Releases
v0.5.0
Highlights
Various updates to the graphQL API
Updated to the ENT backend to make ingestion quicker
Addition of the REST API features and build out
Metrics via Prometheus
Various bug fixes and improvements
What's Changed
ede754a Add Deps.dev collector to guacone (#1661 )
89019ad Add a demo level docker compose yaml (#1747 )
42f945e Bump actions/cache from 3.3.3 to 4.0.0 (#1653 )
642a10c Bump actions/cache from 4.0.0 to 4.0.1 (#1740 )
9686503 Bump actions/create-github-app-token from 1.6.3 to 1.6.4 (#1651 )
9c3b5d0 Bump actions/create-github-app-token from 1.6.4 to 1.7.0 (#1667 )
9e3cd9d Bump actions/create-github-app-token from 1.7.0 to 1.8.0 (#1704 )
ceb3192 Bump actions/create-github-app-token from 1.8.0 to 1.8.1 (#1724 )
93887c6 Bump actions/create-github-app-token from 1.8.1 to 1.9.0 (#1741 )
45356ea Bump anchore/sbom-action from 0.15.3 to 0.15.5 (#1652 )
c350930 Bump anchore/sbom-action from 0.15.5 to 0.15.6 (#1668 )
3844bcf Bump anchore/sbom-action from 0.15.6 to 0.15.8 (#1691 )
a3c3690 Bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (#1703 )
1b58cd4 Bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 (#1742 )
a1fd412 Bump cloud.google.com/go/storage from 1.36.0 to 1.37.0 (#1687 )
1770712 Bump cloud.google.com/go/storage from 1.37.0 to 1.38.0 (#1716 )
033f281 Bump cloud.google.com/go/storage from 1.38.0 to 1.39.0 (#1744 )
d597f9e Bump entgo.io/ent v0.13.0 (#1707 )
9e5d83d Bump github.com/99designs/gqlgen from 0.17.43 to 0.17.44 (#1715 )
60210aa Bump github.com/aws/aws-sdk-go from 1.49.17 to 1.50.6 (#1672 )
f7bdab8 Bump github.com/aws/aws-sdk-go from 1.50.6 to 1.50.11 (#1689 )
68230c5 Bump github.com/aws/aws-sdk-go-v2/config from 1.26.6 to 1.27.4 (#1725 )
b1c67c9 Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.0 to 1.48.1 (#1662 )
590df02 Bump github.com/cloudevents/sdk-go/v2 from 2.10.1 to 2.15.0 (#1669 )
ce741a7 Bump github.com/cloudevents/sdk-go/v2 from 2.15.0 to 2.15.1 (#1728 )
5b8d7a9 Bump github.com/deepmap/oapi-codegen/v2 from 2.0.1-0.20240123090344-d326c01d279a to 2.1.0 (#1713 )
0919d31 Bump github.com/fsouza/fake-gcs-server from 1.47.7 to 1.47.8 (#1743 )
13b5121 Bump github.com/getkin/kin-openapi from 0.122.0 to 0.123.0 (#1727 )
a6c67d3 Bump github.com/google/osv-scanner from 1.4.3 to 1.6.1 (#1657 )
b7e84b9 Bump github.com/jedib0t/go-pretty/v6 from 6.5.3 to 6.5.4 (#1673 )
755c47e Bump github.com/klauspost/compress from 1.17.4 to 1.17.5 (#1671 )
efd46f3 Bump github.com/klauspost/compress from 1.17.5 to 1.17.6 (#1701 )
6c45c18 Bump github.com/moby/buildkit from 0.12.2 to 0.12.5 (#1679 )
e1d3451 Bump github.com/nats-io/nats-server/v2 from 2.10.9 to 2.10.10 (#1686 )
32169e5 Bump github.com/nats-io/nats.go from 1.32.0 to 1.33.1 (#1726 )
8eaa7ed Bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 (#1745 )
cf9ccd3 Bump github.com/redis/go-redis/v9 from 9.4.0 to 9.5.0 (#1714 )
75a5ae7 Bump github.com/regclient/regclient from 0.5.5 to 0.5.6 (#1688 )
644b493 Bump github.com/regclient/regclient from 0.5.6 to 0.5.7 (#1700 )
91a9be2 Bump github.com/segmentio/kafka-go from 0.4.46 to 0.4.47 (#1655 )
315dfef Bump github.com/sigstore/sigstore from 1.8.0 to 1.8.1 (#1654 )
ec85ecd Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1746 )
4adbf13 Bump github.com/swaggo/swag from 1.16.2 to 1.16.3 (#1698 )
694a8f2 Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#1702 )
6e88dab Bump google.golang.org/api from 0.154.0 to 0.157.0 (#1656 )
9db9b6a Bump google.golang.org/api from 0.157.0 to 0.160.0 (#1670 )
abd5a73 Bump google.golang.org/grpc from 1.60.1 to 1.61.0 (#1685 )
e023b46 Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#1690 )
d5feab1 ENT - bulk ingestion and update to use IDorInputSpec
(#1732 )
237ff8c Encoding guesser (#1472 )
f750549 Error and exit when initialization fails (#1674 )
e9e3551 Fix License node ingestion when no LicenseListVersion provided. (#1738 )
431a286 Fix the incorrect callingFuncName
in the getNeighborIDFromCursor
(#1730 )
52a55e4 Github Collector Enhancements (#1566 )
dbf92ad Gqlschemafix (#1683 )
5fbba0d Id or inputspec (#1708 )
645dcbc Implemented key value search (#1711 )
e8ff763 Improve guac query vuln error message (#1695 )
e2c8157 Included http middleware to measure the graphql response times using prometheus. (#1675 )
de3cd11 Included prometheus server for guacql (#1635 )
c628147 Move all arango tests to common integration test suite. (#1660 )
2169376 Update CONTRIBUTING.md about DCO and CLA. (#1723 )
b0969e3 Update default blob-addr
to use filesystem (for docker-compose and k8s) (#1666 )
f6e9f46 Use filename as qualifier for SBOM file references (#1546 )
f393612 Use graphql.HasOperationContext in arangodb assembler (#1659 )
db84270 Utilize gocloud and blob store to work around pubsub message size (#1630 )
2b3b18e [Rest API] Adds the initial API Spec and guacrest cli. (#1665 )
eee82ba abstract pubsub service via gocloud (#1664 )
3f2ef06 add purl helper to convert from allPkgTree fragment (#1681 )
99a4d54 attempt to fix golangci-lint issues (#1735 )
8c27a44 feature: Verify the DSSE envelope if the verifier-key-path and verifier-key-id are provided. Fail the provenance ingestion if the document is not verified. (#1712 )
1e337e3 fix: s3 collector (#1658 )
f1703bd fix[update-arango-graph] - creates a missing collection in already pr… (#1649 )
db6cfcc removing MAX_CONCURRENT_JOBS (#1682 )
ef4c295 save qualifiers from golang loop semantics (#1684 )
753e57b separate software IDs into packages and artifacts for hasSBOM ingestion (#1718 )
c3464f8 update dsse processor to not guess unpacked payload (#1647 )
277c791 update hasSBOM ingestion for large SBOMs and increase batch size for bulk ingestion (#1748 )
You can’t perform that action at this time.