Releases: safedep/vet
Releases · safedep/vet
v1.8.4
Changelog
- 1308f26 Merge pull request #283 from safedep/ci/vet-windows-releaser
- af18e3a Merge pull request #284 from safedep/ci/fix-vet-windows-releaser
- 8a56f5b Merge pull request #285 from safedep/ci/fix-vet-windows-releaser
- 094e557 ci: Add Windows build support
- 7c3500d fix: Goreleaser workflow
- 7f23bad fix: Goreleaser workflow - use sudo for apt-get install
v1.8.3
Changelog
- a9eb625 Merge pull request #270 from safedep/fix/fix-purl-handling-gha
- 1217a37 Merge pull request #274 from safedep/feat/insights-v2-enricher
- 4f18e79 Merge pull request #278 from safedep/dev-nikhil
- 3c70b4a Merge pull request #280 from safedep/chore/dependency-upgrade-2024-11-18
- 080964f Merge pull request #281 from safedep/feat/enhance-markdown-summary-reporter
- 9fb9b3f Merge pull request #282 from safedep/feat/add-pm-namespace-json-report
- 358861d Updated maintainers
- 652b465 chore: Add error msg when Insights v2 is used without API key
- 41a9b53 chore: Dependency upgrades
- 007adb4 ci: Run insights v2 E2E only when PR is from same repository
- ebf6516 feat: Add insights v2 API url config and client
- 378b1ed feat: Add insights v2 enricher
- 1899b99 feat: Add source and namespace in manifest in JSON report
- 780375b feat: Enhance markdown summary reporter to use collapsable sections
- 350ab78 fix: Add GITHUB_TOKEN for e2e tests
- 887f3d9 fix: E2E tests to use insights v2 flag from env
- 4e4302f fix: E2E with safedep API key
- 42fce64 fix: E2E with safedep API key env variable
- f163d4c fix: E2E with safedep tenant env variable
- 0d698b7 fix: GitHub E2E to use control tower ecosystem
- fcc4c4b fix: GitHub reader E2E test to make it predictable
- b197943 fix: Handle current version for packages
- 2031fc6 fix: Insights v2 enricher to call backend API
- 7859015 fix: Insights v2 vulnerabilities mapper
- d7356d8 fix: PURL handling for GitHub Actions
- 26cfebd fix: Remove GITHUB_TOKEN from e2e test run
- 8f29d4a fix: Show msg to differentiate between authenticated or non-auth scans
- 130ee7d fix: Use terraform provider as the ecosystem for terraform lockfiles
- 6c0f426 refactor: Model ecosystem mapper to maintain SSOT
- d63fed2 wip: Map insights v2 to v1
v1.8.2
Changelog
- 73f6678 Added terraform parser support to generate a package manifest
- d9a6fd9 Added terraform parser support to generate a package manifest
- e196604 Added tests for terraform lockfile
- e1f7071 Changed .terraform.lock.hcl to customParserTerraform
- 5429f8f Increased parser number in test from 17 to 18
- 82c631c Mapped ecosystem to custom terraform type
- 63de99f Merge pull request #260 from insaaniManav/feat/terraform-support
- 9feafdb Merge pull request #263 from safedep/feat/cloud-apikey-management
- 298ddbe Merge pull request #264 from safedep/feat/terraform-support
- f5e7aa9 Merge pull request #266 from safedep/feat/add-support-dev-mode
- f1c7c61 No need to read the file pass it to the parser directly
- 0979eda PR review changes
- 8a32af8 feat: Add api key list command
- 1430972 feat: Add automatic resolution of terraform lockfile name to custom parser type
- edb5c25 feat: Add support for API URL overrides
- 25281e5 feat: Add support to delete API key
- 7600793 feat: Add table helper to ease table creation and persistence to file
- d854a93 fix: Type handling in cloud query response
- 6c7b160 fix: UI rendering for cloud whoami command
- 3c4f427 fix: Use idiomatic cmd arg name
v1.8.1
Changelog
- b6b26b7 Added snapshot to goreleaser
- 96360ba Made version v2
- 7eae320 Merge pull request #245 from safedep/ci/vet-enable-cloud-mode
- 53e5f6d Merge pull request #246 from safedep/chore/dependency-upgrade-2024-10-11
- 708712a Merge pull request #247 from safedep/feat/add-query-schema-view-command
- 6123c75 Merge pull request #249 from safedep/feat/add-gha-parser
- f237b88 Merge pull request #254 from safedep/fix/vet-ci-dependabot
- 763772c Merge pull request #255 from insaaniManav/chore/goreleaser-upgrade
- cc45ff5 Merge pull request #258 from safedep/fix/multi-dev-20241018
- 160c094 Merge pull request #259 from safedep/ci/fix-goreleaser-action-trigger
- 9c32f4d Pinned action version made it specific
- beb6e2d Pinned action version made it specific
- 67cdf8e Removed debug flags and only run on tags
- be85c7e Removed debug flags and only run on tags
- 44743a9 Updated commit hash and removed dry runs
- 985c687 Updated goreleaser to v2
- ae8c289 Updated goreleaser workflow with commit hash pin
- ec4bd2c Updated goreleasr file to version v2
- 1052178 chore: Add debug log for publish policy violation
- 15063e5 chore: Dependency upgrades
- d39b4c1 chore: Update Dockerfile with Go version
- 14bf541 chore: Update Go to 1.23
- b707398 chore: Update dependencies
- 155343d ci: Enable SafeDep cloud for vet
- feb90a9 feat: Add initial support for scanning GitHub Actions
- c01a24c feat: Add support for viewing Cloud Query service schema
- d2290cd feat: Add support to skip using GitHub dependency graph API
- dde52a9 fix: #253: Disable cloud mode for Dependabot or external PR
- f1d6f51 fix: Allow query limit to be configurable
- eeda65a fix: Bug in manifest path handling in sync reporter
- d213b87 fix: Enable support for packagist ecosystem
- 24cb277 fix: GitHub reader test case
- 78a728b fix: SPDX test cases after supporting GitHub actions
- a8cb51c fix: goreleaser action trigger
- b87652b fix: test case for github reader
v1.8.0
Changelog
- 40acc58 Merge branch 'safedep:main' into main
- 403c71d Merge pull request #240 from r0075h3ll/main
- 9b33168 Merge pull request #241 from safedep/docs/style-fix-dependency-inventory
- aa501a7 Merge pull request #244 from safedep/feat/cloud-report-sync-v2
- c0e915c Remove auth trial command for cloud commands
- 59967ca Update production identity service info
- d6cb45b add image
- 06b080a feat: Add API key management command
- a613190 feat: Add cloud ping command
- debe15e feat: Add cloud query command
- 7686e85 feat: Add cloud register command
- eeaf4e1 feat: Add cloud whoami command
- 30ac9c0 feat: Add support for cloud login
- fce0410 feat: Add support for publishing policy violation
- fca2b8e feat: Cloud report sync support multi-project sync
- 5c1052c feat: Update cloud sync reporter to include namespace
- 7051183 feat: Update report sync using grpc
- bda53d0 fix: Fix E2E test case
- 18af8d5 fix: Package manifest namespace and path handling
- 7cb7e7f fix: Persist tenant domain post onboarding and login
- 69e32d9 fix: Tenant domain handling in cloud commands
- 4f1cb39 fix: Update README
- 0df9261 fix: Verify auth before persisting
- 6ec6cf2 fix: sarif test case
- ad6340e refactor: API key configuration command
- a9b424d refactor: Cloud report sync to enable syncing violation events
- 7a5d637 refactor: Enable tool service session pooling in cloud sync reporter
- 95c87b4 refactor: Move get dependencies enumerator to models
- d7a1508 refactor: Remove OpenAPI specs for deprecated control API and use gRPC report sync client
- d8d94b7 refactor: Remove deprecated API generated code
- 476cd4d refactor: gRPC connection setup into auth package
- d016c63 refactor: grpc client to separate cloud and sync API
- d0884a2 update dependency inventory doc
v1.7.0
Changelog
v1.6.1
Changelog
- 1645f40 Merge pull request #225 from safedep/docs/update-sarif-use-case
- 5aa2027 Merge pull request #228 from safedep/feat/code-analysis-framework
- 26d68d4 Merge pull request #229 from safedep/chore/update-deps-07-2024
- 32c2b07 Merge pull request #232 from safedep/fix/lfp-npm-accepted-trusted-url-path
- e49ab7e chore: Dependency upgrades
- e6f6288 feat: Code analysis framework infra
- 95cc1e3 fix: Accept trusted URL base for LFP analyser
v1.6.0
Changelog
- c2175fe Merge pull request #219 from safedep/chore/update-deps-06-2024
- f1e78cf Merge pull request #223 from safedep/feat/sarif-reporting
- 48ece84 chore: Update dependencies
- f81a15d ci: Pin goreleaser version in GHA workflow
- 47c605e feat: Add support for SARIF reporting #22
- c4d4cb3 fix: Flaky test with graph dependents