Releases: trustification/trustify
Releases · trustification/trustify
0.2.18
0.2.17
Changelog
v0.2.17 (2025-05-02)
Features
- analysis: log cache eviction note on info level (ae342a3)
- allow control populating the cache after ingestion (7c39717)
- allow providing the format type during the upload (advisory) (ad672e8)
- allow providing the format type during the upload (e9ecab6)
- filter SBOM's and Advisories by labels (dfd6f8a), closes #491
- now supporting json objects for in-memory queries (5fbecb2)
- support unlimited multi-part field names for json columns (5f0de9f)
- support nested fields within in-memory query contexts (d07db66)
- query json objects with ':' to delimit column name and key (5ce38fd), closes
#491 - return a list of valid fields in a query error message (44ba429)
- add api/v2/analyis/latest/component (8e7135a)
Fixes
- support custom trust anchors, fix a "not found" issue (ce84d33)
- remove advisory_vulnerability gist index (848a7a2)
- don't queue work on the worker queue if there is none (994d8df)
- fully-qualify table names in json filters (c220469)
- when deleting an entity, delete also a source document (and scores for the
advisory) (33bca45) - prevent panic when handling non YAML content (e9fc125)
- Python versions PLSQL comparator (TC-2469) (88d0134)
- ensure that an invalid CVSS does not panic (98fe9c2), closes #1547
0.2.16
0.2.15
Changelog
v0.2.15 (2025-04-08)
⚠ BREAKING-CHANGE
- The upgraded parser aligns with RFC 9535, and notlonger supports the
$.[]notation. It must be converted into$[].
This is important for the group extraction with OIDC, specifically
with AWS Cognito.
Fixes
0.2.14
Changelog
v0.2.14 (2025-04-04)
Features
- collect and report SBOM supplier information (1dd52a7)
Fixes
- pythonver_cmp function to properly handle local versions (e4f6c3e)
- cvss scores with I:N and A:N score properly now (9f66ad3), closes #1519
- mavenver_cmp add logic to compare builds (d073efb)
- mavenver_cmp function fail to compare versions with build numbers properly
(e24b49f) - add a migration to fix null values for suppliers (153502a)
- ensure load order does not impact analysis graph dependency queries
(28a8ccb) - TC-2388 OSV range with last_affected (2e158d4)
- get_purl now deals with missing ns properly (fc9ecef), closes #1456
- set title for vunerabilities with non typical description language code
(13ea3a9)
0.2.13
0.2.12
0.2.11
Changelog
v0.2.11 (2025-03-25)
Features
- expose the group of an SBOM package (4cccd4f)
- allow purl's to be included in purl queries (cd9ce84)
- filter components by partial matches of a purl and/or cpe (f61f172), closes
#1280 - drop redundant functions and refactor loops (6174528)
- add endpoint to process multiple purls (e8aaae0)
Fixes
- prevent an OOM situation by using a stream as result (a311672)
0.2.10
Changelog
v0.2.10 (2025-03-14)
Features
- adds metric of running importers (14acaa4)
Fixes
- prevent duplicate PURLs or CPEs being returned (123348a), closes #1417
- imageindex>imagevariant external sboms (2cb286d)
- dataset test (2aa3d21)
- issues is optional for advisory (c2c3249)
- fetch vulnerability description in the queries instead of loop (50bdcfb)
- fetch advisory issues in the queries instead of loop (4203ef6)
- improve perfromance of sbom/advisory endpoint (c78e877)
- prevent database passwords being logged (541ad10), closes #1409
- ensure we always detect a duplicate source document (92f223c), closes #1405
- prevent stack overflow (250160c), closes #1322
- terraform: only ensure the tag exists, don't require a value (6c78c45)
0.2.9
Changelog
v0.2.9 (2025-03-07)
Fixes
- prevent creating duplicate advisories when uploading in parallel (325b0fc),
closes #1395 - ancestor query so that any external parent sboms are returned (994c701)
- don't create duplicate documents when ingesting in parallel (0ed6e7b),
closes #1395 - upgrade antora from 3.1.9 to 3.1.10 (03eb218)
- analysis graph needs to consult graph_cache for external sboms, added tests
(5949cff) - external sbom cdx example and tightened related tests (4fd6dfd)
- find analysis components by q=purl (a8370b5), closes #1280