Skip to content

Releases: fabric8-analytics/fabric8-analytics-vscode-extension

0.3.4

07 Oct 06:38
762d2e3
Compare
Choose a tag to compare

0.3.4 (October 6th 2021)

  • fixes - [ISSUE] letsencrypted issue by moving to self-hosted. See #542

0.3.3

07 May 12:06
d818288
Compare
Choose a tag to compare

0.3.3 (May 6th 2021)

  • enhancement - Let language server know about the type of client and RedHat UUID. See #497
  • enhancement - Use lsp 0.4.26 to pass more data to api-server.See #186
  • enhancement - upgrade dev deps to fix vulns. See #514
  • enhancement - add dev-dependency disclaimer. See #519
  • fixes - [BUG] go run github.com/fabric8-analytics/cli-tools/gomanifest doesn't work, but gomanifest itself does, and the extension is trying for go run. See #504 #517
  • fixes - [BUG] Message 'Unable to execute 'go list'' command, run 'go mod tidy' to know more' keeps appearing. See #506 #511
  • fixes - [BUG] Analysis is triggered way too often (each keystroke). See #509 #516
  • fixes - [BUG] Duplicate "Dependency Analytics Report..." commands in command palette. See #512 #517
  • fixes - [BUG] Ignore unparseable files from telemetry reporting. See #513 #191

0.3.1

21 Jan 10:23
fd3511a
Compare
Choose a tag to compare

0.3.1 (January 21st, 2021)

  • fixes - status bar icon tries to open a report for the currently opened file. See #478 #479
  • fixes - LSP failure on vscode-insider and Che(node >= 12.16.0). See #481 #483

0.3.0

04 Jan 07:43
4384f9f
Compare
Choose a tag to compare

0.3.0 (January 4th, 2021)

  • enhancement - Support for Golang ecosystem. Plugin can now scan and identify vulnerability within module and package for golang software stacks. See #436
    • Identify direct and transitive vulnerability for modules and packages
    • Support for semver and pseudo version format
    • Provide early access to vulnerability data for modules and packages
    • Highlight and provide vulnerability details using alerts & messages
    • Recommend a non vulnerable version (if available)
  • enhancement - Use concise text for component analysis notification. See #472
  • enhancement - Show status bar text based on component analysis status. See #459
    • Notification will be shown only once per manifest in single session.
    • Further changes will be updated only via status bar.
  • enhancement - Updated fabric8-analytics-lsp-server to latest version (v0.4.19): See #469
    • Golang CA support from LSP. See #148
    • Handle replace directive from go.mod. See #162
    • Property tag support for pom.xml. See #172
    • Cache batch requests and avoid repeated api call for better user experience. See 176
    • Clear diagnostics before generating new set of diagnostics. See #177
  • fixes - Propagate errors from lsp server to client. See #432
  • fixes - Dependency UTM encoding issue. See #460
  • fixes - VsCode Extension: Dependency Details card needs minor improvements. See #295
  • fixes - Sort dependencies shown in stack report. See #260
  • fixes - Stop showing notification if no security vulnerability found. See #434
  • fixes - Extension overrides default keybinding for opening the debugger view. See #442
  • fixes - Output log opens everytime requirements.txt is opened. See #458
  • fixes - Diagnostics are not cleared when all vulnerabilities are removed. See #465
  • fixes - Property based versions are ignored on LS for maven. See #258

0.3.0-beta

10 Dec 06:11
9f01240
Compare
Choose a tag to compare
0.3.0-beta Pre-release
Pre-release

0.3.0-beta (Dec 10th, 2020)

  • enhancement - Support for Golang ecosystem. Plugin can now scan and identify vulnerability within module and package for golang software stacks. See #436
    • Identify direct and transitive vulnerability for modules and packages
    • Support for semver and pseudo version format
    • Provide early access to vulnerability data for modules and packages
    • Highlight and provide vulnerability details using alerts & messages
    • Recommend a non vulnerable version (if available)
  • enhancement - Show status bar text based on component analysis status. See #459
    • Notification will be shown only once per manifest in single session.
    • Further changes will be updated only via status bar.
  • enhancement - Updated fabric8-analytics-lsp-server to latest version (v0.4.15): See #459
    • Golang CA support from LSP. See #148
    • Handle replace directive from go.mod. See #162
  • fixes - Propagate errors from lsp server to client. See #432
  • fixes - Dependency UTM encoding issue. See #460
  • fixes - VsCode Extension: Dependency Details card needs minor improvements. See #295
  • fixes - Sort dependencies shown in stack report. See #260

0.2.1

09 Nov 13:21
31db67d
Compare
Choose a tag to compare

0.2.1 (November 9th, 2020)

  • enhancement - Updated fabric8-analytics-lsp-server to latest version (v0.4.2): See #440
    • Code-action to trigger Dependency Analytics Report. See #149
  • fixes - Report generation fails with virtualenv enabled python. See #404
  • fixes - Propagate errors from lsp server to client. See #432

0.2.0

07 Oct 13:14
170c5ac
Compare
Choose a tag to compare

0.2.0 (October 7th, 2020)

  • enhancement - Integration of user management to connect Snyk account with Dependency Analytics report, which enables advance vulnerability analysis for publicly known exploits and Snyk curated unique and pre-published security advisories.
  • enhancement - Add shortcut icon for Dependency Analytics Report in editor groups. See #418
  • enhancement - Use webpack to reduce extension loading time. See #359
  • enhancement - Updated fabric8-analytics-lsp-server to latest version (v0.3.2): See #420
    • Using component-analysis batch API with POST request method. See #125
    • Update Diagnostic Message. See #146
    • Show exploitable vulnerability count in Diagnostic Message. See #137
  • enhancement - Upadated Stack Report UI:
    • Snyk token submission modal to connect Snyk account with Dependency Analytics Report. See #161
    • View premium fields after connecting Snyk account with Dependency Analytics Report. See #157
    • Remove Github stats and Licenses details from Security Issues card. See #166
  • fixes - Can not navigate to Synk: Added postMessage to handle url click. See #403
  • fixes - Rename notification button with 'Click here for Detailed Vulnerability Report'. See #423
  • fixes - Update tags for extension to enable better prioritization in marketplace search. See #427

0.1.0

14 Jul 13:24
8cc4b8c
Compare
Choose a tag to compare

0.1.0 (July 14th, 2020)

  • enhancement - Integration with Snyk Intel Vulnerability DB, it is the most advanced and accurate open source vulnerability database in the industry. That adds value with the latest, fastest and more number of vulnerabilities derived from numerous sources and also includes Snyk curated unique and pre-published security advisories that come with early stage of vulnerability detection.
  • enhancement - Updated fabric8-analytics-lsp-server to latest version (v0.2.1): See #381
    • Different Underline color scheme for commonly known vulnerabilities and vulnerability unique to snyk. See #118
    • Updated Diagnostic Message: See #118
      • Number of Known Security Vulnerabilities and Security Advisories for each dependency.
      • Highest Severity of vulnerabilities for each affected Dependency. (Low/Medium/High/Critical)
      • Recommended version for dependencies having Known Security Vulnerabilities.
      • Added Snyk attribution “Powered by Snyk” in the source of the Diagnostic. See #121
      • Removed CVE-IDs from message.
  • enhancement - Upadated Stack Report UI: See #142
    • Updated Security Issue Card content: See #142
      • New headers for Security Issue.
      • Added Transitives as a sub-tab in the particular Direct Dependency.
      • Separate tabs for Commonly Known Vulnerabilities and Vulnerabilities Unique to Snyk.
      • Added Snyk Vulnerability ID in place of CVE-ID.
      • Added Vulnerability Titles with Severity (Low/Medium/High/Critical) and removed Tags.
      • Added hyperlink to package name, Snyk Vulnerability ID, and Vulnerability Titles.
    • Dependency Details card rearranged in order of preference.
    • Attribution to Snyk “Powered by Snyk” with a Sign UP/Sign In Hyperlink to Snyk Login page.
  • fixes - Upgraded typescript to fix tsc-watch misbehave. See #373
  • fixes - Upgraded node version to 14.x LTS. See #377
  • fixes - Quick fixes on hover don't show associated code actions however click on version does. See #297
  • fixes - A direct dependency included in manifest should not be shown as transitive dependency. See #337
  • fixes - CVE IDs should be hyperlinks to NVD. See #318
  • fixes - Visual artifact seen after taking corrective action from lsp. See #357
  • fixes - Opening manifest file does not show the scanned results. See #365

0.0.13

13 Sep 05:55
b75b5fb
Compare
Choose a tag to compare

0.0.13 (September 12th, 2019)

  • enhancement - Add python support. See #308
  • enhancement - Enable transitive(indirect) dependency report by default. See #330
  • enhancement - Show welcome message after upgrading to latest version. See #334
  • enhancement - Resolved dependencies are stored in target in workspace root. See #302
  • fixes - Dependency Analytics Report not generated if triggered via file explorer. See #299
  • fixes - Stop polling for stack-report if it takes any longer than 120 secs. See #304 #338 #352
  • fixes - Issue with running manifest file without having a workspace. See #314

2019.9.5

05 Sep 09:57
96f8d09
Compare
Choose a tag to compare
2019.9.5 Pre-release
Pre-release

2019.9.5 (Sep 5th, 2019)

  • enhancement - Show welcome message after upgrading to latest version. See [#334]
  • bug - Fix stack report polling frequency and duration. See [#338]