Sbom Tool Versions Save

The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.

1 month ago

⚙️ Changes

Fix main build failures by @pownkel (#557)
fix: Output correct case-sensitive message by @DaveTryon (#556)
fix: Remap errors to warnings if logged inside ComponentDetection by @DaveTryon (#554)
fix: Improve logging on a corrupted manifest file by @DaveTryon (#551)
fix: Improve case-sensitive handling by @DaveTryon (#550)
fix: Add logging to Windows permissions checks by @DaveTryon (#548)
chore: Output failure telemetry if signing validation fails by @DaveTryon (#547)
removed the arm warning for Macs from the readme by @filipw (#546)
fix: Return failing error code on invalid parameter by @DaveTryon (#544)
fix: Improve error if a file is passed as directory parameter by @DaveTryon (#543)
fix: Don't throw a warning if an output folder is specified by @DaveTryon (#542)
fix: Improve visibility of logging from inside exception handlers by @DaveTryon (#540)
Convert SBOM Tool Main Build to 1ESPT by @sfoslund (#535)

2 months ago

Update component detection from 4.2.0 to 4.2.2 by @pownkel (#524)
Update Component Detection version from 4.0.11 to 4.2.0 by @pownkel (#519)
Fix style errors in build by @pownkel (#521)
build(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot (#491)
build(deps): bump release-drafter/release-drafter from 5.25.0 to 6.0.0 by @dependabot (#493)
build(deps): bump github/codeql-action from 3.23.2 to 3.24.3 by @dependabot (#503)
Add link to component detection arguments by @pownkel (#499)
Revise docs to clarify IHostedService impl is optional by @jlperkins (#486)
build(deps): bump actions/setup-dotnet from 3.2.0 to 4.0.0 by @dependabot (#456)
build(deps): bump actions/github-script from 6.4.1 to 7.0.1 by @dependabot (#451)
build(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot (#485)
build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot (#487)
Add linux component license/author info in SBOM by @sebasgomez238 (#476)

4 months ago

build(deps): bump github/codeql-action from 2.22.5 to 3.23.1 by @dependabot (#484)
Updates to documentation by @sebasgomez238 (#482)
Fix IsSuccess return value in SBOMValidator by @micyunmsft (#472)

4 months ago

5 months ago

5 months ago

Bump sdk, pin dependency versions. by @sebasgomez238 (#455)
Update Microsoft.Sbom.Api README.md by @sebasgomez238 (#401)
Add supplier/license info support for rubygems. by @sebasgomez238 (#453)
Better default for JsonSerialization by @ryanbrandenburg (#442)
Enable ConanLock detector by default by @sebasgomez238 (#450)
Extract package info from local package cache for NuGet and Maven by @sebasgomez238 (#441)

6 months ago

Large Stream Json Library by @ryanbrandenburg (#387)
build(deps): bump github/codeql-action from 2.22.4 to 2.22.5 by @dependabot (#440)
Remove BOM from .cs and csproj files by @ryanbrandenburg (#439)

7 months ago

Update to latest version of Component-Detection Libraries. by @sebasgomez238 (#436)
build(deps): bump release-drafter/release-drafter from 5.24.0 to 5.25.0 by @dependabot (#430)
build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot (#431)
build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot (#434)

7 months ago

Update ValidateAsync & throw exception if SBOM not found by @micyunmsft (#425)
Target net6.0 and net8.0 by @sebasgomez238 (#422)
build(deps): bump github/codeql-action from 2.21.8 to 2.22.3 by @dependabot (#429)
Fix typos in documentation by @LukaszKokot (#426)
build(deps): bump stefanzweifel/git-auto-commit-action from 4.16.0 to 5.0.0 by @dependabot (#419)

7 months ago