Skip to content

Releases: DataDog/datadog-sbom-generator

v1.17.0

15 Jun 11:57
@github-actions github-actions
v1.17.0
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
dbfb2c7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.17.0 Pre-release
Pre-release

Changelog

  • dbfb2c7 feat(sbomgen): add HopCount to BuildFileRelations.Dependencies (#163)
  • ccede4e Python build file tree support for Code Intelligence (#160)
Loading

v1.15.0

22 May 14:12
@github-actions github-actions
v1.15.0
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
6de7f5e
This commit was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.15.0 Latest
Latest

Changelog

  • 6de7f5e feat(lockfile): set LocationRole=lockfile in all extractors that set BlockLocation
  • abb10ec fix(javascript): fix matcher dev-dep skipping when BlockLocation set from lockfile
  • 332bb45 test: regenerate integration snapshots after rebase onto main (#141)
  • 422f8d1 test(swift): update Package.resolved tests with BlockLocation assertions
  • 443c857 feat(swift): add BlockLocation to Package.resolved extractor
  • 93f333e test: update snapshots and fix lint warnings in BlockLocation tests
  • 729fa47 test(lockfile): update yarn-lock tests with BlockLocation assertions
  • bcf0f2f feat(lockfile): add BlockLocation to yarn-lock extractor
  • ae7573b test(lockfile): update pnpm-lock tests with BlockLocation assertions
  • 1e96bc1 feat(lockfile): add BlockLocation to pnpm-lock extractor
  • b8297eb test(lockfile): update pubspec-lock tests with BlockLocation assertions
  • 69a3de0 feat(lockfile): add BlockLocation to pubspec-lock extractor
  • 482fe15 test(lockfile): update gradle-verification-metadata tests with BlockLocation assertions
  • 8ef27f6 feat(lockfile): add BlockLocation to gradle-verification-metadata extractor
  • a3baff7 test(lockfile): update conan-lock tests with BlockLocation assertions
  • f338914 Add BlockLocation to conan-lock extractor for both V1 and V2 formats
  • 9149d28 test(lockfile): update nuget-lock tests with BlockLocation assertions
  • 7296b0b feat(lockfile): add BlockLocation to nuget-lock extractor
  • 2f1a51e test(lockfile): update renv-lock tests with BlockLocation assertions
  • e55e469 feat(lockfile): add BlockLocation to renv-lock extractor
  • f89f655 test(lockfile): update pipenv-lock tests with BlockLocation assertions
  • 9b7ccdc feat(lockfile): add BlockLocation to pipenv-lock extractor
  • 39aa610 Add BlockLocation test and update composer-lock test expectations
  • 862fbf5 Set BlockLocation for all packages in composer-lock extractor
  • 9aa6654 Add BlockLocation test and update uv-lock test expectations
  • e0075a7 Set BlockLocation for all packages in uv-lock extractor
  • 75598d4 Add BlockLocation test and update pdm-lock test expectations
  • 5c1f641 Set BlockLocation for all packages in pdm-lock extractor
  • 1e3b05a Add BlockLocation test and update poetry-lock test expectations
  • 65a1cfb Set BlockLocation for all packages in poetry-lock extractor
  • 4d5cee6 Add BlockLocation test and update cargo-lock test expectations
  • 6334a96 Set BlockLocation for all packages in cargo-lock extractor
  • 8154edf Add BlockLocation test and update gemfile-lock test expectations
  • 788fd2e Set BlockLocation for all packages in gemfile-lock extractor
  • 853e085 Add BlockLocation test and update mix-lock test expectations
  • de87ba8 Set BlockLocation for all packages in mix-lock extractor
  • 145c985 Add BlockLocation assertion test for gradle-lock extractor
  • 71bfb28 Set BlockLocation for all packages in gradle-lock extractor
Assets 10
Loading

v1.14.0

19 May 14:32
@github-actions github-actions
v1.14.0
This tag was signed with the committer’s verified signature.
rjcoulter22 Ryan Coulter
SSH Key Fingerprint: hsRx669k5WvHplorTutdUqdJs1TMRhBwJKLzLXIcOmo
Verified
Learn about vigilant mode.
f974cc1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.14.0

Changelog

  • f974cc1 [K9VULN-14776] Manifest-only cleanup (#153)
  • d0a5e34 [K9VULN-14776] Emit manifest metadata for range resolution (#151)
Loading

v1.13.1

15 May 17:50
@github-actions github-actions
v1.13.1
This tag was signed with the committer’s verified signature.
rjcoulter22 Ryan Coulter
SSH Key Fingerprint: hsRx669k5WvHplorTutdUqdJs1TMRhBwJKLzLXIcOmo
Verified
Learn about vigilant mode.
3ce0b13
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.13.1

Changelog

  • 3ce0b13 Revert "feat(lockfile): add BlockLocation + LocationRole=lockfile to npm-lock…" (#152)
  • 000c461 Add package.json extractor for lockfile-less JS projects (#126)
  • 5f634ac Executing automated changes (#131)
Loading

v1.13.0

14 May 12:57
@github-actions github-actions
v1.13.0
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
bfdde38
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.13.0 Pre-release
Pre-release

Changelog

  • bfdde38 Add MANIFEST.MF fallback parser for JARs without pom.properties (#150)
  • 04ee611 [K9VULN-14431] Add Bun lockfile parser (#144)
  • 153b51a test(lockfile): add invariant — LocationRole must be set when BlockLocation is valid (#149)
Loading

v1.12.0

12 May 07:28
@github-actions github-actions
v1.12.0
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
f587d35
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.12.0 Pre-release
Pre-release

Changelog

  • f587d35 feat(lockfile): add BlockLocation + LocationRole=lockfile to npm-lock (pilot) (#141)
Loading

v1.11.3

07 May 19:52
@github-actions github-actions
v1.11.3
f6c4fab
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.11.3

Changelog

  • f6c4fab Fix requirements.txt parser mishandling the === (PEP 440 arbitrary equality) operator (#143)
  • 5ec4241 Add Swift Package Manager parser for Package.swift/resolved (#139)
Loading

v1.11.2

06 May 19:56
@github-actions github-actions
v1.11.2
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
1601d31
This commit was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.11.2

Changelog

  • 1601d31 Fix snapshot line endings broken during rebase conflict resolution
  • 8ef14af Fix Package.swift matcher column positions and emit locations
  • 8099a8f Add Swift Package Manager parser for Package.resolved v1/v2/v3 with Package.swift matcher
  • 72ad328 Add Swift PackageManager constant and purl support
  • a6fc9f1 Wire LocationRoleManifest through scanner and update test fixtures
Loading

v1.11.1

11 May 13:14
@github-actions github-actions
v1.11.1
This tag was signed with the committer’s verified signature.
anderruiz Ander Ruiz Ayesta
SSH Key Fingerprint: LR33sx1f80knyZNN8SiR2bErKvj63AL7Bxnr4pN4hBY
Verified
Learn about vigilant mode.
dd4f53a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.11.1

Changelog

  • dd4f53a Add Role field to PackageLocation for manifest vs lockfile distinction (#138)
Loading

v1.11.0

28 Apr 20:14
@github-actions github-actions
v1.11.0
This tag was signed with the committer’s verified signature.
rjcoulter22 Ryan Coulter
SSH Key Fingerprint: hsRx669k5WvHplorTutdUqdJs1TMRhBwJKLzLXIcOmo
Verified
Learn about vigilant mode.
b1d8d61
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.11.0

Changelog

  • b1d8d61 [K9VULN-13516] Add opt-in pyproject.toml extractor for lockfile-less Python projects (#137)
  • 7dec2e8 Set IsDirect=true on JAR pom.properties parser output (#128)
Loading