diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 344957635d6..f4c254219e5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -2,7 +2,7 @@ name: Build and Deploy Release
 
 ##
 ## Automates the release process
-## 1. Update the 'body:' below and the release_notes.md
+## 1. Update the 'body:' below and the changelog.md
 ## 2. Run `./prepare-release.sh`
 ## 3. Create PR, merge PR
 ## 4. Run `git push origin main --tags`
@@ -185,12 +185,25 @@ jobs:
           prerelease: false
           draft: false
           body: |
-            ### Changes
-            - Automated release of 7.3.1 failed and only published to Central; 7.3.2 is a re-release of 7.3.1.
-            - Resolved several false positives and false negatives.
-            - Use Jackson Afterburner if still on Java 8 (#4966).
-            - Exclude `node_modules` from the Maven plugin's scan path (#4974).
-            - See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/51?closed=1).
+            ### Added
+
+            - Add support for npm package lock v2 and v3 (#5078)
+            - Added experimental support for Python Poetry (#5025)
+            - Added a vanilla HTML report for use in Jenkins (#5053)
+
+            ### Changed
+
+            - Renamed `RELEASE_NOTES.md` to `CHANGELOG.md` to be more conventional
+            - Optimized checksum calculation to improve performance (#5112)
+            - Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
+            - Bumped several dependencies
+
+            ### Fixed
+
+            - Fixed bug when setting the proxy port (#5076)
+            - Resolved several FP and FN
+
+            See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/52?closed=1).
 
       - name: Upload CLI
         id: upload-release-cli
diff --git a/RELEASE_NOTES.md b/CHANGELOG.md
similarity index 81%
rename from RELEASE_NOTES.md
rename to CHANGELOG.md
index 3b7847475e4..27fa5617340 100644
--- a/RELEASE_NOTES.md
+++ b/CHANGELOG.md
@@ -1,154 +1,195 @@
-# Release Notes
+# Change Log
 
-## [Version 7.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.3.2) (2022-11-16)
+## [Version 7.4.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.4.0) (2022-12-04)
 
-**Changes**
+### Added
+
+- Add support for npm package lock v2 and v3 (#5078)
+- Added experimental support for Python Poetry (#5025)
+- Added a vanilla HTML report for use in Jenkins (#5053)
+
+### Changed
+
+- Renamed `RELEASE_NOTES.md` to `CHANGELOG.md` to be more conventional
+- Optimized checksum calculation to improve performance (#5112)
+- Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
+- Bumped several dependencies
+
+### Fixed
+
+- Fixed bug when setting the proxy port (#5076)
+- Resolved several FP and FN
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/52?closed=1).
+
+## [Version 7.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.3.2) (2022-11-18)
+
+### Changed
 
 - Automated release of 7.3.1 failed and only published to Central; 7.3.2 is a re-release of 7.3.1.
 - Resolved several false positives and false negatives.
 - Use Jackson Afterburner if still on Java 8 (#4966).
 - Exclude `node_modules` from the Maven plugin's scan path (#4974).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/51?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/51?closed=1).
 
 ## [Version 7.3.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.3.1) (2022-11-16)
 
-**Changes**
+### Changed
 
 - Resolved several false positives and false negatives.
 - Use Jackson Afterburner if still on Java 8 (#4966).
 - Exclude `node_modules` from the Maven plugin's scan path (#4974).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/51?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/51?closed=1).
 
 ## [Version 7.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.3.0) (2022-10-19)
 
-**Changes**
+### Added
 
-- Fixed issue with the Maven plugin that caused concurrent modification exceptions (#4935).
-- Migrated from Jackson Afterburner to Blackbird (#4905).
 - Added an experimental Dart analyzer (#4869).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/50?closed=1).
+
+### Changed
+
+- Migrated from Jackson Afterburner to Blackbird (#4905).
+
+### Fixed
+
+- Fixed issue with the Maven plugin that caused concurrent modification exceptions (#4935).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/50?closed=1).
 
 ## [Version 7.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.2.1) (2022-09-20)
 
-**Changes**
+### Fixed
 
 - Fixed logging issue (#4846).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/49?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/49?closed=1).
 
 ## [Version 7.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.2.0) (2022-09-14)
 
-**Changes**
+### Changed
 
 - Add support for Bazel's pinned `maven_install.json` (#4772).
 - Fixed bug preventing the use of custom report templates (#4800).
 - Updated several dependencies including upgrades for dependencies with CVEs.
 - Several bug fixes made and suppression rules were added.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/48?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/48?closed=1).
 
 ## [Version 7.1.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.1.2) (2022-08-20)
 
-**Changes**
+### Changed
 
 - The maven plugin now includes pnpm and yarn lock files in the scan by default (#4753).
 - If a suppression rule is no longer used a log entry will be written (#4685).
 - Several bug fixes made and suppression rules added.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/47?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/47?closed=1).
 
 ## [Version 7.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.1.1) (2022-06-12)
 
-**Changes**
+### Fixed
 
 - Minor bug fixes.
 - Resolved several false positives.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/45?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/45?closed=1).
 
 ## [Version 7.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.1.0) (2022-04-23)
 
-**Changes**
+### Changed
 
 - Improved sorting in the HTML report ([see #4112](https://github.com/jeremylong/DependencyCheck/issues/4112)).
 - Improved support for Swift ([see #4265](https://github.com/jeremylong/DependencyCheck/pull/4265)).
 - Resolved several false positives.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/44?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/45?closed=1).
 
 ## [Version 7.0.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.0.4) (2022-03-30)
 
-**Changes**
+### Changed
 
 - Update to `jackson-databind` (see #4285).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/43?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/43?closed=1).
 
 ## [Version 7.0.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.0.3) (2022-03-29)
 
-**Changes**
+### Changed
 
 - Update to `jackson-databind` (see #4285).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/42?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/42?closed=1).
 
 ## [Version 7.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.0.2) (2022-03-28)
 
-**Changes**
+### Changed
 
 - General project maintenance, bug fixes, and false positive and false negative reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/41?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/41?closed=1).
 
 ## [Version 7.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.0.1) (2022-03-23)
 
-**Changes**
+### Changed
 
 - General project maintenance, bug fixes, and false positive reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/40?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/40?closed=1).
 
 ## [Version 7.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v7.0.0) (2022-02-28)
 
-**Breaking Changes**
+### Changed
 
-- The H2 database version has been upgraded.
+- **Breaking:** The H2 database version has been upgraded.
   - if you use the `dataDirectory` option you will need to run a purge after upgrading.
-- Upgraded to dotnet core 6.0. If analyzing dotnet assemblies the system will need to have the dotnet core 6.0.x runtime available.
-
-**Changes**
-
+- **Breaking:** Upgraded to dotnet core 6.0. If analyzing dotnet assemblies the system will need to have the dotnet core 6.0.x runtime available.
 - The Sarif report format has been fixed and can now be imported into GitHub if desired (See #3993).
 - Introduced IssueOps for False Positive reports to assist the team in evaluating FP reports.
   - [Create New FP Report Issue](https://github.com/jeremylong/DependencyCheck/issues/new?assignees=&labels=FP+Report&template=false-positive-report.yml&title=%5BFP%5D%3A+).
 - When analyzing Java projects ODC now includes data from the developers section. 
   - This will likely cause false positives on things like Apache James, please report the FP and we will fix these quickly.
 - General project maintenance, bug fixes, and false positive reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/28?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/28?closed=1).
 
 ## [Version 6.5.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.5.3) (2022-01-12)
 
-**Changes**
+### Changed
 
 - Performance improvements for some Maven projects (see #3923 and #3931).
 - Fixed bug in npm version handling introduced in 6.5.2 (see #3956).
 - Improved the node package analyzer to correctly report the origin of a dependency (see #3970).
 - General code maintenance and false positive reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/39?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/39?closed=1).
 
 ## [Version 6.5.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.5.2) (2022-01-03)
 
-**Changes**
+### Changed
 
 - Fixed false positives around log4j-api and Log4j-web (#3910 & #3937).
 - Bug fix when processing NPM lock files (#3893).
 - Added missing `pnpm` argmument to the CLI (#3916).
 - General code maintenance and false positive reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/38?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/38?closed=1).
 
 ## [Version 6.5.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.5.1) (2021-12-17)
 
-**Changes**
+### Changed
 
 - Updated the dependency-check-maven plugin to correctly support SNAPSHOT version when a classifier is specified (#3787).
 - Improved the analysis of Swift package manager (package.resolved - see #3813).
 - General code maintenance and false positive reductions.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/37?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/37?closed=1).
 
 ## [Version 6.5.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.5.0) (2021-11-08)
 
-**Changes**
+### Changed
 
 - Updated build configuration to create [reproducible builds](https://reproducible-builds.org/).
 - Updated automated release process to work with branch protection.
@@ -157,66 +198,74 @@
 - Improved iOS support per #3168 and #3765
 - Added the a new pnpm Analyzer
 - Fixed issue with some npm and yarn analysis failing due to large audit output
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/36?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/36?closed=1).
 
 ## [Version 6.4.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.4.1) (2021-10-11)
 
-**Changes**
+### Added
 
 - Added download attempts with increasing wait time for `CVE meta` files from the NVD to prevent rate limiting issues (see [#3725](https://github.com/jeremylong/DependencyCheck/pull/3725)).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/35?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/35?closed=1).
 
 ## [Version 6.4.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.4.0) (2021-10-11)
 
-**Changes**
+### Changed
 
 - Increased timeout between downloads from the NVD to prevent rate limiting issues (see [#3722](https://github.com/jeremylong/DependencyCheck/pull/3722)).
   - `cveStartYear` is now configurable and can be set to any year from 2002 to present.
   - `cveWaitTime` is a new configuration option to define how many milliseconds to wait between NVD downloads; default is 4000 ms (see [#3690](https://github.com/jeremylong/DependencyCheck/pull/3690)).
   - The NVD CVE data files are now being cached for up to 4 hours in case a download fails, re-running ODC will use the cached version.
 - Fixed NPE in the ODC maven plugin (see [#3702](https://github.com/jeremylong/DependencyCheck/pull/3702).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/34?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/34?closed=1).
 
 ## [Version 6.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.3.2) (2021-09-29)
 
-**Changes**
+### Changed
 
 - Reduced chance of rate limiting when download files from NVD (see [#2670](https://github.com/jeremylong/DependencyCheck/pull/3670)).
 - Fixed bug causing some transitive dependencies being skipped in the odc-maven-plugin (see [#3627](https://github.com/jeremylong/DependencyCheck/pull/3627)).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/33?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/33?closed=1).
 
 ## [Version 6.3.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.3.1) (2021-09-01)
 
-**Changes**
+### Fixed
 
 - Fixed [ConcurrentModificationException](https://github.com/jeremylong/DependencyCheck/issues/3618)
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/32?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/32?closed=1).
 
 ## [Version 6.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.3.0) (2021-08-31)
 
-**Changes**
+### Changed
 
 - Many updates were made to improve performance on large scans, reduce false positives, and other bug fixes.
 - Increased the width of four columns in the database; if you use a an external database you should also update the width (see [upgrade_5.1.sql](https://github.com/jeremylong/DependencyCheck/blob/main/core/src/main/resources/data/upgrade_5.1.sql)).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/31?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/31?closed=1).
 
 ## [Version 6.2.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.2.2) (2021-06-10)
 
-**Changes**
+### Fixed
 
 - Resolved issue with database connections introduced in 6.2.0 (see https://github.com/jeremylong/DependencyCheck/issues/3432).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/30?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/30?closed=1).
 
 ## [Version 6.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.2.1) (2021-06-08)
 
-**Changes**
+### Fixed
 
 - Resolved issue with database connections introduced in 6.2.0 (see https://github.com/jeremylong/DependencyCheck/issues/3416).
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/29?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/29?closed=1).
 
 ## [Version 6.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.2.0) (2021-05-29)
 
-**Changes**
+### Changed
 
 - Added an experimental Perl CPAN analyzer [#3378](https://github.com/jeremylong/DependencyCheck/pull/3378)
   - Note that the full DSL of the CPAN is not yet supported so any required dependency is analyzed (i.e. there is no way to exclude development requirements)
@@ -224,85 +273,95 @@
 - The archive analyzer now extracts files from RPM archives [#3226](https://github.com/jeremylong/DependencyCheck/pull/3226)
 - Ensure ordered output in reports [#3243](https://github.com/jeremylong/DependencyCheck/pull/3343)
 - Several minor bug fixes and updates to reduce false positives
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/27?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/27?closed=1).
 
 ## [Version 6.1.6](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.6) (2021-04-29)
 
-**Changes**
+### Fixed
 
 - Resolved issue with Sarif report (#3243)
 - Resolved issue with Ruby Bundle Audit (#3256)
 - Several minor bug fixes and updates to reduce false positives
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/26?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/26?closed=1).
 
 ## [Version 6.1.5](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.5) (2021-03-31)
 
-**Changes**
+### Fixed
 
 - Fixed a second NPE introduced in 6.1.3 (see #3246)
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/25?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/25?closed=1).
 
 ## [Version 6.1.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.4) (2021-03-30)
 
-**Changes**
+### Changed
 
 - Fixed an NPE introduced in 6.1.3 (see #3212)
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/24?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/24?closed=1).
 
 ## [Version 6.1.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.3) (2021-03-22)
 
-**Changes**
+### Changed
 
 - Modified the new CPE matching strategy to be more performant (#3207)
 - Upgraded a vulnerable dependency (velocity-engine-core/CVE-2020-13936) (#3205)
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/23?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/23?closed=1).
 
 ## [Version 6.1.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.2) (2021-03-08)
 
-**Changes**
+### Changed
 
 - Fixed a bug in the Sarif report generation.
 - Fixed a bug with the Ant task not being able to read the dependency-check properties file in 6.1.1.
 - Added a new CPE matching strategy to reduce false negatives.
 - CLI and Ant task will no longer be published to bintray.
 - Several minor bug fixes.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/22?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/22?closed=1).
 
 ## [Version 6.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.1) (2021-02-13)
 
-**Changes**
+### Changed
 
 - Added missing configuration options for yarn and msbuild.
 - Several bug fixes.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/21?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/21?closed=1).
 
 ## [Version 6.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.1.0) (2021-01-27)
 
-**Changes**
+### Changed
 
 - Added SARIF file format per [#3081](https://github.com/jeremylong/DependencyCheck/issues/3081).
 - Added support for Yarn per [#3063](https://github.com/jeremylong/DependencyCheck/pull/3063).
 - False positive reduction and minor bug fixes.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/20?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/20?closed=1).
 
 ## [Version 6.0.5](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.5) (2021-01-07)
 
-**Changes**
+### Changed
 
 - Added missing command line arguments per #3028 and #3035.
 - False positive reduction and minor bug fixes.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/19?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/19?closed=1).
 
 ## [Version 6.0.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.4) (2020-12-31)
 
-**Changes**
+### Changed
 
 - Minor bug fixes and reduction of false positives.
-- See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/18?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/18?closed=1).
 
 ## [Version 6.0.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.3) (2020-11-03)
 
-**Changes**
+### Changed
 
 - Added a bash command completion script (see #2916); to add completion to your shell
   `completion-for-dependency-check.sh` can be found in the bin directory of the CLI:
@@ -319,11 +378,12 @@
     in a future release.
 - Support for external Oracle databases has been add for the 6.x releases (see #2899)
 - Resolved several reported false positives.
-- Several other bug fixes have been implemented; see the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/17?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/17?closed=1).
 
 ## [Version 6.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.2) (2020-09-27)
 
-**Changes**
+### Changed
 
 - The project is migrating from hosting the release archives on Bintray and moving them to Github under the assets for each [release](https://github.com/jeremylong/DependencyCheck/releases)
   - **Please update any automation you have to point to the new location.**
@@ -331,22 +391,22 @@
 - GoLang Analyzer now scans transitive dependencies; see #2680.
 - Several bug fixes found in 6.0.1.
 
-- Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/16?closed=1).
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/16?closed=1).
 
 ## [Version 6.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.1) (2020-09-13)
 
-**Changes**
+### Changed
 
 - Improved error messages when upgrading from 5.x to 6.x; due to breaking database changes if the old
   database schema is detected an error message is produced indicating that the old database should be purged.
 - Fixed the database path for the Ant and Gradle plugins.
 - Added locking around the RetireJS updates to resolve read/write conflicts in CI environments.
 
-- Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/15?closed=1).
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/15?closed=1).
 
 ## [Version 6.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v6.0.0) (2020-09-07)
 
-**Changes**
+### Changed
 
 - Updated database schema; this is a *breaking change* and anyone using an external database or those whom
   specify the data directory will need recreate the database (including users of the docker image). The schema
@@ -359,93 +419,101 @@
 - Users mirroring the NVD - ODC 6.0.0 requires the use of the version 1.1 data feeds
   - please ensure you are using 1.1 not the 1.0 data feed.
   
-- Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/14?closed=1).
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/14?closed=1).
 
 ## [Version 5.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.3.2) (2020-03-26)
 
-**Changes**
+### Changed
 
 - Several bug fixes
 - Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/13?closed=1).
 
 ## [Version 5.3.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.3.1) (2020-03-10)
 
-**Changes**
+### Changed
 
 - Added an experimental PE Analyzer that reads the PE headers of DLL and EXE files; see [#2448](https://github.com/jeremylong/DependencyCheck/pull/2448) and [#2446](https://github.com/jeremylong/DependencyCheck/pull/2446).
 - Lots of bug fixes and updates to false positives and false negatives
   - You may see a large one time performance hit when updating the database after updating to 5.3.1
-- Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/12?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/12?closed=1).
 
 ## [Version 5.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.3.0) (2020-01-15)
 
-**Changes**
+### Changed
 
 - Updated the JSON report to include a new field for unscored vulnerabilities (see #2392).
 - Updated the XML report to include a new attribute to flag unscored vulnerabilities (see #2392)
   - see https://github.com/jeremylong/DependencyCheck/blob/master/core/src/main/resources/schema/dependency-check.2.3.xsd
 - Added an experimental analyzer that will lookup Node libraries in the NVD data feeds (see #1249)
   - `NpmCPEAnalyzer`, experimental analyzers must be enabled, controlled via property `analyzer.npm.cpe.enabled` which will be exposed as a configuration option in the next release.
-- Full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/11?closed=1).
+
+See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/11?closed=1).
 
 ## [Version 5.2.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.4) (2019-11-12)
 
-**Changes**
+### Changed
 
 - Reverted a in 5.2.3 that caused the dependency-check.sh script to fail on some systems (including the docker image).
 - Fixed issue with pretty printing the XML report.
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.4).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.4).
 
 ## [Version 5.2.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.3) (2019-11-11)
 
-**Changes**
+### Changed
 
 - Updated to use the NVD JSON 1.1 schema (see [#2273](https://github.com/jeremylong/DependencyCheck/issues/2273)).
   - This update is 100% backward compatible with the 1.0 schema if you are mirroring the 1.0 JSON files.
 - Added `nonProxyHosts` to the CLI and gradle plugin.
 - False positive corrections.
 - General code cleanup/bug fix.
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.3) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.2.3+is%3Aclosed+).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.3) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.2.3+is%3Aclosed+).
 
 ## [Version 5.2.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.2) (2019-09-22)
 
-**Changes**
+### Changed
 
 - False positive corrections
 - General code cleanup/bug fix
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.2).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.2).
 
 ## [Version 5.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.1) (2019-08-04)
 
-**Changes**
+### Changed
 
 - Updated docker container to include additional database drivers and reduce overall image size
 - Performance improvements when using some external databases
 - False positive corrections
 - General code cleanup/bug fix
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.1).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.1).
 
 ## [Version 5.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.2.0) (2019-07-21)
 
-**Changes**
+### Changed
 
 - Resolved formatting issues within the CSV report
 - False positive corrections
 - Renamed three properties within the `dependencycheck.properties`; there is no impact unless you are using a properties file in your build to control the CLI.
 - Added support for rbenv for Bundle Audit Analysis (see https://github.com/jeremylong/DependencyCheck/issues/2060).
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.0).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue++is%3Aclosed+milestone%3A5.2.0).
 
 ## [Version 5.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.1.1) (2019-07-15)
 
-**Changes**
+### Changed
 
 - False positive corrections
 - General code cleanup
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?q=is%3Aissue+milestone%3A5.1.1+is%3Aclosed).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?q=is%3Aissue+milestone%3A5.1.1+is%3Aclosed).
 
 ## [Version 5.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.1.0) (2019-06-28)
 
-**Changes**
+### Changed
 
 - Added two experimental analyzers to support Golang.
 - Updated the suppression schema to support suppressing OSS Index, RetireJS, NSP vulnerabilities, etc.
@@ -453,22 +521,23 @@
   - See the updated examples on https://jeremylong.github.io/DependencyCheck/general/suppression.html.
 - Added optional configuration to add credentials to the OSS Index analysis.
 - Resolved issues when Oracle or MySQL were used as a centralized database in 5.0.0.
-- Full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.1.0) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.1.0).
+
+See the full listing of [resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.1.0) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.1.0).
 
 ## [Version 5.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0) (2019-06-09)
 
-**Changes**
+### Changed
 
 - Add caching of OSS-Index, Central Analyzer, and Node Audit analysis results.
 - General bug fixes identified in the previous milestone releases; see [5.0.0 resolved issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+milestone%3A5.0.0+) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=is%3Apr+milestone%3A5.0.0).
 
 ## [Version 5.0.0-M3](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M3) (2019-05-06)
 
-**Breaking Changes**
+### Changed
 
-- OWASP dependency-check now uses the [NVD Meta files](https://nvd.nist.gov/vuln/data-feeds#JSON_FEED) in addition to the `*.json.gz` files. If you have a local mirror of the NVD you must now mirror the meta data files. The [nist-data-mirror](https://github.com/stevespringett/nist-data-mirror) has been updated to include these files.
+- **Breaking:** OWASP dependency-check now uses the [NVD Meta files](https://nvd.nist.gov/vuln/data-feeds#JSON_FEED) in addition to the `*.json.gz` files. If you have a local mirror of the NVD you must now mirror the meta data files. The [nist-data-mirror](https://github.com/stevespringett/nist-data-mirror) has been updated to include these files.
 
-**Changes**
+### Changed
 
 - Several bug fixes and minor enhancements have been made; see the related [issues](https://github.com/jeremylong/DependencyCheck/issues?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+) and [pull requests](https://github.com/jeremylong/DependencyCheck/pulls?utf8=%E2%9C%93&q=+milestone%3A5.0.0-M3+).
 - Multiple report formats can be specified; if you wanted just two of the reports you no longer need to use ALL.
@@ -515,26 +584,23 @@
 
 ## [Version 5.0.0-M2](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M2) (2019-03-11)
 
-**Breaking Changes**
+### Changed
 
-- [dotnet core](https://dotnet.microsoft.com/download/dotnet-core/2.2) must be installed to analyze .NET assemblies.
-- The retire.js analyzer is no longer considered experimental and is enabled by default.
+- **Breaking:** [dotnet core](https://dotnet.microsoft.com/download/dotnet-core/2.2) must be installed to analyze .NET assemblies.
+- **Breaking:** The retire.js analyzer is no longer considered experimental and is enabled by default.
 
 ## [Version 5.0.0-M1](https://github.com/jeremylong/DependencyCheck/releases/tag/v5.0.0-M1) (2019-02-17)
 
-**Breaking Changes**
+### Changed
 
-- All previously deprecated arguments to the plugins and CLI have been removed.
-- The NVD CVE data import now uses the JSON data feeds instead of the XML data feeds.
+- **Breaking:** All previously deprecated arguments to the plugins and CLI have been removed.
+- **Breaking:** The NVD CVE data import now uses the JSON data feeds instead of the XML data feeds.
   - The parameter names have changed if you are mirroring the data feeds locally.
-- For developers using the core engine the identifiers have been drastically changed;
+- **Breaking:** For developers using the core engine the identifiers have been drastically changed;
   ODC now uses [Package URL](https://github.com/package-url/packageurl-java) for software
   identifiers and CPE objects from [CPE-Parser](https://github.com/stevespringett/CPE-Parser)
   for vulnerable library identifiers.
 - All of the report formats have been updated to include the additional data from the NVD CVE JSON data feeds.
-
-**Changes**
-
 - Major re-working of the dependency to CPE matching algorithm.
 - Introduced ecosystem filtering - this is an internal process that tries to ensure vulnerabilities
   from one technology stack do not appear on a dependency built using a completely different stack (e.g.
@@ -542,7 +608,7 @@
 
 ## [Version 4.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.2) (2019-01-01)
 
-**Enhancements**
+### Added
 
 - Added the ability for the dependency-check-maven plugin to scan the `dependencyManagement` section
   of the `pom.xml`. Note that in the default configuration the dependency management section is skipped.
@@ -551,7 +617,7 @@
   - Previous versions only worked with anonymous/unauthenticated access.
   - See [issue #977](https://github.com/jeremylong/DependencyCheck/issues/977)
 
-**Bug Fixes**
+### Fixed
 
 - Updated fix for transitive dependencies with known vulnerabilities (guava and commons-collections)
   so that the upgrade occurs correctly in other integrations that utilize core; see
@@ -560,7 +626,7 @@
 
 ## [Version 4.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.1) (2018-12-17)
 
-**Bug Fixes**
+### Fixed
 
 - Fixed issue with false positives due to Lucene upgrade. See [#1531](https://github.com/jeremylong/DependencyCheck/issues/1580).
 - Resolved several false positives.
@@ -568,23 +634,23 @@
 
 ## [Version 4.0.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v4.0.0) (2018-11-21)
 
-**Breaking Changes**
+### Changed
 
 - OWASP dependency-check no longer supports running in JRE/JDK 7; JRE/JDK 8 or higher is required run dependency-check. See [#1531](https://github.com/jeremylong/DependencyCheck/issues/1531).
 
-**Bug Fixes**
+### Fixed
 
 - Upgraded dependencies to resolve published vulnerabilities (Guava and Lucene); See [#1561](https://github.com/jeremylong/DependencyCheck/issues/1561).
 
 ## [Version 3.3.4](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.4) (2018-10-28)
 
-**Bug Fixes**
+### Fixed
 
 - Resolved bug with parsing license information during analysis of Node.js modules.
 
 ## [Version 3.3.3](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.3) (2018-10-27)
 
-**Enhancements**
+### Changed
 
 - Migrated the NSP Analyzer to use the Node Audit APIs instead; see [#1366](https://github.com/jeremylong/DependencyCheck/issues/1366).
   - Note that the analyzer and configuration was changed to NodeAuditAnalyzer.
@@ -593,7 +659,7 @@
   of ['src/main/resources','src/main/webapp'] and any dependencies contained in these directories will be analyzed. The purpose of this
   enhancement is to enable the RetireJS Analyzer to scan JavaScript files that may be included.
 
-**Bug Fixes**
+### Fixed
 
 - Resolved **false negative** on Bouncy Castle JAR files; see [#1500](https://github.com/jeremylong/DependencyCheck/issues/1500).
 - Resolved **false negatives** that may occur when using the Maven plugin if transitive dependencies of a library in use and is also declared as a primary dependency in a scope that is not used; see [#1512](https://github.com/jeremylong/DependencyCheck/issues/1512).
@@ -610,9 +676,9 @@
 
 ## [Version 3.3.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.2) (2018-09-14)
 
-**Bug Fixes**
+### Fixed
 
-- Gradle plugin was updated to include backward compatability with gradle < v4.0; see [#95](https://github.com/jeremylong/dependency-check-gradle/issues/95).
+- Gradle plugin was updated to include backward compatibility with gradle < v4.0; see [#95](https://github.com/jeremylong/dependency-check-gradle/issues/95).
 - Gradle plugin improved handling of Android project; see [#94](https://github.com/jeremylong/dependency-check-gradle/issues/94)
 - CLI used an incorrect key for RetireJS causing the analyzer to not be loaded in some cases; see [#1440](https://github.com/jeremylong/DependencyCheck/issues/1440).
 - Resolved failure in the `CentralAnalyzer` when the pom.xml is not available in Central; see [#1439](https://github.com/jeremylong/DependencyCheck/issues/1439).
@@ -621,7 +687,11 @@
 
 ## [Version 3.3.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.1) (2018-08-06)
 
-**Bug Fixes**
+### Changed
+
+- An Nuget Packages.config Analyzer was added; see [#1412](https://github.com/jeremylong/DependencyCheck/issues/1412).
+
+### Fixed
 
 - Fixed error handling with regard to invalid manifest files contained within JAR files; see [#1024](https://github.com/jeremylong/DependencyCheck/issues/1024).
 - Fixed parsing of pom.xml files, in some cases a SAX Exception would be thrown; see [#1400](https://github.com/jeremylong/DependencyCheck/issues/1400).
@@ -629,13 +699,19 @@
 - Fixed bug in dependency-check-maven where an aggregate analysis did not scan all files defined in the ScanSet; see [#1421](https://github.com/jeremylong/DependencyCheck/issues/1421).
 - Fixed NPE in dependency-check-gradle that occurred when artifacts where included using `implementation files("./lib/some.jar")`; see [#91](https://github.com/jeremylong/dependency-check-gradle/issues/91).
 
-**Enhancements**
+## [Version 3.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.0) (2018-07-22)
 
-- An Nuget Packages.config Analyzer was added; see [#1412](https://github.com/jeremylong/DependencyCheck/issues/1412).
+### Changed
 
-## [Version 3.3.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.3.0) (2018-07-22)
+- An Artifactory Analyzer was added that can be used to in-place of the Central Analyzer for organizations that use Artifactory.
+  - Note, for maven and gradle builds the Artifactory analyzer will not improve the analysis. The information gained by using the Central, Artifactory, or Nexus Analyzers is already obtained from the build system.
+- An experimental Retire JS analyzer has been added to analyze client side JavaScript.
+  - This utilizes information from the RetireJS repo on github. If you have a proxy that prevents access you will either need to have access granted to https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json or host the file internally, update the environment variable `analyzer.retirejs.repo.js.ur`, and periodically update the file.
+  - This analyzer is considered experimental, but the team expects this to be promoted quickly.
+- NuGet dependencies contained in MSBuild files are now included in the scan. See [Issue #1131](https://github.com/jeremylong/DependencyCheck/issues/1131) for more details.
+- Cocoapod's Podfile.lock is now analyzed when present. See [PR #1324](https://github.com/jeremylong/DependencyCheck/pull/1324) for more information.
 
-**Bug Fixes**
+### Fixed
 
 - The dependency-check-gradle plugin can now analyze multi-project android builds. See [PR #09](https://github.com/jeremylong/dependency-check-gradle/pull/90) for more information.
 - In some cases extremely large project may cause dependency-check to fail due to the analysis time. Previously, the analysis was capped at 10 minutes; the timeout was increased to 20 minutes and made configurable if this continues to be an issue for some users. See [issue #936](https://github.com/jeremylong/DependencyCheck/issues/936) for more information.
@@ -647,19 +723,9 @@
 - Fixed issue where the CWE was not written to the CSV report.
 - In addition, general bug fixes, code cleanup, and false positive/negatives updates were made.
 
-**Enhancements**
-
-- An Artifactory Analyzer was added that can be used to in-place of the Central Analyzer for organizations that use Artifactory.
-  - Note, for maven and gradle builds the Artifactory analyzer will not improve the analysis. The information gained by using the Central, Artifactory, or Nexus Analyzers is already obtained from the build system.
-- An experimental Retire JS analyzer has been added to analyze client side JavaScript.
-  - This utilizes information from the RetireJS repo on github. If you have a proxy that prevents access you will either need to have access granted to https://raw.githubusercontent.com/Retirejs/retire.js/master/repository/jsrepository.json or host the file internally, update the environment variable `analyzer.retirejs.repo.js.ur`, and periodically update the file.
-  - This analyzer is considered experimental, but the team expects this to be promoted quickly.
-- NuGet dependencies contained in MSBuild files are now included in the scan. See [Issue #1131](https://github.com/jeremylong/DependencyCheck/issues/1131) for more details.
-- Cocoapod's Podfile.lock is now analyzed when present. See [PR #1324](https://github.com/jeremylong/DependencyCheck/pull/1324) for more information.
-
 ## [Version 3.2.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.2.1) (2018-05-28)
 
-**Bug Fixes**
+### Fixed
 
 - In some cases when using the Maven or Gradle plugins the GAV coordinates were not being added as an Identifier causing suppression rules to fail; this has been resolved (#1298)
 - Documentation Update (SCM links in the maven site were broken) (#1297)
@@ -669,12 +735,16 @@
 
 ## [Version 3.2.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.2.0) (2018-05-21)
 
-**Security Fix**
+### Changed
 
-- Unsafe unzip operations ([zip slip](https://github.com/snyk/zip-slip-vulnerability)), as reported by the Snyk Security Research Team, have been corrected. CVE-2018-12036 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
+- Excess white space has been removed from the XML and HTML reports; the JSON report is still pretty printed (a future release will convert this to a configurable option)
+- Better error reporting
+- Changed to use commons-text instead of commons-lang3 as a portion of commons-lang3 was moved to commonts-text
+- Added more flexible suppression rules with the introduction of the `until` attribute (see [#1145](https://github.com/jeremylong/DependencyCheck/issues/1145) and [dependency-suppression.1.2.xsd](https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd)
 
-**Bug Fixes**
+### Fixed
 
+- Unsafe unzip operations ([zip slip](https://github.com/snyk/zip-slip-vulnerability)), as reported by the Snyk Security Research Team, have been corrected. CVE-2018-12036 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
 - The dependency-check-maven plugin no longer uses the [Central Analyzer](https://jeremylong.github.io/DependencyCheck/analyzers/central-analyzer.html) by default
 - Updated dependency-check-maven so that it will not fail when your multi-module build has dependencies that have not yet been built in the reactor (See [#740](https://github.com/jeremylong/DependencyCheck/issues/740))
   - Note if the required dependency has not yet been built in the reactor and the dependency is available in a configured repository dependency-check-maven, as expected, would pull the dependency from the repository for analysis.
@@ -683,16 +753,9 @@
 - Fixed the Gradle Plugin and Ant Task so that the temp directory is properly cleaned up after execution
 - Removed TLSv1 from the list of protocols used by default (See [#1237](https://github.com/jeremylong/DependencyCheck/pull/1237))
 
-**Enhancements**
-
-- Excess white space has been removed from the XML and HTML reports; the JSON report is still pretty printed (a future release will convert this to a configurable option)
-- Better error reporting
-- Changed to use commons-text instead of commons-lang3 as a portion of commons-lang3 was moved to commonts-text
-- Added more flexible suppression rules with the introduction of the `until` attribute (see [#1145](https://github.com/jeremylong/DependencyCheck/issues/1145) and [dependency-suppression.1.2.xsd](https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd)
-
 ## [Version 3.1.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.2) (2018-04-02)
 
-**Bug Fixes**
+### Fixed
 
 - Updated the NVD URLs
 - Updated documentation
@@ -706,7 +769,7 @@
 
 ## [Version 3.1.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.1) (2018-01-29)
 
-**Bug Fixes**
+### Fixed
 
 - Fixed the Central Analyzer to use the updated SHA1 query syntax.
 - Reverted change that broke Maven 3.1.0 compatability; Maven 3.1.0 and beyond is once again supported.
@@ -715,7 +778,7 @@
 
 ## [Version 3.1.0](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.1.0) (2018-01-02)
 
-**Enhancements**
+### Changed
 
 - Major enhancements to the Node and NSP analyzer - the analyzers are now considered
   production ready and should be used in combination.
@@ -726,9 +789,6 @@
 - Batch updates are now used which may help with the update speed when using some DBMS
   instead of the embedded H2.
 - Upgrade Lucene to 5.5.5, the highest version that will allow us to maintain Java 7 support
-
-**Bug Fixes**
-
 - Fixed the CSV report output to correctly list all fields.
 - Invalid suppression files will now break the build instead of causing ODC to
   skip the usage of the suppression analyzer.
@@ -738,13 +798,13 @@
 
 ## [Version 3.0.2](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.2) (2017-11-13)
 
-**Bug Fixes**
+### Fixed
 
 - Updated the query format for the CentralAnalyzer; the old format caused the CentralAnalyzer to fail
 
 ## [Version 3.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v3.0.1) (2017-10-20)
 
-**Bug Fixes**
+### Fixed
 
 - Fixed a database connection issue that affected some usages.
 
diff --git a/ant/pom.xml b/ant/pom.xml
index 9bf64f0ee47..b5bf04023f4 100644
--- a/ant/pom.xml
+++ b/ant/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-ant</artifactId>
diff --git a/archetype/pom.xml b/archetype/pom.xml
index e48bf128ca5..9207634ac1b 100644
--- a/archetype/pom.xml
+++ b/archetype/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2017 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
     <artifactId>dependency-check-plugin</artifactId>
     <name>Dependency-Check Plugin Archetype</name>
diff --git a/cli/pom.xml b/cli/pom.xml
index 089d91cc083..65f4ecacd19 100644
--- a/cli/pom.xml
+++ b/cli/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-cli</artifactId>
diff --git a/core/pom.xml b/core/pom.xml
index b5e00e5c967..3b19954f25e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-core</artifactId>
diff --git a/maven/pom.xml b/maven/pom.xml
index 123b03e57b2..ee406ecca91 100644
--- a/maven/pom.xml
+++ b/maven/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
     <artifactId>dependency-check-maven</artifactId>
     <packaging>maven-plugin</packaging>
diff --git a/pom.xml b/pom.xml
index 71138a83ec9..2889a26b8d8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2012 - Jeremy Long
 
     <groupId>org.owasp</groupId>
     <artifactId>dependency-check-parent</artifactId>
-    <version>7.3.3-SNAPSHOT</version>
+    <version>7.4.1-SNAPSHOT</version>
     <packaging>pom</packaging>
 
     <modules>
diff --git a/utils/pom.xml b/utils/pom.xml
index 41cbdb4a753..f63b86388bb 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -20,7 +20,7 @@ Copyright (c) 2014 - Jeremy Long. All Rights Reserved.
     <parent>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-parent</artifactId>
-        <version>7.3.3-SNAPSHOT</version>
+        <version>7.4.1-SNAPSHOT</version>
     </parent>
 
     <artifactId>dependency-check-utils</artifactId>