v0.55.3

Bug Fixes

• rejections should override fixes [#1092 @willmurphyscode]

(Full Changelog)

v0.55.2

Bug Fixes

• ESM not affected inference [#1077 @willmurphyscode]
• skip BDSA records [#1090 @willmurphyscode]
• Fix cpe format mismatch for fix-date searches [#1070 @wagoodman]

Additional Changes

• configure uv to exclude package versions newer than 1 week [#1088 @westonsteimel]

(Full Changelog)

v0.55.1

Bug Fixes

• Make fedora provider incremental [#1058 @willmurphyscode]

Additional Changes

• bump go to 1.25.x and check latest [#1061 @willmurphyscode]

(Full Changelog)

v0.55.0

Added Features

• Allow for overriding the root dir via env [#1057 @wagoodman]

(Full Changelog)

v0.54.0

Added Features

• Add a provider for Fedora [#598 #1052 @willmurphyscode]

Bug Fixes

• Revert "Disable use of external first-observed db" [#1053 @wagoodman]

Additional Changes

• Add nvd to large runner group [#1055 @wagoodman]

(Full Changelog)

v0.53.0

Added Features

• Denote large runners [#1050 @wagoodman]

Bug Fixes

• Disable use of external first-observed db [#1051 @wagoodman]

(Full Changelog)

v0.52.1

Bug Fixes

• parse older photon advisories [#1047 @willmurphyscode]

(Full Changelog)

v0.52.0

Added Features

• Support Photon OS CVE Feeds [#259 #1044 @willmurphyscode]
• Support Python 3.14 [#952]

(Full Changelog)

v0.51.0

Added Features

• github: persist all of the reference links in the final result [#646 #1032 @westonsteimel]

Additional Changes

• CVSS data from Github will stop working after 2025-10-01 [#871 #1032 @westonsteimel]

(Full Changelog)

v0.50.0

Added Features

• pull erlang advisory data [#747 @westonsteimel]
• alpine: consider the security-rejections data [#1012 #1023 @willmurphyscode]
• secureOS provider [#1024 #941 @divolgin]

Bug Fixes

• include security-rejections urls in provider metadata [#1025 @westonsteimel]

(Full Changelog)