v4.2.2

⚙️ Changes

• Resolve vulnerabilities in transitive dep by @grvillic (#1023)
• chore(deps): update github/codeql-action action to v3.24.6 by @renovate (#988)
• Support development dependencies for the Gradle detector by @joakley-msft (#878)

v4.2.1

⚙️ Changes

• Update RustCLI processing to handle virtual manifests / skip over vendor packages by @FernandoRojo (#1015)

🐛 Bug Fixes

• Catch version spec failures in Python detection by @cobya (#1006)

🧰 Maintenance

• build(deps): bump github/codeql-action from 3.23.2 to 3.24.1 by @dependabot (#1007)

v4.2.0

⚙️ Changes

🚀 New Features

• Get ancestor for displaying dependency tree in relationships by @tarun06 (#927)

🐛 Bug Fixes

• remove category usage from the poetry detector by @tofay (#991)

🧰 Maintenance

• build(deps): bump codecov/codecov-action from 3.1.4 to 4.0.0 by @dependabot (#993)
• build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot (#984)
• build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot (#989)

v4.1.2

⚙️ Changes

• Fix stream read for cargo fallback by @FernandoRojo (#994)

v4.1.1

⚙️ Changes

• Add fallback logic for rust CLI detector and additional telemetry by @FernandoRojo (#990)
• chore(deps): update spectre-console monorepo to v0.48.0 by @renovate (#925)
• chore(deps): update dependency serilog.sinks.console to v5 by @renovate (#896)
• chore(deps): update dependency faker.net to v2.0.163 by @renovate (#981)

v4.1.0

⚙️ Changes

• Bump Syft from 0.74.0 to 0.100.0 by @JamieMagee (#960)
• chore(deps): update github/codeql-action action to v3.23.1 by @renovate (#955)
• Move Set scope to avoid cross-root conflicts by @FernandoRojo (#978)
• Add hashtable to resolve circular rust dependencies by @FernandoRojo (#975)
• chore(deps): update dependency polly to v8.2.1 by @renovate (#951)
• chore(deps): update dependency stylecop.analyzers to v1.2.0-beta.556 by @renovate (#945)
• chore(deps): update mcr.microsoft.com/dotnet/runtime-deps:6.0-cbl-mariner2.0 docker digest to 7b8cfde by @renovate (#943)
• chore(deps): update dependency microsoft.visualstudio.threading.analyzers to v17.8.14 by @renovate (#905)
• chore(deps): update nuget monorepo to v6.8.0 by @renovate (#911)
• chore(deps): update dependency morelinq to v4.1.0 by @renovate (#922)
• chore(deps): update dependency tomlyn.signed to v0.17.0 by @renovate (#923)

📝 Documentation

• Fix link to the latest release by @50Wliu (#947)

🚀 New Features

• Add Supplier/License info to RustCli Cargo Components. by @sebasgomez238 (#940)
• Adds supplier/license info to pip components. by @sebasgomez238 (#938)

🐛 Bug Fixes

• Make Python detection more resilient to unexpected failure cases by @cobya (#962)

🧰 Maintenance

• build(deps): bump actions/upload-artifact from 4.0.0 to 4.2.0 by @dependabot (#979)
• build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot (#935)
• build(deps): bump actions/setup-dotnet from 3.2.0 to 4.0.0 by @dependabot (#926)
• build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot (#941)

v4.0.11

⚙️ Changes

• Removed experiments on released detectors: NPM Lockfile V3 and Nuget by @grvillic (#939)

🧰 Maintenance

• build(deps): bump github/codeql-action from 2.22.8 to 3.22.11 by @dependabot (#933)

v4.0.10

⚙️ Changes

• Fix exit code check and virtual manifest parsing (RustCli) by @FernandoRojo (#937)

🚀 New Features

• Add Author/License to LinuxComponent by @sebasgomez238 (#934)
• Adds an entry point for the sbom-tool use the ScanCommand class. by @sebasgomez238 (#936)

v4.0.9

⚙️ Changes

• Enable Experimental Rust and update telemetry by @FernandoRojo (#931)

v4.0.8

⚙️ Changes

• Promote NPM Lockfile v3 detector to run by default by @grvillic (#924)
• chore(deps): update dotnet monorepo by @renovate (#892)
• chore(deps): update actions/github-script action to v7 by @renovate (#898)
• Skip detection of workspace projects in Yarn detector by @MLoughry (#915)
• Update documentation for detector arguments by @sailro (#918)
• Add a parameter to disable the summary display by @sailro (#917)
• chore(deps): update dependency microsoft.sourcelink.github to v8 by @renovate (#907)
• chore(deps): update dependency microsoft.net.test.sdk to v17.8.0 by @renovate (#893)
• chore(deps): update dependency polly to v8.2.0 by @renovate (#902)
• chore(deps): update dependency serilog to v3.1.1 by @renovate (#895)
• Add --all-features per issue #894 by @RobJellinghaus (#897)

🐛 Bug Fixes

• Resolve Pip TryAdd exception on duplicates by @cobya (#920)

🧰 Maintenance

• build(deps): bump github/codeql-action from 2.22.6 to 2.22.8 by @dependabot (#913)
• build(deps): bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot (#903)