Skip to content

Release v10.11.0 - Happy swiftwali
Compare
Choose a tag to compare
@prabhu prabhu released this 31 Oct 14:21
· 258 commits to master since this release
v10.11.0
cb40883
This commit was signed with the committer’s verified signature.
prabhu prabhu
GPG key ID: 5589813335E58C11
Verified
Learn about vigilant mode.

Swift developers deserve better tooling to make their lives simple. Accurate information about where and how a given library (both internal and external) is used, can help with prioritization and vulnerability management.

This release adds a new state-of-the-art semantic analysis engine for swift 😎. cdxgen can generate a precise semantic slice representing the application context with accurate types and fully qualified call names for a range of swift applications. The slices are then utlilized by evinse to generate "occurrences evidence" for the SBOM as shown.

2024-10-30_22-12-16

We can't wait to iterate to bring you more enhancements and visibility over the coming weeks.

What's Changed

🚀 Features

Other Changes

  • Use bom-ref consistently in the dependency tree by @prabhu in #1431
  • Run "Upload base images" action only on main repository by @marob in #1436
  • Run some GitHub action jobs only on main repository by @marob in #1438
  • Graciously fail for fastlane managed swift projects by @prabhu in #1443

Full Changelog: v10.10.7...v10.11.0

Contributors

prabhu and marob
Assets 10
Loading