Releases: ossf/osv-schema
Releases · ossf/osv-schema
v1.6.7
What's Changed
- refactor(osv-linter): tidy up human output by @andrewpollock in #269
- make redhat conversion tool downloadable with Pip by @jasinner in #278
- fix: add missing validation for Wolfi by @andrewpollock in #282
- Fix some minor formatting inconsistencies by @oliverchang in #283
- refactor(schema): simplify prefix validation regex by @andrewpollock in #280
- Prepare for release 1.6.7 by @oliverchang in #284
Full Changelog: v1.6.6...v1.6.7
Contributors
oliverchang, jasinner, and andrewpollock
Assets 2
v1.6.6
What's Changed
- Update charter to match official LF release. by @riaankleinhans in #268
- feat(osv-linter): support checking stdin by @andrewpollock in #267
- feat(suse): allow more SUSE- prefixes by @msmeissn in #270
- add RHBA and RHEA advisory prefixes sometimes used by Red Hat by @jasinner in #272
- feat(suse): add
SUSE-OU-prefixes by @hogo6002 in #271 - Fix order of prefixes in docs/schema.md by @dodys in #275
- fix(schema): add missing Chainguard ecosystem/prefix by @andrewpollock in #276
- add Red Hat converter by @jasinner in #274
- adjust schema docs to have correct Red Hat IDs by @jasinner in #277
- Prepare for 1.6.6 release. by @oliverchang in #279
New Contributors
- @riaankleinhans made their first contribution in #268
- @hogo6002 made their first contribution in #271
Full Changelog: v1.6.5...v1.6.6
Contributors
oliverchang, jasinner, and 5 other contributors
Assets 2
v1.6.5
Contributors
captn3m0, dodys, and 2 other contributors
Assets 2
v1.6.4
What's Changed
- add slack link to README by @hythloda in #236
- Add Mageia ecosystem by @dfandrich in #235
- Add support for last_affected in GHSA conversions to OSV. by @calebbrown in #239
- Mention a more performant JSON validator by @andrewpollock in #241
- Add more title attributes to improve casual comprehension by @andrewpollock in #244
- add initial reference for CGA (chainguard) by @cpanato in #247
- Validate supported ecosystems and identifier prefixes in the schema definition by @andrewpollock in #246
- Enhance discussion of affected[].version formats by @andrewpollock in #238
- add clarity around distros' use of aliases by @luhring in #250
- Add validation for CVSS by @andrewpollock in #251
- Update Android IDs and links in schema table. by @doryiii in #255
- ci(workflow): add a GitHub Action to validate JSON schema changes by @andrewpollock in #258
- Add Red Hat ecosystem by @jasinner in #257
- Initial commit of OSV record linter by @andrewpollock in #243
New Contributors
- @dfandrich made their first contribution in #235
- @cpanato made their first contribution in #247
- @luhring made their first contribution in #250
- @jasinner made their first contribution in #257
Full Changelog: v1.6.3...v1.6.4
Contributors
calebbrown, dfandrich, and 6 other contributors
Assets 2
v1.6.3
What's Changed
- Add Malicious Packages and the "MAL" id namespace. by @calebbrown in #223
- Events requirements: recommend the use of
fixedoverlimitby @zacchiro in #221 - Adding Technical Charter by @redenmartinez in #225
- Revert "Adding Technical Charter" by @hythloda in #227
- Fix truncated copy/paste in database_specific description by @chrisbloom7 in #229
- Enable encoding of Maven registries. by @oliverchang in #231
New Contributors
- @zacchiro made their first contribution in #221
- @redenmartinez made their first contribution in #225
- @hythloda made their first contribution in #227
Full Changelog: v1.6.2...v1.6.3
Contributors
chrisbloom7, calebbrown, and 4 other contributors
Assets 2
v1.6.2
What's Changed
- Add support of CVSS v4.0 by @pandatix in #213
- Replace jsonschema with check-jsonschema by @dodys in #218
- Add Ubuntu ecosystem by @dodys in #219
- Clarify some wording for Ubuntu ecosystem by @oliverchang in #220
- Bump version and update changelog. by @oliverchang in #222
New Contributors
Contributors
oliverchang, dodys, and pandatix
Assets 2
1.6.1
What's Changed
- Update Android ecosystem package name definition. by @doryiii in #191
- Swap CRAN and bioconductor by @randy3k in #200
- Fill in TODOs in Haskell parts of osv-schema by @mihaimaruseac in #198
- Clarify why aliases should not be used in vulnerability bundles by @michaelkedar in #197
- Update README.md by @oliverchang in #172
- Revert "Update README.md" by @oliverchang in #209
- Add links to OpenSSF Vulnerabilities Disclosures WG by @david-a-wheeler in #119
- Some schema cleanup. by @oliverchang in #210
New Contributors
- @doryiii made their first contribution in #191
- @randy3k made their first contribution in #200
- @david-a-wheeler made their first contribution in #119
Full Changelog: v1.6.0...v1.6.1
Contributors
mihaimaruseac, oliverchang, and 4 other contributors
Assets 2
1.6.0
What's Changed
- Several new database prefixes.
- SwiftURL ecosystem.
- Clarifications for
aliases, andrelated.
New Contributors
- @mihaimaruseac made their first contribution in #157
- @gongomgra made their first contribution in #156
- @hayleycd made their first contribution in #159
- @captn3m0 made their first contribution in #107
- @calebbrown made their first contribution in #177
- @dependabot made their first contribution in #182
- @MichaelChirico made their first contribution in #176
- @tylfin made their first contribution in #185
- @sethmlarson made their first contribution in #190
- @michaelkedar made their first contribution in #193
Full Changelog: v1.5.0...v1.6.0
Contributors
calebbrown, mihaimaruseac, and 8 other contributors
Assets 2
1.5.0
What's Changed
- Include last_affected in fields discussed for affected[].ranges[].type by @andrewpollock in #115
- Add Rocky Linux by @mstg in #118
- Clarify that the credits type field is a string. by @oliverchang in #121
- Clarify schema_version being required in >1.0.0 by @oliverchang in #122
- Added INTRODUCED to compliment FIX by @kurtseifried in #128
- Add DETECTION reference type by @joshbuker in #137
- Add AlmaLinux ecosystem by @Roo4L in #141
- Last affected by @kurtseifried in #147
- Add schema $id by @joshbuker in #130
- Update list of ecosystems and databases by @oliverchang in #149
- Add DISCUSSION reference type by @joshbuker in #138
- Update database prefix documentation to be more detailed by @joshbuker in #143
- Bump version to 1.5.0 by @oliverchang in #152
New Contributors
- @andrewpollock made their first contribution in #115
- @mstg made their first contribution in #118
- @Roo4L made their first contribution in #141
Full Changelog: v1.4.0...v1.5.0
Contributors
kurtseifried, oliverchang, and 4 other contributors
Assets 2
1.4.0
Main changes.
- Add optional severity field override for affected packages. by @oswalpalash in #106
- Add a credit types field by @hawaiigal in #110
Contributors
hawaiigal and oswalpalash