Skip to content

v0.3.0

Latest
Latest

Choose a tag to compare

View all tags
@andrew andrew released this 29 May 14:32
· 7 commits to main since this release
v0.3.0
3ca0b95
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
  • Add --all flag to scan every formula in homebrew-core
  • Accept one or more formula names as arguments to scan specific formulae, including ones that are not installed
  • Exit with status 2 on errors so callers can distinguish errors from "vulnerabilities found" (exit 1)
  • Add example GitHub Actions workflows for tap PR checks and full homebrew-core scans
  • Compute severity bands from CVSS vector strings when OSV data does not provide a severity label
  • Improve CVSS severity fallback handling when multiple score sources are present
  • Handle unbounded introduced: 0 OSV ranges and multi-interval SEMVER ranges correctly
  • Fail closed (report as affected) when a version range comparison raises instead of silently skipping
  • Sanitize ANSI/terminal escape sequences, carriage returns and backspaces from text output
  • Cap concurrent requests when fetching vulnerability details to avoid unbounded thread spawning
  • Cap OSV pagination at a fixed page limit to avoid unbounded loops on bad responses
  • Set a User-Agent header on OSV API requests
Assets 2
Loading