Releases: tiiuae/sbomnix
Releases · tiiuae/sbomnix
v1.6.1: Release 1.6.1
Main changes in release version v1.6.1:
- Flake update
- Bug fixes
All commits included in this release: v1.6.0...v1.6.1
v1.6.0
Main changes in release version v1.6.0:
- Add provenance generation tool
- Include CVE patch info in cdx output
- Bug fixes
All commits included in this release: v1.5.0...v1.6.0
Release v1.5.0
Main changes in release version v1.5.0:
- Improve integration with nixpkgs metadata:
--meta
command-line argument is no longer needed: #100 - Change
sbomnix
,nixgraph
,vulnxscan
, andnix_outdated
so each tool allows specifying the target as Nix flake reference in addition to the nix store path (which is still also supported). Also, align the use of command-line argument--buildtime
, removing the--type
argument fromsbomnix
- Re-structure the project and apply nix best practices: #95, #92, and #94
All commits included in this release: v1.4.6...v1.5.0
sbomnix: release v1.4.6
Main changes in sbomnix release version 1.4.6:
- sbomnix: add --depth command-line option
- sbomnix: force-realise runtime dependency paths
- sbomnix: remove dependency to legacy nvd cpe json dictionary
- Update nix flake lock file
See all commits included in this release: v1.4.5...v1.4.6
sbomnix: release v1.4.5
- Introduce own nix files for each demo tool under scripts/. This change allows clearly stating dependencies for each tool. This change is also necessary in case we later decide to move some of the tools now under `scripts/` directory to their own repositories. - From now on, the default.nix in the root of this repository is only for `sbomnix` and `nixgraph` which are the main tools currently maintained in this repository. Other tools under `scripts/` can still be used via the flakes.nix or the shell.nix. - Add flake output targets for `repology_cli` and `nix_outdated` apps. - Introduce basic tests for `repology_cli` and `nix_outdated`. - Get rid of the `use_scm_version=True` in setup.py and read the version number from VERSION file instead. With this change, we can also remove the postPatch hack from default.nix. - Remove travis.yml as it's no longer used. - Update nix flake lock file. - Bump sbomnix version to v1.4.5. Signed-off-by: Henri Rosten <[email protected]>
sbomnix: release v1.4.4
- repology_cli: fix a bug that caused repology package info to be ignored for some sbom input packages. The issue occurred if the package info had already been processed by an earlier repology query, but had not been included to the result collection. - repology_cli: improve local version classification - repology_cli: fix the url in user-agent - nixgraph: match inverse regex against full store paths. Earlier match was done only against the package name. This change allows querying inverse graphs starting from specific nix store objects, discarding possible duplicate package names. - sbomnix: fix usage example in `--help` output - update nix flake lock file - bump sbomnix version to v1.4.4 Signed-off-by: Henri Rosten <[email protected]>
v1.4.3: sbomnix: release 1.4.3
- Fix uninstall instructions - Add curl dependency - Update flake lock file - Up the version to 1.4.3 Signed-off-by: Henri Rosten <[email protected]>
v1.4.2: Up the version to 1.4.2
Improve derivation attributes:
- Make derivation pname more accurate e.g. for perl packages.
- Do not generate purl or cpe for packages with pname 'source'. Pname 'source' has a special meaning in in Nix - it is the default name for all fetchFromGitHub derivations.
- Add 'urls' attribute, which contains the package fetch url (if any).
- Add license and other meta information to the sbomnix release asset SBOMs.
In addition, this release includes the following other changes:
- Add a test case that checks the nix-shell works as expected to prevent cases like #44 in the future.
- Read 'unfree' and 'description' from each nix package meta information if available.
- Add more properties to SPDX sbom: package summary, downloadLocation.
- Add more properties to CDX sbom: component description, fetch_url, homepage.
v1.4.1: vulnxscan: make grype and vulnix dependencies explicit
- Make grype and vulnix dependencies explicit - Flake update - Use pip in place of pip3, add devshell dependency to pip - Up the version to 1.4.1 Signed-off-by: Henri Rosten <[email protected]>
v1.4.0: sbomnix: add support for sbom output in spdx json format
- sbomnix: support spdx json output (--spdx) argument - test: add relevant test cases to validate spdx output - include spdx documents from sbomnix itself to release assets - fix relevant documentation In addition this commit includes a fix to Makefile to prune python eggs from the list of python targets. Signed-off-by: Henri Rosten <[email protected]>