Due to a change in the data used for the curl data source, we're issuing a slightly out of band point release for users unable to use 3.2.
There are a number of checker updates to address false positives, new checkers, and other bug fixes and features as described below.
One commonly requested feature has made it into this release: generation of SBOMs. Please try it out and let us know where it can be improved!
What's Changed
- feat(checker): Added Mozilla Thunderbird checker by @metabiswadeep in #2429
- feat(checker): add dropbear checker by @ffontaine in #2452
- chore: update checkers table by @github-actions in #2454
- ci: Switching version of python used for long tests by @metabiswadeep in #2438
- feat(checker): add doxygen checker by @ffontaine in #2455
- feat(checker): add faad2 checker by @ffontaine in #2458
- feat(checker): add flac checker by @ffontaine in #2459
- feat(checker): Added qemu checker by @metabiswadeep in #2460
- feat(checker): Added kubernetes checker by @metabiswadeep in #2462
- chore: bump version to 3.2.1dev0 by @terriko in #2468
- chore: update checkers table by @github-actions in #2467
- docs: Add short new contributor tips for copying into pull requests by @terriko in #2466
- fix: Improve firefox checker pattern by @metabiswadeep in #2469
- chore: update spdx header by @github-actions in #2478
- ci: remove pdf tests from windows short tests by @DangerChamp in #2465
- fix: improve output of cve-scan github action for cve by @ayushthe1 in #2475
- ci(SBOM): better SBOM maintenance by @Molkree in #2481
- ci: test on Python 3.11 by @Molkree in #2419
- fix: gad_source error while updating cache by @b31ngd3v in #2484
- ci(js): update workflow for updating JS by @Molkree in #2479
- ci: add mypy for type checking by @Molkree in #2488
- fix(tests): use importlib_metadata.version on 3.7 by @Molkree in #2482
- chore: update js dependencies by @github-actions in #2491
- chore: update SBOM for Python 3.7 by @github-actions in #2506
- chore: update SBOM for Python 3.8 by @github-actions in #2505
- chore: update SBOM for Python 3.9 by @github-actions in #2503
- chore: update SBOM for Python 3.10 by @github-actions in #2502
- chore: update SBOM for Python 3.11 by @github-actions in #2504
- fix: encoding issues on Windows by @Molkree in #2499
- fix: improve sqlite pattern by @ffontaine in #2497
- fix: update cve count of mit.kerberos_5 by @b31ngd3v in #2531
- Let 'cve-bin-tool --version' return success by @raboof in #2524
- feat(checker): add capnproto checker by @ffontaine in #2510
- fix: fix false positives with filename patterns by @ffontaine in #2521
- fix: type for capnproto checker by @metabiswadeep in #2535
- chore: update SBOM for Python 3.8 by @github-actions in #2555
- chore: update SBOM for Python 3.7 by @github-actions in #2554
- chore: update SBOM for Python 3.11 by @github-actions in #2553
- chore: update SBOM for Python 3.10 by @github-actions in #2552
- chore: update SBOM for Python 3.9 by @github-actions in #2551
- chore: update checkers table by @github-actions in #2534
- fix: Fail more gracefully when pip --dry-run doesn't work by @metabiswadeep in #2476
- fix: fix recursively typo by @ffontaine in #2536
- ci: use linux cache since windows is broken by @terriko in #2558
- fix: test_update_flags and pdf encoding error by @terriko in #2557
- fix: replace space in test filename by @ffontaine in #2537
- fix: Remove LGTM badge by @metabiswadeep in #2561
- chore: update SBOM for Python 3.7 by @github-actions in #2572
- chore: update SBOM for Python 3.9 by @github-actions in #2571
- chore: update SBOM for Python 3.8 by @github-actions in #2570
- chore: update SBOM for Python 3.11 by @github-actions in #2569
- chore: update SBOM for Python 3.10 by @github-actions in #2568
- feat: add php language parser by @Rexbeast2 in #2567
- test: improve test_csv2cve_valid_file for future failures by @b31ngd3v in #2548
- docs: Docs claim that ar is installed by default on Windows by @metabiswadeep in #2496
- feat(cve_scanner): add vendor to affected by @ffontaine in #2512
- fix: commonmark no longer a dependency by @terriko in #2574
- test: Improve testing to include checkers that should not match by @metabiswadeep in #2560
- ci: extend windows timeouts by @terriko in #2578
- feat: Integration with NVD API 2.0 (#2542) by @anthonyharrison in #2562
- feat: Check database schema for cve_exploits table by @metabiswadeep in #2566
- feat(checker): add lxc checker by @ffontaine in #2538
- fix: improve gstreamer checker by @ffontaine in #2541
- fix: improve sudo checker by @ffontaine in #2527
- fix: improve openjpeg checker by @ffontaine in #2526
- fix: improve libarchive checker by @ffontaine in #2523
- fix: improve libjpeg-turbo checker by @ffontaine in #2514
- fix: improve systemd checker by @ffontaine in #2507
- feat(checker): add nasm checker by @ffontaine in #2470
- fix: improve icecast checker by @ffontaine in #2545
- fix: improve ftp checker by @ffontaine in #2544
- fix: Remove bogus comment by @metabiswadeep in #2585
- fix: improve logrotate checker by @ffontaine in #2528
- feat(checker): add msmtp checker by @ffontaine in #2588
- ci: removed windows-specific cache by @singh-anushka in #2587
- fix: xmlschema log msg by @ayushthe1 in #2546
- fix: improve libnss checker by @ffontaine in #2539
- fix: improve other_products by @ffontaine in #2579
- fix: improve avahi checker by @ffontaine in #2592
- fix: improve netpbm checker by @ffontaine in #2522
- fix: improve libsolv checker by @ffontaine in #2520
- chore: update checkers table by @github-actions in #2581
- fix: improve kerberos checker by @ffontaine in #2509
- fix: improve libvirt checker by @ffontaine in #2540
- chore: update SBOM for Python 3.8 by @github-actions in #2613
- chore: update SBOM for Python 3.7 by @github-actions in #2612
- chore: update SBOM for Python 3.9 by @github-actions in #2611
- chore: update SBOM for Python 3.11 by @github-actions in #2610
- chore: update SBOM for Python 3.10 by @github-actions in #2609
- fix: libjpeg-turbo not found in gimp by @metabiswadeep in #2606
- ci: fix running isort using pre-commit by @Molkree in #2618
- fix: improve dropbear checker by @ffontaine in #2590
- docs: updated test README.md by @rootxrishabh in #2616
- fix: Deprecation warnings by @metabiswadeep in #2620
- test: Improve usability of other_products test message by @metabiswadeep in #2605
- fix: improve tcpdump checker by @ffontaine in #2600
- docs: removed old version docs by @rootxrishabh in #2597
- docs: test README.md updated by @rootxrishabh in #2583
- fix: improve gcc checker by @ffontaine in #2513
- feat(checker): add sslh checker by @ffontaine in #2589
- fix: improve json-c checker by @ffontaine in #2516
- fix: improve test_json.py by @ffontaine in #2584
- fix: Make it possible to disable curl data source by @metabiswadeep in #2495
- fix: improve dnsmasq checker by @ffontaine in #2591
- fix: test_language_package fails by @metabiswadeep in #2626
- chore: update checkers table by @github-actions in #2624
- feat(checker): add libmatroska checker by @ffontaine in #2629
- fix: improve dbus checker by @ffontaine in #2627
- feat(checker): add libidn2 checker by @ffontaine in #2628
- docs: Explain recommended versions of python + linter concerns by @terriko in #2623
- chore: update checkers table by @github-actions in #2634
- feat(checker): add libass checker by @ffontaine in #2636
- feat(checker): add libraw checker by @ffontaine in #2635
- OSSF Scorecard(#1541) by @singh-anushka in #2615
- docs: Updated RELEASE.md by @rootxrishabh in #2602
- fix: improve nginx checker by @ffontaine in #2525
- fix: improve hostapd checker by @ffontaine in #2518
- fix: improve zlib checker by @ffontaine in #2517
- chore: update checkers table by @github-actions in #2638
- feat(checker): Added Dhcp client checker by @metabiswadeep in #2364
- fix: add PDF title to avoid show 'anonymous' in some PDF readers by @hcz017 in #2489
- chore: update checkers table by @github-actions in #2640
- fix: improve bind checker by @ffontaine in #2637
- fix: improve expat checker by @ffontaine in #2515
- fix: improve xml2 checker by @ffontaine in #2508
- build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2 by @dependabot in #2641
- ci: re-enabling disabled tests by @b31ngd3v in #2474
- feat(checker): add sdl by @ffontaine in #2662
- chore: update SBOM for Python 3.11 by @github-actions in #2656
- chore: update SBOM for Python 3.9 by @github-actions in #2660
- chore: update SBOM for Python 3.7 by @github-actions in #2659
- chore: update SBOM for Python 3.8 by @github-actions in #2658
- chore: update SBOM for Python 3.10 by @github-actions in #2657
- chore: update checkers table by @github-actions in #2663
- fix: wrong pip version slicing by @Rexbeast2 in #2608
- feat(checker): add botan by @ffontaine in #2661
- feat(checker): add modsecurity by @ffontaine in #2651
- feat(checker): add tcpreplay by @ffontaine in #2650
- feat(checker): add vorbis-tools by @ffontaine in #2648
- feat(checker): add raptor by @ffontaine in #2646
- feat(checker): add frr checker by @ffontaine in #2644
- fix: improve glibc checker by @ffontaine in #2500
- fix: improve product_not_present by @ffontaine in #2643
- fix: enable test_version_in_package_make_download by @b31ngd3v in #2490
- feat(checker): add picocom by @ffontaine in #2652
- feat(checker): add ipmitool by @ffontaine in #2645
- feat(checker): add speex by @ffontaine in #2647
- feat(checker): add rtmpdump by @ffontaine in #2649
- chore: update pre-commit config by @github-actions in #2413
- chore: update checkers table by @github-actions in #2664
- fix: improve dhclient checker and add dhcpd checker by @ffontaine in #2642
- docs: Modified MANUAL.md file by @rootxrishabh in #2575
- feat(checker): add rauc by @ffontaine in #2653
- chore: update checkers table by @github-actions in #2669
- chore: update checkers table by @github-actions in #2671
- fix: Any type in config.py by @Rexbeast2 in #2670
- feat(checker): add open-iscsi by @ffontaine in #2666
- chore: update checkers table by @github-actions in #2676
- chore: update SBOM for Python 3.8 by @github-actions in #2697
- chore: update SBOM for Python 3.9 by @github-actions in #2696
- chore: update SBOM for Python 3.10 by @github-actions in #2695
- chore: update SBOM for Python 3.7 by @github-actions in #2694
- chore: update SBOM for Python 3.11 by @github-actions in #2693
- fix: improve janus signature by @ffontaine in #2691
- fix: improve sqlite signature by @ffontaine in #2690
- fix: improve libsndfile signature by @ffontaine in #2689
- fix: improve gstreamer signature by @ffontaine in #2688
- fix: improve openssh signature by @ffontaine in #2684
- fix: improve node signature by @ffontaine in #2682
- fix: update tor signature by @ffontaine in #2681
- fix: drop Python 3.5 "compatibility function" by @ffontaine in #2703
- fix: improve seahorse checker by @ffontaine in #2704
- fix: updated type hints in error_handler.py(#2701) by @Xenon1019 in #2702
- docs: update architecture diagram by @terriko in #2706
- fix: improve bind checker by @ffontaine in #2710
- fix: improve putty checker by @ffontaine in #2709
- fix: improve ffmpeg checker by @ffontaine in #2708
- fix: improve wireshark checker by @ffontaine in #2705
- ci: skip scorecard runs on every push until error is fixed by @terriko in #2711
- chore: update SBOM for Python 3.8 by @github-actions in #2725
- chore: update SBOM for Python 3.9 by @github-actions in #2724
- chore: update SBOM for Python 3.7 by @github-actions in #2723
- chore: update SBOM for Python 3.10 by @github-actions in #2722
- chore: update SBOM for Python 3.11 by @github-actions in #2721
- feat(checker): add pcre2 by @ffontaine in #2718
- fix: improve make_condensed_from_download by @ffontaine in #2716
- fix: improve python checker by @ffontaine in #2712
- chore: update checkers table by @github-actions in #2728
- docs: Explain how to claim an issue by @terriko in #2727
- fix: improve apache checker by @ffontaine in #2730
- fix: improve nbd checker by @ffontaine in #2715
- fix: Cyclonedx does not read title case product names by @metabiswadeep in #2674
- ci: Change "Formatting" workflow name to "Update checkers table" by @galoget in #2729
- docs: NVD API KEY documentation by @Rexbeast2 in #2720
- fix: window short test offline flag by @Rexbeast2 in #2733
- feat(checker): add harfbuzz by @ffontaine in #2717
- docs: adding mypy to linters by @Rexbeast2 in #2692
- chore: update checkers table by @github-actions in #2744
- Fix docs: improve dates in contributor docs by @onuricen in #2742
- chore: update SBOM for Python 3.7 by @github-actions in #2752
- chore: update SBOM for Python 3.8 by @github-actions in #2753
- chore: update SBOM for Python 3.9 by @github-actions in #2751
- chore: update SBOM for Python 3.10 by @github-actions in #2750
- chore: update SBOM for Python 3.11 by @github-actions in #2749
- docs: offline mode by @Rexbeast2 in #2740
- fix: move linux HTML test by @Rexbeast2 in #2734
- chore: fix mypy errors in print_mode.py by @angelina-p09 in #2738
- Refactor: Update types syntax in cve_bin_too/*.py by @rudychung in #2392
- fix: improve ipmitool checker by @ffontaine in #2714
- feat(checker): add apparmor checker by @ffontaine in #2755
- test: windows longtests in test/test_cli.py::TestCLI::test_SBOM by @metabiswadeep in #2747
- chore: update checkers table by @github-actions in #2762
- chore: update SBOM for Python 3.7 by @github-actions in #2791
- chore: update SBOM for Python 3.8 by @github-actions in #2790
- chore: update SBOM for Python 3.9 by @github-actions in #2789
- chore: update SBOM for Python 3.10 by @github-actions in #2788
- chore: update SBOM for Python 3.11 by @github-actions in #2787
- ci: windows short tests database error (#2775) by @b31ngd3v in #2794
- fix(parser): handle multiple vendors in python by @ffontaine in #2796
- fix: don't follow symlink by @ffontaine in #2778
- fix: improve util-linux checker by @ffontaine in #2779
- ci: run windows test even when cached db is not present by @b31ngd3v in #2800
- fix: improve tcpdump checker by @ffontaine in #2759
- fix: remaining mypy errors in nvd_api.py #2764 #2767 by @tanuboddiharinath in #2771
- feat(checker): add linux_kernel by @ffontaine in #2754
- chore: update checkers table by @github-actions in #2805
- fix: remaining mypy errors in csv2cve.py by @michaelwknott in #2781
- test: treat missing other_products as an empty list by @metabiswadeep in #2776
- feat: import and export database as json (#2577) by @b31ngd3v in #2774
- test: add test for import export json by @b31ngd3v in #2808
- chore: update SBOM for Python 3.7 by @github-actions in #2815
- chore: update SBOM for Python 3.8 by @github-actions in #2813
- chore: update SBOM for Python 3.9 by @github-actions in #2816
- chore: update SBOM for Python 3.10 by @github-actions in #2814
- chore: update SBOM for Python 3.11 by @github-actions in #2812
- feat: Config generator by @Rexbeast2 in #2699
- Commented out schedule run option in export_data yaml by @AayushGithub in #2818
- feat(checker): add u-boot checker by @ffontaine in #2804
- chore: update checkers table by @github-actions in #2822
- ci: use yesterday's cached db if today's not available by @b31ngd3v in #2806
- chore: fix mypy errors in file output_engine/init.py by @angelina-p09 in #2783
- fix: export database ci by @b31ngd3v in #2807
- fix: fix long tests by @ffontaine in #2824
- ci: switch cache job to use a specific version of ubuntu by @b31ngd3v in #2823
- fix: update kexec-tools checker by @ffontaine in #2825
- chore: fixes most mypy errors in file output_engine/util.py by @angelina-p09 in #2785
- fix: improve hostapd checker by @ffontaine in #2772
- chore: update SBOM for Python 3.7 by @github-actions in #2831
- chore: update SBOM for Python 3.9 by @github-actions in #2830
- chore: update SBOM for Python 3.8 by @github-actions in #2829
- chore: update SBOM for Python 3.10 by @github-actions in #2828
- chore: update SBOM for Python 3.11 by @github-actions in #2827
- feat(checker): add pcre checker by @ffontaine in #2757
- feat: pull updates from mirror with
--use-mirrorflag by @b31ngd3v in #2811 - fix: improve png checker by @ffontaine in #2844
- fix: drop bolt checker by @ffontaine in #2837
- chore: update SBOM for Python 3.8 by @github-actions in #2861
- chore: update checkers table by @github-actions in #2834
- chore: update SBOM for Python 3.9 by @github-actions in #2860
- chore: update SBOM for Python 3.7 by @github-actions in #2859
- chore: update SBOM for Python 3.10 by @github-actions in #2858
- chore: update SBOM for Python 3.11 by @github-actions in #2857
- fix: -1 values were replaced with positive integer error codes (fixes #2838) by @bipinthecoder in #2839
- feat(checker): add kodi checker by @ffontaine in #2855
- fix: drop empty other_products by @ffontaine in #2832
- fix: improve tcpdump checker by @ffontaine in #2863
- feat(checker): add libmemcached checker by @ffontaine in #2862
- feat(checker): add opensc checker by @ffontaine in #2856
- feat(checker): add runc checker by @ffontaine in #2854
- feat(checker): add stellarium checker by @ffontaine in #2853
- fix: improve icu checker by @ffontaine in #2849
- fix: improve iptables checker by @ffontaine in #2847
- fix: improve libsndfile checker by @ffontaine in #2845
- fix: improve mdadm checker by @ffontaine in #2843
- fix: improve nano checker by @ffontaine in #2842
- feat(checker): add yasm checker by @ffontaine in #2852
- fix: improve pigz checker by @ffontaine in #2841
- fix: improve netpbm checker by @ffontaine in #2840
- fix: fix netkit_ftp checker by @ffontaine in #2835
- chore: update checkers table by @github-actions in #2867
- ci: increase timeouts, try specific ubuntu versions by @terriko in #2865
- fix: mypy errors in
output_engine/html.pyby @VishnuSanal in #2786 - fix: GAD source version parsing (#2793) by @b31ngd3v in #2809
- chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #2875
- feat: adding SBOM to package by @Rexbeast2 in #2810
- feat: add ceph checker by @Rexbeast2 in #2565
- feat(checker): add f2fs-tools checker by @ffontaine in #2780
- feat(checker): add zabbix checker by @ffontaine in #2836
- chore: update checkers table by @github-actions in #2880
- chore: update SBOM for Python 3.8 by @github-actions in #2887
- chore: update SBOM for Python 3.10 by @github-actions in #2886
- chore: update SBOM for Python 3.7 by @github-actions in #2885
- chore: update SBOM for Python 3.9 by @github-actions in #2884
- fix: temporarily disable failing ceph tests by @terriko in #2889
- feat: SBOM Generation (Fixes #1697) by @anthonyharrison in #2817
- chore: update SBOM for Python 3.11 by @github-actions in #2883
- ci: updated workflow configurations by @Ishaanj18 in #2879
- chore(deps): bump peter-evans/create-pull-request from 4 to 5 by @dependabot in #2890
- chore: update pre-commit config by @github-actions in #2758
- chore: update SBOM for Python 3.7 by @github-actions in #2898
- chore: update SBOM for Python 3.8 by @github-actions in #2897
- chore: update SBOM for Python 3.9 by @github-actions in #2896
- chore: update SBOM for Python 3.10 by @github-actions in #2894
- chore: update SBOM for Python 3.11 by @github-actions in #2895
- ci: linter upgrades (black, bandit, requirements.csv) by @terriko in #2902
- CI: Added json tests to "may fail" test job by @esiebomaj in #2868
- feat: human readable sbom integration by @jarebear6expepjozn6rakjq5iczi3irqwphcvb in #2893
- docs: fix broken links from MANUAL.md by @rudrakshkarpe in #2874
- docs: improve readme with nvd_api_key and workflow overview by @terriko in #2905
- chore: update SBOM for Python 3.8 by @github-actions in #2911
- chore: update SBOM for Python 3.9 by @github-actions in #2910
- chore: update SBOM for Python 3.7 by @github-actions in #2909
- chore: update SBOM for Python 3.11 by @github-actions in #2908
- chore: update SBOM for Python 3.10 by @github-actions in #2907
- fix(parser): multiple vendors for java by @metabiswadeep in #2802
- feat: perl language parser by @Rexbeast2 in #2614
- chore: update SBOM for Python 3.7 by @github-actions in #2938
- chore: update SBOM for Python 3.8 by @github-actions in #2937
- chore: update SBOM for Python 3.9 by @github-actions in #2936
- chore: update SBOM for Python 3.10 by @github-actions in #2934
- chore: update SBOM for Python 3.11 by @github-actions in #2935
- docs: fix image link in README.md by @stvml in #2940
- docs: Change readthedocs build from pdf to html by @stvml in #2944
- fix: handle data.tar.zst within deb archives by @stvml in #2946
- ci: force directory overwrite during cache mv by @terriko in #2952
- ci: "githubusercontent" added to allow.txt by @stvml in #2950
- fix: add timeout in NVD API 2.0 code by @stvml in #2953
- test: android apk format by @fil1n in #2881
- test: Test extracting .deb with zstd compression by @stvml in #2954
- feat(checker): new vim checker> by @stvml in #2958
- chore: update checkers table by @github-actions in #2965
- docs: add supported archive formats to readme by @stvml in #2966
- docs: add PyPI geo metrics script+docs by @stvml in #2967
- fix: curl datasource (#2977) by @b31ngd3v in #2984
- fix: drop empty other_products by @ffontaine in #2988
- chore: update SBOM for Python 3.8 by @github-actions in #2983
- chore: update SBOM for Python 3.9 by @github-actions in #2982
- chore: update SBOM for Python 3.7 by @github-actions in #2981
- chore: update SBOM for Python 3.10 by @github-actions in #2980
- chore: update SBOM for Python 3.11 by @github-actions in #2979
- feat: checker version "do not match" patterns by @metabiswadeep in #2777
- fix: improve proftpd checker by @ffontaine in #2990
- fix: improve libtiff checker by @ffontaine in #2985
- fix: improve pango checker by @ffontaine in #2986
- fix: update tcpdump checker by @ffontaine in #2972
- feat(checker): add bluez checker by @ffontaine in #2975
New Contributors
- @singh-anushka made their first contribution in #2587
- @rootxrishabh made their first contribution in #2616
- @hcz017 made their first contribution in #2489
- @Xenon1019 made their first contribution in #2702
- @galoget made their first contribution in #2729
- @onuricen made their first contribution in #2742
- @angelina-p09 made their first contribution in #2738
- @rudychung made their first contribution in #2392
- @tanuboddiharinath made their first contribution in #2771
- @michaelwknott made their first contribution in #2781
- @AayushGithub made their first contribution in #2818
- @bipinthecoder made their first contribution in #2839
- @VishnuSanal made their first contribution in #2786
- @Ishaanj18 made their first contribution in #2879
- @esiebomaj made their first contribution in #2868
- @jarebear6expepjozn6rakjq5iczi3irqwphcvb made their first contribution in #2893
- @rudrakshkarpe made their first contribution in #2874
- @stvml made their first contribution in #2940
- @fil1n made their first contribution in #2881
Full Changelog: v3.2...v3.2.1rc0
What's Changed
- feat(checker): Added Mozilla Thunderbird checker by @metabiswadeep in #2429
- feat(checker): add dropbear checker by @ffontaine in #2452
- chore: update checkers table by @github-actions in #2454
- ci: Switching version of python used for long tests by @metabiswadeep in #2438
- feat(checker): add doxygen checker by @ffontaine in #2455
- feat(checker): add faad2 checker by @ffontaine in #2458
- feat(checker): add flac checker by @ffontaine in #2459
- feat(checker): Added qemu checker by @metabiswadeep in #2460
- feat(checker): Added kubernetes checker by @metabiswadeep in #2462
- chore: bump version to 3.2.1dev0 by @terriko in #2468
- chore: update checkers table by @github-actions in #2467
- docs: Add short new contributor tips for copying into pull requests by @terriko in #2466
- fix: Improve firefox checker pattern by @metabiswadeep in #2469
- chore: update spdx header by @github-actions in #2478
- ci: remove pdf tests from windows short tests by @DangerChamp in #2465
- fix: improve output of cve-scan github action for cve by @ayushthe1 in #2475
- ci(SBOM): better SBOM maintenance by @Molkree in #2481
- ci: test on Python 3.11 by @Molkree in #2419
- fix: gad_source error while updating cache by @b31ngd3v in #2484
- ci(js): update workflow for updating JS by @Molkree in #2479
- ci: add mypy for type checking by @Molkree in #2488
- fix(tests): use importlib_metadata.version on 3.7 by @Molkree in #2482
- chore: update js dependencies by @github-actions in #2491
- chore: update SBOM for Python 3.7 by @github-actions in #2506
- chore: update SBOM for Python 3.8 by @github-actions in #2505
- chore: update SBOM for Python 3.9 by @github-actions in #2503
- chore: update SBOM for Python 3.10 by @github-actions in #2502
- chore: update SBOM for Python 3.11 by @github-actions in #2504
- fix: encoding issues on Windows by @Molkree in #2499
- fix: improve sqlite pattern by @ffontaine in #2497
- fix: update cve count of mit.kerberos_5 by @b31ngd3v in #2531
- Let 'cve-bin-tool --version' return success by @raboof in #2524
- feat(checker): add capnproto checker by @ffontaine in #2510
- fix: fix false positives with filename patterns by @ffontaine in #2521
- fix: type for capnproto checker by @metabiswadeep in #2535
- chore: update SBOM for Python 3.8 by @github-actions in #2555
- chore: update SBOM for Python 3.7 by @github-actions in #2554
- chore: update SBOM for Python 3.11 by @github-actions in #2553
- chore: update SBOM for Python 3.10 by @github-actions in #2552
- chore: update SBOM for Python 3.9 by @github-actions in #2551
- chore: update checkers table by @github-actions in #2534
- fix: Fail more gracefully when pip --dry-run doesn't work by @metabiswadeep in #2476
- fix: fix recursively typo by @ffontaine in #2536
- ci: use linux cache since windows is broken by @terriko in #2558
- fix: test_update_flags and pdf encoding error by @terriko in #2557
- fix: replace space in test filename by @ffontaine in #2537
- fix: Remove LGTM badge by @metabiswadeep in #2561
- chore: update SBOM for Python 3.7 by @github-actions in #2572
- chore: update SBOM for Python 3.9 by @github-actions in #2571
- chore: update SBOM for Python 3.8 by @github-actions in #2570
- chore: update SBOM for Python 3.11 by @github-actions in #2569
- chore: update SBOM for Python 3.10 by @github-actions in #2568
- feat: add php language parser by @Rexbeast2 in #2567
- test: improve test_csv2cve_valid_file for future failures by @b31ngd3v in #2548
- docs: Docs claim that ar is installed by default on Windows by @metabiswadeep in #2496
- feat(cve_scanner): add vendor to affected by @ffontaine in #2512
- fix: commonmark no longer a dependency by @terriko in #2574
- test: Improve testing to include checkers that should not match by @metabiswadeep in #2560
- ci: extend windows timeouts by @terriko in #2578
- feat: Integration with NVD API 2.0 (#2542) by @anthonyharrison in #2562
- feat: Check database schema for cve_exploits table by @metabiswadeep in #2566
- feat(checker): add lxc checker by @ffontaine in #2538
- fix: improve gstreamer checker by @ffontaine in #2541
- fix: improve sudo checker by @ffontaine in #2527
- fix: improve openjpeg checker by @ffontaine in #2526
- fix: improve libarchive checker by @ffontaine in #2523
- fix: improve libjpeg-turbo checker by @ffontaine in #2514
- fix: improve systemd checker by @ffontaine in #2507
- feat(checker): add nasm checker by @ffontaine in #2470
- fix: improve icecast checker by @ffontaine in #2545
- fix: improve ftp checker by @ffontaine in #2544
- fix: Remove bogus comment by @metabiswadeep in #2585
- fix: improve logrotate checker by @ffontaine in #2528
- feat(checker): add msmtp checker by @ffontaine in #2588
- ci: removed windows-specific cache by @singh-anushka in #2587
- fix: xmlschema log msg by @ayushthe1 in #2546
- fix: improve libnss checker by @ffontaine in #2539
- fix: improve other_products by @ffontaine in #2579
- fix: improve avahi checker by @ffontaine in #2592
- fix: improve netpbm checker by @ffontaine in #2522
- fix: improve libsolv checker by @ffontaine in #2520
- chore: update checkers table by @github-actions in #2581
- fix: improve kerberos checker by @ffontaine in #2509
- fix: improve libvirt checker by @ffontaine in #2540
- chore: update SBOM for Python 3.8 by @github-actions in #2613
- chore: update SBOM for Python 3.7 by @github-actions in #2612
- chore: update SBOM for Python 3.9 by @github-actions in #2611
- chore: update SBOM for Python 3.11 by @github-actions in #2610
- chore: update SBOM for Python 3.10 by @github-actions in #2609
- fix: libjpeg-turbo not found in gimp by @metabiswadeep in #2606
- ci: fix running isort using pre-commit by @Molkree in #2618
- fix: improve dropbear checker by @ffontaine in #2590
- docs: updated test README.md by @rootxrishabh in #2616
- fix: Deprecation warnings by @metabiswadeep in #2620
- test: Improve usability of other_products test message by @metabiswadeep in #2605
- fix: improve tcpdump checker by @ffontaine in #2600
- docs: removed old version docs by @rootxrishabh in #2597
- docs: test README.md updated by @rootxrishabh in #2583
- fix: improve gcc checker by @ffontaine in #2513
- feat(checker): add sslh checker by @ffontaine in #2589
- fix: improve json-c checker by @ffontaine in #2516
- fix: improve test_json.py by @ffontaine in #2584
- fix: Make it possible to disable curl data source by @metabiswadeep in #2495
- fix: improve dnsmasq checker by @ffontaine in #2591
- fix: test_language_package fails by @metabiswadeep in #2626
- chore: update checkers table by @github-actions in #2624
- feat(checker): add libmatroska checker by @ffontaine in #2629
- fix: improve dbus checker by @ffontaine in #2627
- feat(checker): add libidn2 checker by @ffontaine in #2628
- docs: Explain recommended versions of python + linter concerns by @terriko in #2623
- chore: update checkers table by @github-actions in #2634
- feat(checker): add libass checker by @ffontaine in #2636
- feat(checker): add libraw checker by @ffontaine in #2635
- OSSF Scorecard(#1541) by @singh-anushka in #2615
- docs: Updated RELEASE.md by @rootxrishabh in #2602
- fix: improve nginx checker by @ffontaine in #2525
- fix: improve hostapd checker by @ffontaine in #2518
- fix: improve zlib checker by @ffontaine in #2517
- chore: update checkers table by @github-actions in #2638
- feat(checker): Added Dhcp client checker by @metabiswadeep in #2364
- fix: add PDF title to avoid show 'anonymous' in some PDF readers by @hcz017 in #2489
- chore: update checkers table by @github-actions in #2640
- fix: improve bind checker by @ffontaine in #2637
- fix: improve expat checker by @ffontaine in #2515
- fix: improve xml2 checker by @ffontaine in #2508
- build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2 by @dependabot in #2641
- ci: re-enabling disabled tests by @b31ngd3v in #2474
- feat(checker): add sdl by @ffontaine in #2662
- chore: update SBOM for Python 3.11 by @github-actions in #2656
- chore: update SBOM for Python 3.9 by @github-actions in #2660
- chore: update SBOM for Python 3.7 by @github-actions in #2659
- chore: update SBOM for Python 3.8 by @github-actions in #2658
- chore: update SBOM for Python 3.10 by @github-actions in #2657
- chore: update checkers table by @github-actions in #2663
- fix: wrong pip version slicing by @Rexbeast2 in #2608
- feat(checker): add botan by @ffontaine in #2661
- feat(checker): add modsecurity by @ffontaine in #2651
- feat(checker): add tcpreplay by @ffontaine in #2650
- feat(checker): add vorbis-tools by @ffontaine in #2648
- feat(checker): add raptor by @ffontaine in #2646
- feat(checker): add frr checker by @ffontaine in #2644
- fix: improve glibc checker by @ffontaine in #2500
- fix: improve product_not_present by @ffontaine in #2643
- fix: enable test_version_in_package_make_download by @b31ngd3v in #2490
- feat(checker): add picocom by @ffontaine in #2652
- feat(checker): add ipmitool by @ffontaine in #2645
- feat(checker): add speex by @ffontaine in #2647
- feat(checker): add rtmpdump by @ffontaine in #2649
- chore: update pre-commit config by @github-actions in #2413
- chore: update checkers table by @github-actions in #2664
- fix: improve dhclient checker and add dhcpd checker by @ffontaine in #2642
- docs: Modified MANUAL.md file by @rootxrishabh in #2575
- feat(checker): add rauc by @ffontaine in #2653
- chore: update checkers table by @github-actions in #2669
- chore: update checkers table by @github-actions in #2671
- fix: Any type in config.py by @Rexbeast2 in #2670
- feat(checker): add open-iscsi by @ffontaine in #2666
- chore: update checkers table by @github-actions in #2676
- chore: update SBOM for Python 3.8 by @github-actions in #2697
- chore: update SBOM for Python 3.9 by @github-actions in #2696
- chore: update SBOM for Python 3.10 by @github-actions in #2695
- chore: update SBOM for Python 3.7 by @github-actions in #2694
- chore: update SBOM for Python 3.11 by @github-actions in #2693
- fix: improve janus signature by @ffontaine in #2691
- fix: improve sqlite signature by @ffontaine in #2690
- fix: improve libsndfile signature by @ffontaine in #2689
- fix: improve gstreamer signature by @ffontaine in #2688
- fix: improve openssh signature by @ffontaine in #2684
- fix: improve node signature by @ffontaine in #2682
- fix: update tor signature by @ffontaine in #2681
- fix: drop Python 3.5 "compatibility function" by @ffontaine in #2703
- fix: improve seahorse checker by @ffontaine in #2704
- fix: updated type hints in error_handler.py(#2701) by @Xenon1019 in #2702
- docs: update architecture diagram by @terriko in #2706
- fix: improve bind checker by @ffontaine in #2710
- fix: improve putty checker by @ffontaine in #2709
- fix: improve ffmpeg checker by @ffontaine in #2708
- fix: improve wireshark checker by @ffontaine in #2705
- ci: skip scorecard runs on every push until error is fixed by @terriko in #2711
- chore: update SBOM for Python 3.8 by @github-actions in #2725
- chore: update SBOM for Python 3.9 by @github-actions in #2724
- chore: update SBOM for Python 3.7 by @github-actions in #2723
- chore: update SBOM for Python 3.10 by @github-actions in #2722
- chore: update SBOM for Python 3.11 by @github-actions in #2721
- feat(checker): add pcre2 by @ffontaine in #2718
- fix: improve make_condensed_from_download by @ffontaine in #2716
- fix: improve python checker by @ffontaine in #2712
- chore: update checkers table by @github-actions in #2728
- docs: Explain how to claim an issue by @terriko in #2727
- fix: improve apache checker by @ffontaine in #2730
- fix: improve nbd checker by @ffontaine in #2715
- fix: Cyclonedx does not read title case product names by @metabiswadeep in #2674
- ci: Change "Formatting" workflow name to "Update checkers table" by @galoget in #2729
- docs: NVD API KEY documentation by @Rexbeast2 in #2720
- fix: window short test offline flag by @Rexbeast2 in #2733
- feat(checker): add harfbuzz by @ffontaine in #2717
- docs: adding mypy to linters by @Rexbeast2 in #2692
- chore: update checkers table by @github-actions in #2744
- Fix docs: improve dates in contributor docs by @onuricen in #2742
- chore: update SBOM for Python 3.7 by @github-actions in #2752
- chore: update SBOM for Python 3.8 by @github-actions in #2753
- chore: update SBOM for Python 3.9 by @github-actions in #2751
- chore: update SBOM for Python 3.10 by @github-actions in #2750
- chore: update SBOM for Python 3.11 by @github-actions in #2749
- docs: offline mode by @Rexbeast2 in #2740
- fix: move linux HTML test by @Rexbeast2 in #2734
- chore: fix mypy errors in print_mode.py by @angelina-p09 in #2738
- Refactor: Update types syntax in cve_bin_too/*.py by @rudychung in #2392
- fix: improve ipmitool checker by @ffontaine in #2714
- feat(checker): add apparmor checker by @ffontaine in #2755
- test: windows longtests in test/test_cli.py::TestCLI::test_SBOM by @metabiswadeep in #2747
- chore: update checkers table by @github-actions in #2762
- chore: update SBOM for Python 3.7 by @github-actions in #2791
- chore: update SBOM for Python 3.8 by @github-actions in #2790
- chore: update SBOM for Python 3.9 by @github-actions in #2789
- chore: update SBOM for Python 3.10 by @github-actions in #2788
- chore: update SBOM for Python 3.11 by @github-actions in #2787
- ci: windows short tests database error (#2775) by @b31ngd3v in #2794
- fix(parser): handle multiple vendors in python by @ffontaine in #2796
- fix: don't follow symlink by @ffontaine in #2778
- fix: improve util-linux checker by @ffontaine in #2779
- ci: run windows test even when cached db is not present by @b31ngd3v in #2800
- fix: improve tcpdump checker by @ffontaine in #2759
- fix: remaining mypy errors in nvd_api.py #2764 #2767 by @tanuboddiharinath in #2771
- feat(checker): add linux_kernel by @ffontaine in #2754
- chore: update checkers table by @github-actions in #2805
- fix: remaining mypy errors in csv2cve.py by @michaelwknott in #2781
- test: treat missing other_products as an empty list by @metabiswadeep in #2776
- feat: import and export database as json (#2577) by @b31ngd3v in #2774
- test: add test for import export json by @b31ngd3v in #2808
- chore: update SBOM for Python 3.7 by @github-actions in #2815
- chore: update SBOM for Python 3.8 by @github-actions in #2813
- chore: update SBOM for Python 3.9 by @github-actions in #2816
- chore: update SBOM for Python 3.10 by @github-actions in #2814
- chore: update SBOM for Python 3.11 by @github-actions in #2812
- feat: Config generator by @Rexbeast2 in #2699
- Commented out schedule run option in export_data yaml by @AayushGithub in #2818
- feat(checker): add u-boot checker by @ffontaine in #2804
- chore: update checkers table by @github-actions in #2822
- ci: use yesterday's cached db if today's not available by @b31ngd3v in #2806
- chore: fix mypy errors in file output_engine/init.py by @angelina-p09 in #2783
- fix: export database ci by @b31ngd3v in #2807
- fix: fix long tests by @ffontaine in #2824
- ci: switch cache job to use a specific version of ubuntu by @b31ngd3v in #2823
- fix: update kexec-tools checker by @ffontaine in #2825
- chore: fixes most mypy errors in file output_engine/util.py by @angelina-p09 in #2785
- fix: improve hostapd checker by @ffontaine in #2772
- chore: update SBOM for Python 3.7 by @github-actions in #2831
- chore: update SBOM for Python 3.9 by @github-actions in #2830
- chore: update SBOM for Python 3.8 by @github-actions in #2829
- chore: update SBOM for Python 3.10 by @github-actions in #2828
- chore: update SBOM for Python 3.11 by @github-actions in #2827
- feat(checker): add pcre checker by @ffontaine in #2757
- feat: pull updates from mirror with
--use-mirrorflag by @b31ngd3v in #2811 - fix: improve png checker by @ffontaine in #2844
- fix: drop bolt checker by @ffontaine in #2837
- chore: update SBOM for Python 3.8 by @github-actions in #2861
- chore: update checkers table by @github-actions in #2834
- chore: update SBOM for Python 3.9 by @github-actions in #2860
- chore: update SBOM for Python 3.7 by @github-actions in #2859
- chore: update SBOM for Python 3.10 by @github-actions in #2858
- chore: update SBOM for Python 3.11 by @github-actions in #2857
- fix: -1 values were replaced with positive integer error codes (fixes #2838) by @bipinthecoder in #2839
- feat(checker): add kodi checker by @ffontaine in #2855
- fix: drop empty other_products by @ffontaine in #2832
- fix: improve tcpdump checker by @ffontaine in #2863
- feat(checker): add libmemcached checker by @ffontaine in #2862
- feat(checker): add opensc checker by @ffontaine in #2856
- feat(checker): add runc checker by @ffontaine in #2854
- feat(checker): add stellarium checker by @ffontaine in #2853
- fix: improve icu checker by @ffontaine in #2849
- fix: improve iptables checker by @ffontaine in #2847
- fix: improve libsndfile checker by @ffontaine in #2845
- fix: improve mdadm checker by @ffontaine in #2843
- fix: improve nano checker by @ffontaine in #2842
- feat(checker): add yasm checker by @ffontaine in #2852
- fix: improve pigz checker by @ffontaine in #2841
- fix: improve netpbm checker by @ffontaine in #2840
- fix: fix netkit_ftp checker by @ffontaine in #2835
- chore: update checkers table by @github-actions in #2867
- ci: increase timeouts, try specific ubuntu versions by @terriko in #2865
- fix: mypy errors in
output_engine/html.pyby @VishnuSanal in #2786 - fix: GAD source version parsing (#2793) by @b31ngd3v in #2809
- chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #2875
- feat: adding SBOM to package by @Rexbeast2 in #2810
- feat: add ceph checker by @Rexbeast2 in #2565
- feat(checker): add f2fs-tools checker by @ffontaine in #2780
- feat(checker): add zabbix checker by @ffontaine in #2836
- chore: update checkers table by @github-actions in #2880
- chore: update SBOM for Python 3.8 by @github-actions in #2887
- chore: update SBOM for Python 3.10 by @github-actions in #2886
- chore: update SBOM for Python 3.7 by @github-actions in #2885
- chore: update SBOM for Python 3.9 by @github-actions in #2884
- fix: temporarily disable failing ceph tests by @terriko in #2889
- feat: SBOM Generation (Fixes #1697) by @anthonyharrison in #2817
- chore: update SBOM for Python 3.11 by @github-actions in #2883
- ci: updated workflow configurations by @Ishaanj18 in #2879
- chore(deps): bump peter-evans/create-pull-request from 4 to 5 by @dependabot in #2890
- chore: update pre-commit config by @github-actions in #2758
- chore: update SBOM for Python 3.7 by @github-actions in #2898
- chore: update SBOM for Python 3.8 by @github-actions in #2897
- chore: update SBOM for Python 3.9 by @github-actions in #2896
- chore: update SBOM for Python 3.10 by @github-actions in #2894
- chore: update SBOM for Python 3.11 by @github-actions in #2895
- ci: linter upgrades (black, bandit, requirements.csv) by @terriko in #2902
- CI: Added json tests to "may fail" test job by @esiebomaj in #2868
- feat: human readable sbom integration by @jarebear6expepjozn6rakjq5iczi3irqwphcvb in #2893
- docs: fix broken links from MANUAL.md by @rudrakshkarpe in #2874
- docs: improve readme with nvd_api_key and workflow overview by @terriko in #2905
- chore: update SBOM for Python 3.8 by @github-actions in #2911
- chore: update SBOM for Python 3.9 by @github-actions in #2910
- chore: update SBOM for Python 3.7 by @github-actions in #2909
- chore: update SBOM for Python 3.11 by @github-actions in #2908
- chore: update SBOM for Python 3.10 by @github-actions in #2907
- fix(parser): multiple vendors for java by @metabiswadeep in #2802
- feat: perl language parser by @Rexbeast2 in #2614
- chore: update SBOM for Python 3.7 by @github-actions in #2938
- chore: update SBOM for Python 3.8 by @github-actions in #2937
- chore: update SBOM for Python 3.9 by @github-actions in #2936
- chore: update SBOM for Python 3.10 by @github-actions in #2934
- chore: update SBOM for Python 3.11 by @github-actions in #2935
- docs: fix image link in README.md by @stvml in #2940
- docs: Change readthedocs build from pdf to html by @stvml in #2944
- fix: handle data.tar.zst within deb archives by @stvml in #2946
- ci: force directory overwrite during cache mv by @terriko in #2952
- ci: "githubusercontent" added to allow.txt by @stvml in #2950
- fix: add timeout in NVD API 2.0 code by @stvml in #2953
- test: android apk format by @fil1n in #2881
- test: Test extracting .deb with zstd compression by @stvml in #2954
- feat(checker): new vim checker> by @stvml in #2958
- chore: update checkers table by @github-actions in #2965
- docs: add supported archive formats to readme by @stvml in #2966
- docs: add PyPI geo metrics script+docs by @stvml in #2967
- fix: curl datasource (#2977) by @b31ngd3v in #2984
- fix: drop empty other_products by @ffontaine in #2988
- chore: update SBOM for Python 3.8 by @github-actions in #2983
- chore: update SBOM for Python 3.9 by @github-actions in #2982
- chore: update SBOM for Python 3.7 by @github-actions in #2981
- chore: update SBOM for Python 3.10 by @github-actions in #2980
- chore: update SBOM for Python 3.11 by @github-actions in #2979
- feat: checker version "do not match" patterns by @metabiswadeep in #2777
- fix: improve proftpd checker by @ffontaine in #2990
- fix: improve libtiff checker by @ffontaine in #2985
- fix: improve pango checker by @ffontaine in #2986
- fix: update tcpdump checker by @ffontaine in #2972
- feat(checker): add bluez checker by @ffontaine in #2975
- chore: Change version to 3.2.1rc0 for pre-release by @terriko in #2995
- chore: update checkers table by @github-actions in #2994
New Contributors
- @singh-anushka made their first contribution in #2587
- @rootxrishabh made their first contribution in #2616
- @hcz017 made their first contribution in #2489
- @Xenon1019 made their first contribution in #2702
- @galoget made their first contribution in #2729
- @onuricen made their first contribution in #2742
- @angelina-p09 made their first contribution in #2738
- @rudychung made their first contribution in #2392
- @tanuboddiharinath made their first contribution in #2771
- @michaelwknott made their first contribution in #2781
- @AayushGithub made their first contribution in #2818
- @bipinthecoder made their first contribution in #2839
- @VishnuSanal made their first contribution in #2786
- @Ishaanj18 made their first contribution in #2879
- @esiebomaj made their first contribution in #2868
- @jarebear6expepjozn6rakjq5iczi3irqwphcvb made their first contribution in #2893
- @rudrakshkarpe made their first contribution in #2874
- @stvml made their first contribution in #2940
- @fil1n made their first contribution in #2881
Full Changelog: v3.2...v3.2.1rc0