v1.9.2

Changelog

• 1e9fae0 Added usage evidence in summary and CSV report (#341)
• a47764a Ensure code DB path exists & exclude patterns option (#345)
• 08b5f61 Implemented code scan command for building sqlite storage with code analysis data (#326)
• 89a6233 Integrated depsusage data prepared by code analysis and report unused deps in summary (#336)
• 45915b8 Merge pull request #321 from safedep/feat/revamp-code-analysis-system
• 9ffed8f Update scorecard.yml (#330)
• d6d3ea8 chore: Add sqlite3 dependency
• e34ef28 chore: Dependency upgrades (#324)
• ccc7712 feat: Add contract for code scanner and repository
• e98690c feat: Add ent as the ORM for storage
• 6d9af94 feat: Add ent sqlite3 based storage driver
• 0701766 feat: Deprecate legacy code analysis command
• bc7773d fix: Ensure version is available for sync reporter (#335)

v1.9.1

Changelog

• 2354b4a fix: Improve markdown summary report to make malware analysis section collapsable (#313)

v1.9.0

Changelog

• 01396c1 Minor bugfix to handle cases where the package name doesn't resolve properly (#305)
• 2c92368 feat: Add Malysis Integration at Scan Phase (#309)

v1.8.11

Changelog

• 6b050fe Add support for spdx expression (#304)

v1.8.10

Changelog

• 3fab469 chore: Render malysis report URL in console (#302)
• 141e984 feat: Add SLSA tag in summary report when available (#301)

v1.8.9

Changelog

• 7daa072 feat: Integrate with SafeDep Malware Analysis Service (#299)

v1.8.8

Changelog

• d98075e fix: Handle package.json when only devDependencies present (#298)
• 6575029 fix: PURL handling for manifest (#297)

v1.8.7

Changelog

• 7535652 Merge pull request #295 from AmalChandru/feat/update-to-latest-column
• 5ef1638 Merge pull request #296 from safedep/fix/rubygems-project-json-report
• 19aa34e feat(reporter): rename column 'Update To' to 'Latest'
• 31da7ee fix: RubyGems JSON report project URL handling

v1.8.6

Changelog

• 0186904 Merge pull request #291 from AmalChandru/docs/update-tree-sitter-link-code-analysis
• 1101fda Merge pull request #294 from safedep/feat/293-pkg-insight-json-report-spec
• f02786f feat: Add project info in JSON report

v1.8.5

Changelog

• 4d5bbff Merge pull request #288 from AmalChandru/docs/fix-broken-link-policy-as-code
• 041dd15 Merge pull request #289 from safedep/feat/package-json-parser
• 2333893 feat: Add support for package.json parsing with approximate semver resolution