Skip to content

v4.11.0

Compare
Choose a tag to compare
@spencerschrock spencerschrock released this 22 Jun 20:00
· 763 commits to main since this release
4edb078

What's Changed

New

  • ✨ Consider haskell-actions/hlint-scan a code scanning action by @chungyc in #2846
  • ✨ Detect fuzzing in Haskell by the presence of property tests. by @chungyc in #2843
  • ✨ The SAST check will look for workflows with the "github/codeql-action/analyze" action locally instead of the GitHub Search API endpoint by @spencerschrock in #2839
  • ✨ Scorecard checks for unpinned dependencies that are retrieved ad-hoc using nuget and dotnet CLIs ("nuget install" and "dotnet add") by @balteravishay in #2779
  • ✨ show non-compliant code changes for CI-Tests, Code-Review and SAST checks in --show-details mode by @ashishkurmi in #2835
  • ✨ Detect semantic-release as a packaging workflow by @travi in #2964
  • ✨ Detect semantic-release as a releasing workflow by @travi in #2989
  • ✨ Add support for github GHES by @patelniketm in #2999 and @rajbos in #2788
  • ✨ Detect fast-check PBT library for JavaScript Fuzzing by @dubzzz in #3073
  • ✨ Run Scorecard on packages hosted at Nuget.org using --nuget=<package>by @balteravishay in #3020

Bug Fixes

  • SAST
  • Vulnerabilities
    • 🐛 Give inconclusive Vulnerabilities score when osv-scanner panics by @spencerschrock in #2896
    • 🐛 Update osv-scanner dependency to include Vulnerabilities check fixes by @laurentS in #2981
  • Pinned-Dependencies
    • 🐛 Pip installs count for Pinned-Dependencies score by @gabibguti in #2922
  • Code-Review

Deprecations

GitLab support (WIP)

Docs

New Contributors

Full Changelog: v4.10.5...v4.11.0