Release v5.3.5

What's Changed

• Update vdb. Fix version was missing for certain packages for osv by @prabhu in #306

Full Changelog: v5.3.4...v5.3.5

Release v5.3.4

What's Changed

• depscan was reporting redis:redis for pypi:redis by @prabhu in #302

Full Changelog: v5.3.3...v5.3.4

Release v5.3.3

Bump up cdxgen to 10.4.1

Full Changelog: v5.3.2...v5.3.3

Release v5.3.2

What's Changed

• Added generic cdxgen_args that can be passed as an environment variable or argument to depscan itself. by @deleterepo in #292
• Update cdxgen to bring go purl compatibility fixes by @prabhu in #297

Full Changelog: v5.3.1...v5.3.2

Release v5.3.1

What's Changed

• Adhoc FP and FN fixes by @prabhu in #289

Full Changelog: v5.3.0...v5.3.1

Release v5.3.0

From this release, deprecated packages would always get flagged regardless of the score with risk audit. For PyPI, we look for couple of strings in the description since not every vendor follows the procedure to yank the packages correctly.

Full Changelog: v5.2.15...v5.3.0

Release v5.2.15

What's Changed

• Fixes #281 by @prabhu in #283

Full Changelog: v5.2.14...v5.2.15

Release v5.2.14

Update cdxgen to bring dotnet packages.lock.json fix

Full Changelog: v5.2.13...v5.2.14

Release v5.2.13

Fix cdxgen version in container image to 10.2.5

What's Changed

• backport: Add pyproject.nix flake by @Quince-Pie in #278

Full Changelog: v5.2.12...v5.2.13

Release v5.2.12

What's Changed

• fixing keyerror in version and purl by @almaz045 in #266
• Added more alias for js audit by @prabhu in #267
• backport: Add compatibility for future oras releases by @Quince-Pie in #272

Full Changelog: v5.2.11...v5.2.12