Devops Kung Fu Bomber Versions Save

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

v0.4.8

5 months ago

Changelog

  • 831aa1c Refactoring, optimizations, and bug fixes (#183)

v0.4.7

6 months ago

Changelog

  • 6493ced Exitcode fix, Filtering fixes (#181)

v0.4.6

6 months ago

Changelog

  • 0d0b561 Documentation and Version Bump (#177)

v0.4.5

6 months ago

Changelog

  • Fixes an issue where the OSV provider no longer returned results
  • Adds in exit return codes (Markdown documentation outstanding, use bomber --help for usage and options)

v0.4.4

1 year ago

bomber doesn't like bad Purls (or empty ones for that matter). This version will warn you if there is a bad Purl in your SBOM (without a valid Purl, there is no way to pull vulnerability information). Bad Purls will not be scanned.

Changelog

  • ce7c346 feat: Issue handling (#158)
  • e847795 Update Snyk docs (#157)

v0.4.3

1 year ago

Changelog

  • c67aa58 Misc. Fixes (#153)
  • 3fb6906 build(deps): bump actions/setup-go from 3 to 4 in /.github/workflows (#149)

v0.4.2

1 year ago

Fixes an issue where bomber would exit if an ignore file wasn't specified

Changelog

  • 3a1e173 Emergency fix to release.yml
  • 315e647 Release v0.4.2
  • df459ac Version bump and update release to go 1.20 (#141)
  • 579b39b Bug Fixes (#138)

v0.4.1

1 year ago

Changelog

  • 64ab76a Adds --ignore-file functionality (#126)
  • fcea0a1 chore: update snyk readme to include more ecosystems support (#124)
  • 7e83fd2 Create FUNDING.yml (#118)
  • 44323cc Added missing logo asset (#117)
  • 82dc67e Updated with new branding (#116)
  • df79c72 Updated README.md (#115)
  • 2a2695b New Bomber logo (#113)
  • 1a421ad fix: Fixes issue where a license expression wasn't being utilized (#108)
  • 9ee85bb fix: EPSS Score Issues (#104)
  • c8a0f6b build(deps): bump goreleaser/goreleaser-action from 3 to 4 in /.github/workflows (#103)
  • ef3d15f build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3 (#96)
  • a10d9db build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#74)
  • fc401c8 build(deps): bump actions/setup-go from 2 to 3 in /.github/workflows (#93)
  • d1c36c6 feat: add Snyk provider docs (#99)

v0.4.0

1 year ago

bomber now supports enrichment of vulnerability data! Our first enrichment adds EPSS scores into the vulnerability output. What's an EPSS score? It tells us the probability that a vulnerability will be exploited. For in depth information, check out the fascinating documentation at https://www.first.org/epss/

Changelog

  • 4747311 feat: EPSS support (#89)

v0.3.5

1 year ago

This update contains a few bug fixes and updated documentation, and improves the output of all renderers to output that list of files (and hashes) that bomber has processed during scanning.