Preview release for 3.2.
We're currently seeing an issue in our testing system where Windows systems are taking a long time to upgrade the database to store additional data source information. Windows users are particularly encouraged to try this pre-release to see if you have any issues!
When updating your database, make sure your NVD_API_KEY is set and you may have better results using -u now
to get a fresh database.
What's Changed
- fix: check return on re.search by @wyattearp in #1643
- chore: update pre-commit config by @github-actions in #1629
- refactor: add type hints in cvedb.py by @rhythmrx9 in #1603
- feat: add detailed flag (#781) by @XDRAGON2002 in #1588
- refactor: added type hints to csv2cve by @gaurav879 in #1636
- fix: broken quiet mode in main branch (#1587) by @b31ngd3v in #1648
- fix: improve excel macro filter (#1644) by @b31ngd3v in #1647
- fix: Improved debug output (fixes #1653) by @anthonyharrison in #1654
- chore: update pre-commit config by @github-actions in #1652
- fix: add debug statement if checkers didn't load (#1440) by @b31ngd3v in #1650
- docs: update checkers/README.md by @b31ngd3v in #1651
- test: Add Atheris fuzzing setup for cve-bin-tool by @terriko in #1661
- feat(checker): added jackson-databind checker (#1387) by @b31ngd3v in #1663
- fix: mismatch between cvedb.cve_count and nvd_api.total_results (#1669) by @b31ngd3v in #1670
- test:Updated libvncserver test by @gaurav879 in #1664
- feat: flag exploited cves (#1454) by @XDRAGON2002 in #1520
- test: add test for CLI output dependant on reportlab existence by @onyxcherry in #1641
- fix: add urllib3 explicitly to avoid CVEs by @terriko in #1628
- feat: add new checker pr template (#1268) by @b31ngd3v in #1671
- fix: broken test_console_output_depending_reportlab_existence (#1675) by @b31ngd3v in #1676
- refactor: helper script
filename
(#1351) by @b31ngd3v in #1672 - feat(checker): add Apache commons-compress checker (#1040) by @b31ngd3v in #1666
- refactor: add link to helper docs when alternate contains patterns by @snosratiershad in #1674
- fix: licence in setup.py (#1673) by @b31ngd3v in #1677
- feat: improve usability when --input_file is missing (#1649) by @b31ngd3v in #1668
- feat(checker): add rust checker by @b31ngd3v in #1679
- feat: console output to a file by @rhythmrx9 in #1632
- chore(deps): bump html5lib from 0.99 to 0.99999999 (#1686) by @b31ngd3v in #1687
- chore: update pre-commit config by @github-actions in #1680
- docs: multiline pattern issue in windows vs linux (#1678) by @b31ngd3v in #1685
- feat: add radare2 contains patterns by @snosratiershad in #1693
- fix: logger.warn() warning & test_output_vex test (#1691) by @M-Faheem-Khan in #1692
- fix: rpm extractor for windows by @b31ngd3v in #1696
- feat: add parser class(#1699) by @XDRAGON2002 in #1700
- feat: add multiline string finder in helper script by @b31ngd3v in #1690
- refactor(extractor): Prioritize 7z while extracting pkg files in windows by @yashugarg in #1689
- feat: Add options to import and export database (fixes #1655) by @anthonyharrison in #1656
- test(extractor): added tests for zst and pkg package extractors by @yashugarg in #1683
- docs: fix remote repo url by @b31ngd3v in #1715
- feat: Add mapping of vulnerable libraries to components (Fixed #1657) by @anthonyharrison in #1658
- docs: add checker instructions into Read the Docs build (#1703) by @b31ngd3v in #1716
- feat(checkers): Add polarssl fedora contains patterns by @snosratiershad in #1695
- refactor: use pathlib.Path instead of os.path by @b31ngd3v in #1714
- ci: bump
setup-python
version by @Molkree in #1711 - feat: add affected-versions to all formats (#1342) by @XDRAGON2002 in #1667
- test: added unit tests for format_checkers script by @yashugarg in #1709
- ci: use Dependabot to bump GitHub Actions by @Molkree in #1712
- chore(deps): bump peter-evans/create-pull-request from 3 to 4 by @dependabot in #1726
- chore(deps): bump actions/cache from 2 to 3 by @dependabot in #1727
- feat(checker): luajit checker by @ffontaine in #1705
- docs: fix file extension in package list scanning by @b31ngd3v in #1733
- fix(output_pdf): broken tests and mapping of libraries to components by @b31ngd3v in #1734
- refactor: cvedb structure and datasources by @rhythmrx9 in #1706
- test: unit tests for csv2cve.py by @yashugarg in #1737
- refactor(format_checkers): use pathlib instead of os.path (#1725) by @b31ngd3v in #1731
- refactor: switch to pathlib.Path in cvedb.py by @rhythmrx9 in #1751
- chore(deps): bump codecov/codecov-action from 2 to 3 by @dependabot in #1728
- test: Add triage to requirements test to address aiohttp disputed cve by @terriko in #1746
- test: unit tests for version.py by @yashugarg in #1739
- chore: update pre-commit config by @github-actions in #1732
- fix : Updated spdx_header.txt by @iamnandhu in #1762
- fix: update database before merging by @b31ngd3v in #1765
- chore(deps): bump actions/checkout from 2 to 3 by @dependabot in #1729
- fix: fix is_file call in test_scanner.py by @ffontaine in #1761
- ci: update year in spdx header automatically (#1753) by @b31ngd3v in #1763
- test(language_scanner): use scan_file() & add tests for python packages by @yashugarg in #1758
- feat: provide multiple output formats for a single scan (#1724) by @b31ngd3v in #1740
- fix: delete unnecessary file by @b31ngd3v in #1767
- fix: add luajit to documentation by @ffontaine in #1768
- refactor: refactor javascript parser (#1721) by @XDRAGON2002 in #1722
- test(scanner): unittest to cover make_condensed_from_download() by @yashugarg in #1770
- test(extractor): use all possible libraries to extract a file by @yashugarg in #1720
- refactor: refactor java parser (#1771) by @XDRAGON2002 in #1772
- chore(deps): bump github/codeql-action from 1 to 2 by @dependabot in #1730
- chore(deps): bump html5lib version for dependabot by @terriko in #1780
- fix(TestExtractFilePkg): avoid downloading files in tests by @b31ngd3v in #1784
- test: fix test_extract_file_cab_no_cabextract for windows by @yashugarg in #1788
- test: add intermediate report in output_html test by @yashugarg in #1778
- ci: add scan.coverity.com workflow by @terriko in #1789
- fix: doc build error by @b31ngd3v in #1796
- test(csv2cve): 5 new cves in haxx.curl by @terriko in #1791
- ci: set coverity build command to --no-command by @terriko in #1800
- refactor(test): remove ALLOWED_PACKAGES constant by @BreadGenie in #1782
- ci: raise timeout and change first cli call by @terriko in #1799
- ci: use coverity filesystem search by @terriko in #1805
- fix: fixed systemd checker version pattern by @yashugarg in #1801
- feat: add rust support (#1723) by @XDRAGON2002 in #1743
- refactor: refactor python parser (#1773) by @XDRAGON2002 in #1775
- ci: run cve check on main only by @terriko in #1804
- fix: avoid downloading files in tests (#1785) by @b31ngd3v in #1794
- fix: add MSB executables for is_executable by @ffontaine in #1776
- ci: reduce timeouts back to normal by @terriko in #1813
- chore: fix formatting by @XDRAGON2002 in #1814
- chore: fix black issues by @terriko in #1812
- fix(ci): use json method to get data from NVD by @b31ngd3v in #1816
- fix(ci): set LONG_TESTS=1 before running long tests by @b31ngd3v in #1809
- ci: fix longtests hanging problem by @b31ngd3v in #1819
- fix: doc build error by @b31ngd3v in #1825
- ci: update cached database by @b31ngd3v in #1823
- fix: add contribution from @h3athen fixing redundant conditions by @terriko in #1827
- fix: test/test_requirements.py::test_txt_csv_sync by @b31ngd3v in #1828
- ci: run cve check on all PRs by @b31ngd3v in #1829
- refactor: remove jQuery from HTML reports by @BreadGenie in #1824
- chore: Updated requirements.txt by @gaurav879 in #1665
- chore(deps): bump check-spelling/check-spelling from 0.0.19 to 0.0.20 by @dependabot in #1820
- fix: replace
data-*
attributes withdata-bs-*
attributes by @BreadGenie in #1837 - chore(deps): move pytest and py to dev-requirements.txt by @BreadGenie in #1835
- feat(data_source): OSV by @rhythmrx9 in #1750
- fix: update requirements by @b31ngd3v in #1841
- ci: added windows long tests by @yashugarg in #1822
- fix: OSV ClientConnectorError by @rhythmrx9 in #1844
- chore(deps): remove jQuery file by @BreadGenie in #1847
- refactor(html-test): remove plotly and bootstrap scripts and CSS by @BreadGenie in #1849
- feat: create parse api (#1810) by @XDRAGON2002 in #1826
- bug: Support for Application component type in CycloneDX SBOM (Fixes #1852) by @anthonyharrison in #1858
- feat: add r parser (#1853) by @XDRAGON2002 in #1854
- docs: Add Python Community Code of Conduct info by @terriko in #1843
- test: add tests for OSV data_source by @rhythmrx9 in #1846
- feat: highlight new/unexplored CVES on main page (HTML report) by @b31ngd3v in #1833
- feat: add time and date information with CVE by @rhythmrx9 in #1860
- feat: improve CVE overview (HTML report) by @b31ngd3v in #1831
- fix: OSV tests failing by @rhythmrx9 in #1867
- fix: quality issues reported by LGTM by @rhythmrx9 in #1868
- chore: change unable to fetch osv warning to error by @rhythmrx9 in #1869
- feat: filters for component view (HTML report) by @b31ngd3v in #1840
- fix: OSV test failing due to update in CVE by @rhythmrx9 in #1877
- test: Disable tests causing random py3.7 failures by @terriko in #1880
- feat: experimental tuple fuzzing setup by @yashugarg in #1873
- feat: fuzzing json inputs for report merging by @yashugarg in #1888
- refactor: improve language parsers (#1883) by @XDRAGON2002 in #1884
- docs: Add atheris protobuf setup to readme by @terriko in #1896
- ci(longtest): fix test_update_flags - SystemExit: 25 by @b31ngd3v in #1889
- feat: fixed MergeReports fuzzer. by @yashugarg in #1898
- Fix: Disable failing tests in Python 3.7 by @metabiswadeep in #1900
- ci(spelling): Pull in permissions from check-spelling/spell-check-this by @jsoref in #1901
- refactor: restructure fuzzer by @yashugarg in #1906
- fix: Date of last database update is incorrect (Fixes #1887) by @anthonyharrison in #1904
- fix: improve behaviour when -u never and -n json are both specified by @b31ngd3v in #1907
- feat: improve behaviour for -i when specified file is binary by @b31ngd3v in #1885
- fix: database schema not checked if no update flag set by @rhythmrx9 in #1875
- fix: Schemas not found (Fixes #1886) by @anthonyharrison in #1905
- feat(checker): add apache http support by @gotlougit in #1589
- chore: update checkers table by @github-actions in #1913
- fix: Decode error during file scan in version_scanner.py (#1742) by @M-Faheem-Khan in #1897
- chore: fix spelling file end of line by @terriko in #1916
- fix: fix filename and root display by @ffontaine in #1910
- chore(deps): bump Bootstrap CSS to v5.2.0 by @BreadGenie in #1893
- fix: Removed server from list of allowed words list by @metabiswadeep in #1919
- fix: fix timestamp crashes in merge report fuzzer by @yashugarg in #1921
- feat: added CycloneDX protobuf schema for fuzzing by @yashugarg in #1924
- feat: fuzz testing package list parser by @yashugarg in #1923
- fix: fix ipk extraction by @ffontaine in #1920
- fix: slow incremental updates for OSV by @rhythmrx9 in #1933
- feat: add go parser (#1881) by @XDRAGON2002 in #1882
- feat(data_source): gitlab advisory database by @rhythmrx9 in #1903
- fix(format_checkers.py): add newline at the end of file by @b31ngd3v in #1918
- feat(checker): add libupnp checker by @ffontaine in #1935
- fix(strings): Handle Unicode decoding errors instead of crashing by @netromdk in #1922
- docs: add documentation for parsers (#1937) by @XDRAGON2002 in #1938
- fix: OSV skipping due to BadZipFile error by @rhythmrx9 in #1931
- chore: update checkers table by @github-actions in #1941
- fix: typo in gad_source.py by @rhythmrx9 in #1944
- chore: update pre-commit config by @github-actions in #1851
- fix: fix zlib CPE ID by @ffontaine in #1946
- fix: fix cups CPE ID by @ffontaine in #1947
- feat(helper_script): take an executable file as an input by @ffontaine in #1943
- fix: windows long tests failing by @rhythmrx9 in #1951
- feat(checker): add dhcpcd checker by @ffontaine in #1954
- chore: update checkers table by @github-actions in #1955
- ci: autoupdate JS libraries by @Molkree in #1410
- feat(checker): add miniupnpd checker by @ffontaine in #1953
- chore: update checkers table by @github-actions in #1959
- feat: improve support for python (#1645) by @XDRAGON2002 in #1928
- feat(format_checkers.py): exclude dictionary words from allow.txt by @b31ngd3v in #1960
- fix: javascript keyerror by @Ashish13s in #1958
- feat: add ruby language parser (#1939) by @XDRAGON2002 in #1940
- ci: ubuntu long tests aren't running when tried manually by @b31ngd3v in #1936
- refactor: Add more type annotations by @JakeRoggenbuck in #1704
- ci: disable failing update test on windows by @terriko in #1963
- ci: disable py3.7 tests causing sporadic failures by @terriko in #1962
- Only run update-cache if you are the main repository by @warthog9 in #1964
- ci: disable intermittently failing windows tests by @terriko in #1969
- feat(checker): add collectd checker by @ffontaine in #1972
- feat(checker): add libssh checker by @ffontaine in #1973
- chore: update checkers table by @github-actions in #1976
- feat(checker): add apcupsd checker by @ffontaine in #1975
- refactor: extract
parse_strings
method tostrings.py
by @miles170 in #1970 - chore: update checkers table by @github-actions in #1987
- feat(checker): add libsamplerate checker by @ffontaine in #1974
- refactor: cleanup go parser constructor by @miles170 in #1971
- chore: update checkers table by @github-actions in #1998
- feat(checker): add fastd checker by @ffontaine in #2003
- feat(checker): add haserl checker by @ffontaine in #2004
- refactor(print_mode.py): use pathlib.Path instead of os.path by @b31ngd3v in #2005
- refactor(html.py): use pathlib.Path instead of os.path by @b31ngd3v in #2006
- chore: update checkers table by @github-actions in #2030
- feat(checker): add keepalived checker by @ffontaine in #2007
- refactor(input_engine.py): use pathlib.Path instead of os.path by @b31ngd3v in #2008
- chore: update checkers table by @github-actions in #2031
- refactor(helper_script.py): use pathlib.Path instead of os.path by @b31ngd3v in #2009
- refactor(cve_scanner.py): use pathlib.Path instead of os.path by @b31ngd3v in #2010
- feat(checker): add iucode-tool checker by @ffontaine in #2012
- refactor(config.py): use pathlib.Path instead of os.path by @b31ngd3v in #2011
- feat: add swift language parser (#1999) by @XDRAGON2002 in #2018
- chore: add attribution for data sources (#1952) by @XDRAGON2002 in #2014
- refactor: replace os.path to pathlib (#1981) by @XDRAGON2002 in #2016
- refactor: use pathlib in output_engine/init.py by @miles170 in #2021
- chore: update checkers table by @github-actions in #2036
- feat(checker): add i2pd checker by @ffontaine in #2025
- refactor: use pathlib in cli.py by @miles170 in #2023
- refactor: use pathlib in version_scanner.py (fixes #1982) by @metabiswadeep in #2026
- refactor: use pathlib in util.py by @miles170 in #2024
- feat(checker): add libvorbis checker by @ffontaine in #2027
- feat(checker): add lldpd checker by @ffontaine in #2028
- feat(checker): add minicom checker by @ffontaine in #2032
- feat(checker): add motion checker by @ffontaine in #2033
- refactor: add pathlib support to merge.py & available_fix by @Architrixs in #2015
- chore: update checkers table by @github-actions in #2040
- refactor: use pathlib in version_scanner.py by @miles170 in #2022
- fix: Add word "tool" to exclude list in format_checkers.py by @JoaoDanielRufino in #2039
- feat(checker): add tinyproxy checker by @ffontaine in #2034
- chore: update checkers table by @github-actions in #2041
- feat(checker): add privoxy checker by @ffontaine in #2043
- fix: fix dnsmasq checker by @ffontaine in #2042
- feat(checker): Add patch checker by @ffontaine in #2044
- ci: disable test_version_in_package_make_download temporarily by @terriko in #2055
- chore: update checkers table by @github-actions in #2057
- ci: temporarily disable tests failing on windows by @terriko in #2064
- ci: temp disable libsrtp and p7zip tests on windows by @terriko in #2065
- feat(checker): add mutt checker by @ffontaine in #2045
- refactor: update to pathlib in package_list_parser.py by @donheshanthaka in #2020
- refactor: Use pathlib instead of os.path in output_engine/print_mode.py by @pogzyb in #2017
- chore: update checkers table by @github-actions in #2070
- feat(checker): add acpid checker by @ffontaine in #2046
- feat(checker): add davfs2 checker by @ffontaine in #2047
- feat(checker): add gpsd checker by @ffontaine in #2049
- feat(checker): add lftp checker by @ffontaine in #2050
- feat(checker): add squid checker by @ffontaine in #2051
- feat(checker): add assimp checker by @ffontaine in #2052
- feat(checker): add asterisk checker by @ffontaine in #2053
- refactor: use pathlib in sbom_manager/init.py by @gulyapulya in #2013
- chore: update checkers table by @github-actions in #2071
- chore: update checkers table by @github-actions in #2072
- feat(checker): add file checker by @ffontaine in #2048
- chore: update checkers table by @github-actions in #2103
- feat(checker): add bird checker by @ffontaine in #2073
- feat(checker): add clamav checker by @ffontaine in #2075
- feat(checker): add atftp checker by @ffontaine in #2077
- feat(checker): add exiv2 checker by @ffontaine in #2079
- feat(checker): add exim checker by @ffontaine in #2082
- feat(checker): add chess checker by @ffontaine in #2083
- feat(checker): add gvfs checker by @ffontaine in #2084
- feat(checker): improve rsyslog checker pattern by @BreadGenie in #2095
- docs: add documentation for parsers by @XDRAGON2002 in #2092
- feat(checker): add seahorse checker by @BreadGenie in #2091
- feat(checker): add wget checker by @BreadGenie in #2086
- docs: Add instructions on finding binaries to checker docs by @terriko in #2104
- feat(checker): add ppp checker by @ffontaine in #2085
- chore: update checkers table by @github-actions in #2105
- feat(checker): add darkhttpd checker by @ffontaine in #2076
- feat(checker): add connman checker by @ffontaine in #2078
- feat(checker): add domoticz checker by @ffontaine in #2081
- feat(checker): add mosquitto checker by @ffontaine in #2087
- feat(checker): add libtomcrypt checker by @ffontaine in #2088
- feat(checker): add stunnel checker by @ffontaine in #2089
- feat(checker): add suricata checker by @ffontaine in #2090
- feat: improve openssl checker pattern by @BreadGenie in #2107
- feat(checker): add libinput checker by @ffontaine in #2096
- feat(checker): add timescaledb checker by @ffontaine in #2097
- feat(checker): add pure-ftpd checker by @ffontaine in #2098
- fix: improve mariadb checker patterns by @ffontaine in #2100
- feat(checker): add unbound checker by @ffontaine in #2101
- fix: improve ffmpeg checker patterns by @ffontaine in #2102
- fix: improve haproxy checker patterns by @ffontaine in #2106
- fix: improve openldap checker patterns by @ffontaine in #2108
- chore: update checkers table by @github-actions in #2110
- fix: fixed pyright issues on format_checkers.py and helper_script.py by @Shacklebolt13 in #2074
- chore: update checkers table by @github-actions in #2112
- refactor: fixed pyright errors in version_signature.py by @Shacklebolt13 in #2080
- refactor: fixed pyright errors on package_list_parser.py by @Shacklebolt13 in #2094
- feat(data_source): RedHat Security Database by @rhythmrx9 in #1949
- feat(checker): add sylpheed checker by @ffontaine in #2099
- fix: improve tcpdump checker patterns by @ffontaine in #2111
- chore: update checkers table by @github-actions in #2114
- chore: update checkers table by @github-actions in #2121
- fix: add "pure" to exclude list in format_checkers.py and remove from allow.txt by @techsnap in #2119
- feat(checker): add nbd checker by @ffontaine in #2093
- feat(checker): add profftpd checker by @ffontaine in #2125
- refactor mypy type issues in init.py by @batunpc in #2122
- chore: update checkers table by @github-actions in #2126
- fix: improve syslog-ng checker patterns by @ffontaine in #2136
- fix: improve ppp checker patterns by @ffontaine in #2137
- feat: add mypy.ini file to deal with missing imports by @terriko in #2128
- fix: fix strings call by @ffontaine in #2135
- feat(checker): add chrony checker by @ffontaine in #2138
- chore: update checkers table by @github-actions in #2141
- fix: ensure all pacman packages are accounted for by @Foxboron in #2164
- refactor: resolve mypy errors in test_version.py by @saminarp in #2123
- refactor: resolve mypy errors in test_extractor.py by @saminarp in #2124
- feat(checker): add c-ares checker by @ffontaine in #2142
- fix: change python strings to return only strings of length 3+ by @zhaobenny in #2144
- fix: improve curl checker patterns by @ffontaine in #2145
- feat(checker): add glib checker by @ffontaine in #2147
- fix: improve bind checker patterns by @ffontaine in #2148
- chore: update checkers table by @github-actions in #2170
- refactor: resolve mypy type errors in util.py by @Malay-dev in #2134
- feat(checker): add libpcap checker by @ffontaine in #2151
- fix: improve avahi checker patterns by @ffontaine in #2152
- feat(checker): add libgit2 checker by @ffontaine in #2153
- feat(checker): add json-c checker by @ffontaine in #2149
- feat(checker): add vsftpd checker by @ffontaine in #2154
- feat(checker): add thttpd checker by @ffontaine in #2155
- feat(checker): add upx checker by @ffontaine in #2156
- feat(checker): add xscreensaver checker by @ffontaine in #2157
- feat(checker): add unixodbc checker by @ffontaine in #2158
- feat(checker): add bison checker by @ffontaine in #2160
- refactor: test_language_scanner by @Rexbeast2 in #2159
- feat(checker): add iptables checker by @ffontaine in #2143
- feat(checker): add graphicsmagick checker by @ffontaine in #2161
- feat(checker): add librsync checker by @ffontaine in #2163
- feat(checker): add rsync checker by @ffontaine in #2165
- feat(checker): add tor checker by @ffontaine in #2166
- feat(checker): add netatalk checker by @ffontaine in #2167
- feat(docs): added that the tool only matches strings of length 3+ by @Logan-kwan in #2182
- refactor: Remove redundant pattern in checkers/openssl.py by @am-3 in #2169
- refactor: extractor is now inherited in test_extractor.py by @devils2ndself in #2171
- fix: fix dirname/filename typo in util.py by @terriko in #2189
- feat(checker): add lynx checker by @ffontaine in #2172
- feat(checker): add spice checker by @ffontaine in #2173
- feat(checker): add thrift checker by @ffontaine in #2174
- feat(checker): add mpv checker by @ffontaine in #2175
- feat(checker): add grub2 checker by @ffontaine in #2176
- feat(checker): add mailx checker by @ffontaine in #2177
- feat(checker): add quagga checker by @ffontaine in #2178
- feat(checker): add asn1c checker by @ffontaine in #2179
- feat(checker): add sofia-sip checker by @ffontaine in #2184
- feat(checker): add util-linux checker by @ffontaine in #2185
- feat(checker): add janus checker by @ffontaine in #2186
- feat(checker): add pango checker by @ffontaine in #2187
- refactor: add type-hints for test/test_scanner.py by @felixbd in #2132
- feat(checker): add cvs checker by @ffontaine in #2180
- chore: update checkers table by @github-actions in #2181
- feat(checker): add nettle checker by @ffontaine in #2150
- refactor: fix mypy errors in cve_bin_tool/extractor.py by @submicron13 in #2192
- feat(checker): add putty checker by @ffontaine in #2193
- feat: Extra component type support in CycloneDX SBOM (Fixes #2216) by @anthonyharrison in #2217
- feat(checker): add shadowsocks-libev checker by @ffontaine in #2194
- feat(checker): add ntpsec checker by @ffontaine in #2195
- feat(checker): add nghttp2 checker by @ffontaine in #2196
- feat(checker): add znc checker by @ffontaine in #2197
- feat(checker): add jhead checker by @ffontaine in #2198
- feat(checker): add rdesktop checker by @ffontaine in #2199
- feat(checker): add elfutils checker by @ffontaine in #2200
- feat(checker): add rtl_433 checker by @ffontaine in #2202
- feat(checker): add squashfs checker by @ffontaine in #2203
- feat(checker): add transmission checker by @ffontaine in #2205
- docs: warn users that nvd may block them if they are not using an api_key by @ayushthe1 in #2226
- feat: Add support for Java product versions defined in properties (Fixes #1707) by @anthonyharrison in #2215
- feat(checker): add nmap checker by @ffontaine in #2206
- feat(checker): add procps-ng checker by @ffontaine in #2208
- chore: update checkers table by @github-actions in #2233
- docs(manual): various fixes by @Molkree in #2252
- feat(checker): add minidlna checker by @ffontaine in #2207
- feat(checker): add jack2 checker by @ffontaine in #2209
- Avoid 'ValueError: list.remove(x): x not in list' while reading OSV by @raboof in #2221
- feat: SBOM management (Fixes #1646) by @anthonyharrison in #1912
- feat(checker): add opencv checker by @ffontaine in #2210
- feat(checker): add libconfuse checker by @ffontaine in #2211
- feat(checker): add neon checker by @ffontaine in #2212
- fix: improve json-c checker patterns by @ffontaine in #2213
- feat(checker): add perl checker by @ffontaine in #2219
- fix: improve bzip2 checker patterns by @ffontaine in #2220
- fix: improve gnutls checker patterns by @ffontaine in #2223
- feat(checker): add iperf3 checker by @ffontaine in #2224
- fix: improve dbus checker patterns by @ffontaine in #2225
- fix: add more libraries to mypy types missing list by @terriko in #2232
- chore: update checkers table by @github-actions in #2253
- fix: Incremental database update is not default (Fixes #2229) by @anthonyharrison in #2247
- feat(checker): add gdb checker by @ffontaine in #2250
- fix: improve ppp checker patterns by @ffontaine in #2251
- feat(checker): add wolfssl checker by @ffontaine in #2257
- feat(checker): add snort checker by @ffontaine in #2258
- feat(checker): add zeek checker by @ffontaine in #2259
- feat(checker): add bro checker by @ffontaine in #2260
- feat(checker): add tpm2-tss checker by @ffontaine in #2263
- feat(checker): add boinc checker by @ffontaine in #2264
- chore: fix mypy errors in checkers/jhead.py by @kishan3 in #2265
- fix: Minor issues with code base (Fixes #2276) by @anthonyharrison in #2277
- chore: update checkers table by @github-actions in #2274
- fix: NVD access fails if no NVD API key specified or found (Fixes #1857) by @anthonyharrison in #2262
- feat(checker): add e2fsprogs checker by @ffontaine in #2248
- fix: improve sqlite checker patterns by @ffontaine in #2218
- fix: improve ntp checker patterns by @ffontaine in #2204
- fix: improve glib checker patterns by @ffontaine in #2214
- chore: fix mypy errors in package_list_parser.py by @pratul20 in #2243
- chore: fix mypy errors in async_utils.py by @pratul20 in #2246
- refactor: fix mypy errors in version_signature.py by @PhilippFr in #2249
- chore: fix mypy errors in data_sources/* by @kishan3 in #2256
- chore: update checkers table by @github-actions in #2278
- fix: better handling of 3rd party libs for
mypy
by @Molkree in #2279 - feat: output list of language parsers (Fixes #1891) by @anthonyharrison in #2228
- chore: fix mypy errors in cvedb.py by @pratul20 in #2242
- feat(checker): add libjpeg checker by @ffontaine in #2245
- refactor: fix mypy errors in checkers q-t by @Molkree in #2285
- refactor: fix mypy errors in checkers m-p by @Molkree in #2286
- refactor: fix mypy errors in checkers i-l by @Molkree in #2287
- refactor: fix mypy issues in format_checkers.py by @aadityasinha-dotcom in #2289
- chore: fix mypy errors in checkers/a*.py by @kishan3 in #2291
- chore: fix mypy errors in checkers/b*.py by @kishan3 in #2292
- chore: fix mypy errors in checkers/c*.py by @kishan3 in #2293
- chore: fix mypy errors in checkers/d*.py by @kishan3 in #2294
- chore: fix mypy errors in checkers/f*.py by @kishan3 in #2295
- chore: fix mypy errors in checkers/g*.py by @kishan3 in #2296
- feat: Add remarks to PDF reports (Fixes #1617) by @anthonyharrison in #2299
- test(html): add playwright html test by @BreadGenie in #1925
- feat(checker): add fribidi checker by @ffontaine in #2298
- docs: add table of contents to test/README.md by @adityaacse in #2305
- refactor: fix mypy errors in checkers/e*.py by @mastdev in #2302
- refactor: NTP checker patterns #2288 by @jazzysoggy in #2311
- feat(checker): add miniupnpc checker by @ffontaine in #2301
- refactor: fix mypy errors in checkers/[uz]*.py by @mastdev in #2303
- chore: fixed mypy issues in checkers/h*.py by @himanshiparnami in #2306
- refactor: fix mypy issues in egg_updater.py by @Mou887 in #2307
- refactor: type hints helper script by @codamuse in #2308
- feat(checker): add git checker by @ffontaine in #2297
- chore: update checkers table by @github-actions in #2310
- fix: Updated number of checkers mentioned in docs by @metabiswadeep in #2318
- fix: TestLanguageScanner failed if no database (Fixes #2290) by @anthonyharrison in #2319
- feat: Added function to update number of checkers in docs by @metabiswadeep in #2322
- fix: escape rich console markup close tags [/] by @codamuse in #2327
- feat: explicit option to load triage file by @raboof in #2321
- feat: Improve output report with multiple data sources (Fixes #2231) by @anthonyharrison in #2324
- fix: improve openssl checkers by @ffontaine in #2328
- feat: Support NVD 2.0 API (Fixes #1872) by @anthonyharrison in #2330
- chore: update pre-commit config by @github-actions in #2019
- fix: pyupgrade fix for output_engine/console.py by @terriko in #2340
- fix: strings -n 3 args passing by @netromdk in #2343
- [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1 by @terriko in #2346
- docs: improve triage documentation by @raboof in #2335
- fix: improve libjpeg checker patterns by @ffontaine in #2338
- fix: improve curl checker patterns by @ffontaine in #2341
- feat(checker): Added Firefox checker by @metabiswadeep in #2325
- feat: Improve handling of reports with 0 CVES (Fixes #1870) by @anthonyharrison in #2342
- feat(checker): add ipsec-tools checker by @ffontaine in #2348
- refactor(html-test): rename
setup
&teardown
by @BreadGenie in #2347 - ci: use
$GITHUB_OUTPUT
instead ofset-output
by @BreadGenie in #2349 - feat: Data source improvements (Fixes #2332) by @anthonyharrison in #2333
- chore: update checkers table by @github-actions in #2352
- feat(checker): add freerdp checker by @ffontaine in #2350
- fix: NVD API issues (Fixes #2351) by @anthonyharrison in #2355
- feat(checker): add radvd checker by @ffontaine in #2345
- fix: treat rating in VEX triage files as optional by @raboof in #2336
- chore: update checkers table by @github-actions in #2357
- docs: link options in README.md to extended descriptions in MANUAL.md by @b31ngd3v in #2358
- feat(checker): add lz4 checker by @ffontaine in #2361
- ci: skip analyzing things we can't fix in coverity by @terriko in #2359
- chore: update checkers table by @github-actions in #2362
- fix: address potential None in db cursor by @terriko in #2339
- fix: improve libjpeg checker patterns by @ffontaine in #2365
- fix: improve console notes by @ffontaine in #2366
- feat(checker): add gmp checker by @ffontaine in #2370
- feat(checker): add sysstat checker by @ffontaine in #2371
- feat(checker): add libksba checker by @ffontaine in #2372
- chore: update checkers table by @github-actions in #2383
- fix: Set vendor to UNKNOWN if all else fails by @terriko in #2369
- fix: Improve output for Mitigated and Ignored CVEs (Fixes #1752) by @anthonyharrison in #2373
- fix: improve ppp checker patterns (#2214) by @ffontaine in #2385
- refactor: update types syntax in checkers/ by @metabiswadeep in #2388
- refactor: update types in cve_bin_tool/sbom_manager by @metabiswadeep in #2389
- ci: disable quiet_mode test in long tests by @terriko in #2391
- refactor: Update types syntax in available_fix/* by @mjhuff in #2386
- refactor: update types in data_sources by @metabiswadeep in #2387
- feat: Keep a copy of the NVD database (Fixes #1099) by @anthonyharrison in #2222
- fix: remove use of tarfile by @terriko in #2363
- ci: group tests which rely on external connectivity into a separate CI by @b31ngd3v in #2398
- chore(deps): bump check-spelling/check-spelling from 0.0.20 to 0.0.21 by @dependabot in #2405
- fix: Add components to failing language package tests by @terriko in #2407
- fix: improve samba checker patterns by @ffontaine in #2399
- chore: bump version, python_requires by @terriko in #2409
- refactor: Updates typehint to newer sintax by @paimvictor in #2397
- feat: Fail gracefully when someone tries to use python 3.6 by @metabiswadeep in #2410
- chore: align vex output with CycloneDX schema by @raboof in #2337
- ci: requirements do not need to be tested during windows longtests by @terriko in #2412
- feat: Add Red Hat data source (Fixes #2331, #2367) by @anthonyharrison in #2368
- fix: Change extraction exceptions to logged warnings by @terriko in #2408
- fix: remove extraneous exit() calls by @metabiswadeep in #2420
- fix: improve language test output, fix failing tests by @terriko in #2422
- refactor: cosmetic fixes to dev reqs updater by @Molkree in #2415
- feat: change EXTERNAL_SYSTEM() to give a boolean by @b31ngd3v in #2417
- refactor: update types syntax in test by @metabiswadeep in #2394
- refactor: fix "Any" type and mypy errors in data_sources/ by @mjhuff in #2395
- feat: Change LONG_TESTS() to give a boolean by @metabiswadeep in #2411
- fix: CVEs from multiple sources missing (Fixes #2418) by @anthonyharrison in #2421
- fix: remove LegacyVersion by @terriko in #2432
- fix: downgrade packaging temporarily by @terriko in #2436
- fix: only one cve found by test_triage by @terriko in #2439
- fix: Using vex as triage file loses vendor field (Fixes #2320) by @anthonyharrison in #2329
New Contributors
- @wyattearp made their first contribution in #1643
- @gaurav879 made their first contribution in #1636
- @b31ngd3v made their first contribution in #1648
- @onyxcherry made their first contribution in #1641
- @snosratiershad made their first contribution in #1674
- @M-Faheem-Khan made their first contribution in #1692
- @dependabot made their first contribution in #1726
- @ffontaine made their first contribution in #1705
- @iamnandhu made their first contribution in #1762
- @metabiswadeep made their first contribution in #1900
- @jsoref made their first contribution in #1901
- @gotlougit made their first contribution in #1589
- @netromdk made their first contribution in #1922
- @Ashish13s made their first contribution in #1958
- @JakeRoggenbuck made their first contribution in #1704
- @warthog9 made their first contribution in #1964
- @miles170 made their first contribution in #1970
- @Architrixs made their first contribution in #2015
- @JoaoDanielRufino made their first contribution in #2039
- @donheshanthaka made their first contribution in #2020
- @pogzyb made their first contribution in #2017
- @gulyapulya made their first contribution in #2013
- @Shacklebolt13 made their first contribution in #2074
- @techsnap made their first contribution in #2119
- @batunpc made their first contribution in #2122
- @Foxboron made their first contribution in #2164
- @saminarp made their first contribution in #2123
- @zhaobenny made their first contribution in #2144
- @Malay-dev made their first contribution in #2134
- @Rexbeast2 made their first contribution in #2159
- @Logan-kwan made their first contribution in #2182
- @am-3 made their first contribution in #2169
- @devils2ndself made their first contribution in #2171
- @felixbd made their first contribution in #2132
- @submicron13 made their first contribution in #2192
- @ayushthe1 made their first contribution in #2226
- @raboof made their first contribution in #2221
- @kishan3 made their first contribution in #2265
- @pratul20 made their first contribution in #2243
- @PhilippFr made their first contribution in #2249
- @aadityasinha-dotcom made their first contribution in #2289
- @adityaacse made their first contribution in #2305
- @mastdev made their first contribution in #2302
- @jazzysoggy made their first contribution in #2311
- @himanshiparnami made their first contribution in #2306
- @Mou887 made their first contribution in #2307
- @codamuse made their first contribution in #2308
- @mjhuff made their first contribution in #2386
- @paimvictor made their first contribution in #2397
Full Changelog: v3.1.1...v3.2rc0