What's Changed
Features
- Closes #367
- Automatic 1.4 mode for dependency track users
- Performs automatic deep SBoM validation for 1.4 and 1.5 specs by default. Validates the various purls and refs.
Bug Fixes
BREAKING CHANGES
@types
packages are no longer excluded for npm. This legacy feature had existed to reduce false positives with SCA tools.
Known issues
Special thanks
@ajmalab @heubeck @cerrussell @anthonyharrison and more
Full Changelog: v9.1.1...v9.2.0