Skip to content

3.2.0
Compare
Choose a tag to compare
@github-actions github-actions released this 19 Jul 17:29
v3.2.0
c16dbbd
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Verified
Learn about vigilant mode.

Changed

  • CLI via composer make-bom
    • All informational/error output will appear on STDERR, was STDOUT.
      Output of the SBoM might still happen on STDOUT.
      This makes utilization of STDOUT via --output-file=- more flexible (pipe, redirect)
      whilst verbosity can be increased via -v.

Added

  • CLI via composer make-bom
    • Added an optional argument composer-file.
      If given, then the SBoM is generated based on that file instead of the file in the current working directory.
      This enables the plugin to analyze projects outside the plugin's own setup.

Fixed

  • Fixed detection of invalid/outdated composer lock file.
  • Fixed a rare case that caused the CLI to crash unexpectedly, if the composer lock file was unexpected.

Misc

  • Added composer keywords.
  • Refactored the plugin's internals.
  • Added more tests for internals.
Assets 2
Loading