v0.1.2
This GUAC release is done to capture the current state of the graphQL API (before changes to the vulnerability, isDependency, and input spec schema). This will allow for the demos/documentation to function normally until these updates are released and the demo/documents are updated.
Additionally, a guac-compose tarball is attached that is pre-configured to point to the published container for this release, ghcr.io/guacsec/guac:v0.1.2.
Changelog
- 463b800 📖 Included comments for the bfs on patchPlanning (#1130)
- 64dfda6 Add @jeffmendoza as Maintainer. (#1144)
- 9368f3a Add PointOfContact predicate to PatchPlanning (#1088)
- 61f54cd Added non-nil dereferencing to SLSA parser (#1127)
- 542de58 Bump actions/setup-go from 4.0.1 to 4.1.0 (#1149)
- be6f554 Bump github.com/99designs/gqlgen from 0.17.35 to 0.17.36 (#1111)
- 93f9ec8 Bump github.com/aws/aws-sdk-go from 1.44.284 to 1.44.318 (#1134)
- c88d885 Bump github.com/aws/aws-sdk-go from 1.44.318 to 1.44.323 (#1155)
- cd0816e Bump github.com/fsouza/fake-gcs-server from 1.45.2 to 1.46.0 (#1108)
- dff7644 Bump github.com/fsouza/fake-gcs-server from 1.46.0 to 1.47.4 (#1136)
- bc9970c Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 (#1090)
- 83cd681 Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 (#1109)
- d01bc9c Bump github.com/google/osv-scanner from 1.3.5 to 1.3.6 (#1089)
- c8fd1a8 Bump github.com/grpc-ecosystem/go-grpc-middleware from 1.3.0 to 1.4.0 (#1137)
- c618ce8 Bump github.com/nats-io/nats-server/v2 from 2.9.20 to 2.9.21 (#1152)
- acc26ce Bump github.com/nats-io/nats.go from 1.27.1 to 1.28.0 (#1092)
- 6fb18da Bump github.com/ossf/scorecard/v4 from 4.11.0 to 4.12.0 (#1153)
- 33755da Bump github.com/regclient/regclient from 0.5.0 to 0.5.1 (#1138)
- 6b4d7a4 Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 (#1151)
- 4c6e169 Bump github.com/spdx/tools-golang from 0.5.2 to 0.5.3 (#1110)
- ec385a9 Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#1135)
- 605a5fa Bump google.golang.org/api from 0.130.0 to 0.133.0 (#1091)
- 191faac Bump google.golang.org/api from 0.134.0 to 0.136.0 (#1154)
- 3b3cb50 Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (#1150)
- 50f97f7 Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0 (#1139)
- 093d702 Fix Logging in Collectsub Server (#995)
- 1bd9fef Mandatory queries filtering specs (#1114)
- 069edcb Parse SPDX: manage relations with top level package (#1103)
- 021655e Refactored and Included Tests for TopoSortFromBfsNodeMap (#1133)
- a0b4370 Remove UI Opts, add queries used by viz under packages (#1122)
- a0ac552 Workaround depversion handling. (#1113)
- 7d1960b [PatchPlanning] Add CLI cmd for patch planning (#1129)
- 00e931f [PatchPlanning] Rename dependencies to dependents in search (#1142)
- 90cb0b7 [PatchPlanning] Toposort / frontiers (#1101)
- a8e7ad3 [fix] Removed Empty String Parents for Root Nodes (#1131)
- c3fe7c4 [patchPlanning] Make Parent field in BfsNode into a list (#1095)
- c0614ec add
certifyBad
query,certifyGood
ingestion and query, update bulk assembler (#1123) - 3f93cd4 add query for IsOccurrence, isDependency and HasSBOM for Arango backend (#1096)
- 7724bda arango: query hashEqual, bulk ingest hasSBOM and hashEqual, filter on builtFrom on hasSLSA (#1100)
- bc5c042 connects guac with a given aws neptune cluster endpoint (#1126)
- 606f5da fix to add type filter for dependent package (#1156)
- 9f1ccf2 fix ui opts and examples for visualizer code gen (#1121)
- febfb54 issue-1105 inmem HasSBOM: manage no
hasSBOMSpec
sent (#1106) - bdd1b0c specify the version of the nats helm chart (#1119)
- 15ad9f9 update API for bulk ingestion for CertifyBad/CertifyGood, add missing unit tests, update collections on arango (#1115)