Releases: ossf/pvtr-github-repo-scanner
Releases · ossf/pvtr-github-repo-scanner
v0.23.2
Changelog
🧰 Maintenance
- chore: upgrade sdk @eddie-knight (#300)
- chore(deps): bump privateer from 0.20.2 to 0.20.3 @github-actions[bot] (#297)
- chore(deps): bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 in the dependencies group @dependabot[bot] (#299)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#293)
- chore(deps): bump golang from
c259ff7to7ef9411@dependabot[bot] (#294) - chore(deps): bump alpine from
2510918to5b10f43@dependabot[bot] (#295) - chore(deps): bump github.com/go-git/go-git/v5 from 5.17.2 to 5.18.0 @dependabot[bot] (#292)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#291)
See details of all code changes since previous release
Contributors
eddie-knight
Assets 17
- 1.56 KB
2026-04-30T20:26:49Z - 17 MB
2026-04-30T20:26:47Z - 202 KB
2026-04-30T20:26:49Z - 7.8 MB
2026-04-30T20:26:46Z - 110 KB
2026-04-30T20:26:48Z - 8.19 MB
2026-04-30T20:26:46Z - 110 KB
2026-04-30T20:26:47Z - 8.58 MB
2026-04-30T20:26:47Z - 110 KB
2026-04-30T20:26:49Z - 7.91 MB
2026-04-30T20:26:46Z -
2026-04-30T19:49:42Z -
2026-04-30T19:49:42Z - Loading
v0.23.1
Changelog
🧰 Maintenance
- chore(deps): bump privateer from 0.15.0 to 0.20.2 and fix Docker/CI integration @github-actions[bot] (#290)
- chore: upgrade go to 1.26.2 @jmeridth (#289)
See details of all code changes since previous release
Contributors
jmeridth
Assets 17
v0.23.0
Changelog
🚀 Features
- feat: implement OSPS-QA-05.02 detect unreviewable binary artifacts @vinayada1 (#279)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.22.2
Changelog
🐛 Bug Fixes
- fix: stop leaking GITHUB_TOKEN in CI script tracing @vinayada1 (#282)
- fix: pin GitHub Actions to commit SHAs to prevent supply-chain attacks @vinayada1 (#281)
🧰 Maintenance
- chore(deps): bump golang from 1.25.1-alpine3.22 to 1.26.1-alpine3.22 @dependabot[bot] (#285)
- chore(deps): bump the dependencies group across 1 directory with 1 update @dependabot[bot] (#286)
- chore(deps): bump actions/setup-go from 5.4.0 to 6.4.0 @dependabot[bot] (#287)
- chore(deps): bump alpine from 3.22 to 3.23 @dependabot[bot] (#284)
- chore(deps): pin docker images and automate privateer updates @vinayada1 (#283)
- chore(deps): bump github.com/rhysd/actionlint from 1.7.11 to 1.7.12 in the dependencies group @dependabot[bot] (#278)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.22.1
Changelog
🐛 Bug Fixes
🧰 Maintenance
- chore(deps): bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1 @dependabot[bot] (#276)
See details of all code changes since previous release
Contributors
jmeridth
Assets 17
v0.22.0
Changelog
🚀 Features
- feat: implement OSPS-BR-01.02 branch name sanitization check @vinayada1 (#275)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.21.0
Changelog
🚀 Features
- feat: support multiple control catalog versions @vinayada1 (#269)
🧰 Maintenance
- chore(deps): bump github.com/privateerproj/privateer-sdk from 1.21.0 to 1.22.0 in the dependencies group @dependabot[bot] (#274)
- chore(deps): bump the dependencies group with 6 updates @dependabot[bot] (#272)
See details of all code changes since previous release
Contributors
vinayada1
Assets 17
v0.20.0
Changelog
🚀 Features
- feat: MFA is builtin for GitHub @eddie-knight (#271)
🧰 Maintenance
- chore(deps): bump google.golang.org/grpc from 1.71.0 to 1.79.3 @dependabot[bot] (#270)
- ci: add CI workflow to run plugin against itself @jmeridth (#267)
- docs: fix local docker run command in README @jmeridth (#268)
- chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#265)
- docs: Add local usage instructions to README @sangramrath (#264)
- chore(deps): bump the dependencies group with 5 updates @dependabot[bot] (#266)
- chore(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in the dependencies group @dependabot[bot] (#259)
- chore(deps): bump anchore/sbom-action from 0.23.0 to 0.23.1 in the dependencies group @dependabot[bot] (#260)
- chore(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 @dependabot[bot] (#261)
- chore(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 @dependabot[bot] (#262)
See details of all code changes since previous release
Contributors
jmeridth, sangramrath, and eddie-knight
Assets 17
v0.19.2
Changelog
🐛 Bug Fixes
🧰 Maintenance
- chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 @dependabot[bot] (#253)
- chore(deps): bump actions/attest-sbom from 3.0.0 to 4.0.0 @dependabot[bot] (#252)
- chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 @dependabot[bot] (#251)
- chore(deps): bump actions/attest-build-provenance from 3 to 4 @dependabot[bot] (#250)
- chore(deps): bump anchore/sbom-action from 0.22.2 to 0.23.0 in the dependencies group @dependabot[bot] (#249)
- chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 @dependabot[bot] (#248)
- chore(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 @dependabot[bot] (#247)
- chore(deps): bump github.com/privateerproj/privateer-sdk from 1.18.0 to 1.19.0 in the dependencies group @dependabot[bot] (#246)
See details of all code changes since previous release
Contributors
jmeridth
Assets 17
v0.19.1
Contributors
jmeridth