Skip to content

Commit

Permalink
chore(release): changelog for v1.8.5 (#1237)
Browse files Browse the repository at this point in the history
Prepare for v1.8.5 release
  • Loading branch information
cuixq authored Sep 11, 2024
1 parent 981b0b5 commit 6f61445
Show file tree
Hide file tree
Showing 5 changed files with 66 additions and 53 deletions.
13 changes: 13 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,16 @@
# v1.8.5:

### Features:

- [Feature #1160](https://github.com/google/osv-scanner/pull/1160) Support fetching snapshot versions from a Maven registry.
- [Feature #1177](https://github.com/google/osv-scanner/pull/1177) Support composite-based package overrides. This allows for ignoring entire manifests when scanning.
- [Feature #1210](https://github.com/google/osv-scanner/pull/1210) Add FIXED-VULN-IDS to guided remediation non-interactive output.

### Fixes:

- [Bug #1220](https://github.com/google/osv-scanner/issues/1220) Fix govulncheck calls on C code.
- [Bug #1236](https://github.com/google/osv-scanner/pull/1236) Alpine package scanning now falls back to latest release version if no release version can be found.

# v1.8.4:

### Features:
Expand Down
8 changes: 4 additions & 4 deletions cmd/osv-scanner/__snapshots__/main_test.snap
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ No package sources found, --help for usage information.
---

[TestRun/#01 - 1]
osv-scanner version: 1.8.4
osv-scanner version: 1.8.5
commit: n/a
built at: n/a

Expand Down Expand Up @@ -141,7 +141,7 @@ Loaded filter from: <rootdir>/fixtures/locks-many/osv-scanner.toml
"informationUri": "https://github.com/google/osv-scanner",
"name": "osv-scanner",
"rules": [],
"version": "1.8.4"
"version": "1.8.5"
}
},
"results": []
Expand Down Expand Up @@ -254,7 +254,7 @@ Loaded Alpine local db from <tempdir>/osv-scanner/Alpine/all.zip
}
}
],
"version": "1.8.4"
"version": "1.8.5"
}
},
"artifacts": [
Expand Down Expand Up @@ -793,7 +793,7 @@ Scanned <rootdir>/fixtures/locks-insecure/osv-scanner-flutter-deps.json file as
}
}
],
"version": "1.8.4"
"version": "1.8.5"
}
},
"artifacts": [
Expand Down
12 changes: 6 additions & 6 deletions docs/github-action.md
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ permissions:

jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
```
### View results
Expand Down Expand Up @@ -98,7 +98,7 @@ permissions:
jobs:
scan-scheduled:
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
```

As written, the scanner will run on 12:30 pm UTC every Monday, and also on every push to the main branch. You can change the schedule by following the instructions [here](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule).
Expand Down Expand Up @@ -133,7 +133,7 @@ permissions:

jobs:
osv-scan:
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
with:
# Only scan the top level go.mod file without recursively scanning directories since
# this is pipeline is about releasing the go module and binary
Expand Down Expand Up @@ -186,7 +186,7 @@ Examples
```yml
jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
with:
scan-args: |-
--lockfile=./path/to/lockfile1
Expand All @@ -198,7 +198,7 @@ jobs:
```yml
jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
with:
scan-args: |-
--recursive
Expand All @@ -225,7 +225,7 @@ jobs:
name: Vulnerability scanning
# makes sure the extraction step is completed before running the scanner
needs: extract-deps
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
uses: "google/osv-scanner-action/.github/workflows/[email protected].5"
with:
# Download the artifact uploaded in extract-deps step
download-artifact: converted-OSV-Scanner-deps
Expand Down
Loading

0 comments on commit 6f61445

Please sign in to comment.