Skip to content

v0.3.0
Compare
Choose a tag to compare
@github-actions github-actions released this 13 Oct 20:35
· 391 commits to main since this release
v0.3.0
7c3b1b9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Highlights

  • Add timestamp fields to certifyBad, certifyGood, and hasSBOM
  • Ingest SPDX CPEs from externalRefs
  • Fix the issue with OSV certifier failing to ingest vulnerabilities while polling
  • Fix noVuln not showing on query known CLI

What's Changed

  • 2c19f25 Add License and CertifyLegal to Arango backend. (#1349)
  • b7ff00e Add SECURITY-INSIGHTS (#1353)
  • ffadd34 Add a developer readme to the cli commands. (#1324)
  • caebd0c Bump actions/create-github-app-token from 1.2.2 to 1.5.0 (#1372)
  • baae9ca Bump entgo.io/ent from 0.12.4-0.20230918073025-797534a0d1ca to 0.12.4 (#1377)
  • 583c478 Bump github.com/aws/aws-sdk-go from 1.45.20 to 1.45.24 (#1375)
  • 1db53ed Bump github.com/fsouza/fake-gcs-server from 1.47.4 to 1.47.5 (#1376)
  • 686fcad Bump github.com/nats-io/nats-server (#1352)
  • 2f87865 Bump github.com/ossf/scorecard/v4 from 4.12.0 to 4.13.0 (#1374)
  • ff8bcb9 Bump golang.org/x/net from 0.15.0 to 0.17.0 (#1389)
  • 457ace8 Bump golang.org/x/sync from 0.3.0 to 0.4.0 (#1373)
  • dc8d75a Bump ossf/scorecard-action from 2.2.0 to 2.3.0 (#1371)
  • 7c3b1b9 Certifier OSV: fixed emit func when polling (#1396)
  • c923aa6 Ent - HasMetadata (#1365)
  • 64850de Ent - HasMetadata: fix ingesting same twice (#1392)
  • d18327b Ent - PointOfContact (#1391)
  • 9e65098 Feature/arango node query with updates to inmem unit tests (#1369)
  • 24dc68f Fix lint errors and increase golangci-lint timeout (#1351)
  • d681a8d Include Timestamps for Verbs (#1338)
  • 542f03f SPDX Parser: ingest CPE from externalRefs (#1347)
  • b540d46 Support TLS for csub server and clients (#1390)
  • 4652364 Support TLS for graphql server (#1380)
  • a3299ca Update packages for slices import (#1356)
  • 3b4bc8e Update query used in docs with new vuln structure. (#1385)
  • e48e534 Wait for guac server to start before running tests (#1383)
  • a9dc7af [feature] Unionize parsing for cdx SBOM and VEX data (#1247)
  • c225a8e add flag to toggle getting deps.dev dependencies (#1382)
  • 9254f32 change package version list to a map and add tests (#1332)
  • 9caebd6 edit arangosearch view to exclude subpath search results (#1397)
  • 5ecc2be fix contributor.md broken links to docs (#1393)
  • d7daa07 fix noVuln type not showing up when querying for known (#1394)
  • 23cdc26 fix: typo (#1379)
  • 09c5879 process PACKAGE_OF relationship in SPDX files (#1337)
  • 51e8fc6 refactor(depversion): avoid unnecessary byte/string conversion (#1384)
  • 70a6fe2 remove gql-test-data as its no longer needed to test the backends (#1355)
Assets 57