Sourced from github.com/paketo-buildpacks/occam's releases.

v0.27.0

What's Changed

• Bump dependencies by @​modulo11 in paketo-buildpacks/occam#386
• Updates go mod version to 1.24.3 by @​paketo-bot in paketo-buildpacks/occam#376

New Contributors

• @​modulo11 made their first contribution in paketo-buildpacks/occam#386

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.26.0...v0.27.0

v0.26.0

What's Changed

• Bump github.com/onsi/gomega from 1.36.3 to 1.37.0 by @​dependabot in paketo-buildpacks/occam#375
• Bump github.com/paketo-buildpacks/packit/v2 from 2.16.0 to 2.17.0 by @​dependabot in paketo-buildpacks/occam#377
• Bump golang.org/x/net from 0.37.0 to 0.38.0 by @​dependabot in paketo-buildpacks/occam#378
• Manual upgrade of dependencies by @​nicolasbender in paketo-buildpacks/occam#384

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.25.0...v0.26.0

• aeef59d Updates go mod version to 1.24.3 (#376)
• 1936f59 Bump dependencies (#386)
• e97009b Manual upgrade of dependencies (#384)
• 23d583a Bump golang.org/x/net from 0.37.0 to 0.38.0
• b89b13e Bump github.com/paketo-buildpacks/packit/v2 from 2.16.0 to 2.17.0
• e12234c Bump github.com/onsi/gomega from 1.36.3 to 1.37.0
• See full diff in compare view

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.20.0

What's Changed

• Updates go mod version to 1.24.3 by @​paketo-bot in paketo-buildpacks/packit#643
• Bump dependencies by @​modulo11 in paketo-buildpacks/packit#651

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.19.0...v2.20.0

v2.19.0

What's Changed

• Downgrade docker and stereoscope by @​nicolasbender in paketo-buildpacks/packit#649

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.18.0...v2.19.0

v2.18.0

What's Changed

• Bump golang.org/x/net from 0.37.0 to 0.38.0 by @​dependabot in paketo-buildpacks/packit#645
• Bump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.9 by @​dependabot in paketo-buildpacks/packit#646
• Use upstream syft by @​modulo11 in paketo-buildpacks/packit#639
• Bump github.com/anchore/stereoscope from 0.0.0-20230412183729-8602f1afc574 to 0.1.3 by @​dependabot in paketo-buildpacks/packit#644

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.17.0...v2.18.0

• b3d4c50 Bump dependencies (#651)
• 4589337 Updates go mod version to 1.24.3 (#643)
• dc86e8d Downgrade docker and stereoscope
• aa5bc77 Bump github.com/anchore/stereoscope
• f3fa74a Use upstream syft (#639)
• 7e884aa Bump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.9
• f3ac27a Bump golang.org/x/net from 0.37.0 to 0.38.0
• See full diff in compare view

Sourced from dario.cat/mergo's releases.

v1.0.2

What's Changed

• Drops gopkg.in/yaml.v3, only used for loading fixtures. Thanks @​trim21 for bringing to my attention (#262) that this library is no longer maintained.

Full Changelog: https://github.com/darccio/mergo/compare/v1.0.1...v1.0.2

v1.0.1

What's Changed

• fixes issue #187 by @​vsemichev in darccio/mergo#253
• fix: WithoutDereference should respect non-nil struct pointers by @​joshkaplinsky in darccio/mergo#251

New Contributors

• @​vsemichev made their first contribution in darccio/mergo#253
• @​joshkaplinsky made their first contribution in darccio/mergo#251

Full Changelog: https://github.com/darccio/mergo/compare/v1.0.0...v1.0.1

• 7b33b2b refactor: migrate from YAML to JSON for test data and update related functions
• 229a214 chore(.well-known): add funding manifest URLs file
• 6be20c6 chore(SECURITY.md): update supported versions to reflect current versioning
• 9007623 chore(README) : remove kubernetes from the list of users
• 2b1eb9c Update FUNDING.yml
• 2ceb994 Create FUNDING.json
• 59ea6a9 Merge pull request #251 from joshkaplinsky/joshkaplinsky/without-dereference-...
• 96f24af Merge pull request #253 from vsemichev/master
• 2f1a615 fixes issue #187. adds test to verify the fix.
• 4da170b fixes issue #187. attempt #3
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.9.2

Changelog

Features

• 39ede217f126cfbc80eabf880f6643be3d392a4f: feat: add MarshalXML and UnmarshalXML (@​DmitriyLewen)
• e9191ed11a269fcb6b3fb54e000ed6d81b5bf9db: feat: add UnmarshalJSON (@​DmitriyLewen)

Fixes

• 80fede1f13a956d35eb14696cd2ca9d2d943f809: fix: add json tag for Identity (@​DmitriyLewen)
• 24e9503293f0837e6e7ea3ff670ef958e6075b87: fix: tests (@​DmitriyLewen)
• d68a199bc1747e5d6a7d4196c2f270535bbf6e3e: fix: use identity as array in valid-evidence.json (@​DmitriyLewen)
• ff9cc28f9c9554328bd6c1ad56098be5a692d5e9: fix: use componentEvidence array for Evidence.Identity field (@​DmitriyLewen)

Building and Packaging

• 016ee293d464d6383be3a714f7fb0debebef8ad5: build(deps): bump actions/checkout from 4.1.7 to 4.2.0 (@​dependabot[bot])
• 77153ab5fe005f6484ac1e1225e7152df00db3f1: build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (@​dependabot[bot])
• 4f50d02c1282ac1d0d7448502b231a0e84a1e529: build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (@​dependabot[bot])
• b84451219e77e0fbbe7d5ba054bcf25dbc7aaea4: build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 (@​dependabot[bot])
• 238cbea3479fed9fdfcbfa5f1751828390a05211: build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 (@​dependabot[bot])
• bbe8f3c2c7c4567514ae966c69bf93fc1b3dba2a: build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (@​dependabot[bot])
• 05f8930fe918a31941ebf90eec627e5e6e908d1c: build(deps): bump github.com/terminalstatic/go-xsd-validate (@​dependabot[bot])
• 082f87791a5e290c9d4c6e8126dc0cc987028a60: build(deps): bump gitpod/workspace-go from 2a9e01c to 9c95281 (@​dependabot[bot])
• 093b1c15164dad5d46768db0e3f6ee43eb60ca20: build(deps): bump gitpod/workspace-go from 9c95281 to 6932342 (@​dependabot[bot])
• 47b7e01ce8f8209894065e9656217b8c00a3c8ea: build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (@​dependabot[bot])
• ce6eb841cb1e21aa28efbccd9eb8fe5eea0555c9: build(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (@​dependabot[bot])

Others

• 4d3aff9fab9ae78bd6fbbc9fd0912fab14c8fb64: UPDATE_SNAPSHOTS=true make test (@​DmitriyLewen)
• 31d954443e6563aeee69d82bdfb82aee83e07df1: refactor (@​DmitriyLewen)
• 0170729e313a681fc8659643601410ae10ffe803: refactor: update convert package (@​DmitriyLewen)

v0.9.1

Changelog

Fixes

• 6f0e0cf025dd99ab903e33f8e043d92b28dab4f6: fix: nil pointer dereference during evidence conversion (@​nscuro)
• ce43b6f4cb5707d3ef2db1af1d597f5b23bf0e15: fix: make linter happy (@​nscuro)
• 5d799e634b9bed9c86621048544737b210e433e8: fix: remove deprecated goreleaser flag (@​nscuro)

Building and Packaging

• 6d5bcb0e277207551dbc728eb29959f1d3cbd685: build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (@​dependabot[bot])
• f34fc0c413da74d20d1cc240863aaf2eb6b274f7: build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 (@​dependabot[bot])
• 71cff221b8dbbc1d50f839fa76ecea4e42d83a2b: build(deps): bump gitpod/workspace-go from 8d15123 to 2a9e01c (@​dependabot[bot])
• ea693550558d230b3fbba810b6e75ac2eb0b55c8: build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 (@​dependabot[bot])
• d5cbdad49dfbf54f2dab4ad95bd1a47c710a526c: build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (@​dependabot[bot])

v0.9.0

Changelog

Features

• 729c284798ebe341ced210b661362f77d68cd655: feat: Add CycloneDX 1.6 fields swhid and omniborId (@​snyk-tim)
• b5d35959767efce95f50e96bf752c47fbe374496: feat: add manufacturer and authors (@​snyk-tim)
• c52e698d2fe3fbd60df6ff397f44e7b0ea15a4bc: feat: raise baseline go version to 1.20 (@​nscuro)

Fixes

• 9166e10fdecaadd8a97ceed9636261d351d90a65: fix: ioutil -> io (@​nscuro)
• 349fc8cd072e90d81c0328f1d9dab16aa30fcf60: fix: add bom-ref to OrganizationalEntity/Contact (@​snyk-tim)
• c97da90e259e0051e02e07300c75ad5e37a0311b: fix: handle breaking changes in skywalking-eyes (@​nscuro)

... (truncated)

• cba06ff Merge pull request #205 from CycloneDX/dependabot/go_modules/github.com/termi...
• 5c81749 Merge pull request #211 from CycloneDX/dependabot/github_actions/actions/setu...
• 753526c Merge pull request #204 from DmitriyLewen/fix/componentEvidence-as-array
• 4d3aff9 UPDATE_SNAPSHOTS=true make test
• d68a199 fix: use identity as array in valid-evidence.json
• 24e9503 fix: tests
• 238cbea build(deps): bump actions/setup-go from 5.1.0 to 5.2.0
• a7f7415 Merge branch 'master' of github.com:DmitriyLewen/cyclonedx-go into fix/compon...
• 05f8930 build(deps): bump github.com/terminalstatic/go-xsd-validate
• 464d426 Merge pull request #202 from CycloneDX/dependabot/github_actions/actions/chec...
• Additional commits viewable in compare view

Sourced from github.com/DataDog/zstd's releases.

zstd 1.5.5

What's Changed

• Update vendored zstd to 1.5.5 (#125)
• [circleci] Update to non-deprecated images (#124)

https://github.com/DataDog/zstd/compare/v1.5.2...v1.5.5

zstd 1.5.5 - wrapper patches 1

What's Changed

• add DecompressInto for decompression of payloads with known sizes by @​jbowens in DataDog/zstd#130
• [bulk] Fix being able to Decompress large payloads by @​Viq111 in DataDog/zstd#132

New Contributors

• @​jbowens made their first contribution in DataDog/zstd#130

Full Changelog: https://github.com/DataDog/zstd/compare/v1.5.5...v1.5.5+patch1

zstd 1.5.2

This release updates the upstream zstd version to 1.5.2 (DataDog/zstd#116)

The update 1.5.0 -> 1.5.2 overall has a similar performance profile. Please note that depending on the workload, performance could vary by -10% / +10%

zstd 1.5.2 - wrapper patches 1

What's Changed

• Fix unneededly allocated large decompression buffer by @​XiaochenCui (#118) & @​Viq111 in DataDog/zstd#120
• Add SetNbWorkers api to the writer code (see #108) by @​bsergean in DataDog/zstd#117
  • For large workloads, the performance can be improved by 3-6x (see DataDog/zstd#117)
  • Write() becomes async with workers > 1, make sure you read the method documentation before using

New Contributors

• @​bsergean made their first contribution in DataDog/zstd#117
• @​XiaochenCui for his work on DataDog/zstd#118 that led to #120

Full Changelog: https://github.com/DataDog/zstd/compare/v1.5.2...v1.5.2+patch1

zstd 1.5.0

This release updates the upstream zstd version to 1.5.0 (#106) (thanks @​SirSniper!) which sports some major performance improvements!

It comes with additional changes to the Go wrapper:

• Allow building against zstd dynamic library instead of static by @​dopuskh3 (#109)
• Don't block the stream reader when a block is available by @​delthas (#96)

zstd 1.5.0 - wrapper patches 1

What's Changed

• zstd.go: Set ZSTD_LEGACY_SUPPORT=4 to decompress legacy payloads by @​evanj in DataDog/zstd#105

Full Changelog: https://github.com/DataDog/zstd/compare/v1.5.0...v1.5.0+patch1

zstd 1.5.0 - wrapper patches 2

... (truncated)

• 5f14d6a Merge pull request #125 from DataDog/viq111/1.5.5
• ca4d3c7 Update vendored zstd to 1.5.5
• 03725e7 Merge pull request #126 from DataDog/viq111/circleci
• 1b4c894 [circle] Remove latest as cimg/go does not have the tag
• ff5a3bb [circleci] Update tested Go versions to 1.19 & 1.20
• 6e5a54b [circleci] Switch to newer images
• fd035e5 Merge pull request #117 from bsergean/patch-1
• c798238 Merge branch '1.x' into patch-1
• 13d5b10 update documentation
• d64f463 Merge pull request #120 from DataDog/viq111/fix-min-size
• Additional commits viewable in compare view

Sourced from github.com/Masterminds/sprig/v3's releases.

v3.3.0

What's Changed

• Updating the Go versions used in testing by @​mattfarina in Masterminds/sprig#405
• Change intial to initial. by @​chrishalbert in Masterminds/sprig#391
• Updating dependencies by @​mattfarina in Masterminds/sprig#404
• correct value by @​jheyduk in Masterminds/sprig#376
• Updating location of mergo by @​mattfarina in Masterminds/sprig#406
• feature: added sha512sum function by @​itzik-elayev in Masterminds/sprig#400
• docs: Add missing link to url functions by @​carlpett in Masterminds/sprig#375
• Update doc.go by @​chey in Masterminds/sprig#369
• Update mathf.md by @​zzhu41 in Masterminds/sprig#290
• Removing duplicate documentation by @​mattfarina in Masterminds/sprig#407
• Updating the changelog for the 3.3.0 release by @​mattfarina in Masterminds/sprig#408

New Contributors

• @​chrishalbert made their first contribution in Masterminds/sprig#391
• @​jheyduk made their first contribution in Masterminds/sprig#376
• @​itzik-elayev made their first contribution in Masterminds/sprig#400
• @​carlpett made their first contribution in Masterminds/sprig#375
• @​chey made their first contribution in Masterminds/sprig#369
• @​zzhu41 made their first contribution in Masterminds/sprig#290

Full Changelog: https://github.com/Masterminds/sprig/compare/v3.2.3...v3.3.0

Sourced from github.com/Masterminds/sprig/v3's changelog.

Release 3.3.0 (2024-08-29)

Added

• #400: added sha512sum function (thanks @​itzik-elayev)

Changed

• #407: Removed duplicate documentation (functions were documentated in 2 places)
• #290: Corrected copy/paster oops in math documentation (thanks @​zzhu41)
• #369: Corrected template reference in docs (thanks @​chey)
• #375: Added link to URL documenation (thanks @​carlpett)
• #406: Updated the mergo dependency which had a breaking change (which was accounted for)
• #376: Fixed documentation error (thanks @​jheyduk)
• #404: Updated dependency tree
• #391: Fixed misspelling (thanks @​chrishalbert)
• #405: Updated Go versions used in testing

• e708470 Merge pull request #408 from mattfarina/update-changelog-3.3
• 8fc4354 Updating the changelog for the 3.3.0 release
• cb81a32 Merge pull request #407 from mattfarina/remove-dup-math-functions
• 2637693 Removing duplicate documentation
• 06b9a87 Merge pull request #290 from zzhu41/patch-1
• e663ec6 Merge pull request #369 from chey/patch-1
• bb2f73f Merge pull request #375 from carlpett/patch-1
• f07659e Merge pull request #400 from itzik-elayev/master
• 98b35c1 Add closing bracket
• 7a88928 Merge pull request #406 from mattfarina/update-mergo
• Additional commits viewable in compare view

Sourced from github.com/Microsoft/hcsshim's releases.

v0.13.0

What's Changed

• Enable Windows UVM functional tests by @​jiechen0826 in microsoft/hcsshim#2338
• Add support for HCN v2 endpoint and add unit tests by @​katiewasnothere in microsoft/hcsshim#2343
• Skip HVSock_* flaky tests until they are fixed by @​jiechen0826 in microsoft/hcsshim#2365
• Fix duplicate artifact name in github CI by @​jiechen0826 in microsoft/hcsshim#2366
• Fix TestLCOW_IPv6_Assignment functional test by @​katiewasnothere in microsoft/hcsshim#2359
• Enabled Linux UVM tests to run on 1ES github runner pool by @​jiechen0826 in microsoft/hcsshim#2357
• Revert "Enabled Linux UVM tests to run on 1ES github runner pool" by @​jiechen0826 in microsoft/hcsshim#2378
• github-actions: update lint action by @​anmaxvl in microsoft/hcsshim#2379
• fix golangci-lint config by @​anmaxvl in microsoft/hcsshim#2387
• HvSocket support for containers by @​anmaxvl in microsoft/hcsshim#2353
• feature: cross-container named pipes by @​anmaxvl in microsoft/hcsshim#2358
• tooling: allow pause container to be run in privileged mode by @​anmaxvl in microsoft/hcsshim#2406
• Initial support for creating confidential windows UtilityVMs by @​ambarve in microsoft/hcsshim#2388
• Deps/crypto vulnFix golang.org/x/crypto vulnerability by @​helsaawy in microsoft/hcsshim#2416
• rego policy enforcer should use the same user parsing logic as GCS by @​anmaxvl in microsoft/hcsshim#2405

New Contributors

• @​jiechen0826 made their first contribution in microsoft/hcsshim#2338

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.3...v0.13.0

v0.13.0-rc.3

What's Changed

• Update go version + Switch to using containerd/errdefs/pkg/errgrpc for grpc translation by @​kiashok in microsoft/hcsshim#2300
• add longPathAware to shim manifest by @​anmaxvl in microsoft/hcsshim#2303
• Fix issue with mask length of gateway addresses by @​katiewasnothere in microsoft/hcsshim#2305
• remove dmverity-vhd code and release pipeline by @​anmaxvl in microsoft/hcsshim#2318
• Add build version block for pod CPU limits updating by @​katiewasnothere in microsoft/hcsshim#2321
• Fix go.mod to have the correct Go version by @​kevpar in microsoft/hcsshim#2326
• Fix path in security policyenginesimulator sample by @​MahatiC in microsoft/hcsshim#2329
• octtrpc: Fix span status defer, add tests by @​kevpar in microsoft/hcsshim#2330
• Support for Block CIMs by @​ambarve in microsoft/hcsshim#2261
• osversion: Add new versions, fix compat bug, improve tests by @​kevpar in microsoft/hcsshim#2327
• Use abs path to testing binary by @​helsaawy in microsoft/hcsshim#2344
• Omnibus dependabot update by @​helsaawy in microsoft/hcsshim#2347

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.13.0-rc.2...v0.13.0-rc.3

v0.11.8

What's Changed

• [release/0.11] vendor: github.com/containerd/containerd v1.6.33 by @​thaJeztah in microsoft/hcsshim#2185
• [release/0.11] Update golang version in ci.yml by @​kiashok in microsoft/hcsshim#2189
• [release/0.11] Update golang CI version + containerd version to v1.6.36 by @​kiashok in microsoft/hcsshim#2273
• [release/0.11] Fixing typo by @​ritikaguptams in microsoft/hcsshim#2288

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.11.7...v0.11.8

... (truncated)

• 7084bd2 rego policy enforcer should use the same user parsing logic as GCS (#2405)
• a5c5b4c Deps/crypto vulnFix golang.org/x/crypto vulnerability (#2416)
• a00144a Add support for running confidential WCOW UVMs
• 5def1d7 Allow different types of boot configurations for WCOW UVM
• b4e0744 Merge pull request #2406 from anmaxvl/privileged-pause
• e5f8fd8 tooling: allow pause container to be run in privileged mode
• d7e3842 feature: cross-container named pipes (#2358)
• 62ddb12 HvSocket support for containers (#2353)
• fa9d402 ci: fix golangci-lint config (#2387)
• a3c0edf github-actions: update lint action (#2379)
• Additional commits viewable in compare view

Sourced from github.com/ProtonMail/go-crypto's releases.

v1.2.0

What's Changed

• Update min go version to 1.22.0 by @​lubux in ProtonMail/go-crypto#278
• Change the max AEAD chunk size to 4MiB from 64KiB by @​lubux in ProtonMail/go-crypto#280

Full Changelog: https://github.com/ProtonMail/go-crypto/compare/v1.1.6...v1.2.0

Release v1.2.0-proton

What's Changed

This release is v1.2.0 with support for the following non-standardized features:

• Presistent symmetric keys draft-ietf-openpgp-persistent-symmetric-keys-00
• Automatic forwarding draft-wussler-openpgp-forwarding-00
• Post-quantum algorithms draft-ietf-openpgp-pqc

Release v1.1.6

What's Changed

• Fix PublicKey.KeyIdString to return a valid key id by @​lubux in ProtonMail/go-crypto#269
• Allow Key Flags override @​davrux in ProtonMail/go-crypto#272
• Only check that message signatures are newer than the key by @​twiss in ProtonMail/go-crypto#275
• openpgp/clearsign: just use rand.Reader in tests by @​mdosch in ProtonMail/go-crypto#276
• Make Issuer Key ID signature subpacket non-critical by @​caarlos0 in ProtonMail/go-crypto#266
• v2 API: Improve error messages for encryption key selection by @​lubux in ProtonMail/go-crypto#271

Full Changelog: https://github.com/ProtonMail/go-crypto/compare/v1.1.5...v1.1.6

Release v1.1.6-proton

What's Changed

This release is v1.1.6 with support for the following non-standardized features:

• Presistent symmetric keys draft-ietf-openpgp-persistent-symmetric-keys-00
• Automatic forwarding draft-wussler-openpgp-forwarding-00
• Post-quantum algorithms draft-ietf-openpgp-pqc

Release v1.1.5

What's Changed

• Check binding signature details against primary key by @​twiss in ProtonMail/go-crypto#264

Full Changelog: https://github.com/ProtonMail/go-crypto/compare/v1.1.4...v1.1.5

Release v1.1.5-proton

What's Changed

This release is v1.1.5 with support for the following non-standardized features:

• Presistent symmetric keys draft-ietf-openpgp-persistent-symmetric-keys-00

... (truncated)

• 70930d7 Merge pull request #280 from ProtonMail/fix/aead-max-chunk-size
• 54e82fd fix: The max AEAD chunk size must be 4MiB not 65KiB
• 61ae167 Merge pull request #278 from ProtonMail/chore/bump-go-version
• af200f2 chore: Update min go version to 1.22.0
• e52eada Merge pull request #271 from ProtonMail/feat/improve-errors-key-selection
• 4bf9d90 feat(v2): Improve error message for encryption key selection
• d47bb38 Merge pull request #266 from caarlos0/issuer-key-id
• 756ebbd Make Issuer Key ID signature subpacket non-critical
• 44ef98c Merge pull request #276 from mdosch/fix-random-source-is-broken
• b105e24 Merge branch 'main' into fix-random-source-is-broken
• Additional commits viewable in compare view

• See full diff in compare view

• See full diff in compare view

Sourced from github.com/anchore/syft's releases.

v1.26.0

Added Features

• Read version resources from non-.NET DLLs and executables [#3842 #3911 @​wagoodman]

Bug Fixes

• pkg.JavaArchive.PomProperties is being populated even though no pom.properties file was present for analysis [#3922 @​wagoodman]
• syft 1.24.0 debug container - wget fails TLS [#3891 #3915 @​spiffcs]

(Full Changelog)

v1.25.1

Additional Changes

• remove go-rpmdb replace directive [#3908 @​wagoodman]

(Full Changelog)

v1.25.0

Added Features

• Add PHP interpreter + extensions cataloger [#2585 @​LaurentGoderre]

Bug Fixes

• update license content filtering default case to be 'none' for no content [#3903 @​spiffcs]
• Distinguish openjdk vs jdk when using file source [#3895 @​adammcclenaghan]
• Make it discoverable if Native Image contains no embedded SBOM [#3731 #3805 @​sathiya06]

(Full Changelog)

v1.24.0

Added Features

• Add cataloger for Dart pubspec [#3292 @​LaurentGoderre]
• Translate Portage license strings to SPDX expressions [#1763 @​wagoodman]
• Use package ID from decoded SBOMs when provided [#1872 @​jneate]
• Annotate visible/hidden paths when all-layers scope [#3855 @​wagoodman]
• Add support for PHP Pear [#2775 @​LaurentGoderre]
• Detect whether full license text or a license name has been provided [#3088 #3876 @​spiffcs #3450 @​spiffcs]
• Add Cataloger for Homebrew on macOS [#3632 #3724 @​rezmoss]
• Provide a way to get the LayerID the package was first found in [#435 #3858 @​wagoodman #3138 @​tomersein]
• Go binaries that currently get (devel) as the version should instead stub UNKNOWN based on the compliance policy [#3324 #3873 @​wagoodman]
• Upgrade base Docker image to gcr.io/distroless/static-debian12 [#3840 #3862 @​bgoareguer]
• Return full license string instead of SHA256 hash when license string exceeds 64 characters [#3780 #3844 @​spiffcs]
• Detect nix dependencies [#3814 #3837 @​wagoodman]

Bug Fixes

... (truncated)

• ac883f5 add cdx group as purl namespace (#3922)
• e23ca43 add PE binary cataloger (#3911)
• b4ca040 chore: update dockerfile base images to latest rolling tags (#3915)
• 828645e chore(deps): update CPE dictionary index (#3913)
• db77b54 finalize go mod ref (#3908)
• 2d4fe51 remove benchmark workflow (#3906)
• e1374f7 fix: update license content filtering default case to be 'none' for no conten...
• 9458938 chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 (#3905)
• 8cbdd38 fix: Make Native Image contains no embedded SBOM Error Discoverable (#3805)
• 8f02bd8 fix: Distinguish openjdk vs jdk when using file source (#3895)
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from github.com/bmatcuk/doublestar/v4's releases.Description has been truncated