v1.5.9

Changelog

• 948b411 Merge pull request #195 from safedep/chore/vet-integrate-vet
• 6e6225c Merge pull request #196 from safedep/chore/dependency-upgrade-2024-04-01
• b5c2b14 Merge pull request #197 from safedep/chore/update-ossf-scorecard-action
• d3c0d7c Merge pull request #199 from safedep/refactor/docs-2024-04-02
• ebe5411 chore: Fallback to community mode when auth is unavailable
• eb6a914 chore: Update Go version and dependencies
• b523eb5 chore: Update OpenSSF scorecard action
• eb7f3ca ci: Add vet for vetting PR
• ab3ee44 ci: Fix e2e test runner rate limiting issue

v1.5.8

Changelog

• c4fcab4 Merge pull request #194 from safedep/chore/update-slsa-builder
• b726033 ci: Update SLSA generator actions version

v1.5.7

Changelog

• fef3d6d Merge pull request #192 from safedep/feat/summary-report-group-by-direct-deps
• edb40c0 Merge pull request #193 from safedep/feat/markdown-summary-reporting
• b6b0381 chore: Add option to render markdown summary report from query command
• 36f2297 chore: Update go and go deps
• bfa6300 chore: Update markdown summary report format
• 7f2f729 feat: Add command line arg for group by direct dependencies
• 38940ea feat: Add support for markdown summary report generator
• 79d7cf9 feat: Enhance summary report to show vulnerability risk and sample
• cbdec10 refactor: Move emoji text to markdown package
• fbe42b4 refactor: Summary report generator for grouped reporting

v1.5.6

Changelog

• f93f786 Merge pull request #173 from safedep/feat/dependency-graph
• 774323c Merge pull request #187 from safedep/feat/npm-graph-parser
• c0f9848 Merge pull request #190 from safedep/feat/cyclonedx-parser-handle-dependency-relation
• be81848 feat: Add data structure to build dependency graph
• b662145 feat: Refactor CycloneDX parser into CycloneDX Graph Parser
• debca42 fix: purl parser bug to handle maven group:name convention
• d0f6a82 refactor: Allow parser configuration
• 1dba6fd refactor: Parser to use dependency graph parsers
• 6f3c5ad refactor: Simplify load_exceptions function

v1.5.5

Changelog

• f6e055d Merge pull request #182 from safedep/fix/auth-reporting-experience
• b08c8a4 fix: #180 Ensure version update is available before proposing in summary reporter
• bd74334 fix: #180 provide explicit instruction to use vet community mode when auth verify fails

v1.5.4

Changelog

• 273d999 Merge pull request #178 from safedep/fix/lfp_npm_unavailable_package
• 875d96b Merge pull request #179 from safedep/fix/add-guardrails-against-nil-pkg-in-event
• d63e927 chore: Add guard rails against nil pkg in event for JSON report generator
• 79377e3 fix: LFP npm handle missing package

v1.5.3

Changelog

• ffd73b1 Merge pull request #177 from safedep/fix/json-report-spec-threat-id
• 4efa611 fix: Add identifiers to JSON report spec for threats
• c3b3e25 fix: Use valid markdown convention for LFP npm

v1.5.2

Changelog

• f4df5f8 Merge pull request #176 from safedep/patch/extend-json-report-for-lfp-threats
• 2a27376 feat: Extend JSON report spec to support threats

v1.5.1

Changelog

• 578c2b4 Merge pull request #175 from safedep/feat/add-flag-for-enricher-control
• 596d583 feat: Add support for enrichment control as a flag

v1.5.0

Changelog

• 86175b6 Merge pull request #174 from safedep/feat/lfp
• 795dc27 chore: Add VSCode configuration file
• 0d6fa59 chore: Update crypto library to fix security issue
• 12bd28d chore: Update osv-scanner dependency
• e9abffa feat: Add LFP for npm
• 4200c2b feat: Add support for configurable trusted urls