Skip to content

Releases: G-Rath/osv-detector

v0.11.1

11 Jul 21:00
@github-actions github-actions
v0.11.1
a61c828
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.11.1

What's Changed

  • don't panic on empty pnpm-lock.yaml files (#191)
  • improve warning message when parsing invalid Maven poms (#192)
  • handle cyclical -rs in requirements.txt files (#193)
  • handle line continuations in requirements.txt files (#195)
  • handle requirements with options in requirements.txt (#196)

Full Changelog: v0.11.0...v0.11.1

Loading

v0.11.0

28 Apr 02:35
@github-actions github-actions
v0.11.0
063a98e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.11.0

What's Changed

  • support PNPM v6 lockfiles (#187)
  • support dependencyManagement in Maven poms (#175)
  • support providing parse-as per lockfile / directory (#189)
  • support -r flag in requirements.txt files (#174)

Full Changelog: v0.10.4...v0.11.0

Loading

v0.10.4

27 Apr 20:49
@github-actions github-actions
v0.10.4
c988b29
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.10.4

What's Changed

  • support Pipenv develop packages without a version (#186)
  • avoid infinite loops parsing Maven poms with syntax errors (#188)

Full Changelog: v0.10.3...v0.10.4

Loading

v0.10.3

09 Mar 20:11
@github-actions github-actions
v0.10.3
6d5ef91
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.10.3

What's Changed

  • trim leading zeros off when comparing numerical components in Maven versions (#179)

Full Changelog: v0.10.2...v0.10.3

Loading

v0.10.2

04 Mar 21:00
@github-actions github-actions
v0.10.2
8eb1a06
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.10.2

What's Changed

  • update to the latest patch version of go v1.17 (#178)

Full Changelog: v0.10.1...v0.10.2

Loading

v0.10.1

04 Mar 20:35
@github-actions github-actions
v0.10.1
dfbde80
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.10.1

What's Changed

  • support yarn.lock files with quoted properties (#170)
  • avoid panic when parsing file: dependencies in pnpm lockfiles (#171)
  • deduplicate packages that appear multiple times in Pipenv.lock files (#172)
  • properly handle comparing zero versions in Maven (#173)

Full Changelog: v0.10.0...v0.10.1

Loading

v0.10.0

12 Jan 21:03
@github-actions github-actions
v0.10.0
0976ad8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.10.0

What's Changed

  • support parsing Gradle lockfiles (#164)
  • support parsing NuGet packages.lock.json lockfiles (#165)
  • support parsing PyPi Pipfile.lock lockfiles (#166)

Full Changelog: v0.9.1...v0.10.0

Loading

v0.9.1

21 Dec 00:20
@github-actions github-actions
v0.9.1
adfea86
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.9.1

What's Changed

  • ensure that file paths are handled properly on Windows by (#161)
  • handle replace directives in go.mod files (#162)

Full Changelog: v0.9.0...v0.9.1

Loading

v0.9.0

11 Nov 03:58
@github-actions github-actions
v0.9.0
573f2ca
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.9.0

This version changes how the detector does version comparison to be based on the semantics for the ecosystem the version belongs to, which fixes a number of subtle (and for some ecosystems, not so subtle) differences when comparing packages.

This does mean the CSV parser format has a new column that specifies the ecosystem version, in case you're using a custom ecosystem.

What's Changed

  • compare versions using ecosystem-specific semantics (#157)

Full Changelog: v0.8.0...v0.9.0

Loading

v0.8.0

08 Oct 21:29
@github-actions github-actions
v0.8.0
9bfcd15
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.8.0

What's Changed

  • support parsing poetry.lock, for Python (#156)
  • support parsing pubspec.lock, for Dart (#159)

Full Changelog: v0.7.2...v0.8.0

Loading