osv-scanner 1.3.0

[chenrui333]

Created by brew bump

---

Created with brew bump-formula-pr.

release notes

## What's Changed ### Major Features:

• Feature #198 GoVulnCheck integration! Try it out when scanning go code by adding the --experimental-call-analysis flag.
• Feature #260 Support -r flag in requirements.txt files.
• Feature #300 Make IgnoredVulns also ignore aliases.
• Feature #304 OSV-Scanner now runs faster when there's multiple vulnerabilities.

Fixes

• Bug #249 Support yarn locks with quoted properties.
• Bug #232 Parse nested CycloneDX components correctly.
• Bug #257 More specific cyclone dx parsing.
• Bug #256 Avoid panic when parsing file: dependencies in pnpm lockfiles.
• Bug #261 Deduplicate packages that appear multiple times in Pipenv.lock files.
• Bug #267 Properly handle comparing zero versions in Maven.
• Bug #279 Trim leading zeros off when comparing numerical components in Maven versions.
• Bug #291 Check if PURL is valid before adding it to queries.
• Bug #293 Avoid infinite loops parsing Maven poms with syntax errors
• Bug #295 Set version in the source code, this allows version to be displayed in most package managers.
• Bug #297 Support Pipenv develop packages without versions.

API Features

• Feature #310 Improve the OSV models to allow for 3rd party use of the library.

New Contributors

• @raboof made their first contribution in feat: improved error message when pom dependency version not found google/osv-scanner#253
• @spencerschrock made their first contribution in fix: avoid infinite loops parsing Maven poms with syntax errors google/osv-scanner#294
• @calebbrown made their first contribution in Improve the OSV models to allow for 3rd party use of the library. google/osv-scanner#310

Full Changelog: google/osv-scanner@v1.2.0...v1.3.0

[github-actions]

@iMichka has requested bottles to be published to this PR.