github google/osv-scanner v1.9.0
on GitHub

6 hours ago

What's Changed

Features:

  • Feature #1243 Allow explicitly ignoring the license of a package in config with license.ignore = true.
  • Feature #1249 Error if configuration file has unknown properties.
  • Feature #1271 Assume .txt files with "requirements" in their name are requirements.txt files

Fixes:

  • Bug #1242 Announce when a config file is invalid and exit with a non-zero code.
  • Bug #1241 Display (no reason given) when there is no reason in the override config.
  • Bug #1252 Don't allow LoadPath to be set via config file.
  • Bug #1279 Report all ecosystems without local databases in one single line.
  • Bug #1283 Output invalid PURLs when scanning SBOMs.
  • Bug #1278 Apply go version override to all instances of the stdlib.

Misc:

  • #1253 Deprecate ParseX() functions in pkg/lockfile in favor of their Extract equivalents.
  • #1290 Bump maximum number of concurrent requests to the OSV.dev API.

Full Changelog: v1.8.5...v1.9.0

Check out latest releases or
releases around google/osv-scanner v1.9.0

Don't miss a new osv-scanner release

NewReleases is sending notifications on new releases.

Get notifications