August 2023
Posted by Noah Lackstein about 1 month ago
- New issue inbox header to allow easier discovery of actions menu!
- Grouping issues by package is now the default for all issue inboxes!
- Bulk policy assignment within projects table
- Bulk label assignment within projects table
- New security filters:
- Fix available by upgrade distance.
- Whether a given remediation is a
Patch
,Minor
,Major
, orUnknown
semantic version increment.
- Whether a given remediation is a
- Exploit Maturity
- Whether a given CVE has a known exploit as defined by CISA exploited vulnerability catalog
- Fix available by upgrade distance.
- New general (Licensing, Security, Quality) issue filters:
- First Found
- Whether a given Issue has been detected within a selected time frame
- Anytime
- Last 7 days
- Last 14 days
- Last 30 days
- Whether a given Issue has been detected within a selected time frame
- First Found
July 2023
Posted by Noah Lackstein 2 months ago
- Auto Ignore Rules
- The ability to persist ignore decisions across projects, policy, and package versions!
- Added Auto-ignore and ignore rules for licensing issues Licensing Ignore Rules
- Added Auto-ignore and ignore rules for licensing issues Security Ignore Rules
- The ability to persist ignore decisions across projects, policy, and package versions!
- HTML reports visual refresh
- PDF reports visual refresh
June 2023
Posted by Noah Lackstein 3 months ago
- Added tutorial on adding custom licenses
- Added tutorial on editing a dependency
- Progressive dependency UI
- Upon completion of the
Applying build data
phase of any project analysis dependencies will now be available as we analyze them - Includes filter for dependency status:
- In-progress: Analyzing these dependencies
- Analyzed: Analysis complete for these dependencies
- Failed: An error occurred while analyzing these dependencies
- Upon completion of the
- Added Unique JIRA tickets per FOSSA issue to JIRA integration
- Added Organization Setting within Integration > JIRA to enable unique JIRA tickets per FOSSA issue as the default action
May 2023
Posted by Noah Lackstein 4 months ago
- An ability to add names when correcting to
custom-license
. These names will appear as thelicenseID
in reports
April 2023
Posted by Noah Lackstein 4 months ago
- SPDX report enhancements to meet updated NTIA minimum elements:
- supplier & organizer by default per package
- checksum per package by default per package
- Updated
creationInfo
- Contributor report changes to capture weekly snapshots including:
- Contributor summary
- Contributors last 90 days
- Contributors last 364 days
- Type
DELETE
for all project & release group deletion - Ability to select a JIRA project per issue type (Security, Licensing) in integration settings
- Org project label limit increased from
100
to500
- FOSSA Project Broker v0.2.0
March 2023
Posted by Noah Lackstein 6 months ago
- Project and version grouping for "First party licenses" in Release group CSV reports
- Declared vs Discovered license filters
- Fix available filter
- Partial Fix - Nearest update to fix the selected CVE.
- Complete Fix- Nearest update to fix all vulnerabilities found on this dependency
- Audit Due Diligence report fixes
- Saved Issue filters for new Issues UI
- Saved issue filters for
fossa test
and status checks
- Saved issue filters for
- Widespread go analysis improvements
- Fossa Project Broker MVP
February 2023
Posted by Noah Lackstein 6 months ago
- New Projects UI Projects UI - What’s New
- Auto-ignore Issues Beta
- Issues v2 for Release groups
- Additional Metadata for Global Issues
download CSV
ignoreReason
ignoreNote
userEmailWhoIgnored
team
- Performance improvement for fetching Git projects
- Added Sha256 validation to the FOSSA CLI download script
- Support for project labels via CLI
January 2023
Posted by FOSSA Product Team 8 months ago
- Set a custom organization-wide header for attribution reports
- Export Ignored issues as CSV
--detect-dynamic
Supports recursively inspecting binaries for dynamic dependencies (#1143)- Improved the output of
fossa test
(#1135) - Added support for Unity companion license and Unity package distribution license (#1136)
- 1Password integration to FOSSA CLI
- Added
yocto
support - Full FOSSA CLI Changelog can be found here
December 2022
Posted by FOSSA Product Team 10 months ago
- Expanded support for SPDX reports to output JSON
- Add support for vulnerabilities to CycloneDX reports
- Ability to filter files being scanned based on file path and extension (#1128)
- Added support for R via
renv
package manager - Improve detection of dual licenses