Releases: devops-kung-fu/bomber
Releases · devops-kung-fu/bomber
v0.4.8
v0.4.7
v0.4.6
v0.4.5
v0.4.4
bomber doesn't like bad Purls (or empty ones for that matter). This version will warn you if there is a bad Purl in your SBOM (without a valid Purl, there is no way to pull vulnerability information). Bad Purls will not be scanned.
Changelog
v0.4.3
v0.4.2
v0.4.1
Changelog
- 64ab76a Adds --ignore-file functionality (#126)
- fcea0a1 chore: update snyk readme to include more ecosystems support (#124)
- 7e83fd2 Create FUNDING.yml (#118)
- 44323cc Added missing logo asset (#117)
- 82dc67e Updated with new branding (#116)
- df79c72 Updated README.md (#115)
- 2a2695b New Bomber logo (#113)
- 1a421ad fix: Fixes issue where a license expression wasn't being utilized (#108)
- 9ee85bb fix: EPSS Score Issues (#104)
- c8a0f6b build(deps): bump goreleaser/goreleaser-action from 3 to 4 in /.github/workflows (#103)
- ef3d15f build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3 (#96)
- a10d9db build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#74)
- fc401c8 build(deps): bump actions/setup-go from 2 to 3 in /.github/workflows (#93)
- d1c36c6 feat: add Snyk provider docs (#99)
v0.4.0
bomber now supports enrichment of vulnerability data! Our first enrichment adds EPSS scores into the vulnerability output. What's an EPSS score? It tells us the probability that a vulnerability will be exploited. For in depth information, check out the fascinating documentation at https://www.first.org/epss/
Changelog
v0.3.5
This update contains a few bug fixes and updated documentation, and improves the output of all renderers to output that list of files (and hashes) that bomber has processed during scanning.