Guarddog

Latest version: v1.8.2

Safety actively analyzes 633680 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

1.8.2

What's Changed
* Bugfix: Fix regression in SARIF scan output by christophetd in https://github.com/DataDog/guarddog/pull/369

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.8.1...v1.8.2

1.8.1

What's Changed

Improvements and bug fixes:
* Adding FP case to npm-obfuscation by sobregosodd in https://github.com/DataDog/guarddog/pull/366
* fix rules assignment per ecosystem by sobregosodd in https://github.com/DataDog/guarddog/pull/365


**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.8.0...v1.8.1

1.8.0

What's Changed

Improvements and bug fixes:
* Add npm-exfiltrate-sensitive-data case by sobregosodd in https://github.com/DataDog/guarddog/pull/352
* improve shady-links matching by sobregosodd in https://github.com/DataDog/guarddog/pull/358
* Add detection of compiled binaries in package code by sobregosodd in https://github.com/DataDog/guarddog/pull/355
* add download_executable missing detection by sobregosodd in https://github.com/DataDog/guarddog/pull/363

Chores:
* Bump requests from 2.31.0 to 2.32.0 by dependabot in https://github.com/DataDog/guarddog/pull/361
* Bump pygit2 from 1.14.1 to 1.15.0 by dependabot in https://github.com/DataDog/guarddog/pull/360
* Bump pytest from 8.2.0 to 8.2.1 by dependabot in https://github.com/DataDog/guarddog/pull/359


**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.7.0...v1.8.0

1.7.0

What's Changed

Improvements and bug fixes:
* Add NPM detection of sensitive data exfiltration javascript code by sobregosodd in https://github.com/DataDog/guarddog/pull/346
* Adding parameter to scan files up to 10Mb by sobregosodd in https://github.com/DataDog/guarddog/pull/347

Chores:
* Bump coverage from 7.4.4 to 7.5.1 by dependabot in https://github.com/DataDog/guarddog/pull/354
* Bump mypy from 1.9.0 to 1.10.0 by dependabot in https://github.com/DataDog/guarddog/pull/348
* Bump pytest from 8.1.1 to 8.2.0 by dependabot in https://github.com/DataDog/guarddog/pull/351
* Bump python-whois from 0.9.3 to 0.9.4 by dependabot in https://github.com/DataDog/guarddog/pull/350

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.6.0...v1.7.0

1.6.0

What's Changed

Improvements and bug fixes:
* improve download-executable with urlretrieve by sobregosodd in https://github.com/DataDog/guarddog/pull/328
* fix download-executable false negatives by sobregosodd in https://github.com/DataDog/guarddog/pull/329
* [SINT-1985] Decrease "npm_metadata_mismatch" noisiness by juliendoutre in https://github.com/DataDog/guarddog/pull/331
* Move "unclaimed maintainer email domain" to New Signal by cedricvanrompay-datadog in https://github.com/DataDog/guarddog/pull/342
* Add NPM detection of obfuscated javascript code by sobregosodd in https://github.com/DataDog/guarddog/pull/335
* Pass expected dictionary format for status code verification by zayacb in https://github.com/DataDog/guarddog/pull/334

Chores:
* Bump termcolor from 2.3.0 to 2.4.0 by dependabot in https://github.com/DataDog/guarddog/pull/327
* Bump python-whois from 0.8.0 to 0.9.3 by dependabot in https://github.com/DataDog/guarddog/pull/326
* Bump pytest-mock from 3.11.1 to 3.14.0 by dependabot in https://github.com/DataDog/guarddog/pull/325
* Bump pygit2 from 1.12.2 to 1.14.1 by dependabot in https://github.com/DataDog/guarddog/pull/324
* Bump setuptools from 68.0.0 to 69.2.0 by dependabot in https://github.com/DataDog/guarddog/pull/323
* Bump idna from 3.4 to 3.7 by dependabot in https://github.com/DataDog/guarddog/pull/332
* Bump configparser from 6.0.1 to 7.0.0 by dependabot in https://github.com/DataDog/guarddog/pull/340
* Bump mypy from 1.4.1 to 1.9.0 by dependabot in https://github.com/DataDog/guarddog/pull/339
* Bump pytest from 7.4.0 to 8.1.1 by dependabot in https://github.com/DataDog/guarddog/pull/338
* Bump python-dateutil from 2.8.2 to 2.9.0.post0 by dependabot in https://github.com/DataDog/guarddog/pull/337
* Bump prettytable from 3.8.0 to 3.10.0 by dependabot in https://github.com/DataDog/guarddog/pull/336
* Bump setuptools from 69.2.0 to 69.5.1 by dependabot in https://github.com/DataDog/guarddog/pull/344

New Contributors
* zayacb made their first contribution in https://github.com/DataDog/guarddog/pull/334

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.8...v1.6.0

1.5.8

What's Changed
Improvements and bug fixes:
* Fixed detection for `code-execution` in https://github.com/DataDog/guarddog/issues/306
* Bump semgrep verstion from 0.112.1 to 1.67.0 by sobregosodd in https://github.com/DataDog/guarddog/pull/322

New Contributors
* sobregosodd made their first contribution in https://github.com/DataDog/guarddog/pull/322

**Full Changelog**: https://github.com/DataDog/guarddog/compare/v1.5.7...v1.5.8

Page 1 of 6

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.