Releases: vinted/sbomsftw
Releases · vinted/sbomsftw
v0.21.0
- Update the new version to always include a package name, otherwise skip it.
v0.20.0
• Updating cyclonedx library, swapping it to @cyclonedx/cyclonedx to have the latest version. Making cyclonedx collector fixes to correct certain behaviour
• Updating syft library to support new cyclonedx version. Correcting behaviour where the new syft version does not have old cataloging module, and requires a new way to encode the sbom to output cyclonedx
• Correct retire js collector cmd argument
v0.19.0
- Fixing crash when git HEAD ref is null
v0.18.0
• Update license fetch, so if no ID available - do not add it to the list of licenses
• Fix debug logs so when no resp available, not crash the app
• Update the crawling if page returns 30 archived repos - continue the execution
v0.16.0
Changes:
- Add --organization (-g) flag to support organization scoped Env vars
- Add Generation of Github Application Token logic
- Add generation of github app token on specific timeouts logic
- Update go toolchain to 1.22.0
v0.15.0
- Reverting back changes as they break the server SBOM generation
v0.14.0
- Refactored Syft and CycloneDX SBOM Creation libraries
- Updated Syft, CycloneDX and other dependencies
- Migrated docker image to linux alpine to simplify the build process
