Skip to content

Commit

Permalink
chore(release): release v1.8.4 (#1200)
Browse files Browse the repository at this point in the history
  • Loading branch information
andrewpollock authored Aug 22, 2024
1 parent 35b36a3 commit 4a318af
Show file tree
Hide file tree
Showing 5 changed files with 67 additions and 53 deletions.
14 changes: 14 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
# v1.8.4:

### Features:

- [Feature #1177](https://github.com/google/osv-scanner/pull/1177) Adds `--upgrade-config` flag for configuring allowed upgrades on a per-package basis. Also hide & deprecate previous `--disallow-major-upgrades` and `--disallow-package-upgrades` flags.

### Fixes:

- [Bug #1123](https://github.com/google/osv-scanner/issues/1123) Issue when running osv-scanner on project running with golang 1.22 #1123

### Misc:

- [Feature #638](https://github.com/google/osv-scanner/issues/638) Update go policy to use stable go version for builds (updated to go 1.23)

# v1.8.3:

### Features:
Expand Down
8 changes: 4 additions & 4 deletions cmd/osv-scanner/__snapshots__/main_test.snap
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ No package sources found, --help for usage information.
---

[TestRun/#01 - 1]
osv-scanner version: 1.8.3
osv-scanner version: 1.8.4
commit: n/a
built at: n/a

Expand Down Expand Up @@ -138,7 +138,7 @@ Scanned <rootdir>/fixtures/locks-many/composer.lock file and found 1 package
"informationUri": "https://github.com/google/osv-scanner",
"name": "osv-scanner",
"rules": [],
"version": "1.8.3"
"version": "1.8.4"
}
},
"results": []
Expand Down Expand Up @@ -252,7 +252,7 @@ Filtered 1 vulnerability from output
}
}
],
"version": "1.8.3"
"version": "1.8.4"
}
},
"artifacts": [
Expand Down Expand Up @@ -735,7 +735,7 @@ Scanned <rootdir>/fixtures/locks-insecure/osv-scanner-flutter-deps.json file as
}
}
],
"version": "1.8.3"
"version": "1.8.4"
}
},
"artifacts": [
Expand Down
12 changes: 6 additions & 6 deletions docs/github-action.md
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ permissions:

jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
```
### View results
Expand Down Expand Up @@ -98,7 +98,7 @@ permissions:
jobs:
scan-scheduled:
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
```

As written, the scanner will run on 12:30 pm UTC every Monday, and also on every push to the main branch. You can change the schedule by following the instructions [here](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule).
Expand Down Expand Up @@ -133,7 +133,7 @@ permissions:

jobs:
osv-scan:
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
with:
# Only scan the top level go.mod file without recursively scanning directories since
# this is pipeline is about releasing the go module and binary
Expand Down Expand Up @@ -186,7 +186,7 @@ Examples
```yml
jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
with:
scan-args: |-
--lockfile=./path/to/lockfile1
Expand All @@ -198,7 +198,7 @@ jobs:
```yml
jobs:
scan-pr:
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
with:
scan-args: |-
--recursive
Expand All @@ -225,7 +225,7 @@ jobs:
name: Vulnerability scanning
# makes sure the extraction step is completed before running the scanner
needs: extract-deps
uses: "google/osv-scanner-action/.github/workflows/[email protected].3"
uses: "google/osv-scanner-action/.github/workflows/[email protected].4"
with:
# Download the artifact uploaded in extract-deps step
download-artifact: converted-OSV-Scanner-deps
Expand Down
Loading

0 comments on commit 4a318af

Please sign in to comment.