Changelog
Version 1.1.1 (December 11, 2024)
- Added support for
container:
style scan patterns
- Fixed issue where environment variables were not recognized by the
evaluate
and run-iq-cli
actions
Version 1.1.0 (November 22, 2024)
- Added support to generate a SARIF file as an artifact with policy violations findings
- Added support to upload evaluation results to GitHub Advanced Security
Version 1.0.5 (November 08, 2024)
Version 1.0.4 (October 10, 2024)
- Added optional download-url parameter for setup-iq-cli action
- Added support for CycloneDX v1.6 to fetch-sbom action
- Added IQ report link to the summary screen
- Improved the overall error message for run-iq-cli action failures
Version 1.0.3 (September 05, 2024)
Version 1.0.2 (August 19, 2024)
Version 1.0.1 (August 13, 2024)
- Fixed issue where the sonatype-iq-cli.jar file was incorrectly identified as a component
- The moduleExclude parameter now correctly supports a list of space-separated module names
Version 1.0.0 (July 19, 2024)