Releases: snyk/parlay
Releases · snyk/parlay
v0.5.1
Changelog
Other Changes
- 3bfc605: chore: add prodsec/security_scans (#69) (@wayne-grant)
- eb55f41: feat: add support for CycloneDX 1.6 (#72) (@paulrosca-snyk)
- c52ed51: feat: get snyk api endpoint from env (#67) (@paulrosca-snyk)
- 0ea7ec6: fix: goreleaser config (#73) (@paulrosca-snyk)
- 689562a: fix: handle unsuccessful Snyk API responses (#70) (@mcombuechen)
- 4391914: refactor: enrich scorecard data through mutation (#65) (@mcombuechen)
v0.4.0
Changelog
Other Changes
- 6bf7ae4: feat: more verbose log messages in all commands (#61) (@mcombuechen)
- 04ba00b: feat: snyk enrich external refs (#62) (@paulrosca-snyk)
- 419eda3: refactor: enrich ecosyste.ms data through mutation (#64) (@mcombuechen)
v0.3.0
Changelog
Other Changes
- b7a921b: feat: add support for CycloneDX 1.5 (#58) (@paulrosca-snyk)
- 3b2986a: feat: add version command (#19) (@krishnaduttPanchagnula)
- af7b7a7: fix: deep traversal of cyclonedx components (#60) (@paulrosca-snyk)
v0.2.3
Changelog
This releases fixes an issue when enriching namespaced npm packages with ecosyste.ms data.
Other Changes
- f32004e: fix: fix npm namespace encoding for ecosystem.ms (#57) (@paulrosca-snyk)
v0.2.2
Changelog
Other Changes
- f9b35a4: chore: transfer code ownership to Team Unify (#53) (@mcombuechen)
- e5db958: fix: log failure reasons during
snyk enrich
(#54) (@mcombuechen)
v0.2.1
Release v0.2.1 brings bugfixes mainly around the snyk enrich
command and apk package lookup at ecosyste.ms.
Changelog
Other Changes
- bb1862d: Add go to the Snyk docs (#41) (@garethr)
- 8ce0d37: chore: add secrets scanning (#45) (@wayne-grant)
- d90e7d2: chore: asset classification (#44) (@wayne-grant)
- 1273e93: chore: update CODEOWNERS (@dragos-cojocari)
- 3bc5a4c: chore: update CODEOWNERS (@dragos-cojocari)
- 7f8789f: chore: update CODEOWNERS (@dragos-cojocari)
- 60602d5: fix: apk package lookup for ecosyste.ms doesn't use the namespace (#40) (@garethr)
- cb1c7c5: fix: log errors during SPDX snyk enrich (#52) (@mcombuechen)
- cb64f57: fix: print debug output for issues during snyk enrich. (#49) (@mcombuechen)
- bcd1448: fix: user info (#50) (@mcombuechen)
v0.2.0
v0.2.0 brings a few new features and fixes, in particular Parlay now supports additional formats, with SPDX 2.3 JSON and CycloneDX XML now both supported.
Changelog
Other Changes
- ae7d029: Add SPDX examples to the documentation (@garethr)
- 69782c6: Update email address for reporting code of conduct issues (@torgo)
- 8035799: chore: add copyright headers to lib/sbom (@mcombuechen)
- 7ceeeb8: chore: linting (#23) (@mcombuechen)
- fb880a4: chore: upgrade packageurl-go (@mcombuechen)
- 52a3757: feat: add SPDX support to ecosystems enrich (@mcombuechen)
- f543a3b: feat: add SPDX support to scorecard (#28) (@mcombuechen)
- d074831: feat: add ecosyste.ms support for swift, docker packages (@mcombuechen)
- 32abd52: feat: add support for CycloneDX XML (@mcombuechen)
- ebba7bd: feat: add support for SPDX 2.3 JSON in snyk enrich (@mcombuechen)
- 0c804c2: fix: correctly identify package names in ecosystems (@mcombuechen)
- 4e33b08: fix: golang purl resolution (#34) (@ninjamast3r)
- b786981: fix: resolve alpine packages to alpine-edge repository (@mcombuechen)
- 4f32fba: refactor: use abstract SBOM in lib/scorecard (@mcombuechen)
- f2596d5: refactor: use abstract SBOM in lib/snyk (@mcombuechen)
v0.1.5
Changelog
Other Changes
- b52cc8d: Attempted fix for Gitleaks action (@garethr)
- 53335fe: Create CONTRIBUTING.md (@torgo)
- 49cb0c8: Fix issue with 0.1.0 packageurl library license not being detected (@garethr)
- 7564d07: bug: fix issue with installation instructions (@garethr)
- 886d637: feat: Add enrichment using OpenSSF Scorecard data. (#13) (@garethr)
- 40228c9: fix: Actions need secrets to run, which aren't available on PRs (@garethr)
- 99463ed: refactor: move reading of input to utils package (#18) (@mcombuechen)
v0.1.4
Changelog
Other Changes
- aec49c7: Add LICENSE and copyright information (@torgo)
- 62a48fa: Added Gitleaks checks (@garethr)
- d8f2835: Added Security badge (@garethr)
- 32c9ee8: Added Security checks to the actions workflow (@garethr)
- d95f089: Added a CODEOWNERS file (@garethr)
- 595c19c: Added details of security response (@garethr)
- a2ebbfb: Create CODE_OF_CONDUCT.md (@torgo)
- 49617d0: Create an acknowledgement bundle on release for third party licenses (@garethr)
- ec22f0b: Fix formatting in workflow file (@garethr)
- 792060c: Fix tab issue in workflow config file (@garethr)
- 9267a3e: Ignore false positive secrets detection in the public openapi spec (@garethr)
- 0e05f35: Ignore the spec file, rather than trying to ignore individual issues (@garethr)
- da6999f: Merge pull request #5 from snyk/torgo-add-coc (@garethr)
- 716b0ce: Second fingerprint for ignoring false positive from GitHub Action (@garethr)
v0.1.3
Changelog
Other Changes
- 025307c: Added SBOM generation as part of Goreleaser build (@garethr)
- 0eaa75f: Added a deps.dev command to get repository information (@garethr)
- eb04ade: Added docs on supported package types (@garethr)
- 86dc756: Added installation instructions (@garethr)
- 341cc3a: Expanded examples in README (@garethr)
- 90ae589: Formatting fixes (@garethr)
- f042471: Ignore a license issue with an unknown or missing license (@garethr)
- 3c60456: Ignore the Snyk Code cache (@garethr)
- b76eb04: Small improvement to error messages for deps command (@garethr)