v3.2.0.0 Bugfix Release

Fixes in this release focused on the SQLite cache.

A special thanks to @xtbmedia for PR #166 fixing a crash that could occur when initially creating the cache, and leaving the code base cleaner and providing a unit test to help make sure this continues to function.

3.2.0-prerelease7

Fixes in this Release:

• Fix crash on startup when recreating database -Thanks to @xtbmedia

v3.2.0.0 Prerelease 6

Fixed Issues

• Fixed an issue with duplicate keys in the Vulnerabilities database

Known Issues

• There is a known issue with the NVD API timing out. NVD has announced they are investigating, but both NVD source may be unreliable until that is resolved

v3.2.0.0 Prerelease 4

Fixed an issue with the sqlite cache. This version is not production ready.

v3.1.1.0 Hotfix Release

#132 That could cause NuGetDefense to crash if no settings file is specified. Thanks to PR #133

v3.1.0

New This Release

:NuGetDefense will now default to using a location in the AppData special Folder for configuration and caching (maps to different location for Windwos/Linux/Mac)

• Default sqlite cache path
• Defautl config location for .Net Tool
• Global VulnData.bin

Fixed This Release

• #131

v3.0.11

Fixes this Release

• Support csproj with multiple target frameworks that target different versions of same package
• Ignore Sonatype ID's using IgnoredCVEs in NuGetDefense.config

PreRelease of Fix for #109

Changed the Dictionary throwing an error in #109 to use packageURL instead of PackageId as the key.

v3.0.10

Fixed

• Fixe #91 Chakra Core should now map properly to Microsoft.ChakraCore when reporting vulnerabilities

Bumped Dependencies

• NuGetDefense.NVD: 2.0.8 -> 2.0.9.1
• Microsoft.Data.Sqlite: 7.0.0 -> 7.0.2
• System.Text.Json: 7.0.0 -> 7.0.1

v3.0.9 Fix GHSA False Positives for Exact Version Ranges

Bug Fixes

• Fixes #110