v36.1.1

What's Changed

• Migrate Advisory aliases field to M2M relationship by @keshav-space in #1784
• Fillup missing vulnerabilities summary by @TG1999 in #1767
• Bump django from 4.2.17 to 4.2.20 by @dependabot in #1797
• Stop github OSV importer crashes by @TG1999 in #1853
• Reorder importing order by @TG1999 in #1854
• Fix alpine linux importer by @TG1999 in #1861
• Make advisory content_id a unique field by @keshav-space in #1863
• Optimize export management command by @keshav-space in #1868
• Support running pipelines in scheduled task queue by @keshav-space in #1871
• Remove admin panel by @TG1999 in #1885
• Bump django from 4.2.20 to 4.2.21 by @dependabot in #1872
• Prepare for v36.1.0 by @TG1999 in #1886
• Update is_active help text in pipeline migration by @keshav-space in #1887
• Run release CI on Ubuntu 22.04 by @keshav-space in #1888

Full Changelog: v36.0.0...v36.1.1

v36.0.0

What's Changed

• Add indexes for models by @TG1999 in #1701
• Add fixed by package in V2 API by @TG1999 in #1706
• Add tests for num queries for views by @TG1999 in #1730
• Add postgresql conf in docker-compose by @TG1999 in #1733
• Add default postgresql.conf for local docker build by @keshav-space in #1735
• Add models for CodeFix by @TG1999 in #1704
• Migrate Alpine Linux importer to aboutcode pipeline by @keshav-space in #1737
• VCIO-next: Allow CVSS3.1 Severities in NVD by @TG1999 in #1738
• Add Pipeline to add missing CVSSV3.1 scores by @TG1999 in #1740
• Add description and reference to the latest release on the homepage by @keshav-space in #1743
• Use proper apk package type for Alpine by @keshav-space in #1739
• Optimize vulnerabilities view by @TG1999 in #1728
• Add CWE support in multiple importers by @ambuj-1211 in #1526
• Fast content ID migration by @keshav-space in #1795
• Add captcha for user signup by @TG1999 in #1822
• Move the package search box to the top by @keshav-space in #1832

Important

After upgrading to v36.0.0, run the pipeline shown below to migrate advisories to the new unique_content_id and remove duplicate advisories.

 python3 manage.py improve remove_duplicate_advisories

Full Changelog: v35.1.0...v36.0.0

v35.1.0

What's Changed

• Use AboutCode mirror for collecting CISA KEV by @keshav-space in #1685
• VCIO-next: Do not report ghost package as a fix for vulnerability by @keshav-space in #1679
• Prepare aboutcode.hashid v0.2.0 release by @keshav-space in #1687
• Add pipeline to sort packages by @TG1999 in #1686
• Fix urls for API by @TG1999 in #1678

v35.0.0

What's Changed

• Add support for storing exploitability and weighted severity by @ziadhany in #1646
• Avoid migrations on version bumps by @keshav-space in #1660
• Prepare v35.0.0rc1 by @TG1999 in #1664
• Add scores in bulk search V1 API by @TG1999 in #1675
• Prepare for release v35.0.0 by @TG1999 in #1677

Full Changelog: v34.3.2...v35.0.0

v35.0.0rc1

What's Changed

• Add improver pipeline to flag ghost packages #644 #917 #1395 by @keshav-space in #1533
• Add base pipeline for importers and migrate PyPa importer to aboutcode pipeline by @keshav-space in #1559
• Remove dupe Package.get_non_vulnerable_versions by @pombredanne in #1570
• Import data from GSD #706 by @ziadhany in #787
• Add curl advisories importer by @ambuj-1211 in #1439
• Update dependencies by @TG1999 in #1590
• Bump django from 4.2.0 to 4.2.15 by @dependabot in #1591
• Bump cryptography from 42.0.4 to 43.0.1 by @dependabot in #1582
• Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows by @dependabot in #1581
• Improve export command by @pombredanne in #1571
• Fix typo in Kev requests import by @ziadhany in #1594
• Prepare for release v34.0.1 by @TG1999 in #1595
• Bump upload-artifact to v4 by @keshav-space in #1596
• Migrate Npm importer to aboutcode pipeline by @keshav-space in #1574
• Use correct regex for CVE by @pombredanne in #1599
• Migrate Nginx importer to aboutcode pipeline by @keshav-space in #1575
• Migrate GitLab importer to aboutcode pipeline by @keshav-space in #1580
• Migrate GitHub importer to aboutcode pipeline by @keshav-space in #1584
• Migrate NVD importer to aboutcode pipeline by @keshav-space in #1587
• Match affected and fixed-by Packages by @johnmhoran in #1528
• Add management command to commit exported data by @keshav-space in #1600
• Add support to Exploits model by @ziadhany in #1562
• Fix 500 Server Error with DRF browsable API and resolve blank Swagger API documentation by @keshav-space in #1603
• Release v34.0.2 by @TG1999 in #1604
• Bump VCIO version by @TG1999 in #1605
• Bump django from 4.2.15 to 4.2.16 by @dependabot in #1608
• Bump fetchcode from v0.3.0 to v0.6.0 by @keshav-space in #1607
• Use 4-tier system for storing package metadata by @keshav-space in #1609
• Fix vers range crash by @pombredanne in #1598
• Add GitHub action to publish aboutcode.hashid PyPI by @keshav-space in #1615
• Segregate PackageRelatedVulnerability model to new models by @TG1999 in #1612
• Add documentation for new pipeline design by @keshav-space in #1621
• Fix 500 error in /api/cpes endpoint by @keshav-space in #1629
• Migrate pysec importer to aboutcode pipeline by @keshav-space in #1628
• Avoid memory exhaustion during data migration by @keshav-space in #1630
• Add support for Calculating Risk in VulnerableCode by @ziadhany in #1593
• Bulk create in migrations by @TG1999 in #1640
• Update README.rst by @TG1999 in #1641
• Prepare for release v34.1.0 by @TG1999 in #1642
• Add V2 API endpoints by @TG1999 in #1631
• Prepare for release v34.2.0 by @TG1999 in #1647
• Refactor severity score model and fix incorrect suse scores by @keshav-space in #1636
• Add bulk search in v2 by @TG1999 in #1649
• Prepare release v34.3.0 by @TG1999 in #1652
• Add on_failure to handle cleanup during pipeline failure by @keshav-space in #1651
• Fix API bug by @TG1999 in #1654
• Add reference score to package endpoint by @keshav-space in #1655
• Prepare for release v34.3.2 by @TG1999 in #1656
• Add support for storing exploitability and weighted severity by @ziadhany in #1646
• Avoid migrations on version bumps by @keshav-space in #1660
• Prepare v35.0.0rc1 by @TG1999 in #1664

New Contributors

• @ambuj-1211 made their first contribution in #1439

Full Changelog: v34.0.0...v35.0.0rc1

v34.3.2

What's Changed

• Add reference score to package endpoint by @keshav-space in #1655

Full Changelog: v34.3.1...v34.3.2

v34.3.1

What's Changed

• Add on_failure to handle cleanup during pipeline failure by @keshav-space in #1651
• Fix API bug by @TG1999 in #1654

Full Changelog: v34.3.0...v34.3.1

v34.3.0

What's Changed

• Refactor severity score model and fix incorrect suse scores by @keshav-space in #1636
• Add bulk search in v2 by @TG1999 in #1649

Full Changelog: v34.2.0...v34.3.0

v34.2.0

What's Changed

• Add V2 API endpoints by @TG1999 in #1631

Full Changelog: v34.1.0...v34.2.0

v34.1.0

What's Changed

• Bump django from 4.2.15 to 4.2.16 by @dependabot in #1608
• Bump fetchcode from v0.3.0 to v0.6.0 by @keshav-space in #1607
• Use 4-tier system for storing package metadata by @keshav-space in #1609
• Fix vers range crash by @pombredanne in #1598
• Add GitHub action to publish aboutcode.hashid PyPI by @keshav-space in #1615
• Segregate PackageRelatedVulnerability model to new models by @TG1999 in #1612
• Add documentation for new pipeline design by @keshav-space in #1621
• Fix 500 error in /api/cpes endpoint by @keshav-space in #1629
• Migrate pysec importer to aboutcode pipeline by @keshav-space in #1628
• Avoid memory exhaustion during data migration by @keshav-space in #1630
• Add support for Calculating Risk in VulnerableCode by @ziadhany in #1593
• Bulk create in migrations by @TG1999 in #1640
• Update README.rst by @TG1999 in #1641
• Prepare for release v34.1.0 by @TG1999 in #1642

Full Changelog: v34.0.2...v34.1.0