Releases: snyk/artifactory-snyk-security-plugin
Releases · snyk/artifactory-snyk-security-plugin
v2.0.1
What's Changed
- fix: fix for CVE-2017-5929 by @37IulianPopovici in #89
- chore: add asset classification by @wayne-grant in #88
- fix: [OSM-683] update transitive version by @37IulianPopovici in #90
- fix: bumping overrides for Snyk on Snyk by @dotkas in #91
- fix: [SUP-2696] adding extended logging information by @dotkas in #95
New Contributors
- @37IulianPopovici made their first contribution in #89
Full Changelog: v2.0.0...v2.0.1
v2.0.0
What's Changed
- Java 11 is no longer supported. Minimum version is currently the LTS version (17)
- The Bintray Maven repository is not maintained, moved source of truth to
releases.jfrog.io
Full Changelog: v1.5.4...v2.0.0
v1.5.4
What's Changed
- [Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.4 to 2.13.4.2 by @metju90 in #71
- chore: updated CODEOWNERS by @bastiandoetsch in #72
- Docs: Update README.md by @awileysnyk in #73
- chore: secrets scanning by @dragos-cojocari in #76
- [SUP-926] Performance optimization of scanning endpoints by @dotkas in #78
New Contributors
- @metju90 made their first contribution in #71
- @awileysnyk made their first contribution in #73
- @dragos-cojocari made their first contribution in #76
- @dotkas made their first contribution in #78
Full Changelog: v1.5.3...v1.5.4
v1.5.3
[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-* from 2.1… …3.3 to 2.13.4 (#70) * fix: pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424 * chore: ⬆️ jackson-annotations to 2.13.4 as well Co-authored-by: Bastian Doetsch <bastian.doetsch@snyk.io>
1.5.2
- documentation updates
- example script to setup artifactory with helm locally on minikube
- dependency updates
- better debug information in case of errors
1.5.1
1.5.0
- Added timeout for Snyk API calls.
- Defaults to 60 seconds, can be configured using
snyk.api.timeout
.
- Defaults to 60 seconds, can be configured using
- Added configuration options to enable/disable scanning for specific repository types.
- Find these under
snyk.scanner.packageType.*
- Find these under
- PyPi scanning is now disabled by default.
- Snyk API failures no longer block downloads by default.
- This can be configured using
snyk.scanner.block-on-api-failure
.
- This can be configured using
- Improved logging structure to improve readability.
1.4.0
1.3.1
- This release improves compatibility of Snyk Artifactory Plugin with custom Repository Layouts.
- It also improves error handling and debug logging.
- Improves Pypi package scanning.
- Fixes cases where npm package with name prefix and/or npm version suffix were incorrectly detected.