v0.2.0

What's Changed

A number of changes have been made to improve compatibility with the OSV specification. The current version should be compliant with 1.6.3 of the OSV schema.

Note: Changes have been made to ecosystems to include additional metadata that may break existing usage patterns!

• Allow absent schema_version field by @ctron in #28
• Fix Maven ecosystem support by @gcmurphy in #30
• Fix Ubuntu ecosystem support by @gcmurphy in #32
• Fix AlmaLinux, Rocky Linux and Photon OS ecosystems @gcmurphy in #34

New Contributors

• @ctron made their first contribution in #28

Full Changelog: v0.1.5...v0.2.0

v0.1.5

• Compatibility changes with osv v1.6.2
• CVSS v4 support
• Fix inconsistencies with osv spec in the affected packages part of the schema
• Additional ecosystems
• Switch client to reqwest/tokio from surf/async_std
• Misc testing improvements

v0.1.4

Overview

Changes to make compatible with v1.6.0 of the ossf/osv-schema specification.

Thank you @tony84727 for improving ecosystem traits in #10

v0.1.3

Overview

Changes to make compatible with v1.4.0 of the ossf/osv-schema specification.

Changes

• Library only provides schema support by default. Client for the API endpoint is an optional feature that needs to be enabled.
• Support for Rocky Linux, Alma Linux ecosystems.
• Updated credits and severity fields per package.
• Add missing reference types.

v0.1.2

Overview

Changes to make compatible with v1.3.0 of the ossf/osv-schema specification.

Features

• Support for Debian ecosystem
• Support for GitHub Actions and Pub ecosystems.
• Smoke testing utility.

Bugfixes

• Avoid null values in serialized JSON output
• Version ranges are now optional values.

v0.1.1

Bug fixes:

• Allow all data structures to be serialized : Thanks to @JosiahOne .

v0.1.0

Summary

Initial OSV API coverage and compatibility with version 1.3.0 of the OSSF Open Source Vulnerability format.

Features

• Query API by commit ID
• Query API by package and version
• Request vulnerability information by vulnerability ID.