Changelog
Features
- 80bf19c: feat: change default output version to 1.6 (@nscuro)
- d304d89: feat: dont rely on cyclonedx cli for bom validation (@nscuro)
- 6a03474: feat: switch snapshot tests from xml to json (@nscuro)
Fixes
- 9cddfb0: fix:
fmt.Errorf->errors.New(@nscuro) - 7c6357f: fix: exclude schema files from license check (@nscuro)
- 4039a89: fix: failing
InvalidOutputVersiontest (@nscuro) - 1ea4afd: fix: handle breaking change in skywalking-eyes (@nscuro)
- 32c943d: fix: ignore
initlint failure (@nscuro) - 95bd45c: fix: incorrect
godirective ingo.mod(@nscuro) - a05b56d: fix: linter errors (@nscuro)
- 5987947: fix: redact platform-dependent values in snapshot tests (@nscuro)
- f9e550b: fix: remove deprecated goreleaser flag (@nscuro)
Building and Packaging
- 74ef5e8: build(deps): bump actions/checkout from 4.1.2 to 4.1.4 (@dependabot[bot])
- f99b6b7: build(deps): bump actions/checkout from 4.1.4 to 4.1.6 (@dependabot[bot])
- 7535647: build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (@dependabot[bot])
- 2d70b1c: build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 (@dependabot[bot])
- 034893f: build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 (@dependabot[bot])
- 6ef596d: build(deps): bump apache/skywalking-eyes from 0.4.0 to 0.6.0 (@dependabot[bot])
- 163a3c0: build(deps): bump aquasecurity/trivy-action from 0.19.0 to 0.21.0 (@dependabot[bot])
- a23a7a3: build(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.22.0 (@dependabot[bot])
- f571455: build(deps): bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 (@dependabot[bot])
- 71b7d69: build(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 (@dependabot[bot])
- a6fb053: build(deps): bump docker/login-action from 3.1.0 to 3.2.0 (@dependabot[bot])
- f0acfa9: build(deps): bump docker/login-action from 3.2.0 to 3.3.0 (@dependabot[bot])
- 08c1f88: build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.2.0 (@dependabot[bot])
- 61cb8f1: build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.8.0 to 0.9.0 (@dependabot[bot])
- 1972b88: build(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (@dependabot[bot])
- a8a5cc4: build(deps): bump github.com/rs/zerolog from 1.32.0 to 1.33.0 (@dependabot[bot])
- 6d49b2e: build(deps): bump github/codeql-action from 2.13.4 to 3.25.6 (@dependabot[bot])
- f16cdce: build(deps): bump github/codeql-action from 3.25.10 to 3.25.15 (@dependabot[bot])
- c4b79a6: build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 (@dependabot[bot])
- f7de6db: build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (@dependabot[bot])
- 36f358f: build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (@dependabot[bot])
- c17db9c: build(deps): bump github/codeql-action from 3.25.8 to 3.25.9 (@dependabot[bot])
- af6e3f3: build(deps): bump github/codeql-action from 3.25.9 to 3.25.10 (@dependabot[bot])
- a1c5a1d: build(deps): bump github/codeql-action from 3.26.0 to 3.26.6 (@dependabot[bot])
- 114d480: build(deps): bump gitpod/workspace-go from
02cae32to769e7b0(@dependabot[bot]) - e918dde: build(deps): bump gitpod/workspace-go from
1fd550fto8d15123(@dependabot[bot]) - 728ff78: build(deps): bump gitpod/workspace-go from
2a9e01cto9c95281(@dependabot[bot]) - 34f111f: build(deps): bump gitpod/workspace-go from
769e7b0to1fd550f(@dependabot[bot]) - 5d92fb6: build(deps): bump gitpod/workspace-go from
8d15123to95d2129(@dependabot[bot]) - 6c7c413: build(deps): bump gitpod/workspace-go from
95d2129to2a9e01c(@dependabot[bot]) - 5b43149: build(deps): bump gitpod/workspace-go from
b746928to02cae32(@dependabot[bot]) - 6b73888: build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18 (@dependabot[bot])
- da8d897: build(deps): bump golang from
4531927tod1a601b(@dependabot[bot]) - 1e7183f: build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 (@dependabot[bot])
- 3aec1a1: build(deps): bump golang.org/x/crypto from 0.23.0 to 0.24.0 (@dependabot[bot])
- 2f8b783: build(deps): bump golang.org/x/crypto from 0.24.0 to 0.25.0 (@dependabot[bot])
- d1b2942: build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 (@dependabot[bot])
- 6c4db8d: build(deps): bump golang.org/x/crypto from 0.26.0 to 0.27.0 (@dependabot[bot])
- b3b46aa: build(deps): bump golang.org/x/mod from 0.17.0 to 0.18.0 (@dependabot[bot])
- fe7503c: build(deps): bump golang.org/x/mod from 0.18.0 to 0.19.0 (@dependabot[bot])
- d619728: build(deps): bump golang.org/x/mod from 0.19.0 to 0.20.0 (@dependabot[bot])
- 39845fb: build(deps): bump golang.org/x/mod from 0.20.0 to 0.21.0 (@dependabot[bot])
- c59df5e: build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 (@dependabot[bot])
- 15182f2: build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.1.0 (@dependabot[bot])
- f3fa84c: build(deps): bump golangci/golangci-lint-action from 5.1.0 to 6.0.1 (@dependabot[bot])
- d085de2: build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 (@dependabot[bot])
- eb667a9: build(deps): bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (@dependabot[bot])
- fd72f9b: build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (@dependabot[bot])
- 86196cf: build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (@dependabot[bot])
- 2f863cc: build(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (@dependabot[bot])
- c62c3d8: build: bump go to 1.23.1 (@nscuro)
Documentation
- a934b7f: docs: Fix outdated CDX-version information in README (@ja-he)
- 6ac31ab: docs: update supported spec versions in readme (@nscuro)
Others
- 1fc2435: chore: CodeQL run scheduled and manual (@jkowalleck)
Contributors
jkowalleck, nscuro, and 2 other contributors