Skip to content

Releases: digitalcoyote/NuGetDefense

v4.1.3.1

13 Jul 23:11
@digitalcoyote digitalcoyote
v4.1.3.1
9e167cd
Compare
Choose a tag to compare
v4.1.3.1 Latest
Latest

Maintenance Release:

  • NuGetDefense.GitHubAdvisoryDatabase 2.0.6 -> 2.0.7.1
  • NuGetDefense.Core 2.0.13.1 -> 2.0.13.2
  • NuGetDefense.NVD 2.1.6 -> 2.1.6.1
  • NuGetDefense.OSSIndex 2.1.4 -> 2.1.4.1
  • Serilog.Sinks.Console 5.0.1 -> 6.0.0
  • Serilog.Sinks.File 5.0.0 -> 6.0.0
  • NuGet.Versioning 6.10.0 -> 6.10.1
  • System.Text.Json 8.0.3 -> 8.0.4
  • Microsoft.Data.Sqlite 8.0.6 -> 8.0.7
Assets 8
Loading

v4.1.3 BugFix Release

01 Jun 15:07
@digitalcoyote digitalcoyote
v4.1.3
ddbf27a
Compare
Choose a tag to compare
v4.1.3 BugFix Release

Fixed this release:

  • #154 Vulnerable packages not showing in Vulnerability Reports
  • Fix CVSS Scores sometimes slippping under reporting thresholds due to storing them as double
Assets 8
Loading

v4.1.2-prerelease0001

20 May 12:30
@digitalcoyote digitalcoyote
v4.1.2-prerelease0001
505642b
Compare
Choose a tag to compare
v4.1.2-prerelease0001 Pre-release
Pre-release

Prerelease for testing new NVD-Recreate fix in NuGetDefense.Core and NuGetDefense.NVD

Assets 4
Loading

v4.1.1

14 May 02:19
@digitalcoyote digitalcoyote
v4.1.1
4e03dbd
Compare
Choose a tag to compare
v4.1.1

Changes this release:

  • Additional information logged out for cache and config locations (thanks @zachrybaker)
  • Fix #183 Where the NuGetDefense.json was not being found (again thanks to @zachrybaker)
  • NVD API Improvements and logging (bumped to v2.1.2)

Contributors

zachrybaker
Assets 8
Loading

v4.1.0-pre0002

25 Apr 03:02
@digitalcoyote digitalcoyote
v4.1.0-pre0002
bcb938d
Compare
Choose a tag to compare
v4.1.0-pre0002 Pre-release
Pre-release

Fix support for VB.Net and F# projects

Assets 8
Loading

v4.0.5.0

25 Apr 02:43
@digitalcoyote digitalcoyote
v4.0.5.0
16e795e
Compare
Choose a tag to compare
v4.0.5.0

Fix Issues with dotnet list parsing as a temporary solution while parsing project.assets.json is being worked on.

Assets 8
Loading

v3.2.5.0

25 Apr 02:33
@digitalcoyote digitalcoyote
v3.2.5.0
c88387b
Compare
Choose a tag to compare
v3.2.5.0

Fix Issues with dotnet list parsing as a temporary solution while parsing project.assets.json is being worked on.

Assets 8
Loading

v4.1.0-pre0001 Fix dotnet list parsing issues

17 Apr 00:58
@digitalcoyote digitalcoyote
v4.1.0-pre0001
a529dab
Compare
Choose a tag to compare
v4.1.0-pre0001 Fix dotnet list parsing issues Pre-release
Pre-release

NuGetDefense is switching away from parsing the dotnet list output to parsing the project Lock file for resolved dependencies. This should fix the intermittent (ans sometimes cosntant) failures from parsing dotnet list. This required picking up a new dependency NuGet.ProjectModel

What you need to know:

  • dotnet restore is required to create the lock file
  • The file in quest is project.assets.json
    • NuGet Defense looks in the same folder as the project file and in the ./obj folder
  • Fixes #180
Assets 9
Loading

v4.0.4.0 Bugfix Release

16 Mar 17:38
@digitalcoyote digitalcoyote
v4.0.4.0
0257ba2
Compare
Choose a tag to compare
v4.0.4.0 Bugfix Release

Fixed in this Release:

#179 Checking Cached vs Uncached packages can cause an index out of range exception when more than 128 packages are being scanned and GHSA or OSSIndex is enabled.

Assets 8
Loading

v3.2.4.0 Bugfix Release

16 Mar 17:48
@digitalcoyote digitalcoyote
v3.2.4.0
82f8f86
Compare
Choose a tag to compare
v3.2.4.0 Bugfix Release

Fixed in this Release:

#179 Checking Cached vs Uncached packages can cause an index out of range exception when more than 128 packages are being scanned and GHSA or OSSIndex is enabled.

Assets 8
Loading