v0.20.0

What's New

Added

• REST support for free services (vulnerabilities & dependencies)
• Added vulnerability scanner to SDK with HTTP client support
• Implemented vulnerabilitiesComponentes method for batch vulnerability scanning of multiple components
• Implemented vulnerabilitiesComponent method for single component vulnerability assessment

v0.19.0

What's New

Changed

• Removed api prefix from dependency and vulnerability API URLs

Fixed

• Fixed license field mapping for dependency responses (spdx_id, is_spdx_approved)

v0.18.0

What's New

Added

• Added REST protocol implementation for SCANOSS dependency service
• Added proxy options to dep subcommand

Fixed

• Improved URL path handling for free vs premium SCANOSS endpoints

Changed

• Added gRPC and REST clients

Full Changelog: v0.17.3...v0.18.0

v0.17.3

What's Changed

Fixed

• Empty winnowing.wfp file now created when scanning empty directories or filtered content

v0.17.2

What's Changed

Fixed

• Fixed dependency scan response concatenation

v0.17.1

What's Changed

Chunk dependency requests

Full Changelog: v0.17.0...v0.17.1

v0.17.0

V0.17.0

Fixed

• Fixed ca-certificates for gRPC protocol

Changed

• Improved scanner config validation

v0.16.3

What's Changed

• Fixed slash encoding in npm package identifiers
• Fixed cryptographic scanning bug that freezes when encountering empty entries

Full Changelog: v0.16.2...v0.16.3

v0.16.2

What's Changed

• Skips binary files on crypto scanning
• Supports new definitions of crypto algorithm rules

Full Changelog: v0.16.1...v0.16.2

v0.16.0

What's Changed

• Fixed LICENSE
• Added cryptography library scanning

Full Changelog: v0.15.7...v0.16.0