v1.4.0
Added Features
- Add detection for newer version of ErLang/OTP [#2829 @LaurentGoderre]
- Add missing CPE for traefik, memcached, and postgres binaries [#2845 @LaurentGoderre]
- Add binary classifier for ArangoDB [#2830 @LaurentGoderre]
- Add relationships to ELF packages [#2715 @brian-ebarb @cdivers18 ]
- Add relationships for ALPM packages (arch linux) [#2851 @wagoodman]
Bug Fixes
- close temp rpmdb file [#2792 @testwill]
- fix Windows file paths in local go mod cache [#2654 @willmurphyscode]
- Package Count doesn't match list of packages [#2304 #2839 @wagoodman]
- New version 1.3.0 leads to "too many open files" while scanning bigger images [#2819 #2823 @willmurphyscode]
license_info_in_fileis mandatory in SPDX-2.2 [#2163 #2168 @kzantow]- Wrong CPE for dnsmasq [#2636 #2659 @kzantow]
- SPDX originator is not always populated [#2632 #2822 @wagoodman]
Additional Changes
- Improve linting for
defer Closetype issues [#2826] - use ruleguard to test for missing defer statements [#2837 @willmurphyscode]
- Publish security policy [#2835 @wagoodman]
- fix function name in comment [#2771 @camcui]
- enable go-critic deferInLoop lint [#2825 @willmurphyscode]
Contributors
wagoodman, LaurentGoderre, and 6 other contributors