                                                        | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
+| nuspecAnalyzerEnabled               | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                       | true                                                                                     |
+| nugetconfAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `enableExperimental` must be set to true.                                                                                                                            | true                                                                                     |
+| libmanAnalyzerEnabled               | Sets whether the Libman Analyzer will be used.                                                                                                                                                                                                                                  | true                                                                                     |
+| cocoapodsAnalyzerEnabled            | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                           | true                                                                                     |
+| carthageAnalyzerEnabled             | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                            | true                                                                                     |
+| bundleAuditAnalyzerEnabled          | Sets whether the [experimental](../analyzers/index.html) Bundle Audit Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                        | true                                                                                     |
+| bundleAuditPath                     | Sets the path to the bundle audit executable; only used if bundle audit analyzer is enabled and experimental analyzers are enabled.                                                                                                                                             | &nbsp;                                                                                   |
+| swiftPackageManagerAnalyzerEnabled  | Sets whether the [experimental](../analyzers/index.html) Swift Package Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                                       | true                                                                                     |
+| swiftPackageResolvedAnalyzerEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved should be used. `enableExperimental` must be set to true.                                                                                                                                       | true                                                                                     |
+| assemblyAnalyzerEnabled             | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                         | true                                                                                     |
+| msbuildAnalyzerEnabled              | Sets whether the MSBuild Analyzer should be used.                                                                                                                                                                                                                               | true                                                                                     |
+| pathToCore                          | The path to dotnet core .NET assembly analysis on non-windows systems.                                                                                                                                                                                                          | &nbsp;                                                                                   |
+| golangDepEnabled                    | Sets whether or not the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `enableExperimental` must be set to true.                                                                                                                            | true                                                                                     |
+| golangModEnabled                    | Sets whether or not the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `enableExperimental` must be set to true.                                                                                                 | true                                                                                     |
+| pathToGo                            | The path to `go`.                                                                                                                                                                                                                                                               | &nbsp;                                                                                   |
 
 RetireJS Configuration
 ====================
@@ -134,10 +136,10 @@ to control the included JS files
     &lt;/retirejs&gt;
 </pre>
 
-Property            | Description                                                                                                                                                                                                            | Default Value
---------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------
-filters             | A list of file content filters used to exclude JS files based on content. This is most commonly used to exclude JS files based on your organizations copyright so that your JS files do not get listed as a dependency.| &nbsp;
-filterNonVulnerable | A boolean controlling whether or not the Retire JS Analyzer should exclude non-vulnerable JS files from the report.                                                                                                    | false
+| Property            | Description                                                                                                                                                                                                             | Default Value |
+|---------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------|
+| filters             | A list of file content filters used to exclude JS files based on content. This is most commonly used to exclude JS files based on your organizations copyright so that your JS files do not get listed as a dependency. | &nbsp;        |
+| filterNonVulnerable | A boolean controlling whether or not the Retire JS Analyzer should exclude non-vulnerable JS files from the report.                                                                                                     | false         |
 
 Advanced Configuration
 ====================
@@ -145,49 +147,49 @@ The following properties can be configured in the plugin. However, they are less
 
 Note that any passwords in the below configuration could be exposed if you use `-x` option to debug the build. It is always better to configure the credential in your settings.xml and use the configuration to set the server id instead of placeing the password directly in the pom.xml.
 
-Property                 | Description                                                                                                                                                                                                                                                                                                       | Default Value                                                       |
--------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------|
-nvdApiServerId           | The id of a server defined in the settings.xml that configures the credentials (password is used as ApiKey) for accessing the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key.                                                                                                                                                                            | &nbsp;                                                              |
-nvdApiKey                | If you don't want register token as password in settings.xml, you can specify Bearer token for accessing the NVD API, but be aware that if you use -X the secret will be written to the standard out. | &nbsp; |
-nvdApiEndpoint           | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                                                                                               | https://services.nvd.nist.gov/rest/json/cves/2.0                    |
-nvdMaxRetryCount         | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                                                                                                            | 10                                                                  |
-nvdApiDelay              | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                                                                                                  | 3500 with an NVD API Key or 8000 without an API Key .               |
-nvdApiResultsPerPage     | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                                                                                               | 2000                                                                |
-nvdDatafeedUrl           | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz`                                                                                | &nbsp;                                         |
-nvdDatafeedServerId      | The id of a server defined in the settings.xml that configures the credentials (username and password) for accessing the NVD API Data feed.                                                                                                                                                                       | &nbsp;                                                              |
-nvdUser                  | If you don't want register user/password in settings.xml, you can specify Basic username for the NVD API Data feed.                                                                                                                                                                                               | &nbsp;                                                              |
-nvdPassword              | If you don't want register user/password in settings.xml, you can specify Basic password for the NVD API Data feed, but be aware that if you use -X the secret will be written to the standard out.                            | &nbsp; |
-nvdBearerToken           | If you don't want register token as password in settings.xml, you can specify Bearer token for the NVD API Data feed, but be aware that if you use -X the secret will be written to the standard out.                                 | &nbsp; |
-nvdValidForHours         | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                                                                                                 | 4                                                                   |
-suppressionFileServerId  | The id of a server defined in the settings.xml that configures the credentials (username and password) for accessing the suppressionFiles.                                                                                                                                                                        | &nbsp;                                                              |
-suppressionFileUser      | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                                                                | &nbsp;                                                              |
-suppressionFilePassword  | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                    | &nbsp;                                                              |
-suppressionFileBearerToken | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                     | &nbsp;                                                              |
-connectionTimeout        | Sets the URL Connection Timeout (in milliseconds) used when downloading external data.                                                                                                                                                                                                                            | 10000                                                               |
-readTimeout              | Sets the URL Read Timeout  (in milliseconds) used when downloading external data.                                                                                                                                                                                                                                 | 60000                                                               |
-dataDirectory            | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                                                                                                                                                                          | ~/.m2/repository/org/owasp/dependency-check-data/                   |
-databaseDriverName       | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                                                                                                      | &nbsp;                                                              |
-databaseDriverPath       | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                                                                                                            | &nbsp;                                                              |
-connectionString         | The connection string used to connect to the database.   See using a [database server](../data/database.html).                                                                                                                                                                                                    | &nbsp;                                                              |
-serverId                 | The id of a server defined in the settings.xml; this can be used to encrypt the database password. See [password encryption](http://maven.apache.org/guides/mini/guide-encryption.html) for more information.                                                                                                     | &nbsp; |
-databaseUser             | The username used when connecting to the database.                                                                                                                                                                                                                                                                | &nbsp;                                                              |
-databasePassword         | The password used when connecting to the database.                                                                                                                                                                                                                                                                | &nbsp;                                                              |
-hostedSuppressionsEnabled      | Whether the hosted suppressions file will be used.                                                                                                                                                                                                                                                                | true |
-hostedSuppressionsForceUpdate  | Whether the hosted suppressions file will update regardless of the `autoupdate` setting.                                                                                                                                                                                                                          | false |
-hostedSuppressionsUrl          | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                                                                                                                                                                                                                 | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
-hostedSuppressionsValidForHours| Sets the number of hours to wait before checking for new updates from the NVD.                                                                                                                                                                                                                                    | 2 |
-hostedSuppressionsServerId | The id of a server defined in the settings.xml that configures the credentials for accessing a mirrored hostedSuppressions XML file.                                                                                                                                                                              | &nbsp; |
-hostedSuppressionsUser     | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                                                                                                         | &nbsp; |
-hostedSuppressionsPassword | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.     | &nbsp; |
-hostedSuppressionsBearerToken  | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.         | &nbsp; |
-retireJsUrlServerId      | The id of a server defined in the settings.xml to retrieve the credentials (Basic (username and password) or Bearer (password only)) to connect to RetireJS instance.                                                                                                                                             | &nbsp; |
-retireJsUser             | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                                                                                                         | &nbsp; |
-retireJsPassword         | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                                                                                                         | &nbsp; |
-retireJsBearerToken      | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                                                                                                       | &nbsp; |
-knownExploitedServerId    | The id of a server defined in the settings.xml that configures the credentials  (Basic (username and password) or Bearer (password only)) for accessing the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                 | &nbsp; |
-knownExploitedUser        | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                                                                                                        | &nbsp; |
-knownExploitedPassword    | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                                                                                                        | &nbsp; |
-knownExploitedBearerToken | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                                                                                                      | &nbsp; |
+| Property                        | Description                                                                                                                                                                                                                          | Default Value                                                                             |
+|---------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| nvdApiServerId                  | The id of a server defined in the settings.xml that configures the credentials (password is used as ApiKey) for accessing the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key.                             | &nbsp;                                                                                    |
+| nvdApiKey                       | If you don't want register token as password in settings.xml, you can specify Bearer token for accessing the NVD API, but be aware that if you use -X the secret will be written to the standard out.                                | &nbsp;                                                                                    |
+| nvdApiEndpoint                  | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                                                                  | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvdMaxRetryCount                | The maximum number of retry requests for a single call to the NVD API.                                                                                                                                                               | 10                                                                                        |
+| nvdApiDelay                     | The number of milliseconds to wait between calls to the NVD API.                                                                                                                                                                     | 3500 with an NVD API Key or 8000 without an API Key .                                     |
+| nvdApiResultsPerPage            | The number records for a single page from NVD API (must be <=2000).                                                                                                                                                                  | 2000                                                                                      |
+| nvdDatafeedUrl                  | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data - example value `https://internal.server/cache/nvdcve-{0}.json.gz` | &nbsp;                                                                                    |
+| nvdDatafeedServerId             | The id of a server defined in the settings.xml that configures the credentials (username and password) for accessing the NVD API Data feed.                                                                                          | &nbsp;                                                                                    |
+| nvdUser                         | If you don't want register user/password in settings.xml, you can specify Basic username for the NVD API Data feed.                                                                                                                  | &nbsp;                                                                                    |
+| nvdPassword                     | If you don't want register user/password in settings.xml, you can specify Basic password for the NVD API Data feed, but be aware that if you use -X the secret will be written to the standard out.                                  | &nbsp;                                                                                    |
+| nvdBearerToken                  | If you don't want register token as password in settings.xml, you can specify Bearer token for the NVD API Data feed, but be aware that if you use -X the secret will be written to the standard out.                                | &nbsp;                                                                                    |
+| nvdValidForHours                | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                                                                    | 4                                                                                         |
+| suppressionFileServerId         | The id of a server defined in the settings.xml that configures the credentials (username and password) for accessing the suppressionFiles.                                                                                           | &nbsp;                                                                                    |
+| suppressionFileUser             | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                            | &nbsp;                                                                                    |
+| suppressionFilePassword         | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                            | &nbsp;                                                                                    |
+| suppressionFileBearerToken      | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                          | &nbsp;                                                                                    |
+| connectionTimeout               | Sets the URL Connection Timeout (in milliseconds) used when downloading external data.                                                                                                                                               | 10000                                                                                     |
+| readTimeout                     | Sets the URL Read Timeout  (in milliseconds) used when downloading external data.                                                                                                                                                    | 60000                                                                                     |
+| dataDirectory                   | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                                                                                             | ~/.m2/repository/org/owasp/dependency-check-data/                                         |
+| databaseDriverName              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                                                         | &nbsp;                                                                                    |
+| databaseDriverPath              | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                                                               | &nbsp;                                                                                    |
+| connectionString                | The connection string used to connect to the database.   See using a [database server](../data/database.html).                                                                                                                       | &nbsp;                                                                                    |
+| serverId                        | The id of a server defined in the settings.xml; this can be used to encrypt the database password. See [password encryption](http://maven.apache.org/guides/mini/guide-encryption.html) for more information.                        | &nbsp;                                                                                    |
+| databaseUser                    | The username used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| databasePassword                | The password used when connecting to the database.                                                                                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressionsEnabled       | Whether the hosted suppressions file will be used.                                                                                                                                                                                   | true                                                                                      |
+| hostedSuppressionsForceUpdate   | Whether the hosted suppressions file will update regardless of the `autoupdate` setting.                                                                                                                                             | false                                                                                     |
+| hostedSuppressionsUrl           | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                                                                                                                                    | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressionsValidForHours | Sets the number of hours to wait before checking for new updates from the NVD.                                                                                                                                                       | 2                                                                                         |
+| hostedSuppressionsServerId      | The id of a server defined in the settings.xml that configures the credentials for accessing a mirrored hostedSuppressions XML file.                                                                                                 | &nbsp;                                                                                    |
+| hostedSuppressionsUser          | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                            | &nbsp;                                                                                    |
+| hostedSuppressionsPassword      | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                            | &nbsp;                                                                                    |
+| hostedSuppressionsBearerToken   | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                          | &nbsp;                                                                                    |
+| retireJsUrlServerId             | The id of a server defined in the settings.xml to retrieve the credentials (Basic (username and password) or Bearer (password only)) to connect to RetireJS instance.                                                                | &nbsp;                                                                                    |
+| retireJsUser                    | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                            | &nbsp;                                                                                    |
+| retireJsPassword                | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                            | &nbsp;                                                                                    |
+| retireJsBearerToken             | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                          | &nbsp;                                                                                    |
+| knownExploitedServerId          | The id of a server defined in the settings.xml that configures the credentials  (Basic (username and password) or Bearer (password only)) for accessing the CISA Known Exploited Vulnerabilities JSON data feed.                     | &nbsp;                                                                                    |
+| knownExploitedUser              | If you don't want register user/password in settings.xml, you can specify Basic username.                                                                                                                                            | &nbsp;                                                                                    |
+| knownExploitedPassword          | If you don't want register user/password in settings.xml, you can specify Basic password, but be aware that if you use -X the secret will be written to the standard out.                                                            | &nbsp;                                                                                    |
+| knownExploitedBearerToken       | If you don't want register token as password in settings.xml, you can specify Bearer token, but be aware that if you use -X the secret will be written to the standard out.                                                          | &nbsp;                                                                                    |
 
 Proxy Configuration
 ====================
@@ -195,6 +197,6 @@ Use [Maven's settings](https://maven.apache.org/settings.html#Proxies) to config
 dependency-check [proxy configuration](../data/proxy.html) page for additional problem solving techniques. If multiple proxies
 are configured in the Maven settings file you must tell dependency-check which proxy to use with the following property:
 
-Property             | Description                                                                          | Default Value |
----------------------|--------------------------------------------------------------------------------------|---------------|
-mavenSettingsProxyId | The id for the proxy, configured via settings.xml, that dependency-check should use. | &nbsp;        |
+| Property             | Description                                                                          | Default Value |
+|----------------------|--------------------------------------------------------------------------------------|---------------|
+| mavenSettingsProxyId | The id for the proxy, configured via settings.xml, that dependency-check should use. | &nbsp;        |
diff --git a/maven/src/site/markdown/index.md.vm b/maven/src/site/markdown/index.md.vm
index aa9f5d629db..2284ba43e98 100644
--- a/maven/src/site/markdown/index.md.vm
+++ b/maven/src/site/markdown/index.md.vm
@@ -5,11 +5,14 @@ plug-in or as part of the site plug-in. The plug-in requires Maven 3.6.3 or high
 
 It is important to understand that the first time this task is executed it may
 take 20 minutes or more as it downloads and processes the data from the National
-Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov
+Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov.
 
 After the first batch download, as long as the plug-in is executed at least once every
 seven days the update will only take a few seconds.
 
+The Dependency-Check team strongly recommends to [mirror the NVD database](../data/mirrornvd.html) for any operational
+integration. If not done, any service disruption of the NVD database will make the usage of Dependency-Check difficult.
+
 ### Default Phase
 The dependency-check plugin is, by default, tied to the `verify` or `site` phase
 depending on if it is configured as a build or reporting plugin. The examples
diff --git a/maven/src/site/site.xml b/maven/src/site/site.xml
index e502e572460..d1101dd2f7a 100644
--- a/maven/src/site/site.xml
+++ b/maven/src/site/site.xml
@@ -32,5 +32,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <item name="Goals" href="plugin-info.html"/>
         </menu>
         <menu ref="reports"/>
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
diff --git a/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactScopeExcludedTest.java b/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactScopeExcludedTest.java
index e286c61c78d..63e615c3e08 100644
--- a/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactScopeExcludedTest.java
+++ b/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactScopeExcludedTest.java
@@ -17,9 +17,8 @@
  */
 package org.owasp.dependencycheck.maven;
 
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
 import org.owasp.dependencycheck.utils.Filter;
 
 import java.util.Arrays;
@@ -38,18 +37,9 @@
 import static org.hamcrest.core.IsEqual.equalTo;
 import static org.owasp.dependencycheck.maven.ArtifactScopeExcludedTest.ArtifactScopeExcludedTestBuilder.pluginDefaults;
 
-@RunWith(Parameterized.class)
-public class ArtifactScopeExcludedTest {
+class ArtifactScopeExcludedTest {
 
-	private final boolean skipTestScope;
-	private final boolean skipProvidedScope;
-	private final boolean skipSystemScope;
-	private final boolean skipRuntimeScope;
-	private final String testString;
-	private final boolean expectedResult;
-
-	@Parameterized.Parameters(name = "{0}")
-	public static Collection<Object[]> getParameters() {
+	static Collection<Object[]> getParameters() {
 		return Arrays.asList(new Object[][]{
 				{pluginDefaults().withTestString(SCOPE_COMPILE).withExpectedResult(false)},
 				{pluginDefaults().withTestString(SCOPE_COMPILE_PLUS_RUNTIME).withExpectedResult(false)},
@@ -66,19 +56,12 @@ public static Collection<Object[]> getParameters() {
 		});
 	}
 
-	public ArtifactScopeExcludedTest(final ArtifactScopeExcludedTestBuilder builder) {
-		this.skipTestScope = builder.skipTestScope;
-		this.skipProvidedScope = builder.skipProvidedScope;
-		this.skipSystemScope = builder.skipSystemScope;
-		this.skipRuntimeScope = builder.skipRuntimeScope;
-		this.testString = builder.testString;
-		this.expectedResult = builder.expectedResult;
-	}
-
-	@Test
-	public void shouldExcludeArtifact() {
-		final Filter<String> artifactScopeExcluded = new ArtifactScopeExcluded(skipTestScope, skipProvidedScope, skipSystemScope, skipRuntimeScope);
-		assertThat(expectedResult, is(equalTo(artifactScopeExcluded.passes(testString))));
+    @ParameterizedTest(name = "{0}")
+	@MethodSource("getParameters")
+    void shouldExcludeArtifact(final ArtifactScopeExcludedTestBuilder builder) {
+		final Filter<String> artifactScopeExcluded = new ArtifactScopeExcluded(
+				builder.skipTestScope, builder.skipProvidedScope, builder.skipSystemScope, builder.skipRuntimeScope);
+		assertThat(builder.expectedResult, is(equalTo(artifactScopeExcluded.passes(builder.testString))));
 	}
 
 	public static final class ArtifactScopeExcludedTestBuilder {
diff --git a/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactTypeExcludedTest.java b/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactTypeExcludedTest.java
index e3a78f95eb1..101b5a35786 100644
--- a/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactTypeExcludedTest.java
+++ b/maven/src/test/java/org/owasp/dependencycheck/maven/ArtifactTypeExcludedTest.java
@@ -17,20 +17,21 @@
  */
 package org.owasp.dependencycheck.maven;
 
-import org.junit.Test;
-import static org.junit.Assert.assertEquals;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 /**
  *
  * @author Jeremy Long
  */
-public class ArtifactTypeExcludedTest {
+class ArtifactTypeExcludedTest {
 
     /**
      * Test of passes method, of class ArtifactTypeExcluded.
      */
     @Test
-    public void testPasses() {
+    void testPasses() {
         String artifactType = null;
         ArtifactTypeExcluded instance = new ArtifactTypeExcluded(null);
         boolean expResult = false;
diff --git a/maven/src/test/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojoTest.java b/maven/src/test/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojoTest.java
index 13f47677ce9..1b7eed3cfe2 100644
--- a/maven/src/test/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojoTest.java
+++ b/maven/src/test/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojoTest.java
@@ -17,36 +17,33 @@
  */
 package org.owasp.dependencycheck.maven;
 
-import java.io.File;
-import java.util.Locale;
-
-import org.apache.maven.plugin.MojoExecutionException;
-import org.apache.maven.plugin.MojoFailureException;
 import org.apache.maven.project.MavenProject;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-import static org.mockito.Mockito.doReturn;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Spy;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.exception.ExceptionCollection;
 
+import java.io.File;
+import java.util.Locale;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.mockito.Mockito.doReturn;
+
 /**
  *
  * @author Jeremy Long
  */
-@RunWith(MockitoJUnitRunner.class)
-public class BaseDependencyCheckMojoTest extends BaseTest {
+@ExtendWith(MockitoExtension.class)
+class BaseDependencyCheckMojoTest extends BaseTest {
 
     @Spy
     MavenProject project;
 
     @Test
-    public void should_newDependency_get_pom_from_base_dir() {
+    void should_newDependency_get_pom_from_base_dir() {
         // Given
         BaseDependencyCheckMojo instance = new BaseDependencyCheckMojoImpl();
 
@@ -62,7 +59,7 @@ public void should_newDependency_get_pom_from_base_dir() {
     }
 
     @Test
-    public void should_newDependency_get_default_virtual_dependency() {
+    void should_newDependency_get_default_virtual_dependency() {
         // Given
         BaseDependencyCheckMojo instance = new BaseDependencyCheckMojoImpl();
 
@@ -77,7 +74,7 @@ public void should_newDependency_get_default_virtual_dependency() {
     }
 
     @Test
-    public void should_newDependency_get_pom_declared_as_module() {
+    void should_newDependency_get_pom_declared_as_module() {
         // Given
         BaseDependencyCheckMojo instance = new BaseDependencyCheckMojoImpl();
 
@@ -99,7 +96,7 @@ public void should_newDependency_get_pom_declared_as_module() {
     public static class BaseDependencyCheckMojoImpl extends BaseDependencyCheckMojo {
 
         @Override
-        protected void runCheck() throws MojoExecutionException, MojoFailureException {
+        protected void runCheck() {
             throw new UnsupportedOperationException("Operation not supported");
         }
 
@@ -119,11 +116,11 @@ public boolean canGenerateReport() {
         }
 
         @Override
-        protected ExceptionCollection scanDependencies(Engine engine) throws MojoExecutionException {
+        protected ExceptionCollection scanDependencies(Engine engine) {
             throw new UnsupportedOperationException("Operation not supported");
         }
         @Override
-        protected ExceptionCollection scanPlugins(Engine engine, ExceptionCollection exCollection) throws MojoExecutionException {
+        protected ExceptionCollection scanPlugins(Engine engine, ExceptionCollection exCollection) {
             throw new UnsupportedOperationException("Operation not supported");
         }
     }
diff --git a/maven/src/test/java/org/owasp/dependencycheck/maven/BaseTest.java b/maven/src/test/java/org/owasp/dependencycheck/maven/BaseTest.java
index 00ad9a51e1f..cc3c2b115fc 100644
--- a/maven/src/test/java/org/owasp/dependencycheck/maven/BaseTest.java
+++ b/maven/src/test/java/org/owasp/dependencycheck/maven/BaseTest.java
@@ -17,11 +17,12 @@
  */
 package org.owasp.dependencycheck.maven;
 
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.owasp.dependencycheck.utils.Settings;
+
 import java.io.IOException;
 import java.io.InputStream;
-import org.junit.After;
-import org.junit.Before;
-import org.owasp.dependencycheck.utils.Settings;
 
 /**
  *
@@ -42,7 +43,7 @@ public abstract class BaseTest {
     /**
      * Initialize the {@link Settings}.
      */
-    @Before
+    @BeforeEach
     public void setUp() throws IOException {
         settings = new Settings();
         try (InputStream mojoProperties = BaseTest.class.getClassLoader().getResourceAsStream(BaseTest.PROPERTIES_FILE)) {
@@ -53,7 +54,7 @@ public void setUp() throws IOException {
     /**
      * Clean the {@link Settings}.
      */
-    @After
+    @AfterEach
     public void tearDown() {
         settings.cleanup(true);
     }
diff --git a/maven/src/test/resources/maven_project_base_dir/pom.xml b/maven/src/test/resources/maven_project_base_dir/pom.xml
index b9363e987eb..a0e99fe7213 100644
--- a/maven/src/test/resources/maven_project_base_dir/pom.xml
+++ b/maven/src/test/resources/maven_project_base_dir/pom.xml
@@ -48,9 +48,21 @@
             <version>2.1.2</version>
         </dependency>
         <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>3.8.1</version>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <version>5.12.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-engine</artifactId>
+            <version>5.12.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-params</artifactId>
+            <version>5.12.2</version>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/pom.xml b/pom.xml
index 1ab2c64c6b3..5bd51697fc4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long
 
     <groupId>org.owasp</groupId>
     <artifactId>dependency-check-parent</artifactId>
-    <version>12.1.1</version>
+    <version>12.1.8</version>
     <packaging>pom</packaging>
 
     <modules>
@@ -94,7 +94,7 @@ Copyright (c) 2012 - Jeremy Long
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck</url>
         <developerConnection>scm:git:https://github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <issueManagement>
         <system>github</system>
@@ -113,54 +113,53 @@ Copyright (c) 2012 - Jeremy Long
     <properties>
         <maven.compiler.release>11</maven.compiler.release>
         <!--reproducible build-->
-        <project.build.outputTimestamp>2025-04-05T11:23:00Z</project.build.outputTimestamp>
+        <project.build.outputTimestamp>2025-10-13T14:23:32Z</project.build.outputTimestamp>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <github.global.server>github</github.global.server>
-        
+
         <apache.lucene.version>9.12.0</apache.lucene.version>
         <apache.ant.version>1.10.15</apache.ant.version>
-        
+
         <!-- upgrading slf4j and logback can cause issues ;) https://github.com/dependency-check/DependencyCheck/issues/4846 -->
         <slf4j.version>1.7.36</slf4j.version>
         <logback.version>1.2.13</logback.version>
-        
+
         <maven.api.version>3.6.3</maven.api.version>
         <reporting.checkstyle-plugin.version>3.6.0</reporting.checkstyle-plugin.version>
         <reporting.checkstyle.tool.version>9.3</reporting.checkstyle.tool.version>
         <doxia-base.version>2.0.0</doxia-base.version>
         <maven-antrun-plugin.version>3.1.0</maven-antrun-plugin.version>
-        <maven-dependency-plugin.version>3.8.1</maven-dependency-plugin.version>
-        <maven-javadoc-plugin.version>3.11.2</maven-javadoc-plugin.version>
+        <maven-dependency-plugin.version>3.9.0</maven-dependency-plugin.version>
+        <maven-javadoc-plugin.version>3.12.0</maven-javadoc-plugin.version>
         <!-- upgrading beyond 2.5 breaks maven site-->
         <maven-jxr-plugin.version>2.5</maven-jxr-plugin.version>
         <maven-project-info-reports-plugin.version>3.9.0</maven-project-info-reports-plugin.version>
-        <maven-surefire-report-plugin.version>3.5.3</maven-surefire-report-plugin.version>
-        <jacoco-maven-plugin.version>0.8.13</jacoco-maven-plugin.version>
-        <spotbugs.version>4.9.3</spotbugs.version>
-        <spotbugs.maven.plugin.version>4.9.3.0</spotbugs.maven.plugin.version>
+        <maven-surefire-report-plugin.version>3.5.4</maven-surefire-report-plugin.version>
+        <jacoco-maven-plugin.version>0.8.14</jacoco-maven-plugin.version>
+        <spotbugs.maven.plugin.version>4.9.4.0</spotbugs.maven.plugin.version>
         <taglist-maven-plugin.version>3.2.1</taglist-maven-plugin.version>
         <versions-maven-plugin.version>2.18.0</versions-maven-plugin.version>
-        <jetbrains.annotations.version>26.0.2</jetbrains.annotations.version>
-        <findbugs.spotbugs.version>4.9.3</findbugs.spotbugs.version>
+        <jetbrains.annotations.version>26.0.2-1</jetbrains.annotations.version>
+        <findbugs.spotbugs.version>4.9.6</findbugs.spotbugs.version>
         <com.h2database.version>2.3.232</com.h2database.version>
-        <commons-cli.version>1.9.0</commons-cli.version>
-        <commons-io.version>2.18.0</commons-io.version>
-        <commons-lang3.version>3.17.0</commons-lang3.version>
-        <commons-text.version>1.13.0</commons-text.version>
-        <httpcomponents.client.version>5.4.3</httpcomponents.client.version>
-        <httpcomponents.core.version>5.3.4</httpcomponents.core.version>
+        <commons-cli.version>1.10.0</commons-cli.version>
+        <commons-io.version>2.20.0</commons-io.version>
+        <commons-lang3.version>3.19.0</commons-lang3.version>
+        <commons-text.version>1.14.0</commons-text.version>
+        <httpcomponents.client.version>5.5</httpcomponents.client.version>
+        <httpcomponents.core.version>5.3.6</httpcomponents.core.version>
         <!-- note that logging will be noisy and broken until we upgrade to 3.2
             See https://issues.apache.org/jira/browse/JCS-232 and
             https://github.com/apache/commons-jcs/pull/120 -->
         <commons-jcs-core.version>3.2.1</commons-jcs-core.version>
         <aho-corasick-double-array-trie.version>1.2.3</aho-corasick-double-array-trie.version>
-        <junit.version>4.13.2</junit.version>
+        <junit.version>5.14.0</junit.version>
         <hamcrest.version>3.0</hamcrest.version>
-        <mockito-core.version>5.12.0</mockito-core.version>
-        <jsoup.version>1.19.1</jsoup.version>
+        <mockito.version>5.19.0</mockito.version>
+        <jsoup.version>1.21.2</jsoup.version>
         <commons-compress.version>1.27.1</commons-compress.version>
-        <org.apache.maven.shared.file-management.version>3.1.0</org.apache.maven.shared.file-management.version>
+        <org.apache.maven.shared.file-management.version>3.2.0</org.apache.maven.shared.file-management.version>
         <maven-plugin-testing-harness.version>3.3.0</maven-plugin-testing-harness.version>
         <maven-plugin-annotations.version>3.15.1</maven-plugin-annotations.version>
         <maven-reporting-api.version>4.0.0</maven-reporting-api.version>
@@ -170,22 +169,14 @@ Copyright (c) 2012 - Jeremy Long
         <maven-artifact-transfer.version>0.13.1</maven-artifact-transfer.version>
         <maven-common-artifact-filters.version>3.4.0</maven-common-artifact-filters.version>
         <groovy-all.version>2.4.21</groovy-all.version>
-        <gmavenplus-plugin.version>4.1.1</gmavenplus-plugin.version>
+        <gmavenplus-plugin.version>4.2.1</gmavenplus-plugin.version>
         <com.h3xstream.retirejs.core.version>3.0.4</com.h3xstream.retirejs.core.version>
-        <jackson.version>2.18.3</jackson.version>
-        <!--necassary for some IDEs to be able to execute test cases (Netbeans)-->
+        <jackson.version>2.20.0</jackson.version>
+        <!--necessary for some IDEs to be able to execute test cases (Netbeans)-->
         <surefireArgLine />
         <mock-server.version>5.15.0</mock-server.version>
     </properties>
     <distributionManagement>
-        <snapshotRepository>
-            <id>ossrh</id>
-            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
-        </snapshotRepository>
-        <repository>
-            <id>ossrh</id>
-            <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
-        </repository>
         <site>
             <id>gh-pages</id>
             <name>gh-pages</name>
@@ -219,12 +210,12 @@ Copyright (c) 2012 - Jeremy Long
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-clean-plugin</artifactId>
-                    <version>3.4.1</version>
+                    <version>3.5.0</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.14.0</version>
+                    <version>3.14.1</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -234,12 +225,12 @@ Copyright (c) 2012 - Jeremy Long
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-artifact-plugin</artifactId>
-                    <version>3.6.0</version>
+                    <version>3.6.1</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-enforcer-plugin</artifactId>
-                    <version>3.5.0</version>
+                    <version>3.6.1</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -249,12 +240,12 @@ Copyright (c) 2012 - Jeremy Long
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-failsafe-plugin</artifactId>
-                    <version>3.5.3</version>
+                    <version>3.5.4</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-gpg-plugin</artifactId>
-                    <version>3.2.7</version>
+                    <version>3.2.8</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -272,9 +263,9 @@ Copyright (c) 2012 - Jeremy Long
                     <version>3.1.1</version>
                 </plugin>
                 <plugin>
-                    <groupId>org.sonatype.plugins</groupId>
-                    <artifactId>nexus-staging-maven-plugin</artifactId>
-                    <version>1.7.0</version>
+                    <groupId>org.sonatype.central</groupId>
+                    <artifactId>central-publishing-maven-plugin</artifactId>
+                    <version>0.8.0</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -296,7 +287,7 @@ Copyright (c) 2012 - Jeremy Long
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-surefire-plugin</artifactId>
-                    <version>3.5.3</version>
+                    <version>3.5.4</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -341,7 +332,7 @@ Copyright (c) 2012 - Jeremy Long
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-invoker-plugin</artifactId>
-                    <version>3.9.0</version>
+                    <version>3.9.1</version>
                     <dependencies>
                         <dependency>
                             <groupId>org.codehaus.groovy</groupId>
@@ -416,7 +407,7 @@ Copyright (c) 2012 - Jeremy Long
                             </scripts>
                         </configuration>
                     </execution>
-                    
+
                     <execution>
                         <id>add-dynamic-properties-site</id>
                         <phase>pre-site</phase>
@@ -497,7 +488,7 @@ Copyright (c) 2012 - Jeremy Long
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-artifact-plugin</artifactId>
-                <version>3.6.0</version>
+                <version>3.6.1</version>
                 <executions>
                     <execution>
                         <goals>
@@ -529,9 +520,9 @@ Copyright (c) 2012 - Jeremy Long
                 <artifactId>maven-enforcer-plugin</artifactId>
                 <dependencies>
                     <dependency>
-                        <groupId>org.owasp.maven.enforcer</groupId>
-                        <artifactId>class-file-format-rule</artifactId>
-                        <version>2.0.0</version>
+                        <groupId>org.codehaus.mojo</groupId>
+                        <artifactId>extra-enforcer-rules</artifactId>
+                        <version>1.11.0</version>
                     </dependency>
                 </dependencies>
                 <inherited>true</inherited>
@@ -544,23 +535,23 @@ Copyright (c) 2012 - Jeremy Long
                         <configuration>
                             <rules>
                                 <requireJavaVersion>
-                                    <version>1.8.0</version>
+                                    <version>${maven.compiler.release}</version>
                                 </requireJavaVersion>
                             </rules>
                         </configuration>
                     </execution>
                     <execution>
-                        <id>enforce-classfileformat</id>
+                        <id>enforce-bytecode-version</id>
+                        <goals>
+                            <goal>enforce</goal>
+                        </goals>
                         <configuration>
                             <rules>
-                                <byteCodeRule implementation="org.owasp.maven.enforcer.rule.ClassFileFormatRule">
-                                    <supportedClassFileFormat>55</supportedClassFileFormat>
-                                </byteCodeRule>
+                                <enforceBytecodeVersion>
+                                    <maxJdkVersion>${maven.compiler.release}</maxJdkVersion>
+                                </enforceBytecodeVersion>
                             </rules>
                         </configuration>
-                        <goals>
-                            <goal>enforce</goal>
-                        </goals>
                     </execution>
                     <execution>
                         <id>enforce-maven-3</id>
@@ -634,6 +625,7 @@ Copyright (c) 2012 - Jeremy Long
                 <artifactId>maven-surefire-plugin</artifactId>
                 <configuration>
                     <argLine>@{surefireArgLine} -Dfile.encoding=UTF-8</argLine>
+                    <failIfNoTests>false</failIfNoTests>
                     <systemPropertyVariables>
                         <data.directory>${project.build.directory}/data</data.directory>
                         <temp.directory>${project.build.directory}/temp</temp.directory>
@@ -731,14 +723,14 @@ Copyright (c) 2012 - Jeremy Long
                 </configuration>
             </plugin>
             <plugin>
-                <groupId>org.sonatype.plugins</groupId>
-                <artifactId>nexus-staging-maven-plugin</artifactId>
+                <groupId>org.sonatype.central</groupId>
+                <artifactId>central-publishing-maven-plugin</artifactId>
+                <version>0.8.0</version>
                 <extensions>true</extensions>
                 <configuration>
-                    <serverId>ossrh</serverId>
-                    <nexusUrl>https://oss.sonatype.org/</nexusUrl>
-                    <autoReleaseAfterClose>true</autoReleaseAfterClose>
-                    <stagingProgressTimeoutMinutes>120</stagingProgressTimeoutMinutes>
+                    <publishingServerId>central</publishingServerId>
+                    <autoPublish>true</autoPublish>
+                    <waitUntil>published</waitUntil>
                 </configuration>
             </plugin>
             <plugin>
@@ -804,7 +796,7 @@ Copyright (c) 2012 - Jeremy Long
                         </reports>
                         <configuration>
                             <failOnError>false</failOnError>
-                            <bottom>Copyright© 2012-24 Jeremy Long. All Rights Reserved.</bottom>
+                            <bottom>Copyright© 2012-25 Jeremy Long. All Rights Reserved.</bottom>
                             <sourceFileExcludes>
                                 <exclude>**/generated-sources/**/*.java</exclude>
                             </sourceFileExcludes>
@@ -953,14 +945,20 @@ Copyright (c) 2012 - Jeremy Long
             </dependency>
             <dependency>
                 <groupId>org.mock-server</groupId>
-                <artifactId>mockserver-junit-rule</artifactId>
+                <artifactId>mockserver-junit-jupiter</artifactId>
                 <version>${mock-server.version}</version>
                 <scope>test</scope>
             </dependency>
             <dependency>
                 <groupId>org.mockito</groupId>
                 <artifactId>mockito-core</artifactId>
-                <version>${mockito-core.version}</version>
+                <version>${mockito.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.mockito</groupId>
+                <artifactId>mockito-junit-jupiter</artifactId>
+                <version>${mockito.version}</version>
                 <scope>test</scope>
             </dependency>
             <dependency>
@@ -986,7 +984,13 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>commons-validator</groupId>
                 <artifactId>commons-validator</artifactId>
-                <version>1.9.0</version>
+                <version>1.10.0</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-beanutils</groupId>
+                        <artifactId>commons-beanutils</artifactId>
+                    </exclusion>
+                </exclusions>
             </dependency>
             <dependency>
                 <groupId>org.apache.commons</groupId>
@@ -1003,13 +1007,6 @@ Copyright (c) 2012 - Jeremy Long
                 <artifactId>cpe-parser</artifactId>
                 <version>3.0.0</version>
             </dependency>
-            <dependency>
-                <groupId>com.github.spotbugs</groupId>
-                <artifactId>spotbugs-annotations</artifactId>
-                <version>${spotbugs.version}</version>
-                <scope>compile</scope>
-                <optional>true</optional>
-            </dependency>
             <dependency>
                 <groupId>org.whitesource</groupId>
                 <artifactId>pecoff4j</artifactId>
@@ -1018,7 +1015,7 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>org.semver4j</groupId>
                 <artifactId>semver4j</artifactId>
-                <version>5.6.0</version>
+                <version>5.8.0</version>
             </dependency>
             <dependency>
                 <groupId>org.jetbrains</groupId>
@@ -1087,16 +1084,21 @@ Copyright (c) 2012 - Jeremy Long
                 <version>${logback.version}</version>
             </dependency>
             <dependency>
-                <groupId>junit</groupId>
-                <artifactId>junit</artifactId>
+                <groupId>org.junit.jupiter</groupId>
+                <artifactId>junit-jupiter-api</artifactId>
+                <version>${junit.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.junit.jupiter</groupId>
+                <artifactId>junit-jupiter-engine</artifactId>
+                <version>${junit.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.junit.jupiter</groupId>
+                <artifactId>junit-jupiter-params</artifactId>
                 <version>${junit.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <!-- deprecated coordinates, replaced by org.hamcrest:hamcrest -->
-                        <groupId>org.hamcrest</groupId>
-                        <artifactId>hamcrest-core</artifactId>
-                    </exclusion>
-                </exclusions>
                 <scope>test</scope>
             </dependency>
             <dependency>
@@ -1149,7 +1151,7 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>commons-codec</groupId>
                 <artifactId>commons-codec</artifactId>
-                <version>1.18.0</version>
+                <version>1.19.0</version>
             </dependency>
             <dependency>
                 <groupId>com.h3xstream.retirejs</groupId>
@@ -1218,7 +1220,7 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>org.apache.commons</groupId>
                 <artifactId>commons-collections4</artifactId>
-                <version>4.4</version>
+                <version>4.5.0</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.velocity</groupId>
@@ -1254,7 +1256,7 @@ Copyright (c) 2012 - Jeremy Long
             </dependency>
             <dependency>
                 <groupId>org.slf4j</groupId>
-                <artifactId>slf4j-simple</artifactId>
+                <artifactId>jul-to-slf4j</artifactId>
                 <version>${slf4j.version}</version>
             </dependency>
             <dependency>
@@ -1303,7 +1305,7 @@ Copyright (c) 2012 - Jeremy Long
             <dependency>
                 <groupId>com.google.guava</groupId>
                 <artifactId>guava</artifactId>
-                <version>33.4.6-jre</version>
+                <version>33.5.0-jre</version>
             </dependency>
             <dependency>
                 <groupId>com.hankcs</groupId>
@@ -1330,8 +1332,18 @@ Copyright (c) 2012 - Jeremy Long
     <dependencies>
         <!-- region generic test dependencies -->
         <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-engine</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-params</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -1353,12 +1365,6 @@ Copyright (c) 2012 - Jeremy Long
             <scope>compile</scope>
             <optional>true</optional>
         </dependency>
-        <dependency>
-            <groupId>com.github.spotbugs</groupId>
-            <artifactId>spotbugs-annotations</artifactId>
-            <scope>compile</scope>
-            <optional>true</optional>
-        </dependency>
         <!-- endregion -->
     </dependencies>
     <profiles>
@@ -1372,7 +1378,7 @@ Copyright (c) 2012 - Jeremy Long
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
-                        <version>3.2.7</version>
+                        <version>3.2.8</version>
                         <executions>
                             <execution>
                                 <id>sign-artifacts</id>
diff --git a/publish-docker.sh b/publish-docker.sh
index 7b50fcf330f..ffdcd9e8c06 100755
--- a/publish-docker.sh
+++ b/publish-docker.sh
@@ -4,22 +4,15 @@ VERSION=$(mvn -q \
     -Dexec.executable="echo" \
     -Dexec.args='${project.version}' \
     --non-recursive \
-    org.codehaus.mojo:exec-maven-plugin:1.3.1:exec)
+    org.codehaus.mojo:exec-maven-plugin:3.5.1:exec)
 
 if [[ $VERSION = *"SNAPSHOT"* ]]; then
-  echo "Do not publish a snapshot version of dependency-check"
-  exit 1
-fi
-docker inspect --type=image owasp/dependency-check:$VERSION  > /dev/null 2>&1
-if [[ "$?" -ne 0 ]] ; then
-  echo "docker image owasp/dependency-check:$VERSION does not exist - run build_docker.sh first"
-  exit 1
-fi
-docker inspect --type=image owasp/dependency-check:latest  > /dev/null 2>&1
-if [[ "$?" -ne 0 ]] ; then
-  echo "docker image owasp/dependency-check:latest does not exist - run build_docker.sh first"
-  exit 1
+    echo "Do not publish a snapshot version of dependency-check"
+    exit 1
 fi
 
-docker push owasp/dependency-check:$VERSION 
-docker push owasp/dependency-check:latest
+# Build args should match ./build-docker.sh so the builder cache is re-used
+docker buildx build --push --platform linux/amd64,linux/arm64 . \
+    --build-arg VERSION=$VERSION \
+    --tag owasp/dependency-check:$VERSION \
+    --tag owasp/dependency-check:latest
diff --git a/settings.xml b/settings.xml
index 2b4e4a8a752..a04922c86e5 100644
--- a/settings.xml
+++ b/settings.xml
@@ -4,7 +4,7 @@
                           https://maven.apache.org/xsd/settings-1.0.0.xsd">
     <servers>
         <server>
-            <id>ossrh</id>
+            <id>central</id>
             <username>${env.MAVEN_USERNAME}</username>
             <password>${env.MAVEN_PASSWORD}</password>
         </server>
@@ -12,9 +12,7 @@
     <profiles>
         <profile>
             <id>default</id>
-            <properties>
-
-            </properties>
+            <properties></properties>
         </profile>
     </profiles>
     <activeProfiles>
diff --git a/shell-docker.sh b/shell-docker.sh
index 15ef22e229a..b95eb8f1bf1 100755
--- a/shell-docker.sh
+++ b/shell-docker.sh
@@ -4,7 +4,7 @@ VERSION=$(mvn -q \
     -Dexec.executable="echo" \
     -Dexec.args='${project.version}' \
     --non-recursive \
-    org.codehaus.mojo:exec-maven-plugin:1.3.1:exec)
+    org.codehaus.mojo:exec-maven-plugin:3.5.1:exec)
 
 SCAN_TARGET="./cli/target/release/lib"
 
diff --git a/src/site/markdown/analyzers/central-analyzer.md b/src/site/markdown/analyzers/central-analyzer.md
index 6bcb24b6170..c5c9407bd83 100644
--- a/src/site/markdown/analyzers/central-analyzer.md
+++ b/src/site/markdown/analyzers/central-analyzer.md
@@ -8,4 +8,11 @@ is found in the configured Nexus repository, its GAV is recorded as an Identifie
 and the Group is collected as Vendor evidence, the Artifact is collected as Product
 evidence, and the Version is collected as Version evidence.
 
+By default, this analyzer is disabled in the Maven Plugin and Gradle Task. However,
+if your Gradle build relies on scanning non-Gradle artifacts or archives from other
+ecosystems that contain jars, consider re-enabling the Central Analyzer using 
+`analyzers.centralEnabled=true`, or use the Nexus/Artifactory analyzers as an
+alternative to improve identification of JARs utilized outside the normal gradle
+Java plugin.
+
 [1]: http://search.maven.org/            "Maven Central"
diff --git a/src/site/markdown/analyzers/nexus-analyzer.md b/src/site/markdown/analyzers/nexus-analyzer.md
index c33b40e6516..48396080f85 100644
--- a/src/site/markdown/analyzers/nexus-analyzer.md
+++ b/src/site/markdown/analyzers/nexus-analyzer.md
@@ -1,17 +1,22 @@
 Nexus Analyzer
 ==============
-**Requires Nexus Pro**
 
 The Nexus Analyzer will check for the Maven GAV (Group/Artifact/Version) information
 for artifacts in the scanned area. This is done by determining if an artifact exists
-in a Nexus Pro installation using the SHA-1 hash of the artifact scanned. If the
+in a Sonatype Nexus installation using the SHA-1 hash of the artifact scanned. If the
 artifact's hash is found in the configured Nexus repository, its GAV is recorded as
 an Identifier and the Group is collected as Vendor evidence, the Artifact is
 collected as Product evidence, and the Version is collected as Version evidence.
 
-The Nexus Analyzer has been superceded by the Central Analyzer. If both the
-Central Analyzer and Nexus Analyzer are enabled and the Nexus URL has not
-been configured to point to an instance of Nexus Pro the Nexus Analyzer will
+The Nexus Analyzer is an alternative to the Central or Artifactory Analyzers and can 
+be used to limit dependencies on an external resource such as Maven Central, as well 
+as providing POM information for artifacts not available in Maven Central. Use by ODC
+is thus similar to how users may choose to run their own Nexus instance to proxy 
+artifact retrieval from Maven Central to limit internet usage and/or dependence on 
+external infrastructure.
+
+If both the Central Analyzer and Nexus Analyzer are enabled and the Nexus URL has not
+been configured to point to a Sonatype Nexus instance the Nexus Analyzer will
 disable itself.
 
 Logging
diff --git a/src/site/markdown/analyzers/oss-index-analyzer.md b/src/site/markdown/analyzers/oss-index-analyzer.md
index 4a85d4e7753..1cd259e1f3d 100644
--- a/src/site/markdown/analyzers/oss-index-analyzer.md
+++ b/src/site/markdown/analyzers/oss-index-analyzer.md
@@ -8,3 +8,11 @@ identified vulnerabilities are included in the report. In addition, vulnerabilit
 found in both the NVD and OSS Index may have additional references added.
 
 This analyzer requires an Internet connection.
+
+Sonatype [announced](https://ossindex.sonatype.org/doc/auth-required) that OSS Index requires authentication.
+
+You can get an API Token following these steps:
+1. [Sign In](https://ossindex.sonatype.org/user/signin) or [Sign Up](https://ossindex.sonatype.org/user/register) for free.
+2. Get the API Token from user Settings.
+
+If no credentials are provided, this analyzer will be disabled.
diff --git a/src/site/markdown/analyzers/python.md b/src/site/markdown/analyzers/python.md
index 002251470ab..1a2dcc6bab2 100644
--- a/src/site/markdown/analyzers/python.md
+++ b/src/site/markdown/analyzers/python.md
@@ -12,4 +12,32 @@ is grouped into vendor, product, and version buckets. Other analyzers later
 use this evidence to identify any Common Platform Enumeration (CPE)
 identifiers that apply.
 
-Files Types Scanned: py, whl, egg, zip, PKG-INFO, and METADATA
\ No newline at end of file
+Files Types Scanned: py, whl, egg, zip, PKG-INFO, and METADATA
+
+Analyzing packages built with `poetry build`
+--------------------------------------------
+
+Note that running `dependency-check` on Python packages built with
+[Poetry](https://python-poetry.org)'s
+[`poetry build`](https://python-poetry.org/docs/cli/#build) command
+**may throw an error**:
+
+`[ERROR] Python 'pyproject.toml' found and there is not a 'poetry.lock' or
+'requirements.txt' - analysis will be incomplete`
+
+This is **known behaviour** (see
+[#6356](https://github.com/dependency-check/DependencyCheck/issues/6356))
+and is due to the analyzer analyzing the contents of the tarball
+that has been built (in `dist/<package>-<version>.tar.gz` if built using Poetry
+defaults). As per [PEP 517](https://peps.python.org/pep-0517/), the tarball
+contains the `pyproject.toml` manifest, but not the `poetry.lock` file
+that [freezes](https://python-poetry.org/docs/cli/#lock) dependencies at
+the versions used to build the project.
+
+To **circumvent this error**, exclude the tarball or the whole build target
+directory by running `dependency-check` with `--exclude "dist/**"`.
+
+***WARNING:*** This will not analyze the build artifact itself, but only the lock
+file. If dependencies have diverged between the two artifacts - e.g., after
+updating a depdendency and locking it without building again - the dependencies
+in the build artifact may be affected by vulnerabilities that will go undetected!
diff --git a/src/site/markdown/data/cachenvd.md b/src/site/markdown/data/cachenvd.md
index 1f257045fcf..5bfd7efa2cc 100644
--- a/src/site/markdown/data/cachenvd.md
+++ b/src/site/markdown/data/cachenvd.md
@@ -1,5 +1,5 @@
 Creating an offline cache for the NVD API
 =========================================
 
-The Open Vulnerability Project's [vuln CLI](https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data)
+The Open Vulnerability Project's [vuln CLI](https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data)
 can be used to create an offline copy of the data obtained from the NVD API.
diff --git a/src/site/markdown/data/mirrornvd.md b/src/site/markdown/data/mirrornvd.md
index e269d9abdb2..c3c94e827c9 100644
--- a/src/site/markdown/data/mirrornvd.md
+++ b/src/site/markdown/data/mirrornvd.md
@@ -7,7 +7,7 @@ The NVD API and the Retire JS repository.
 Creating an offline cache for the NVD API
 ------------------------------------------------------------
 
-The Open Vulnerability Project's [vuln CLI](https://github.com/dependency-check/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data)
+The Open Vulnerability Project's [vuln CLI](https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md)
 can be used to create an offline copy of the data obtained from the NVD API.
 Then configure dependency-check to use the NVD Datafeed URL.
 
diff --git a/src/site/markdown/dependency-check-gradle/configuration-aggregate.md b/src/site/markdown/dependency-check-gradle/configuration-aggregate.md
index 6ac293927f5..c820b124a58 100644
--- a/src/site/markdown/dependency-check-gradle/configuration-aggregate.md
+++ b/src/site/markdown/dependency-check-gradle/configuration-aggregate.md
@@ -1,12 +1,12 @@
 Tasks
 ====================
 
-Task                                               | Description
----------------------------------------------------|-----------------------
-[dependencyCheckAnalyze](configuration.html)       | Runs dependency-check against the project and generates a report.
-dependencyCheckAggregate                           | Runs dependency-check against a multi-project build and generates a report.
-[dependencyCheckUpdate](configuration-update.html) | Updates the local cache of the NVD data from NIST.
-[dependencyCheckPurge](configuration-purge.html)   | Deletes the local copy of the NVD. This is used to force a refresh of the data.
+| Task                                                 | Description                                                                       |
+|------------------------------------------------------|-----------------------------------------------------------------------------------|
+| [dependencyCheckAnalyze](configuration.html)         | Runs dependency-check against the project and generates a report.                 |
+| dependencyCheckAggregate                             | Runs dependency-check against a multi-project build and generates a report.       |
+| [dependencyCheckUpdate](configuration-update.html)   | Updates the local cache of the NVD data from NIST.                                |
+| [dependencyCheckPurge](configuration-purge.html)     | Deletes the local copy of the NVD. This is used to force a refresh of the data.   |
 
 Configuration:
 ====================
@@ -25,94 +25,83 @@ apply plugin: 'org.owasp.dependencycheck'
 check.dependsOn dependencyCheckAggregate
 ```
 
-Property             | Description                                                                                                          | Default Value
----------------------|----------------------------------------------------------------------------------------------------------------------|------------------
-autoUpdate           | Sets whether auto-updating of the NVD API CVE data is enabled. It is not recommended that this be turned to false.   | true
-analyzedTypes        | The default artifact types that will be analyzed.                                                                    | ['jar', 'aar', 'js', 'war', 'ear', 'zip']
-format               | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                        | HTML
-formats              | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                 | &nbsp;
-junitFailOnCVSS      | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.     | 0
-failBuildOnCVSS      | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11; since the CVSS scores are 0-10, by default the build will never fail.  More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)| 11
-failOnError          | Fails the build if an error occurs during the dependency-check analysis.                                             | true
-outputDirectory      | The location to write the report(s). This directory will be located in the build directory.                          | ${buildDir}/reports
-skipTestGroups       | When set to true (the default) all dependency groups that being with 'test' will be skipped.                         | true
-suppressionFile      | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The configured value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/jeremylong/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;
-suppressionFiles     | A list of file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configured values can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/jeremylong/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;
-hintsFile            | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                      | &nbsp;
-skip                 | If set to true dependency-check analysis will be skipped.                                                            | false
-skipConfigurations   | A list of configurations that will be skipped. This is mutually exclusive with the scanConfigurations property.      | `[]` which means no configuration is skipped.
-scanConfigurations   | A list of configurations that will be scanned, all other configurations are skipped. This is mutually exclusive with the skipConfigurations property. | `[]` which implicitly means all configurations are scanned.
-scanProjects         | A list of projects that will be scanned, all other projects are skipped. The list or projects to skip must include a preceding colon: `scanProjects = [':app']`. This is mutually exclusive with the `skipProjects` property. | `[]` which implicitly means all projects get scanned.
-skipProjects         | A list of projects that will be skipped.  The list or projects to skip must include a preceding colon: `skipProjects = [':sub1']`. This is mutually exclusive with the `scanProjects` property. | `[]` which means no projects are skipped.
-scanBuildEnv         | A boolean indicating whether to scan the `buildEnv`.                                                                 | false
-scanDependencies     | A boolean indicating whether to scan the `dependencies`.                                                             | true
-scanSet              | A list of directories that will be scanned for additional dependencies.                                              | ['src/main/resources','src/main/webapp', './package.json', './package-lock.json', './npm-shrinkwrap.json', './Gopkg.lock', './go.mod']
+| Property                         | Description                                                                                                                                                                                                                                                                                                                                     | Default Value                                                                                                                          |
+|----------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|
+| autoUpdate                       | Sets whether auto-updating of the NVD API CVE data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                                              | true                                                                                                                                   |
+| analyzedTypes                    | The default artifact types that will be analyzed.                                                                                                                                                                                                                                                                                               | ['jar', 'aar', 'js', 'war', 'ear', 'zip']                                                                                              |
+| format                           | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                                   | HTML                                                                                                                                   |
+| formats                          | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                            | &nbsp;                                                                                                                                 |
+| junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                                | 0                                                                                                                                      |
+| failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11; since the CVSS scores are 0-10, by default the build will never fail.  More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                                          | 11                                                                                                                                     |
+| failOnError                      | Fails the build if an error occurs during the dependency-check analysis.                                                                                                                                                                                                                                                                        | true                                                                                                                                   |
+| outputDirectory                  | The location to write the report(s). This directory will be located in the build directory.                                                                                                                                                                                                                                                     | ${buildDir}/reports                                                                                                                    |
+| skipTestGroups                   | When set to true (the default) all dependency groups that being with 'test' will be skipped.                                                                                                                                                                                                                                                    | true                                                                                                                                   |
+| suppressionFile                  | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The configured value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799)          | &nbsp;                                                                                                                                 |
+| suppressionFiles                 | A list of file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configured values can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;                                                                                                                                 |
+| failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail. This is best combined with a Gradle CLI `--warn` arg or `org.gradle.logging.level=warn` property so the unused rules are logged before task failure.                                                                                                               | false                                                                                                                                  |
+| hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                                 | &nbsp;                                                                                                                                 |
+| skip                             | If set to true dependency-check analysis will be skipped.                                                                                                                                                                                                                                                                                       | false                                                                                                                                  |
+| skipConfigurations               | A list of configurations that will be skipped. This is mutually exclusive with the scanConfigurations property.                                                                                                                                                                                                                                 | `[]` which means no configuration is skipped.                                                                                          |
+| scanConfigurations               | A list of configurations that will be scanned, all other configurations are skipped. This is mutually exclusive with the skipConfigurations property.                                                                                                                                                                                           | `[]` which implicitly means all configurations get scanned.                                                                            |
+| scanProjects                     | A list of projects that will be scanned, all other projects are skipped. The list or projects to skip must include a preceding colon: `scanProjects = [':app']`. This is mutually exclusive with the `skipProjects` property.                                                                                                                   | `[]` which implicitly means all projects get scanned.                                                                                  |
+| skipProjects                     | A list of projects that will be skipped.  The list or projects to skip must include a preceding colon: `skipProjects = [':sub1']`. This is mutually exclusive with the `scanProjects` property.                                                                                                                                                 | `[]` which means no projects are skipped.                                                                                              |
+| scanBuildEnv                     | A boolean indicating whether to scan the `buildEnv`.                                                                                                                                                                                                                                                                                            | false                                                                                                                                  |
+| scanDependencies                 | A boolean indicating whether to scan the `dependencies`.                                                                                                                                                                                                                                                                                        | true                                                                                                                                   |
+| scanSet                          | A list of directories that will be scanned for additional dependencies.                                                                                                                                                                                                                                                                         | ['src/main/resources','src/main/webapp', './package.json', './package-lock.json', './npm-shrinkwrap.json', './Gopkg.lock', './go.mod'] |
 
 #### Example
+
 ```groovy
 dependencyCheck {
-    autoUpdate=false
-    format='ALL'
+    autoUpdate = false
+    format = 'ALL'
 }
 ```
 
 ### Proxy Configuration
 
-Config Group | Property          | Description                                | Default Value
--------------|-------------------|------------------------------------|------------------
-proxy        | server            | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. | &nbsp;
-proxy        | port              | The proxy port.                            | &nbsp;
-proxy        | username          | Defines the proxy user name.               | &nbsp;
-proxy        | password          | Defines the proxy password.                | &nbsp;
-proxy        | nonProxyHosts     | The list of hosts that do not use a proxy. | &nbsp;
-
-#### Example
-```groovy
-dependencyCheck {
-    proxy.server=some.proxy.server
-    proxy.port=8989
-}
-```
+Please see https://docs.gradle.org/current/userguide/build_environment.html#sec:accessing_the_web_via_a_proxy
 
 ### Advanced Configuration
 
 The following properties can be configured in the dependencyCheck task. However, they are less frequently changed.
 
-Config Group | Property          | Description                                                                                                                                                     | Default Value                                                       |
--------------|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------|
-&nbsp;       | suppressionFileUser        | Credentials used for basic authentication for web-hosted suppression files                                                                             | &nbsp; |
-&nbsp;       | suppressionFilePassword    | Credentials used for basic authentication for web-hosted suppression files                                                                             | &nbsp; |
-&nbsp;       | suppressionFileBearerToken | Credentials used for bearer authentication for web-hosted suppression files                                                                            | &nbsp; |
-nvd          | apiKey            | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                             | &nbsp;                                                              |
-nvd          | endpoint          | The NVD API endpoint URL; setting this is uncommon.                                                                                                             | https://services.nvd.nist.gov/rest/json/cves/2.0                    |
-nvd          | maxRetryCount     | The maximum number of retry requests for a single call to the NVD API.                                                                                          | 10                                                                  |
-nvd          | delay             | The number of milliseconds to wait between calls to the NVD API.                                                                                                | 3500 with an NVD API Key or 8000 without an API Key                 |
-nvd          | resultsPerPage    | The number records for a single page from NVD API (must be <=2000).                                                                                             | 2000                                                                |
-nvd          | datafeedUrl       | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data | &nbsp;           |
-nvd          | datafeedUser      | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedPassword  | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedBearerToken  | Credentials used for bearer authentication for the NVD API Data feed.                                                                                        | &nbsp;                                                              |
-nvd          | validForHours     | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                               | 4                                                                   |
-data         | directory         | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                        | &nbsp;                                                              |
-data         | driver            | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                    | &nbsp;                                                              |
-data         | driverPath        | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                          | &nbsp;                                                              |
-data         | connectionString  | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                    | &nbsp;                                                              |
-data         | username          | The username used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-data         | password          | The password used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-slack        | enabled               | Whether or not slack notifications are enabled.                                                                   | false
-slack        | webhookUrl            | The custom incoming webhook URL to receive notifications.                                                         | &nbsp;
-hostedSuppressions | enabled         | Whether the hosted suppressions file will be used.                                                                | true
-hostedSuppressions | forceupdate     | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                         | false
-hostedSuppressions | url             | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                 | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml
-hostedSuppressions | user            | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | password        | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | bearerToken     | Credentials used for bearer authentication for the hosted suppressions file.                                                                                    | &nbsp;                                                              |
-hostedSuppressions | validForHours   | The number of hours to wait before checking for new updates of the hosted suppressions file .                     | 2
+| Config Group       | Property                   | Description                                                                                                                                                                                   | Default Value                                                                             |
+|--------------------|----------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| &nbsp;             | suppressionFileUser        | Credentials used for basic authentication for web-hosted suppression files                                                                                                                    | &nbsp;                                                                                    |
+| &nbsp;             | suppressionFilePassword    | Credentials used for basic authentication for web-hosted suppression files                                                                                                                    | &nbsp;                                                                                    |
+| &nbsp;             | suppressionFileBearerToken | Credentials used for bearer authentication for web-hosted suppression files                                                                                                                   | &nbsp;                                                                                    |
+| nvd                | apiKey                     | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                           | &nbsp;                                                                                    |
+| nvd                | endpoint                   | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                           | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvd                | maxRetryCount              | The maximum number of retry requests for a single call to the NVD API.                                                                                                                        | 10                                                                                        |
+| nvd                | delay                      | The number of milliseconds to wait between calls to the NVD API.                                                                                                                              | 3500 with an NVD API Key or 8000 without an API Key                                       |
+| nvd                | resultsPerPage             | The number records for a single page from NVD API (must be <=2000).                                                                                                                           | 2000                                                                                      |
+| nvd                | datafeedUrl                | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data                             | &nbsp;                                                                                    |
+| nvd                | datafeedUser               | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                          | &nbsp;                                                                                    |
+| nvd                | datafeedPassword           | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                          | &nbsp;                                                                                    |
+| nvd                | datafeedBearerToken        | Credentials used for bearer authentication for the NVD API Data feed.                                                                                                                         | &nbsp;                                                                                    |
+| nvd                | validForHours              | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                             | 4                                                                                         |
+| data               | directory                  | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                                                      | &nbsp;                                                                                    |
+| data               | driver                     | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                  | &nbsp;                                                                                    |
+| data               | driverPath                 | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                        | &nbsp;                                                                                    |
+| data               | connectionString           | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                  | &nbsp;                                                                                    |
+| data               | username                   | The username used when connecting to the database.                                                                                                                                            | &nbsp;                                                                                    |
+| data               | password                   | The password used when connecting to the database.                                                                                                                                            | &nbsp;                                                                                    |
+| slack              | enabled                    | Whether or not slack notifications are enabled.                                                                                                                                               | false                                                                                     |
+| slack              | webhookUrl                 | The custom incoming webhook URL to receive notifications. Note that the current implementation only notifies about build failures so this should be used in combination with failBuildOnCVSS. | &nbsp;                                                                                    |
+| hostedSuppressions | enabled                    | Whether the hosted suppressions file will be used.                                                                                                                                            | true                                                                                      |
+| hostedSuppressions | forceupdate                | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                                                                                                     | false                                                                                     |
+| hostedSuppressions | url                        | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                                                                                             | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressions | user                       | Credentials used for basic authentication for the hosted suppressions file.                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressions | password                   | Credentials used for basic authentication for the hosted suppressions file.                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressions | bearerToken                | Credentials used for bearer authentication for the hosted suppressions file.                                                                                                                  | &nbsp;                                                                                    |
+| hostedSuppressions | validForHours              | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                                                 | 2                                                                                         |
 
 #### Example
+
 ```groovy
 dependencyCheck {
-    data.directory='d:/nvd'
+    data.directory = 'd:/nvd'
 }
 ```
 
@@ -123,87 +112,92 @@ analyzers by configuring the `analyzers` section. Note, specific file type analy
 disable themselves if no file types that they support are detected - so specifically disabling the
 analyzers is likely not needed.
 
-Config Group | Property              | Description                                                                                                       | Default Value
--------------|-----------------------|-------------------------------------------------------------------------------------------------------------------|------------------
-analyzers    | experimentalEnabled   | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used | false
-analyzers    | archiveEnabled        | Sets whether the Archive Analyzer will be used.                                                                   | true
-analyzers    | zipExtensions         | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed. | &nbsp;
-analyzers    | jarEnabled            | Sets whether Jar Analyzer will be used.                                                                           | true
-analyzers    | dartEnabled           | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                              | true
-analyzers    | centralEnabled        | Sets whether Central Analyzer will be used.                                                                                                                                                  | true
-analyzers    | nexusEnabled          | Sets whether Nexus Analyzer will be used (requires Nexus Pro). This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | false
-analyzers    | nexusUrl              | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled. | &nbsp;
-analyzers    | nexusUsesProxy        | Whether or not the defined proxy should be used when connecting to Nexus.                                         | true
-analyzers    | pyDistributionEnabled | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `experimentalEnabled` must be set to true. | true
-analyzers    | pyPackageEnabled      | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `experimentalEnabled` must be set to true. | true
-analyzers    | rubygemsEnabled       | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `experimentalEnabled` must be set to true. | true
-analyzers    | opensslEnabled        | Sets whether the openssl Analyzer should be used.                                                          | true
-analyzers    | nuspecEnabled         | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                  | true
-analyzers    | nugetconfEnabled      | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `experimentalEnabled` must be set to true. | true
-analyzers    | assemblyEnabled       | Sets whether the .NET Assembly Analyzer should be used.                                                    | true
-analyzers    | msbuildEnabled        | Sets whether the MS Build Analyzer should be used.                                                         | true
-analyzers    | pathToDotnet          | The path to dotnet core - needed on some systems to analyze .net assemblies.                                      | &nbsp;
-analyzers    | cmakeEnabled          | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | autoconfEnabled       | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | composerEnabled       | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | composerSkipDev       | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev". | false
-analyzers    | cpanEnabled           | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | cocoapodsEnabled      | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | carthageEnabled       | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | swiftEnabled          | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | swiftPackageResolvedEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | bundleAuditEnabled    | Sets whether the [experimental](../analyzers/index.html) Ruby Bundle Audit Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | pathToBundleAudit     | The path to bundle audit.                                                                                         | &nbsp;
-analyzers    | golangDepEnabled      | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `experimentalEnabled` must be set to true. | true
-analyzers    | golangModEnabled      | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `experimentalEnabled` must be set to true. | true
-analyzers    | pathToGo              | The path to `go`.                                                                                                 | &nbsp;
+| Config Group | Property                    | Description                                                                                                                                                                                                                                                         | Default Value |
+|--------------|-----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------|
+| analyzers    | experimentalEnabled         | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used                                                                                               | false         |
+| analyzers    | archiveEnabled              | Sets whether the Archive Analyzer will be used.                                                                                                                                                                                                                     | true          |
+| analyzers    | zipExtensions               | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                    | &nbsp;        |
+| analyzers    | jarEnabled                  | Sets whether Jar Analyzer will be used.                                                                                                                                                                                                                             | true          |
+| analyzers    | dartEnabled                 | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                                     | true          |
+| analyzers    | centralEnabled              | Sets whether Central Analyzer will be used. If you have non-Gradle-managed jar dependencies inside archives or non-Java ecosystem dependencies, you may want to enable this analyzer (or the alternative Nexus/Artifactory analyzers) to reduce chance of false negatives. | false         |
+| analyzers    | nexusEnabled                | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing metadata retrieval from Sonatype Nexus installations.                                                                                   | false         |
+| analyzers    | nexusUrl                    | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                 | &nbsp;        |
+| analyzers    | nexusUsesProxy              | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                           | true          |
+| analyzers    | pyDistributionEnabled       | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                      | true          |
+| analyzers    | pyPackageEnabled            | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                           | true          |
+| analyzers    | rubygemsEnabled             | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                             | true          |
+| analyzers    | opensslEnabled              | Sets whether the openssl Analyzer should be used.                                                                                                                                                                                                                   | true          |
+| analyzers    | nuspecEnabled               | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                           | true          |
+| analyzers    | nugetconfEnabled            | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                               | true          |
+| analyzers    | assemblyEnabled             | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                             | true          |
+| analyzers    | msbuildEnabled              | Sets whether the MS Build Analyzer should be used.                                                                                                                                                                                                                  | true          |
+| analyzers    | pathToDotnet                | The path to dotnet core - needed on some systems to analyze .net assemblies.                                                                                                                                                                                        | &nbsp;        |
+| analyzers    | cmakeEnabled                | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                  | true          |
+| analyzers    | autoconfEnabled             | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                               | true          |
+| analyzers    | composerEnabled             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                 | true          |
+| analyzers    | composerSkipDev             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev".                                                                                                                                                | false         |
+| analyzers    | cpanEnabled                 | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                         | true          |
+| analyzers    | cocoapodsEnabled            | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                              | true          |
+| analyzers    | carthageEnabled             | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                               | true          |
+| analyzers    | swiftEnabled                | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                  | true          |
+| analyzers    | swiftPackageResolvedEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                 | true          |
+| analyzers    | bundleAuditEnabled          | Sets whether the Ruby Bundle Audit Analyzer should be used.                                                                                                                                                                                                         | true          |
+| analyzers    | pathToBundleAudit           | The path to bundle audit.                                                                                                                                                                                                                                           | &nbsp;        |
+| analyzers    | retiredEnabled              | Sets whether the [retired analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as Retired will not be used                                                                                                                     | false         |
+| analyzers    | golangDepEnabled            | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                      | true          |
+| analyzers    | golangModEnabled            | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `experimentalEnabled` must be set to true.                                                                                           | true          |
+| analyzers    | pathToGo                    | The path to `go`.                                                                                                                                                                                                                                                   | &nbsp;        |
 
 #### Additional Configuration
 
-Config Group | Property              | Description                                                                                                       | Default Value
--------------|-----------------------|-------------------------------------------------------------------------------------------------------------------|------------------
-artifactory  | enabled               | Sets whether Artifactory analyzer will be used.                                                                   | false
-artifactory  | url                   | The Artifactory server URL.                                                                                       | &nbsp;
-artifactory  | usesProxy             | Whether Artifactory should be accessed through a proxy or not.                                                    | false
-artifactory  | parallelAnalysis      | Whether the Artifactory analyzer should be run in parallel or not.                                                | true
-artifactory  | username              | The user name (only used with API token) to connect to Artifactory instance.                                      | &nbsp;
-artifactory  | apiToken              | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken | &nbsp;
-artifactory  | bearerToken           | The bearer token to connect to Artifactory instance.                                                              | &nbsp;
-kev          | enabled               | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                   | true                                                                                     |
-kev          | url                   | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                                 | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
-kev          | user                  | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.            | &nbsp;                                                                                   |
-kev          | password              | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.            | &nbsp;                                                                                   |
-kev          | bearerToken           | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed.           | &nbsp;                                                                                   |
-kev          | validForHours         | The number of hours to wait before checking for new updates of the hosted suppressions file .                     | 2                                                                                        |
-nodeAudit    | enabled               | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.               | true
-nodeAudit    | useCache              | Sets whether the Node Audit Analyzer should cache results locally.                                                | true
-nodeAudit    | skipDevDependencies   | Sets whether the Node Audit Analyzer should skip devDependencies.                                                 | false
-nodeAudit    | pnpmEnabled           | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires yarn and an internet connection.      | true
-nodeAudit    | pnpmPath              | Sets the path to the `pnpm` executable.                                                                           | &nbsp;
-nodeAudit    | yarnEnabled           | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.      | true
-nodeAudit    | yarnPath              | Sets the path to the `yarn` executable.                                                                           | &nbsp;
-nodeAudit    | pnpmEnabled           | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.      | true
-nodeAudit    | pnpmPath              | The path to `pnpm`.                                                                                               | &nbsp;
-nodeAudit    | url                   | The node audit API url to use.                                                                                    | &nbsp;
-retirejs     | enabled               | Sets whether the RetireJS Analyzer should be used.                                                                | true
-retirejs     | forceupdate           | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                          | false
-retirejs     | retireJsUrl           | The URL to the Retire JS repository.                                                                              | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json
-retirejs     | user                  | Credentials used for basic authentication for the Retire JS repository URL.                                       | &nbsp;                                                                                   |
-retirejs     | password              | Credentials used for basic authentication for the Retire JS repository URL.                                       | &nbsp;                                                                                   |
-retirejs     | bearerToken           | Credentials used for bearer authentication for the Retire JS repository URL.                                      | &nbsp;                                                                                   |
-retirejs     | filterNonVulnerable   | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                        | false
-retirejs     | filters               | Configures the list of regular expessions used to filter JS files based on content.                               | &nbsp;
-ossIndex     | enabled               | Sets whether [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be used. This analyzer requires an internet connection. | true
-ossIndex     | username              | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none. | &nbsp;
-ossIndex     | password              | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none. | &nbsp;
-ossIndex     | warnOnlyOnRemoteErrors| Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution. | false
+| Config Group | Property               | Description                                                                                                                                                                                          | Default Value                                                                            |
+|--------------|------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
+| artifactory  | enabled                | Sets whether Artifactory analyzer will be used. This analyzer is an alternative to the Central or Nexus Analyzers, allowing metadata retrieval from Artifactory installations.                       | false                                                                                    |
+| artifactory  | url                    | The Artifactory server URL.                                                                                                                                                                          | &nbsp;                                                                                   |
+| artifactory  | usesProxy              | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                       | false                                                                                    |
+| artifactory  | parallelAnalysis       | Whether the Artifactory analyzer should be run in parallel or not.                                                                                                                                   | true                                                                                     |
+| artifactory  | username               | The user name (only used with API token) to connect to Artifactory instance.                                                                                                                         | &nbsp;                                                                                   |
+| artifactory  | apiToken               | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken | &nbsp;                                                                                   |
+| artifactory  | bearerToken            | The bearer token to connect to Artifactory instance.                                                                                                                                                 | &nbsp;                                                                                   |
+| kev          | enabled                | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                      | true                                                                                     |
+| kev          | url                    | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                    | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
+| kev          | user                   | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                               | &nbsp;                                                                                   |
+| kev          | password               | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                               | &nbsp;                                                                                   |
+| kev          | bearerToken            | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                              | &nbsp;                                                                                   |
+| kev          | validForHours          | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                                                        | 2                                                                                        |
+| nodeAudit    | enabled                | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                                                                  | true                                                                                     |
+| nodeAudit    | useCache               | Sets whether the Node Audit Analyzer should cache results locally.                                                                                                                                   | true                                                                                     |
+| nodeAudit    | skipDevDependencies    | Sets whether the Node Audit Analyzer should skip devDependencies.                                                                                                                                    | false                                                                                    |
+| nodeAudit    | pnpmEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires yarn and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | pnpmPath               | Sets the path to the `pnpm` executable.                                                                                                                                                              | &nbsp;                                                                                   |
+| nodeAudit    | yarnEnabled            | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | yarnPath               | Sets the path to the `yarn` executable.                                                                                                                                                              | &nbsp;                                                                                   |
+| nodeAudit    | pnpmEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | pnpmPath               | The path to `pnpm`.                                                                                                                                                                                  | &nbsp;                                                                                   |
+| nodeAudit    | url                    | The node audit API url to use.                                                                                                                                                                       | &nbsp;                                                                                   |
+| retirejs     | enabled                | Sets whether the RetireJS Analyzer should be used.                                                                                                                                                   | true                                                                                     |
+| retirejs     | forceupdate            | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                                                                                                             | false                                                                                    |
+| retirejs     | retireJsUrl            | The URL to the Retire JS repository.                                                                                                                                                                 | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
+| retirejs     | user                   | Credentials used for basic authentication for the Retire JS repository URL.                                                                                                                          | &nbsp;                                                                                   |
+| retirejs     | password               | Credentials used for basic authentication for the Retire JS repository URL.                                                                                                                          | &nbsp;                                                                                   |
+| retirejs     | bearerToken            | Credentials used for bearer authentication for the Retire JS repository URL.                                                                                                                         | &nbsp;                                                                                   |
+| retirejs     | filterNonVulnerable    | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                                                                                                           | false                                                                                    |
+| retirejs     | filters                | Configures the list of regular expressions used to filter JS files based on content.                                                                                                                  | &nbsp;                                                                                   |
+| ossIndex     | enabled                | Sets whether [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be used. This analyzer requires an internet connection.                                                                 | true                                                                                     |
+| ossIndex     | username               | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none.     | &nbsp;                                                                                   |
+| ossIndex     | password               | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none.                                                                              | &nbsp;                                                                                   |
+| ossIndex     | warnOnlyOnRemoteErrors | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution.                                                     | false                                                                                    |
 
 #### Example
+
 ```groovy
 dependencyCheck {
-    analyzers.assemblyEnabled=false
-    analyzers.artifactory.enabled=true
-    analyzers.artifactory.url='https://internal.artifactory.url'
+    analyzers.assemblyEnabled = false
+    analyzers.artifactory.enabled = true
+    analyzers.artifactory.url = 'https://internal.artifactory.url'
     analyzers.retirejs.filters = ['(i)copyright Jeremy Long']
+
+    analyzers.ossIndex.username = 'example@gmail.com'
+    analyzers.ossIndex.password = '42cc601cd7ff12a531a0b1eada8dcf56d777b336'
 }
 ```
diff --git a/src/site/markdown/dependency-check-gradle/configuration-purge.md b/src/site/markdown/dependency-check-gradle/configuration-purge.md
index 7b7c4cbf14e..36ca804342b 100644
--- a/src/site/markdown/dependency-check-gradle/configuration-purge.md
+++ b/src/site/markdown/dependency-check-gradle/configuration-purge.md
@@ -1,12 +1,12 @@
 Tasks
 ====================
 
-Task                                                     | Description
----------------------------------------------------------|-----------------------
-[dependencyCheckAnalyze](configuration.html)             | Runs dependency-check against the project and generates a report.
-[dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.
-[dependencyCheckUpdate](configuration-update.html)       | Updates the local cache of the NVD data from NIST.
-dependencyCheckPurge                                     | Deletes the local copy of the NVD. This is used to force a refresh of the data.
+| Task                                                     | Description                                                                     |
+|----------------------------------------------------------|---------------------------------------------------------------------------------|
+| [dependencyCheckAnalyze](configuration.html)             | Runs dependency-check against the project and generates a report.               |
+| [dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.     |
+| [dependencyCheckUpdate](configuration-update.html)       | Updates the local cache of the NVD data from NIST.                              |
+| dependencyCheckPurge                                     | Deletes the local copy of the NVD. This is used to force a refresh of the data. |
 
 Configuration
 ====================
@@ -27,9 +27,9 @@ apply plugin: 'org.owasp.dependencycheck'
 $ gradle dependencyCheckPurge
 ```
 
-Property             | Description                        | Default Value
----------------------|------------------------------------|------------------
-failOnError          | Fails the build if an error occurs during the dependency-check analysis.                                           | true
+| Property    | Description                                                              | Default Value |
+|-------------|--------------------------------------------------------------------------|---------------|
+| failOnError | Fails the build if an error occurs during the dependency-check analysis. | true          |
 
 #### Example
 ```groovy
@@ -42,9 +42,9 @@ dependencyCheck {
 
 The following properties can be configured in the dependencyCheckPurge task. However, they are less frequently changed.
 
-Config Group | Property          | Description                                                                                 | Default Value
--------------|-------------------|---------------------------------------------------------------------------------------------|------------------
-data         | directory         | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.    | &nbsp;
+| Config Group | Property  | Description                                                                              | Default Value |
+|--------------|-----------|------------------------------------------------------------------------------------------|---------------|
+| data         | directory | Sets the data directory to hold SQL CVEs contents. This should generally not be changed. | &nbsp;        |
 
 #### Example
 ```groovy
diff --git a/src/site/markdown/dependency-check-gradle/configuration-update.md b/src/site/markdown/dependency-check-gradle/configuration-update.md
index d95ec04bb32..9747efd57ed 100644
--- a/src/site/markdown/dependency-check-gradle/configuration-update.md
+++ b/src/site/markdown/dependency-check-gradle/configuration-update.md
@@ -1,12 +1,12 @@
 Tasks
 ====================
 
-Task                                                     | Description
----------------------------------------------------------|-----------------------
-[dependencyCheckAnalyze](configuration.html)             | Runs dependency-check against the project and generates a report.
-[dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.
-dependencyCheckUpdate                                    | Updates the local cache of the NVD data from NIST.
-[dependencyCheckPurge](configuration-purge.html)         | Deletes the local copy of the NVD. This is used to force a refresh of the data.
+| Task                                                     | Description                                                                     |
+|----------------------------------------------------------|---------------------------------------------------------------------------------|
+| [dependencyCheckAnalyze](configuration.html)             | Runs dependency-check against the project and generates a report.               |
+| [dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.     |
+| dependencyCheckUpdate                                    | Updates the local cache of the NVD data from NIST.                              |
+| [dependencyCheckPurge](configuration-purge.html)         | Deletes the local copy of the NVD. This is used to force a refresh of the data. |
 
 Configuration
 ====================
@@ -25,9 +25,9 @@ apply plugin: 'org.owasp.dependencycheck'
 check.dependsOn dependencyCheckUpdate
 ```
 
-Property             | Description                        | Default Value
----------------------|------------------------------------|------------------
-failOnError          | Fails the build if an error occurs during the dependency-check analysis.                                           | true
+| Property    | Description                                                              | Default Value |
+|-------------|--------------------------------------------------------------------------|---------------|
+| failOnError | Fails the build if an error occurs during the dependency-check analysis. | true          |
 
 #### Example
 ```groovy
@@ -38,13 +38,13 @@ dependencyCheck {
 
 ### Proxy Configuration
 
-Config Group | Property          | Description                                | Default Value
--------------|-------------------|--------------------------------------------|------------------
-proxy        | server            | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. | &nbsp;
-proxy        | port              | The proxy port.                            | &nbsp;
-proxy        | username          | Defines the proxy user name.               | &nbsp;
-proxy        | password          | Defines the proxy password.                | &nbsp;
-proxy        | nonProxyHosts     | The list of hosts that do not use a proxy. | &nbsp;
+| Config Group | Property      | Description                                                                                    | Default Value |
+|--------------|---------------|------------------------------------------------------------------------------------------------|---------------|
+| proxy        | server        | The proxy server; see the [proxy configuration](../data/proxy.html) page for more information. | &nbsp;        |
+| proxy        | port          | The proxy port.                                                                                | &nbsp;        |
+| proxy        | username      | Defines the proxy user name.                                                                   | &nbsp;        |
+| proxy        | password      | Defines the proxy password.                                                                    | &nbsp;        |
+| proxy        | nonProxyHosts | The list of hosts that do not use a proxy.                                                     | &nbsp;        |
 
 #### Example
 ```groovy
@@ -58,31 +58,31 @@ dependencyCheck {
 
 The following properties can be configured in the dependencyCheck task. However, they are less frequently changed.
 
-Config Group | Property          | Description                                                                                                                                                     | Default Value                                                       |
--------------|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------|
-nvd          | apiKey            | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                             | &nbsp;                                                              |
-nvd          | endpoint          | The NVD API endpoint URL; setting this is uncommon.                                                                                                             | https://services.nvd.nist.gov/rest/json/cves/2.0                    |
-nvd          | maxRetryCount     | The maximum number of retry requests for a single call to the NVD API.                                                                                          | 10                                                                  |
-nvd          | delay             | The number of milliseconds to wait between calls to the NVD API.                                                                                                | 3500 with an NVD API Key or 8000 without an API Key .               |
-nvd          | resultsPerPage    | The number records for a single page from NVD API (must be <=2000).                                                                                             | 2000                                                                |
-nvd          | datafeedUrl       | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data | &nbsp;           |
-nvd          | datafeedUser      | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedPassword  | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedBearerToken  | Credentials used for bearer authentication for the NVD API Data feed.                                                                                        | &nbsp;                                                              |
-nvd          | validForHours     | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                               | 4                                                                   |
-data         | directory         | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                        | ~/.gradle/dependency-check-data/                                    |
-data         | driver            | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                    | &nbsp;                                                              |
-data         | driverPath        | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                          | &nbsp;                                                              |
-data         | connectionString  | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                    | &nbsp;                                                              |
-data         | username          | The username used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-data         | password          | The password used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-hostedSuppressions | enabled         | Whether the hosted suppressions file will be used.                                                                                                              | true                                                                |
-hostedSuppressions | forceupdate     | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                                                                       | false                                                               |
-hostedSuppressions | url             | The URL to (a mirror of) the hosted suppressions file.                                                                                                          | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
-hostedSuppressions | user            | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | password        | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | bearerToken     | Credentials used for bearer authentication for the hosted suppressions file.                                                                                    | &nbsp;                                                              |
-hostedSuppressions | validForHours   | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                   | 2                                                                   |
+| Config Group       | Property            | Description                                                                                                                                                       | Default Value                                                                             |
+|--------------------|---------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| nvd                | apiKey              | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                               | &nbsp;                                                                                    |
+| nvd                | endpoint            | The NVD API endpoint URL; setting this is uncommon.                                                                                                               | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvd                | maxRetryCount       | The maximum number of retry requests for a single call to the NVD API.                                                                                            | 10                                                                                        |
+| nvd                | delay               | The number of milliseconds to wait between calls to the NVD API.                                                                                                  | 3500 with an NVD API Key or 8000 without an API Key .                                     |
+| nvd                | resultsPerPage      | The number records for a single page from NVD API (must be <=2000).                                                                                               | 2000                                                                                      |
+| nvd                | datafeedUrl         | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data | &nbsp;                                                                                    |
+| nvd                | datafeedUser        | Credentials used for basic authentication for the NVD API Data feed.                                                                                              | &nbsp;                                                                                    |
+| nvd                | datafeedPassword    | Credentials used for basic authentication for the NVD API Data feed.                                                                                              | &nbsp;                                                                                    |
+| nvd                | datafeedBearerToken | Credentials used for bearer authentication for the NVD API Data feed.                                                                                             | &nbsp;                                                                                    |
+| nvd                | validForHours       | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                 | 4                                                                                         |
+| data               | directory           | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                          | ~/.gradle/dependency-check-data/                                                          |
+| data               | driver              | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                      | &nbsp;                                                                                    |
+| data               | driverPath          | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                            | &nbsp;                                                                                    |
+| data               | connectionString    | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                      | &nbsp;                                                                                    |
+| data               | username            | The username used when connecting to the database.                                                                                                                | &nbsp;                                                                                    |
+| data               | password            | The password used when connecting to the database.                                                                                                                | &nbsp;                                                                                    |
+| hostedSuppressions | enabled             | Whether the hosted suppressions file will be used.                                                                                                                | true                                                                                      |
+| hostedSuppressions | forceupdate         | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                                                                         | false                                                                                     |
+| hostedSuppressions | url                 | The URL to (a mirror of) the hosted suppressions file.                                                                                                            | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressions | user                | Credentials used for basic authentication for the hosted suppressions file.                                                                                       | &nbsp;                                                                                    |
+| hostedSuppressions | password            | Credentials used for basic authentication for the hosted suppressions file.                                                                                       | &nbsp;                                                                                    |
+| hostedSuppressions | bearerToken         | Credentials used for bearer authentication for the hosted suppressions file.                                                                                      | &nbsp;                                                                                    |
+| hostedSuppressions | validForHours       | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                     | 2                                                                                         |
 
 #### Example
 ```groovy
@@ -97,17 +97,17 @@ Cached web datasources for several analyzers are configured inside the `analyzer
 taking relevance also in the update task. In addition to the above, the updateTask can be customized for retrieval
 of these resources by the following analyzer-specific properties underneath the `analyzers` section.
 
- Config Group | Property      | Description                                                                                             | Default Value                                                                            |
---------------|---------------|---------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
- kev          | enabled       | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                         | true                                                                                     |
- kev          | url           | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                       | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
- kev          | user          | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.  | &nbsp;                                                                                   |
- kev          | password      | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.  | &nbsp;                                                                                   |
- kev          | bearerToken   | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed. | &nbsp;                                                                                   |
- kev          | validForHours | The number of hours to wait before checking for new updates of the hosted suppressions file .           | 2                                                                                        |
- retirejs     | enabled       | Sets whether the RetireJS Analyzer should be used / the repository be updated.                          | true                                                                                     |
- retirejs     | retireJsUrl   | The URL to the Retire JS repository.                                                                    | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
-retirejs     | user          | Credentials used for basic authentication for the Retire JS repository URL.                             | &nbsp;                                                                                   |
-retirejs     | password      | Credentials used for basic authentication for the Retire JS repository URL.                             | &nbsp;                                                                                   |
-retirejs     | bearerToken   | Credentials used for bearer authentication for the Retire JS repository URL.                            | &nbsp;                                                                                   |
- retirejs     | forceupdate   | Sets whether the Retire JS repository should update regardless of the `autoupdate` setting.             | false                                                                                    |
+| Config Group | Property      | Description                                                                                             | Default Value                                                                            |
+|--------------|---------------|---------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
+| kev          | enabled       | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                         | true                                                                                     |
+| kev          | url           | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                       | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
+| kev          | user          | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.  | &nbsp;                                                                                   |
+| kev          | password      | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.  | &nbsp;                                                                                   |
+| kev          | bearerToken   | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed. | &nbsp;                                                                                   |
+| kev          | validForHours | The number of hours to wait before checking for new updates of the hosted suppressions file .           | 2                                                                                        |
+| retirejs     | enabled       | Sets whether the RetireJS Analyzer should be used / the repository be updated.                          | true                                                                                     |
+| retirejs     | retireJsUrl   | The URL to the Retire JS repository.                                                                    | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
+| retirejs     | user          | Credentials used for basic authentication for the Retire JS repository URL.                             | &nbsp;                                                                                   |
+| retirejs     | password      | Credentials used for basic authentication for the Retire JS repository URL.                             | &nbsp;                                                                                   |
+| retirejs     | bearerToken   | Credentials used for bearer authentication for the Retire JS repository URL.                            | &nbsp;                                                                                   |
+| retirejs     | forceupdate   | Sets whether the Retire JS repository should update regardless of the `autoupdate` setting.             | false                                                                                    |
diff --git a/src/site/markdown/dependency-check-gradle/configuration.md b/src/site/markdown/dependency-check-gradle/configuration.md
index 83cc788fb3c..f9cbbb96483 100644
--- a/src/site/markdown/dependency-check-gradle/configuration.md
+++ b/src/site/markdown/dependency-check-gradle/configuration.md
@@ -1,12 +1,12 @@
 Tasks
 ====================
 
-Task                                                     | Description
----------------------------------------------------------|-----------------------
-dependencyCheckAnalyze                                   | Runs dependency-check against the project and generates a report.
-[dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.
-[dependencyCheckUpdate](configuration-update.html)       | Updates the local cache of the NVD data from NIST.
-[dependencyCheckPurge](configuration-purge.html)         | Deletes the local copy of the NVD. This is used to force a refresh of the data.
+| Task                                                     | Description                                                                     |
+|----------------------------------------------------------|---------------------------------------------------------------------------------|
+| dependencyCheckAnalyze                                   | Runs dependency-check against the project and generates a report.               |
+| [dependencyCheckAggregate](configuration-aggregate.html) | Runs dependency-check against a multi-project build and generates a report.     |
+| [dependencyCheckUpdate](configuration-update.html)       | Updates the local cache of the NVD data from NIST.                              |
+| [dependencyCheckPurge](configuration-purge.html)         | Deletes the local copy of the NVD. This is used to force a refresh of the data. |
 
 Configuration:
 ====================
@@ -25,35 +25,35 @@ apply plugin: 'org.owasp.dependencycheck'
 check.dependsOn dependencyCheckAnalyze
 ```
 
-Property                         | Description                                                                                                                                                                                                                                                                                                                               | Default Value
----------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------
-autoUpdate                       | Sets whether auto-updating of the NVD API CVE data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                                        | true
-analyzedTypes                    | The default artifact types that will be analyzed.                                                                                                                                                                                                                                                                                         | ['jar', 'aar', 'js', 'war', 'ear', 'zip']
-format                           | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                             | HTML
-formats                          | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                      | &nbsp;
-junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                          | 0
-failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11; since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                                     | 11
-failOnError                      | Fails the build if an error occurs during the dependency-check analysis.                                                                                                                                                                                                                                                                  | true
-outputDirectory                  | The location to write the report(s). This directory will be located in the build directory.                                                                                                                                                                                                                                               | ${buildDir}/reports
-skipTestGroups                   | When set to true (the default) all dependency groups that being with 'test' will be skipped.                                                                                                                                                                                                                                              | true
-suppressionFile                  | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The configured value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/jeremylong/DependencyCheck/issues/1878#issuecomment-487533799)          | &nbsp;
-suppressionFiles                 | A list of file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configured values can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/jeremylong/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;
-failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail. This is best combined with a Gradle CLI `--warn` arg or `org.gradle.logging.level=warn` property so the unused rules are logged before task failure.                                                                                                         | false
-hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                           | &nbsp;
-skip                             | If set to true dependency-check analysis will be skipped.                                                                                                                                                                                                                                                                                 | false
-skipConfigurations               | A list of configurations that will be skipped. This is mutually exclusive with the scanConfigurations property.                                                                                                                                                                                                                           | `[]` which means no configuration is skipped.
-scanConfigurations               | A list of configurations that will be scanned, all other configurations are skipped. This is mutually exclusive with the skipConfigurations property.                                                                                                                                                                                     | `[]` which implicitly means all configurations get scanned.
-scanProjects                     | A list of projects that will be scanned, all other projects are skipped. The list or projects to skip must include a preceding colon: `scanProjects = [':app']`. This is mutually exclusive with the `skipProjects` property.                                                                                                             | `[]` which implicitly means all projects get scanned.
-skipProjects                     | A list of projects that will be skipped.  The list or projects to skip must include a preceding colon: `skipProjects = [':sub1']`. This is mutually exclusive with the `scanProjects` property.                                                                                                                                           | `[]` which means no projects are skipped.
-scanBuildEnv                     | A boolean indicating whether to scan the `buildEnv`.                                                                                                                                                                                                                                                                                      | false
-scanDependencies                 | A boolean indicating whether to scan the `dependencies`.                                                                                                                                                                                                                                                                                  | true
-scanSet                          | A list of directories that will be scanned for additional dependencies.                                                                                                                                                                                                                                                                   | ['src/main/resources','src/main/webapp']
+| Property                         | Description                                                                                                                                                                                                                                                                                                                                     | Default Value                                                                                                                          |
+|----------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|
+| autoUpdate                       | Sets whether auto-updating of the NVD API CVE data is enabled. It is not recommended that this be turned to false.                                                                                                                                                                                                                              | true                                                                                                                                   |
+| analyzedTypes                    | The default artifact types that will be analyzed.                                                                                                                                                                                                                                                                                               | ['jar', 'aar', 'js', 'war', 'ear', 'zip']                                                                                              |
+| format                           | The report format to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                                   | HTML                                                                                                                                   |
+| formats                          | A list of report formats to be generated (HTML, XML, CSV, JSON, JUNIT, SARIF, JENKINS, GITLAB, ALL).                                                                                                                                                                                                                                            | &nbsp;                                                                                                                                 |
+| junitFailOnCVSS                  | If using the JUNIT report format the junitFailOnCVSS sets the CVSS score threshold that is considered a failure.                                                                                                                                                                                                                                | 0                                                                                                                                      |
+| failBuildOnCVSS                  | Specifies if the build should be failed if a CVSS score equal to or above a specified level is identified. The default is 11; since the CVSS scores are 0-10, by default the build will never fail. More information on CVSS scores can be found at the [NVD](https://nvd.nist.gov/vuln-metrics/cvss)                                           | 11                                                                                                                                     |
+| failOnError                      | Fails the build if an error occurs during the dependency-check analysis.                                                                                                                                                                                                                                                                        | true                                                                                                                                   |
+| outputDirectory                  | The location to write the report(s). This directory will be located in the build directory.                                                                                                                                                                                                                                                     | ${buildDir}/reports                                                                                                                    |
+| skipTestGroups                   | When set to true (the default) all dependency groups that being with 'test' will be skipped.                                                                                                                                                                                                                                                    | true                                                                                                                                   |
+| suppressionFile                  | The file path to the XML suppression file \- used to suppress [false positives](../general/suppression.html). The configured value can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799)          | &nbsp;                                                                                                                                 |
+| suppressionFiles                 | A list of file paths to the XML suppression files \- used to suppress [false positives](../general/suppression.html). The configured values can be a local file path, a URL to a suppression file, or even a reference to a file on the class path (see https://github.com/dependency-check/DependencyCheck/issues/1878#issuecomment-487533799) | &nbsp;                                                                                                                                 |
+| failBuildOnUnusedSuppressionRule | Specifies that if any unused suppression rule is found, the build will fail. This is best combined with a Gradle CLI `--warn` arg or `org.gradle.logging.level=warn` property so the unused rules are logged before task failure.                                                                                                               | false                                                                                                                                  |
+| hintsFile                        | The file path to the XML hints file \- used to resolve [false negatives](../general/hints.html)                                                                                                                                                                                                                                                 | &nbsp;                                                                                                                                 |
+| skip                             | If set to true dependency-check analysis will be skipped.                                                                                                                                                                                                                                                                                       | false                                                                                                                                  |
+| skipConfigurations               | A list of configurations that will be skipped. This is mutually exclusive with the scanConfigurations property.                                                                                                                                                                                                                                 | `[]` which means no configuration is skipped.                                                                                          |
+| scanConfigurations               | A list of configurations that will be scanned, all other configurations are skipped. This is mutually exclusive with the skipConfigurations property.                                                                                                                                                                                           | `[]` which implicitly means all configurations get scanned.                                                                            |
+| scanProjects                     | A list of projects that will be scanned, all other projects are skipped. The list or projects to skip must include a preceding colon: `scanProjects = [':app']`. This is mutually exclusive with the `skipProjects` property.                                                                                                                   | `[]` which implicitly means all projects get scanned.                                                                                  |
+| skipProjects                     | A list of projects that will be skipped.  The list or projects to skip must include a preceding colon: `skipProjects = [':sub1']`. This is mutually exclusive with the `scanProjects` property.                                                                                                                                                 | `[]` which means no projects are skipped.                                                                                              |
+| scanBuildEnv                     | A boolean indicating whether to scan the `buildEnv`.                                                                                                                                                                                                                                                                                            | false                                                                                                                                  |
+| scanDependencies                 | A boolean indicating whether to scan the `dependencies`.                                                                                                                                                                                                                                                                                        | true                                                                                                                                   |
+| scanSet                          | A list of directories that will be scanned for additional dependencies.                                                                                                                                                                                                                                                                         | ['src/main/resources','src/main/webapp', './package.json', './package-lock.json', './npm-shrinkwrap.json', './Gopkg.lock', './go.mod'] |
 
 #### Example
 ```groovy
 dependencyCheck {
-    autoUpdate=false
-    format='ALL'
+    autoUpdate = false
+    format = 'ALL'
 }
 ```
 
@@ -65,41 +65,41 @@ Please see https://docs.gradle.org/current/userguide/build_environment.html#sec:
 
 The following properties can be configured in the dependencyCheck task. However, they are less frequently changed.
 
-Config Group | Property          | Description                                                                                                                                                     | Default Value
--------------|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------
-&nbsp;       | suppressionFileUser        | Credentials used for basic authentication for web-hosted suppression files                                                                             | &nbsp; |
-&nbsp;       | suppressionFilePassword    | Credentials used for basic authentication for web-hosted suppression files                                                                             | &nbsp; |
-&nbsp;       | suppressionFileBearerToken | Credentials used for bearer authentication for web-hosted suppression files                                                                            | &nbsp; |
-nvd          | apiKey            | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                             | &nbsp;                                                              |
-nvd          | endpoint          | The NVD API endpoint URL; setting this is uncommon.                                                                                                             | https://services.nvd.nist.gov/rest/json/cves/2.0                            |
-nvd          | maxRetryCount     | The maximum number of retry requests for a single call to the NVD API.                                                                                          | 10                                                                  |
-nvd          | delay             | The number of milliseconds to wait between calls to the NVD API.                                                                                                | 3500 with an NVD API Key or 8000 without an API Key                 |
-nvd          | resultsPerPage    | The number records for a single page from NVD API (must be <=2000).                                                                                             | 2000                                                                |
-nvd          | datafeedUrl       | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/Open-Vulnerability-Project/tree/main/vulnz#caching-the-nvd-cve-data | &nbsp;                   |
-nvd          | datafeedUser      | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedPassword  | Credentials used for basic authentication for the NVD API Data feed.                                                                                            | &nbsp;                                                              |
-nvd          | datafeedBearerToken  | Credentials used for bearer authentication for the NVD API Data feed.                                                                                        | &nbsp;                                                              |
-nvd          | validForHours     | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                               | 4                                                                   |
-data         | directory         | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                        | &nbsp;                                                              |
-data         | driver            | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                    | &nbsp;                                                              |
-data         | driverPath        | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                          | &nbsp;                                                              |
-data         | connectionString  | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                    | &nbsp;                                                              |
-data         | username          | The username used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-data         | password          | The password used when connecting to the database.                                                                                                              | &nbsp;                                                              |
-slack        | enabled               | Whether or not slack notifications are enabled.                                                                   | false
-slack        | webhookUrl            | The custom incoming webhook URL to receive notifications.                                                         | &nbsp;
-hostedSuppressions | enabled         | Whether the hosted suppressions file will be used.                                                                | true
-hostedSuppressions | forceupdate     | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                         | false
-hostedSuppressions | url             | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                 | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml
-hostedSuppressions | user            | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | password        | Credentials used for basic authentication for the hosted suppressions file.                                                                                     | &nbsp;                                                              |
-hostedSuppressions | bearerToken     | Credentials used for bearer authentication for the hosted suppressions file.                                                                                    | &nbsp;                                                              |
-hostedSuppressions | validForHours   | The number of hours to wait before checking for new updates of the hosted suppressions file .                     | 2
+| Config Group       | Property                   | Description                                                                                                                                                                                   | Default Value                                                                             |
+|--------------------|----------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
+| &nbsp;             | suppressionFileUser        | Credentials used for basic authentication for web-hosted suppression files                                                                                                                    | &nbsp;                                                                                    |
+| &nbsp;             | suppressionFilePassword    | Credentials used for basic authentication for web-hosted suppression files                                                                                                                    | &nbsp;                                                                                    |
+| &nbsp;             | suppressionFileBearerToken | Credentials used for bearer authentication for web-hosted suppression files                                                                                                                   | &nbsp;                                                                                    |
+| nvd                | apiKey                     | The API Key to access the NVD API; obtained from https://nvd.nist.gov/developers/request-an-api-key                                                                                           | &nbsp;                                                                                    |
+| nvd                | endpoint                   | The NVD API endpoint URL; setting this is uncommon.                                                                                                                                           | https://services.nvd.nist.gov/rest/json/cves/2.0                                          |
+| nvd                | maxRetryCount              | The maximum number of retry requests for a single call to the NVD API.                                                                                                                        | 10                                                                                        |
+| nvd                | delay                      | The number of milliseconds to wait between calls to the NVD API.                                                                                                                              | 3500 with an NVD API Key or 8000 without an API Key                                       |
+| nvd                | resultsPerPage             | The number records for a single page from NVD API (must be <=2000).                                                                                                                           | 2000                                                                                      |
+| nvd                | datafeedUrl                | The URL for the NVD API Data feed that can be generated using https://github.com/jeremylong/open-vulnerability-cli/blob/main/README.md#mirroring-the-nvd-cve-data                             | &nbsp;                                                                                    |
+| nvd                | datafeedUser               | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                          | &nbsp;                                                                                    |
+| nvd                | datafeedPassword           | Credentials used for basic authentication for the NVD API Data feed.                                                                                                                          | &nbsp;                                                                                    |
+| nvd                | datafeedBearerToken        | Credentials used for bearer authentication for the NVD API Data feed.                                                                                                                         | &nbsp;                                                                                    |
+| nvd                | validForHours              | The number of hours to wait before checking for new updates from the NVD. The default is 4 hours.                                                                                             | 4                                                                                         |
+| data               | directory                  | Sets the data directory to hold SQL CVEs contents. This should generally not be changed.                                                                                                      | &nbsp;                                                                                    |
+| data               | driver                     | The database driver full classname; note, only needs to be set if the driver is not JDBC4 compliant or the JAR is outside of the class path.                                                  | &nbsp;                                                                                    |
+| data               | driverPath                 | The path to the database driver JAR file; only needs to be set if the driver is not in the class path.                                                                                        | &nbsp;                                                                                    |
+| data               | connectionString           | The connection string used to connect to the database. See using a [database server](../data/database.html).                                                                                  | &nbsp;                                                                                    |
+| data               | username                   | The username used when connecting to the database.                                                                                                                                            | &nbsp;                                                                                    |
+| data               | password                   | The password used when connecting to the database.                                                                                                                                            | &nbsp;                                                                                    |
+| slack              | enabled                    | Whether or not slack notifications are enabled.                                                                                                                                               | false                                                                                     |
+| slack              | webhookUrl                 | The custom incoming webhook URL to receive notifications. Note that the current implementation only notifies about build failures so this should be used in combination with failBuildOnCVSS. | &nbsp;                                                                                    |
+| hostedSuppressions | enabled                    | Whether the hosted suppressions file will be used.                                                                                                                                            | true                                                                                      |
+| hostedSuppressions | forceupdate                | Sets whether hosted suppressions file will update regardless of the `autoupdate` setting.                                                                                                     | false                                                                                     |
+| hostedSuppressions | url                        | The URL to a mirrored copy of the hosted suppressions file for internet-constrained environments.                                                                                             | https://dependency-check.github.io/DependencyCheck/suppressions/publishedSuppressions.xml |
+| hostedSuppressions | user                       | Credentials used for basic authentication for the hosted suppressions file.                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressions | password                   | Credentials used for basic authentication for the hosted suppressions file.                                                                                                                   | &nbsp;                                                                                    |
+| hostedSuppressions | bearerToken                | Credentials used for bearer authentication for the hosted suppressions file.                                                                                                                  | &nbsp;                                                                                    |
+| hostedSuppressions | validForHours              | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                                                 | 2                                                                                         |
 
 #### Example
 ```groovy
 dependencyCheck {
-    data.directory='d:/nvd'
+    data.directory = 'd:/nvd'
 }
 ```
 
@@ -110,89 +110,89 @@ analyzers by configuring the `analyzers` section. Note, specific file type analy
 disable themselves if no file types that they support are detected - so specifically disabling the
 analyzers is likely not needed.
 
-Config Group | Property              | Description                                                                                                                                                                                  | Default Value
--------------|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------
-analyzers    | experimentalEnabled   | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used                        | false
-analyzers    | archiveEnabled        | Sets whether the Archive Analyzer will be used.                                                                                                                                              | true
-analyzers    | zipExtensions         | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                             | &nbsp;
-analyzers    | jarEnabled            | Sets whether Jar Analyzer will be used.                                                                                                                                                      | true
-analyzers    | dartEnabled           | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used.                                                                                                         | true
-analyzers    | centralEnabled        | Sets whether Central Analyzer will be used.                                                                                                                                                  | true
-analyzers    | nexusEnabled          | Sets whether Nexus Analyzer will be used (requires Nexus Pro). This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | false
-analyzers    | nexusUrl              | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled.                                          | &nbsp;
-analyzers    | nexusUsesProxy        | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                    | true
-analyzers    | pyDistributionEnabled | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `experimentalEnabled` must be set to true.                                               | true
-analyzers    | pyPackageEnabled      | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `experimentalEnabled` must be set to true.                                                    | true
-analyzers    | rubygemsEnabled       | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `experimentalEnabled` must be set to true.                                                      | true
-analyzers    | opensslEnabled        | Sets whether the openssl Analyzer should be used.                                                                                                                                            | true
-analyzers    | nuspecEnabled         | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                    | true
-analyzers    | nugetconfEnabled      | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `experimentalEnabled` must be set to true.                                        | true
-analyzers    | assemblyEnabled       | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                      | true
-analyzers    | msbuildEnabled        | Sets whether the MS Build Analyzer should be used.                                                                                                                                           | true
-analyzers    | pathToDotnet          | The path to dotnet core - needed on some systems to analyze .net assemblies.                                                                                                                 | &nbsp;
-analyzers    | cmakeEnabled          | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `experimentalEnabled` must be set to true.                                                           | true
-analyzers    | autoconfEnabled       | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `experimentalEnabled` must be set to true.                                                        | true
-analyzers    | composerEnabled       | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `experimentalEnabled` must be set to true.                                          | true
-analyzers    | composerSkipDev       | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev".                                                                         | false
-analyzers    | cpanEnabled           | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `experimentalEnabled` must be set to true.                                                  | true
-analyzers    | cocoapodsEnabled      | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `experimentalEnabled` must be set to true.                                                       | true
-analyzers    | carthageEnabled       | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `experimentalEnabled` must be set to true.                                                        | true
-analyzers    | swiftEnabled          | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. `experimentalEnabled` must be set to true.                                           | true
-analyzers    | swiftPackageResolvedEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer should be used. `experimentalEnabled` must be set to true.                                          | true
-analyzers    | bundleAuditEnabled    | Sets whether the [experimental](../analyzers/index.html) Ruby Bundle Audit Analyzer should be used. `experimentalEnabled` must be set to true.                                               | true
-analyzers    | pathToBundleAudit     | The path to bundle audit.                                                                                                                                                                    | &nbsp;
-analyzers    | retiredEnabled        | Sets whether the [retired analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used                             | false
-analyzers    | golangDepEnabled      | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `experimentalEnabled` must be set to true.                                               | true
-analyzers    | golangModEnabled      | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `experimentalEnabled` must be set to true.                    | true
-analyzers    | pathToGo              | The path to `go`.                                                                                                                                                                            | &nbsp;
+| Config Group | Property                    | Description                                                                                                                                                                                                                                                                | Default Value |
+|--------------|-----------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------|
+| analyzers    | experimentalEnabled         | Sets whether the [experimental analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as experimental (see below) will not be used                                                                                                      | false         |
+| analyzers    | archiveEnabled              | Sets whether the Archive Analyzer will be used.                                                                                                                                                                                                                            | true          |
+| analyzers    | zipExtensions               | A comma-separated list of additional file extensions to be treated like a ZIP file, the contents will be extracted and analyzed.                                                                                                                                           | &nbsp;        |
+| analyzers    | jarEnabled                  | Sets whether Jar Analyzer will be used.                                                                                                                                                                                                                                    | true          |
+| analyzers    | dartEnabled                 | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                                            | true          |
+| analyzers    | centralEnabled              | Sets whether Central Analyzer will be used. If you have non-Gradle-managed jar dependencies inside archives or non-Java ecosystem dependencies, you may want to enable this analyzer (or the alternative Nexus/Artifactory analyzers) to reduce chance of false negatives. | false         |
+| analyzers    | nexusEnabled                | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing metadata retrieval from Sonatype Nexus installations.                                                                                          | false         |
+| analyzers    | nexusUrl                    | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled.                                                                                                                        | &nbsp;        |
+| analyzers    | nexusUsesProxy              | Whether or not the defined proxy should be used when connecting to Nexus.                                                                                                                                                                                                  | true          |
+| analyzers    | pyDistributionEnabled       | Sets whether the [experimental](../analyzers/index.html) Python Distribution Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                             | true          |
+| analyzers    | pyPackageEnabled            | Sets whether the [experimental](../analyzers/index.html) Python Package Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                                  | true          |
+| analyzers    | rubygemsEnabled             | Sets whether the [experimental](../analyzers/index.html) Ruby Gemspec Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                                    | true          |
+| analyzers    | opensslEnabled              | Sets whether the openssl Analyzer should be used.                                                                                                                                                                                                                          | true          |
+| analyzers    | nuspecEnabled               | Sets whether the .NET Nuget Nuspec Analyzer will be used.                                                                                                                                                                                                                  | true          |
+| analyzers    | nugetconfEnabled            | Sets whether the [experimental](../analyzers/index.html) .NET Nuget packages.config Analyzer will be used. `experimentalEnabled` must be set to true.                                                                                                                      | true          |
+| analyzers    | assemblyEnabled             | Sets whether the .NET Assembly Analyzer should be used.                                                                                                                                                                                                                    | true          |
+| analyzers    | msbuildEnabled              | Sets whether the MS Build Analyzer should be used.                                                                                                                                                                                                                         | true          |
+| analyzers    | pathToDotnet                | The path to dotnet core - needed on some systems to analyze .net assemblies.                                                                                                                                                                                               | &nbsp;        |
+| analyzers    | cmakeEnabled                | Sets whether the [experimental](../analyzers/index.html) CMake Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                         | true          |
+| analyzers    | autoconfEnabled             | Sets whether the [experimental](../analyzers/index.html) autoconf Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                      | true          |
+| analyzers    | composerEnabled             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                        | true          |
+| analyzers    | composerSkipDev             | Sets whether the [experimental](../analyzers/index.html) PHP Composer Lock File Analyzer should skip "packages-dev".                                                                                                                                                       | false         |
+| analyzers    | cpanEnabled                 | Sets whether the [experimental](../analyzers/index.html) Perl CPAN File Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                | true          |
+| analyzers    | cocoapodsEnabled            | Sets whether the [experimental](../analyzers/index.html) Cocoapods Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                     | true          |
+| analyzers    | carthageEnabled             | Sets whether the [experimental](../analyzers/index.html) Carthage Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                                      | true          |
+| analyzers    | swiftEnabled                | Sets whether the [experimental](../analyzers/index.html) Swift Package Manager Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                         | true          |
+| analyzers    | swiftPackageResolvedEnabled | Sets whether the [experimental](../analyzers/index.html) Swift Package Resolved Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                        | true          |
+| analyzers    | bundleAuditEnabled          | Sets whether the Ruby Bundle Audit Analyzer should be used.                                                                                                                                                                                                                | true          |
+| analyzers    | pathToBundleAudit           | The path to bundle audit.                                                                                                                                                                                                                                                  | &nbsp;        |
+| analyzers    | retiredEnabled              | Sets whether the [retired analyzers](../analyzers/index.html) will be used. If not set to true the analyzers marked as Retired will not be used                                                                                                                            | false         |
+| analyzers    | golangDepEnabled            | Sets whether the [experimental](../analyzers/index.html) Golang Dependency Analyzer should be used. `experimentalEnabled` must be set to true.                                                                                                                             | true          |
+| analyzers    | golangModEnabled            | Sets whether the [experimental](../analyzers/index.html) Goland Module Analyzer should be used; requires `go` to be installed. `experimentalEnabled` must be set to true.                                                                                                  | true          |
+| analyzers    | pathToGo                    | The path to `go`.                                                                                                                                                                                                                                                          | &nbsp;        |
 
 #### Additional Configuration
 
-Config Group | Property              | Description                                                                                                       | Default Value
--------------|-----------------------|-------------------------------------------------------------------------------------------------------------------|------------------
-artifactory  | enabled               | Sets whether Artifactory analyzer will be used                                                                    | false
-artifactory  | url                   | The Artifactory server URL.                                                                                       | &nbsp;
-artifactory  | usesProxy             | Whether Artifactory should be accessed through a proxy or not.                                                    | false
-artifactory  | parallelAnalysis      | Whether the Artifactory analyzer should be run in parallel or not.                                                | true
-artifactory  | username              | The user name (only used with API token) to connect to Artifactory instance.                                      | &nbsp;
-artifactory  | apiToken              | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken | &nbsp;
-artifactory  | bearerToken           | The bearer token to connect to Artifactory instance                                                               | &nbsp;
-kev          | enabled               | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                   | true                                                                                     |
-kev          | url                   | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                                 | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
-kev          | user                  | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.            | &nbsp;                                                                                   |
-kev          | password              | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.            | &nbsp;                                                                                   |
-kev          | bearerToken           | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed.           | &nbsp;                                                                                   |
-kev          | validForHours         | The number of hours to wait before checking for new updates of the hosted suppressions file .                     | 2                                                                                        |
-nodeAudit    | enabled               | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.               | true
-nodeAudit    | useCache              | Sets whether the Node Audit Analyzer should cache results locally.                                                | true
-nodeAudit    | skipDevDependencies   | Sets whether the Node Audit Analyzer should skip devDependencies.                                                 | false
-nodeAudit    | pnpmEnabled           | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires yarn and an internet connection.      | true
-nodeAudit    | pnpmPath              | Sets the path to the `pnpm` executable.                                                                           | &nbsp;
-nodeAudit    | yarnEnabled           | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.      | true
-nodeAudit    | yarnPath              | Sets the path to the `yarn` executable.                                                                           | &nbsp;
-nodeAudit    | pnpmEnabled           | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.      | true
-nodeAudit    | pnpmPath              | The path to `pnpm`.                                                                                               | &nbsp;
-nodeAudit    | url                   | The node audit API url to use.                                                                                    | &nbsp;
-retirejs     | enabled               | Sets whether the RetireJS Analyzer should be used.                                                                | true
-retirejs     | forceupdate           | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                          | false
-retirejs     | retireJsUrl           | The URL to the Retire JS repository.                                                                              | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json
-retirejs     | user                  | Credentials used for basic authentication for the Retire JS repository URL.                                       | &nbsp;                                                                                   |
-retirejs     | password              | Credentials used for basic authentication for the Retire JS repository URL.                                       | &nbsp;                                                                                   |
-retirejs     | bearerToken           | Credentials used for bearer authentication for the Retire JS repository URL.                                      | &nbsp;                                                                                   |
-retirejs     | filterNonVulnerable   | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                        | false
-retirejs     | filters               | Configures the list of regular expessions used to filter JS files based on content.                               | &nbsp;
-ossIndex     | enabled               | Sets whether Sonatype's [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be used. This analyzer requires an internet connection.                                                                  | true
-ossIndex     | username              | The optional user name to connect to Sonatype's OSS Index.                                                        | &nbsp;
-ossIndex     | password              | The optional passwod or API token to connect to Sonatype's OSS Index,                                             | &nbsp;
-ossIndex     | warnOnlyOnRemoteErrors| Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution. | false
+| Config Group | Property               | Description                                                                                                                                                                                          | Default Value                                                                            |
+|--------------|------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
+| artifactory  | enabled                | Sets whether Artifactory analyzer will be used. This analyzer is an alternative to the Central or Nexus Analyzers, allowing metadata retrieval from Artifactory installations.                       | false                                                                                    |
+| artifactory  | url                    | The Artifactory server URL.                                                                                                                                                                          | &nbsp;                                                                                   |
+| artifactory  | usesProxy              | Whether Artifactory should be accessed through a proxy or not.                                                                                                                                       | false                                                                                    |
+| artifactory  | parallelAnalysis       | Whether the Artifactory analyzer should be run in parallel or not.                                                                                                                                   | true                                                                                     |
+| artifactory  | username               | The user name (only used with API token) to connect to Artifactory instance.                                                                                                                         | &nbsp;                                                                                   |
+| artifactory  | apiToken               | The API token to connect to Artifactory instance, only used if the username or the API key are not defined by artifactoryAnalyzerServerId,artifactoryAnalyzerUsername or artifactoryAnalyzerApiToken | &nbsp;                                                                                   |
+| artifactory  | bearerToken            | The bearer token to connect to Artifactory instance.                                                                                                                                                 | &nbsp;                                                                                   |
+| kev          | enabled                | Sets whether the Known Exploited Vulnerability update and analyzer are enabled.                                                                                                                      | true                                                                                     |
+| kev          | url                    | The URL to (a mirror of) the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                                                    | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json      |
+| kev          | user                   | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                               | &nbsp;                                                                                   |
+| kev          | password               | Credentials used for basic authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                               | &nbsp;                                                                                   |
+| kev          | bearerToken            | Credentials used for bearer authentication for the CISA Known Exploited Vulnerabilities JSON data feed.                                                                                              | &nbsp;                                                                                   |
+| kev          | validForHours          | The number of hours to wait before checking for new updates of the hosted suppressions file .                                                                                                        | 2                                                                                        |
+| nodeAudit    | enabled                | Sets whether the Node Audit Analyzer should be used. This analyzer requires an internet connection.                                                                                                  | true                                                                                     |
+| nodeAudit    | useCache               | Sets whether the Node Audit Analyzer should cache results locally.                                                                                                                                   | true                                                                                     |
+| nodeAudit    | skipDevDependencies    | Sets whether the Node Audit Analyzer should skip devDependencies.                                                                                                                                    | false                                                                                    |
+| nodeAudit    | pnpmEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires yarn and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | pnpmPath               | Sets the path to the `pnpm` executable.                                                                                                                                                              | &nbsp;                                                                                   |
+| nodeAudit    | yarnEnabled            | Sets whether the Yarn Audit Analyzer should be used. This analyzer requires yarn and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | yarnPath               | Sets the path to the `yarn` executable.                                                                                                                                                              | &nbsp;                                                                                   |
+| nodeAudit    | pnpmEnabled            | Sets whether the Pnpm Audit Analyzer should be used. This analyzer requires pnpm and an internet connection.                                                                                         | true                                                                                     |
+| nodeAudit    | pnpmPath               | The path to `pnpm`.                                                                                                                                                                                  | &nbsp;                                                                                   |
+| nodeAudit    | url                    | The node audit API url to use.                                                                                                                                                                       | &nbsp;                                                                                   |
+| retirejs     | enabled                | Sets whether the RetireJS Analyzer should be used.                                                                                                                                                   | true                                                                                     |
+| retirejs     | forceupdate            | Sets whether the RetireJS Analyzer should update regardless of the `autoupdate` setting.                                                                                                             | false                                                                                    |
+| retirejs     | retireJsUrl            | The URL to the Retire JS repository.                                                                                                                                                                 | https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json |
+| retirejs     | user                   | Credentials used for basic authentication for the Retire JS repository URL.                                                                                                                          | &nbsp;                                                                                   |
+| retirejs     | password               | Credentials used for basic authentication for the Retire JS repository URL.                                                                                                                          | &nbsp;                                                                                   |
+| retirejs     | bearerToken            | Credentials used for bearer authentication for the Retire JS repository URL.                                                                                                                         | &nbsp;                                                                                   |
+| retirejs     | filterNonVulnerable    | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report.                                                                                                           | false                                                                                    |
+| retirejs     | filters                | Configures the list of regular expressions used to filter JS files based on content.                                                                                                                 | &nbsp;                                                                                   |
+| ossIndex     | enabled                | Sets whether [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be used. This analyzer requires an internet connection.                                                                 | true                                                                                     |
+| ossIndex     | username               | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none.     | &nbsp;                                                                                   |
+| ossIndex     | password               | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none.                                                                              | &nbsp;                                                                                   |
+| ossIndex     | warnOnlyOnRemoteErrors | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution.                                                     | false                                                                                    |
 
 #### Example
 ```groovy
 dependencyCheck {
-    analyzers.assemblyEnabled=false
+    analyzers.assemblyEnabled = false
 
-    analyzers.artifactory.enabled=true
-    analyzers.artifactory.url='https://internal.artifactory.url'
+    analyzers.artifactory.enabled = true
+    analyzers.artifactory.url = 'https://internal.artifactory.url'
 
     analyzers.retirejs.filters = ['(i)copyright Jeremy Long']
 
diff --git a/src/site/markdown/dependency-check-gradle/index.md.vm b/src/site/markdown/dependency-check-gradle/index.md.vm
index 1420ff43b5d..5d48ff723c3 100644
--- a/src/site/markdown/dependency-check-gradle/index.md.vm
+++ b/src/site/markdown/dependency-check-gradle/index.md.vm
@@ -5,11 +5,14 @@ libraries; creating a report of known vulnerable components that are included in
 
 It is important to understand that the first time this task is executed it may
 take 5-20 minutes as it downloads and processes the data from the National
-Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov
+Vulnerability Database (NVD) hosted by NIST: https://nvd.nist.gov.
 
 After the first batch download, as long as the plugin is executed at least once every
 seven days the update will only take a few seconds.
 
+The Dependency-Check team strongly recommends to [mirror the NVD database](../data/mirrornvd.html) for any operational
+integration. If not done, any service disruption of the NVD database will make the usage of Dependency-Check difficult.
+
 #set( $H = '#' )
 
 $H$H Quick Start
diff --git a/src/site/markdown/index.md b/src/site/markdown/index.md
index 5810b1ee3ea..925ffbf80a0 100644
--- a/src/site/markdown/index.md
+++ b/src/site/markdown/index.md
@@ -37,5 +37,3 @@ OWASP dependency-check's core analysis engine can be used as:
 For help with dependency-check the following resource can be used:
 
 - Open a [github issue](https://github.com/dependency-check/DependencyCheck/issues)
-
-<div style="display: flex;align-items:center;">Sponsor Development of dependency-check:&nbsp;<iframe src="https://github.com/sponsors/jeremylong/button" title="Sponsor jeremylong" height="35" width="116" style="border: 0;"></iframe></div>
\ No newline at end of file
diff --git a/src/site/markdown/related.md b/src/site/markdown/related.md
index 0a35d57ea2b..a77a18a681c 100644
--- a/src/site/markdown/related.md
+++ b/src/site/markdown/related.md
@@ -13,12 +13,11 @@ Related FOSS Projects
 
 Vulnerability Sources
 ------------------------
-The following are sources of vulnerability information. Dependency-check only uses information in the National Vulnerability
-Database (NVD). The other sources listed below contain vulnerability information that may not be included in the NVD.
+The following are sources of vulnerability information. Dependency-check only uses information in the [National Vulnerability
+Database (NVD)](https://nvd.nist.gov/). The other sources listed below contain vulnerability information that may not be included in the NVD.
 
 * [vFeed](http://www.toolswatch.org/vfeed)
 * [OSVDB](http://osvdb.org/)
-* [National Vulnerability Database](https://nvd.nist.gov/)
 * [Sonatype OSS Index](https://ossindex.sonatype.org/)
 
 Related Commercial Products
diff --git a/src/site/resources/general/SampleReport.html b/src/site/resources/general/SampleReport.html
index 746241b7cbe..61f6a77bb7a 100644
--- a/src/site/resources/general/SampleReport.html
+++ b/src/site/resources/general/SampleReport.html
@@ -562,7 +562,7 @@
 <h3><a href="https://dependency-check.github.io/DependencyCheck/general/thereport.html" target="_bank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> |
 <a href="https://dependency-check.github.io/DependencyCheck/general/suppression.html" target="_bank">Suppressing false positives</a> |
 Getting Help: <a href="https://groups.google.com/forum/#!forum/dependency-check" target="_blank">google group</a> | 
-<a href="https://github.com/jeremylong/DependencyCheck/issues" target="_blank">github issues</a></h3>
+<a href="https://github.com/dependency-check/DependencyCheck/issues" target="_blank">github issues</a></h3>
 
             <h2 class="">Project:&nbsp;DependencyCheck</h2>
             <div class="">
@@ -8876,7 +8876,7 @@ <h4 id="header188" class="subsectionheader expandable expandablesubsection white
                                                                     <tr><td>file</td><td>name</td><td>dependency-check-utils</td></tr>
                                                                     <tr><td>file</td><td>version</td><td>1.4.4</td></tr>
                                                                     <tr><td>Manifest</td><td>Implementation-Title</td><td>Dependency-Check Utils</td></tr>
-                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>https://github.com/jeremylong/DependencyCheck.git/dependency-check-utils</td></tr>
+                                                                    <tr><td>Manifest</td><td>implementation-url</td><td>https://github.com/dependency-check/DependencyCheck/tree/main/utils</td></tr>
                                                                     <tr><td>Manifest</td><td>Implementation-Vendor</td><td>OWASP</td></tr>
                                                                     <tr><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.owasp</td></tr>
                                                                     <tr><td>Manifest</td><td>Implementation-Version</td><td>1.4.4-SNAPSHOT</td></tr>
diff --git a/src/site/site.xml b/src/site/site.xml
index 5351274cc35..54f2fe1c443 100644
--- a/src/site/site.xml
+++ b/src/site/site.xml
@@ -128,5 +128,6 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             </item>
         </menu>
         <menu ref="reports" />
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </site>
diff --git a/test-docker.sh b/test-docker.sh
index 3d950493dec..51d3738e58c 100755
--- a/test-docker.sh
+++ b/test-docker.sh
@@ -4,13 +4,13 @@ VERSION=$(mvn -q \
     -Dexec.executable="echo" \
     -Dexec.args='${project.version}' \
     --non-recursive \
-    org.codehaus.mojo:exec-maven-plugin:1.3.1:exec)
+    org.codehaus.mojo:exec-maven-plugin:3.5.1:exec)
 
 SCAN_TARGET="./cli/target/release/lib"
 
 if [ ! -d "$SCAN_TARGET" ]; then 
-  echo "Scan target does not exist: $SCAN_TARGET"
-  exit 1
+    echo "Scan target does not exist: $SCAN_TARGET"
+    exit 1
 fi
 
 if [ -f "$HOME/OWASP-Dependency-Check/reports/dependency-check-report.json" ]; then
@@ -61,6 +61,8 @@ docker run --rm \
     --scan /src \
     --format "JSON" \
     --project "test scan" \
+    --disableCentral \
+    --disableOssIndex \
     --out /report \
     --log /report/odc.log \
     --nvdDatafeed https://dependency-check.github.io/DependencyCheck/hb_nvd/
@@ -71,8 +73,8 @@ cd -
 echo ""
 grep -oF "dependency-check-core-$VERSION.jar" $HOME/OWASP-Dependency-Check/reports/dependency-check-report.json  > /dev/null 2>&1
 if [[ "$?" -eq 0 ]] ; then
-  echo "SUCCESS - dependency-check docker test passed"
+    echo "SUCCESS - dependency-check docker test passed"
 else
-  echo "FAILED - dependency-check docker test failed"
-  exit 1
+    echo "FAILED - dependency-check docker test failed"
+    exit 1
 fi
diff --git a/utils/pom.xml b/utils/pom.xml
index 95ed9359188..76e3dc4b75d 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>12.1.1</version>
+        <version>12.1.8</version>
    </parent>
 
     <artifactId>dependency-check-utils</artifactId>
@@ -30,7 +30,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
         <connection>scm:git:https://github.com/dependency-check/DependencyCheck.git</connection>
         <url>https://github.com/dependency-check/DependencyCheck/tree/main/utils</url>
         <developerConnection>scm:git:git@github.com/dependency-check/DependencyCheck.git</developerConnection>
-        <tag>v12.1.1</tag>
+        <tag>v12.1.8</tag>
     </scm>
     <properties>
         <spotbugs.onlyAnalyze>org.owasp.dependencycheck.utils.*</spotbugs.onlyAnalyze>
@@ -95,12 +95,12 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
         <dependency>
             <groupId>io.netty</groupId>
             <artifactId>netty-codec-http</artifactId>
-            <version>4.2.0.Final</version>
+            <version>4.2.5.Final</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.mock-server</groupId>
-            <artifactId>mockserver-junit-rule</artifactId>
+            <artifactId>mockserver-junit-jupiter</artifactId>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java b/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
index e4eb9b69efa..df2ec1f746d 100644
--- a/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
+++ b/utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java
@@ -649,7 +649,7 @@ public CloseableHttpClient getHttpClient(boolean useProxy) {
      * @throws ResourceNotFoundException When HTTP status 404 is encountered
      */
     public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler<T> handler)
-            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException {
+            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
         return fetchAndHandle(url, handler, Collections.emptyList(), true);
     }
 
@@ -666,7 +666,7 @@ public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
      * @throws ResourceNotFoundException When HTTP status 404 is encountered
      */
     public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler<T> handler, @NotNull List<Header> hdr)
-            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException {
+            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
         return fetchAndHandle(url, handler, hdr, true);
     }
 
@@ -684,7 +684,7 @@ public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
      * @throws ResourceNotFoundException When HTTP status 404 is encountered
      */
     public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler<T> handler, @NotNull List<Header> hdr, boolean useProxy)
-            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException {
+            throws IOException, TooManyRequestsException, ResourceNotFoundException, URISyntaxException, ForbiddenException {
         final T data;
         if ("file".equals(url.getProtocol())) {
             final Path p = Paths.get(url.toURI());
@@ -717,7 +717,8 @@ public <T> T fetchAndHandle(@NotNull URL url, @NotNull HttpClientResponseHandler
      * @throws ResourceNotFoundException When HTTP status 404 is encountered
      */
     public <T> T fetchAndHandle(@NotNull CloseableHttpClient client, @NotNull URL url, @NotNull HttpClientResponseHandler<T> handler,
-                                @NotNull List<Header> hdr) throws IOException, TooManyRequestsException, ResourceNotFoundException {
+                                @NotNull List<Header> hdr) throws IOException, TooManyRequestsException,
+            ResourceNotFoundException, ForbiddenException {
         try {
             final String theProtocol = url.getProtocol();
             if (!("http".equals(theProtocol) || "https".equals(theProtocol))) {
@@ -732,6 +733,9 @@ public <T> T fetchAndHandle(@NotNull CloseableHttpClient client, @NotNull URL ur
         } catch (HttpResponseException hre) {
             final String messageFormat = "%s - Server status: %d - Server reason: %s";
             switch (hre.getStatusCode()) {
+                case 403:
+                    throw new ForbiddenException(String.format(messageFormat, url, hre.getStatusCode(),
+                            hre.getReasonPhrase()));
                 case 404:
                     throw new ResourceNotFoundException(String.format(messageFormat, url, hre.getStatusCode(), hre.getReasonPhrase()));
                 case 429:
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/ForbiddenException.java b/utils/src/main/java/org/owasp/dependencycheck/utils/ForbiddenException.java
new file mode 100644
index 00000000000..ee2c63728f5
--- /dev/null
+++ b/utils/src/main/java/org/owasp/dependencycheck/utils/ForbiddenException.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.owasp.dependencycheck.utils;
+
+import java.io.IOException;
+
+public class ForbiddenException extends IOException {
+
+    private static final long serialVersionUID = 1L;
+
+    public ForbiddenException(String message) {
+        super(message);
+    }
+
+    public ForbiddenException(String message, ForbiddenException cause) {
+        super(message, cause);
+    }
+}
diff --git a/utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java b/utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
deleted file mode 100644
index 4a14dd729d7..00000000000
--- a/utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
+++ /dev/null
@@ -1,250 +0,0 @@
-/*
- * This file is part of dependency-check-utils.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
- */
-package org.owasp.dependencycheck.utils;
-
-import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
-import org.apache.commons.lang3.StringUtils;
-
-import java.io.IOException;
-import java.net.Authenticator;
-import java.net.HttpURLConnection;
-import java.net.InetSocketAddress;
-import java.net.PasswordAuthentication;
-import java.net.Proxy;
-import java.net.SocketAddress;
-import java.net.URL;
-import java.util.Base64;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-/**
- * A URLConnection Factory to create new connections. This encapsulates several
- * configuration checks to ensure that the connection uses the correct proxy
- * settings.
- *
- * @author Jeremy Long
- */
-public final class URLConnectionFactory {
-
-    /**
-     * The logger.
-     */
-    private static final Logger LOGGER = LoggerFactory.getLogger(URLConnectionFactory.class);
-    /**
-     * The configured settings.
-     */
-    private final Settings settings;
-
-    /**
-     * Private constructor for this factory.
-     *
-     * @param settings reference to the configured settings
-     */
-    public URLConnectionFactory(Settings settings) {
-        this.settings = settings;
-    }
-
-    /**
-     * Utility method to create an HttpURLConnection. If the application is
-     * configured to use a proxy this method will retrieve the proxy settings
-     * and use them when setting up the connection.
-     *
-     * @param url the URL to connect to
-     * @return an HttpURLConnection
-     * @throws org.owasp.dependencycheck.utils.URLConnectionFailureException
-     * thrown if there is an exception
-     */
-    @SuppressWarnings("squid:S2583")
-    @SuppressFBWarnings(justification = "yes, there is a redundant null check in the catch - to suppress warnings we are leaving the null check",
-            value = {"RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE"})
-    public HttpURLConnection createHttpURLConnection(URL url) throws URLConnectionFailureException {
-        HttpURLConnection conn = null;
-        final String proxyHost = settings.getString(Settings.KEYS.PROXY_SERVER);
-
-        try {
-            if (proxyHost != null && !matchNonProxy(url)) {
-                final int proxyPort = settings.getInt(Settings.KEYS.PROXY_PORT);
-                final SocketAddress address = new InetSocketAddress(proxyHost, proxyPort);
-
-                final String username = settings.getString(Settings.KEYS.PROXY_USERNAME);
-                final String password = settings.getString(Settings.KEYS.PROXY_PASSWORD);
-
-                if (username != null && password != null) {
-                    final Authenticator auth = new Authenticator() {
-                        @Override
-                        public PasswordAuthentication getPasswordAuthentication() {
-                            if (proxyHost.equals(getRequestingHost()) || getRequestorType().equals(Authenticator.RequestorType.PROXY)) {
-                                LOGGER.debug("Using the configured proxy username and password");
-                                if (settings.getBoolean(Settings.KEYS.PROXY_DISABLE_SCHEMAS, true)) {
-                                    System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");
-                                }
-                                return new PasswordAuthentication(username, password.toCharArray());
-                            }
-                            return super.getPasswordAuthentication();
-                        }
-                    };
-                    Authenticator.setDefault(auth);
-                }
-
-                final Proxy proxy = new Proxy(Proxy.Type.HTTP, address);
-                conn = (HttpURLConnection) url.openConnection(proxy);
-            } else {
-                conn = (HttpURLConnection) url.openConnection();
-            }
-            final int connectionTimeout = settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 10000);
-            // set a conservative long default timeout to compensate for MITM-proxies that return the (final) bytes only
-            // after all security checks passed
-            final int readTimeout = settings.getInt(Settings.KEYS.CONNECTION_READ_TIMEOUT, 60_000);
-            conn.setConnectTimeout(connectionTimeout);
-            conn.setReadTimeout(readTimeout);
-            conn.setInstanceFollowRedirects(true);
-        } catch (IOException ex) {
-            if (conn != null) {
-                try {
-                    conn.disconnect();
-                } finally {
-                    conn = null;
-                }
-            }
-            throw new URLConnectionFailureException("Error getting connection.", ex);
-        }
-        addAuthenticationIfPresent(conn);
-        return conn;
-    }
-
-    /**
-     * Adds the basic authorization header if the URL contains a username and
-     * password. Example URL that will have the basic authorization header
-     * added:
-     * <code>http://username:password@passwordprotectednvdsite.internal/feeds/json/cve/1.1/nvdcve-1.1-modified.json.gz</code>
-     *
-     * @param conn the connection
-     */
-    private void addAuthenticationIfPresent(HttpURLConnection conn) {
-        final String userInfo = conn.getURL().getUserInfo();
-        if (userInfo != null) {
-            final String basicAuth = "Basic " + Base64.getEncoder().encodeToString(userInfo.getBytes(UTF_8));
-            if (LOGGER.isDebugEnabled()) {
-                LOGGER.debug("Adding user info as basic authorization");
-            }
-            conn.addRequestProperty("Authorization", basicAuth);
-        }
-    }
-
-    /**
-     * Adds a basic authentication header if the values in the settings are not
-     * null.
-     *
-     * @param conn the connection to add the basic auth header
-     * @param userKey the settings key for the username
-     * @param passwordKey the settings key for the password
-     */
-    public void addBasicAuthentication(HttpURLConnection conn, String userKey, String passwordKey) {
-        if (StringUtils.isNotEmpty(settings.getString(userKey))
-                && StringUtils.isNotEmpty(settings.getString(passwordKey))) {
-            final String user = settings.getString(userKey);
-            final String password = settings.getString(passwordKey);
-
-            if (user.isEmpty() || password.isEmpty()) {
-                if (LOGGER.isDebugEnabled()) {
-                    LOGGER.debug("Skip authentication as user and/or password is empty");
-                }
-            } else {
-                final String userColonPassword = user + ":" + password;
-                final String basicAuth = "Basic " + Base64.getEncoder().encodeToString(userColonPassword.getBytes(UTF_8));
-                if (LOGGER.isDebugEnabled()) {
-                    LOGGER.debug("Adding user/password from settings.xml as basic authorization");
-                }
-                conn.addRequestProperty("Authorization", basicAuth);
-            }
-        }
-    }
-
-    /**
-     * Check if host name matches nonProxy settings
-     *
-     * @param url the URL to connect to
-     * @return matching result. true: match nonProxy
-     */
-    @SuppressWarnings("StringSplitter")
-    private boolean matchNonProxy(final URL url) {
-        final String host = url.getHost();
-
-        // code partially from org.apache.maven.plugins.site.AbstractDeployMojo#getProxyInfo
-        final String nonProxyHosts = settings.getString(Settings.KEYS.PROXY_NON_PROXY_HOSTS);
-        if (null != nonProxyHosts) {
-            final String[] nonProxies = nonProxyHosts.split("(,)|(;)|(\\|)");
-            for (final String nonProxyHost : nonProxies) {
-                //if ( StringUtils.contains( nonProxyHost, "*" ) )
-                if (null != nonProxyHost && nonProxyHost.contains("*")) {
-                    // Handle wildcard at the end, beginning or middle of the nonProxyHost
-                    final int pos = nonProxyHost.indexOf('*');
-                    final String nonProxyHostPrefix = nonProxyHost.substring(0, pos);
-                    final String nonProxyHostSuffix = nonProxyHost.substring(pos + 1);
-                    // prefix*
-                    if (!StringUtils.isBlank(nonProxyHostPrefix) && host.startsWith(nonProxyHostPrefix) && StringUtils.isBlank(nonProxyHostSuffix)) {
-                        return true;
-                    }
-                    // *suffix
-                    if (StringUtils.isBlank(nonProxyHostPrefix) && !StringUtils.isBlank(nonProxyHostSuffix) && host.endsWith(nonProxyHostSuffix)) {
-                        return true;
-                    }
-                    // prefix*suffix
-                    if (!StringUtils.isBlank(nonProxyHostPrefix) && host.startsWith(nonProxyHostPrefix) && !StringUtils.isBlank(nonProxyHostSuffix)
-                            && host.endsWith(nonProxyHostSuffix)) {
-                        return true;
-                    }
-                } else if (host.equals(nonProxyHost)) {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
-    /**
-     * Utility method to create an HttpURLConnection. The use of a proxy here is
-     * optional as there may be cases where a proxy is configured but we don't
-     * want to use it (for example, if there's an internal repository
-     * configured)
-     *
-     * @param url the URL to connect to
-     * @param proxy whether to use the proxy (if configured)
-     * @return a newly constructed HttpURLConnection
-     * @throws org.owasp.dependencycheck.utils.URLConnectionFailureException
-     * thrown if there is an exception
-     */
-    public HttpURLConnection createHttpURLConnection(URL url, boolean proxy) throws URLConnectionFailureException {
-        if (proxy) {
-            return createHttpURLConnection(url);
-        }
-        final HttpURLConnection conn;
-        try {
-            conn = (HttpURLConnection) url.openConnection();
-            final int timeout = settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 10000);
-            conn.setConnectTimeout(timeout);
-            conn.setInstanceFollowRedirects(true);
-        } catch (IOException ioe) {
-            throw new URLConnectionFailureException("Error getting connection.", ioe);
-        }
-        addAuthenticationIfPresent(conn);
-        return conn;
-    }
-
-}
diff --git a/utils/src/site/site.xml b/utils/src/site/site.xml
index caa52824d39..9aefea3d18f 100644
--- a/utils/src/site/site.xml
+++ b/utils/src/site/site.xml
@@ -28,5 +28,6 @@ Copyright (c) 2014 Jeremy Long. All Rights Reserved.
         </breadcrumbs>
         <menu ref="Project Documentation" />
         <menu ref="reports" />
+        <footer><![CDATA[<p>&copy; 2012&ndash;2025 <a href="https://www.owasp.org">OWASP</a></p><img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=90c74bb8-b6d1-4464-a9b6-754067afe126" alt="" width="1" height="1" />]]></footer>
     </body>
 </project>
\ No newline at end of file
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/BaseTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/BaseTest.java
index ae52701e1ea..f766ba4202c 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/BaseTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/BaseTest.java
@@ -15,11 +15,13 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+
 import java.io.File;
 import java.net.URISyntaxException;
-import org.junit.After;
-import org.junit.Assume;
-import org.junit.Before;
+
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 /**
  *
@@ -35,7 +37,7 @@ public abstract class BaseTest {
     /**
      * Initialize the {@link Settings}.
      */
-    @Before
+    @BeforeEach
     public void setUp() {
         settings = new Settings();
     }
@@ -43,7 +45,7 @@ public void setUp() {
     /**
      * Clean the {@link Settings}.
      */
-    @After
+    @AfterEach
     public void tearDown() {
         settings.cleanup(true);
     }
@@ -56,7 +58,7 @@ public void tearDown() {
     protected Settings getSettings() {
         return settings;
     }
-    
+
     /**
      * Returns the given resource as a File using the object's class loader. The
      * org.junit.Assume API is used so that test cases are skipped if the
@@ -69,7 +71,7 @@ protected Settings getSettings() {
     public static File getResourceAsFile(Object o, String resource) {
         try {
             File f = new File(o.getClass().getClassLoader().getResource(resource).toURI().getPath());
-            Assume.assumeTrue(String.format("%n%n[SEVERE] Unable to load resource for test case: %s%n%n", resource), f.exists());
+            assumeTrue(f.exists(), String.format("%n%n[SEVERE] Unable to load resource for test case: %s%n%n", resource));
             return f;
         } catch (URISyntaxException e) {
             throw new UnsupportedOperationException(e);
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java
index 94f4d5ae03e..5f954bb1c32 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/ChecksumTest.java
@@ -17,34 +17,32 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.File;
 import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
-import org.junit.Assert;
-import static org.junit.Assert.assertArrayEquals;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class ChecksumTest {
+class ChecksumTest {
 
     /**
      * Test of getChecksum method, of class Checksum. This checks that an
      * exception is thrown when an invalid path is specified.
      *
-     * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testGetChecksum_FileNotFound() throws Exception {
+    void testGetChecksum_FileNotFound() {
         String algorithm = "MD5";
         File file = new File("not a valid file");
-        Exception exception = Assert.assertThrows(IOException.class, () -> Checksum.getChecksum(algorithm, file));
+        Exception exception = assertThrows(IOException.class, () -> Checksum.getChecksum(algorithm, file));
         assertTrue(exception.getMessage().contains("not a valid file"));
     }
 
@@ -52,13 +50,12 @@ public void testGetChecksum_FileNotFound() throws Exception {
      * Test of getChecksum method, of class Checksum. This checks that an
      * exception is thrown when an invalid algorithm is specified.
      *
-     * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testGetChecksum_NoSuchAlgorithm() throws Exception {
+    void testGetChecksum_NoSuchAlgorithm() {
         String algorithm = "some unknown algorithm";
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").getPath());
-        Exception exception = Assert.assertThrows(NoSuchAlgorithmException.class, () -> Checksum.getChecksum(algorithm, file));
+        Exception exception = assertThrows(NoSuchAlgorithmException.class, () -> Checksum.getChecksum(algorithm, file));
         assertTrue(exception.getMessage().contains("some unknown algorithm"));
     }
 
@@ -68,7 +65,7 @@ public void testGetChecksum_NoSuchAlgorithm() throws Exception {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testGetMD5Checksum() throws Exception {
+    void testGetMD5Checksum() throws Exception {
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         //String expResult = "F0915C5F46B8CFA283E5AD67A09B3793";
         String expResult = "f0915c5f46b8cfa283e5ad67a09b3793";
@@ -82,7 +79,7 @@ public void testGetMD5Checksum() throws Exception {
      * @throws Exception is thrown when an exception occurs.
      */
     @Test
-    public void testGetSHA1Checksum() throws Exception {
+    void testGetSHA1Checksum() throws Exception {
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         //String expResult = "B8A9FF28B21BCB1D0B50E24A5243D8B51766851A";
         String expResult = "b8a9ff28b21bcb1d0b50e24a5243d8b51766851a";
@@ -94,7 +91,7 @@ public void testGetSHA1Checksum() throws Exception {
      * Test of getHex method, of class Checksum.
      */
     @Test
-    public void testGetHex() {
+    void testGetHex() {
         byte[] raw = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
         //String expResult = "000102030405060708090A0B0C0D0E0F10";
         String expResult = "000102030405060708090a0b0c0d0e0f10";
@@ -106,7 +103,7 @@ public void testGetHex() {
      * Test of getChecksum method, of class Checksum.
      */
     @Test
-    public void testGetChecksum_String_File() throws Exception {
+    void testGetChecksum_String_File() throws Exception {
         String algorithm = "MD5";
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         String expResult = "f0915c5f46b8cfa283e5ad67a09b3793";
@@ -121,7 +118,7 @@ public void testGetChecksum_String_File() throws Exception {
      * Test of getMD5Checksum method, of class Checksum.
      */
     @Test
-    public void testGetMD5Checksum_File() throws Exception {
+    void testGetMD5Checksum_File() throws Exception {
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         String expResult = "f0915c5f46b8cfa283e5ad67a09b3793";
         String result = Checksum.getMD5Checksum(file);
@@ -132,7 +129,7 @@ public void testGetMD5Checksum_File() throws Exception {
      * Test of getSHA1Checksum method, of class Checksum.
      */
     @Test
-    public void testGetSHA1Checksum_File() throws Exception {
+    void testGetSHA1Checksum_File() throws Exception {
         File file = new File(this.getClass().getClassLoader().getResource("checkSumTest.file").toURI().getPath());
         String expResult = "b8a9ff28b21bcb1d0b50e24a5243d8b51766851a";
         String result = Checksum.getSHA1Checksum(file);
@@ -143,7 +140,7 @@ public void testGetSHA1Checksum_File() throws Exception {
      * Test of getChecksum method, of class Checksum.
      */
     @Test
-    public void testGetChecksum_String_byteArr() {
+    void testGetChecksum_String_byteArr() {
         String algorithm = "SHA1";
         byte[] bytes = {-16, -111, 92, 95, 70, -72, -49, -94, -125, -27, -83, 103, -96, -101, 55, -109};
         String expResult = "89268a389a97f0bfba13d3ff2370d8ad436e36f6";
@@ -155,7 +152,7 @@ public void testGetChecksum_String_byteArr() {
      * Test of getMD5Checksum method, of class Checksum.
      */
     @Test
-    public void testGetMD5Checksum_String() {
+    void testGetMD5Checksum_String() {
         String text = "test string";
         String expResult = "6f8db599de986fab7a21625b7916589c";
         String result = Checksum.getMD5Checksum(text);
@@ -166,7 +163,7 @@ public void testGetMD5Checksum_String() {
      * Test of getSHA1Checksum method, of class Checksum.
      */
     @Test
-    public void testGetSHA1Checksum_String() {
+    void testGetSHA1Checksum_String() {
         String text = "test string";
         String expResult = "661295c9cbf9d6b2f6428414504a8deed3020641";
         String result = Checksum.getSHA1Checksum(text);
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java b/utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
index 39dd348b4d7..016fa273397 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/DownloaderIT.java
@@ -17,29 +17,29 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.apache.hc.client5.http.impl.classic.AbstractHttpClientResponseHandler;
+import org.apache.hc.core5.http.HttpEntity;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
 
-import org.apache.hc.client5.http.impl.classic.AbstractHttpClientResponseHandler;
-import org.apache.hc.core5.http.HttpEntity;
-import org.junit.Test;
-
 import static java.nio.charset.StandardCharsets.UTF_8;
-import static org.junit.Assert.assertTrue;
-import org.junit.Before;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class DownloaderIT extends BaseTest {
+class DownloaderIT extends BaseTest {
 
     /**
      * Initialize the {@link Settings}.
      */
-    @Before
+    @BeforeEach
     @Override
     public void setUp() {
         super.setUp();
@@ -51,7 +51,7 @@ public void setUp() {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testFetchFile() throws Exception {
+    void testFetchFile() throws Exception {
         final String str = getSettings().getString(Settings.KEYS.ENGINE_VERSION_CHECK_URL, "https://dependency-check.github.io/DependencyCheck/current.txt");
         URL url = new URL(str);
         File outputPath = new File("target/current.txt");
@@ -66,9 +66,9 @@ public void testFetchFile() throws Exception {
      * @throws Exception thrown when an exception occurs.
      */
     @Test
-    public void testfetchAndHandleContent() throws Exception {
+    void testfetchAndHandleContent() throws Exception {
         URL url = new URL(getSettings().getString(Settings.KEYS.ENGINE_VERSION_CHECK_URL));
-        AbstractHttpClientResponseHandler<String> versionHandler = new AbstractHttpClientResponseHandler<String>() {
+        AbstractHttpClientResponseHandler<String> versionHandler = new AbstractHttpClientResponseHandler<>() {
             @Override
             public String handleEntity(HttpEntity entity) throws IOException {
                 try (InputStream in = entity.getContent()) {
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStreamTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStreamTest.java
index b7e0cc8bfa1..5607a148d27 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStreamTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStreamTest.java
@@ -17,6 +17,8 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.BufferedOutputStream;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -24,21 +26,21 @@
 import java.io.ObjectOutputStream;
 import java.util.ArrayList;
 import java.util.List;
-import static org.junit.Assert.fail;
-import org.junit.Test;
-import static org.junit.Assert.fail;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.fail;
 
 /**
  *
  * @author jeremy
  */
-public class ExpectedObjectInputStreamTest {
+class ExpectedObjectInputStreamTest {
 
     /**
      * Test of resolveClass method, of class ExpectedObjectInputStream.
      */
     @Test
-    public void testResolveClass() {
+    void testResolveClass() {
         List<SimplePojo> data = new ArrayList<>();
         data.add(new SimplePojo());
         try (ByteArrayOutputStream mem = new ByteArrayOutputStream();
@@ -57,11 +59,10 @@ public void testResolveClass() {
     /**
      * Test of resolveClass method, of class ExpectedObjectInputStream.
      */
-    @Test(expected = java.io.InvalidClassException.class)
-    public void testResolveClassException() throws Exception {
+    @Test
+    void testResolveClassException() throws Exception {
         List<SimplePojo> data = new ArrayList<>();
         data.add(new SimplePojo());
-
         ByteArrayOutputStream mem = new ByteArrayOutputStream();
         byte[] buf;
         try (ObjectOutputStream out = new ObjectOutputStream(new BufferedOutputStream(mem))) {
@@ -70,8 +71,7 @@ public void testResolveClassException() throws Exception {
             buf = mem.toByteArray();
         }
         ByteArrayInputStream in = new ByteArrayInputStream(buf);
-
         ExpectedObjectInputStream instance = new ExpectedObjectInputStream(in, "java.util.ArrayList", "org.owasp.dependencycheck.utils.SimplePojo");
-        instance.readObject();
+        assertThrows(java.io.InvalidClassException.class, instance::readObject);
     }
 }
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/FileUtilsTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/FileUtilsTest.java
index fec966af8a2..5c63b668099 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/FileUtilsTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/FileUtilsTest.java
@@ -17,30 +17,31 @@
  */
 package org.owasp.dependencycheck.utils;
 
+import org.junit.jupiter.api.Test;
+
 import java.io.File;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import org.junit.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class FileUtilsTest extends BaseTest {
+class FileUtilsTest extends BaseTest {
 
     /**
      * Test of getFileExtension method, of class FileUtils.
      */
     @Test
-    public void testGetFileExtension() {
+    void testGetFileExtension() {
         String[] fileName = {"something-0.9.5.jar", "lib2-1.1.js", "dir.tmp/noext"};
         String[] expResult = {"jar", "js", null};
 
         for (int i = 0; i < fileName.length; i++) {
             String result = FileUtils.getFileExtension(fileName[i]);
-            assertEquals("Failed extraction on \"" + fileName[i] + "\".", expResult[i], result);
+            assertEquals(expResult[i], result, "Failed extraction on \"" + fileName[i] + "\".");
         }
     }
 
@@ -48,31 +49,29 @@ public void testGetFileExtension() {
      * Test of delete method, of class FileUtils.
      */
     @Test
-    public void testDelete() throws Exception {
-
+    void testDelete() throws Exception {
         File file = File.createTempFile("tmp", "deleteme", getSettings().getTempDirectory());
-        if (!file.exists()) {
-            fail("Unable to create a temporary file.");
-        }
+
+        assertTrue(file.exists(), "Unable to create a temporary file.");
+
         boolean status = FileUtils.delete(file);
-        assertTrue("delete returned a failed status", status);
-        assertFalse("Temporary file exists after attempting deletion", file.exists());
+        assertTrue(status, "delete returned a failed status");
+        assertFalse(file.exists(), "Temporary file exists after attempting deletion");
     }
 
     /**
      * Test of delete method with a non-empty directory, of class FileUtils.
      */
     @Test
-    public void testDeleteWithSubDirectories() throws Exception {
-
+    void testDeleteWithSubDirectories() throws Exception {
         File dir = new File(getSettings().getTempDirectory(), "delete-me");
         dir.mkdirs();
         File file = File.createTempFile("tmp", "deleteme", dir);
-        assertTrue("Unable to create a temporary file " + file.getAbsolutePath(), file.exists());
+        assertTrue(file.exists(), "Unable to create a temporary file " + file.getAbsolutePath());
 
         // delete the file
         boolean status = FileUtils.delete(dir);
-        assertTrue("delete returned a failed status", status);
-        assertFalse("Temporary file exists after attempting deletion", file.exists());
+        assertTrue(status, "delete returned a failed status");
+        assertFalse(file.exists(), "Temporary file exists after attempting deletion");
     }
 }
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/JsonArrayFixingInputStreamTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/JsonArrayFixingInputStreamTest.java
index 274e7014a90..605dbc96892 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/JsonArrayFixingInputStreamTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/JsonArrayFixingInputStreamTest.java
@@ -17,29 +17,28 @@
  */
 package org.owasp.dependencycheck.utils;
 
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static java.nio.charset.StandardCharsets.UTF_8;
-import java.util.Arrays;
-import jakarta.json.JsonReader;
 import jakarta.json.Json;
 import jakarta.json.JsonArray;
+import jakarta.json.JsonReader;
 import org.apache.commons.io.IOUtils;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import static org.junit.Assert.assertFalse;
-import org.junit.Before;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.Test;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.Arrays;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class JsonArrayFixingInputStreamTest {
+class JsonArrayFixingInputStreamTest {
 
     final String sample1 = "{}";
     final String sample2 = "{}{}";
@@ -106,29 +105,13 @@ public class JsonArrayFixingInputStreamTest {
             + "\"GoMod\": \"/Users/me/go/pkg/mod/cache/download/github.com/!microsoft/hcsshim/@v/v0.8.8-0.20200421182805-c3e488f0d815.mod\"\n"
             + "}\n";
 
-    @BeforeClass
-    public static void setUpClass() throws Exception {
-    }
-
-    @AfterClass
-    public static void tearDownClass() throws Exception {
-    }
-
-    @Before
-    public void setUp() throws Exception {
-    }
-
-    @After
-    public void tearDown() throws Exception {
-    }
-
     /**
      * Test of read method, of class JsonArrayFixingInputStream.
      *
      * @throws Exception because one might happen
      */
     @Test
-    public void testRead_0args() throws Exception {
+    void testRead_0args() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             assertEquals('[', instance.read());
@@ -157,7 +140,7 @@ public void testRead_0args() throws Exception {
      * @throws Exception because one might happen
      */
     @Test
-    public void testRead_byteArr() throws Exception {
+    void testRead_byteArr() throws Exception {
         byte[] b = new byte[9];
         try (InputStream sample = new ByteArrayInputStream(sample2.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
@@ -185,8 +168,8 @@ public void testRead_byteArr() throws Exception {
         }
     }
 
-    @Test()
-    public void testRead_IOUtils() throws Exception {
+    @Test
+    void testRead_IOUtils() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample3.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             String results = IOUtils.toString(instance, UTF_8);
@@ -195,8 +178,8 @@ public void testRead_IOUtils() throws Exception {
         }
     }
 
-    @Test()
-    public void testRead_RealSample() throws Exception {
+    @Test
+    void testRead_RealSample() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample4.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             try (JsonReader reader = Json.createReader(instance)) {
@@ -211,8 +194,8 @@ public void testRead_RealSample() throws Exception {
      *
      * @throws Exception because one might happen
      */
-    @Test()
-    public void testRead_3args() throws Exception {
+    @Test
+    void testRead_3args() throws Exception {
         byte[] input = new byte[2048];
         Arrays.fill(input, (byte) ' ');
         input[0] = '{';
@@ -232,7 +215,7 @@ public void testRead_3args() throws Exception {
                 read = instance.read(results, pos, 2050 - pos);
                 pos += read;
             }
-            Assert.assertArrayEquals(expected, results);
+            assertArrayEquals(expected, results);
         }
     }
 
@@ -241,12 +224,14 @@ public void testRead_3args() throws Exception {
      *
      * @throws Exception because one might happen
      */
-    @Test(expected = UnsupportedOperationException.class)
-    public void testSkip() throws Exception {
-        try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
+    @Test
+    void testSkip() {
+        assertThrows(UnsupportedOperationException.class, () -> {
+            try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
-            instance.skip(1);
-        }
+                instance.skip(1);
+            }
+        });
     }
 
     /**
@@ -255,7 +240,7 @@ public void testSkip() throws Exception {
      * @throws Exception because one might happen
      */
     @Test
-    public void testAvailable() throws Exception {
+    void testAvailable() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             int results = instance.available();
@@ -275,7 +260,7 @@ public void testAvailable() throws Exception {
      * @throws Exception because one might happen
      */
     @Test
-    public void testClose() throws Exception {
+    void testClose() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             int i = instance.read();
@@ -288,7 +273,7 @@ public void testClose() throws Exception {
      * @throws Exception because one might happen
      */
     @Test
-    public void testMarkSupported() throws Exception {
+    void testMarkSupported() throws Exception {
         try (InputStream sample = new ByteArrayInputStream(sample1.getBytes());
                 JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(sample)) {
             boolean result = instance.markSupported();
@@ -297,7 +282,7 @@ public void testMarkSupported() throws Exception {
     }
 
     @Test
-    public void testIsWhiteSpace() throws Exception {
+    void testIsWhiteSpace() {
         JsonArrayFixingInputStream instance = new JsonArrayFixingInputStream(null);
         assertFalse(instance.isWhiteSpace((byte) 'a'));
         assertTrue(instance.isWhiteSpace((byte) '\n'));
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java
index 24d63cfa157..4fbd4b0118b 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java
@@ -17,11 +17,7 @@
  */
 package org.owasp.dependencycheck.utils;
 
-import static org.hamcrest.core.Is.is;
-import static org.hamcrest.core.IsNull.notNullValue;
-import static org.hamcrest.core.IsNull.nullValue;
-import static org.hamcrest.core.IsEqual.equalTo;
-import static org.hamcrest.MatcherAssert.assertThat;
+import org.junit.jupiter.api.Test;
 
 import java.io.File;
 import java.io.IOException;
@@ -29,35 +25,42 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import org.junit.Assert;
-import org.junit.Test;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.core.Is.is;
+import static org.hamcrest.core.IsEqual.equalTo;
+import static org.hamcrest.core.IsNull.notNullValue;
+import static org.hamcrest.core.IsNull.nullValue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
  * @author Jeremy Long
  */
-public class SettingsTest extends BaseTest {
+class SettingsTest extends BaseTest {
 
     /**
      * Test of getString method, of class Settings.
      */
     @Test
-    public void testGetString() {
+    void testGetString() {
         String key = Settings.KEYS.NVD_API_DATAFEED_VALID_FOR_DAYS;
         String expResult = "7";
         String result = getSettings().getString(key);
-        Assert.assertTrue(result.endsWith(expResult));
+        assertTrue(result.endsWith(expResult));
     }
 
     /**
      * Test of getDataFile method, of class Settings.
      */
     @Test
-    public void testGetDataFile() throws IOException {
+    void testGetDataFile() {
         String key = Settings.KEYS.DATA_DIRECTORY;
         String expResult = "data";
         File result = getSettings().getDataFile(key);
-        Assert.assertTrue(result.getAbsolutePath().endsWith(expResult));
+        assertTrue(result.getAbsolutePath().endsWith(expResult));
     }
 
     /**
@@ -67,170 +70,170 @@ public void testGetDataFile() throws IOException {
      * @throws java.net.URISyntaxException thrown when the test fails
      */
     @Test
-    public void testMergeProperties_String() throws IOException, URISyntaxException {
+    void testMergeProperties_String() throws IOException, URISyntaxException {
         String key = Settings.KEYS.PROXY_PORT;
         String expResult = getSettings().getString(key);
         File f = new File(this.getClass().getClassLoader().getResource("test.properties").toURI());
         //InputStream in = this.getClass().getClassLoader().getResourceAsStream("test.properties");
         getSettings().mergeProperties(f.getAbsolutePath());
         String result = getSettings().getString(key);
-        Assert.assertTrue("setting didn't change?", (expResult == null && result != null) || !expResult.equals(result));
+        assertTrue((expResult == null && result != null) || !expResult.equals(result), "setting didn't change?");
     }
 
     /**
      * Test of setString method, of class Settings.
      */
     @Test
-    public void testSetString() {
+    void testSetString() {
         String key = "newProperty";
         String value = "someValue";
         getSettings().setString(key, value);
         String expResults = getSettings().getString(key);
-        Assert.assertEquals(expResults, value);
+        assertEquals(value, expResults);
     }
 
     /**
      * Test of setStringIfNotNull method, of class Settings.
      */
     @Test
-    public void testSetStringIfNotNull() {
+    void testSetStringIfNotNull() {
         String key = "nullableProperty";
         String value = "someValue";
         getSettings().setString(key, value);
         getSettings().setStringIfNotNull(key, null); // NO-OP
         String expResults = getSettings().getString(key);
-        Assert.assertEquals(expResults, value);
+        assertEquals(value, expResults);
     }
 
     /**
      * Test of setStringIfNotNull method, of class Settings.
      */
     @Test
-    public void testSetStringIfNotEmpty() {
+    void testSetStringIfNotEmpty() {
         String key = "optionalProperty";
         String value = "someValue";
         getSettings().setString(key, value);
         getSettings().setStringIfNotEmpty(key, ""); // NO-OP
         String expResults = getSettings().getString(key);
-        Assert.assertEquals(expResults, value);
+        assertEquals(value, expResults);
     }
 
     /**
      * Test of getString method, of class Settings.
      */
     @Test
-    public void testGetString_String_String() {
+    void testGetString_String_String() {
         String key = "key That Doesn't Exist";
         String defaultValue = "blue bunny";
         String expResult = "blue bunny";
         String result = getSettings().getString(key);
-        Assert.assertTrue(result == null);
+        assertNull(result);
         result = getSettings().getString(key, defaultValue);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of getString method, of class Settings.
      */
     @Test
-    public void testGetString_String() {
+    void testGetString_String() {
         String key = Settings.KEYS.CONNECTION_TIMEOUT;
         String result = getSettings().getString(key);
-        Assert.assertTrue(result == null);
+        assertNull(result);
     }
 
     /**
      * Test of getInt method, of class Settings.
      */
     @Test
-    public void testGetInt() throws InvalidSettingException {
+    void testGetInt() throws InvalidSettingException {
         String key = "SomeNumber";
         int expResult = 85;
         getSettings().setString(key, "85");
         int result = getSettings().getInt(key);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of getInt method, of class Settings.
      */
     @Test
-    public void testGetIntDefault() throws InvalidSettingException {
+    void testGetIntDefault() {
         String key = "SomeKey";
         int expResult = 85;
         getSettings().setString(key, "blue");
         int result = getSettings().getInt(key, expResult);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of getLong method, of class Settings.
      */
     @Test
-    public void testGetLong() throws InvalidSettingException {
+    void testGetLong() throws InvalidSettingException {
         String key = "SomeNumber";
         long expResult = 300L;
         getSettings().setString(key, "300");
         long result = getSettings().getLong(key);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of getBoolean method, of class Settings.
      */
     @Test
-    public void testGetBoolean() throws InvalidSettingException {
+    void testGetBoolean() throws InvalidSettingException {
         String key = "SomeBoolean";
         getSettings().setString(key, "false");
         boolean expResult = false;
         boolean result = getSettings().getBoolean(key);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
 
         key = "something that does not exist";
         expResult = true;
         result = getSettings().getBoolean(key, true);
-        Assert.assertEquals(expResult, result);
+        assertEquals(expResult, result);
     }
 
     /**
      * Test of removeProperty method, of class Settings.
      */
     @Test
-    public void testRemoveProperty() {
+    void testRemoveProperty() {
         String key = "SomeKey";
         String value = "value";
         String dfault = "default";
         getSettings().setString(key, value);
         String ret = getSettings().getString(key);
-        Assert.assertEquals(value, ret);
+        assertEquals(value, ret);
         getSettings().removeProperty(key);
         ret = getSettings().getString(key, dfault);
-        Assert.assertEquals(dfault, ret);
+        assertEquals(dfault, ret);
     }
 
     /**
      * Test of getConnectionString.
      */
     @Test
-    public void testGetConnectionString() throws Exception {
+    void testGetConnectionString() throws Exception {
         String value = getSettings().getConnectionString(Settings.KEYS.DB_CONNECTION_STRING, Settings.KEYS.DB_FILE_NAME);
-        Assert.assertNotNull(value);
+        assertNotNull(value);
         String msg = null;
         try {
             value = getSettings().getConnectionString("invalidKey", null);
         } catch (InvalidSettingException e) {
             msg = e.getMessage();
         }
-        Assert.assertNotNull(msg);
+        assertNotNull(msg);
     }
 
     /**
      * Test of getTempDirectory.
      */
     @Test
-    public void testGetTempDirectory() throws Exception {
+    void testGetTempDirectory() throws Exception {
         File tmp = getSettings().getTempDirectory();
-        Assert.assertTrue(tmp.exists());
+        assertTrue(tmp.exists());
     }
 
     /**
@@ -238,7 +241,7 @@ public void testGetTempDirectory() throws Exception {
      * multiple values in an array.
      */
     @Test
-    public void testGetArrayFromADelimitedString() {
+    void testGetArrayFromADelimitedString() {
         // GIVEN a delimited string
         final String delimitedString = "value1,value2";
         getSettings().setString("key", delimitedString);
@@ -258,7 +261,7 @@ public void testGetArrayFromADelimitedString() {
      * property is not set.
      */
     @Test
-    public void testGetArrayWhereThePropertyIsNotSet() {
+    void testGetArrayWhereThePropertyIsNotSet() {
         // WHEN getting the array
         final String[] array = getSettings().getArray("key");
 
@@ -271,7 +274,7 @@ public void testGetArrayWhereThePropertyIsNotSet() {
      * empty array is ignored.
      */
     @Test
-    public void testSetArrayNotEmptyIgnoresAnEmptyArray() {
+    void testSetArrayNotEmptyIgnoresAnEmptyArray() {
         // GIVEN an empty array
         final String[] array = {};
 
@@ -287,7 +290,7 @@ public void testSetArrayNotEmptyIgnoresAnEmptyArray() {
      * array is ignored.
      */
     @Test
-    public void testSetArrayNotEmptyIgnoresAnNullArray() {
+    void testSetArrayNotEmptyIgnoresAnNullArray() {
         // GIVEN a null array
         final String[] array = null;
 
@@ -303,7 +306,7 @@ public void testSetArrayNotEmptyIgnoresAnNullArray() {
      * correctly stores the list as an array.
      */
     @Test
-    public void testSetArrayNotEmptyWithList() {
+    void testSetArrayNotEmptyWithList() {
         // GIVEN a null array
         final List<String> list = new ArrayList<>();
         list.add("one");
@@ -318,7 +321,7 @@ public void testSetArrayNotEmptyWithList() {
     }
 
     @Test
-    public void testMaskedKeys() {
+    void testMaskedKeys() {
         getSettings().initMaskedKeys();
         assertThat("password should be masked",
                 getSettings().getPrintableValue("odc.database.password", "s3Cr3t!"),
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/URLConnectionFactoryIT.java b/utils/src/test/java/org/owasp/dependencycheck/utils/URLConnectionFactoryIT.java
deleted file mode 100644
index e07b097ad4d..00000000000
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/URLConnectionFactoryIT.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * This file is part of dependency-check-utils.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Copyright (c) 2019 Jeremy Long. All Rights Reserved.
- */
-package org.owasp.dependencycheck.utils;
-
-import io.netty.handler.codec.http.HttpResponseStatus;
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import org.junit.Test;
-import static org.junit.Assert.*;
-import org.junit.Before;
-import org.junit.Rule;
-import org.mockserver.client.MockServerClient;
-import org.mockserver.junit.MockServerRule;
-import org.mockserver.matchers.Times;
-import org.mockserver.model.HttpRequest;
-import org.mockserver.model.HttpResponse;
-
-/**
- *
- * @author Jeremy Long
- */
-public class URLConnectionFactoryIT extends BaseTest {
-
-    @Rule
-    public MockServerRule mockServerRule = new MockServerRule(this);
-
-    private MockServerClient mockServerClient;
-
-    @Before
-    public void reset() {
-        mockServerClient.reset();
-    }
-
-    /**
-     * Test of createHttpURLConnection method, of class URLConnectionFactory to
-     * validate if a basic authorization header is added.
-     */
-    @Test
-    public void testCreateHttpURLConnection_Authorization_unauthorized() throws Exception {
-        mockServerClient.when(HttpRequest.request().withMethod("GET")
-                .withHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ=")
-                .withPath("/secure/resource.xml"), Times.once())
-                .respond(HttpResponse.response().withBody("ok").withStatusCode(200));
-        mockServerClient.when(HttpRequest.request().withMethod("GET")
-                .withPath("/secure/resource.xml"), Times.once())
-                .respond(HttpResponse.response().withBody("Unauthorized").withStatusCode(401));
-
-        URL url = new URL("http://localhost:"
-                + mockServerClient.remoteAddress().getPort()
-                + "/secure/resource.xml");
-        URLConnectionFactory instance = new URLConnectionFactory(getSettings());
-        HttpURLConnection conn = instance.createHttpURLConnection(url);
-        try {
-            conn.connect();
-        } catch (IOException ex) {
-
-        }
-        assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), conn.getResponseCode());
-        conn.disconnect();
-    }
-
-    /**
-     * Test of createHttpURLConnection method, of class URLConnectionFactory to
-     * validate if a basic authorization header is added.
-     */
-    @Test
-    public void testCreateHttpURLConnection_Authorization() throws Exception {
-        mockServerClient.when(HttpRequest.request().withMethod("GET")
-                .withHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ=")
-                .withPath("/secure/resource.xml"), Times.once())
-                .respond(HttpResponse.response().withBody("ok").withStatusCode(200));
-        mockServerClient.when(HttpRequest.request().withMethod("GET")
-                .withPath("/secure/resource.xml"), Times.once())
-                .respond(HttpResponse.response().withBody("Unauthorized").withStatusCode(401));
-
-        URL url = new URL("http://username:password@localhost:"
-                + mockServerClient.remoteAddress().getPort()
-                + "/secure/resource.xml");
-        URLConnectionFactory instance = new URLConnectionFactory(getSettings());
-        HttpURLConnection conn = instance.createHttpURLConnection(url);
-        try {
-            conn.connect();
-        } catch (IOException ex) {
-
-        }
-        assertEquals(HttpResponseStatus.OK.code(), conn.getResponseCode());
-        conn.disconnect();
-    }
-}
diff --git a/utils/src/test/java/org/owasp/dependencycheck/utils/search/FileContentSearchTest.java b/utils/src/test/java/org/owasp/dependencycheck/utils/search/FileContentSearchTest.java
index fdb7a7c8734..956c29180ce 100644
--- a/utils/src/test/java/org/owasp/dependencycheck/utils/search/FileContentSearchTest.java
+++ b/utils/src/test/java/org/owasp/dependencycheck/utils/search/FileContentSearchTest.java
@@ -17,22 +17,24 @@
  */
 package org.owasp.dependencycheck.utils.search;
 
-import java.io.File;
-import org.junit.Test;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
 import org.owasp.dependencycheck.utils.BaseTest;
 
+import java.io.File;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
 /**
  *
  * @author Jeremy Long
  */
-public class FileContentSearchTest extends BaseTest {
+class FileContentSearchTest extends BaseTest {
 
     /**
      * Test of contains method, of class FileContentSearch.
      */
     @Test
-    public void testContains_File_String() throws Exception {
+    void testContains_File_String() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "SearchTest.txt");
         String pattern = "blue";
         boolean expResult = false;
@@ -44,7 +46,7 @@ public void testContains_File_String() throws Exception {
         result = FileContentSearch.contains(file, pattern);
         assertEquals(expResult, result);
 
-        
+
         pattern = "(?i)test";
         expResult = true;
         result = FileContentSearch.contains(file, pattern);
@@ -55,14 +57,14 @@ public void testContains_File_String() throws Exception {
      * Test of contains method, of class FileContentSearch.
      */
     @Test
-    public void testContains_File_List() throws Exception {
+    void testContains_File_List() throws Exception {
         File file = BaseTest.getResourceAsFile(this, "SearchTest.txt");
         String[] patterns = {"jeremy long", "blue"};
-        
+
         boolean expResult = false;
         boolean result = FileContentSearch.contains(file, patterns);
         assertEquals(expResult, result);
-        
+
         String[] patterns2 = {"jeremy long", "blue", "(?i)jeremy long"};
         expResult = true;
         result = FileContentSearch.contains(file, patterns2);
diff --git a/utils/src/test/resources/dependencycheck.properties b/utils/src/test/resources/dependencycheck.properties
index 8220a95a3dc..4f32ef227a4 100644
--- a/utils/src/test/resources/dependencycheck.properties
+++ b/utils/src/test/resources/dependencycheck.properties
@@ -80,7 +80,7 @@ central.content.url=https://search.maven.org/remotecontent?filepath=
 # Note - the central query is used in a String.format(query, url, sha1)).
 # As such, it must have two %s and any other % must be escapped by doubling it
 analyzer.central.query=%s?q=1:%s&wt=xml
-analyzer.central.retry.count=7
+analyzer.central.retry.count=3
 analyzer.central.parallel.analysis=false
 
 # the URL for searching NPM Audit API