Skip to content

v0.5.0
Compare
Choose a tag to compare
@github-actions github-actions released this 19 May 19:34
· 141 commits to main since this release
v0.5.0
ed9a866
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This version lands support for ignoring OVS both via a CLI flag and via config files - by default the detector will look for either an .osv-detector.yml or .osv-detector.yaml in the directory of each lockfile it's checking, which can contain an ignore array.

The detector also now supports parsing pom.xml for the Maven ecosystem.

What's Changed

  • support parsing pom.xml / maven / java (#81)
  • support ignoring vulnerabilities (#91)
  • support config files (#95)

Full Changelog: v0.4.1...v0.5.0

Assets 17