version v35.1.0

• Use AboutCode mirror for collecting CISA KEV #1685
• Do not report ghost package as a fix for vulnerability #1679
• Add pipeline to sort packages #1686
• Fix urls for API #1678

v35.0.0rc1

What's Changed

• Add improver pipeline to flag ghost packages #644 #917 #1395 by @keshav-space in #1533
• Add base pipeline for importers and migrate PyPa importer to aboutcode pipeline by @keshav-space in #1559
• Remove dupe Package.get_non_vulnerable_versions by @pombredanne in #1570
• Import data from GSD #706 by @ziadhany in #787
• Add curl advisories importer by @ambuj-1211 in #1439
• Update dependencies by @TG1999 in #1590
• Bump django from 4.2.0 to 4.2.15 by @dependabot in #1591
• Bump cryptography from 42.0.4 to 43.0.1 by @dependabot in #1582
• Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows by @dependabot in #1581
• Improve export command by @pombredanne in #1571
• Fix typo in Kev requests import by @ziadhany in #1594
• Prepare for release v34.0.1 by @TG1999 in #1595
• Bump upload-artifact to v4 by @keshav-space in #1596
• Migrate Npm importer to aboutcode pipeline by @keshav-space in #1574
• Use correct regex for CVE by @pombredanne in #1599
• Migrate Nginx importer to aboutcode pipeline by @keshav-space in #1575
• Migrate GitLab importer to aboutcode pipeline by @keshav-space in #1580
• Migrate GitHub importer to aboutcode pipeline by @keshav-space in #1584
• Migrate NVD importer to aboutcode pipeline by @keshav-space in #1587
• Match affected and fixed-by Packages by @johnmhoran in #1528
• Add management command to commit exported data by @keshav-space in #1600
• Add support to Exploits model by @ziadhany in #1562
• Fix 500 Server Error with DRF browsable API and resolve blank Swagger API documentation by @keshav-space in #1603
• Release v34.0.2 by @TG1999 in #1604
• Bump VCIO version by @TG1999 in #1605
• Bump django from 4.2.15 to 4.2.16 by @dependabot in #1608
• Bump fetchcode from v0.3.0 to v0.6.0 by @keshav-space in #1607
• Use 4-tier system for storing package metadata by @keshav-space in #1609
• Fix vers range crash by @pombredanne in #1598
• Add GitHub action to publish aboutcode.hashid PyPI by @keshav-space in #1615
• Segregate PackageRelatedVulnerability model to new models by @TG1999 in #1612
• Add documentation for new pipeline design by @keshav-space in #1621
• Fix 500 error in /api/cpes endpoint by @keshav-space in #1629
• Migrate pysec importer to aboutcode pipeline by @keshav-space in #1628
• Avoid memory exhaustion during data migration by @keshav-space in #1630
• Add support for Calculating Risk in VulnerableCode by @ziadhany in #1593
• Bulk create in migrations by @TG1999 in #1640
• Update README.rst by @TG1999 in #1641
• Prepare for release v34.1.0 by @TG1999 in #1642
• Add V2 API endpoints by @TG1999 in #1631
• Prepare for release v34.2.0 by @TG1999 in #1647
• Refactor severity score model and fix incorrect suse scores by @keshav-space in #1636
• Add bulk search in v2 by @TG1999 in #1649
• Prepare release v34.3.0 by @TG1999 in #1652
• Add on_failure to handle cleanup during pipeline failure by @keshav-space in #1651
• Fix API bug by @TG1999 in #1654
• Add reference score to package endpoint by @keshav-space in #1655
• Prepare for release v34.3.2 by @TG1999 in #1656
• Add support for storing exploitability and weighted severity by @ziadhany in #1646
• Avoid migrations on version bumps by @keshav-space in #1660
• Prepare v35.0.0rc1 by @TG1999 in #1664

New Contributors

• @ambuj-1211 made their first contribution in #1439

Full Changelog: v34.0.0...v35.0.0rc1

v34.3.2

What's Changed

• Add reference score to package endpoint by @keshav-space in #1655

Full Changelog: v34.3.1...v34.3.2

v34.3.1

What's Changed

• Add on_failure to handle cleanup during pipeline failure by @keshav-space in #1651
• Fix API bug by @TG1999 in #1654

Full Changelog: v34.3.0...v34.3.1

v34.3.0

What's Changed

• Refactor severity score model and fix incorrect suse scores by @keshav-space in #1636
• Add bulk search in v2 by @TG1999 in #1649

Full Changelog: v34.2.0...v34.3.0

v34.2.0

What's Changed

• Add V2 API endpoints by @TG1999 in #1631

Full Changelog: v34.1.0...v34.2.0

v34.1.0

What's Changed

• Bump django from 4.2.15 to 4.2.16 by @dependabot in #1608
• Bump fetchcode from v0.3.0 to v0.6.0 by @keshav-space in #1607
• Use 4-tier system for storing package metadata by @keshav-space in #1609
• Fix vers range crash by @pombredanne in #1598
• Add GitHub action to publish aboutcode.hashid PyPI by @keshav-space in #1615
• Segregate PackageRelatedVulnerability model to new models by @TG1999 in #1612
• Add documentation for new pipeline design by @keshav-space in #1621
• Fix 500 error in /api/cpes endpoint by @keshav-space in #1629
• Migrate pysec importer to aboutcode pipeline by @keshav-space in #1628
• Avoid memory exhaustion during data migration by @keshav-space in #1630
• Add support for Calculating Risk in VulnerableCode by @ziadhany in #1593
• Bulk create in migrations by @TG1999 in #1640
• Update README.rst by @TG1999 in #1641
• Prepare for release v34.1.0 by @TG1999 in #1642

Full Changelog: v34.0.2...v34.1.0

v34.0.2

What's Changed

• Migrate Npm importer to aboutcode pipeline by @keshav-space in #1574
• Use correct regex for CVE by @pombredanne in #1599
• Migrate Nginx importer to aboutcode pipeline by @keshav-space in #1575
• Migrate GitLab importer to aboutcode pipeline by @keshav-space in #1580
• Migrate GitHub importer to aboutcode pipeline by @keshav-space in #1584
• Migrate NVD importer to aboutcode pipeline by @keshav-space in #1587
• Match affected and fixed-by Packages by @johnmhoran in #1528
• Add management command to commit exported data by @keshav-space in #1600
• Add support to Exploits model by @ziadhany in #1562
• Fix 500 Server Error with DRF browsable API and resolve blank Swagger API documentation by @keshav-space in #1603
• Release v34.0.2 by @TG1999 in #1604
• Bump VCIO version by @TG1999 in #1605

Full Changelog: v34.0.1...v34.0.2

v34.0.1

What's Changed

• Add improver pipeline to flag ghost packages #644 #917 #1395 by @keshav-space in #1533
• Add base pipeline for importers and migrate PyPa importer to aboutcode pipeline by @keshav-space in #1559
• Remove dupe Package.get_non_vulnerable_versions by @pombredanne in #1570
• Import data from GSD #706 by @ziadhany in #787
• Add curl advisories importer by @ambuj-1211 in #1439
• Update dependencies by @TG1999 in #1590
• Bump django from 4.2.0 to 4.2.15 by @dependabot in #1591
• Bump cryptography from 42.0.4 to 43.0.1 by @dependabot in #1582
• Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows by @dependabot in #1581
• Improve export command by @pombredanne in #1571
• Fix typo in Kev requests import by @ziadhany in #1594
• Prepare for release v34.0.1 by @TG1999 in #1595
• Bump upload-artifact to v4 by @keshav-space in #1596

New Contributors

• @ambuj-1211 made their first contribution in #1439

Full Changelog: v34.0.0...v34.0.1

v34.0.0

What's Changed

• Add dates and changelog for packages and vulnerabilities by @TG1999 in #1310
• Package purl model updates by @TG1999 in #1368
• Create SUSE OVAL importer by @johnmhoran in #1085
• Add CWE support in the API by @ziadhany in #1116
• Fix package details view template by @TG1999 in #1384
• Add robots.txt by @TG1999 in #1382
• Fix issue 1385 by @TG1999 in #1386
• Fix 1387 by @TG1999 in #1389
• Prepare for release v34.0.0rc2 by @TG1999 in #1390
• Add license_url for GitHub Importer by @sdivyanshu90 in #1392
• Fix incorrect versions in GithubDataSource CVE by @shravankshenoy in #1399
• Improved code style and fixed typos by @michaelehab in #1157
• Bump univers to v30.11.0 by @TG1999 in #1401
• Fix Encoding Type in Fireeye Importer by @harsh098 in #1404
• Remove duplicated changelogs by @TG1999 in #1400
• Bump jinja2 from 3.1.1 to 3.1.3 by @dependabot in #1396
• Bump gitpython from 3.1.37 to 3.1.41 by @dependabot in #1391
• Bump cryptography from 41.0.6 to 42.0.0 by @dependabot in #1413
• Migrate ruby to new importers by @ziadhany in #799
• Add support for CVSS vectors display by @ziadhany in #1312
• Add support for all osv ecosystems by @ziadhany in #926
• Feat: Add CVE support to Snyk datasource by @shravankshenoy in #1405
• Add URL to the vulnerability and package details view in the API serializers by @TG1999 in #1423
• Bump cryptography from 42.0.0 to 42.0.4 by @dependabot in #1424
• Prepare for release v34.0.0rc3 by @TG1999 in #1426
• Revert "Remove duplicated changelogs" by @TG1999 in #1440
• Prepare for release v34.0.0rc4 by @TG1999 in #1441
• Update GitHub GraphQL import in vulntotal datasources by @poju3185 in #1445
• Added safetydb datasource by @OmkarPh in #1476
• Increase display width #1299 by @johnmhoran in #1483
• Bump urllib3 from 1.26.18 to 1.26.19 by @dependabot in #1488
• Bump zipp from 3.8.0 to 3.19.1 by @dependabot in #1505
• Bump certifi from 2023.7.22 to 2024.7.4 by @dependabot in #1503
• Bump requests from 2.31.0 to 2.32.0 by @dependabot in #1482
• Bump jinja2 from 3.1.3 to 3.1.4 by @dependabot in #1472
• Bump sqlparse from 0.4.4 to 0.5.0 by @dependabot in #1463
• Bump gunicorn from 20.1.0 to 22.0.0 by @dependabot in #1464
• Add a basic model for Known Exploited Vulnerabilities by @ziadhany in #1422
• use https.ok from HTTP package by @thebigbone in #1450
• Add basic UI template for API by @pombredanne in #1466
• Ingest Rust data through Github api by @shravankshenoy in #1427
• Add support for reference_type by @ziadhany in #1502
• Revert "Add support for reference_type" by @TG1999 in #1517
• Rename "Fixed by vulnerabilities" column by @johnmhoran in #1519
• Finish renaming the former 'Fixed by vulnerabilities' column by @johnmhoran in #1522
• Support Advisory Comparison in VulnTotal by @keshav-space in #1151
• Add support for reference_type by @TG1999 in #1518
• Add Support to EPSS by @ziadhany in #1481
• Export vulnerablecode-data by @ziadhany in #1206
• Improve performance of API calls #1538 by @pombredanne in #1547
• Add support to CVSSv4 & SSVC and import the data using vulnrichment by @ziadhany in #1484
• Release v34.0.0rc5 by @TG1999 in #1553
• Fix importer crash #1541 by @pombredanne in #1542
• Refactor GitlabDataSource to work with browser extension by @michaelehab in #1524
• Fix severity range by @TG1999 in #1567
• Make APIs more effiicnet and add tests for queries by @TG1999 in #1558
• Prepare for release v34.0.0 by @TG1999 in #1568

New Contributors

• @sdivyanshu90 made their first contribution in #1392
• @shravankshenoy made their first contribution in #1399
• @michaelehab made their first contribution in #1157
• @harsh098 made their first contribution in #1404
• @poju3185 made their first contribution in #1445
• @OmkarPh made their first contribution in #1476
• @thebigbone made their first contribution in #1450

Full Changelog: v33.6.5...v34.0.0