v1.6.0

What's Changed

• chore(deps): upgrade to buildah-8gb:0.2 by @ruromero in #369
• chore(deps): update konflux references by @red-hat-konflux[bot] in #362
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1194 by @red-hat-konflux[bot] in #367
• chore(deps): update konflux references by @red-hat-konflux[bot] in #370
• fix(KONFLUX-3663): format PipelineRun files and upload SAST results by @ccronca in #371
• chore(deps): update konflux references by @red-hat-konflux[bot] in #372
• chore(deps): re-create tekton pipelines by @ruromero in #376
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1227.1725849298 by @red-hat-konflux[bot] in #373
• chore(deps): update konflux references by @red-hat-konflux[bot] in #377
• chore(deps): update konflux references by @red-hat-konflux[bot] in #378
• chore(deps): update konflux references to 21c7d03 by @red-hat-konflux[bot] in #379
• chore(deps): update konflux references by @red-hat-konflux[bot] in #380
• chore(deps): update konflux references to 28aaf87 by @red-hat-konflux[bot] in #381
• chore(deps): use mandrel-for-jdk21-rhel8 and use buildah with compute… by @ruromero in #382
• chore(deps): update konflux references by @red-hat-konflux[bot] in #383
• chore(deps): update registry.redhat.io/ubi9/openjdk-21 docker tag to v1.21 by @red-hat-konflux[bot] in #385
• chore(deps): update registry.redhat.io/ubi9/openjdk-21-runtime docker tag to v1.21 by @red-hat-konflux[bot] in #386
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1733767867 by @red-hat-konflux[bot] in #387
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1736404155 by @red-hat-konflux[bot] in #388
• chore(deps): update quay.io/quarkus/quarkus-micro-image docker tag to v3 by @red-hat-konflux[bot] in #389
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1739420147 by @red-hat-konflux[bot] in #390
• chore(deps): update konflux references by @red-hat-konflux[bot] in #384
• build: use a remote pipeline by @ruromero in #391
• build: drop GitHub CI pipelines by @ruromero in #392
• chore: update references to trustification org by @ruromero in #396
• feat: integrate with TPA by @ruromero in #394
• Red Hat Konflux update exhort by @red-hat-konflux[bot] in #399
• feat!: drop onguard integration in favour of tpa by @ruromero in #398
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1742914212 by @red-hat-konflux[bot] in #400
• chore(deps): update registry.redhat.io/ubi9/openjdk-21 docker tag to v1.22 by @red-hat-konflux[bot] in #401
• chore(deps): update registry.redhat.io/ubi9/openjdk-21-runtime docker tag to v1.22 by @red-hat-konflux[bot] in #402
• chore(deps): drop unused openjdk task by @ruromero in #403
• build: trigger new build by @ruromero in #406
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1745855087 by @red-hat-konflux[bot] in #407
• feat: add tpa client authentication by @ruromero in #409
• fix: timeout cannot be parsed by @ruromero in #410
• chore: update graphana template to migrated stage env by @ruromero in #411
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1747218906 by @red-hat-konflux[bot] in #414
• Konflux build pipeline service account migration by @red-hat-konflux[bot] in #412
• fix: empty status caused NPE by @ruromero in #416
• fix: update hover message for zero vulnerabilities by @ruromero in #418
• fix: sync generated sources by @ruromero in #419
• chore: move to next version by @ruromero in #420
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1749489516 by @red-hat-konflux[bot] in #421
• feat: support cyclonedx 1.6 by @ruromero in #424
• feat: upgrade to spdx-java lib by @ruromero in #426
• chore: refactor spdx processing to reduce memory and processing time by @ruromero in #427
• feat!: drop support for v3 by @ruromero in #431
• feat: split tpa requests by @ruromero in #429
• feat: allow users to opt-out from trusted content by @ruromero in #433
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1751286687 by @red-hat-konflux[bot] in #436
• fix: decode version and support debian package urls by @ruromero in #438
• feat: implement model card request and query by @ruromero in #435
• feat: add it for model card integration by @ruromero in #439
• chore: add rds metrics to grafana staging by @ruromero in #441
• feat: populate initial config and data in the database by @ruromero in #443
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1752069876 by @red-hat-konflux[bot] in #440
• feat: add guardrails to model card report by @ruromero in #445
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1752587672 by @red-hat-konflux[bot] in #448
• feat: adapt tpa response by @ruromero in #447
• fix: allow missing root component purl by @ruromero in #451
• fix: group advisories data by CVE by @ruromero in #453
• fix: support recomendations with missing status by @ruromero in #454
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1753762263 by @red-hat-konflux[bot] in #457
• feat: link metric and threshold by @ruromero in #459
• Keep onguard by @ruromero in #460
• chore: add tpa_disabled parameter by @ruromero in #463
• chore(refactor): rename threshold name to impact and use generic names by @ruromero in #464
• feat: split osv requests and increase timeout by @ruromero in #465
• chore(deps): update registry.redhat.io/ubi9/openjdk-21-runtime docker tag to v1.23 by @red-hat-konflux[bot] in #462
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.6-1755695350 by @red-hat-konflux[bot] in #458
• fix: the tpa token was not being set by @ruromero in #467
• feat: inform trusted-content is not available by @ruromero in #470
• chore(deps): update registry.redhat.io/ubi9/openjdk-21 docker tag to v1.23 by @red-hat-konflux[bot] in #461
• fix: exhort rds grafana regex by @ruromero in #471

New Contributors

• @ccronca made their first contribution in #371

Full Changelog: v1.5.3...v1.6.0

v1.5.4

What's Changed

• chore(deps): upgrade to buildah-8gb:0.2 by @ruromero in #369
• chore(deps): update konflux references by @red-hat-konflux in #362
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1194 by @red-hat-konflux in #367
• chore(deps): update konflux references by @red-hat-konflux in #370
• fix(KONFLUX-3663): format PipelineRun files and upload SAST results by @ccronca in #371
• chore(deps): update konflux references by @red-hat-konflux in #372
• chore(deps): re-create tekton pipelines by @ruromero in #376
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1227.1725849298 by @red-hat-konflux in #373
• chore(deps): update konflux references by @red-hat-konflux in #377
• chore(deps): update konflux references by @red-hat-konflux in #378
• chore(deps): update konflux references to 21c7d03 by @red-hat-konflux in #379
• chore(deps): update konflux references by @red-hat-konflux in #380
• chore(deps): update konflux references to 28aaf87 by @red-hat-konflux in #381
• chore(deps): use mandrel-for-jdk21-rhel8 and use buildah with compute… by @ruromero in #382
• chore(deps): update konflux references by @red-hat-konflux in #383
• chore(deps): update registry.redhat.io/ubi9/openjdk-21 docker tag to v1.21 by @red-hat-konflux in #385
• chore(deps): update registry.redhat.io/ubi9/openjdk-21-runtime docker tag to v1.21 by @red-hat-konflux in #386
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1733767867 by @red-hat-konflux in #387
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1736404155 by @red-hat-konflux in #388
• chore(deps): update quay.io/quarkus/quarkus-micro-image docker tag to v3 by @red-hat-konflux in #389
• chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1739420147 by @red-hat-konflux in #390
• chore(deps): update konflux references by @red-hat-konflux in #384
• build: use a remote pipeline by @ruromero in #391
• build: drop GitHub CI pipelines by @ruromero in #392
• chore: update references to trustification org by @ruromero in #396

New Contributors

• @ccronca made their first contribution in #371

Full Changelog: v1.5.3...v1.5.4

v1.4.3

What's Changed

• feat: Added disclaimer for osv-nvd. by @olavtar in #308
• fix: add missing metrics and make telemetry async by @ruromero in #310
• fix: make error processing asynchronous by @ruromero in #311
• fix: count only vulnerable dependencies by @ruromero in #312
• chore(deps): update rhtap references by @red-hat-konflux in #307
• feat: upgrade to latest sentry and quarkus dependencies by @ruromero in #314
• fix: prevent race condition when processing the monitoring context by @ruromero in #315
• chore(deps): upgrade spdx to avoid dep with vulnerable org.json:json by @ruromero in #316
• feat: add ubi mapping for base image recommendation by @xieshenzh in #313
• fix: missing track event by @ruromero in #317

Full Changelog: v1.4.1...v1.4.3

v1.4.1

What's Changed

• chore: update cicd build pipeline by @ruromero in #305
• fix: wrong cpu limits by @ruromero in #306

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's Changed

• fix: remove cves reported as Fixed/NotAffected by TC by @ruromero in #251
• TC-834: Fixed the color inconsistency for the severity labels. by @olavtar in #253
• chore(deps): update rhtap references by @red-hat-konflux in #250
• fix: properly calculate the direct highestVulnerability by @ruromero in #254
• feat: Generate and add ex-request-id response header by @zvigrinberg in #252
• TC-846: Changed column width by @olavtar in #255
• fix: add recommendations when no issues are reported by @ruromero in #256
• chore(deps): update rhtap references by @red-hat-konflux in #257
• [exhort migration] add new clusters to dashboard by @chassing in #259
• fix: provide better validation messages by @ruromero in #261
• chore(deps): update rhtap references by @red-hat-konflux in #260
• feat: support spdx 2.2 by @ruromero in #262
• feat: allow gzip content-encoding by @ruromero in #263
• TC-911: Fixed the link for the report Direct Dependency column by @olavtar in #264
• chore: add links to Grafana Explore logs by @vbelouso in #265
• Filtering dependencies without vulnerabilities. by @olavtar in #266
• chore: delete backstage resources by @vbelouso in #267
• feat: integrate with osv-nvd provider by @ruromero in #258
• chore: set onguard endpoint by @ruromero in #268
• update the dashboard to filter by exhort pod name by @vbelouso in #270
• feat: add multi-package support for snyk by @ruromero in #271
• chore(deps): update rhtap references by @red-hat-konflux in #269
• feat: consider components with unknown deps as direct deps by @ruromero in #272
• UI - changed column name and summary card by @olavtar in #273
• chore(deps): update rhtap references by @red-hat-konflux in #274
• feat: ignore duplicated CycloneDX purls by @ruromero in #276
• chore(deps): update rhtap references by @red-hat-konflux in #275
• fix: correct contained_by/contains relationships and filter duplicates in Snyk by @ruromero in #278
• chore(deps): update rhtap references by @red-hat-konflux in #277
• chore(deps): update rhtap references by @red-hat-konflux in #280
• Empty ChartDonut if no vulnerabilities by @olavtar in #283
• fix: allow CycloneDX SBOMs without metadata by @ruromero in #282
• feat: add user-agent snyk HTTP Header by @ruromero in #284
• chore(deps): add commitlint ci action by @ruromero in #285
• fix: support cvssV2 conversion to V3 by @ruromero in #279
• feat: add cve link and description for OSV/NVD vulnerabilities by @ruromero in #286
• fix: wrong id and link for Snyk vulnerabilities by @ruromero in #287
• chore(deps): update rhtap references by @red-hat-konflux in #290
• feat: add show more expandable for long descriptions by @ruromero in #288
• feat: replace pie chart text with Unique vulnerabilities by @ruromero in #289
• chore(deps): update rhtap references by @red-hat-konflux in #291
• chore(deps): update rhtap references by @red-hat-konflux in #295
• chore(deps): update rhtap references by @red-hat-konflux in #296
• chore(deps): update rhtap references by @red-hat-konflux in #297
• feat: add pkgType count to telemetry event by @ruromero in #298
• feat: add telemetry property for requests using credentials by @ruromero in #299
• feat: support sbom list as request body by @xieshenzh in #292
• fix: avoid duplicated CVE recommendations by @ruromero in #301
• feat: add readiness health check for external services by @zvigrinberg in #293
• chore(deps): move to jvm build by @ruromero in #303
• fix: CycloneDX strict validation by @ruromero in #302
• chore(deps): update rhtap references by @red-hat-konflux in #300
• chore: remove skip-ci comment by @ruromero in #304

New Contributors

• @chassing made their first contribution in #259
• @xieshenzh made their first contribution in #292

Full Changelog: v1.3.3...v1.4.0

v1.3.2

What's Changed

• fix: missing check for transitive remediations by @ruromero in #247

Full Changelog: v1.3.1...v1.3.2

v1.3.1

What's Changed

• increase pod memory limit by @vbelouso in #242
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #243
• fix: don't recommend for same package version by @ruromero in #244
• chore: update Grafana to use /api/v4/analysis by @vbelouso in #245
• chore: remove leftover reference to the api-spec by @ruromero in #246

Full Changelog: v1.3.0...v1.3.1

v1.3.0

What's Changed

• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #211
• feat: add slo metrics by @ruromero in #209
• docs: correct spelling of README by @vbelouso in #214
• TC-752-Chart precentage by @olavtar in #215
• TC-416: Color Theme by @olavtar in #216
• fix: issue with invalid oss-index credentials by @ruromero in #218
• fix: unique snyk vulnerabilities where not shown by @ruromero in #217
• fix: incorrect transitive dependencies by @ruromero in #219
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #221
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #222
• feat: add unauthenticated response for oss-index by @ruromero in #220
• fix: remove oss-index warning and show tabs at the end by @ruromero in #224
• Update catalog-info.yaml by @lokeshrangineni in #225
• Update catalog-info.yaml by @lokeshrangineni in #227
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #223
• fix: show invalid credentials warning by @ruromero in #229
• Text changes requested for UI. by @olavtar in #230
• adding new service account, role, role binding to be used by backstag… by @lokeshrangineni in #228
• feat: add tc recommendations to EXHORT by @zvigrinberg in #226
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #231
• feat: include TrustedContent remediations and recommendations by @ruromero in #233
• feat: recommend a TC remediation per Dependency' issue by @zvigrinberg in #232
• fix: unexpected NPE when setting TC remediation by @ruromero in #235
• Added TC remediations by @olavtar in #236
• fix: oss-index requires canonicalized purls by @ruromero in #237
• fix: ignore recommendation when package is the same by @ruromero in #238
• feat: allow trustification to use default authentication by @ruromero in #234
• chore: update .gitignore by @ruromero in #239
• feat: revert trustification-ossindex customization by @ruromero in #240
• chore: disable oss-index integration by default by @ruromero in #241

Full Changelog: v1.2.0...v1.3.0

v1.2.0

What's Changed

• chore: bump deps by @ruromero in #189
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #190
• chore: skip deployment upon release by @ruromero in #191
• Separated HTML Report Tests by @olavtar in #193
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #192
• fix: html report pkg manager links and converter issues by @ruromero in #194
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #195
• chore: add PROJECT_NAME parameter by @ruromero in #196
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #197
• chore: build always on push by @ruromero in #198
• fix: show issues from dependencies by @ruromero in #199
• docs: replace outdated v3 references by @ruromero in #203
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #200
• docs: fix readme indentation by @ruromero in #204
• feat: delegate client errors to each provider by @ruromero in #202
• Adding backstage configuration - catalog-info.yaml by @lokeshrangineni in #207
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #205
• build: use the openapi data model from a dedicated repository by @ruromero in #208
• fix: oss-index cannot aggregate big requests by @ruromero in #210
• chore(deps): bump some deps by @ruromero in #212

New Contributors

• @lokeshrangineni made their first contribution in #207

Full Changelog: v1.1.0...v1.2.0

Exhort v1.1.0

What's Changed

• fix: namespace variable in http response codes by @ruromero in #159
• feat: Enhance telemetry data by @ruromero in #160
• fix: npm package ns parsing and enhance logs by @ruromero in #162
• TC-570, TC-588: fixed pagination and search box error message. by @olavtar in #164
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #155
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #166
• add Grafana SLO panel by @vbelouso in #168
• chore: exclude configuration folders from pipeline by @vbelouso in #169
• feat!: implement multi-source by @ruromero in #170
• chore: update tekton trigger conditions by @ruromero in #173
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #174
• feat: add deadletter handler and monitoring report to Sentry by @ruromero in #172
• Created a common component for showing the rows by @olavtar in #175
• fix: spdx relationships by @ruromero in #179
• Single Source Report Adjustments by @olavtar in #180
• chore: add devfile.yaml by @ruromero in #181
• chore: add telemetry env var to deployment by @ruromero in #183
• Red Hat Trusted App Pipeline update exhort by @red-hat-trusted-app-pipeline in #185
• chore(deps): update rhtap references by @red-hat-trusted-app-pipeline in #186
• chore: use images from redhat registry by @ruromero in #187
• chore: update container-port attribute by @ruromero in #188

Full Changelog: v1.0.0...v1.1.0