Workflow

Guarddog

Latest version: v1.7.0

Safety actively analyzes 624811 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

1.7.0

What's Changed

Improvements and bug fixes:
* Add NPM detection of sensitive data exfiltration javascript code by sobregosodd in https://github.com/DataDog/guarddog/pull/346
* Adding parameter to scan files up to 10Mb by sobregosodd in https://github.com/DataDog/guarddog/pull/347

Chores:
* Bump coverage from 7.4.4 to 7.5.1 by dependabot in https://github.com/DataDog/guarddog/pull/354
* Bump mypy from 1.9.0 to 1.10.0 by dependabot in https://github.com/DataDog/guarddog/pull/348
* Bump pytest from 8.1.1 to 8.2.0 by dependabot in https://github.com/DataDog/guarddog/pull/351
* Bump python-whois from 0.9.3 to 0.9.4 by dependabot in https://github.com/DataDog/guarddog/pull/350

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.6.0...v1.7.0

1.6.0

What's Changed

Improvements and bug fixes:
* improve download-executable with urlretrieve by sobregosodd in https://github.com/DataDog/guarddog/pull/328
* fix download-executable false negatives by sobregosodd in https://github.com/DataDog/guarddog/pull/329
* [SINT-1985] Decrease "npm_metadata_mismatch" noisiness by juliendoutre in https://github.com/DataDog/guarddog/pull/331
* Move "unclaimed maintainer email domain" to New Signal by cedricvanrompay-datadog in https://github.com/DataDog/guarddog/pull/342
* Add NPM detection of obfuscated javascript code by sobregosodd in https://github.com/DataDog/guarddog/pull/335
* Pass expected dictionary format for status code verification by zayacb in https://github.com/DataDog/guarddog/pull/334

Chores:
* Bump termcolor from 2.3.0 to 2.4.0 by dependabot in https://github.com/DataDog/guarddog/pull/327
* Bump python-whois from 0.8.0 to 0.9.3 by dependabot in https://github.com/DataDog/guarddog/pull/326
* Bump pytest-mock from 3.11.1 to 3.14.0 by dependabot in https://github.com/DataDog/guarddog/pull/325
* Bump pygit2 from 1.12.2 to 1.14.1 by dependabot in https://github.com/DataDog/guarddog/pull/324
* Bump setuptools from 68.0.0 to 69.2.0 by dependabot in https://github.com/DataDog/guarddog/pull/323
* Bump idna from 3.4 to 3.7 by dependabot in https://github.com/DataDog/guarddog/pull/332
* Bump configparser from 6.0.1 to 7.0.0 by dependabot in https://github.com/DataDog/guarddog/pull/340
* Bump mypy from 1.4.1 to 1.9.0 by dependabot in https://github.com/DataDog/guarddog/pull/339
* Bump pytest from 7.4.0 to 8.1.1 by dependabot in https://github.com/DataDog/guarddog/pull/338
* Bump python-dateutil from 2.8.2 to 2.9.0.post0 by dependabot in https://github.com/DataDog/guarddog/pull/337
* Bump prettytable from 3.8.0 to 3.10.0 by dependabot in https://github.com/DataDog/guarddog/pull/336
* Bump setuptools from 69.2.0 to 69.5.1 by dependabot in https://github.com/DataDog/guarddog/pull/344

New Contributors
* zayacb made their first contribution in https://github.com/DataDog/guarddog/pull/334

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.8...v1.6.0

1.5.8

What's Changed
Improvements and bug fixes:
* Fixed detection for `code-execution` in https://github.com/DataDog/guarddog/issues/306
* Bump semgrep verstion from 0.112.1 to 1.67.0 by sobregosodd in https://github.com/DataDog/guarddog/pull/322

New Contributors
* sobregosodd made their first contribution in https://github.com/DataDog/guarddog/pull/322

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.7...v1.5.8

1.5.7

What's Changed

Improvements and bug fixes:
* Identify when code is decrypted and executed on the fly by christophetd in https://github.com/DataDog/guarddog/pull/316

Chores:
* Bump urllib3 from 1.26.16 to 1.26.18 by dependabot in https://github.com/DataDog/guarddog/pull/317
* Bump coverage from 7.2.7 to 7.4.4 by dependabot in https://github.com/DataDog/guarddog/pull/319
* Bump certifi from 2023.5.7 to 2023.7.22 by dependabot in https://github.com/DataDog/guarddog/pull/318
* Bump pyyaml from 6.0 to 6.0.1 by dependabot in https://github.com/DataDog/guarddog/pull/270
* Bump flake8 from 6.0.0 to 7.0.0 by dependabot in https://github.com/DataDog/guarddog/pull/320
* Bump click from 8.1.4 to 8.1.7 by dependabot in https://github.com/DataDog/guarddog/pull/275
* Bump configparser from 5.3.0 to 6.0.1 by dependabot in https://github.com/DataDog/guarddog/pull/321


**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.6...v1.5.7

1.5.6

What's Changed
* Fixed `write_package_info` argument by enelli in https://github.com/DataDog/guarddog/pull/315
* Updated npm-install-script rule by cedricvanrompay-datadog https://github.com/DataDog/guarddog/pull/313
* Updated CLI err msg and update code by jxdv https://github.com/DataDog/guarddog/pull/309


**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.5...v1.5.6

1.5.5

What's Changed
* refact: Simplify python statements by jxdv in https://github.com/DataDog/guarddog/pull/298
* Address some false positives with shady-links by Taiki-San in https://github.com/DataDog/guarddog/pull/305


**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.4...v1.5.5

Page 1 of 6

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.