Skip to content

v0-nightly

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 23 Sep 04:48
· 452 commits to main since this release
v0-nightly
51100b7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changelog

  • b7c8690 Ent - IngestPkgEquals with tests (#1243)
  • 3f96625 Add 'integration' tag to golangci-lint (#1202)
  • 68e0455 Add Legal information schema and inmem backend. (#1207)
  • 2290eb0 Add check for docker compose (#1176)
  • 204016c Add support for sending encoded documents (#1222)
  • 37c6a0d Bump actions/cache from 3.3.1 to 3.3.2 (#1256)
  • b8b130d Bump actions/checkout from 3.5.3 to 3.6.0 (#1190)
  • 9aeea26 Bump actions/checkout from 3.6.0 to 4.0.0 (#1214)
  • 9cd716f Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#1257)
  • a86c104 Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 (#1215)
  • f594c3a Bump cloud.google.com/go/storage from 1.31.0 to 1.32.0 (#1171)
  • 3ed7b5d Bump cloud.google.com/go/storage from 1.32.0 to 1.33.0 (#1252)
  • ee18335 Bump docker/login-action from 2.2.0 to 3.0.0 (#1286)
  • 349527b Bump github.com/99designs/gqlgen from 0.17.36 to 0.17.37 (#1251)
  • a27452a Bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2 (#1188)
  • a311a3d Bump github.com/DATA-DOG/go-txdb from 0.1.6 to 0.1.7 (#1220)
  • e9877b0 Bump github.com/aws/aws-sdk-go from 1.44.323 to 1.44.328 (#1174)
  • cda8855 Bump github.com/aws/aws-sdk-go from 1.44.328 to 1.44.333 (#1189)
  • e508715 Bump github.com/aws/aws-sdk-go from 1.44.333 to 1.45.2 (#1217)
  • 987935c Bump github.com/aws/aws-sdk-go from 1.45.2 to 1.45.7 (#1254)
  • b0e92e1 Bump github.com/aws/aws-sdk-go from 1.45.7 to 1.45.12 (#1289)
  • c2286f4 Bump github.com/jedib0t/go-pretty/v6 from 6.4.6 to 6.4.7 (#1187)
  • 4730899 Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 (#1291)
  • 4bf6212 Bump github.com/regclient/regclient from 0.4.8 to 0.5.1 (#1218)
  • 623d7a1 Bump github.com/sigstore/sigstore from 1.6.5 to 1.7.3 (#1221)
  • ff57642 Bump github.com/spdx/tools-golang from 0.5.2 to 0.5.3 (#1219)
  • e3d8893 Bump github.com/vektah/gqlparser/v2 from 2.5.8 to 2.5.9 (#1253)
  • 6d70867 Bump go.uber.org/zap from 1.24.0 to 1.25.0 (#1173)
  • 970af6a Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#1288)
  • 1f4c35b Bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#1255)
  • 9280233 Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1175)
  • e3135b5 Bump google.golang.org/api from 0.136.0 to 0.138.0 (#1172)
  • 9b74bde Bump google.golang.org/api from 0.138.0 to 0.141.0 (#1287)
  • 1c104d0 Bump goreleaser/goreleaser-action from 4.4.0 to 5.0.0 (#1258)
  • 51e8026 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#1216)
  • 72d3825 Bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0 (#1191)
  • 31c9dbc CertifyBad: refactor validation checks (#1185)
  • a79ec2e Changed encoding/json to json-iterator/go for perf (#1250)
  • 33af200 Changed make fmt to ignore .git files (#1280)
  • c46528b Confusing name of field in IsDependency GraphQL (#1305)
  • 4dfaf8b Disable ent on 32 bit (#1226)
  • 58d623e Ent - Bump v0.12.4-0.20230918073025-797534a0d1ca (#1283)
  • 4f2c49e Ent - CertifyVuln: fixed noVuln management (#1240)
  • ceefb94 Ent - Dependency management (#1232)
  • 80eab75 Ent - IngestBuilders with tests (#1260)
  • dc2f4d2 Ent - IngestCertifyGoods and IngestCertifyBads (#1295)
  • b28dce1 Ent - IngestHasSBOMs implementation with tests (#1265)
  • ebb6442 Ent - IngestHasSourceAts implementation (#1299)
  • 6b9617c Ent - IngestHashEquals implementation (#1304)
  • 40d3454 Ent - IngestSLSAs implementation with tests (#1248)
  • 37fecf4 Ent - IngestScorecards implementation with tests (#1271)
  • 810b0a9 Ent - IngestVulnEquals with tests (#1238)
  • dfa6537 Ent - Vulnerabilities management (#1212)
  • 5ebbc66 Ent - upsertPackageIDDoNothing vs upsertPackageIDIgnore (#1270)
  • fce5de8 Feature/ Add arango unit tests (#1213)
  • e8816e2 Feature/ hasSourceAt bulk inmem and arango implementation (#1281)
  • 4d685e2 Feature/add novuln bool to vulnerability filter (#1165)
  • 3128475 Feature/add vuln metadata backend [inmem] (#1180)
  • 48998db Feature/add vuln metadata schema (#1170)
  • e55fa24 Feature/arango certify vuln implementation (#1161)
  • f8b701e Feature/arango node query (#1301)
  • 88dfb7e Feature/has metadata bulk ingestion and arango updates (#1262)
  • 70774ce Feature/pkg equals bulk ingestion and arango updates (#1239)
  • 6dfd549 Feature/pointofcontact bulk arango (#1268)
  • 9fdc9a2 Feature/vuln equal bulk ingestion and arango updates (#1227)
  • 30e2a71 Fix XML format validation (#1164)
  • 967a46a Fix check for docker buildx (#1159)
  • c035663 Fix inmem unit test. (#1235)
  • 4589fbf Fix/add missing unit tests arango (#1246)
  • dfab82e Fixed CSAF GetIdentifiers (#1264)
  • 655342e Fixed Part of SemVer Issue (#1157)
  • be3da8d Fixed a Potential Stack Overflow Error in findProductRef (#1146)
  • 1bba6a4 Fixed a Potential Stack Overflow Error in findPurl 2 (#1194)
  • 8eb43c3 Fixed breaking change by bumping openVex to new release (#1306)
  • 1c0a63f Implement RDMS backend (postgres/mysql/sqlite) (#910)
  • 5f19f1c Implement new IsDependency graphql to point to versions (#1125)
  • 861288d Implemented OpenVEX (#1241)
  • 0268d1a Improved Runtime of Function Process in process.go (#1245)
  • 567895e Included docstrings for parser_csaf (#1186)
  • c1413ad IngestVEXStatement: fix err management (#1203)
  • ebd91bb Ingestor/Assembler and SPDX Parser for Legal information. (#1244)
  • 20fca4d Log and continue on ingest errors with bulk assemler. (#1275)
  • 0423c59 Minor fixes to error messages patch.go (#1145)
  • a72cbbc Move validation checks into resolvers (#1210)
  • 249fdd6 Performance improvements for depsdev API (#1263)
  • e59bbf4 Refactor ingestor code (#1195)
  • 1e83043 Tag ent tests (#1200)
  • 5fe78f7 Update resolvers for legal nodes and add tests. (#1269)
  • 0e3ad1c Updated CollectedPypiWheelAxle (#1192)
  • 7835a82 [Feature] add ingestion (including bulk) and query for VEX in Arango and inmem (#1184)
  • 8634dd5 [feature] Adds a parser for CycloneDX Vex data (#1181)
  • 69586ae add nightly release (#1273)
  • f5346dd add regen via make generate and add missing bulk ingest vex (#1204)
  • 51100b7 add register for guesser, processor and parser. fix unknown status and justification (#1307)
  • 8fbe560 add vuln metadata to arangodb with unit tests (#1223)
  • 9c793a9 changing mutationAPI to only return IDs instead of whole struct to fi… (#1169)
  • fa78489 fix bug in hasSLSA for arango (#1303)
  • 00fe9fa fix: increase gprc max message size (#1230)
  • 2b44e51 guacone - managing totalSuccess (#1267)
  • 3e496d1 inmem - PkgEqual: Subpath query filtering (#1249)
  • 86b2099 prevent checking for dependency version in test so changes in this don't break the test (#1209)
  • c0efbbf remove helper as unused code (#1236)
  • 0428adc remove parallel assembler as no longer needed (#1183)
  • 5756e69 update SPDX parser to skip empty and 0 hashes (#1228)
  • 3b1e4e0 update docker manifest name in nightly releases (#1302)
  • b2c9ce8 update readme to include backends and update supported types (#1205)
  • a085423 update vulnerability api (#1147)
  • 0e5aa36 use github app token to trigger nightly release (#1294)
  • 82d666d use officially released go-vex dependency (#1284)
Assets 57