Releases: ossf/pvtr-github-repo-scanner
Releases · ossf/pvtr-github-repo-scanner
v0.24.0
Changelog
🚀 Features
- feat: add best practices badge URL generator @vinayada1 (#301)
🐛 Bug Fixes
- fix: grant discussions:write and add Breaking Changes drafter category @jmeridth (#322)
- fix: backwards compatible catalog for 'osps-baseline' id @eddie-knight (#307)
🧰 Maintenance
- chore(deps): bump privateer from 0.21.0 to 0.21.2 @github-actions[bot] (#328)
- chore(deps): bump golang from 1.26.2-alpine3.22 to 1.26.3-alpine3.22 @dependabot[bot] (#314)
- chore(deps): bump the dependencies group with 4 updates @dependabot[bot] (#329)
- chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 in the dependencies group @dependabot[bot] (#324)
- chore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 @dependabot[bot] (#323)
- chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 in the dependencies group @dependabot[bot] (#309)
- ci: align release workflow with ospo-reusable-workflows v1.0.1 @jmeridth (#317)
- chore(deps): bump github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml from 0.6.0 to 1.0.1 @dependabot[bot] (#310)
- chore(deps): bump github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml from 0.6.0 to 1.0.1 @dependabot[bot] (#312)
- chore(deps): bump github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml from 0.6.0 to 1.0.1 @dependabot[bot] (#313)
- chore(deps): bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 @dependabot[bot] (#306)
- chore: added typed step to simplify payload verification @eddie-knight (#302)
- chore(deps): bump privateer from 0.20.3 to 0.21.0 @github-actions[bot] (#303)
- chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 in the dependencies group @dependabot[bot] (#304)
See details of all code changes since previous release
Contributors
jmeridth, eddie-knight, and vinayada1
Assets 17
- 1.56 KB
2026-05-30T03:03:21Z - 17.1 MB
2026-05-30T03:03:20Z - 204 KB
2026-05-30T03:03:21Z - 7.83 MB
2026-05-30T03:03:20Z - 112 KB
2026-05-30T03:03:21Z - 8.21 MB
2026-05-30T03:03:20Z - 110 KB
2026-05-30T03:03:22Z - 8.63 MB
2026-05-30T03:03:20Z - 112 KB
2026-05-30T03:03:22Z - 7.95 MB
2026-05-30T03:03:20Z -
2026-05-30T02:58:01Z -
2026-05-30T02:58:01Z - Loading
v0.23.2
Changelog
🧰 Maintenance
- chore: upgrade sdk @eddie-knight (#300)
- chore(deps): bump privateer from 0.20.2 to 0.20.3 @github-actions[bot] (#297)
- chore(deps): bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 in the dependencies group @dependabot[bot] (#299)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#293)
- chore(deps): bump golang from
c259ff7to7ef9411@dependabot[bot] (#294) - chore(deps): bump alpine from
2510918to5b10f43@dependabot[bot] (#295) - chore(deps): bump github.com/go-git/go-git/v5 from 5.17.2 to 5.18.0 @dependabot[bot] (#292)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#291)
See details of all code changes since previous release
Contributors
eddie-knight
Assets 17
v0.23.1
Changelog
🧰 Maintenance
- chore(deps): bump privateer from 0.15.0 to 0.20.2 and fix Docker/CI integration @github-actions[bot] (#290)
- chore: upgrade go to 1.26.2 @jmeridth (#289)
See details of all code changes since previous release
Contributors
jmeridth
Assets 17
v0.23.0
Changelog
🚀 Features
- feat: implement OSPS-QA-05.02 detect unreviewable binary artifacts @vinayada1 (#279)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.22.2
Changelog
🐛 Bug Fixes
- fix: stop leaking GITHUB_TOKEN in CI script tracing @vinayada1 (#282)
- fix: pin GitHub Actions to commit SHAs to prevent supply-chain attacks @vinayada1 (#281)
🧰 Maintenance
- chore(deps): bump golang from 1.25.1-alpine3.22 to 1.26.1-alpine3.22 @dependabot[bot] (#285)
- chore(deps): bump the dependencies group across 1 directory with 1 update @dependabot[bot] (#286)
- chore(deps): bump actions/setup-go from 5.4.0 to 6.4.0 @dependabot[bot] (#287)
- chore(deps): bump alpine from 3.22 to 3.23 @dependabot[bot] (#284)
- chore(deps): pin docker images and automate privateer updates @vinayada1 (#283)
- chore(deps): bump github.com/rhysd/actionlint from 1.7.11 to 1.7.12 in the dependencies group @dependabot[bot] (#278)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.22.1
Changelog
🐛 Bug Fixes
🧰 Maintenance
- chore(deps): bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1 @dependabot[bot] (#276)
See details of all code changes since previous release
Contributors
jmeridth
Assets 17
v0.22.0
Changelog
🚀 Features
- feat: implement OSPS-BR-01.02 branch name sanitization check @vinayada1 (#275)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.21.0
Changelog
🚀 Features
- feat: support multiple control catalog versions @vinayada1 (#269)
🧰 Maintenance
- chore(deps): bump github.com/privateerproj/privateer-sdk from 1.21.0 to 1.22.0 in the dependencies group @dependabot[bot] (#274)
- chore(deps): bump the dependencies group with 6 updates @dependabot[bot] (#272)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.20.0
Changelog
🚀 Features
- feat: MFA is builtin for GitHub @eddie-knight (#271)
🧰 Maintenance
- chore(deps): bump google.golang.org/grpc from 1.71.0 to 1.79.3 @dependabot[bot] (#270)
- ci: add CI workflow to run plugin against itself @jmeridth (#267)
- docs: fix local docker run command in README @jmeridth (#268)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#265)
- docs: Add local usage instructions to README @sangramrath (#264)
- chore(deps): bump the dependencies group with 5 updates @dependabot[bot] (#266)
- chore(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in the dependencies group @dependabot[bot] (#259)
- chore(deps): bump anchore/sbom-action from 0.23.0 to 0.23.1 in the dependencies group @dependabot[bot] (#260)
- chore(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 @dependabot[bot] (#261)
- chore(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 @dependabot[bot] (#262)
See details of all code changes since previous release
Contributors
jmeridth, sangramrath, and eddie-knight
Assets 17
v0.19.2
Changelog
🐛 Bug Fixes
🧰 Maintenance
- chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 @dependabot[bot] (#253)
- chore(deps): bump actions/attest-sbom from 3.0.0 to 4.0.0 @dependabot[bot] (#252)
- chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 @dependabot[bot] (#251)
- chore(deps): bump actions/attest-build-provenance from 3 to 4 @dependabot[bot] (#250)
- chore(deps): bump anchore/sbom-action from 0.22.2 to 0.23.0 in the dependencies group @dependabot[bot] (#249)
- chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 @dependabot[bot] (#248)
- chore(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 @dependabot[bot] (#247)
- chore(deps): bump github.com/privateerproj/privateer-sdk from 1.18.0 to 1.19.0 in the dependencies group @dependabot[bot] (#246)
See details of all code changes since previous release
Contributors
jmeridth