v2.4.0
Installation
Cargo
cargo install uv-sbomPython (PyPI)
pip install uv-sbom-binPre-built Binaries
macOS (Apple Silicon):
curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v2.4.0/uv-sbom-aarch64-apple-darwin.tar.gz
tar xzf uv-sbom-aarch64-apple-darwin.tar.gz
sudo mv uv-sbom /usr/local/bin/macOS (Intel):
curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v2.4.0/uv-sbom-x86_64-apple-darwin.tar.gz
tar xzf uv-sbom-x86_64-apple-darwin.tar.gz
sudo mv uv-sbom /usr/local/bin/Linux (x86_64):
curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v2.4.0/uv-sbom-x86_64-unknown-linux-gnu.tar.gz
tar xzf uv-sbom-x86_64-unknown-linux-gnu.tar.gz
sudo mv uv-sbom /usr/local/bin/Windows:
Download the .zip file below and extract to your desired location.
Verify Installation
uv-sbom --versionSee the README for full documentation.
What's Changed
- feat(ports): add MaintenanceRepository port and AbandonedPackages read models by @Taketo-Yoda in #557
- feat(adapters): add PyPiMaintenanceRepository outbound adapter by @Taketo-Yoda in #558
- feat(cli): add --check-abandoned and --abandoned-threshold-days flags with config support by @Taketo-Yoda in #559
- feat(application): integrate abandoned package detection into GenerateSbomUseCase (#555) by @Taketo-Yoda in #560
- feat(adapters): add Abandoned Packages Markdown section and i18n messages (#556) by @Taketo-Yoda in #562
- chore(deps): bump tokio from 1.52.1 to 1.52.2 in the dependencies group by @dependabot[bot] in #563
- docs(examples): add check_abandoned entries to sample-project config by @Taketo-Yoda in #570
- docs(examples): add sample-project README with --check-abandoned usage guide by @Taketo-Yoda in #571
- process(implement): add CLI flag documentation gate as Step 4.3 by @Taketo-Yoda in #572
- docs: Add --check-abandoned documentation to README.md and README-JP.md by @Taketo-Yoda in #573
- docs(examples): add abandoned-packages-project for --check-abandoned demo by @Taketo-Yoda in #574
- process(pr): add Step 4.6 CLI flag documentation backstop gate by @Taketo-Yoda in #575
- feat(domain): add DependencyDiff types and DependencyDiffAnalyzer service by @Taketo-Yoda in #582
- refactor(ports,adapters): define DiffLockfileReader port and extract parse_lockfile_content as shared pub fn (#577) by @Taketo-Yoda in #583
- feat(adapters): implement GitLockfileReader adapter with git ref security validation by @Taketo-Yoda in #584
- chore(deps): bump the dependencies group with 2 updates by @dependabot[bot] in #585
- feat(adapters): add DiffMarkdownFormatter and DiffJsonFormatter by @Taketo-Yoda in #586
- feat(application): add DiffRequest DTO and GenerateDiffUseCase by @Taketo-Yoda in #587
- feat(diff): wire --diff flag in CLI, main.rs branching, and update documentation by @Taketo-Yoda in #588
- fix(diff): resolve git show path relative to project_path for subdirectory projects by @Taketo-Yoda in #590
- chore(release): prepare v2.4.0 by @Taketo-Yoda in #592
- chore(release): v2.4.0 by @Taketo-Yoda in #594
Full Changelog: v2.3.0...v2.4.0
Contributors
dependabot and Taketo-Yoda