June 2021

2021-06-25

• [Improvement] Product searches will now include the edition component of a CPE. This provides the ability to include sp2 in the product details and find CPEs that include that edition. Additionally, searching for something like "Service Pack 2" will also find results for sp2. This means that a project with or search for "Windows 7 Service Pack 2" will return cpe:/o:microsoft:windows_7:-:sp2.

2021-06=24

• [Bug Fix] Fixed an issue where the top-level product sometimes appeared twice in an SBOM export.

2021-06-22

• [Bug Fix] Fixed an issue where an analysis would not complete if no dependencies were found within a repository's dependency file.
• [Bug Fix] Fixed an issue where the position of a period in a version number was not considered when determining the confidence of product search results. This sometimes resulted in a search for something like version 1.23.4 matching a product with version 12.3.4.

2021-06-21

• [Improvement] Added the ability to detect dependencies in yarn.lock files.

2021-06-18

• [Improvement] If any scan in an analysis receives an error, the analysis status will now be set to Errored.

2021-06-17

• [Bug Fix] Fixed an issue that prevented importing an SPDX project when a DEPENDS_ON relationship existed for a package.

2021-06-15

• [New Feature] Added the ability to export an SBOM in SPDX and CycloneDX formats.

2021-06-07

• [Bug Fix] Fixed an issue that sometimes resulted in the incorrect CPE being identified for a project.

2021-06-02

• [Improvement] Changed the text color for a Git project's branch in the Provenance tooltip to improve contrast.

2021-06-01

• [New Feature] Added the ability to export the most recent analyses' vulnerability data.
• [Bug Fix] Fixed an issue where the number displayed on the Outdated Dependencies tile could be incorrect for Javascript dependencies. Also resolved an issue where the Details tab did not include direct dependencies with outdated transitive dependencies.