Esp-idf-sbom

Bug Fixes

- include all used components in the project's SPDX dependencies

New Features

- enable keyword search in CVE description

New Features

- allow usage of local NVD mirror for vulnerability scanning

Bug Fixes

- skip manifest validation in pre-commit if a git rebase is in progress
- exclude files from sub-package if it's not included
- properly manage input paths for the manifest license sub-command
- include missing dependencies for the SPDX project package

Bug Fixes

- correct global variable annotation for Python versions prior to 3.8
- ensure pyparsing usage remains compatible with version 2.2.2 or newer

New Features

- add a global list of excluded CVEs
- allow conditional expressions in manifest files
- introduce virtual package support

New Features

- introduce -n/--name option to enable querying NVD by package name

Bug Fixes

- skip unregistered components