Releases: microsoft/component-detection
Releases · microsoft/component-detection
v5.1.11
⚙️ Changes
- Update syft image and doc - use docker commands by @pauld-msft (#1307)
v5.1.10
v5.1.9
v5.1.8
v5.1.7
v5.1.6
⚙️ Changes
- Add experimental NuGet detector for framework and dev dependencies by @ericstj (#1285)
- Update nuget known limitations by @pauld-msft (#1295)
- Add python to snapshot publish action by @FernandoRojo (#1293)
- Update dependency FluentAssertions to 6.12.1 - autoclosed by @renovate (#1288)
- Pin actions/setup-python action to 0b93645 by @renovate (#1287)
- Update actions/setup-dotnet action to v4.1.0 by @renovate (#1289)
- Update mstest monorepo to 3.6.1 by @renovate (#1292)
- Update dependency Valleysoft.DockerfileModel to 1.2.0 by @renovate (#1291)
- Update dependency Serilog.Sinks.Async to v2 by @renovate (#1165)
- Bump cryptography from 42.0.4 to 43.0.1 in /test/Microsoft.ComponentDetection.VerificationTests/resources/pip/roots by @dependabot (#1242)
- Bump express from 4.17.2 to 4.20.0 in /test/Microsoft.ComponentDetection.VerificationTests/resources/npm/no-lockfile by @dependabot (#1247)
- Bump Caching.Memory nupkg to fix Security alerts by @grvillic (#1279)
🧰 Maintenance
- Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot (#1211)
- Bump codecov/codecov-action from 4.5.0 to 4.6.0 by @dependabot (#1274)
- Bump shogo82148/actions-upload-release-asset from 1.7.5 to 1.7.8 by @dependabot (#1280)
- Bump github/codeql-action from 3.25.12 to 3.27.0 by @dependabot (#1281)
- Bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot (#1282)