This release contains a new feature and several bug fixes. Tern now supports a CycloneDX JSON reporting format. This capability now gives users the option between two SBOM standards for output reports -- SPDX or CycloneDX. There were several Scancode related fixes that were resolved in this release. Additionally, a fix for the situation where Tern was yielding different results with the -c
and -r
command line options, which in theory should produce the same results. Lastly, six new contributors were a part of this release, many of whom were completely new to open source.
- Add CycloneDX JSON Format: Tern can now generate CycloneDX JSON reports.
- Duplicate scancode files being reported when cache is empty
- Running Tern with -r and -c gives different results
- Add pkg_format values for missing package managers in base.yml
- Remove
/
from image SPDX Identifier Reference
- Enable Tern to run without root privileges
Note: This changelog will not include these release notes
Changelog generated by command: git log --pretty=format:"%h %s" v2.7.0..main
5927427 Cleanup unecessary files
b32745e Add cyclonedxjson to help menu
c90cf6e Fix: duplicate scancode files being reported
6a2abfe Add Maintainer and Governance Info
5dbb44b Update docs around getting started in VS Code
2186c1a Suppress some pylint warnings
6855f1e Force prospector version 1.5.1 to be installed
dfc84d5 fix: Pass the redo flag to the executor
f5eb1ab Remove `/` from image SPDX Identifier Reference
4c4b2a8 Prospector 1.4.1 fixes
9bbb5dd Add CycloneDX JSON output support
a0c08ba Fix: Ignore newlines in os_release file
75bd6ac Explain commit message guidelines better
4719f62 Fix duplicate line in Dockerfile.scancode
e1ba6a5 formats: Add spdxjson consumer
3dce966 Remove requirements.scancode.txt
c6d26fa Add pkg_format values to base.yml
c8817fd Identify Distroless version in os-release file
fc4a876 Added test for the pkg_format property
2828ec7 Created a functional test suite for releases
0fd02ec Deprecate run_on_image()
Daneshwari K. kankanwadidaneshwari55555@gmail.com
Jamila Ritter jamila.ritter@rutgers.edu
Kerin Pithawala kerinpithawala7@gmail.com
Patrick Dwyer patrick.dwyer@owasp.org
Sayantani Saha ii.sayantani.ii@gmail.com
Trang trangology@gmail.com
Nisha Kumar: nishak@vmware.com Rose Judge: rjudge@vmware.com