Releases: cbomkit/sonar-cryptography
Releases · cbomkit/sonar-cryptography
1.5.1
What's Changed
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.43.0 to 2.44.2 by @dependabot[bot] in #208
- Bump org.cyclonedx:cyclonedx-core-java from 9.1.0 to 10.1.0 by @dependabot[bot] in #203
- Bump com.google.guava:guava from 33.3.1-jre to 33.4.0-jre by @dependabot[bot] in #210
- Bump org.assertj:assertj-core from 3.26.3 to 3.27.3 by @dependabot[bot] in #211
- Bump com.google.googlejavaformat:google-java-format from 1.25.0 to 1.25.2 by @dependabot[bot] in #213
- Bump com.google.code.gson:gson from 2.11.0 to 2.12.1 by @dependabot[bot] in #215
- Bump sonar.python.version from 4.24.0.18631 to 4.26.0.19456 by @dependabot[bot] in #205
- fix issue 214, add test case by @n1ckl0sk0rtge in #216
- Bump org.junit.platform:junit-platform-launcher from 1.11.3 to 1.11.4 by @dependabot[bot] in #218
- Add support for MLKEM and MLDSA by @n1ckl0sk0rtge in #219
- Add SHA1 oid by @n1ckl0sk0rtge in #220
- Bump sonar.java.version from 8.8.0.37665 to 8.9.0.37768 by @dependabot[bot] in #204
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.1.0.102122 to 25.2.0.102705 by @dependabot[bot] in #217
- Bump sonar.plugin.api.version from 10.14.0.2599 to 11.1.0.2693 by @dependabot[bot] in #206
- update sonar api version, update rules meta data, update docker compose by @n1ckl0sk0rtge in #221
- Fix stack overflow error by @n1ckl0sk0rtge in #228
- Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 by @dependabot[bot] in #226
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.2 to 2.44.3 by @dependabot[bot] in #223
- Bump sonar.java.version from 8.9.0.37768 to 8.10.0.38194 by @dependabot[bot] in #222
- Add gcm parameter spec and tag related crypto assets by @n1ckl0sk0rtge in #229
- Add iv parameter spec by @n1ckl0sk0rtge in #230
- Update JcaPBEKeySpec, update test case for password output by @n1ckl0sk0rtge in #231
- update junit by @n1ckl0sk0rtge in #232
- fix pbe keylength interpretation; update tests by @n1ckl0sk0rtge in #233
- Add HMAC enricher, update test cases by @n1ckl0sk0rtge in #234
- Add gcm mode as part of detection for gcm parameter spec by @n1ckl0sk0rtge in #235
- Fix key type specification by @n1ckl0sk0rtge in #237
- add support for HSS and LMS for JCA by @n1ckl0sk0rtge in #239
- Update README.md by @n1ckl0sk0rtge in #242
- Fix missing message digest rules by @n1ckl0sk0rtge in #245
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.2.0.102705 to 25.3.0.104237 by @dependabot[bot] in #244
- Bump sonar.plugin.api.version from 11.1.0.2693 to 11.2.0.2797 by @dependabot[bot] in #240
- Fix CallStack exception by @n1ckl0sk0rtge in #246
- Update PythonSemantic by @n1ckl0sk0rtge in #247
- Update python plugin version by @n1ckl0sk0rtge in #250
- Bump org.cyclonedx:cyclonedx-core-java from 10.1.0 to 10.2.1 by @dependabot[bot] in #248
- Bump sonar.plugin.api.version from 11.2.0.2797 to 11.3.0.2824 by @dependabot[bot] in #249
- Bump com.google.guava:guava from 33.4.0-jre to 33.4.5-jre by @dependabot[bot] in #254
- Bump org.junit.platform:junit-platform-launcher from 1.12.0 to 1.12.1 by @dependabot[bot] in #252
- Bump junit.jupiter.version from 5.12.0 to 5.12.1 by @dependabot[bot] in #251
- Bump com.google.guava:guava from 33.4.5-jre to 33.4.7-jre by @dependabot[bot] in #260
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.3 by @dependabot[bot] in #259
- Bump com.google.googlejavaformat:google-java-format from 1.25.2 to 1.26.0 by @dependabot[bot] in #258
- Bump com.google.code.gson:gson from 2.12.1 to 2.13.1 by @dependabot[bot] in #266
- Bump junit.jupiter.version from 5.12.1 to 5.12.2 by @dependabot[bot] in #264
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.3 to 2.44.4 by @dependabot[bot] in #261
- Bump org.junit.platform:junit-platform-launcher from 1.12.1 to 1.12.2 by @dependabot[bot] in #269
- Bump com.google.guava:guava from 33.4.7-jre to 33.4.8-jre by @dependabot[bot] in #267
- Move to PQCA by @san-zrl in #276
- Update GitHub actions permission to push packages by @n1ckl0sk0rtge in #277
- Bump com.google.googlejavaformat:google-java-format from 1.26.0 to 1.27.0 by @dependabot[bot] in #273
- Update permissions to create mvn dependency graph by @n1ckl0sk0rtge in #278
- Replace IBM with PQCA in license header by @n1ckl0sk0rtge in #281
- chore: update CODEOWNERS by @ryjones in #282
- Bump sonar.python.version from 5.1.0.20567 to 5.4.0.22255 by @dependabot[bot] in #272
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.3.0.104237 to 25.5.0.107428 by @dependabot[bot] in #275
- Bump sonar.plugin.api.version from 11.3.0.2824 to 12.0.0.2960 by @dependabot[bot] in #280
- Bump advanced-security/maven-dependency-submission-action from 4 to 5 by @dependabot[bot] in #285
- Bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1 by @dependabot[bot] in #287
- Bump sonar.java.version from 8.10.0.38194 to 8.15.0.39343 by @dependabot[bot] in #288
- Bump junit.jupiter.version from 5.12.2 to 5.13.0 by @dependabot[bot] in #289
- Bump org.junit:junit-bom from 5.13.0 to 5.13.1 by @dependabot[bot] in #293
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.4 to 2.44.5 by @dependabot[bot] in #290
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.5.0.107428 to 25.6.0.109173 by @dependabot[bot] in #291
- Bump sonar.python.version from 5.4.0.22255 to 5.5.0.23291 by @dependabot[bot] in #298
- Bump org.bouncycastle:bcprov-jdk18on from 1.80 to 1.81 by @dependabot[bot] in #292
- Bump sonar.plugin.api.version from 12.0.0.2960 to 13.0.0.3026 by @dependabot[bot] in #303
- Bump the maven group across 10 directories with 1 update by @dependabot[bot] in #307
- Bump org.junit:junit-bom from 5.13.1 to 5.13.4 by @dependabot[bot] in #308
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.6.0.109173 to 25.8.0.112029 by @dependabot[bot] in #312
- Bump actions/checkout from 4 to 5 by @dependabot[bot] in #313
- Bump sonar.python.version from 5.5.0.23291 to 5.8.0.24785 by @dependabot[bot] in #314
- Bump sonar.java.version from 8.15.0.39343 to 8.18.0.40025 by @dependabot[bot] in #315
- Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 by @dependabot[bot] in #316
- Bump com.diffplug.spotless:spotless-maven-plug...
Contributors
ryjones, n1ckl0sk0rtge, and 2 other contributors
Assets 13
1.5.0
66f2ec5
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
What's Changed
- Bump actions/checkout from 5 to 6 by @dependabot[bot] in #351
- Bump the maven group across 10 directories with 2 updates by @dependabot[bot] in #350
- Bump cbomkit/cbomkit-action from 2.1.1 to 2.1.2 by @dependabot[bot] in #349
- Bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in #342
- Bump sonar.python.version from 5.9.0.25193 to 5.10.0.25429 by @dependabot[bot] in #334
- Update/cyclonedx 11.0.1 and sonar python 5.10.0.25429 by @san-zrl in #354
- Bump org.bouncycastle:bcprov-jdk18on from 1.81 to 1.82 by @dependabot[bot] in #335
- Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre by @dependabot[bot] in #336
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4 by @dependabot[bot] in #337
- Bump sonar.plugin.api.version from 13.1.0.3124 to 13.2.0.3137 by @dependabot[bot] in #338
- Add support for Golang (gocrypto) by @n1ckl0sk0rtge in #361
- Bump org.junit:junit-bom from 5.13.4 to 6.0.2 by @dependabot[bot] in #360
- Bump sonar.plugin.api.version from 13.2.0.3137 to 13.4.3.4290 by @dependabot[bot] in #359
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.46.1 to 3.2.0 by @dependabot[bot] in #358
- Bump org.codehaus.mojo:exec-maven-plugin from 3.5.1 to 3.6.3 by @dependabot[bot] in #357
- Bump sonar.python.version from 5.10.0.25429 to 5.16.0.29940 by @dependabot[bot] in #356
- Bump the maven group across 10 directories with 1 update by @dependabot[bot] in #355
- Add Go AES-GCM cipher mode detection rules by @n1ckl0sk0rtge in #363
Full Changelog: 1.4.8...1.5.0
Contributors
n1ckl0sk0rtge, dependabot, and san-zrl
Assets 13
1.4.8
What's Changed
- Fix NumberFormatException by @san-zrl in #332
- Generate CBOM by @san-zrl in #329
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.8.0.112029 to 25.9.0.112764 by @dependabot[bot] in #326
- Bump sonar.python.version from 5.8.0.24785 to 5.9.0.25193 by @dependabot[bot] in #327
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 by @dependabot[bot] in #328
- Bump sonar.plugin.api.version from 13.0.0.3026 to 13.1.0.3124 by @dependabot[bot] in #330
- Bump org.apache.maven.plugins:maven-shade-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #331
- updated deprecated checkClasses functions by @san-zrl in #333
- Fix issue 297 by @n1ckl0sk0rtge in #299
- fixed CCM8 encoding by @san-zrl in #341
- Added headless check to avoid failing test in hl env by @san-zrl in #345
- Fix: enrich asset collections by @san-zrl in #344
- chore/updated links to cbomkit org by @san-zrl in #347
Full Changelog: 1.4.7...1.4.8
Contributors
n1ckl0sk0rtge, dependabot, and san-zrl
Assets 12
1.4.7
What's Changed
Full Changelog: 1.4.6...1.4.7
Contributors
san-zrl
Assets 12
1.4.6
What's Changed
- Update python plugin version by @n1ckl0sk0rtge in #250
- Bump org.cyclonedx:cyclonedx-core-java from 10.1.0 to 10.2.1 by @dependabot[bot] in #248
- Bump sonar.plugin.api.version from 11.2.0.2797 to 11.3.0.2824 by @dependabot[bot] in #249
- Bump com.google.guava:guava from 33.4.0-jre to 33.4.5-jre by @dependabot[bot] in #254
- Bump org.junit.platform:junit-platform-launcher from 1.12.0 to 1.12.1 by @dependabot[bot] in #252
- Bump junit.jupiter.version from 5.12.0 to 5.12.1 by @dependabot[bot] in #251
- Bump com.google.guava:guava from 33.4.5-jre to 33.4.7-jre by @dependabot[bot] in #260
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.3 by @dependabot[bot] in #259
- Bump com.google.googlejavaformat:google-java-format from 1.25.2 to 1.26.0 by @dependabot[bot] in #258
- Bump com.google.code.gson:gson from 2.12.1 to 2.13.1 by @dependabot[bot] in #266
- Bump junit.jupiter.version from 5.12.1 to 5.12.2 by @dependabot[bot] in #264
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.3 to 2.44.4 by @dependabot[bot] in #261
- Bump org.junit.platform:junit-platform-launcher from 1.12.1 to 1.12.2 by @dependabot[bot] in #269
- Bump com.google.guava:guava from 33.4.7-jre to 33.4.8-jre by @dependabot[bot] in #267
- Move to PQCA by @san-zrl in #276
- Update GitHub actions permission to push packages by @n1ckl0sk0rtge in #277
- Bump com.google.googlejavaformat:google-java-format from 1.26.0 to 1.27.0 by @dependabot[bot] in #273
- Update permissions to create mvn dependency graph by @n1ckl0sk0rtge in #278
- Replace IBM with PQCA in license header by @n1ckl0sk0rtge in #281
- chore: update CODEOWNERS by @ryjones in #282
- Bump sonar.python.version from 5.1.0.20567 to 5.4.0.22255 by @dependabot[bot] in #272
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.3.0.104237 to 25.5.0.107428 by @dependabot[bot] in #275
- Bump sonar.plugin.api.version from 11.3.0.2824 to 12.0.0.2960 by @dependabot[bot] in #280
- Bump advanced-security/maven-dependency-submission-action from 4 to 5 by @dependabot[bot] in #285
- Bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1 by @dependabot[bot] in #287
- Bump sonar.java.version from 8.10.0.38194 to 8.15.0.39343 by @dependabot[bot] in #288
- Bump junit.jupiter.version from 5.12.2 to 5.13.0 by @dependabot[bot] in #289
- Bump org.junit:junit-bom from 5.13.0 to 5.13.1 by @dependabot[bot] in #293
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.4 to 2.44.5 by @dependabot[bot] in #290
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.5.0.107428 to 25.6.0.109173 by @dependabot[bot] in #291
- Bump sonar.python.version from 5.4.0.22255 to 5.5.0.23291 by @dependabot[bot] in #298
- Bump org.bouncycastle:bcprov-jdk18on from 1.80 to 1.81 by @dependabot[bot] in #292
- Bump sonar.plugin.api.version from 12.0.0.2960 to 13.0.0.3026 by @dependabot[bot] in #303
- Bump the maven group across 10 directories with 1 update by @dependabot[bot] in #307
- Bump org.junit:junit-bom from 5.13.1 to 5.13.4 by @dependabot[bot] in #308
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.6.0.109173 to 25.8.0.112029 by @dependabot[bot] in #312
- Bump actions/checkout from 4 to 5 by @dependabot[bot] in #313
- Bump sonar.python.version from 5.5.0.23291 to 5.8.0.24785 by @dependabot[bot] in #314
- Bump sonar.java.version from 8.15.0.39343 to 8.18.0.40025 by @dependabot[bot] in #315
- Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 by @dependabot[bot] in #316
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.5 to 2.46.1 by @dependabot[bot] in #317
- Bump actions/setup-java from 4 to 5 by @dependabot[bot] in #320
- Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 by @dependabot[bot] in #318
- Bump com.google.googlejavaformat:google-java-format from 1.27.0 to 1.28.0 by @dependabot[bot] in #319
- Remove vulnerabilities by @san-zrl in #321
- Chore/manage vulnerabilities by @san-zrl in #322
- Bump the maven group across 10 directories with 1 update by @dependabot[bot] in #323
- Bump the maven group across 10 directories with 1 update by @dependabot[bot] in #324
New Contributors
Full Changelog: 1.4.5...1.4.6
Contributors
ryjones, n1ckl0sk0rtge, and 2 other contributors
Assets 13
1.4.5
330f7d4
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
Contributors
n1ckl0sk0rtge
Assets 13
1.4.4
c036066
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
What's Changed
- add support for HSS and LMS for JCA by @n1ckl0sk0rtge in #239
- Update README.md by @n1ckl0sk0rtge in #242
- Fix missing message digest rules by @n1ckl0sk0rtge in #245
- Bump org.sonarsource.sonarqube:sonar-plugin-api-impl from 25.2.0.102705 to 25.3.0.104237 by @dependabot in #244
- Bump sonar.plugin.api.version from 11.1.0.2693 to 11.2.0.2797 by @dependabot in #240
- Fix CallStack exception by @n1ckl0sk0rtge in #246
Full Changelog: 1.4.3...1.4.4
Contributors
n1ckl0sk0rtge and dependabot
Assets 13
1.4.3
d998b0a
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
Contributors
n1ckl0sk0rtge
Assets 13
1.4.2
281f1c3
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
What's Changed
- fix pbe keylength interpretation; update tests by @n1ckl0sk0rtge in #233
- Add HMAC enricher, update test cases by @n1ckl0sk0rtge in #234
- Add gcm mode as part of detection for gcm parameter spec by @n1ckl0sk0rtge in #235
Full Changelog: 1.4.1...1.4.2
Contributors
n1ckl0sk0rtge
Assets 13
1.4.1
bcfe917
This commit was signed with the committer’s verified signature.
n1ckl0sk0rtge
Nicklas Körtge
What's Changed
- Fix stack overflow error by @n1ckl0sk0rtge in #228
- Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 by @dependabot in #226
- Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.2 to 2.44.3 by @dependabot in #223
- Bump sonar.java.version from 8.9.0.37768 to 8.10.0.38194 by @dependabot in #222
- Add gcm parameter spec and tag related crypto assets by @n1ckl0sk0rtge in #229
- Add iv parameter spec by @n1ckl0sk0rtge in #230
- Update JcaPBEKeySpec, update test case for password output by @n1ckl0sk0rtge in #231
- update junit by @n1ckl0sk0rtge in #232
Full Changelog: 1.4.0...1.4.1
Contributors
n1ckl0sk0rtge and dependabot