Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release: v0.59.0 [main] #8041

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

release: v0.59.0 [main] #8041

wants to merge 1 commit into from

Conversation

aqua-bot
Copy link
Contributor

@aqua-bot aqua-bot commented Dec 4, 2024
edited
Loading

🤖 I have created a release beep boop

0.59.0 (2024-12-28)

Features

  • add --distro flag to manually specify OS distribution for vulnerability scanning (#8070) (da17dc7)
  • misconf: generate placeholders for random provider resources (#8051) (ffe24e1)
  • nodejs: respect peer dependencies for dependency tree (#7989) (7389961)
  • python: add support for poetry dev dependencies (#8152) (774e04d)
  • python: add support for uv (#8080) (c4a4a5f)
  • python: add support for uv dev and optional dependencies (#8134) (49c54b4)

Bug Fixes

  • CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass (#8088) (d7ac286)
  • enable err-error and errorf rules from perfsprint linter (#7859) (156a2aa)
  • flag: skip hidden flags for --generate-default-config command (#8046) (5e68bdc)
  • handle BLOW_UNKNOWN error to download DBs (#8060) (51f2123)
  • java: correctly overwrite version from depManagement if dependency uses project.* props (#8050) (9d9f80d)
  • license: always trim leading and trailing spaces for licenses (#8095) (f5e4291)
  • misconf: use log instead of fmt for logging (#8033) (07b2d7f)
  • oracle: add architectures support for advisories (#4809) (90f1d8d)
  • python: skip dev group's deps for poetry (#8106) (a034d26)
  • redhat: correct rewriting of recommendations for the same vulnerability (#8063) (4202c4b)
  • respect GITHUB_TOKEN to download artifacts from GHCR (#7580) (21b68e1)
  • sbom: attach nested packages to Application (#8144) (735335f)
  • sbom: fix wrong overwriting of applications obtained from different sbom files but having same app type (#8052) (fd07074)
  • sbom: scan results of SBOMs generated from container images are missing layers (#7635) (f9fceb5)
  • sbom: use root package for unknown dependencies (if exists) (#8104) (7558df7)
  • Updated twitter icon (#7772) (2c41ac8)
  • wasm module test (#8099) (2200f38)

Performance Improvements

  • avoid heap allocation in applier findPackage (#7883) (9bd6ed7)

This PR was generated with Release Please. See documentation.

@aqua-bot aqua-bot requested a review from knqyf263 as a code owner December 4, 2024 04:21
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch 2 times, most recently from 1c36608 to 593e005 Compare December 5, 2024 05:24
@aqua-bot aqua-bot changed the title release: v0.58.1 [main] release: v0.59.0 [main] Dec 5, 2024
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch 13 times, most recently from 43eab50 to 73df148 Compare December 11, 2024 16:57
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch 7 times, most recently from b7cb2f7 to 9907ddd Compare December 20, 2024 07:04
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch 5 times, most recently from 613d635 to 183da0f Compare December 24, 2024 12:33
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch 2 times, most recently from b2c9339 to 63e86de Compare December 25, 2024 05:48
@aqua-bot aqua-bot force-pushed the release-please--branches--main branch from 63e86de to b7da2ef Compare December 28, 2024 17:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knqyf263 knqyf263 Awaiting requested review from knqyf263 knqyf263 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
autorelease: pending
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aqua-bot