Releases: coinbase/salus
2.17.6 (2022-04-05)
Changed
#554 - Upgraded Go and Gosec
2.17.5 (2021-03-23)
Added
#567 Expanded Package Version Scanner to support blocking specific package versions.
#571 Package Version Scanner now supports Ruby (RubyPackageScanner).
#569 Package Version Scanner now supports Go (GoPackageScanner).
Package Version Scanner Documentation.
Changed
#567 - Bug fix for base package scanner class.
2.17.4 (2022-03-21)
Added
#563 Gradle CVE Scanner
#564 Python CVE Scanner
Changed
#563 Modified shell command used by Gradle Dependency Reporter.
2.17.3 (2021-03-10)
Added
#558 Golang CVE Scanner using OSV Database.
#562 Maven CVE Scanner using OSV Database.
Changed
#565 Update Golang Dependency Reporter to use a common parser.
#562 Update Maven Dependency Reporter to use a common parser.
2.17.2 (2021-02-25)
Added
545 - Configuration parameter include_dev_deps now supported for node modules. CycloneDX scope parameter added
549 - Cascade configuration support for array override logic
Changed
552 - Insures all transitive dependencies are reported for NPM
550 - Updates to CycloneDX format for Dependency Track ingestion
2.17.1 (2022-02-15)
2.17.0 (2022-01-20)
New language versions scanners, concurrent scanning, bug fixes bundler update
Added
#485
Allow production option to npm audit command
#491
Update unit tests
#491
add line of code for bundle audit CVEs
#492
upgrade bundler to 2.3.1
#493
Add a new scanner for checking language version
#503
Support for files and not-followed-within in PatternSearch config
#508
add bugsnag logging if scanner_config has unexpected type
#512
Concurrent Scanning
#513
Set the Release Stage of Bugsnag based on a SALUS_ENVIRONMENT Envar
#515
upgrade bundler to 2.3.1 in Dockerfile
Fixed
#484
Add details for config.yaml error
#487
Fix CycloneDX error
#506
Fix typos
#506
Prevent NPMAudit From Adding Allowlisted Vulns to the SARIF Results List
#509
fix incorrect rule indexes for diff'd vuls
#514
Fix warning related SCANNERS constant
