Releases: owasp-dep-scan/dep-scan
Releases · owasp-dep-scan/dep-scan
Release v5.2.15
Release v5.2.14
Update cdxgen to bring dotnet packages.lock.json fix
Full Changelog: v5.2.13...v5.2.14
Release v5.2.13
Fix cdxgen version in container image to 10.2.5
What's Changed
- backport: Add pyproject.nix flake by @Quince-Pie in #278
Full Changelog: v5.2.12...v5.2.13
Release v5.2.12
What's Changed
- fixing keyerror in version and purl by @almaz045 in #266
- Added more alias for js audit by @prabhu in #267
- backport: Add compatibility for future oras releases by @Quince-Pie in #272
Full Changelog: v5.2.11...v5.2.12
Release v5.2.11
What's Changed
Full Changelog: v5.2.10...v5.2.11
Release v5.2.10
What's Changed
- Handle zero scores from npm with vdb 5.6.3 by @prabhu in #258
- Fixes #259 by ignoring pysec feeds with matching github advisory id
Full Changelog: v5.2.9...v5.2.10
Release v5.2.9
What's Changed
Full Changelog: v5.2.8...v5.2.9
Release v5.2.8
With this release, depscan should display the dependency tree for Ruby applications with Gemfile.lock thanks to the latest cdxgen.
What's Changed
- Improves sub-tree display by @prabhu in #245
- Trim ci agents by @prabhu in #249
- Corrects scenario where no src_dir is set -5.x by @cerrussell in #247
Full Changelog: v5.2.7...v5.2.8
Release v5.2.7
What's Changed
- Adds checking env variable for github actions for 5.x by @cerrussell in #238
- Expand the scope of npm alias to search for vendor with the name npm by @prabhu in #241
Full Changelog: v5.2.6...v5.2.7