v0.11.0
Changelog for poutine
v0.11.0 π
New Features π
- GitHub Actions Security: Added detection for the usage of GitHub Actions debug variables. (#88)
- Vulnerability Scanning: Introduced provider-level vulnerability scanning. A draft version of Gitlab on-premise / GitHub Enterprise CVE checks. (#90)
- GitHub Pages Documentation: Launched Hugo geekdoc theme and added rendering and deployment for GitHub Pages documentation. Documentation can be found at https://boostsecurityio.github.io/poutine/ (#91, #92)
Improvements π§
- Enhanced
--scm-base-url
option to be more robust, more lenient to different formats. (#95) - Updated GitHub Action workflow configurations for improved path handling. (#96)
- Improved documentation links to point to GitHub Pages and updated README. (#97, #103)
- Enhanced enumeration in
GetOrgRepos
for more accurate GitHub organization repository listings. (#118)
Fixes π οΈ
- Improved version range detection in CVE database. (#116)
- Fixed issues with
debug_enabled
flag on steps and improved error handling. (#117) - Various improvements to Git error handling, including trimming whitespace and redacting tokens in errors. (#120, #121)
Dependency Updates β¬οΈ
- Multiple dependencies have been updated to their latest versions, improving security and stability:
- Actions and GitHub Integrations: Updated
actions/create-github-app-token
,actions/setup-go
,goreleaser/goreleaser-action
,github/codeql-action
, and more. (PRs #104 to #108) - Go Libraries: Updated
github.com/rs/zerolog
,github.com/package-url/packageurl-go
,github.com/hashicorp/go-version
,github.com/schollz/progressbar/v3
,github.com/open-policy-agent/opa
, and others. (PRs #109 to #113, #111)
- Actions and GitHub Integrations: Updated
Contributions π€
Full Changelog π
For a detailed diff, see the full changelog.