Release Notes

Interlynk's Platform release notes.

v3.4.2

July 24th 2025


✨ Release Highlights

This release focuses on performance optimization and user experience improvements across the platform. We've significantly reduced API calls throughout the application, resulting in faster load times and improved responsiveness. Additionally, we've enhanced security features and resolved critical accessibility issues.

🆕 New Features

🔒 Enhanced Security & Access Control

  • Restricted View Implementation: Added comprehensive access denial scenarios handling to improve security posture

  • SSO Tier Management: Removed SSO access from free tier to better align with enterprise security requirements

📋 Policy & Compliance Enhancements

  • Component Risk Conditions: New PolicyRule creation capability for advanced component risk management

  • SBOM Lifecycle Management: Disabled activities for end-of-life and end-of-support SBOMs to maintain data integrity

🔗 Attribution & Licensing

  • Declared License Support: Added declaredLicense field to attribution API for comprehensive license tracking

  • License Import Improvements: Enhanced license import functionality with better error handling

📊 Data Management

  • PURL Integration: Updated query mechanisms to include Package URL (PURL) for better component identification

  • Migration Support: Added backfill migration for declared_licenses_exp field in components

🛠️ Bug Fixes

🎯 Critical Fixes

  • 🐛 SBOM Vulnerabilities: Resolved order bugs in SBOM vulnerabilities resolver

  • 🐛 Application Stability: Fixed critical application crashes

  • 🐛 Organization Settings: Resolved empty organization settings with fallback UI implementation

♿ Accessibility Improvements

  • Patch Delete Button: Fixed accessibility issues for better screen reader support

  • Navigation: Resolved drawer close functionality issues

  • User Status Display: Fixed text visibility issues in user status indicators

🔧 User Interface Enhancements

  • Vulnerability Import: Resolved close action issues in vulnerability import wizard

  • Component Relationships: Fixed missing version information in component relationship view

  • Search Functionality: Fixed package search reset behavior on clear action

  • License Display: Improved license attributes column and expand view functionality

📱 User Experience Improvements

  • Form Validation: Added URL validation in license edit modal

  • Confirmation Dialogs: Added confirmation modal before deleting package overrides

  • Theme Management: Dynamic display of all theme colors on colors page

  • Navigation Links: Component link values now render as navigable URLs

  • Form Layout: Improved field alignment in automation rule creation forms

⚡ Performance Optimizations

🚀 API Call Reductions

Our engineering team has implemented significant performance improvements by reducing redundant API calls:

  • Component Patch Updates: Reduced from 27 → 1 API calls

  • Custom Vulnerability Creation: Reduced from 9 → 1 API calls

  • Organization Rules Update: Reduced from 6 → 1 API calls

  • User Role Updates: Reduced from 6 → 1 API calls

  • Applicable Compliance Updates: Reduced from 7 → 2 API calls

  • SBOM Policy Scan: Reduced from 24 → 1 API calls

  • Crypto Property Updates: Reduced from 27 → 1 API calls

🔧 Code Optimization

  • Component Modularity: Separated cryptoData query from component query for better performance

  • Code Cleanup: Removed unused components and repeated styling

  • Query Optimization: Improved CBOM analysis data queries to prevent over-fetching

  • Connection Updates: Optimized connection update functions for better response times

🧹 Code Quality Improvements

  • Component Refactoring: Enhanced component expand view and cryptography drawer components

  • URL Formatting: Centralized URL formatting logic into reusable utility functions

  • Search Logic: Improved search filter preview and usage validation

  • Form Management: Refactored edit cryptography and CBOM analysis components


v3.4.1

July 17th 2025


✨ Highlights

  • Azure AD Single Sign-On support for seamless enterprise authentication

  • Component Health Status Filtering to quickly isolate critical issues

  • Support for Custom License Strings in attribution reports (HTML + PDF)

  • Apply policy selectively to direct dependencies only

  • Improved license interpretation settings with support for custom and inferred licenses

  • Optimized SBOM request functions — API calls reduced from 6 ➡️ 1

  • Dozens of bug fixes, E2E test improvements, and UX consistency tweaks


🌟 New Features

  • Component Health Status Filtering Easily filter components by health status in the SBOM view

  • Azure AD Single Sign-On Integration Enterprise SSO just got easier

  • Custom License String Support Parsed and rendered in attribution PDFs & HTML

  • Settings to Control License Interpretation Choose how license lists are inferred or enforced

  • Apply Policies to Direct Dependencies Only Greater control over compliance scope

  • Organization Name in Notification Emails Clearer context for multi-org users

  • SBOM Part Logs & Deletion Support Operational visibility and control on part-level artifacts


🐞 Bug Fixes & Improvements

  • License attribution search improvements

  • Drawer overflow fixes and alignment issues for long product names

  • CVE entries now correctly link to NVD only

  • VEX updates work reliably for SBOM parts

  • Global search reflects latest data after product changes

  • Component edit and insights drawers now work as expected

  • SAML users now correctly associated with existing organizations

  • Fixed crash when viewing certain SBOM part combinations

  • UI consistency improvements across components, licenses, patches, and modals

  • Enhanced stability of E2E tests, including organization switching and SBOM workflows


🧰 Developer & Platform Updates

  • Reduced SBOM request API calls (from 6 → 1)

  • Optimized health status filter queries for speed

  • Introduced ecosystem metadata field to component model

  • Improved component and vulnerability edit experiences

  • Cleaned up policy terms and improved accessibility

  • Refactored CVE ID update logic for background jobs

  • Better reliability in Playwright-based tests


🗑️ Deprecations & Changes

  • Package Feature Removed from Free Tier


v3.3.9

July 10th 2025


✨ Release Highlights

This release brings significant improvements to vulnerability management, enhanced authentication capabilities, and substantial performance optimizations across the platform. Key highlights include Alpha Azure SAML SSO support, CBOM Visualizations & Editing , EPSS for OSV and major UI/UX enhancements.

🆕 New Features

🔐 Authentication & Security

  • Azure SAML SSO Support - Added comprehensive support for Azure SAML Single Sign-On integration

  • Enhanced Security Token Management - Refactored security token table into modular components for better maintainability

📊 Vulnerability Management

  • EPSS Integration - Enhanced EPSS (Exploit Prediction Scoring System) support for OSV vulnerabilities

  • Advanced Filtering & Sorting - Implemented comprehensive filters and sorting capabilities across all organizations

  • Environment-Based Filtering - Added environment filtering for vulnerability counts on the vulnerability page

  • Global Search Functionality - Introduced powerful search capabilities across the platform

📈 Reporting & Analytics

  • Compliance Dashboard Cards - Added new compliance cards to the main dashboard

  • Attribution HTML Export - Improved layout and styling for attribution HTML export pages

🔍 Component Management

  • CBOM Cryptography Editing - Implemented comprehensive CBOM (Cryptographic Bill of Materials) edit functionality

  • Async Component Loading - Enhanced component lists with lazy loading and async dropdowns for better performance

  • License Text Import - Added capability to import and manage license text data

🐛 Bug Fixes

🔧 Core Platform Fixes

  • SBOM Upload Issues - Resolved various SBOM (Software Bill of Materials) upload errors and reliability issues

  • CPE and PURL Parsing - Fixed critical parsing issues with Common Platform Enumeration and Package URL formats

  • Component Support Level - Corrected component support level calculation and display

  • Authentication Context - Fixed unauthenticated operations with proper current_user context

🎨 UI/UX Improvements

  • Modal Scroll Handling - Fixed modal scroll behavior for large content areas

  • External Link Icons - Resolved missing external link icons when vulnerability source is NVD

  • Breadcrumb Navigation - Fixed incorrect breadcrumb behavior on KBar navigation from Global Vulnerability page

  • Long Name Truncation - Implemented proper truncation for long project group names across the application

  • EPSS Column Display - Fixed EPSS column rendering issues in vulnerability tables

📱 Frontend Optimizations

  • Component Creation Optimization - Reduced API calls from 25 to 7 for component creation operations

  • Table Refactoring - Refactored users, requests, and organization tables for better performance

  • Modal State Management - Improved modal state handling and component organization

  • E2E Test Stability - Resolved multiple failing end-to-end tests across various workflows

🔄 Backend Improvements

  • Global Package Manager Optimization - Enhanced performance of global package manager operations

  • AppSignal Error Reporting - Implemented comprehensive error reporting and monitoring

  • Deployment Workflow Updates - Improved staging deployment processes with S3 build upload optimization

🧪 Testing & Quality Assurance

  • Enhanced E2E Test Coverage - Fixed and improved end-to-end tests for SBOM, components, security tokens, and organization workflows

  • Conditional Data Fetching - Implemented smart data fetching on table refresh operations

  • Test Reliability Improvements - Resolved failing tests in package, security token, and component workflows

🏗️ Infrastructure & DevOps

  • S3 Build Upload Optimization - Updated staging deployment workflow for improved build management

  • Source Map Removal - Enhanced staging deploy workflow to exclude source maps for security

  • Error Monitoring Integration - Added comprehensive AppSignal error reporting and issue tracking

v3.3.6

July 3rd 2025


Highlights ✨

This release brings significant improvements to performance, security, and user experience across the Interlynk Platform. We've focused on optimizing key workflows, enhancing SBOM management capabilities, and streamlining the user interface for better productivity.

Key Improvements:

  • 🔧 Major refactoring of API authentication flows for enhanced security

  • ⚡ Comprehensive query optimization reducing load times across the platform

  • 🛠️ Enhanced SBOM management with improved upload and processing capabilities

  • 🎨 UI/UX improvements for better user experience and accessibility

  • 📊 Advanced filtering and search capabilities for components and vulnerabilities

New Features 🌟

Authentication & Security Enhancements

  • 🔐 Refactored API Key Flow: Complete overhaul of API key management and GraphQL controllers for improved security

  • 🛡️ Enhanced OAuth Flow: Streamlined OAuth authentication with better error handling

  • 🔒 Conditional Authorization: Updated authorization checks with conditional organization permissions

  • 🌐 Unauthenticated Operations: Added support for whitelisted queries without authentication requirements

SBOM Management

  • 📦 CBOM Support: New support for Cryptographic Bill of Materials (CBOM) functionality

  • 📤 Improved SBOM Upload: Enhanced upload process with better error handling and validation

  • 🔄 Draft SBOM Handling: Improved management of draft SBOMs with conditional actions and logging

  • 🚫 System Log Protection: Prevented unauthorized access to system logs on draft SBOMs

Component & Vulnerability Management

  • 🏷️ NVD Alias Integration: Added NVD alias ID to vulnerability table columns for better identification

  • 📋 Component Metadata: Enhanced component metadata handling in attribution reports

  • 🔍 Advanced Filtering: Implemented license value filtering in attribution table filters

  • ⚡ Patch Management: Added patch edit options in component action menus

User Interface Improvements

  • 📊 Custom Vulnerability Table: Refactored vulnerability tables for improved performance

  • 🎯 Column Width Optimization: Adjusted column widths in global vulnerability tables for better visibility

  • 🔧 Internal Component Modal: Enhanced internal component modal interface

  • 📈 Project Support Table: Modular refactoring of project support tables

Performance Optimizations ⚡

Query Optimization

  • 🚀 GetProjectGroups Query: Optimized queries for create parts modal, compare component tools, and import wizard

  • 📊 SBOM Licenses Table: Removed unused fields from license table queries and CSV exports

  • ⏱️ Resolution Metrics: Optimized queries for resolution age, velocity, and patch velocity

  • 📝 Policy Results: Streamlined policy results queries by removing unnecessary fields

  • 📋 Changelog Queries: Optimized changelog queries for better performance

  • 🔄 Project Automations: Enhanced project automation queries with field optimization

Frontend Performance

  • ⚡ SBOM Build Optimization: Improved SBOM build processes for faster loading

  • 🔄 Gradual Polling: Fixed gradual polling issues on versions column for draft SBOMs

  • 📊 Custom Field Updates: Optimized custom field update operations

  • 🔍 Version Visibility: Enhanced version display with truncation and tooltip improvements

Bug Fixes 🐛

Authentication & Permissions

  • 🔧 OAuth2 Flow: Fixed critical issues with OAuth2 authentication flow

  • 👥 User Permissions: Resolved edit connection permissions at user level

  • 📧 Invite System: Fixed resend invite functionality that was triggering invalid email errors

  • 🔐 Reset Password: Corrected issues with password reset page functionality

SBOM Management

  • 📤 SBOM Upload: Fixed various SBOM upload issues and validation problems

  • 🔄 SBOM Activity Logging: Prevented unnecessary activity logging for draft SBOMs

  • 🔄 SBOM Refetch: Fixed SBOM update refetch issues

  • 📊 SBOM Check Actions: Prevented SBOM check actions from appearing in draft mode

Component & Vulnerability Management

  • 🔄 Policy Rescan: Fixed policy rescan bug affecting component updates

  • ⚠️ Violation Reset: Fixed bug preventing violation reset when components are updated to internal

  • 🔍 Component Creation: Resolved refetch issues on component creation

  • 📋 Component Metadata: Fixed rendering of empty component metadata fields in attribution exports

  • 🔗 Package Lookup: Fixed package lookup functionality in add component modal

User Interface Fixes

  • 🍞 Version Breadcrumb: Fixed breadcrumb updates when changing primary components

  • 🔍 Project Group Search: Resolved search functionality issues in customer view

  • 📊 Component Column Sorting: Fixed sorting issues in vulnerability tab component columns

  • 🔔 Notification Bell: Fixed layout issues with notification bell icon

  • 🔗 Vulnerability Links: Fixed NVD link functionality in vulnerability details

  • 📊 Vulnerability Status: Fixed status field indicators in vulnerability displays

  • 📋 Component Table Preview: Enhanced handling of empty fields in component table previews

Testing & Quality Assurance

  • 🧪 E2E Tests: Fixed product E2E test issues and add product button locators

  • 📊 Attribution Data: Resolved missing licenses in attribution data queries

  • 🔍 Version Table Actions: Fixed conditional display of version table actions based on lifecycle status

Technical Improvements 🔧

Code Quality

  • 🧹 Component Cleanup: Removed unused components and optimized codebase

  • 🎨 Icon Consistency: Cleaned up inconsistent icons across the platform

  • 📝 Copyright Update: Updated copyright year to 2025

  • 🔧 Modal Refactoring: Enhanced attribution license modal with full license text display

Attribution & Licensing

  • 📄 Attribution PDF: Improved PDF rendering by omitting empty fields in component metadata

  • 📝 License Management: Enhanced license edit modal with read-only fields and copy functionality

  • 🔍 License Filtering: Implemented comprehensive license type and value filtering in components table

Development Experience

  • 🔧 Sharelynk Dashboard: Removed version search step from dashboard tour for streamlined experience

  • ⚙️ Manufacturer Updates: Optimized organization manufacturer update processes

  • 📊 Vulnerability Metrics: Updated vulnerability metrics request handling

v3.3.4

June 26th 2025


✨ Highlights

This release brings significant performance improvements, enhanced authentication capabilities, and a more streamlined user experience across the platform. We've focused on optimizing key queries, refining the SBOM workflow, and improving component management features.


🆕 New Features

🔐 SBOM Formats & Import & Exports

  • CycloneDX 1.6 fully supported.

  • CycloneDX and SPDX Annotations Import & Exports now supported.

  • CycloneDX Pedigree for patches Import & Export now supported.

🔐 Enhanced Authentication System

  • Refactored JWT-based authentication flow with improved security and performance

  • V2 authentication flow now enabled across staging and production environments

  • Enhanced share user authentication with refined JWT handling

📊 Attribution Report Enhancements

  • Patch management support in attribution reports with comprehensive patch data export

  • Visual indicators for license differences in SBOM Attribution Table

  • Enhanced filtering capabilities for empty and unresolved licenses in attribution report exports

  • Selected item indicators to improve user visibility in attribution reports

🎯 Component Management Improvements

  • Component metadata handling with automatic add/update when global data is missing

  • Enhanced component identifier fields for better component tracking

  • Improved component visibility filters with required feature integration

  • Support level streamlining for component management

📋 SBOM Workflow Enhancements

  • SBOM draft functionality now available in free tier plans

  • Improved SBOM duplicate modal with updated interface

  • Enhanced SBOM general tab with better organization

  • Streamlined SBOM progress bar preview for better user experience

🔍 Search and Navigation

  • Search functionality added to organization selector dropdown

  • Sorting capabilities by project version in version tables

  • Improved breadcrumb consistency across product and component updates


🛠️ Improvements

⚡ Performance Optimizations

  • Massive query optimization initiative across multiple platform areas:

    • Health score update optimization

    • Users query optimization for CSV export

    • API keys query optimization

    • Latest versions query performance improvement

    • Organization rules query optimization

    • Permissions query enhancement

    • Dashboard imports table performance boost

    • SBOM versions table load time improvement with lazy loading

🎨 User Interface Enhancements

  • Accessibility warnings removal for better compliance

  • Layout consistency updates in latest import tables

  • Progress overview card improvements

  • Product label filter and list drawer refactoring

  • Global license table enhancements

  • Component vulnerabilities table improvements

  • Health score details view updates

📄 License and Compliance

  • Standardized license filters across attribution API and components API

  • Improved license expression formatting for proper display

  • Enhanced license type filter display strings


🐛 Bug Fixes

🔧 Core Platform Fixes

  • Fixed metrics collection issues across live and standard metrics

  • Resolved assembly relations problems

  • Fixed Global Package View to properly display all unique components scoped to organization

  • Corrected data migration issues

  • Fixed ID generation bugs

  • Resolved component types handling

🎯 User Interface Fixes

  • Fixed refetch issues on product updates and primary component checks

  • Resolved loading issues on policy submission

  • Fixed external link preview in component and vulnerability tables

  • Corrected breadcrumb inconsistencies on product and component updates

  • Fixed SBOM download issues in customer view

  • Resolved vulnerability status typos ("not affected")

📊 Attribution and Components

  • Fixed bugs on attribution page

  • Resolved global package manager query bugs

  • Fixed component visibility and filtering issues

  • Corrected vulnerability run status visibility

  • Added gradual polling for SBOM metrics

🔐 Security and Access

  • Removed custom vulnerabilities when associated with PURL or CPE

  • Fixed share user JWT authentication flow

  • Resolved permission and access control issues


🔧 Technical Improvements

🏗️ Infrastructure Updates

  • Updated deployment configurations with new git access tokens

  • Staticized staging docker compose file for better consistency

  • Environment variable updates for V2 authentication flow

📡 API Enhancements

  • Refactored AttributionsFinder with improved filtering capabilities

  • Enhanced notifications for all severity levels

  • Improved package manager performance across the platform

🎛️ Configuration Management

  • Default configuration handling for V2 authentication flow

  • Project settings optimization with minimal vulnerability scanning queries

  • Enhanced lifestage modal with project name and version details

v3.3.2

June 19th 2025


✨ Release Highlights

This release focuses on attribution filters, sbom duplication and bug-fixes across the platform. We've significantly optimized query performance, introduced new attribution APIs, and resolved critical bugs to deliver a more reliable and efficient platform.


🆕 New Features

📊 Attribution API Integration

  • License and Component Attribution Management: New comprehensive API for managing license and component attributions

  • Enhanced Attribution Reports: Improved PDF and HTML export layouts with better font styling and formatting

  • Attribution Report Optimization: Better layout design using Arial font and enhanced styling for professional documentation

🔄 SBOM Management Enhancements

  • SBOM Duplication: Added ability to duplicate manually built SBOMs with editing capabilities

  • Semantic Version Sorting: Implemented proper semantic versioning for SBOM sorting and organization

  • Product Lifecycle Filtering: Enhanced SBOM count filtering by product lifecycle stages

  • Draft Mode Improvements: Updated SBOM draft mode preview with new changes and prevented downloads in draft state

📈 Performance Optimizations

  • Query Performance: Massive improvements across vulnerability, component, and user permission queries

  • API Call Reduction: Optimized refetch logic and minimized unnecessary API calls throughout the platform

  • Database Optimization: Enhanced query performance for product vulnerability tables and customer views


🛠 Improvements

💡 User Interface Enhancements

  • Table Consistency: Ensured consistent layout across all platform tables

  • Column Updates: Added status columns to version tables and updated parts table columns

  • CVSS Display: Fixed CVSS cards to properly display missing vector values

  • Vulnerability Information: Enhanced vulnerability info section display

🔧 System Optimizations

  • Refetch Logic: Optimized refetch mechanisms for primary component, automation, policy, and project updates

  • ShareLynk Drawer: Refactored and improved ShareLynk drawer functionality

  • Package Management: Streamlined package update flow to minimize API requests

  • Global Updates: Optimized global support and license update processes

📱 User Experience

  • Email Configuration: Resolved email configuration integration issues

  • Customer View: Removed unnecessary status columns and API calls from customer views

  • Search Performance: Optimized kbar query by removing unwanted fields

  • Role Management: Improved create role modal performance and optimized role queries


🐛 Bug Fixes

🔧 Critical Fixes

  • Slack Notifier: Fixed NoMethodError for undefined method 'msg' in Notifier::Slack

  • Attribution System: Resolved attribution connection issues and crashes

  • Email Integration: Fixed email configuration integration problems

  • Refetch Issues: Resolved refetch problems during component updates and SBOM lifecycle changes

🛡 Stability Improvements

  • Duplicate Definition: Fixed duplicate method definition issues

  • Semver Sorting: Corrected semantic version sorting functionality

  • JIRA Integration: Fixed E2E test issues with JIRA integration

  • Product Status: Resolved refetch issues on product status updates

🎯 Minor Fixes

  • Typos and Display: Corrected various typos and improved display strings

  • Code Cleanup: Refactored compliance checks component and removed redundant props

  • Lifecycle Filters: Fixed lifecycle stage filter preview functionality


v3.3.1

June 12th 2025


🚀 Release Highlights

This release focuses on SBOM management improvements, performance optimizations, and enhanced user experience across the platform. Key highlights include the introduction of SBOM draft mode, Automatic Parts Sync, significant performance improvements for component queries, and streamlined PDF export functionality.

✨ New Features

SBOM Draft Mode

  • Draft Lifecycle Management: Introduced a new 'draft' lifecycle state for SBOMs, allowing users to work on SBOM development before finalizing

  • Enhanced Preview Experience: Improved visual feedback and preview capabilities for draft mode SBOMs

  • Conditional JIRA Sync: Added conditional preview for JIRA sync actions to better manage integration workflows

🔧 Performance Improvements

Query Optimization

  • Component Tab Performance: Optimized component tab queries for significantly better performance

  • Vulnerability Exports: Added optimized vulnerability queries for both CSV and global exports

  • Cache-First Policy: Implemented cache-first policy for SBOM components expanded fetching to reduce load times

  • Reduced API Calls: Minimized redundant API requests during component updates and SBOM update flows

SBOM Management

  • Automatic Parts Sync: Added automatic SBOM parts synchronization across projects for improved consistency

  • Streamlined Update Flow: Optimized SBOM update process to trigger only required API calls

🐛 Bug Fixes

Access Control & Security

  • Access Control Issues: Resolved critical access control bugs affecting user permissions

  • Permission Normalization: Normalized permission names for consistency across the platform

  • User Authentication: Fixed NoMethodError for ShareUser#generate_jwt functionality

SBOM Operations

  • Upload Modal: Refactored and fixed multiple issues with SBOM upload modal functionality

  • Summary Card Logic: Fixed description preview logic in SBOM summary cards

  • Loader Issues: Resolved SBOM upload loader display problems

  • Build Refetch: Fixed SBOM build refetch functionality after updates

  • Delete Refetch: Corrected refetch behavior after SBOM deletion

PDF Export Improvements

  • Layout Fixes: Corrected layout misalignment issues in SBOM PDF exports

  • Vulnerability Status: Fixed vulnerability status display in SBOM PDF exports

  • Attribution Page: Updated both PDF and HTML export template layouts for attribution pages

Component Management

  • Component Details: Enhanced component details card functionality

  • Support Modal: Updated component support modal preview based on resolved checks

  • Query Optimization: Fixed component query requests during component edits

  • UI Cleanup: Removed OpenSSF scorecard field from component UI for cleaner interface

Policy & Project Management

  • Global Policy Layout: Improved global policy table layout to prevent overlap issues

  • Project Settings: Updated project settings with latest parts check functionality

  • Policy Pages: Added excluded column to product and version policy pages

  • Project Deletion: Fixed critical project deletion functionality

Automation & Validation

  • Component Checks: Fixed NoMethodError when automation component checks encounter nil values

  • Support Level Validation: Resolved 'Actively Maintained' support level validation errors

  • Priority Determination: Updated system to skip determining priority from severity when appropriate

  • Organization Issues: Fixed organization deserialize error

🔄 Technical Improvements

  • Modal Refactoring: Comprehensive refactoring of SBOM upload modal for better maintainability

  • API Efficiency: Reduced redundant API calls across multiple workflows

  • Error Handling: Enhanced error handling for edge cases and nil value scenarios

  • Data Consistency: Improved data synchronization and consistency across projects

v3.2.9

June 6th 2025


✨ Highlights

This release brings significant enhancements to the Interlynk Platform with improved performance, new integrations, and enhanced user experience. Key highlights include:

  • 🔗 Linear Issue Tracker Integration - Seamlessly connect your vulnerability management with Linear

  • 📊 Enhanced SBOM Scanning - Improved policy, support level, and vulnerability tracking in scan jobs

  • 🔔 Smart Notifications - Incremental notifications for policy violations and new vulnerabilities

  • Performance Optimizations - Multiple query optimizations for faster data loading across the platform


🆕 New Features

🎯 Linear Issue Tracker Integration

  • Complete Linear integration for streamlined issue tracking

  • Support for markdown preview in issue descriptions

  • Generic ticket sync functionality for better workflow management

📋 Enhanced SBOM Capabilities

  • SBOM Parts in Scan Jobs: Now includes comprehensive policy, support level, and vulnerability data

  • Component Data Enhancement: Extended support for copying additional fields from primary components

  • Improved SBOM Comparison: Added end-to-end testing for SBOM comparison workflows

🔔 Advanced Notification System

  • Incremental Policy Notifications: Real-time alerts for policy violations

  • Vulnerability Notifications: Configurable notification options for new vulnerabilities

  • Smart Filtering: Enhanced notification management with better targeting

📊 Reporting & Export Improvements

  • Updated Attribution Reports: New layout for both HTML and PDF export formats

  • Enhanced Export Performance: Optimized CSV and Excel export functionality

  • Improved Report Styling: Consistent icon styling and better table formatting


🐛 Bug Fixes & Improvements

🔧 User Interface Fixes

  • ✅ Fixed package license preview display issues

  • ✅ Resolved table overflow problems in version columns

  • ✅ Fixed overlapping issues in parts overview cards

  • ✅ Corrected component expand view functionality

  • ✅ Fixed health map view rendering

  • ✅ Resolved attribution report dialog issues

⚡ Performance Optimizations

  • Query Optimization: Streamlined multiple database queries across components

    • Product page labels query optimization

    • HealthMap query field limiting

    • Package versions query optimization

    • Component data query improvements

  • Component Performance: Enhanced ProductInfo component with optimized state management

  • E2E Test Optimization: Reduced SBOM components test execution time

🛠️ Backend Improvements

  • Migration Fixes: Resolved database migration issues

  • Policy Logic: Fixed policy rescan functionality

  • Data Consistency: Improved vulnerability data handling and display

  • Component Cards: Enhanced performance and readability with better query optimization

📱 User Experience Enhancements

  • Table Components: Consistent styling across all table interfaces

  • Vulnerability Displays: Improved popover functionality and conditional severity previews

  • Modal Improvements: Enhanced policy modal and primary component check modal

  • Description Handling: Better truncation for component descriptions in summary cards


🔄 Technical Improvements

  • Refactored Components: Multiple component refactoring for better maintainability

  • Test Coverage: Enhanced E2E test coverage for critical workflows

  • Code Organization: Improved code structure for license expanded views

  • Automation Fields: Updated automation action fields with required changes

v3.2.8

May 29th 2025


🌟 Highlights

This release brings significant improvements to JIRA integration, enhanced analytics capabilities, and numerous bug fixes to improve platform stability and user experience. Key highlights include bulk JIRA ticket creation, lifecycle filtering for analytics, and Global Package Version Overrides & Management for Attributions.

✨ New Features

🔗 Enhanced JIRA Integration

  • Bulk JIRA Ticket Creation: Create multiple JIRA tickets at once with improved efficiency and user experience

  • JIRA Sync from Vulnerability Table: Trigger JIRA synchronization directly from the vulnerability management interface

  • Enhanced JIRA Settings: Updated fields and sync actions with improved configuration options

  • JIRA Description Field Updates: Better formatting and content for automatically generated JIRA tickets

  • JIRA Ticket Association Retention: Maintain ticket associations even when SBOM versions are updated

📊 Analytics & Reporting Improvements

  • Lifecycle Filter for Analytics: Filter analytics data by product lifecycle stage for better insights

  • Attribution Report Enhancements: New comprehensive attribution reporting capabilities

  • Enhanced Component Insights: Improved E2E testing and data retrieval for component analysis

🔧 Platform Enhancements

  • Global Package Version Management: Enhanced package version listing with override capabilities during attribution report generation

  • Organization Context Sync: Maintain consistent organization context across multiple browser tabs

  • Component Filter Query Updates: Dynamic component filters that update based on include_parts flag

🐛 Bug Fixes

🔒 Security & Vulnerability Management

  • Sharelynk Crash Fix: Resolved critical crash issue on vulnerability page in sharelynk

  • SBOM Vulnerability Query: Updated to omit retracted entries by default for cleaner results

  • Vulnerability Links Preview: Fixed parts vulnerability links preview functionality

🖥️ User Interface Improvements

  • Support Status Selection: Fixed support status selection behavior on tab changes

  • Product Tab Switching: Resolved onChange handler issues for seamless tab navigation

  • Settings Dropdown: Fixed dropdown preview behavior on page refresh

  • Policy Violation Drawer: Updated preview functionality for better user experience

  • Logs Column Preview: Fixed logs changed by column preview display

📦 Package & Component Management

  • Default Sorting: Improved default sorting in package version global listing

  • Package Override Modal: Enhanced UI and code improvements for better usability

  • Attribution Report Bulk Selection: Fixed bulk source select preference handling

  • License Data Validation: Enhanced license data validation with better expression handling

🔧 System & Performance Fixes

  • API Optimization: Removed unnecessary JIRA API calls from customer view for improved performance

  • Bitbucket Integration: Removed bitbucket from user integrations as part of cleanup

  • Component Filter Updates: Enhanced component filter query to properly retrieve parts data

  • Error Message Improvements: Updated error messages for better user understanding

  • CI Fixes: Resolved failing specs in continuous integration pipeline

  • Field Ordering: Fixed ordering for updated_at field across various components

v3.2.7

May 23rd 2025


Highlights ✨

  • 🔧 Enhanced JIRA Integration - Added environment-level default fields configuration for streamlined workflow management

  • 📊 Advanced Dashboard Filtering - New version lifestage filter support with improved product progress metrics visualization

  • 🐛 Resolved Vulnerability Count Issues - Fixed incorrect vulnerability calculations in dashboard analytics for accurate reporting

  • 🎨 Refreshed User Interface - Updated authentication layout, icons, and product settings for better user experience

  • ⚡ Performance Optimizations - Code refactoring and query optimizations across components for improved platform efficiency

🎯 New Features

JIRA Integration Enhancements

  • 🔧 Environment-Level Default Fields: Added support for configuring default JIRA fields at the environment level, streamlining issue creation workflows

  • 🧪 Enhanced E2E Testing: Comprehensive end-to-end test coverage for JIRA integration flows

Dashboard & Analytics Improvements

  • 📊 Version Lifestage Filtering: New dashboard filter support for version lifestage management

  • 📈 Product Progress Metrics: Restructured and improved product progress overview with better metrics visualization

  • 📋 Parts Overview Enhancement: Enabled parts overview cards across all dashboard tabs

Component Management

  • ✏️ Enhanced Component Editing: Added edit functionality for parts components with improved usability

  • 🔍 Latest Version Display: Component tables now display the latest version information for better visibility

  • 👁️ Improved Visibility: Adjusted vulnerability component columns for enhanced readability

User Interface Enhancements

  • 🎨 Refreshed Authentication Layout: Updated authentication page design for better user experience

  • 📱 Product Automation UI: Enhanced product automation interface and changelog table presentation

  • 🎯 Updated Icons: Refreshed icon set throughout the platform

  • 📄 PDF Layout Optimization: Improved product progress PDF generation with better layout and structure

  • 🔧 Custom Components: New reusable separator component for consistent UI elements

  • ⚙️ Settings Layout: Updated product settings interface for improved navigation

🐛 Bug Fixes

Vulnerability Management

  • 🔢 Fixed Vulnerability Counts: Resolved incorrect vulnerability count calculations in dashboard analytics

  • 📊 SBOM Vulnerability Status: Updated vulnerability run status to properly display in-progress state on SBOM pages

  • 🔄 Vulnerability Resolution: Fixed issues with vulnerability resolution workflows

Data Import & Processing

  • 📋 SPDX Import Fix: Resolved SPDX import functionality issues

  • 📝 SBOM Request Validation: Fixed SBOM request messaging when product name or version information is missing

  • 📅 Lifecycle Modal: Fixed SBOM lifecycle modal incorrectly saving cleared date values

Configuration & Validation

  • ✅ Address Validation: Added proper validation for configuration addresses before form submission

  • 🔔 Slack Notifications: Fixed internal Slack notification delivery issues

User Interface Fixes

  • 📊 SBOM Comparison: Updated SBOM comparison UI feedback and conditional rendering logic

  • 🧪 E2E Component Tests: Fixed E2E test reliability for component insights rendering

🔧 Technical Improvements

Code Quality & Performance

  • 🏗️ Code Structure Refactoring: Improved code structure and readability across multiple components

  • ⚡ Query Optimization: Optimized attribution report queries with improved state management and code reuse

  • 🧹 Component Restructuring: Enhanced component architecture for better maintainability


v3.2.5

May 16th 2025


Highlights ✨

  • Attributions Reports [Alpha Feature]

  • Basic Progress Reports

  • Notifications for Critical Vulnerabilities

  • Jira custom fields Support.

New Features 🚀

SBOM & License Management

  • 📊 Added support level metrics to SBOM GraphQL type [#2239]

  • 🔍 Added expression filter to licenses resolver [#2246]

  • 🔄 Implemented fixes for SPDX license import [#2234]

  • 💾 Improved dependency storage with unique deps feature [#2233]

JIRA Integration

  • ⚙️ Added support for custom JIRA fields [#2229]

  • 🧩 Implemented custom JIRA fields with UI improvements [#6323]

  • 🛠️ Fixed JIRA component field functionality [#6362]

Analytics & Reporting

  • 📈 Implemented Basic analytics reporting [#6250]

  • 📄 Added ability to export attribution reports [#6329]

  • 📊 Improved product progress report PDF export with charts and better layout [#6357, #6358]

  • 🖨️ Enhanced attribution report export with license text [#6356]

System Improvements

  • 📝 Added support status scan to change log [#2240]

  • 🔔 Added notice field to component model and mutations [#2242]

  • 📋 Added support scan logging in system logs [#2243]

  • 📝 Added logging for support level field changes [#2244]

  • 📨 Fixed email saving functionality [#2250]

  • 🔄 Added filters to project_groups field [#2232]

UI Enhancements

  • 🎨 Updated product labels card preview [#6328]

  • 🖼️ Updated icons for better visual consistency [#6270]

  • 🧩 Implemented conditional preview logic for part info cards [#6307]

  • 🎯 Updated compliance logo to match consistent design [#6347]

  • 📊 Updated Product Progress UI with fixes and improvements [#6352]

  • 📈 Updated EPSS, CVSS and CWE preview on vulnerability details page [#6354]

Bug Fixes 🐛

Notifications & Alerts

  • 🔔 Fixed notifications not being sent for newly matched vulnerabilities [#2241]

  • ✅ Added validation for Slack and Team webhook URLs [#6343]

  • 🔔 Updated custom toast icons [#6338]

UI & Display Issues

  • 🖥️ Fixed incorrect affected products in vulnerability view [#6325]

  • 🔄 Fixed half-circle icon display for unspecified VEX status [#6335]

  • 📊 Fixed version table rendering in customer view [#6339]

  • ✅ Fixed VEX status form validation [#6337]

  • 📏 Adjusted column width for vulnerability status [#6336]

  • 📐 Fixed part info cards alignment [#6348]

  • 🔢 Fixed pagination issue in support status table [#6363]

  • 🏷️ Added None type to severity tag component [#6365]

  • 🔍 Fixed custom vulnerability search function [#6366]

License Management

  • 📋 Fixed license list display [#2249]

Testing & Quality Improvements 🧪

  • ✅ Added E2E test for version lifecycle update flow [#6340]

  • ✅ Fixed SBOM upload E2E test [#6353]

  • 🔄 Refactored JIRA config modal for better performance [#6324]

v3.2.2

May 8th 2025


🌟 Highlights

  • GraphQL Subscriptions: Added support for GraphQL subscriptions using ActionCable for real-time updates

  • Automation Improvements: Introduced ability to copy version details from primary components

  • UI Enhancements: Standardized selection fields with LynkSelect throughout the platform

  • Performance Optimization: Improved component rendering to avoid unnecessary queries

🚀 New Features

Component Management

  • ✨ Added support to copy version from primary component (#6289)

  • 🔄 Setup code for GraphQL subscriptions using ActionCable (#2207)

  • 📊 Updated parts overview card with new design changes (#6300)

  • 🧩 Replaced scope dropdown with LynkSelect in component details (#6277)

User Experience

  • 🚀 Standardized selection fields in Product Settings with LynkSelect (#6278)

  • 🔗 Added navigation support to product from global vulnerability view (#6318)

  • 💾 CSV export now persists selected column configuration with sessionStorage (#6302)

Vulnerability Management

  • 📝 Added internal notes to vulnerability CSV export (#6290)

  • 📊 Included status fields in vulnerability CSV export (#6305)

🐛 Bug Fixes

UI & Layout

  • 🔧 Fixed UI overlap in Add Component Modal (#6282)

  • 🔍 Fixed parts tooltip issue in vulnerability table (#6280)

  • 🔧 Fixed VEX status layout and UI consistency issues (#6319)

  • 🔧 Fixed alignment for icon and status in vulnerability status import (#6322)

  • 🔧 Fixed component tree view (#6303)

Component Functionality

  • 🛠️ Fixed component scope update issue (#6281)

  • 🛠️ Fixed CWE list preview (#6291)

  • 🛠️ Fixed CWE field preview when data doesn't exist (#6299)

  • 🛠️ Disabled Scope Field in Component view for ShareLynk (#6283)

ShareLynk

  • 🔧 Resolved SBOM components query failure in ShareLynk (#6274)

Integrations

  • 🔗 Fixed Github connection card (#6316)

Data Management

  • 🔧 Fixed multiple license submissions with loading state (#6310)

  • 🔧 Fixed support CSV export (#6315)

Testing

  • ✅ Fixed e2e tests for product settings and support status (#6288)

  • ✅ Added E2E test for component notes and license status (#6317)

🧹 Code Improvements

  • 🔄 Modified logic for env based on aidash dev workflow (#2231)

  • 🧹 Removed duplicate utility functions (#6273)

  • 🧹 Component Notes Logic Cleanup (#6279)

  • 🧹 Removed supplier details from parts table (#6298)

  • 🧹 Conditionally render ProductGraphs to avoid unnecessary queries (#6272)

v3.2.1

May 2th 2025


✨ Highlights

  • Enhanced Webhook Functionality: Added PullRequestCreated and PullRequestUpdated triggers to expand integration capabilities

  • Improved Performance: Refactored database queries and component vulnerabilities import service for better efficiency

  • UI Improvements: Refreshed global search bar with new designs and enhanced dashboard experience

🆕 New Features

Backend Enhancements

  • 🔍 Added vulnerability_id and environment filter to ProjectsResolver

  • 🏷️ Added component_support_level field to query type

  • 🔄 Using source branch name as version name for better traceability

  • 🔑 Added GitHub token for staging environment

Frontend Improvements

  • 📊 Added parts overview section with new cards for better component visualization

  • 🗑️ Added reusable delete confirmation component for list items

  • 💾 Implemented dashboard card state persistence using localStorage

  • 🔎 Added async product search filter to global vulnerability view

  • 📝 Added refresh action to policy table

🐛 Bug Fixes

Backend Fixes

  • 🔧 Fixed incorrect number of 'unspecified' items

  • 🧹 Refactored component vulnerabilities import service

  • 🗃️ Optimized database queries for efficiency

  • 🗑️ Improved record removal functionality

Frontend Fixes

  • 🎨 Fixed global license table header

  • 🎯 Fixed drag and drop issue for dashboard cards

  • 🔍 Fixed global vulnerabilities search

  • 🧩 Fixed support analysis function

  • 📥 Updated support CSV download function

  • 🔎 Fixed analytics filter logic

  • 📋 Fixed support status E2E test

  • 🔗 Fixed component link test

  • 🔄 Fixed CPE Editor autocomplete disappearance issue

  • 📝 Fixed ShareLynk vulnerability links

  • 🎭 Fixed component filters incorrect query

  • 📊 Fixed support table preview

  • 📃 Fixed error when downloading SBOM excel sheet

  • 🔧 Fixed status update issue for parts vulnerability

  • 🔄 Fixed component license update issue

  • 🛠️ Fixed admin navbar overlap issue

  • 🖼️ Fixed component insights display issue

  • 👁️ Fixed support status not displaying in SBOM support status tab

UI Improvements

  • 🎨 Removed unused assets to optimize project size

  • 👨‍💻 Updated executive dashboard with new changes

  • 🔧 Adjusted save pending alert position in component identifiers

  • 📊 Updated vulnerability table styling

  • 🔄 Refactored global vulnerability table

  • 🎨 Enhanced sidebar and breadcrumb with subtle colors and better interaction

  • 🧹 Updated admin navbar styling

  • 🎯 Implemented outline icons globally

  • 📑 Refactored SBOM component table layout

  • 📱 Improved initial loading experience after login

v3.1.9

April 17th 2025


Interlynk Platform Release v3.1.9 📦

Release Highlights ✨

This release introduces several improvements to the Interlynk Platform, focusing on enhanced filtering capabilities, better label management, and improved user experience across various components. Key highlights include:

  • 🏷️ Bitbucket Project Label Support - Integration of Bitbucket project information as labels

  • 🔄 Product Lifestage Filtering - New filtering options at version level

  • 🛠️ SBOM Download Improvements - Added support status parameters

  • 📊 Health Score Calculations - Refactored to handle "NA" values properly

  • 🧹 UI/UX Improvements - Multiple usability and interface enhancements

New Features 🚀

Label Management

  • 🏷️ Added Bitbucket label handling to repository service and data migration (#2173, #6118)

  • 🔄 Refactored global label filter for improved performance (#6154)

  • ✉️ Enhanced label delete flow with a toast message for better feedback (#6172)

Filtering & Export

  • 🏁 Added lifestage filter at version level (#2165)

  • 🏁 Enabled product lifestage filter throughout the application (#6053)

  • 📊 Added include_support_status argument to SBOM download (#2179, #5977)

  • 📋 Updated Component CSV Export with correct data and missing fields (#6113)

  • 📋 Added Part column to vulnerability CSV export (#6165)

UI Enhancements

  • 📝 Made product description expandable for large content (#6128)

  • 🎨 Implemented row highlight on hover for better table navigation (#6110)

  • 🔄 Updated organization activity cards layout (#6140)

  • 📊 Fixed component insights preview (#6171)

Bug Fixes 🐛

UI Fixes

  • 🔧 Fixed graphql warnings (#2181)

  • 🔧 Fixed global vulnerability sorting issues (#2192)

  • 🔧 Fixed Jira users listing (#2193)

  • 🔧 Fixed Product Group Breadcrumb Duplicates (#6108)

  • 🔧 Fixed Vulnerability Links UI Jump and Button Disable Logic (#6114)

  • 🔧 Fixed CWE list to display 'N/A' when invalid CWE values are present (#6115)

  • 🔧 Fixed username preview (#6120)

  • 🔧 Fixed component health score issue (#6152)

  • 🔧 Fixed shared component table with part details (#6161)

  • 🔧 Fixed SBOM actions spacing (#6167)

  • 🔧 Added null check to prevent crash in expandable text component (#6149)

Functional Fixes

  • 🔧 Refactored health score calculations to handle "NA" values (#2188)

  • 🔧 Fixed custom vulnerability create function (#6138)

  • 🔧 Fixed assessment expire field (#6153)

  • 🔧 Fixed global vulnerability edit permission for non-admin users (#6162)

  • 🔧 Fixed Export to only include Part name in Vulnerability CSV Export (#6176)

Code Improvements 🧰

Component Refactoring

  • 🧰 Improved connection card component code (#6112)

  • 🧰 Made Delete Button reusable and consistent across app (#6100)

  • 🧰 Cleaned up Config modal component and improved code structure (#6123)

  • 🧰 Refactored support and users data export mapping for improved clarity (#6130)

  • 🧰 Improved SBOM support card component code (#6136)

  • 🧰 Refactored Edit Button Component for reusability and consistency (#6129)

  • 🧰 Refactored SBOM alternatives drawer (#6139)

  • 🧰 Refactored global policy table (#6150)

Testing Improvements

  • 🧪 Fixed Labels E2E tests (#6119)

  • 🧪 Optimized Security Token CRUD E2E Test Time (#6124)

  • 🧪 Fixed role E2E test (#6125)

  • 🧪 Fixed product label E2E test (#6126)

  • 🧪 Updated GitHub actions schedule timing for playwright tests (#6145)

Security & Dependencies

  • 🔒 Bumped serialize-javascript from 6.0.1 to 6.0.2 (#6117)

  • 📦 Updated all patch-level dependencies to latest versions (#6104)

v3.1.7

April 10th 2025


🚀 Highlights

Interlynk Platform v3.1.7 brings significant improvements to the user interface, vulnerability management, and SBOM functionality. This release focuses on enhancing the overall user experience with the introduction of LynkSelect components across multiple features, improved CSV export capabilities, and several critical bug fixes.

✨ New Features

UI Enhancements

  • LynkSelect Implementation 🎨

    • Replaced standard select components with LynkSelect in multiple areas:

      • Vulnerability Edit Links (#6038)

      • Support Status Bulk Edit (#6040)

      • Relationship Drawer (#6024)

      • Automation Rule Conditions (#6056)

    • Enhanced CSV Export with Add/Remove All Columns functionality (#6059)

    • Updated action buttons in Component Links and Relationships Edit (#6058)

Vulnerability Management

  • Advisory System Improvements 📋

    • Added new drawer for vulnerability advisory list (#6065)

    • Updated vulnerability expand view with advisory list (#6107)

    • Fixed advisory link issues (#6083)

    • Updated vulnerability information for non-CVE entries (#2170)

SBOM Enhancements

  • Component Information Access 📦

    • Added SBOM Component PURL and CPE Modals in Customer View (#6079)

    • Implemented copy to clipboard functionality for CPE and PURL (#6095)

    • Improved Archived SBOM list drawer component and query (#6063)

    • Refactored SBOM details component for better performance (#6077)

Support Status Management

  • Support Status Workflow 🔄

    • Updated component support status system (#2166)

    • Fixed support status update logic (#6066)

    • Added conditional preview for product label filter (#6075)

Backend Improvements

  • Security Updates 🔒

    • Updated OSV client (#2169)

    • Fixed policy failures (#2175)

    • Updated vulnerability information query (#2176)

🐛 Bug Fixes

UI Fixes

  • Fixed layout issues in policy conditions section (#6057)

  • Resolved CVSS Vector display issues in main view (#6061) and customer view (#6078)

  • Fixed UI breaking issue in customer view vulnerabilities (#6076)

  • Corrected version data display in support status expanded component (#6067)

  • Fixed incorrect rendering of policy condition fields (#6096)

  • Removed accessibility warnings for improved compliance (#6097)

Functional Fixes

  • Fixed validation for community count thresholds (#6062)

  • Corrected support status drawer with required changes (#6060)

  • Fixed support status preview (#6074)

  • Resolved component link and relationship CRUD functionality E2E tests (#6082)

  • Fixed support expand view (#6084)

  • Corrected License Expression in SBOM License CSV Export (#6085)

  • Fixed Support Level data in SBOM Support Status CSV Export (#6087)

  • Fixed UI break in Vulnerability CWEs List when no data is present (#6103)

  • Corrected typo in email connections description (#6109)

  • Fixed rendering issues in policy and automation fields (#6111)

  • Fixed CWE link in vulnerability expand view (#6088)

  • Fixed vulnerability advisory link preview (#6094)

🔧 Other Improvements

  • Refactored Bitbucket Config Modal for optimizations (#6064)

  • Removed support action and filters from component table (#6081)

  • Updated seed data (#2171)

  • Updated CSV export fields and headers for Support Status (#6102)

v3.1.6

April 4th 2025


Release Highlights ✨

  • Enhanced Vulnerability Management: Added support for CWE & Advisories persistence, improved NVD client implementation, and custom vulnerability handling

  • Improved UI Components: Integrated LynkSelect across multiple platform areas for better user experience

  • Lifecycle Support: Implemented SBOM lifecycle for dashboard based on project and enabled lifecycle support at the version level

  • Performance Optimizations: Refactored package lookup and storage logic to use normalized PURL format

New Features 🆕

Backend Improvements

  • ✅ Added NVD client implementation

  • ✅ Added support for webhook secrets

  • ✅ Implemented bulk create and update capabilities for support levels

  • ✅ Added SBOM lifecycle for dashboard based on project

  • ✅ Implemented license notification on license components

  • ✅ Refactored package lookup and storage to use normalized PURL format

UI Enhancements

  • ✅ Refactored SBOM vulnerability table

  • ✅ Integrated LynkSelect across multiple UI components:

    • Support Checks

    • Upload Modal

    • Life Stage Modal

    • Component Support

    • Component Relations

    • Request Accept Modal

    • Role Deletion

    • Links Edit

    • Policy Rule Modal

    • PURL Editor

    • Switch Environment Modal

    • Custom Vulnerability Modal

    • License Status Drawer

    • Pagination Select

  • ✅ Updated support status check form

  • ✅ Updated assessment expiration field

  • ✅ Enhanced product and version tables

  • ✅ Added dashboard card for version lifestage

  • ✅ Improved component links preview

Bug Fixes 🐛

Backend Fixes

  • ✅ Fixed NVD client issues

  • ✅ Fixed rubocop job

  • ✅ Fixed EPSS KEV job

  • ✅ Fixed vulnerability metrics to consider environment

  • ✅ Fixed issues with custom vulnerabilities

  • ✅ Removed bad data affecting system performance

UI Fixes

  • ✅ Fixed component links preview

  • ✅ Fixed automation, license and health permissions

  • ✅ Fixed version breadcrumb

  • ✅ Fixed request table actions

  • ✅ Fixed CSV download bug - properly handling comma in strings

  • ✅ Fixed version lifestage API call

  • ✅ Fixed component relationship E2E tests

  • ✅ Fixed breadcrumbs layout issue for product and version name

  • ✅ Fixed SBOM license update issue

  • ✅ Fixed bulk VEX update with required validation

  • ✅ Fixed user details modal

  • ✅ Fixed vulnerability severity graph

Other Improvements 🔧

  • ✅ Updated Ruby gems

  • ✅ Added new test for organization score settings

  • ✅ Added new test for component support status

  • ✅ Added conditional preview for product label card

  • ✅ Truncated long descriptions from vulnerability info page

  • ✅ Added retries and updated timeout for E2E tests

  • ✅ Disabled CSV download when no columns are selected

v3.1.5

March 27th 2025


Interlynk Platform Release v3.1.5

🌟 Highlights

  • Enhanced Component Management: Improved SBOM vulnerability component code and refactored component links for better performance

  • Enrich Java Packages: Enrich java components from maven central.

  • Bitbucket: Support Searching & Pagination.

  • Security Enhancements: Added KEV details for CSV exports from Vulnerabilities

  • Performance Optimizations: Optimized E2E tests by reusing authentication state

  • Backend Improvements: Added cron job for cleaning up webhook events

🚀 New Features

Backend Enhancements

  • ✨ Add cron job for cleaning up webhook_events (#2104)

  • ✨ Feature/enrich maven (#2128)

  • ✨ Add pagination support for bitbucket repositories (#5908)

  • ✨ Update age score limit (#5936)

  • ✨ Add KEV details for CSV Export from Vulnerabilities (#5955)

UI/UX Improvements

  • ✨ Create Reusable ToggleVisibilityButton for Password Fields (#5921)

  • ✨ Integrate LynkSelect in Config Modal (#5926)

  • ✨ Integrate LynkSelect in Invite User Modal (#5927)

  • ✨ Integrate LynkSelect in License Modal (#5932)

  • ✨ Add loading indicator for license creation and update process (#5937)

  • ✨ Integrate LynkSelect in Edit Custom Vulnerability Drawer (#5966)

  • ✨ Integrate LynkSelect in Change Role Modal (#5967)

  • ✨ Integrate LynkSelect in Vulnerability Custom Field Modal (#5968)

  • ✨ Update bitbucket icon (#5947)

🐛 Bug Fixes

Security Fixes

  • 🔒 Support deprecated flag for cpe & remove from CPE autocomplete (#2137)

  • 🔒 Remove token create permission from user level (#5956)

  • 🔒 Fixed viewer role permissions (#5976)

Component Management

  • 🛠️ Improve SBOM Vulnerability Component Code (#5917)

  • 🛠️ Fixed component tag in SBOM license table (#5930)

  • 🛠️ Update the logic for previewing End-of-Support field (#5928)

  • 🛠️ Refactor SBOM archived check logic for reusability (#5933)

  • 🛠️ Fixed component actions preview (#5952)

  • 🛠️ Refactor Component Links (#5957)

  • 🛠️ Refactor SBOM component table (#5961)

  • 🛠️ Fixed component relation preview logic (#5979)

User Interface

  • 🎨 Hide Component Support Filter for Free Tier and Customer View (#5918)

  • 🎨 Fix Policy CRUD E2E tests (#5920)

  • 🎨 Fixed routes flag hook (#5941)

  • 🎨 Update toast message for component creation (#5943)

  • 🎨 Fix License Modal Bug and Refactor Code (#5946)

  • 🎨 Fixed ENV filter styling on vulnerability page (#5962)

  • 🎨 Remove version search field from SBOM details page (#5964)

  • 🎨 Update column sizing in custom vulnerability table (#5975)

  • 🎨 Fixed misc styling issue (#5980)

Performance & Optimization

  • ⚡ Handle exceptions with specific error logging (#2139)

  • ⚡ Refactor RepositoryConnection code to get value of total_count (#2126)

  • ⚡ Remove unused components (#5923)

  • ⚡ Remove org connection API call from customer view (#5929)

  • ⚡ Cleanup unused queries (#5931)

  • ⚡ Refactor request modal (#5938)

  • ⚡ Remove licenseAutoComplete API call from customer view (#5939)

  • ⚡ Add conditional preview for global vuln filters (#5940)

  • ⚡ Refactor vuln product drawer (#5942)

  • ⚡ Refactor component links tab (#5944)

  • ⚡ Cleanup Unused Utility Functions (#5950)

  • ⚡ Optimize E2E Tests by Reusing Auth State (#5948)

  • ⚡ Update Patch Dependencies (#5958)

  • ⚡ Optimize SBOM Request E2E Test (#5959)

  • ⚡ Optimize Policy CRUD E2E Test (#5960)

  • ⚡ Optimize Support CRUD E2E Test (#5970)

  • ⚡ Fix and Optimize License E2E Test (#5971)

v3.1.3

March 20th 2025


🎯 Highlights

  • React 18 Upgrade: Major frontend framework upgrade from React 17.0.2 to React 18.3.1

  • UI Enhancements: LynkSelect integration across multiple components

  • Improved Component Management: Bulk edit support status across versions/parts

  • Enhanced Analytics: Executive dashboard improvements

  • BitBucket: New webhook events now supported.

✨ New Features

User Interface Improvements

  • 📊 Added Executive Dashboard card for number of SBOMs in specific lifecycle

  • 🔍 Implemented search functionality to RepositoriesConnection and updated query type

  • ⌨️ Added Kbar shortcut from Policy Details page and improved navigation

  • 🔄 Integrated LynkSelect in multiple components:

    • Component Add Modal and related fields

    • Build version drawer

    • Vulnerability status component

    • VEX modal component

    • Policy modal dropdowns

Repository Management

  • 🗑️ Implemented Bitbucket repository deletion service

  • 🔄 Support for PullRequestMerged event with environment and version generation

Component Management

  • ✅ Added ability to bulk edit component support status across versions/parts

  • 🏷️ Added internal tag to the support status drawer

  • 🔄 Refactored component relationship drawer with reusable component

🐛 Bug Fixes

UI and User Experience

  • 📋 Fixed header alignment in vulnerability table

  • 🎭 Fixed VEX custom field validation

  • 🛑 Fixed UI crash on User Role Delete modal

  • ⬛ Updated dark mode color for regex highlighter

  • 📅 Fixed incorrect theme for calendar field

  • 📏 Adjusted column widths in license table to improve readability

  • 📊 Fixed System Log visibility issue

  • ✅ Added loader to Role Delete Modal

  • 📊 Fixed pagination item count in Global Vulnerability Affected Products

Data Management

  • 📤 Fixed export functionality for searched users and user lists

  • 🧩 Fixed support level with NA disappearing when sorting

  • 📧 Fixed email retention issue on login

  • 📊 Updated support CSV export with part information

  • 🔄 Enabled filters during user export

  • 📊 Updated column order for support status export

  • 🔄 Added sorting for support end date and support level

  • 📉 Fixed analytics to zero-out data when not available

  • 🚫 Removed assessment expiration when no longer maintained

  • 🛑 Removed assessment expiration from support bulk edit

Backend Improvements

  • 🔧 Refactored Packages processor for improved PURL handling

  • 🛠️ Fixed GitHub update job

  • 🔄 Updated repositories job

  • 🗃️ Fixed migration issues

  • 📊 Fixed project vulnerability metrics

  • 📑 Fixed indexes on component support override

E2E Tests

  • 🧪 Fixed SBOM E2E tests

  • 🧪 Fixed SBOM General tab Author E2E tests

  • 🧪 Fixed SBOM Components E2E tests

  • 🧪 Fixed SBOM Vulnerabilities E2E tests

Technical Debt & Maintenance

  • 🧹 Removed unused components

  • 🔄 Updated patch versions for dependencies

  • 🔄 Updated minor versions for dependencies

  • 📚 Added ESLint rule to prevent direct drawer imports

  • 🔄 Refactored Configuration Modal and removed redundant code

  • 📜 Updated jspdf to the latest version

  • 🔄 Updated apollo-upload-client to the latest version

  • 🔧 Improved SBOM Components code

v3.1.2

March 12th 2025


  • Minor release to fix crashing job process.

v3.1.1

March 11th 2025


🚀 Highlights

This release brings significant improvements to component support management, enhanced SBOM capabilities, and new integrations with source code management tools. We've also made the user interface more intuitive and fixed several important bugs to ensure a smoother experience.


🎁 New Features

📊 Component Support Management

  • Bulk Update Support Status - Update multiple components at once to save time

  • 📥 CSV Export with Support Details - Export all your component support data including parts support level

  • 🗓️ Assessment Expiration Dates - Assessment expiration days now converted to specific dates for clarity

  • 🏷️ Improved Support Status UI - Clearer icons, tooltips, and visual indicators

🔄 Source Code Integrations

  • 🧩 Bitbucket Integration - Full Bitbucket configuration interface with webhook support

  • 🔗 Enhanced Repository Connections - Improved GitHub connection handling

  • 🔁 Webhook Improvements - More reliable event handling for source code changes

👥 User Management

  • 📋 User CSV Export - Export user information to CSV for external reporting

  • ⏱️ Improved Invitation Flow - Added loading indicators when managing user invitations

  • 📄 Enhanced User Table - Fixed display issues in the user management interface

  • 📱 Organization User Pagination - Better handling of large user lists with pagination

📑 SBOM Enhancements

  • 🔍 Comparison Layout Improvements - Clearer visualization when comparing SBOMs

  • 🖱️ Drag and Drop Upload - Enhanced SBOM upload with full-screen drag and drop support

  • 🏁 Auto-Archive for Ready Status - Automatic archiving when SBOM reaches ready state

  • 🧰 Updated SBOM Info Card - Clearer information display on the tools page


🔧 Enhancements

💫 User Interface Improvements

  • 🎨 Standardized Table Layouts - Consistent design across product details and changelog views

  • 🔍 Refactored Filter Components - More intuitive filtering across all tables

  • 📏 Fixed Text Cropping - No more cut-off text in version tables

  • 🏷️ Required Field Indicators - Clear marking of required PURL fields

  • 🔢 Better Pagination - Hide controls when not needed and show total item counts

🛡️ Vulnerability Management

  • 🎯 Direct Only Filtering - New filter option for component and vulnerability tables

  • 🔗 Impacted Products View - See all affected products in Global Vulnerability View

  • 📊 Dashboard Status Counts - Fixed vulnerability severity status counts on dashboard

  • 🔍 Expanded View Improvements - Integrated detail components for better information display

⚡ Performance Optimizations

  • 🚀 Lazy Loading in Dropdowns - Faster loading in Tools Product List

  • ⚙️ License Loading Optimization - More efficient license processing

  • 📈 Improved Memory Management - Better application performance and stability

  • 🔌 Enhanced Database Connections - More reliable database operations


🐞 Bug Fixes

  • 🛠️ SBOM Status Issues - Fixed SBOM not ready state when vulnerability scan is disabled

  • 🔄 SBOM Comparison - Resolved runtime errors in comparison functionality

  • 🔍 Search Shortcut - Fixed disappearing search shortcut bug

  • 📝 VEX Status History - Fixed data display issues in vulnerability status history

  • 🏷️ Component Support Tags - Fixed run status indicators

  • ✉️ Email Configuration - Improved validation for email settings

  • 👤 Author Creation - Fixed issues with creating new authors

  • 🔗 Repository Connections - Resolved issues with Bitbucket integration


🔒 System Improvements

  • 📋 Enhanced Logging - Better system logging capabilities

  • 🔍 Code Quality - Added ESLint rules to restrict console logs

  • ✉️ Email Security - Updated email validation for better security

  • 📊 Monitoring Enhancements - Improved error handling and system monitoring


v3.1.0


  • Release Error

v3.0.9

Feb 27th 2025


🔥 Highlights

  • 🚀 Dependent Auto-Completion in CPE Editor – Improves accuracy and efficiency.

  • 🛠 Major Refactoring – Multiple drawers now use LynkDrawer for a more consistent UI.

  • 🔍 Enhanced Analytics & Metrics – Process execution time, Patch Velocity updates, and improved component expand view.

  • 🎨 UI/UX Improvements – New severity & EPSS styling, input field theme updates, and better support for different viewports.

  • 🔐 Security & Compliance – Fixes to login notification handling, email verification, and product lifecycle tracking.

  • 📢 Notifications & Reports – Improvements in product notifications and report notification cleanup.

✨ New Features & Enhancements

  • ✅ CPE Editor Auto-Completion – Dependent fields now auto-complete based on previous values. [#5660]

  • ✅ System Logs with Execution Time – Added process execution time tracking. [#5668]

  • ✅ Product Auto-Archive Feature – New settings introduced for auto-archiving inactive products. [#5686, #2012]

  • ✅ Enhanced Rule Import – Drag and drop works across the entire screen with improved stability. [#5679]

  • ✅ Kbar Navigation Enhancements – New route flags added from the Vulnerability Details page. [#5683]

  • ✅ Support Tab Updates – Now includes required information for better insights. [#5698]

🛠 UI & UX Improvements

  • ✅ LynkDrawer Refactor – Standardized UI for multiple drawers,.

  • ✅ Analytics Page Optimization – Improved layout for different viewports. [#5687]

  • ✅ Severity & EPSS Styling Updates – Better visual cues for security issues. [#5688]

  • ✅ Scrollbar Hidden in LynkDrawer – Provides a cleaner look. [#5674]

  • ✅ Updated Component Expand View – Now includes support details. [#5670]

  • ✅ Reordered Product Settings Tags – Improves accessibility. [#5707]

  • ✅ Support Status Drawer Enhanced – Additional details added. [#5725]

  • ✅ Compliance Card Styling Fixes – Ensures consistent appearance. [#5694]

  • ✅ Updated Component Version Column – Added required spacing for better readability. [#5696]

🐞 Bug Fixes

  • ✅ Forgot Password Link Alignment – UI fix for better visibility. [#5661]

  • ✅ Fix PURL and CPE Preview Tag Issues – Ensures correct tag rendering. [#5671]

  • ✅ Fix UI Breaking in Component Support Modal – Prevents layout issues. [#5672]

  • ✅ Fix Security Tokens, Roles & Internal Components Alignment – Ensures proper display. [#5723]

  • ✅ Fix Patch Velocity Metrics – Now zeroed out like other metrics. [#5708]

  • ✅ Fix Support CSV Export – Resolves incorrect exports. [#5709]

  • ✅ Fix Login Notifications – Now triggers only for actual user logins. [#2027]

  • ✅ Fix Filter for Multiple Fields in Labels – Improves accuracy. [#2015]

  • ✅ Prevent Forgot Password Email Bombing – Strengthened security. [#1996]

  • ✅ Fix Disabled Products in Lifecycle Calculations – Improves lifecycle tracking. [#2014]

v3.0.8

Feb 20th 2025


🚀 Highlights

  • Performance Improvements: Optimized various API queries, reducing redundant calls and improving dashboard performance.

  • Enhanced SBOM Actions: Added support for SBOM actions mutation and refined SBOM upload and comparison.

  • Component Support Level: Full Support for component level support.

  • Policy & Compliance Updates: New filters for policy details and global policy lists.

  • GitHub Integration: Improved GitHub client functionality and token handling.

🆕 New Features

  • License Status Update: Added the ability to update license_status on components. (#1945, #5564)

  • Global Policy Filters: Introduced filters to refine policy searches. (#1962, #5574)

  • SBOM Actions Mutation: Added mutation support for SBOM actions. (#1988)

  • Support Level Download API: Implemented an API for downloading support levels. (#1974, #5618)

  • Re-run Support Analysis: Added a new action for rerunning support analysis. (#5642)

🛠️ Bug Fixes

  • SBOM Upload & Processing:

    • Fixed end-to-end (E2E) test issues with SBOM uploads. (#5593, #5644)

    • Corrected repository lookup logic. (#1984)

    • Fixed invalid SBOM notification update count. (#1986)

  • Dashboard & Vulnerability Fixes:

    • Resolved double vulnerability severity counting. (#1980)

    • Fixed vulnerability lookup form and styling. (#5603, #5612)

    • Optimized vulnerability query execution. (#5598, #5605)

  • UI & UX Improvements:

    • Standardized combo-box styling. (#5650)

    • Improved component insights and support preview. (#5610, #5611)

    • Fixed various layout and styling inconsistencies. (#5612, #5614, #5633, #5655)

  • Policy & Compliance Fixes:

    • Fixed typo in policy conditions component. (#5607)

    • Refactored policy creation modal. (#5604)

    • Updated policy result queries for efficiency. (#5599)

📈 Performance Improvements

  • Optimized API Calls:

    • Reduced product stage API calls from 7 to 1. (#5588)

    • Optimized vulnerability severity API calls from 5 to 1. (#5589)

    • Streamlined environment total counts API. (#5651)

    • Improved SBOM comparison query execution. (#5649)

  • Refactoring & Cleanup:

    • Removed unused imports, hooks, and components. (#5594, #5656, #5657)

    • Introduced a reusable fetchNodes utility function. (#5638)

    • Enhanced vendor root path validation with regex matching. (#5634)

v3.0.7

Feb 13th 2025


🚀 Highlights

  • Major refactoring and optimizations across SBOM components and compliance modules.

  • Enhanced UI components with improved styling and usability.

  • Introduced new policy violation page and lifecycle stage updates.

  • Improved support for free-tier users with updated dashboards and feature restrictions.

✨ New Features

  • Reusable UI Components: Created reusable divider, drawer, and label components for better UI consistency. (#5507, #5540, #5541)

  • Policy Violation Page: Added a dedicated policy violation page with required details. (#5518)

  • Executive Dashboard Enhancements: Introduced new filters for better dashboard analytics. (#5539)

  • Improved Component Notes Drawer: Implemented the Components Notes Drawer using LynkDrawer. (#5554)

  • Global Variables: Added global lists for severity levels and VEX types. (#5567, #5572)

  • New Lifecycle Stage: Added a new product lifecycle stage for better categorization. (#5552)

🛠️ Bug Fixes

  • Fixed crash when API returns null for license autocomplete. (#5517)

  • Fixed UI crash when switching tabs after expanding policy table. (#5521)

  • Fixed incorrect count of products in 'None' lifecycle stage. (#1960)

  • Fixed failing SBOM build and changelog E2E tests. (#5551, #5553)

  • Fixed error 500 on re-running automation. (#1956)

  • Fixed organization and product E2E tests. (#5550, #5569)

  • Fixed empty graphs, updated formulas, and stylistic changes. (#5581)

  • Fixed regular expression logic for better accuracy. (#5528)

  • Fixed incorrect parts checkbox logic in SBOM download dialog. (#5583)

  • Fixed CPE and PURL editor issues. (#5584, #5585)

  • Fixed PURL version check. (#5547)

  • Fixed layout issues in SBOM download menu. (#5555)

  • Fixed changelog table styling for dark mode. (#5542)

🔄 Refactoring & Improvements

  • SBOM Compare Code: Refactored SBOM comparison logic in tools and version lists. (#5144)

  • Compliance Tab Update: Refactored SBOM compliance tab for improved performance. (#5520)

  • Free Tier Enhancements:

    • Hide compliance and parts checkbox in SBOM download. (#5548)

    • Hide product by label for free-tier users. (#5546)

    • Update dashboard by removing restricted metrics. (#5563)

    • Remove label select in import status for free tier. (#5565)

    • Centralized free-tier check logic. (#5577)

  • Performance Optimizations:

    • Removed unused components, variables, and mutations. (#5509, #5510, #5578, #5576)

    • Improved default checkbox styling in tables. (#5523)

    • Updated SBOM reprocess function for better efficiency. (#5516)

    • Updated vulnerability graphs API with paginated queries. (#5586)

    • Optimized routing logic for global vulnerability access. (#5545)

    • Refactored customer check logic in useProjectGroup. (#5575)

    • Centralized route checks logic in a dedicated hook. (#5571)

v3.0.6

Feb 5th 2025


Highlights

Interlynk Platform v3.0.6 introduces enhanced filtering, model validation improvements, and multiple UI/UX refinements to improve overall user experience. This release also includes essential bug fixes and performance optimizations.

New Features

  • Filter by Project Group Label IDs in daily metrics, providing more granular insights (#1929).

  • Refresh Token Implementation to enhance authentication flow (#1796).

  • OSV Lookup Integration for vulnerability management (#1917).

Improvements

  • Model Validation Enhancements: Updated validation logic for organization settings and schema updates (#1928).

  • Health Icons in Action Panels for improved visibility (#5417).

  • Executive Dashboard Enhancements: Added business unit filtering (#5438).

  • Lifecycle Updating Feature moved to SBOM Details Page (#5444).

  • Component Insights & Icons Refinements (#5412).

  • New Graphs for Vulnerability Age & Identification Velocity (#5502).

Bug Fixes

  • Fix Resetting of All Compliance (#1930).

  • Fix Retraction Issues (#1927).

  • Fix Custom Vulnerability Issues (#1923).

  • Resolve Login Error Handling (#5463).

  • Fix User Registration Button Disable Bug (#5473).

  • Remove Environment Selector from Author Modal in SBOM Detail Page (#5475).

  • Fix Lifecycle Modal Bug: Remove Lynk Alert on Close (#5458).

  • Fix Global Env State Link to Global Vulnerability Env Filter (#5454).

  • Fix Component Relationship CRUD E2E Test (#5498).

  • Fix Import Vulnerability Status Functionality E2E Test (#5496).

  • Fix Parts Functionality E2E Test (#5495).

v3.0.5

January 27th 2025


Highlights of New Features and Improvements

SBOM Lifecycle Management

Introduced a feature to seamlessly manage and update SBOM lifecycles. (#5410)

Executive Dashboard Enhancements

Dashboard now populates with key data to improve high-level decision-making. (#5415)

Severity and CVSS Metrics

Added Severity and CVSS Scores to the Vulnerability View Page for better risk assessment. (#5418)

Improved Dashboard UI

Updated the dashboard with new graphs and data for better insights. (#5362, #5419)

Streamlined Component Lookup

Enhanced the UX for faster and easier component search. (#5383)

Contribution Suppression

Added the ability to suppress specific contribution types. (#1922)

Validation and Modal Enhancements

Manufacturer and component add modals updated with required validations and new changes. (#5398, #5408)

Health Scoring Updates

Stylistic and functional updates made to health scoring for improved usability. (#5387, #5405)

Bug Fixes

  • Fixed alignment issues in component notes. (#5396)

  • Resolved inconsistencies in component insight data. (#5390)

  • Fixed issues with the Vulnerability Info View and included Known Exploited Vulnerabilities (KEV) in the expanded view. (#5407)

  • Removed unnecessary component warnings. (#5404)

  • Addressed multiple entries in metric aggregation reports. (#5420)

Other Improvements

  • Updated description tags with icons for better visual clarity. (#5389)

  • Implemented UI improvements across the platform for a more cohesive experience. (#5409)

  • Improved tools loading view for better user feedback. (#5406)

  • Added an end-to-end test for organization creation and switching workflows. (#4752)

v3.0.4

January 23rd 2025


Highlights of the Release

The v3.0.4 release introduces significant enhancements to platform usability, performance, and compliance workflows. With additional features such as improved filtering, enriched SBOM operations, and a variety of bug fixes, this update reinforces our commitment to delivering a robust and user-friendly experience.


New Features

  • Annotate Gem Initialization: Enhanced annotation capabilities with the addition of the annotate gem to streamline development workflows. [#1905]

  • Attach Existing Custom Vulnerabilities to SBOMs: Simplified vulnerability management by allowing custom vulnerabilities to be linked directly to SBOMs. [#1902]

  • Package Lookup Functionality: Added the ability to perform detailed package lookups, leveraging Package URLs (PURLs) for precision. [#1907, #1913]

  • Score Settings in Command Bar: Easily access and adjust score settings via the command bar for a more seamless experience. [#5369]


Enhancements

  • Policy Rule Violations Finder: Extended filtering options for more granular policy rule violation analysis. [#1870]

  • Weight Control for Package Health Logic: Enabled fine-tuned control over package health calculations to improve reporting accuracy. [#1898, #5029]

  • Updated Plan Details View: Improved clarity and accessibility in the plan details interface. [#5341]

  • Refactored Components: Significant refactoring of components, including CVSS, CPE, and PURL info cards for better maintainability and performance. [#5342, #5365]

  • Improved SBOM Operations:

    • Fixed SBOM creation tool tests. [#5351]

    • Enhanced SBOM general tab functionality. [#5375]

    • Updated SBOM end-to-end tests for increased coverage. [#5366, #5384]

  • Compliance and Vulnerability Management:

    • Removed compliance selector and custom vulnerability actions for free-tier users, streamlining operations. [#5349, #5350]

    • Improved vulnerability table preview for customer view. [#5370]


Bug Fixes

  • Health Score Calculations:

    • Resolved issues with health score bugs and null breakdowns. [#1912, #1919]

    • Fixed health score fields validation. [#5382]

  • Concurrency Control: Controlled the concurrency of workflows and jobs to prevent resource contention. [#1908]

  • Date Filter: Fixed a bug with date filtering for component vulnerabilities. [#1909]

  • Custom Vulnerability Operations: Addressed issues with custom vulnerability creation and operation support. [#1915, #5380]

  • General Fixes:

    • Fixed typos, calculation errors, and stylistic changes in various areas. [#1919, #5360]

    • Resolved modal auto-closing issues in SBOM tabs. [#5375]

    • Fixed missing brace errors. [#5367]

    • Corrected end-to-end test failures across SBOM and components. [#5359, #5376, #5384]

    • Fixed color code validation issues. [#5353]


Performance Improvements

  • Refactoring and Cleanup:

    • Refactored utility functions for better code reuse and readability. [#5336, #5356, #5357]

    • Removed unused global states and redundant functions. [#5345, #5355]

    • Cleaned up policy table and automation column components. [#5363, #5364]

  • Loading Feedback: Added feedback for the refresh button to enhance user experience during data updates. [#5372]


Security Updates

  • X-Permitted-Cross-Domain-Policies: Implemented additional security headers to ensure stricter domain access controls. [#5378]

v3.0.3

January 14th 2025


📋 Highlights

  • Introduced Defect Density Calculation Service to provide deeper insights into project health.

  • Added Reconcile Service to ensure vulnerability data remains consistent across the platform.

  • Enhanced custom fields for workflow integration, supporting more personalized workflows.


New Features

  • Defect Density Calculation: Introduced the DefectDensityService to calculate defect density for projects, offering better visibility into overall project health.

  • Reconcile Service: Implemented a reconciliation service to prevent mismatches in vulnerability data across different sections of the platform.

  • Custom Fields for Workflow Integration: Enhanced workflow integrations by allowing custom fields, making it easier to tailor workflows to specific needs in tools like Jira.


🛠 Improvements

  • Annotatable Support in Changelogs: Replaced the term annotation with annotatable to improve consistency in changelogs.

  • Global Vulnerability Table Refactor: Refactored the Global Vulnerability Table for better performance and a cleaner interface.

  • System Logs Update: Updated system logs to support new scan types, improving traceability.

  • SBOM Selection Issue Fixed: Resolved various SBOM selection issues, ensuring a smoother experience across workflows.

  • Email Styling Enhancements: Improved the styling of email templates for better readability and consistency.


🐞 Bug Fixes

  • Compliance Bug in SBOM Score Report: Fixed an issue where compliance reports failed when the report format was present but not selected.

  • Vulnerability Status History Fix: Resolved an issue where vulnerability status history did not display imported statuses correctly.

  • Vendor Page Redirection: Fixed a redirection issue on the vendor page.

  • 404 Page Setup: Implemented a 404 error page for better user experience when navigating invalid links.

  • Component Description Preview Update: Updated component previews to improve readability.

  • Invalid Expressions Handling: Improved error handling to manage invalid expressions, preventing crashes.

  • Dashboard Redirection Issue: Fixed redirection issues when navigating through the dashboard.


🔧 Other Fixes and Enhancements

Issue

Description

Fixed email styling

Improved email template readability

Compliance list preview update

Updated compliance lists with new styling

Fixed analytics filter issue

Resolved issues with filtering analytics data

Product delete modal verification

Added input verification to the product delete modal

Update policy expand view

Enhanced policy expand view for better UX

Fixed SBOM checks test

Fixed end-to-end test issues related to SBOM checks

Data license modal fix

Resolved issues with data license modal

Handle invalid CVSS expressions

Fixed handling of invalid CVSS vector expressions


Quality of Life Changes

  • Updated the default sort order for Global Vulnerabilities to improve relevance.

  • Fixed various navigation bugs, ensuring sort orders are retained across pages.

  • Enhanced Custom Vulnerability Form with input validation to avoid submission errors.

  • Improved the SBOM General Tab Styling for consistency across the platform.

  • Added delete checks to the Product Table for easier record management.


⚙️ Technical Enhancements

  • Refactored external navigation URLs into reusable components for better maintainability.

  • Updated node options in staging deployment to improve performance.

  • Updated CVSS Info Modal with conditional previews to improve flexibility.

v3.0.2

January 7th, 2025

🆕 New Features & Highlights

  • Project Filtering by Name

    Easily filter projects by their name to quickly find what you’re looking for, especially in large environments.

  • Defect Density Graph in Analytics

    Visualize vulnerabilities across your components with the new Defect Density Graph, helping you track defect trends over time.

  • Custom Vulnerability Tab

    Manage organization-specific vulnerabilities more effectively with the new Custom Vulnerability Tab.

  • SBOM Quality Metrics Enhancements

    The SBOM Quality Score preview and calculation have been improved, offering more accurate insights into your SBOM health.

🛠️ Improvements & Fixes

  • Added detailed Activity Logs for Annotations to track changes and updates.

  • Resolved issues with Component Relationship Preview to display accurate relationships between components.

  • Fixed SBOM Download Issue when the quality score was blank.

  • Improved Manufacturer URL Navigation to ensure all links work as expected.

  • Updated Email Styling for cleaner, more professional email templates in production.

  • Environment Selector is now disabled after selection to prevent accidental changes.

  • Multiple Analytics Page Enhancements, including updated icons, filters, and default values for a better user experience.

🐞 Bug Fixes

  • Fixed SQL Error in the project metrics finder to ensure smoother performance.

  • Resolved Compliance Score Lookup issues that always defaulted to NTIA.

  • Fixed SBOM Quality Score Calculation to ensure consistency across reports.

  • Corrected a Typo in Project Vulnerability Metrics for more accurate reporting.

  • Fixed Graph Styling in Dark Mode to improve readability.

📈 Analytics & Metrics Improvements

  • Added Vulnerability Status Counts to the Analytics dashboard for a clearer overview of your vulnerabilities.

  • Updated the Patch Velocity Metric to improve tracking of remediation efforts.

  • Enhanced SBOM Statistics for more accurate and actionable data.

  • Automatically Reset Analytics Filters when changing environments to ensure fresh data views.

✅ Security Enhancements

  • Implemented Organization Name Validation to prevent potential code injection risks.

  • Fixed issues with Activity Logs to ensure accurate tracking of actions and changes.

v3.0.1

January 3rd, 2025

🚀 New Features

  • SBOM Automation Rules Saving Across Environments

    Automation rules can now persist across different environments, providing better flexibility in managing your SBOM processes. [#5211, #5234]

  • Conditional Preview for Organizational Lists

    Users can now preview organizational lists based on specific conditions, improving user experience and navigation. [#5213]

  • Component Annotation Support

    Added support for component-level annotations, allowing users to add custom notes and metadata for better tracking. [#5206, #5221]

  • System Log Functionality

    Implemented system logging to provide better visibility into platform actions and audit trails. [#5232, #1851]

  • SBOM Vulnerability Statistics

    Added a detailed vulnerability statistics view for each SBOM, giving users quick insights into their SBOM’s security posture. [#5230]

✨ Enhancements

  • SBOM Compliance View Loading Screen

    A loading screen has been added to the SBOM compliance view to improve user experience during data fetches. [#5231]

  • ShareLynk Drawer Refactor

    The ShareLynk drawer has been updated with a new form layout for a more intuitive user experience. [#5228]

  • User Update Validation

    Improved user update validation to handle various scenarios accurately and securely. [#5249]

  • Email Notifications Styling

    Fixed styling issues in email notifications to render correctly across different devices and platforms. [#1792]

  • Global Icon Style Update

    Updated icon styles globally for a more consistent and polished look across the platform. [#5246]

  • Annotation Type Updates

    Annotations now include timestamps for better tracking of updates and creation dates. [#1848]

  • SBOM Activity Logs

    Updated SBOM activity logs to include additional details, making it easier to track changes and activities. [#5243]

  • UI and Analytics Improvements

    Improved the overall UI consistency and made enhancements to the analytics page for a better user experience. [#5220, #1847]

🐛 Bug Fixes

  • Fixed SBOM Download Issues in ShareLynk

    Resolved missing code for SBOM download options, ensuring a smoother download experience. [#5136, #5261]

  • Fixed Vulnerability Badge Alignment

    Addressed misalignment issues with vulnerability badges for better visibility. [#5256]

  • Fixed SBOM Checks Rescan

    Resolved an issue causing errors when re-running SBOM checks. [#5241, #5240]

  • Fixed Daily Metrics Collection

    Fixed errors in the daily metrics collection job and optimized it to use upserts. [#1845, #1853]

  • Fixed Missing Component Vulnerabilities

    Resolved issues with missing component vulnerabilities from certain parts of the platform. [#1838]

  • Fixed SBOM Download Authorization Issue

    Addressed an issue where ShareLynk SBOM downloads failed due to missing authorization checks. [#1843]

  • User Name Sanitization

    Implemented user name sanitization to avoid potential code injection vulnerabilities. [#5245]

  • Fixed Organization Name Update Validation

    Ensured proper validation when updating organization names to prevent invalid entries. [#5247]

  • Fixed Search Query Trimming

    Resolved an issue with untrimmed search queries causing mismatches. [#1840]

  • Fixed Vulnerability Statuses Globally

    Standardized the vulnerability status column across the platform for consistency. [#5242]

  • Fixed Repo Crashes

    Addressed crashes occurring in specific repo configurations. [#1844]

v3.0.0

December 23, 2024

🚀 New Features

  • Hide SBOM Quality Score Added the ability to hide SBOM quality scores for enhanced flexibility in compliance workflows. [#1715]

  • Unignore SBOM Checks Users can now “Unignore” checks, providing greater control over ignored items. [#5160]

  • Component Search in Relationship Form Implemented a robust search functionality for components within the relationship form. [#5175]


✨ Enhancements

  • FDA Component Support Updated support levels for FDA components, ensuring up-to-date compliance. [#1808]

  • Default and Manual Scan Organization Moved default and manual scans to more intuitive facets for better user experience. [#1829]

  • Optimized SBOM PDF Export Refactored and optimized SBOM PDF exports for smaller, more efficient files. [#5170, #5178]

  • Tooltip and Label Updates Improved tooltips for Version Health Score and SBOM Quality Score for better clarity. [#5188, #5198]

  • Improved Vulnerability Feeds Cleaned up and optimized vulnerability/exploitability feed listings. [#5158]

  • UI Consistency Enhanced component side-drawer consistency and updated the compliance drawer for a cohesive UI. [#5161, #5121]

  • API Call Optimization Reduced unnecessary API calls for better performance. [#5130]

  • Updated SBOM Defaults Adjusted SBOM export defaults for user convenience. [#5190]


🐛 Bug Fixes

  • Nil Panic Error Resolved issues causing nil panic errors for users. [#1814]

  • SBOM Checks Filter Fixed filter reset issue in SBOM checks. [#5159]

  • Tooltip Mismatch Fixed incorrect tooltips on Version Health Score. [#5188]

  • Vulnerability Badge Styling Adjusted styling for vulnerability badges for better visibility. [#5194]

  • Vulnerability Count Display Updated SBOM details to show - for vulnerability count when scans are pending. [#5192]

  • Component Update Fixed component update functionality with required changes. [#5187]

  • Relationship Updates Addressed issues in primary relationship previews and updates. [#5173, #5195]

  • Search Query Trimming Fixed issues with untrimmed search queries causing mismatches. [#5199]

  • PDF Export Issues Resolved missing data hashes and fixed descriptions from products in PDFs. [#5189, #5191]

  • License Table Display Fixed SBOM license table in customer views. [#5197]

  • Compliance List Addressed inconsistencies in the compliance list. [#5208]


⚙️ Technical Improvements

  • Sidekiq Configurations Added configurations for Sidekiq, improving job management. [#1830]

  • Job Scheduling Changes Updated job scheduling for improved reliability. [#1833]

  • Removed Debug Code Cleaned up unnecessary debug code to streamline performance. [#1824]

  • Removed New Relic Eliminated unused New Relic and Solid Errors to reduce overhead. [#1811]

v2.9.9

December 17th, 2024

🆕 New Features

  • Added API to retrieve a single custom vulnerability within the current organization

  • Introduced support for Level CSV download option

  • Enabled SBOM export as FDA specific Excel

  • Dynamic addition of custom fields to vulnerability CSV Export

🖐️ Enhancements

  • Improved validation for vulnerability ID uniqueness

  • Enhanced SBOM build drawer with supplier fields

  • Refined SBOM general tab

  • Updated vulnerability card layout

  • Implemented context-sensitive label menu

  • Updated product settings tooltip

  • Improved SBOM actions and components

  • Refined product details and ShareLynk table components

  • Added vulnerability indicator to components

  • Enabled delete feature for dependency_of relationships

⚒️ Bug Fixes

  • Fixed crash when component vulnerability is null in component VEX update API

  • Resolved timeout issues in organization vulnerability queries

  • Corrected severity filter functionality

  • Fixed crash in daily metrics job

  • Resolved issues with SBOM download options

  • Corrected custom field bugs in CSV export

  • Fixed vulnerability count display before scanning

  • Resolved key prop and React ref warnings

  • Fixed progress bar overflow issue

  • Corrected inconsistencies in global and product vulnerability views

  • Addressed ShareLynk SVG link preview issues

  • Fixed SBOM modal and drawer inconsistencies

v2.9.8

December 5th, 2024

Highlights

  • Enhanced Vulnerability Management: Introduced features to identify and manage vulnerabilities, including custom vulnerability additions and updates.

  • Improved User Interface: Multiple UI enhancements across SBOM components, license management, and analytics.

  • PDF Export Improvements: Fixed critical PDF export issues and added dynamic custom fields for export.

  • Performance Optimization: Removal of unused libraries, variables, and static media to streamline builds and improve performance.

🆕 New Features

  • Custom Vulnerability Addition: Add and manage custom vulnerabilities for SBOMs (#4996).

  • Label Filtering: Added label-based filtering for analytics and part selection (#5021, #5053).

  • CSV Export: Enabled CSV export for the support tab (#5040).

  • SBOM PDF Enhancements: Dynamic custom fields added to SBOM PDF exports (#5064).

  • Vulnerability Scanning: Auto vulnerability scan triggered upon adding or updating custom vulnerabilities (#1763).

  • Order-by Search Support: Added support for ordering search results (#1751).

🖐️ Enhancements

  • Component Management: Updated the component tree, state, info modal, and expand views for a more streamlined experience (#4983, #4979, #5033, #5059).

  • UI Updates: Improved styling for tools page, license expand views, and editors (#5062, #5060, #5037).

  • Improved Validation: Enhanced error handling for invalid CPE checks and custom vulnerabilities (#4999, #5050).

  • Analytics Page: Added new environment filters and updated analytics components (#5034).

  • Automation Rules: Introduced a toast notification for rule generation and added “contains” to automation rules (#5012, #1762).

⚒️ Bug Fixes

  • Search Functionality: Fixed SBOM search field and duplicate SBOM transfer issues (#4997, #1773).

  • License Modal: Addressed UI and error handling issues (#4990).

  • PDF Export: Resolved issues in PDF export, including vulnerability and parts details (#5041, #5063).

  • PURL and CPE Editors: Fixed styling, validation, and search options for better usability (#5037, #5017).

  • Component Validation: Fixed issues with component supplier validation and other vulnerabilities (#5004, #5051).

  • SBOM Reprocessing: Automatically reprocess SBOMs upon updates to primary (#1767).

  • Code Refactoring: Updated global styles, removed unused components, and replaced tooltips for consistency (#4986, #5014, #5015).

  • Library Updates: Bumped dependencies for cross-spawn, http-proxy-middleware, and rollup for security and compatibility (#4940, #4673, #4476).

  • Error Handling: Improved error messages and validation for various operations (#5032, #5054).

  • Build Optimization: Improved build times by removing unwanted media files and unused variables (#5025, #5036).

v2.9.7

November 27, 2024

Highlights

  • 🚀 Improved User Experience: Enhanced workflows in component creation, SBOM management, and vulnerability analysis.

  • 🔒 Advanced Security Features: Added safeguards and improvements to ensure compliance and data integrity.

  • 📄 SBOM Enhancements: Seamless SBOM transfer between environments and new export fixes.

🆕 New Features

  • Custom Vulnerabilities: Add and manage vulnerabilities tailored to your specific needs.

  • SBOM Management: Transfer SBOMs between environments and streamline SBOM list interactions.

  • Enhanced License Handling: Custom license transformations and text display improvements.

  • Component Tree Updates: Added primary paths, dependency tagging, and action enhancements.

  • Accessibility Improvements: Fixed button and image accessibility issues.

⚒️ Bug Fixes

  • Fixed validation errors in component creation and updates.

  • Corrected user permission issues for Viewer roles.

  • Resolved analytics bugs for environment selections.

  • Fixed parts navigation and dependency linking issues.

🏃 Performance Improvements

  • Addressed deadlock issues and optimized PURL normalization.

🖐️ UI Enhancements

  • Updated SBOM author tags with tooltips and reordered columns for better usability.

  • Fixed alignment and modal display inconsistencies.

  • Removed unused code and integrated consistent Chakra components.

v2.9.6

November 19, 2024

Highlights

  • Enhanced Usability: Improved support for large SBOM files, reducing UI freezing and enhancing download/edit functionality

  • Advanced Graph Support: Added directional support for the relationship graph view, making visualization more intuitive.

  • Improved Validation: Introduced license expression validation and refined product and vulnerability input handling.

  • Streamlined Error Management: Fixed upload error handling and enhanced modal behaviors for better error visibility.

🆕 New Features

  • Directional Relationship Graph View: Graph views now support directional visualization for better clarity.

  • License Expression Validator: A new feature to validate license expressions during uploads.

  • Trace View for E2E Tests: Trace view support added for end-to-end tests on CI, aiding debugging and performance insights.

  • Vulnerability & Component Matching: Enhanced logic for matching vulnerabilities and components by intersecting names.

  • EPSS Score: Null values are now allowed, ensuring flexibility in data input.

  • Status Field: Made optional to accommodate partial inputs.

  • Vulnerability Field: Can now be left blank if applicable.

⚒️ Bug Fixes

  • Fixed edit and download button issues for large SBOMs.

  • Reduced chances of UI freezing with large files.

  • Error Handling Enhancements: Improved error handling during upload and reprocess actions. • Fixed issues with reset and indication in the VEX update flow.

  • Enhanced VEX import table and history drawer with custom fields.

  • Relationship Graph and Table Refinements:

  • Resolved issues with vulnerability link forms and table action buttons.

  • Addressed bugs in relationship deletion modals.

  • Updated component linking in the vulnerabilities tab. • Improved import vulnerability status UI.

  • Resolved e2e test issues, including product deletion and label validation.

  • Updated SBOM files and product creation validation for tests.


v2.9.5

November 14, 2024

Highlights

  • Custom VEX Fields: Easily manage and add customized VEX (Vulnerability Exploitability Exchange) fields for better vulnerability tracking.

  • License Notifications: Receive notifications related to software license compliance and updates.

  • Enhanced Export Options: Seamlessly export and import End of Support (EOS) data, along with improved SBOM PDF layouts.

  • Component Dependency Tree: Visualize and analyze component dependencies within the platform to understand the structure and potential vulnerabilities better.

  • SBOM PDF Enhancements: Added missing labels, data mappings, and refined layout for better readability and compliance with export needs.

🖐️ Improvements

  • UI/UX Refinements

    • Updated mailer font styling, component subheaders, and the integration tab name for improved navigation.

    • Enhanced search functionality for better score filtering.

    • New tooltip and styling across lists, modals, and menus for a more consistent experience.

    • Updated dashboard header and increased search bar width for quicker data access.

  • Policy and Automation

    • New SB-HC-25 checks implemented for enhanced policy adherence.

    • Automated validation added to streamline creating and managing automation rules.

  • Data Handling

    • Filtering for unknown ecosystem entries and handling of null values to enhance data integrity.

    • Improved CSV and PDF exports, ensuring only relevant data is included.

  • Notifications:

    • Refined notification settings, including adherence to personal settings for targeted updates.

⚒️ Fixes

  • Component and Vulnerability Updates

    • Resolved issues in the component update process, including null strings and prefix issues.

    • Fixed vulnerabilities and licensing data in the global vulnerability table.

    • Enhanced form validation across VEX forms and vulnerability tables to ensure data accuracy.

  • SBOM and Export Refinements

    • Fixed issues with CSV filter and export, ensuring reliable downloads.

    • Improved logic for filtering out disabled products and maintaining format consistency.

  • UI Bug Fixes

    • Corrected layout bugs, icon placements, and button spacing across several views.

    • Addressed vulnerabilities in navigation and vulnerability status indication.


v2.9.4

November 4, 2024

🆕 Features

  • SBOM Enhancements

  • Added SPDX Lite export support

  • Implemented PDF export functionality

  • Enhanced SBOM phases management

  • Added flag to indicate SBOM reprocess status

  • Authentication & Security

  • Added unauthenticated access support for organization requests

  • Improved request workflow for public APIs

  • Enhanced password security mechanisms

  • User Experience

  • Redesigned email templates and footer

  • Updated SBOM upload request UI

  • Improved organization selector interface

🏃 Performance Improvements

  • Optimized policy count logic

  • Enhanced SBOM request flow

  • Fixed component health score calculations

⚒️ Bug Fixes

  • Resolved policy matching for SPDX ID

  • Fixed CPE error in component support

  • Addressed SBOM level policy result metrics

  • Fixed license search and validation issues

  • Resolved multiple clicks on upload SBOM button

🧪 Testing & Quality

  • Added comprehensive E2E tests for core functionalities

  • Enhanced validation for SBOM phases

  • Improved error handling and user feedback


v2.9.3

October 24, 2024

SBOM Enhancements

  • Added support for CPE 2.2

  • Introduced SBOM lifecycle management

  • Improved SBOM export functionality with exclude parts option

  • New upload request UI for SBOM

🔓 Security & Automation

  • Implemented automation rules for internal component checking

  • Enhanced CPE finder with improved exact match and prefix search prioritization

  • Added internal Slack monitoring system

  • Fixed component evaluator for less_than, more_than, and range operations

🖐️ UI/UX Improvements

  • Comprehensive CSV export functionality for multiple views

  • Updated organization and environment selectors

  • Refined label management system

  • Enhanced dashboard filters and analytics


v2.9.1

October 17, 2024

🆕 Features & Enhancements

  • SBOM Lifecycle Support (UI Pending): Added functionality to manage SBOM lifecycles phases, streamlining compliance workflows. (#1634)

  • SBOMs Count Availability: SBOMs count is now accessible through Sharelynk for easier tracking. (#1625)

  • Notification for Manual Policy Scans: Implemented a notification system for manual policy scan results, keeping you informed. (#1611)

  • Email Template Overhaul: Introduced a new email template as part of a unified email strategy. (#1624)

  • CSV Export for Enhanced Reporting: Now export data from the Global Vulnerability Detail View and SBOM Components View. (#4599)

  • Loader for Policy Violation Counts: Displays a loader instead of zero when a policy scan is in progress, providing a more accurate view. (#4530)

  • Product Permission Renaming: Updated "Archive Product" permission to "Delete Product" for better clarity. (#1631)

  • Async Scroll for Product Breadcrumbs: Improved user experience with a new asynchronous scrolling component. (#4576)

  • End-to-End Testing Improvements: Expanded E2E tests to cover more features, such as internal component CRUD. (#4607)

  • Custom Mobile Warnings and Device View Updates: Added custom warnings for mobile users and refined the device warning views. (#4591, #4610)

⚒️ Fixes

  • Logout After Email Confirmation: Users will be logged out upon confirming their email if they are already logged in, enhancing security. (#1626)

  • SPDX Export and Import Issues: Resolved crashes during SPDX export and fixed duplicate component imports. (#1633)

  • Policy Scan Fixes: Addressed an issue where policy scans would not complete when using certain parts. (#4586)

  • Ribbon Badge Count Accuracy: Corrected the display of policy counts on ribbon badges. (#1632)

  • Automation File Naming: Fixed export file names for automation, ensuring consistency. (#4572)

  • Modal and UI Enhancements: Resolved issues with modals, such as the archive automation modal close button. (#4577)

  • Playwright and Test Fixes: Updated playwright report issues and SBOM delete tests. (#4605, #4612)

  • UI Consistency: Addressed alignment, color scheme, and height issues in various components. (#4564, #4595, #4597)


v2.8.8-HotFix

October 17, 2024

  • 🔺 An issue was identified, impacting the automation of supplier additions at version level. This has been fixed in this hot-fix release.


v2.8.8

October 10, 2024

🆕 New Features

  • Component Insights: Added component insights for better visibility into usage and vulnerabilities (#4496, #4552).

  • SPDX 2.3 Export: Added export functionality for SPDX 2.3 specification (#1615).

  • SBOM Download: You can now download the original SBOM.

  • Slack Notifications: Notifications for failed E2E tests now sent to Slack, with log URLs included (#4547, #4557).

  • Vulnerability Actions: Updated vulnerability actions for improved workflow (#4561).

  • JIRA Validation Rule: Added a validation rule for JIRA ticket creation (#4553).

  • Products Enable/Disable E2E Tests: Added E2E tests for product enable/disable actions (#4556).

🖐️ Enhancements

  • UI Updates: Improved component and vulnerabilities layout, insights preview, and VEX status (#4523, #4552, #4527).

  • Component License Tag: Updated license tag for better component identification (#4565).

  • SBOM Support Status: Added visibility for SBOM-related activities (#1586).

⚒️ Fixes

  • JIRA Link, Component Card, Sidebar, and Search: Fixed issues with JIRA link, component card display, responsive sidebar, and changelog search (#4541, #4555, #4563, #1563).

  • SPDX Validation and Repo Key: Resolved SPDX export validation and repo key issues (#1618, #1610).

  • Miscellaneous Fixes: Addressed sign-up button, E2E label tests, and unit test failures (#4562, #4551, #4549, #4569).

🧹 Clean-ups & Miscellaneous

  • Code Clean-up: Various clean-ups to improve codebase (#4560).

  • Export and Test Updates: Fixed export issues and updated specs test actions (#1616, #4571).


v2.8.7

October 4, 2024

🆕 Features and Enhancements:

  • Refactored the version table and product modal for better structure and performance (#4466, #4475).

  • Updated the SBOM vulnerability table and optimized API calls like GetOrgName for faster performance (#4463, #4467).

  • Several user interface improvements, including:

    • Refactor of PURL and CPE card (#4500).

    • Updated settings header and sidebar with documentation links (#4499, #4529).

    • Improved component edit drawer, modal, and search functionality (#4489, #4516).

    • Added ShareLynk validation and updated validation messages (#4494, #4513).

    • Updated column identifiers and fixed alignment issues in the user table (#4485, #4497).

  • Enhanced vulnerability state handling and validation, including vulnerability filters and link validation (#4486, #4515, #4540).

  • Fixed multiple UI bugs related to dark color schemes, product updates, and component state issues (#4490, #4491, #4537, #4539).

  • Other minor performance improvements and refactors, including E2E tests switched to Linux and improved cron job handling (#4487, #4526).

⚒️ Fixes

  • Fixed vulnerability scanning failures and PURL validation issues (#1599, #4506).

  • Resolved bugs like vulnerability expand view, NVD link, and missing dependencies in the version table (#4490, #4524, #4507).

  • Fixed issues related to FDA compliance support level and security token initialization (#1575, #4525).

  • Several fixes related to Docker and workflow configurations (#1587, #1588, #1589).

  • Improved license handling, including case-insensitive search and removed VEX completed check (#1596, #1600).


v2.8.6

September 26, 2024

🆕 Features

  • Component Library[BETA/NOUI]: Introduced a new component library to streamline UI elements across the platform, enhancing consistency and maintainability.

  • SBOM Support Enhancements: Updates to the SBOM support query, expanding compatibility and improving query accuracy.

  • Global Custom Date Input: A custom date input field was introduced for global use, standardizing date selection across multiple features.

  • Manufacturer Modal Improvements: Added a confirmation modal for archiving manufacturers, improving user interaction with sensitive actions.

⚒️ Fixes

  • Error Messaging: Enhanced error messages for SVG link issues and unexpected errors during automation rule imports.

  • Component Support Updates: Fixed issues with support updates, including renaming fields and adding new validation checks to prevent errors.

  • Vulnerability Page Fixes: Adjustments to vulnerability displays, including showing low severity counts and fixing breadcrumb navigation.

  • Playwright Test Fixes: Multiple fixes and optimizations for Playwright tests to ensure better CI/CD integration and reduce timeouts.

🖐️ Enhancements

  • User Interface Updates: Refined UI in several areas, including the general tab, component type fields, and policy violation counts.

  • Dockerfile and Workflow Optimizations: Updates to Dockerfile and GitHub Actions workflows for better efficiency, including enabling Docker BuildKit.

  • Search Functionality: Removed prefix search in favor of substring search for better accuracy in results.

  • Policy and Parts Modal Refactoring: The policy modal and parts modal were refactored for improved usability and performance.


v2.8.5

September 19th, 2024

🆕 Features

  • Archive Version Preview: Enabled preview of archived versions with necessary changes (#4319).

  • Automation Import/Export: Implemented automation import/export feature (#4403).

  • Component Author: Added support for displaying component author information (#1539).

  • Component PURL & CPE: Added missing PURL and CPE data for components (#4374).

  • Docker Image Versioning: Created Image-version.yml to track Docker image versions (#1543).

⚒️ Fixes

  • Search Functionality: Resolved issue where search for check ID was not working (#1531).

  • Expired Invitations: Fixed handling of expired invitations (#1538).

  • Internal Component Tagging: Fixed component tagging issues (#1503, #4269).

  • Supplier Check: Addressed supplier check issue in SBOM (#4392).

  • Component Version Validation: Resolved validation issues for component versions (#4361, #4398).

  • Reset Password Page: Fixed reset password link issue (#4397).

  • Policy View Alignment: Corrected alignment of the policy view (#4356).

  • SBOM Fixes: Fixed issues in SBOM support table, CPE validation, supplier modal, and details page in customer view (#4372, #4371, #4408, #4393).

  • Invitation Handling: Resolved additional invitation handling issues (#4395).

  • Dark Mode Styling: Fixed styling issues in dark mode and license field validation (#4400).

  • Checks Preview: Fixed logic for previewing checks (#4399).

🖐️ Enhancements

  • Restart Policy: Updated Docker container restart policy to "always" (#1534).

  • License Updates: Added updated licenses (#1540).

  • Progress Bar Styling: Enhanced progress bar styling (#4340).

  • Component Relation Drawer: Added expand action to the component relation drawer (#4364).

  • General Styling Updates: Updated styling for the general tab, login/register page, and success messages (#4367, #4346, #4390).

  • Consolidation & Workflow: Consolidated files and updated workflows accordingly (#1544).

  • Modal Enhancements: Refined modal consistency and styling (#4410, #4414).

  • Product Status Modal: Enhanced product status modal functionality (#4421).


v2.8.4

September 12, 2024

🆕 New Features

  • Added violation count functionality

  • Implementation of component unsaved warning

  • Update to VEX status view and global vulnerability UI

  • Addition of component support tooltip

  • Update to authentication UI

🖐️ Improvements

  • Enhanced SBOM (Software Bill of Materials) features:

    • Fixed SBOM table spacing

    • Updated SBOM general tab layout and styling

    • Added info tooltip in SBOM general tab

    • Improved SBOM data license modal

  • Refined component management:

    • Updated component end-of-support field

    • Refactored component identifier fields

    • Enhanced component health score view

    • Improved component fields validation

  • Enhanced product features:

    • Fixed product search issue

    • Updated product actions preview

  • Upgraded policy management:

    • Updated policy stats color

    • Fixed policy count display

⚒️ Bug Fixes

  • Fixed SVG link issues

  • Resolved EOL (End of Life) finder problems

  • Addressed staging errors from demo data

  • Fixed null copyright value on component creation

  • Corrected valid expression showing as custom license

  • Resolved components create function issues

  • Fixed license update problems

  • Addressed VEX status modal issues

🖐️ UI/UX Enhancements

  • Various styling improvements across the application

  • Fixed compliance card alignment and styling

  • Refined dashboard stats alignment

  • Updated progress bar functionality

  • Implemented dark mode color corrections

🔓 Security and Performance

  • Updated security tokens with required validation

  • Upgraded various dependencies for improved security and performance

🔵 Other Changes

  • Removed SBOM reprocess option from customer view

  • Removed label option from free tier accounts

  • Updated free tier limits

  • Various settings and modal fixes

  • Environment configuration updates for staging and production

🔺 Known Issues

  • Product Vuln tab "set status" crashes

  • In the component Edit tab, if you click save on a component, even if no changes are made, it throws a no-component error.

  • Ctrl-K search has settings navigations not working correctly.


2.8.0

September 4, 2024

🆕 New Features

  • Added SSO support (Google & Github)

  • Introduced request functionality for plan upgrades.

  • Enabled component-level support information and exposed it on the SBOM support page.

  • Added new fields and updated views like compliance warning for disabled checks, component copyright field, connection tab renaming, and vulnerability info page redesign.

  • Improved UI for the SBOM upload modal, label filter dropdown, and compliance drawer.

⚒️ Bug Fixes

  • Fixed various UI issues, including compliance tab, select styling, component drawer, vex completed filter, SBOM parts UI, policy violation drawer, organization register modal, breadcrumb fetching, product filter in global vulnerability page, component update function, import wizard, overflow issue in component drawer, and more.

  • Fixed modal behaviors including Add/Edit License, Create Role, Create Token, and settings modals.

  • Fixed policy stats and SBOM download modal.

  • Fixed config not saving issue, errors, and orphaned dependencies.

  • Ensured consistency in documentation.

🖐️ UI Improvements

  • Enhanced support delete modal, SBOM build drawer, organization table, product label filter, compliance tab design, login page (privacy policy and terms of services), compliance description, and compliance tab with new design.

  • Improved component dependency view, label dropdown, label filter instructions, product page, and label size.

  • Refined styling and layout consistency for various UI components.

💡Miscellaneous

  • Added a flag for invalidating entries in the CPE info table.

  • Updated the demo name and description.

  • Refactored component vulnerability scope in the resolver.

  • Updated staging environment settings and hostnames.

  • Made modal fixes and other general settings changes.

2.7.9

August 27, 2024

🆕 New Features

  • Labels [GA]

  • Free Tier [Beta]

  • Demo account seed data

  • Compliance Tab

  • Component Library alpha (No user-facing data as yet)

  • AWS marketplace integration alpha

⚒️ Bug Fixes

  • Limit server log files to 100MB

  • Various fixes for notifications.

  • Sanitize and remove bad data from SBOMs.

  • Refetch refactor in UI, for consistent performance.

  • Modal consistency fixes.

  • Tons for additional fixes and consistency improvements.


2.7.8

August 15th, 2024

🆕 New Features

  • Version Archive Support - Individual versions can now be archived. Archival removes the version from all metrics, vulnerabilities & policies.

  • Notification Support - We support personal & organization level notification support. Notifications are supported over Email/Slack & Teams. This is an early release; currently we support only Sbom upload/failures & Vuln report scans. More notifications will be added on an ongoing basis.

  • Labels Support: Products can now be labelled for easy management.

⚒️ Bug Fixes

  • Permanent fix for Delete Role crash.

  • Checks does not flag an sbom with a single component with relationship failure.

  • Text alignment for SBOM Card.

  • Product Listing fixes a bunch of them.

  • Version Compare fixes.

  • Toast bar notification consistency.

2.7.7

August 1st, 2024

🆕 New Features

  • PURL & CPE vulnerabilities are merged, producing a single list of vulnerabilities by component.

  • Product Progress Graph [ Demo account only ]

⚒️ Bug Fixes

  • Compliance score fixes

    • Other identifiers now take into account either CPE or PURL

    • Comp suppliers accounting issue.

  • Migration to remove old roles

  • Fixed permissions wipe out

  • Invalid PURL crash fix

  • Updated info tooltips

  • Google Analytics fixes

Last updated