Workflow

Owasp-depscan

Latest version: v5.5.0

Safety actively analyzes 682244 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 8 of 21

5.0.4

What's Changed
* Trim aliasing for vendorless packages by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/188


**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v5.0.3...v5.0.4

5.0.3

What's Changed
* Handle invalid severities. by cerrussell in https://github.com/owasp-dep-scan/dep-scan/pull/187
* Search by purl. Also fixes 185 by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/186


**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v5.0.2...v5.0.3

5.0.2

What's Changed
* Add concurrency settings to workflows by cerrussell in https://github.com/owasp-dep-scan/dep-scan/pull/176
* Fixing the example workflow link for pulling image via oras cli by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/178
* 140 - Option to create custom reports using Jinja by heubeck in https://github.com/owasp-dep-scan/dep-scan/pull/177
* PoC/Writeup to enable the GUI mode for dep-scan, perhaps in the future… by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/180
* Fix/issue 182 cvss regex by cerrussell in https://github.com/owasp-dep-scan/dep-scan/pull/183

New Contributors
* heubeck made their first contribution in https://github.com/owasp-dep-scan/dep-scan/pull/177 🎉

**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v5.0.1...v5.0.2

5.0.1

What's Changed
* Updating the README with an example to show SBOM uploading in action by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/172
* Some pylint fixes. Also fixes crash with empty results by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/173
* Update CSAF ReadMe, add missing csaf 2.0 schema. cerrussell in https://github.com/owasp-dep-scan/dep-scan/commit/e0370e211f1b7173437985caaae7e2efd59ae87c


**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v5.0.0...v5.0.1

5.0.0

Introduction

This is an exciting major release of depscan. Powered by the latest [atom](https://github.com/AppThreat/atom) and [cdxgen](https://github.com/CycloneDX/cdxgen), depscan can perform reachability analysis for languages such as Java, JavaScript/TypeScript, and Python to further triage and generate actionable results.

![Reachable flows](https://github.com/owasp-dep-scan/dep-scan/blob/master/docs/depscan-flows.png)

We have also improved the initial db download experience by utilizing nydus RAFS, which reduces the database size by over 90% from (3.1GB to less than 300MB) on support systems with the nydus-image [cli](https://github.com/dragonflyoss/nydus/releases)!

Lastly, depscan can also generate VEX in [OASIS CSAF 2.0 format](https://github.com/owasp-dep-scan/dep-scan/blob/master/contrib/CSAF_README.md) using reachability as a justification.

We thank all the contributors and supporters, especially saketjajoo, timmyteo, and cerrussell, who worked tirelessly for several months to make this release possible.

What's Changed
* Fixing oras link in README by timmyteo in https://github.com/owasp-dep-scan/dep-scan/pull/154
* Enable reachability analysis by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/160
* Enable reachability analysis by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/162
* Feature/print part2 by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/163
* Support for pdf reports by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/164
* nydus tests by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/165
* Trim CI by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/166
* Minor fix: Converting the results from object type to dict by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/168
* Adding an option to use the rafs-based VDB image by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/167
* simplify explain by prabhu in https://github.com/owasp-dep-scan/dep-scan/pull/171
* Refactor and correct reachability for CSAF, add tests. by cerrussell in https://github.com/owasp-dep-scan/dep-scan/pull/161
* Accept the path to a bom file (in the /scan endpoint) while running dep-scan in the server mode by saketjajoo in https://github.com/owasp-dep-scan/dep-scan/pull/169


**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v4.3.3...v5.0.0

4.3.3

What's Changed
* Adds github client and PAT inspection by timmyteo in https://github.com/owasp-dep-scan/dep-scan/pull/138
* Added no suggest argument and initiate index by mayaa23 in https://github.com/owasp-dep-scan/dep-scan/pull/153

New Contributors
* timmyteo made their first contribution in https://github.com/owasp-dep-scan/dep-scan/pull/138
* mayaa23 made their first contribution in https://github.com/owasp-dep-scan/dep-scan/pull/153

**Full Changelog**: https://github.com/owasp-dep-scan/dep-scan/compare/v4.3.2...v4.3.3

Page 8 of 21

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.