-
Notifications
You must be signed in to change notification settings - Fork 47
Releases: guacsec/trustify
Releases · guacsec/trustify
0.5.0-rc.1
0.5.0-rc.1
Pre-release
Pre-release
Changelog
v0.5.0-rc.1 (2026年06月08日)
⚠ BREAKING-CHANGE
- Querying for NULL fields is now achieved using anASCII NUL value, percent-encoded as %00, instead of the literal string
"null".
Features
- implement the read-only database connection (f4486cf)
- change limit=0 to return no items and enforce maximum limit (c529e29)
- improve pagination (f5d071a)
- implement the read-only switch (5a64f7b)
- work with snapshot archives (0262dd1)
- add endpoint for returning all AIBOM's, optionally filtered (db53755),
closes #2324 - add ability to retrieve scores of authoritative advisory (d7b7c73)
- server: add OIDC_LOAD_USER configuration support (d24c0ae)
- API endpoint for fetching an SBOM's AI models (010de0d), closes #2254
- add support for CSAF advisories with CPE-based product IDs instead of PURLs
(5e0d887) - advisory’s query and pruning functionality (e02553a)
- SBOM pruning functionality (50b9e82)
- add btrfs and squashfs tools to the xtask image (d83bec6)
- Add unit tests for the command. (bd592f1)
- Completed the SBOM delete logic and added unit tests. (cedc894)
- add auth token command (203f814)
- implement sbom cli (0ed8e5f)
- implement SBOM group assignments during upload (8420281)
- implement SBOM group assignments (24b7e46)
- add xz to the xtask container (083ccfe)
- ingest cryptographic assets into the database (1423a9b), closes #2198
- ingest AI components into the database (b0606c0), closes #2199
- ingest & expose CSAF remediation data in API (9a62e32)
- support querying fields containing the literal string, "null" (cc7472d),
closes #2230 - add SBOM group permissions (5b6ffc9)
- migrate API consumers to read from advisory_vulnerability_score table
(2d72cb1), closes #1913 - include all scores in PurlStatus (015cb9e)
- reduce psql noise in build/test output (4212d2b)
- Better support for CycloneDX component types (06364ad), closes #2205
- implement osv vector parsing (e88c7a5)
- use cvss library to parse cve scores (cee5371)
- ingest scores (0bcac1e)
- allow spreading load across runners (35ee026)
- add way to run data migrations from main binary (73685c7)
- add a way to run data migrations individually (b951eb4)
- allow running data migrations as part of migrations (0be9473)
- Fix ENV variable in helper conf (63dc503)
- search by all CPE components in analysis queries (b6c3137)
- include AdvisoryHead in PurlStatus (b10c2f1)
- process reference loops gracefully (2ba8e4a)
- add version range to purl status (53e6492)
- delete orphaned PURLs (TC-3020) (ea316fe)
- refactor from suggestion and update docs (ae42f03)
- allow arbitrary devmode clientids (26c4b69)
- allow dump generator to consume files directly (d4b9f50)
- api: recommendations api (fac608a)
- license filter consistent for SBOM packages tab (8f4eaba)
- Add support for aibom and cbom detection (2c357b0)
- disable GC for orphaned packages by default (df18dbb)
- fundamental: return all scores in addition for sbom advisories
(a6381d2) - enhance correlation for SBOMs without CPE (8f4bacb)
- SBOM license filtering with refactoring for SBOM and PURL services (TC-2832)
(340528b) - license list endpoint with filtering (TC-2922) (97eb2a4)
Fixes
- let AnalysisService use the ReadOnly connection (ef0d70e)
- analysis: add collector-local cache to prevent redundant SBOM loads
(5ac0ce2) - prevent deep recursion when SBOMs get evicted while processing (dce4d88)
- fundamental: describe proper return time for openapi schema (2f5c9ba)
- limit and offset argment where swapped (af8648c)
- use a dedicated DB pool only for out-of-band data migrations (e4bd990)
- inherit information for workspace (62993e0)
- handle a case where scores where requested but not present (5d6132c)
- validate CVSS v2 score range (0ca2293)
- apply UNION subquery license filter fix to SBOM endpoints (0ddb8ca)
- create an index actually on advisories (be6c068)
- increase performance of "list sbom" (bedbcb7)
- scope product_ids in remediations to the specific CPE of that vulnerability
(dc92da7) - update cvss-rs version to 0.3.0 to resolve parsing issues (fa9cdfd)
- recursion limit issue (309aca3)
- license: add missing test data file for partial LicenseRef- match test
(TC-3591) (dd31dae) - license: prevent partial LicenseRef- matches in license expression
expansion (TC-3591) (a26b814) - container: install tzdata for xtask container (6ff50ba)
- implement numeric sorting for vulnerability IDs (8e912cf), closes #1811
- accept SHA-256 identifiers in SBOM packages and related endpoints (0f779a8)
- migration: add PARALLEL SAFE to version_matches function in m0002080
(3ebda89) - align openapi.yaml spec to actual response of read sbom group (43287b2)
- fundamental: return IDs instead of names when returning parents
(c63d7fc) - add an SBOM revision field (a1d5cbe)
- entity: fix the sbom -> sbom_group relationship (94123a4)
- validate labels (218dfc6)
- add APIs for managing group assignments after uploading (518ba14)
- ensure %2F in purl names is handled properly (665f115), closes #2146
- skip inserting when empty, leads to faulty SQL (73f30f3)
- metrics matching routes with path params first (809b6d4)
- add CPE part to context to fix failing test (c1422ef)
- add 'purl:type' alias to context to fix failing test (606b919)
- deduplicate vulnerabilities in recommend endpoint (eaaf627)
- analysis: resolve the ancestor loading (d0660a1)
- add missing sbom_node FROM clause (1f839ab)
- reinstate original /v2/vulnerability/analyze and introduce
/v3/vulnerability/analyze (6b9d483) - Add missing build context (ac5e846), closes #2136
- more resilient model shape matching & tests (9d2ec6b)
- deduplicate (advisory,version range) (7af434e)
- upgrade cve library to support 5.2 scheme version (77e02e6)
- add OrganizationCreator to fix deadlock (TC-3176) (d0ad528)
- SBOM and Vulnerability deadlocks fix (TC-3176) (68b8b26)
- ensure content is fully written (04612b9)
- SBOM details filters out the deprecated advisories (TC-3191) (8af5206)
- PurlStatusCreator to take PurlStatusEntry ownership (TC-3152) (f7f88ad)
- PurlStatusCreator to avoid package ingestion race condition (TC-3152)
(5bf2651) - package ingestion race condition (TC-3152) (ede909e)
- remove check for previously ingested SBOM from gensbom script (80947f5)
- avoid formatting errors with query markdown docs (87c7df4), closes #2081
- PurlCreator::create race condition (TC-3152) (2381bef)
- remove useless async from SbomStatus::new (TC-3085) (330d696)
- optimize data in memory (TC-3085) (9457862)
- add log to track pre-fetched data (TC-3085) (053ca39)
- DatabaseExt as a blanket implementation on TransactionTrait (TC-3085)
(62ad6ba) - remove DB stream usage (TC-3085) (d9a5005)
- make GET endpoint working with repeatable read transaction (TC-3085)
(583dc19) - update TRUSTD_DEVMODE_ADDITIONAL_CLIENTS env var (1ae7fd2)
- more scalable license filtering condition (TC-3006) (4c07d4a)
- metrics: add DefaultRootRouteFormatter for empty paths (0218951)
- analysis: properly escape when exporting to graphviz (a79f708)
- ingestor: also consider direct versions (0c73c44)
- source document id must be non-null (877a6b8)
- VersionedPurlStatus doesn't find the status (ce1537c)
Assets 44
0.4.13
Assets 44
- sha256:7239910c71c4ffc33cc01d0ef47867da198599f877d2957c2b6c83c87c3f9247981 KB
2026年06月02日T08:36:39Z - sha256:b68307836d8264bb162b46bab957b15fc8ba7a1f49d86ac80fd5d043798f9ce839.5 MB
2026年06月02日T08:36:39Z - sha256:52e4bcb3ff4362a265d33335a2c089516da6d285de7ff65e80d8508a692bd081976 KB
2026年06月02日T08:36:45Z - sha256:5624e888c16375cb0bc6de6b9c1a0cd2c290fcd2507d0d39126cf96ae2f1b88f40.1 MB
2026年06月02日T08:36:45Z - sha256:b3ea653ae6712f6964c27ecc1165ff7ae95f00db145d84ba68e3eab980ab216e983 KB
2026年06月02日T08:36:46Z - sha256:d95734b8b33e98749e605b98631cf599aceff8c02f56577fcee6070801f5669641.2 MB
2026年06月02日T08:36:46Z - sha256:e08efc54bed2547da302d5d59eb266344b11d39dbe0bf663c2431f3520eb1617996 KB
2026年06月02日T08:36:52Z - sha256:fc9d11afcd776e1a952e602c71eaff124128ade50c16bd1f51fc7f3bc1011d2d36.5 MB
2026年06月02日T08:36:50Z - sha256:e75a6ad8fc5c97390e80f92f904d5a835eb4707bc89f4715a3f23c0f5a6a5c91977 KB
2026年06月02日T08:36:48Z - sha256:52efd7debbd255057adf0ec3eca10f70f7e3ddafdf9666aa65d1f57b65ac8f9241 MB
2026年06月02日T08:36:48Z -
2026年06月01日T11:01:53Z -
2026年06月01日T11:01:53Z - Loading
0.5.0-beta.2
0.5.0-beta.2
Pre-release
Pre-release
Changelog
v0.5.0-beta.2 (2026年04月20日)
⚠ BREAKING-CHANGE
- Querying for NULL fields is now achieved using anASCII NUL value, percent-encoded as %00, instead of the literal string
"null".
Features
- add ability to retrieve scores of authoritative advisory (d7b7c73)
- server: add OIDC_LOAD_USER configuration support (d24c0ae)
- API endpoint for fetching an SBOM's AI models (010de0d), closes #2254
- add support for CSAF advisories with CPE-based product IDs instead of PURLs
(5e0d887) - advisory’s query and pruning functionality (e02553a)
- SBOM pruning functionality (50b9e82)
- add btrfs and squashfs tools to the xtask image (d83bec6)
- Add unit tests for the command. (bd592f1)
- Completed the SBOM delete logic and added unit tests. (cedc894)
- add auth token command (203f814)
- implement sbom cli (0ed8e5f)
- implement SBOM group assignments during upload (8420281)
- implement SBOM group assignments (24b7e46)
- add xz to the xtask container (083ccfe)
- ingest cryptographic assets into the database (1423a9b), closes #2198
- ingest AI components into the database (b0606c0), closes #2199
- ingest & expose CSAF remediation data in API (9a62e32)
- support querying fields containing the literal string, "null" (cc7472d),
closes #2230 - add SBOM group permissions (5b6ffc9)
- migrate API consumers to read from advisory_vulnerability_score table
(2d72cb1), closes #1913 - include all scores in PurlStatus (015cb9e)
- reduce psql noise in build/test output (4212d2b)
- Better support for CycloneDX component types (06364ad), closes #2205
- implement osv vector parsing (e88c7a5)
- use cvss library to parse cve scores (cee5371)
- ingest scores (0bcac1e)
- allow spreading load across runners (35ee026)
- add way to run data migrations from main binary (73685c7)
- add a way to run data migrations individually (b951eb4)
- allow running data migrations as part of migrations (0be9473)
- Fix ENV variable in helper conf (63dc503)
- search by all CPE components in analysis queries (b6c3137)
- include AdvisoryHead in PurlStatus (b10c2f1)
- process reference loops gracefully (2ba8e4a)
- add version range to purl status (53e6492)
- delete orphaned PURLs (TC-3020) (ea316fe)
- refactor from suggestion and update docs (ae42f03)
- allow arbitrary devmode clientids (26c4b69)
- allow dump generator to consume files directly (d4b9f50)
- api: recommendations api (fac608a)
- license filter consistent for SBOM packages tab (8f4eaba)
- Add support for aibom and cbom detection (2c357b0)
- disable GC for orphaned packages by default (df18dbb)
- fundamental: return all scores in addition for sbom advisories
(a6381d2) - enhance correlation for SBOMs without CPE (8f4bacb)
- SBOM license filtering with refactoring for SBOM and PURL services (TC-2832)
(340528b) - license list endpoint with filtering (TC-2922) (97eb2a4)
Fixes
- inherit information for workspace (62993e0)
- handle a case where scores where requested but not present (5d6132c)
- validate CVSS v2 score range (0ca2293)
- apply UNION subquery license filter fix to SBOM endpoints (0ddb8ca)
- create an index actually on advisories (be6c068)
- increase performance of "list sbom" (bedbcb7)
- scope product_ids in remediations to the specific CPE of that vulnerability
(dc92da7) - update cvss-rs version to 0.3.0 to resolve parsing issues (fa9cdfd)
- recursion limit issue (309aca3)
- license: add missing test data file for partial LicenseRef- match test
(TC-3591) (dd31dae) - license: prevent partial LicenseRef- matches in license expression
expansion (TC-3591) (a26b814) - container: install tzdata for xtask container (6ff50ba)
- implement numeric sorting for vulnerability IDs (8e912cf), closes #1811
- accept SHA-256 identifiers in SBOM packages and related endpoints (0f779a8)
- migration: add PARALLEL SAFE to version_matches function in m0002080
(3ebda89) - align openapi.yaml spec to actual response of read sbom group (43287b2)
- fundamental: return IDs instead of names when returning parents
(c63d7fc) - add an SBOM revision field (a1d5cbe)
- entity: fix the sbom -> sbom_group relationship (94123a4)
- validate labels (218dfc6)
- add APIs for managing group assignments after uploading (518ba14)
- ensure %2F in purl names is handled properly (665f115), closes #2146
- skip inserting when empty, leads to faulty SQL (73f30f3)
- metrics matching routes with path params first (809b6d4)
- add CPE part to context to fix failing test (c1422ef)
- add 'purl:type' alias to context to fix failing test (606b919)
- deduplicate vulnerabilities in recommend endpoint (eaaf627)
- analysis: resolve the ancestor loading (d0660a1)
- add missing sbom_node FROM clause (1f839ab)
- reinstate original /v2/vulnerability/analyze and introduce
/v3/vulnerability/analyze (6b9d483) - Add missing build context (ac5e846), closes #2136
- more resilient model shape matching & tests (9d2ec6b)
- deduplicate (advisory,version range) (7af434e)
- upgrade cve library to support 5.2 scheme version (77e02e6)
- add OrganizationCreator to fix deadlock (TC-3176) (d0ad528)
- SBOM and Vulnerability deadlocks fix (TC-3176) (68b8b26)
- ensure content is fully written (04612b9)
- SBOM details filters out the deprecated advisories (TC-3191) (8af5206)
- PurlStatusCreator to take PurlStatusEntry ownership (TC-3152) (f7f88ad)
- PurlStatusCreator to avoid package ingestion race condition (TC-3152)
(5bf2651) - package ingestion race condition (TC-3152) (ede909e)
- remove check for previously ingested SBOM from gensbom script (80947f5)
- avoid formatting errors with query markdown docs (87c7df4), closes #2081
- PurlCreator::create race condition (TC-3152) (2381bef)
- remove useless async from SbomStatus::new (TC-3085) (330d696)
- optimize data in memory (TC-3085) (9457862)
- add log to track pre-fetched data (TC-3085) (053ca39)
- DatabaseExt as a blanket implementation on TransactionTrait (TC-3085)
(62ad6ba) - remove DB stream usage (TC-3085) (d9a5005)
- make GET endpoint working with repeatable read transaction (TC-3085)
(583dc19) - update TRUSTD_DEVMODE_ADDITIONAL_CLIENTS env var (1ae7fd2)
- more scalable license filtering condition (TC-3006) (4c07d4a)
- metrics: add DefaultRootRouteFormatter for empty paths (0218951)
- analysis: properly escape when exporting to graphviz (a79f708)
- ingestor: also consider direct versions (0c73c44)
- source document id must be non-null (877a6b8)
- VersionedPurlStatus doesn't find the status (ce1537c)