Skip to content

Commit

Permalink
Merge pull request #57 from funnelfiasco/v080-release_announcement
Browse files Browse the repository at this point in the history 
Add a blog post announcing the v0.8.0 release
  • Loading branch information
@pxp928
pxp928 authored Jul 26, 2024
2 parents 5154812 + b71b5a9 commit f228fc3
Showing 1 changed file with 35 additions and 0 deletions.
35 changes: 35 additions & 0 deletions content/blog/2024-07-25-guac-v0.8.0.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
---
title: GUAC v0.8.0 released
layout: post
authors: ["GUAC Maintainers"]
date: 2024-07-25
include_footer: true
---

[GUAC v0.8.0](https://github.com/guacsec/guac/releases/tag/v0.8.0) is now available.
This release brings support for license information, node deletion, and many other improvements.
You can now run vulnerability scans immediately on SBOM ingestion with the `--add-vuln-on-ingest` flag instead of waiting for the OSV certifier to run.
To better represent the real world, the `isDependency` relationship now only exists on package versions instead of the package name.
For a full list of changes, see the [release page on GitHub](https://github.com/guacsec/guac/releases/tag/v0.8.0).

### License information support

GUAC v0.8.0 adds support for parsing license information provided in [CycloneDX SBOMs](https://cyclonedx.org/use-cases/#license-compliance).
The new release also includes a new experimental ClearlyDefined certifier.
GUAC will query the [ClearlyDefined license data store](https://clearlydefined.io/) to discover license information for packages, even when the SBOM does not include that information.

Although licenses don't directly impact security, they are an important part of understanding your software supply chain.
We're excited to expand GUAC's capabilities in this area.

### Node deletion

GUAC v0.8.0 adds support for deleting the following evidence nodes: `certifyVuln`, `hasSBOM`, and `hasSLSA`.
This is helpful when SBOMs were ingested by accident or as part of a short-term demo.
`Delete` is supported in both the key value and the ENT backends.
If there are other nodes that you have a use case for deleting, please [file an issue](https://github.com/guacsec/guac/issues/new?assignees=&labels=enhancement&projects=&template=feature_request.md&title=%5Bfeature%5D+FILL+THIS+IN) to let us know.

### Join the community

Thanks to the 10 contributors who made this release possible, including new contributor [Collin Berman](https://github.com/cberman).
We'd love to have your contribution.
If you have uses cases GUAC should support, or want to contribute to our code or documentation, [join us](/community)!

0 comments on commit f228fc3

Please sign in to comment.