gh-sbom v0.1.1

What's Changed

• Bump github.com/cli/go-gh/v2 from 2.10.0 to 2.11.1 for GHSA-55v3-xh23-96gh

Full Changelog: v0.1.0...v0.1.1

gh-sbom v0.1.0

• Update to use github.com/cli/go-gh/v2

gh-sbom v0.0.10

• Update golang.org/x/net from v0.7.0 to v0.17.0 to address CVEs

gh-sbom v0.0.9

• Have SPDX output use the new Dependency Graph SBOM API

gh-sbom v0.0.8

• Give helpful error message if no dependencies are found
• Add tool version to SBOM docs
• Add license of repository to SPDX doc

gh-sbom v0.0.7

Handle cases where dependencies do not have a specific version associated with them

gh-sbom v0.0.6

Add safety checks to purl construction

gh-sbom v0.0.5

Add structure to SPDX document and relationship between main package and its dependencies (thanks @puerco!)

gh-sbom v0.0.4

• Add documentNamespace to SPDX
• Fix license expression for CycloneDX
• Update go-gh to v1.2.1 to support secure token storage in the future

gh-sbom v0.0.3

Update SPDX and CycloneDX fields to match specification.

Special thanks to https://github.com/interlynk-io/sbomqs/!