Skip to content

v2.2.0
Compare
Choose a tag to compare
@Maarc Maarc released this 11 Apr 16:26
· 158 commits to main since this release
v2.2.0
92ee358
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

🐘 Major improvements

  • Added Bearer security analyzer
  • Updated PMD to its next major version (7.0.0)
  • Containerized all remaining tools in use: CSA-Bagger, CSA, CLOC, Fernflower, PMD: heavily reduced prerequisites, validations, simplified execution
  • Removed multi-application-group mode and application group name from report folders
  • Restructured generated reports and logs by tool
  • Centralized used versions and container names in _versions.sh
  • Added ./audit reports command to review the generated reports
  • Added ./audit validatecommand to validate the container images in use

🦓 Minor changes

  • Added memory limit check for the container engine in used (docker/podman)
  • Cleaned up layout, documentation, and K8s deployments
  • Added overall audit duration to the execution timeline page
  • Added ./audit version command
  • Bagger: upgraded dependencies and fixed CSA DB issues
  • Archeo: updated supportability-related information
  • Various fixes, stability improvements, and code removal

🦎 Tools updated

  • CSA updated to 4.1.15
  • IBM WAMT updated to 24.0.0.1
  • Linguist updated to 7.29.0
  • Scancode updated to 32.1.0
  • MAI updated to 1.9.22
  • PMD updated to 7.0.0
  • Syft updated to 1.1.1
  • Grype updated to 0.75.0
  • Trivy updated to 0.50.1
  • OSV updated to 1.7.0
  • Fernflower updated to 241.14494.240

Full Changelog: v2.1.0...v2.2.0

Assets 2
Loading