Releases: aboutcode-org/vulnerablecode
Releases · aboutcode-org/vulnerablecode
v34.1.0
What's Changed
- Bump django from 4.2.15 to 4.2.16 by @dependabot in #1608
- Bump fetchcode from v0.3.0 to v0.6.0 by @keshav-space in #1607
- Use 4-tier system for storing package metadata by @keshav-space in #1609
- Fix vers range crash by @pombredanne in #1598
- Add GitHub action to publish aboutcode.hashid PyPI by @keshav-space in #1615
- Segregate PackageRelatedVulnerability model to new models by @TG1999 in #1612
- Add documentation for new pipeline design by @keshav-space in #1621
- Fix 500 error in /api/cpes endpoint by @keshav-space in #1629
- Migrate pysec importer to aboutcode pipeline by @keshav-space in #1628
- Avoid memory exhaustion during data migration by @keshav-space in #1630
- Add support for Calculating Risk in VulnerableCode by @ziadhany in #1593
- Bulk create in migrations by @TG1999 in #1640
- Update README.rst by @TG1999 in #1641
- Prepare for release v34.1.0 by @TG1999 in #1642
Full Changelog: v34.0.2...v34.1.0
Contributors
pombredanne, dependabot, and 3 other contributors
Assets 4
v34.0.2
What's Changed
- Migrate Npm importer to aboutcode pipeline by @keshav-space in #1574
- Use correct regex for CVE by @pombredanne in #1599
- Migrate Nginx importer to aboutcode pipeline by @keshav-space in #1575
- Migrate GitLab importer to aboutcode pipeline by @keshav-space in #1580
- Migrate GitHub importer to aboutcode pipeline by @keshav-space in #1584
- Migrate NVD importer to aboutcode pipeline by @keshav-space in #1587
- Match affected and fixed-by Packages by @johnmhoran in #1528
- Add management command to commit exported data by @keshav-space in #1600
- Add support to Exploits model by @ziadhany in #1562
- Fix 500 Server Error with DRF browsable API and resolve blank Swagger API documentation by @keshav-space in #1603
- Release v34.0.2 by @TG1999 in #1604
- Bump VCIO version by @TG1999 in #1605
Full Changelog: v34.0.1...v34.0.2
Contributors
pombredanne, johnmhoran, and 3 other contributors
Assets 4
v34.0.1
v34.0.1
This tag was signed with the committer’s verified signature.
keshav-space
Keshav Priyadarshi
What's Changed
- Add improver pipeline to flag ghost packages #644 #917 #1395 by @keshav-space in #1533
- Add base pipeline for importers and migrate PyPa importer to aboutcode pipeline by @keshav-space in #1559
- Remove dupe Package.get_non_vulnerable_versions by @pombredanne in #1570
- Import data from GSD #706 by @ziadhany in #787
- Add curl advisories importer by @ambuj-1211 in #1439
- Update dependencies by @TG1999 in #1590
- Bump django from 4.2.0 to 4.2.15 by @dependabot in #1591
- Bump cryptography from 42.0.4 to 43.0.1 by @dependabot in #1582
- Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows by @dependabot in #1581
- Improve export command by @pombredanne in #1571
- Fix typo in Kev requests import by @ziadhany in #1594
- Prepare for release v34.0.1 by @TG1999 in #1595
- Bump upload-artifact to v4 by @keshav-space in #1596
New Contributors
- @ambuj-1211 made their first contribution in #1439
Full Changelog: v34.0.0...v34.0.1
Contributors
pombredanne, dependabot, and 4 other contributors
Assets 4
v34.0.0
What's Changed
- Add dates and changelog for packages and vulnerabilities by @TG1999 in #1310
- Package purl model updates by @TG1999 in #1368
- Create SUSE OVAL importer by @johnmhoran in #1085
- Add CWE support in the API by @ziadhany in #1116
- Fix package details view template by @TG1999 in #1384
- Add robots.txt by @TG1999 in #1382
- Fix issue 1385 by @TG1999 in #1386
- Fix 1387 by @TG1999 in #1389
- Prepare for release v34.0.0rc2 by @TG1999 in #1390
- Add license_url for GitHub Importer by @sdivyanshu90 in #1392
- Fix incorrect versions in GithubDataSource CVE by @shravankshenoy in #1399
- Improved code style and fixed typos by @michaelehab in #1157
- Bump univers to v30.11.0 by @TG1999 in #1401
- Fix Encoding Type in Fireeye Importer by @harsh098 in #1404
- Remove duplicated changelogs by @TG1999 in #1400
- Bump jinja2 from 3.1.1 to 3.1.3 by @dependabot in #1396
- Bump gitpython from 3.1.37 to 3.1.41 by @dependabot in #1391
- Bump cryptography from 41.0.6 to 42.0.0 by @dependabot in #1413
- Migrate ruby to new importers by @ziadhany in #799
- Add support for CVSS vectors display by @ziadhany in #1312
- Add support for all osv ecosystems by @ziadhany in #926
- Feat: Add CVE support to Snyk datasource by @shravankshenoy in #1405
- Add URL to the vulnerability and package details view in the API serializers by @TG1999 in #1423
- Bump cryptography from 42.0.0 to 42.0.4 by @dependabot in #1424
- Prepare for release v34.0.0rc3 by @TG1999 in #1426
- Revert "Remove duplicated changelogs" by @TG1999 in #1440
- Prepare for release v34.0.0rc4 by @TG1999 in #1441
- Update GitHub GraphQL import in vulntotal datasources by @poju3185 in #1445
- Added safetydb datasource by @OmkarPh in #1476
- Increase display width #1299 by @johnmhoran in #1483
- Bump urllib3 from 1.26.18 to 1.26.19 by @dependabot in #1488
- Bump zipp from 3.8.0 to 3.19.1 by @dependabot in #1505
- Bump certifi from 2023.7.22 to 2024.7.4 by @dependabot in #1503
- Bump requests from 2.31.0 to 2.32.0 by @dependabot in #1482
- Bump jinja2 from 3.1.3 to 3.1.4 by @dependabot in #1472
- Bump sqlparse from 0.4.4 to 0.5.0 by @dependabot in #1463
- Bump gunicorn from 20.1.0 to 22.0.0 by @dependabot in #1464
- Add a basic model for Known Exploited Vulnerabilities by @ziadhany in #1422
- use https.ok from HTTP package by @thebigbone in #1450
- Add basic UI template for API by @pombredanne in #1466
- Ingest Rust data through Github api by @shravankshenoy in #1427
- Add support for reference_type by @ziadhany in #1502
- Revert "Add support for reference_type" by @TG1999 in #1517
- Rename "Fixed by vulnerabilities" column by @johnmhoran in #1519
- Finish renaming the former 'Fixed by vulnerabilities' column by @johnmhoran in #1522
- Support Advisory Comparison in VulnTotal by @keshav-space in #1151
- Add support for reference_type by @TG1999 in #1518
- Add Support to EPSS by @ziadhany in #1481
- Export vulnerablecode-data by @ziadhany in #1206
- Improve performance of API calls #1538 by @pombredanne in #1547
- Add support to CVSSv4 & SSVC and import the data using vulnrichment by @ziadhany in #1484
- Release v34.0.0rc5 by @TG1999 in #1553
- Fix importer crash #1541 by @pombredanne in #1542
- Refactor GitlabDataSource to work with browser extension by @michaelehab in #1524
- Fix severity range by @TG1999 in #1567
- Make APIs more effiicnet and add tests for queries by @TG1999 in #1558
- Prepare for release v34.0.0 by @TG1999 in #1568
New Contributors
- @sdivyanshu90 made their first contribution in #1392
- @shravankshenoy made their first contribution in #1399
- @michaelehab made their first contribution in #1157
- @harsh098 made their first contribution in #1404
- @poju3185 made their first contribution in #1445
- @OmkarPh made their first contribution in #1476
- @thebigbone made their first contribution in #1450
Full Changelog: v33.6.5...v34.0.0
Contributors
pombredanne, johnmhoran, and 11 other contributors
Assets 4
v34.0.0rc4
What's Changed
- Add dates and changelog for packages and vulnerabilities by @TG1999 in #1310
- Package purl model updates by @TG1999 in #1368
- Create SUSE OVAL importer by @johnmhoran in #1085
- Add CWE support in the API by @ziadhany in #1116
- Fix package details view template by @TG1999 in #1384
- Add robots.txt by @TG1999 in #1382
- Fix issue 1385 by @TG1999 in #1386
- Fix 1387 by @TG1999 in #1389
- Prepare for release v34.0.0rc2 by @TG1999 in #1390
- Add license_url for GitHub Importer by @sdivyanshu90 in #1392
- Fix incorrect versions in GithubDataSource CVE by @shravankshenoy in #1399
- Improved code style and fixed typos by @michaelehab in #1157
- Bump univers to v30.11.0 by @TG1999 in #1401
- Fix Encoding Type in Fireeye Importer by @harsh098 in #1404
- Remove duplicated changelogs by @TG1999 in #1400
- Bump jinja2 from 3.1.1 to 3.1.3 by @dependabot in #1396
- Bump gitpython from 3.1.37 to 3.1.41 by @dependabot in #1391
- Bump cryptography from 41.0.6 to 42.0.0 by @dependabot in #1413
- Migrate ruby to new importers by @ziadhany in #799
- Add support for CVSS vectors display by @ziadhany in #1312
- Add support for all osv ecosystems by @ziadhany in #926
- Feat: Add CVE support to Snyk datasource by @shravankshenoy in #1405
- Add URL to the vulnerability and package details view in the API serializers by @TG1999 in #1423
- Bump cryptography from 42.0.0 to 42.0.4 by @dependabot in #1424
- Prepare for release v34.0.0rc3 by @TG1999 in #1426
- Revert "Remove duplicated changelogs" by @TG1999 in #1440
- Prepare for release v34.0.0rc4 by @TG1999 in #1441
New Contributors
- @sdivyanshu90 made their first contribution in #1392
- @harsh098 made their first contribution in #1404
Full Changelog: v33.6.5...v34.0.0rc4
Contributors
johnmhoran, harsh098, and 6 other contributors
Assets 4
v33.6.5
v33.6.4
What's Changed
- Add initial fixed-affected-matching work #1228 by @johnmhoran in #1249
- Bump cryptography from 41.0.4 to 41.0.6 by @dependabot in #1351
- Fix table borders in Vulnerability details UI #1356 by @johnmhoran in #1358
- Fix import runner process inferences by @TG1999 in #1360
- Fix debian OVAL importer by @TG1999 in #1361
- refactor file names to enable git clone on windows by @rabajaj0509 in #1132
- Add graph model diagrams #977 by @johnmhoran in #1350
- Add endpoint for purl lookup by @TG1999 in #1359
- Fix swagger API docs generation by @keshav-space in #1366
- Bump paramiko from 2.10.3 to 3.4.0 by @dependabot in #1369
- Drop package_managers in favour of fetchcode.package_versions by @keshav-space in #1354
- Update docker-compose.yml by @TG1999 in #1371
- Prepare for release v33.6.4 by @TG1999 in #1372
New Contributors
- @rabajaj0509 made their first contribution in #1132
Full Changelog: v33.6.3...v33.6.4
Contributors
rabajaj0509, johnmhoran, and 3 other contributors
Assets 4
v33.6.3
What's Changed
- Bump django from 4.1.10 to 4.1.13 by @dependabot in #1331
- Bump urllib3 from 1.26.17 to 1.26.18 by @dependabot in #1323
- Add RTD build configuration from skeleton by @AyanSinhaMahapatra in #1337
- Import data from OSS-Fuzz by @ziadhany in #897
- Do not create vulnerabilities for empty aliases by @TG1999 in #1334
- Mark advisories status according to NVD advisory by @TG1999 in #1232
- Add CWE support in all importers by @ziadhany in #1137
- Widen the RTD page #977 by @johnmhoran in #1339
- Fix search encoding issue by @TG1999 in #1343
- Add middleware to ban bytedance user agent by @TG1999 in #1347
- Prepare for release v33.6.3 by @TG1999 in #1348
Full Changelog: v33.6.2...v33.6.3
Contributors
johnmhoran, AyanSinhaMahapatra, and 3 other contributors
Assets 4
v33.6.2
What's Changed
- Bump cryptography from 41.0.3 to 41.0.4 by @dependabot in #1306
- Add note about CSRF_TRUSTED_ORIGINS by @Hritik14 in #1319
- Bump urllib3 from 1.26.9 to 1.26.17 by @dependabot in #1314
- Bump gitpython from 3.1.35 to 3.1.37 by @dependabot in #1321
- Add throttling rate for anon users by @TG1999 in #1328
- Add proper acknowledgements for NGI projects. Fixes #1325 by @armijnhemel in #1330
- Prepare for release v33.6.2 by @TG1999 in #1335
Full Changelog: v33.6.1...v33.6.2
Contributors
Hritik14, armijnhemel, and 2 other contributors