- Support -r options and more version ranges in the requirements.txt parser
- Accuracy improvements in NPM extraction
- Support scanning remote images natively in SCALIBR
- Detect transitional dpkg packages to filter out false positive vuln sources
- Add dedicated detectors for various CVEs
- CycloneDX SBOM extraction support
- Import various extractors from OSV: javascript/pnpm, php/composerlock, python/pipfilelock, python/pdmlock, python/poetrylock