Skip to content

Releases: fossas/fossa-cli

v3.6.0

05 Nov 00:41
@github-actions github-actions
v3.6.0
56e991e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.6.0

Promote C/C++ features to general availability (#1087).

  • --experimental-enable-vsi is now --detect-vendored.
  • --experimental-analyze-dynamic-deps is now --detect-dynamic.
Loading

v3.5.3

03 Nov 17:54
@github-actions github-actions
v3.5.3
b390806
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.3
  • Manual Dependencies: Linux Dependencies (rpm-generic, apk, deb) can be provided as reference dependencies in fossa-deps file (#1086).
Loading

v3.5.2

28 Oct 18:17
@github-actions github-actions
v3.5.2
f90d8f6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.2

Container Scanning: Fixes an issue with base64 encoded raw authentications (#1085).

Loading

v3.5.1

26 Oct 00:22
@github-actions github-actions
v3.5.1
719fbe7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.1
  • Contributor counting: update the contributor count range from 90 days to 365 days. (#1083)
Loading

v3.5.0

25 Oct 17:47
@github-actions github-actions
v3.5.0
c8df450
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.0

Container Scanning: Uses native container scanner, deprecates old container scanner (#1078), (#1079), (#1080), (#1082).

With this release,

  • container scanning analyzes projects for applications (npm, pip, etc) dependencies.
  • container scanning can filter specific targets via target exclusions using fossa configuration file.
  • fossa-cli's windows binary can perform container scanning.
  • container scanned projects will show origin path in FOSSA web UI.
  • container scanned projects can target specific architecture via digest.

You can use --only-system-deps flag to only scan for dependencies from apk, dpkg, dpm. This will mimic behaviour of older FOSSA CLI's container scanning (older than v3.5.0).

Learn more:

If you experience any issues with this release or have questions, please contact FOSSA Support.

Loading

v3.4.11

18 Oct 15:40
@github-actions github-actions
v3.4.11
642aa42
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.4.11
  • Npm (Lockfile v3) - Fixes a defect where, sometimes wrong version of the dependency was reported if multiple version of the same dependency existed in the lock file. (#1075)
  • Npm (Lockfile v2) - Fixes a defect where, sometimes wrong version of the dependency was reported if multiple version of the same dependency existed in the lock file. (#1075)
Loading

v3.4.10

17 Oct 14:54
@github-actions github-actions
v3.4.10
07fae62
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.4.10

Scala: Supports analysis of multi-project sbt builds with sbt-dependency-graph plugin. (#1074).

Loading

v3.4.9

13 Oct 22:14
@github-actions github-actions
v3.4.9
41f1fbb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.4.9
  • Scan Summary: Identifies project skipped due to production path filtering, or exclusion filtering. (#1071)
  • R: Adds support for renv package manager. (#1062)
Loading

v3.4.8

11 Oct 18:10
@github-actions github-actions
v3.4.8
b2d6a67
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.4.8
  • Report: Fixes a defect where the report command failed due to an invalid dependencies cache. This fix only applies to endpoints with FOSSA v4.2.24 or above. (#1068).
Loading

v3.4.7

06 Oct 22:53
@github-actions github-actions
v3.4.7
7949e2a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.4.7
  • Linux releases are now packaged as both tar.gz and zip to improve compatibility when installing (#1066)
Loading