Changelog
Version 1.3.0 (March 06, 2025)
- Added both Priorities and Report URLs to Scan Results Summaries
- Added support for Java reachability analysis
Version 1.2.0 (February 05, 2025)
- Added branch name collection when a scan runs in a Git repository context
Version 1.1.2 (January 10, 2025)
- Added support for GitHub Enterprise Server runners to use upload-artifact@v3
- Fixed spawn E2BIG error when scan targets resolved to a big list of files
- Implemented post-execution tasks to leave self-hosted runners in a clean state
Version 1.1.1 (December 11, 2024)
- Added support for
container: style scan patterns
- Fixed issue where environment variables were not recognized by the
evaluate and run-iq-cli actions
Version 1.1.0 (November 22, 2024)
- Added support to generate a SARIF file as an artifact with policy violations findings
- Added support to upload evaluation results to GitHub Advanced Security
Version 1.0.5 (November 08, 2024)
Version 1.0.4 (October 10, 2024)
- Added optional download-url parameter for setup-iq-cli action
- Added support for CycloneDX v1.6 to fetch-sbom action
- Added IQ report link to the summary screen
- Improved the overall error message for run-iq-cli action failures
Version 1.0.3 (September 05, 2024)
Version 1.0.2 (August 19, 2024)
Version 1.0.1 (August 13, 2024)
- Fixed issue where the sonatype-iq-cli.jar file was incorrectly identified as a component
- The moduleExclude parameter now correctly supports a list of space-separated module names
Version 1.0.0 (July 19, 2024)