Skip to content

Releases: safedep/vet

v1.4.0

21 Nov 14:06
@abhisek abhisek
v1.4.0
f09faf8
This commit was signed with the committer’s verified signature.
abhisek Abhisek Datta
GPG key ID: CB92A4990C02A88F
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.4.0

Changelog

  • 894354e Add limits to GHA
  • 535ee17 Merge pull request #147 from safedep/chore/dependency-upgrade-2023-11-9
  • 358e214 Merge pull request #150 from safedep/feat/140-github-org-reader
  • 7b48d02 Merge pull request #158 from safedep/feat/add-pkg-insights-in-json-report
  • d7e6de4 Merge pull request #160 from safedep/feat/concurrent-manifest-scanning
  • aeec13c Refactor scanner workflow to enable scanning per manifests instead of batching
  • 7394334 chore: Make command help msg more explicit
  • f5ebf92 chore: Misc language fix
  • 05211b7 chore: Update dependencies
  • f09faf8 ci: Fix go releaser action
  • b35485f feat: Add UI feedback message on manifest enumeration
  • b945fe3 feat: Add UI integration for Github Org reader component
  • b4c1c2e feat: Add license and vulnerability info in JSON report
  • 230a1d3 fix: Add vuln severity in JSON report schema
  • 9578e00 fix: Bug with tracker being marked as done
  • 9580bf0 fix: Deadlock in scanner with filter fail option
  • 34b5356 fix: Deadlock with concurrent scanning
  • d56b950 fix: E2E test script use community auth
  • 1161fe6 fix: Enforce repository limit strictly for Github org reader
  • 4a0dc98 fix: Protobuf enum scoped within message
  • 092d9a7 fix: Return 0 on successful auth setup
  • 8adcc8e fix: Show aliases in JSON report
  • 84d3323 fix: Test case for schemamapper
  • bb42821 refactor: JSON report generator to maintain SRP on function
  • 44ad5d6 refactor: Remove unnecessary func in loop
Assets 7
Loading

v1.3.1

09 Nov 15:02
@abhisek abhisek
v1.3.1
f6a08ff
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.1

Changelog

  • f6a08ff Merge pull request #144 from safedep/chore/misc-enhancements-2023-11-04
  • a6c34fe chore: Improve error for github reader
  • 42546ce chore: Set display path for manifest when its not a local file
  • 13847f2 feat: Add support for github lockfile enumeration and parsing
  • 9819e9d fix: Fix #142 by enumerating top level directory for lockfiles
  • 810d673 fix: SPDX parser for Maven ecosystem
  • b52e9bb refactor: Cleanup internal auth
Assets 7
Loading

v1.3.0

03 Nov 20:10
@abhisek abhisek
v1.3.0
f4dccaa
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0

Changelog

  • 99059f4 Added Basic functionality to scan remote github urls
  • 681eb92 Added ability to scan spdx sbom
  • ea77a44 Added suppor to connect apps. Currently, just github is supported
  • 9c2e201 Added support of SPDX SBOM
  • 79c5940 Fix: Vet Crash on one of the SBOM generate from Github #118
  • d197326 Fix: Vet Crash on one of the SBOM generate from Github #118
  • f894d5a Merge branch 'bug_sitter_tree_docker_23' into main
  • 5807671 Merge pull request #119 from safedep/bug_sitter_tree_docker_23
  • f9c5118 Merge pull request #120 from safedep/fe_spdx_180823
  • 8fd4050 Merge pull request #122 from safedep/feat/github-repo-scanning
  • f5789c6 Merge pull request #123 from safedep/feat_github_repo_200823
  • b234cd3 Merge pull request #124 from safedep/abhisek/2023-10-17-misc-cleanup
  • 023686e Merge pull request #128 from safedep/abhisek/2023-10-24-dependency-update
  • 9ea542c Merge pull request #135 from safedep/feat/rubygems-ecosystem-support
  • f4dccaa Merge pull request #141 from safedep/chore/misc-enhancements-2023-11-02
  • 8e90c7b Merging with main branch and resovled issues
  • 31b4c73 Renamed GITHUB_AUTH_TOKEN
  • cce7943 Resolved Lint Issues
  • d103b73 Resolved PR Comments Issues Raised
  • de871dd Resolved issues with go lint
  • bed227a Resolving issues by linter
  • 0e888a6 Updated Readme
  • 590a4fd chore: Add a meta section in the JSON report schema
  • 9a4d07e chore: Add lefthook and update developer documentation
  • a90aae0 chore: Dependency upgrade
  • 7d19152 chore: Migrate to support handle
  • cc918c6 chore: Misc styling fixes
  • b9d0cac chore: Run linter as precommit hook
  • e0b89d0 chore: Run linter as precommit hook
  • 15747ff chore: Update Go version in GH workflows
  • b545c5b ci: Add osx-cross compiler tool chain in release action
  • a8c1f10 ci: Fix osx-cross compiler environment
  • d921a14 ci: Increase golangci-lint timeout
  • 4fad0ff ci: Make Github action names explicit
  • 360f6dd ci: Use osx-cross tool chain for darwin builds
  • f43b567 feat: Add support for purl scanning
  • e20604a feat: Add support to specific max entries in summary reports table
  • 0c2f8ab feat: Enable support for RubyGems ecosystem
  • 8833085 feat: Extend filter suite with additional meta data
  • 7719545 feat: Revamp JSON report to include manifest, package, violation, advices
  • c7a1a0a fix: Add remediation generator for low popularity
  • 9124484 fix: Add support for using malware indicators from OSV data
  • 2aa5468 fix: purl handle rubygems type
  • 676f85a refactor: Clean up JSON report generator by using contract methods
  • 3d1cd03 refactor: Create common check type for filters and violations
  • 1f5122a refactor: Github reader into its own context
  • 3b2c2cf refactor: Include filter spec in analyser event
  • 96ce796 refactor: JSON report generator to use protobuf based schema
  • 6783db7 refactor: Merge utils under single package
  • 5f9c328 refactor: Only show supported contract in command desc
  • 99a07a4 refactor: Parser interface to use PackageManifest reference instead of value
  • 14d12e2 refactor: Refactor to maintain boundaries for github connect
  • 80a70da refactor: Use filtersuite spec filter in eval program
  • 85da069 refactor: Violation schema into its own proto file
  • a63f11b refactored cyclonedx & sbom parsers to common parsing logic
  • 7a9801e resolving issue with go and npm ecosystem while parsing spdx
  • f65f7e8 style: Fix models.proto
Assets 7
Loading

v1.3.0-rc1

03 Nov 18:43
@abhisek abhisek
v1.3.0-rc1
a8c1f10
This commit was signed with the committer’s verified signature.
abhisek Abhisek Datta
GPG key ID: CB92A4990C02A88F
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0-rc1 Pre-release
Pre-release

Changelog

  • 99059f4 Added Basic functionality to scan remote github urls
  • 681eb92 Added ability to scan spdx sbom
  • ea77a44 Added suppor to connect apps. Currently, just github is supported
  • 9c2e201 Added support of SPDX SBOM
  • 79c5940 Fix: Vet Crash on one of the SBOM generate from Github #118
  • d197326 Fix: Vet Crash on one of the SBOM generate from Github #118
  • f894d5a Merge branch 'bug_sitter_tree_docker_23' into main
  • 5807671 Merge pull request #119 from safedep/bug_sitter_tree_docker_23
  • f9c5118 Merge pull request #120 from safedep/fe_spdx_180823
  • 8fd4050 Merge pull request #122 from safedep/feat/github-repo-scanning
  • f5789c6 Merge pull request #123 from safedep/feat_github_repo_200823
  • b234cd3 Merge pull request #124 from safedep/abhisek/2023-10-17-misc-cleanup
  • 023686e Merge pull request #128 from safedep/abhisek/2023-10-24-dependency-update
  • 9ea542c Merge pull request #135 from safedep/feat/rubygems-ecosystem-support
  • 8e90c7b Merging with main branch and resovled issues
  • 31b4c73 Renamed GITHUB_AUTH_TOKEN
  • cce7943 Resolved Lint Issues
  • d103b73 Resolved PR Comments Issues Raised
  • de871dd Resolved issues with go lint
  • bed227a Resolving issues by linter
  • 0e888a6 Updated Readme
  • 590a4fd chore: Add a meta section in the JSON report schema
  • 9a4d07e chore: Add lefthook and update developer documentation
  • a90aae0 chore: Dependency upgrade
  • 7d19152 chore: Migrate to support handle
  • cc918c6 chore: Misc styling fixes
  • b9d0cac chore: Run linter as precommit hook
  • e0b89d0 chore: Run linter as precommit hook
  • 15747ff chore: Update Go version in GH workflows
  • b545c5b ci: Add osx-cross compiler tool chain in release action
  • a8c1f10 ci: Fix osx-cross compiler environment
  • d921a14 ci: Increase golangci-lint timeout
  • 4fad0ff ci: Make Github action names explicit
  • 360f6dd ci: Use osx-cross tool chain for darwin builds
  • f43b567 feat: Add support for purl scanning
  • e20604a feat: Add support to specific max entries in summary reports table
  • 0c2f8ab feat: Enable support for RubyGems ecosystem
  • 8833085 feat: Extend filter suite with additional meta data
  • 7719545 feat: Revamp JSON report to include manifest, package, violation, advices
  • c7a1a0a fix: Add remediation generator for low popularity
  • 9124484 fix: Add support for using malware indicators from OSV data
  • 2aa5468 fix: purl handle rubygems type
  • 676f85a refactor: Clean up JSON report generator by using contract methods
  • 3d1cd03 refactor: Create common check type for filters and violations
  • 1f5122a refactor: Github reader into its own context
  • 3b2c2cf refactor: Include filter spec in analyser event
  • 96ce796 refactor: JSON report generator to use protobuf based schema
  • 6783db7 refactor: Merge utils under single package
  • 5f9c328 refactor: Only show supported contract in command desc
  • 99a07a4 refactor: Parser interface to use PackageManifest reference instead of value
  • 14d12e2 refactor: Refactor to maintain boundaries for github connect
  • 80a70da refactor: Use filtersuite spec filter in eval program
  • 85da069 refactor: Violation schema into its own proto file
  • a63f11b refactored cyclonedx & sbom parsers to common parsing logic
  • 7a9801e resolving issue with go and npm ecosystem while parsing spdx
  • f65f7e8 style: Fix models.proto
Assets 6
Loading

v1.1.0

16 Aug 12:39
@abhisek abhisek
v1.1.0
c55e0a7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.1.0

Changelog

  • 311b831 Merge pull request #109 from safedep/feat/cloud-report-sync
  • 33d61f1 Merge pull request #110 from safedep/chore/dependency-upgrade
  • c55e0a7 Merge pull request #112 from safedep/jc-staging
  • 58b9f75 Merge pull request #98 from safedep/develop
  • 1cfd346 [WIP] Add cloud sync reporter
  • 6bf729d chore: Dependency upgrade
  • ed2b547 chore: Fix linter issues in cloud sync reporter
  • 07de20a chore: Update go dependencies
  • 7279b34 fix: CycloneDX SBOM support introduced in #111
Assets 7
Loading

v1.0.0

13 May 16:56
@abhisek abhisek
v1.0.0
e583c05
This commit was signed with the committer’s verified signature.
abhisek Abhisek Datta
GPG key ID: CB92A4990C02A88F
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0

Changelog

  • 503f9b2 Bump github.com/google/cel-go from 0.14.0 to 0.15.1
  • e1c3689 Bump github.com/google/osv-scanner from 1.3.1 to 1.3.2
  • 1009189 Bump golang.org/x/term from 0.7.0 to 0.8.0
  • e583c05 Merge remote-tracking branch 'origin/dependabot/go_modules/github.com/google/cel-go-0.15.1'
  • d65157b Merge remote-tracking branch 'origin/dependabot/go_modules/golang.org/x/term-0.8.0'
Assets 7
Loading

v1.0.0-rc2

19 Apr 17:05
@abhisek abhisek
v1.0.0-rc2
454e87d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0-rc2 Pre-release
Pre-release

Changelog

  • 765253c Add dirsource based package manifest reader
  • cf4428d Add golang-ci
  • 277aba8 Add misc improvemnts to CSV reporter
  • 9f15558 Add regexp based python wheel version parsing
  • f537049 Add support for using community mode endpoint
  • f385c0b Added feature for showing Ecosystem name in the table along with other attribute
  • e1f8a69 Adds CSV Reporter for Output : Issue :#6
  • ef67b0c Docs update
  • 68b3d00 Fix bug in pywheel spec parser
  • 0f38e06 Fix linter issues
  • 92efd33 Fix version for golang-lint
  • 291acb2 Merge pull request #53 from safedep/feat/21-refactor-pkg-reader
  • 3ba2a45 Merge pull request #59 from tarunsamanta2k20/tarunsamanta/#54
  • b479f78 Merge pull request #65 from safedep/develop
  • 517eec9 Merge pull request #66 from safedep/add-brew-docs
  • 4ffa8a1 Merge pull request #68 from safedep/develop
  • e46f739 Merge pull request #70 from safedep/develop
  • a565c8b Merge pull request #71 from safedep/develop
  • 8498ee5 Merge pull request #72 from safedep/develop
  • 454e87d Merge pull request #76 from safedep/develop
  • 2a9360e Merge remote-tracking branch 'shivamsk/shivamsk/add-csv-output' into develop
  • 26e5055 Modifies CSV Reporter
  • 00d2fc2 Modifies CsvRecord
  • 035065f Re-order table in summary reporter
  • eef27dd Removes spaces in csv.go
  • 7a6b138 Removes summaryReporter from csv.go
  • 94c76ba Top level permission should be minimal
  • e3078ac Update docs
  • 8e76ca6 Update err handling in auth
  • aea651a Update installation doc in README
  • dfd7927 Update summary.go
  • 95d6228 added homebrew installation instructions
  • 650055a made request changes
  • b9fb908 second commit
Assets 7
Loading

v1.0.0-rc1

10 Apr 06:24
@abhisek abhisek
v1.0.0-rc1
a900a3d
This commit was signed with the committer’s verified signature.
abhisek Abhisek Datta
GPG key ID: CB92A4990C02A88F
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0-rc1 Pre-release
Pre-release

Changelog

  • 6593fd4 Added support for docker ARM, M1 MACS
  • 32bdf61 Create .github/dependabot.yml
  • 2c9fc1b Dependabot updates for go pkg
  • 989c4d5 Fix #40: Add support for path pattern exclusion
  • a900a3d Fix goreleaser gh workflow
  • 9ad78d5 Fix-27 Duplicate findings in report summery
  • 61bf471 Fixed Error
  • 981887d Fixed docs url
  • 7474fdc Handle transitive dependencies in progress UI
  • cc7de3f Merge pull request #35 from c0d3G33k/chore/docker-arm-support
  • 708eb81 Merge pull request #36 from safedep/fix-url
  • 4dd3b86 Merge pull request #37 from safedep/social-links
  • 571ac59 Merge pull request #41 from safedep/develop
  • 9536492 Merge pull request #44 from c0d3G33k/fix/27-duplicate-record-summery
  • 7f3c364 Merge pull request #45 from safedep/goreleaser-update
  • 6a20a91 Merge pull request #46 from safedep/chore/add-dependabot-config
  • 946d5cb Merge pull request #52 from safedep/develop
  • 4bff6d1 Revert goreleaser to push to main
  • ff103ce Update .goreleaser.yaml
  • 89f70b5 Update GO Releaser token for homebrew release
  • 1cb84f1 Update path-exclusion.md
  • 4bf6892 added social links
  • f8274a2 adding homebrew-vet tap
Assets 7
Loading

v0.0.8

31 Mar 05:58
@github-actions github-actions
v0.0.8
f43920e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.0.8

Changelog

  • b9530c0 #7: Add support for auth verify command
  • 430d002 #7: Add support for verify auth before scan
  • 115b7e4 #7: Handle potential nil response
  • 8097829 #7: Show success msg for auth verification
  • 33f1173 Add .node-version for docs
  • 1c91ecf Add a blurb or vet
  • d63b920 Add docker usage instructions in README
  • bb43ed4 Add npm lockfile
  • 7f11b33 Add release badge to README
  • 5803627 Added gtag for docs
  • e16f907 Added logo
  • 39971ed Added logo
  • bf2dbe0 Added vet documentation
  • 93bbc74 Fix docusaurus broken link
  • 2300ea0 Fixed README & Moved docs
  • b338689 Merge branch 'main' into develop
  • ab3d7e9 Merge pull request #30 from safedep/develop
  • 77dbf49 Merge pull request #31 from safedep/develop
  • b47355b Merge pull request #32 from safedep/develop
  • 2f9dbd0 Merge pull request #33 from safedep/docs-update
  • f43920e Merge pull request #34 from safedep/minor-fixes
  • 3db93e9 Publish events from Filter anlayzer module
  • 9e1cc18 Refactor to support customer experimental parsers
  • d6ee7ae Show filter failures in markdown reporting
  • 252e448 Update README
  • dccaa5b Update README docs
  • 1e492ba Update blurb text
  • abf6e71 Updated vet README.md
  • 6928b85 Use exposed method for event test
Assets 8
Loading

v0.0.7-dev

23 Feb 05:12
@github-actions github-actions
v0.0.7-dev
56fdeb6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.0.7-dev

Changelog

  • eadcd1a #13: Add exceptions package
  • d92561c #13: Add spec for exceptions management
  • e895f8a #16: Refactor to use UI utils for printing msg
  • 9c1e224 Add OpenSSF scorecard badge
  • 2ca6447 Add analysis rules for filter suite analyzer
  • 6412840 Add demo asciinema
  • 0c41bdd Add exception matching logic
  • 4b16c05 Add exceptions generate analyzer
  • 4882e46 Add exceptions loader in main
  • 0c99a69 Add file based exceptions loader
  • 2e9b5fb Add filter suite analyzer module
  • 24f2653 Add filter suite option for scan
  • 5b50255 Add filter suite spec
  • 46bd7e2 Add reader to read packages with exceptions
  • e8cebfa Add top level permission for GH actions
  • 23c71ee Create scorecard.yml
  • b5457c2 Fix #11: Add support for tags in summary report table
  • b4c407d Fix #14: Corrected typo
  • 504598d Fix #15: Return error when auth sub-command is missing
  • 0475f5f Fix typo in summary reporter
  • be9f5f3 Improve markdown report
  • 0c74a07 Improve markdown report
  • 5939b9d Merge pull request #19 from safedep/develop
  • 8873a35 Merge pull request #20 from safedep/develop
  • 56fdeb6 Merge pull request #25 from safedep/develop
  • 2ecc52e Print excepions statement in summary report
  • d4884c0 Refactor cel filter analyzer to extract CEL evaluator
  • b37834a Refactor filter stat in common code
  • 032d077 Show filter fail reason as error msg
  • ca1fbbc Update docs
Assets 8
Loading