merge upstream

dependency-check-core/src/main/resources/dependencycheck.properties

@@ -63,13 +63,6 @@ cve.url-2.0.base=https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz
 cpe.validfordays=30
 cpe.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz
 
-# file type analyzer settings:
-analyzer.archive.enabled=true
-analyzer.jar.enabled=true
-analyzer.nuspec.enabled=true
-analyzer.assembly.enabled=true
-analyzer.composer.lock.enabled=true
-
 # the URL for searching Nexus for SHA-1 hashes and whether it's enabled
 analyzer.nexus.enabled=true
 analyzer.nexus.url=https://repository.sonatype.org/service/local/
@@ -87,7 +80,7 @@ archive.scan.depth=3
 # use HEAD (default) or GET as HTTP request method for query timestamp
 downloader.quick.query.timestamp=true
 
-
+analyzer.experimental.enabled=false
 analyzer.jar.enabled=true
 analyzer.archive.enabled=true
 analyzer.node.package.enabled=true