v0-nightly
Pre-release
Pre-release
github-actions
released this
23 Sep 04:48
·
452 commits
to main
since this release
Changelog
- b7c8690 Ent - IngestPkgEquals with tests (#1243)
- 3f96625 Add 'integration' tag to golangci-lint (#1202)
- 68e0455 Add Legal information schema and inmem backend. (#1207)
- 2290eb0 Add check for docker compose (#1176)
- 204016c Add support for sending encoded documents (#1222)
- 37c6a0d Bump actions/cache from 3.3.1 to 3.3.2 (#1256)
- b8b130d Bump actions/checkout from 3.5.3 to 3.6.0 (#1190)
- 9aeea26 Bump actions/checkout from 3.6.0 to 4.0.0 (#1214)
- 9cd716f Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#1257)
- a86c104 Bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 (#1215)
- f594c3a Bump cloud.google.com/go/storage from 1.31.0 to 1.32.0 (#1171)
- 3ed7b5d Bump cloud.google.com/go/storage from 1.32.0 to 1.33.0 (#1252)
- ee18335 Bump docker/login-action from 2.2.0 to 3.0.0 (#1286)
- 349527b Bump github.com/99designs/gqlgen from 0.17.36 to 0.17.37 (#1251)
- a27452a Bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2 (#1188)
- a311a3d Bump github.com/DATA-DOG/go-txdb from 0.1.6 to 0.1.7 (#1220)
- e9877b0 Bump github.com/aws/aws-sdk-go from 1.44.323 to 1.44.328 (#1174)
- cda8855 Bump github.com/aws/aws-sdk-go from 1.44.328 to 1.44.333 (#1189)
- e508715 Bump github.com/aws/aws-sdk-go from 1.44.333 to 1.45.2 (#1217)
- 987935c Bump github.com/aws/aws-sdk-go from 1.45.2 to 1.45.7 (#1254)
- b0e92e1 Bump github.com/aws/aws-sdk-go from 1.45.7 to 1.45.12 (#1289)
- c2286f4 Bump github.com/jedib0t/go-pretty/v6 from 6.4.6 to 6.4.7 (#1187)
- 4730899 Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 (#1291)
- 4bf6212 Bump github.com/regclient/regclient from 0.4.8 to 0.5.1 (#1218)
- 623d7a1 Bump github.com/sigstore/sigstore from 1.6.5 to 1.7.3 (#1221)
- ff57642 Bump github.com/spdx/tools-golang from 0.5.2 to 0.5.3 (#1219)
- e3d8893 Bump github.com/vektah/gqlparser/v2 from 2.5.8 to 2.5.9 (#1253)
- 6d70867 Bump go.uber.org/zap from 1.24.0 to 1.25.0 (#1173)
- 970af6a Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#1288)
- 1f4c35b Bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 (#1255)
- 9280233 Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1175)
- e3135b5 Bump google.golang.org/api from 0.136.0 to 0.138.0 (#1172)
- 9b74bde Bump google.golang.org/api from 0.138.0 to 0.141.0 (#1287)
- 1c104d0 Bump goreleaser/goreleaser-action from 4.4.0 to 5.0.0 (#1258)
- 51e8026 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#1216)
- 72d3825 Bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0 (#1191)
- 31c9dbc CertifyBad: refactor validation checks (#1185)
- a79ec2e Changed encoding/json to json-iterator/go for perf (#1250)
- 33af200 Changed make fmt to ignore .git files (#1280)
- c46528b Confusing name of field in IsDependency GraphQL (#1305)
- 4dfaf8b Disable ent on 32 bit (#1226)
- 58d623e Ent - Bump v0.12.4-0.20230918073025-797534a0d1ca (#1283)
- 4f2c49e Ent - CertifyVuln: fixed noVuln management (#1240)
- ceefb94 Ent - Dependency management (#1232)
- 80eab75 Ent - IngestBuilders with tests (#1260)
- dc2f4d2 Ent - IngestCertifyGoods and IngestCertifyBads (#1295)
- b28dce1 Ent - IngestHasSBOMs implementation with tests (#1265)
- ebb6442 Ent - IngestHasSourceAts implementation (#1299)
- 6b9617c Ent - IngestHashEquals implementation (#1304)
- 40d3454 Ent - IngestSLSAs implementation with tests (#1248)
- 37fecf4 Ent - IngestScorecards implementation with tests (#1271)
- 810b0a9 Ent - IngestVulnEquals with tests (#1238)
- dfa6537 Ent - Vulnerabilities management (#1212)
- 5ebbc66 Ent - upsertPackageIDDoNothing vs upsertPackageIDIgnore (#1270)
- fce5de8 Feature/ Add arango unit tests (#1213)
- e8816e2 Feature/ hasSourceAt bulk inmem and arango implementation (#1281)
- 4d685e2 Feature/add novuln bool to vulnerability filter (#1165)
- 3128475 Feature/add vuln metadata backend [inmem] (#1180)
- 48998db Feature/add vuln metadata schema (#1170)
- e55fa24 Feature/arango certify vuln implementation (#1161)
- f8b701e Feature/arango node query (#1301)
- 88dfb7e Feature/has metadata bulk ingestion and arango updates (#1262)
- 70774ce Feature/pkg equals bulk ingestion and arango updates (#1239)
- 6dfd549 Feature/pointofcontact bulk arango (#1268)
- 9fdc9a2 Feature/vuln equal bulk ingestion and arango updates (#1227)
- 30e2a71 Fix XML format validation (#1164)
- 967a46a Fix check for docker buildx (#1159)
- c035663 Fix inmem unit test. (#1235)
- 4589fbf Fix/add missing unit tests arango (#1246)
- dfab82e Fixed CSAF GetIdentifiers (#1264)
- 655342e Fixed Part of SemVer Issue (#1157)
- be3da8d Fixed a Potential Stack Overflow Error in findProductRef (#1146)
- 1bba6a4 Fixed a Potential Stack Overflow Error in findPurl 2 (#1194)
- 8eb43c3 Fixed breaking change by bumping openVex to new release (#1306)
- 1c0a63f Implement RDMS backend (postgres/mysql/sqlite) (#910)
- 5f19f1c Implement new IsDependency graphql to point to versions (#1125)
- 861288d Implemented OpenVEX (#1241)
- 0268d1a Improved Runtime of Function Process in process.go (#1245)
- 567895e Included docstrings for parser_csaf (#1186)
- c1413ad IngestVEXStatement: fix
err
management (#1203) - ebd91bb Ingestor/Assembler and SPDX Parser for Legal information. (#1244)
- 20fca4d Log and continue on ingest errors with bulk assemler. (#1275)
- 0423c59 Minor fixes to error messages patch.go (#1145)
- a72cbbc Move validation checks into resolvers (#1210)
- 249fdd6 Performance improvements for depsdev API (#1263)
- e59bbf4 Refactor ingestor code (#1195)
- 1e83043 Tag ent tests (#1200)
- 5fe78f7 Update resolvers for legal nodes and add tests. (#1269)
- 0e3ad1c Updated CollectedPypiWheelAxle (#1192)
- 7835a82 [Feature] add ingestion (including bulk) and query for VEX in Arango and inmem (#1184)
- 8634dd5 [feature] Adds a parser for CycloneDX Vex data (#1181)
- 69586ae add nightly release (#1273)
- f5346dd add regen via make generate and add missing bulk ingest vex (#1204)
- 51100b7 add register for guesser, processor and parser. fix unknown status and justification (#1307)
- 8fbe560 add vuln metadata to arangodb with unit tests (#1223)
- 9c793a9 changing mutationAPI to only return IDs instead of whole struct to fi… (#1169)
- fa78489 fix bug in hasSLSA for arango (#1303)
- 00fe9fa fix: increase gprc max message size (#1230)
- 2b44e51 guacone - managing totalSuccess (#1267)
- 3e496d1 inmem - PkgEqual: Subpath query filtering (#1249)
- 86b2099 prevent checking for dependency version in test so changes in this don't break the test (#1209)
- c0efbbf remove helper as unused code (#1236)
- 0428adc remove parallel assembler as no longer needed (#1183)
- 5756e69 update SPDX parser to skip empty and 0 hashes (#1228)
- 3b1e4e0 update docker manifest name in nightly releases (#1302)
- b2c9ce8 update readme to include backends and update supported types (#1205)
- a085423 update vulnerability api (#1147)
- 0e5aa36 use github app token to trigger nightly release (#1294)
- 82d666d use officially released go-vex dependency (#1284)