Release Notes

Interlynk's Platform release notes.

v3.3.2

June 19th 2025

✨ Release Highlights

This release focuses on attribution filters, sbom duplication and bug-fixes across the platform. We've significantly optimized query performance, introduced new attribution APIs, and resolved critical bugs to deliver a more reliable and efficient platform.

🆕 New Features

📊 Attribution API Integration

License and Component Attribution Management: New comprehensive API for managing license and component attributions
Enhanced Attribution Reports: Improved PDF and HTML export layouts with better font styling and formatting
Attribution Report Optimization: Better layout design using Arial font and enhanced styling for professional documentation

🔄 SBOM Management Enhancements

SBOM Duplication: Added ability to duplicate manually built SBOMs with editing capabilities
Semantic Version Sorting: Implemented proper semantic versioning for SBOM sorting and organization
Product Lifecycle Filtering: Enhanced SBOM count filtering by product lifecycle stages
Draft Mode Improvements: Updated SBOM draft mode preview with new changes and prevented downloads in draft state

📈 Performance Optimizations

Query Performance: Massive improvements across vulnerability, component, and user permission queries
API Call Reduction: Optimized refetch logic and minimized unnecessary API calls throughout the platform
Database Optimization: Enhanced query performance for product vulnerability tables and customer views

🛠 Improvements

💡 User Interface Enhancements

Table Consistency: Ensured consistent layout across all platform tables
Column Updates: Added status columns to version tables and updated parts table columns
CVSS Display: Fixed CVSS cards to properly display missing vector values
Vulnerability Information: Enhanced vulnerability info section display

🔧 System Optimizations

Refetch Logic: Optimized refetch mechanisms for primary component, automation, policy, and project updates
ShareLynk Drawer: Refactored and improved ShareLynk drawer functionality
Package Management: Streamlined package update flow to minimize API requests
Global Updates: Optimized global support and license update processes

📱 User Experience

Email Configuration: Resolved email configuration integration issues
Customer View: Removed unnecessary status columns and API calls from customer views
Search Performance: Optimized kbar query by removing unwanted fields
Role Management: Improved create role modal performance and optimized role queries

🐛 Bug Fixes

🔧 Critical Fixes

Slack Notifier: Fixed NoMethodError for undefined method 'msg' in Notifier::Slack
Attribution System: Resolved attribution connection issues and crashes
Email Integration: Fixed email configuration integration problems
Refetch Issues: Resolved refetch problems during component updates and SBOM lifecycle changes

🛡 Stability Improvements

Duplicate Definition: Fixed duplicate method definition issues
Semver Sorting: Corrected semantic version sorting functionality
JIRA Integration: Fixed E2E test issues with JIRA integration
Product Status: Resolved refetch issues on product status updates

🎯 Minor Fixes

Typos and Display: Corrected various typos and improved display strings
Code Cleanup: Refactored compliance checks component and removed redundant props
Lifecycle Filters: Fixed lifecycle stage filter preview functionality

v3.3.1

June 12th 2025

🚀 Release Highlights

This release focuses on SBOM management improvements, performance optimizations, and enhanced user experience across the platform. Key highlights include the introduction of SBOM draft mode, Automatic Parts Sync, significant performance improvements for component queries, and streamlined PDF export functionality.

✨ New Features

SBOM Draft Mode

Draft Lifecycle Management: Introduced a new 'draft' lifecycle state for SBOMs, allowing users to work on SBOM development before finalizing
Enhanced Preview Experience: Improved visual feedback and preview capabilities for draft mode SBOMs
Conditional JIRA Sync: Added conditional preview for JIRA sync actions to better manage integration workflows

🔧 Performance Improvements

Query Optimization

Component Tab Performance: Optimized component tab queries for significantly better performance
Vulnerability Exports: Added optimized vulnerability queries for both CSV and global exports
Cache-First Policy: Implemented cache-first policy for SBOM components expanded fetching to reduce load times
Reduced API Calls: Minimized redundant API requests during component updates and SBOM update flows

SBOM Management

Automatic Parts Sync: Added automatic SBOM parts synchronization across projects for improved consistency
Streamlined Update Flow: Optimized SBOM update process to trigger only required API calls

🐛 Bug Fixes

Access Control & Security

Access Control Issues: Resolved critical access control bugs affecting user permissions
Permission Normalization: Normalized permission names for consistency across the platform
User Authentication: Fixed NoMethodError for ShareUser#generate_jwt functionality

SBOM Operations

Upload Modal: Refactored and fixed multiple issues with SBOM upload modal functionality
Summary Card Logic: Fixed description preview logic in SBOM summary cards
Loader Issues: Resolved SBOM upload loader display problems
Build Refetch: Fixed SBOM build refetch functionality after updates
Delete Refetch: Corrected refetch behavior after SBOM deletion

PDF Export Improvements

Layout Fixes: Corrected layout misalignment issues in SBOM PDF exports
Vulnerability Status: Fixed vulnerability status display in SBOM PDF exports
Attribution Page: Updated both PDF and HTML export template layouts for attribution pages

Component Management

Component Details: Enhanced component details card functionality
Support Modal: Updated component support modal preview based on resolved checks
Query Optimization: Fixed component query requests during component edits
UI Cleanup: Removed OpenSSF scorecard field from component UI for cleaner interface

Policy & Project Management

Global Policy Layout: Improved global policy table layout to prevent overlap issues
Project Settings: Updated project settings with latest parts check functionality
Policy Pages: Added excluded column to product and version policy pages
Project Deletion: Fixed critical project deletion functionality

Automation & Validation

Component Checks: Fixed NoMethodError when automation component checks encounter nil values
Support Level Validation: Resolved 'Actively Maintained' support level validation errors
Priority Determination: Updated system to skip determining priority from severity when appropriate
Organization Issues: Fixed organization deserialize error

🔄 Technical Improvements

Modal Refactoring: Comprehensive refactoring of SBOM upload modal for better maintainability
API Efficiency: Reduced redundant API calls across multiple workflows
Error Handling: Enhanced error handling for edge cases and nil value scenarios
Data Consistency: Improved data synchronization and consistency across projects

v3.2.9

June 6th 2025

✨ Highlights

This release brings significant enhancements to the Interlynk Platform with improved performance, new integrations, and enhanced user experience. Key highlights include:

🔗 Linear Issue Tracker Integration - Seamlessly connect your vulnerability management with Linear
📊 Enhanced SBOM Scanning - Improved policy, support level, and vulnerability tracking in scan jobs
🔔 Smart Notifications - Incremental notifications for policy violations and new vulnerabilities
⚡ Performance Optimizations - Multiple query optimizations for faster data loading across the platform

🆕 New Features

🎯 Linear Issue Tracker Integration

Complete Linear integration for streamlined issue tracking
Support for markdown preview in issue descriptions
Generic ticket sync functionality for better workflow management

📋 Enhanced SBOM Capabilities

SBOM Parts in Scan Jobs: Now includes comprehensive policy, support level, and vulnerability data
Component Data Enhancement: Extended support for copying additional fields from primary components
Improved SBOM Comparison: Added end-to-end testing for SBOM comparison workflows

🔔 Advanced Notification System

Incremental Policy Notifications: Real-time alerts for policy violations
Vulnerability Notifications: Configurable notification options for new vulnerabilities
Smart Filtering: Enhanced notification management with better targeting

📊 Reporting & Export Improvements

Updated Attribution Reports: New layout for both HTML and PDF export formats
Enhanced Export Performance: Optimized CSV and Excel export functionality
Improved Report Styling: Consistent icon styling and better table formatting

🐛 Bug Fixes & Improvements

🔧 User Interface Fixes

✅ Fixed package license preview display issues
✅ Resolved table overflow problems in version columns
✅ Fixed overlapping issues in parts overview cards
✅ Corrected component expand view functionality
✅ Fixed health map view rendering
✅ Resolved attribution report dialog issues

⚡ Performance Optimizations

Query Optimization: Streamlined multiple database queries across components
- Product page labels query optimization
- HealthMap query field limiting
- Package versions query optimization
- Component data query improvements
Component Performance: Enhanced ProductInfo component with optimized state management
E2E Test Optimization: Reduced SBOM components test execution time

🛠️ Backend Improvements

Migration Fixes: Resolved database migration issues
Policy Logic: Fixed policy rescan functionality
Data Consistency: Improved vulnerability data handling and display
Component Cards: Enhanced performance and readability with better query optimization

📱 User Experience Enhancements

Table Components: Consistent styling across all table interfaces
Vulnerability Displays: Improved popover functionality and conditional severity previews
Modal Improvements: Enhanced policy modal and primary component check modal
Description Handling: Better truncation for component descriptions in summary cards

🔄 Technical Improvements

Refactored Components: Multiple component refactoring for better maintainability
Test Coverage: Enhanced E2E test coverage for critical workflows
Code Organization: Improved code structure for license expanded views
Automation Fields: Updated automation action fields with required changes

v3.2.8

May 29th 2025

🌟 Highlights

This release brings significant improvements to JIRA integration, enhanced analytics capabilities, and numerous bug fixes to improve platform stability and user experience. Key highlights include bulk JIRA ticket creation, lifecycle filtering for analytics, and Global Package Version Overrides & Management for Attributions.

✨ New Features

🔗 Enhanced JIRA Integration

Bulk JIRA Ticket Creation: Create multiple JIRA tickets at once with improved efficiency and user experience
JIRA Sync from Vulnerability Table: Trigger JIRA synchronization directly from the vulnerability management interface
Enhanced JIRA Settings: Updated fields and sync actions with improved configuration options
JIRA Description Field Updates: Better formatting and content for automatically generated JIRA tickets
JIRA Ticket Association Retention: Maintain ticket associations even when SBOM versions are updated

📊 Analytics & Reporting Improvements

Lifecycle Filter for Analytics: Filter analytics data by product lifecycle stage for better insights
Attribution Report Enhancements: New comprehensive attribution reporting capabilities
Enhanced Component Insights: Improved E2E testing and data retrieval for component analysis

🔧 Platform Enhancements

Global Package Version Management: Enhanced package version listing with override capabilities during attribution report generation
Organization Context Sync: Maintain consistent organization context across multiple browser tabs
Component Filter Query Updates: Dynamic component filters that update based on include_parts flag

🐛 Bug Fixes

🔒 Security & Vulnerability Management

Sharelynk Crash Fix: Resolved critical crash issue on vulnerability page in sharelynk
SBOM Vulnerability Query: Updated to omit retracted entries by default for cleaner results
Vulnerability Links Preview: Fixed parts vulnerability links preview functionality

🖥️ User Interface Improvements

Support Status Selection: Fixed support status selection behavior on tab changes
Product Tab Switching: Resolved onChange handler issues for seamless tab navigation
Settings Dropdown: Fixed dropdown preview behavior on page refresh
Policy Violation Drawer: Updated preview functionality for better user experience
Logs Column Preview: Fixed logs changed by column preview display

📦 Package & Component Management

Default Sorting: Improved default sorting in package version global listing
Package Override Modal: Enhanced UI and code improvements for better usability
Attribution Report Bulk Selection: Fixed bulk source select preference handling
License Data Validation: Enhanced license data validation with better expression handling

🔧 System & Performance Fixes

API Optimization: Removed unnecessary JIRA API calls from customer view for improved performance
Bitbucket Integration: Removed bitbucket from user integrations as part of cleanup
Component Filter Updates: Enhanced component filter query to properly retrieve parts data
Error Message Improvements: Updated error messages for better user understanding
CI Fixes: Resolved failing specs in continuous integration pipeline
Field Ordering: Fixed ordering for updated_at field across various components

v3.2.7

May 23rd 2025

Highlights ✨

🔧 Enhanced JIRA Integration - Added environment-level default fields configuration for streamlined workflow management
📊 Advanced Dashboard Filtering - New version lifestage filter support with improved product progress metrics visualization
🐛 Resolved Vulnerability Count Issues - Fixed incorrect vulnerability calculations in dashboard analytics for accurate reporting
🎨 Refreshed User Interface - Updated authentication layout, icons, and product settings for better user experience
⚡ Performance Optimizations - Code refactoring and query optimizations across components for improved platform efficiency

🎯 New Features

JIRA Integration Enhancements

🔧 Environment-Level Default Fields: Added support for configuring default JIRA fields at the environment level, streamlining issue creation workflows
🧪 Enhanced E2E Testing: Comprehensive end-to-end test coverage for JIRA integration flows

Dashboard & Analytics Improvements

📊 Version Lifestage Filtering: New dashboard filter support for version lifestage management
📈 Product Progress Metrics: Restructured and improved product progress overview with better metrics visualization
📋 Parts Overview Enhancement: Enabled parts overview cards across all dashboard tabs

Component Management

✏️ Enhanced Component Editing: Added edit functionality for parts components with improved usability
🔍 Latest Version Display: Component tables now display the latest version information for better visibility
👁️ Improved Visibility: Adjusted vulnerability component columns for enhanced readability

User Interface Enhancements

🎨 Refreshed Authentication Layout: Updated authentication page design for better user experience
📱 Product Automation UI: Enhanced product automation interface and changelog table presentation
🎯 Updated Icons: Refreshed icon set throughout the platform
📄 PDF Layout Optimization: Improved product progress PDF generation with better layout and structure
🔧 Custom Components: New reusable separator component for consistent UI elements
⚙️ Settings Layout: Updated product settings interface for improved navigation

🐛 Bug Fixes

Vulnerability Management

🔢 Fixed Vulnerability Counts: Resolved incorrect vulnerability count calculations in dashboard analytics
📊 SBOM Vulnerability Status: Updated vulnerability run status to properly display in-progress state on SBOM pages
🔄 Vulnerability Resolution: Fixed issues with vulnerability resolution workflows

Data Import & Processing

📋 SPDX Import Fix: Resolved SPDX import functionality issues
📝 SBOM Request Validation: Fixed SBOM request messaging when product name or version information is missing
📅 Lifecycle Modal: Fixed SBOM lifecycle modal incorrectly saving cleared date values

Configuration & Validation

✅ Address Validation: Added proper validation for configuration addresses before form submission
🔔 Slack Notifications: Fixed internal Slack notification delivery issues

User Interface Fixes

📊 SBOM Comparison: Updated SBOM comparison UI feedback and conditional rendering logic
🧪 E2E Component Tests: Fixed E2E test reliability for component insights rendering

🔧 Technical Improvements

Code Quality & Performance

🏗️ Code Structure Refactoring: Improved code structure and readability across multiple components
⚡ Query Optimization: Optimized attribution report queries with improved state management and code reuse
🧹 Component Restructuring: Enhanced component architecture for better maintainability

v3.2.5

May 16th 2025

Highlights ✨

Attributions Reports [Alpha Feature]
Basic Progress Reports
Notifications for Critical Vulnerabilities
Jira custom fields Support.

New Features 🚀

SBOM & License Management

📊 Added support level metrics to SBOM GraphQL type [#2239]
🔍 Added expression filter to licenses resolver [#2246]
🔄 Implemented fixes for SPDX license import [#2234]
💾 Improved dependency storage with unique deps feature [#2233]

JIRA Integration

⚙️ Added support for custom JIRA fields [#2229]
🧩 Implemented custom JIRA fields with UI improvements [#6323]
🛠️ Fixed JIRA component field functionality [#6362]

Analytics & Reporting

📈 Implemented Basic analytics reporting [#6250]
📄 Added ability to export attribution reports [#6329]
📊 Improved product progress report PDF export with charts and better layout [#6357, #6358]
🖨️ Enhanced attribution report export with license text [#6356]

System Improvements

📝 Added support status scan to change log [#2240]
🔔 Added notice field to component model and mutations [#2242]
📋 Added support scan logging in system logs [#2243]
📝 Added logging for support level field changes [#2244]
📨 Fixed email saving functionality [#2250]
🔄 Added filters to project_groups field [#2232]

UI Enhancements

🎨 Updated product labels card preview [#6328]
🖼️ Updated icons for better visual consistency [#6270]
🧩 Implemented conditional preview logic for part info cards [#6307]
🎯 Updated compliance logo to match consistent design [#6347]
📊 Updated Product Progress UI with fixes and improvements [#6352]
📈 Updated EPSS, CVSS and CWE preview on vulnerability details page [#6354]

Bug Fixes 🐛

Notifications & Alerts

🔔 Fixed notifications not being sent for newly matched vulnerabilities [#2241]
✅ Added validation for Slack and Team webhook URLs [#6343]
🔔 Updated custom toast icons [#6338]

UI & Display Issues

🖥️ Fixed incorrect affected products in vulnerability view [#6325]
🔄 Fixed half-circle icon display for unspecified VEX status [#6335]
📊 Fixed version table rendering in customer view [#6339]
✅ Fixed VEX status form validation [#6337]
📏 Adjusted column width for vulnerability status [#6336]
📐 Fixed part info cards alignment [#6348]
🔢 Fixed pagination issue in support status table [#6363]
🏷️ Added None type to severity tag component [#6365]
🔍 Fixed custom vulnerability search function [#6366]

License Management

📋 Fixed license list display [#2249]

Testing & Quality Improvements 🧪

✅ Added E2E test for version lifecycle update flow [#6340]
✅ Fixed SBOM upload E2E test [#6353]
🔄 Refactored JIRA config modal for better performance [#6324]

v3.2.2

May 8th 2025

🌟 Highlights

GraphQL Subscriptions: Added support for GraphQL subscriptions using ActionCable for real-time updates
Automation Improvements: Introduced ability to copy version details from primary components
UI Enhancements: Standardized selection fields with LynkSelect throughout the platform
Performance Optimization: Improved component rendering to avoid unnecessary queries

🚀 New Features

Component Management

✨ Added support to copy version from primary component (#6289)
🔄 Setup code for GraphQL subscriptions using ActionCable (#2207)
📊 Updated parts overview card with new design changes (#6300)
🧩 Replaced scope dropdown with LynkSelect in component details (#6277)

User Experience

🚀 Standardized selection fields in Product Settings with LynkSelect (#6278)
🔗 Added navigation support to product from global vulnerability view (#6318)
💾 CSV export now persists selected column configuration with sessionStorage (#6302)

Vulnerability Management

📝 Added internal notes to vulnerability CSV export (#6290)
📊 Included status fields in vulnerability CSV export (#6305)

🐛 Bug Fixes

UI & Layout

🔧 Fixed UI overlap in Add Component Modal (#6282)
🔍 Fixed parts tooltip issue in vulnerability table (#6280)
🔧 Fixed VEX status layout and UI consistency issues (#6319)
🔧 Fixed alignment for icon and status in vulnerability status import (#6322)
🔧 Fixed component tree view (#6303)

Component Functionality

🛠️ Fixed component scope update issue (#6281)
🛠️ Fixed CWE list preview (#6291)
🛠️ Fixed CWE field preview when data doesn't exist (#6299)
🛠️ Disabled Scope Field in Component view for ShareLynk (#6283)

ShareLynk

🔧 Resolved SBOM components query failure in ShareLynk (#6274)

Integrations

🔗 Fixed Github connection card (#6316)

Data Management

🔧 Fixed multiple license submissions with loading state (#6310)
🔧 Fixed support CSV export (#6315)

Testing

✅ Fixed e2e tests for product settings and support status (#6288)
✅ Added E2E test for component notes and license status (#6317)

🧹 Code Improvements

🔄 Modified logic for env based on aidash dev workflow (#2231)
🧹 Removed duplicate utility functions (#6273)
🧹 Component Notes Logic Cleanup (#6279)
🧹 Removed supplier details from parts table (#6298)
🧹 Conditionally render ProductGraphs to avoid unnecessary queries (#6272)

v3.2.1

May 2th 2025

✨ Highlights

Enhanced Webhook Functionality: Added PullRequestCreated and PullRequestUpdated triggers to expand integration capabilities
Improved Performance: Refactored database queries and component vulnerabilities import service for better efficiency
UI Improvements: Refreshed global search bar with new designs and enhanced dashboard experience

🆕 New Features

Backend Enhancements

🔍 Added vulnerability_id and environment filter to ProjectsResolver
🏷️ Added component_support_level field to query type
🔄 Using source branch name as version name for better traceability
🔑 Added GitHub token for staging environment

Frontend Improvements

📊 Added parts overview section with new cards for better component visualization
🗑️ Added reusable delete confirmation component for list items
💾 Implemented dashboard card state persistence using localStorage
🔎 Added async product search filter to global vulnerability view
📝 Added refresh action to policy table

🐛 Bug Fixes

Backend Fixes

🔧 Fixed incorrect number of 'unspecified' items
🧹 Refactored component vulnerabilities import service
🗃️ Optimized database queries for efficiency
🗑️ Improved record removal functionality

Frontend Fixes

🎨 Fixed global license table header
🎯 Fixed drag and drop issue for dashboard cards
🔍 Fixed global vulnerabilities search
🧩 Fixed support analysis function
📥 Updated support CSV download function
🔎 Fixed analytics filter logic
📋 Fixed support status E2E test
🔗 Fixed component link test
🔄 Fixed CPE Editor autocomplete disappearance issue
📝 Fixed ShareLynk vulnerability links
🎭 Fixed component filters incorrect query
📊 Fixed support table preview
📃 Fixed error when downloading SBOM excel sheet
🔧 Fixed status update issue for parts vulnerability
🔄 Fixed component license update issue
🛠️ Fixed admin navbar overlap issue
🖼️ Fixed component insights display issue
👁️ Fixed support status not displaying in SBOM support status tab

UI Improvements

🎨 Removed unused assets to optimize project size
👨‍💻 Updated executive dashboard with new changes
🔧 Adjusted save pending alert position in component identifiers
📊 Updated vulnerability table styling
🔄 Refactored global vulnerability table
🎨 Enhanced sidebar and breadcrumb with subtle colors and better interaction
🧹 Updated admin navbar styling
🎯 Implemented outline icons globally
📑 Refactored SBOM component table layout
📱 Improved initial loading experience after login

v3.1.9

April 17th 2025

Interlynk Platform Release v3.1.9 📦

Release Highlights ✨

This release introduces several improvements to the Interlynk Platform, focusing on enhanced filtering capabilities, better label management, and improved user experience across various components. Key highlights include:

🏷️ Bitbucket Project Label Support - Integration of Bitbucket project information as labels
🔄 Product Lifestage Filtering - New filtering options at version level
🛠️ SBOM Download Improvements - Added support status parameters
📊 Health Score Calculations - Refactored to handle "NA" values properly
🧹 UI/UX Improvements - Multiple usability and interface enhancements

New Features 🚀

Label Management

🏷️ Added Bitbucket label handling to repository service and data migration (#2173, #6118)
🔄 Refactored global label filter for improved performance (#6154)
✉️ Enhanced label delete flow with a toast message for better feedback (#6172)

Filtering & Export

🏁 Added lifestage filter at version level (#2165)
🏁 Enabled product lifestage filter throughout the application (#6053)
📊 Added include_support_status argument to SBOM download (#2179, #5977)
📋 Updated Component CSV Export with correct data and missing fields (#6113)
📋 Added Part column to vulnerability CSV export (#6165)

UI Enhancements

📝 Made product description expandable for large content (#6128)
🎨 Implemented row highlight on hover for better table navigation (#6110)
🔄 Updated organization activity cards layout (#6140)
📊 Fixed component insights preview (#6171)

Bug Fixes 🐛

UI Fixes

🔧 Fixed graphql warnings (#2181)
🔧 Fixed global vulnerability sorting issues (#2192)
🔧 Fixed Jira users listing (#2193)
🔧 Fixed Product Group Breadcrumb Duplicates (#6108)
🔧 Fixed Vulnerability Links UI Jump and Button Disable Logic (#6114)
🔧 Fixed CWE list to display 'N/A' when invalid CWE values are present (#6115)
🔧 Fixed username preview (#6120)
🔧 Fixed component health score issue (#6152)
🔧 Fixed shared component table with part details (#6161)
🔧 Fixed SBOM actions spacing (#6167)
🔧 Added null check to prevent crash in expandable text component (#6149)

Functional Fixes

🔧 Refactored health score calculations to handle "NA" values (#2188)
🔧 Fixed custom vulnerability create function (#6138)
🔧 Fixed assessment expire field (#6153)
🔧 Fixed global vulnerability edit permission for non-admin users (#6162)
🔧 Fixed Export to only include Part name in Vulnerability CSV Export (#6176)

Code Improvements 🧰

Component Refactoring

🧰 Improved connection card component code (#6112)
🧰 Made Delete Button reusable and consistent across app (#6100)
🧰 Cleaned up Config modal component and improved code structure (#6123)
🧰 Refactored support and users data export mapping for improved clarity (#6130)
🧰 Improved SBOM support card component code (#6136)
🧰 Refactored Edit Button Component for reusability and consistency (#6129)
🧰 Refactored SBOM alternatives drawer (#6139)
🧰 Refactored global policy table (#6150)

Testing Improvements

🧪 Fixed Labels E2E tests (#6119)
🧪 Optimized Security Token CRUD E2E Test Time (#6124)
🧪 Fixed role E2E test (#6125)
🧪 Fixed product label E2E test (#6126)
🧪 Updated GitHub actions schedule timing for playwright tests (#6145)

Security & Dependencies

🔒 Bumped serialize-javascript from 6.0.1 to 6.0.2 (#6117)
📦 Updated all patch-level dependencies to latest versions (#6104)

v3.1.7

April 10th 2025

🚀 Highlights

Interlynk Platform v3.1.7 brings significant improvements to the user interface, vulnerability management, and SBOM functionality. This release focuses on enhancing the overall user experience with the introduction of LynkSelect components across multiple features, improved CSV export capabilities, and several critical bug fixes.

✨ New Features

UI Enhancements

LynkSelect Implementation 🎨
- Replaced standard select components with LynkSelect in multiple areas:
  - Vulnerability Edit Links (#6038)
  - Support Status Bulk Edit (#6040)
  - Relationship Drawer (#6024)
  - Automation Rule Conditions (#6056)
- Enhanced CSV Export with Add/Remove All Columns functionality (#6059)
- Updated action buttons in Component Links and Relationships Edit (#6058)

Vulnerability Management

Advisory System Improvements 📋
- Added new drawer for vulnerability advisory list (#6065)
- Updated vulnerability expand view with advisory list (#6107)
- Fixed advisory link issues (#6083)
- Updated vulnerability information for non-CVE entries (#2170)

SBOM Enhancements

Component Information Access 📦
- Added SBOM Component PURL and CPE Modals in Customer View (#6079)
- Implemented copy to clipboard functionality for CPE and PURL (#6095)
- Improved Archived SBOM list drawer component and query (#6063)
- Refactored SBOM details component for better performance (#6077)

Support Status Management

Support Status Workflow 🔄
- Updated component support status system (#2166)
- Fixed support status update logic (#6066)
- Added conditional preview for product label filter (#6075)

Backend Improvements

Security Updates 🔒
- Updated OSV client (#2169)
- Fixed policy failures (#2175)
- Updated vulnerability information query (#2176)

🐛 Bug Fixes

UI Fixes

Fixed layout issues in policy conditions section (#6057)
Resolved CVSS Vector display issues in main view (#6061) and customer view (#6078)
Fixed UI breaking issue in customer view vulnerabilities (#6076)
Corrected version data display in support status expanded component (#6067)
Fixed incorrect rendering of policy condition fields (#6096)
Removed accessibility warnings for improved compliance (#6097)

Functional Fixes

Fixed validation for community count thresholds (#6062)
Corrected support status drawer with required changes (#6060)
Fixed support status preview (#6074)
Resolved component link and relationship CRUD functionality E2E tests (#6082)
Fixed support expand view (#6084)
Corrected License Expression in SBOM License CSV Export (#6085)
Fixed Support Level data in SBOM Support Status CSV Export (#6087)
Fixed UI break in Vulnerability CWEs List when no data is present (#6103)
Corrected typo in email connections description (#6109)
Fixed rendering issues in policy and automation fields (#6111)
Fixed CWE link in vulnerability expand view (#6088)
Fixed vulnerability advisory link preview (#6094)

🔧 Other Improvements

Refactored Bitbucket Config Modal for optimizations (#6064)
Removed support action and filters from component table (#6081)
Updated seed data (#2171)
Updated CSV export fields and headers for Support Status (#6102)

v3.1.6

April 4th 2025

Release Highlights ✨

Enhanced Vulnerability Management: Added support for CWE & Advisories persistence, improved NVD client implementation, and custom vulnerability handling
Improved UI Components: Integrated LynkSelect across multiple platform areas for better user experience
Lifecycle Support: Implemented SBOM lifecycle for dashboard based on project and enabled lifecycle support at the version level
Performance Optimizations: Refactored package lookup and storage logic to use normalized PURL format

New Features 🆕

Backend Improvements

✅ Added NVD client implementation
✅ Added support for webhook secrets
✅ Implemented bulk create and update capabilities for support levels
✅ Added SBOM lifecycle for dashboard based on project
✅ Implemented license notification on license components
✅ Refactored package lookup and storage to use normalized PURL format

UI Enhancements

✅ Refactored SBOM vulnerability table
✅ Integrated LynkSelect across multiple UI components:
- Support Checks
- Upload Modal
- Life Stage Modal
- Component Support
- Component Relations
- Request Accept Modal
- Role Deletion
- Links Edit
- Policy Rule Modal
- PURL Editor
- Switch Environment Modal
- Custom Vulnerability Modal
- License Status Drawer
- Pagination Select
✅ Updated support status check form
✅ Updated assessment expiration field
✅ Enhanced product and version tables
✅ Added dashboard card for version lifestage
✅ Improved component links preview

Bug Fixes 🐛

Backend Fixes

✅ Fixed NVD client issues
✅ Fixed rubocop job
✅ Fixed EPSS KEV job
✅ Fixed vulnerability metrics to consider environment
✅ Fixed issues with custom vulnerabilities
✅ Removed bad data affecting system performance

UI Fixes

✅ Fixed component links preview
✅ Fixed automation, license and health permissions
✅ Fixed version breadcrumb
✅ Fixed request table actions
✅ Fixed CSV download bug - properly handling comma in strings
✅ Fixed version lifestage API call
✅ Fixed component relationship E2E tests
✅ Fixed breadcrumbs layout issue for product and version name
✅ Fixed SBOM license update issue
✅ Fixed bulk VEX update with required validation
✅ Fixed user details modal
✅ Fixed vulnerability severity graph

Other Improvements 🔧

✅ Updated Ruby gems
✅ Added new test for organization score settings
✅ Added new test for component support status
✅ Added conditional preview for product label card
✅ Truncated long descriptions from vulnerability info page
✅ Added retries and updated timeout for E2E tests
✅ Disabled CSV download when no columns are selected

v3.1.5

March 27th 2025

Interlynk Platform Release v3.1.5

🌟 Highlights

Enhanced Component Management: Improved SBOM vulnerability component code and refactored component links for better performance
Enrich Java Packages: Enrich java components from maven central.
Bitbucket: Support Searching & Pagination.
Security Enhancements: Added KEV details for CSV exports from Vulnerabilities
Performance Optimizations: Optimized E2E tests by reusing authentication state
Backend Improvements: Added cron job for cleaning up webhook events

🚀 New Features

Backend Enhancements

✨ Add cron job for cleaning up webhook_events (#2104)
✨ Feature/enrich maven (#2128)
✨ Add pagination support for bitbucket repositories (#5908)
✨ Update age score limit (#5936)
✨ Add KEV details for CSV Export from Vulnerabilities (#5955)

UI/UX Improvements

✨ Create Reusable ToggleVisibilityButton for Password Fields (#5921)
✨ Integrate LynkSelect in Config Modal (#5926)
✨ Integrate LynkSelect in Invite User Modal (#5927)
✨ Integrate LynkSelect in License Modal (#5932)
✨ Add loading indicator for license creation and update process (#5937)
✨ Integrate LynkSelect in Edit Custom Vulnerability Drawer (#5966)
✨ Integrate LynkSelect in Change Role Modal (#5967)
✨ Integrate LynkSelect in Vulnerability Custom Field Modal (#5968)
✨ Update bitbucket icon (#5947)

🐛 Bug Fixes

Security Fixes

🔒 Support deprecated flag for cpe & remove from CPE autocomplete (#2137)
🔒 Remove token create permission from user level (#5956)
🔒 Fixed viewer role permissions (#5976)

Component Management

🛠️ Improve SBOM Vulnerability Component Code (#5917)
🛠️ Fixed component tag in SBOM license table (#5930)
🛠️ Update the logic for previewing End-of-Support field (#5928)
🛠️ Refactor SBOM archived check logic for reusability (#5933)
🛠️ Fixed component actions preview (#5952)
🛠️ Refactor Component Links (#5957)
🛠️ Refactor SBOM component table (#5961)
🛠️ Fixed component relation preview logic (#5979)

User Interface

🎨 Hide Component Support Filter for Free Tier and Customer View (#5918)
🎨 Fix Policy CRUD E2E tests (#5920)
🎨 Fixed routes flag hook (#5941)
🎨 Update toast message for component creation (#5943)
🎨 Fix License Modal Bug and Refactor Code (#5946)
🎨 Fixed ENV filter styling on vulnerability page (#5962)
🎨 Remove version search field from SBOM details page (#5964)
🎨 Update column sizing in custom vulnerability table (#5975)
🎨 Fixed misc styling issue (#5980)

Performance & Optimization

⚡ Handle exceptions with specific error logging (#2139)
⚡ Refactor RepositoryConnection code to get value of total_count (#2126)
⚡ Remove unused components (#5923)
⚡ Remove org connection API call from customer view (#5929)
⚡ Cleanup unused queries (#5931)
⚡ Refactor request modal (#5938)
⚡ Remove licenseAutoComplete API call from customer view (#5939)
⚡ Add conditional preview for global vuln filters (#5940)
⚡ Refactor vuln product drawer (#5942)
⚡ Refactor component links tab (#5944)
⚡ Cleanup Unused Utility Functions (#5950)
⚡ Optimize E2E Tests by Reusing Auth State (#5948)
⚡ Update Patch Dependencies (#5958)
⚡ Optimize SBOM Request E2E Test (#5959)
⚡ Optimize Policy CRUD E2E Test (#5960)
⚡ Optimize Support CRUD E2E Test (#5970)
⚡ Fix and Optimize License E2E Test (#5971)

v3.1.3

March 20th 2025

🎯 Highlights

React 18 Upgrade: Major frontend framework upgrade from React 17.0.2 to React 18.3.1
UI Enhancements: LynkSelect integration across multiple components
Improved Component Management: Bulk edit support status across versions/parts
Enhanced Analytics: Executive dashboard improvements
BitBucket: New webhook events now supported.

✨ New Features

User Interface Improvements

📊 Added Executive Dashboard card for number of SBOMs in specific lifecycle
🔍 Implemented search functionality to RepositoriesConnection and updated query type
⌨️ Added Kbar shortcut from Policy Details page and improved navigation
🔄 Integrated LynkSelect in multiple components:
- Component Add Modal and related fields
- Build version drawer
- Vulnerability status component
- VEX modal component
- Policy modal dropdowns

Repository Management

🗑️ Implemented Bitbucket repository deletion service
🔄 Support for PullRequestMerged event with environment and version generation

Component Management

✅ Added ability to bulk edit component support status across versions/parts
🏷️ Added internal tag to the support status drawer
🔄 Refactored component relationship drawer with reusable component

🐛 Bug Fixes

UI and User Experience

📋 Fixed header alignment in vulnerability table
🎭 Fixed VEX custom field validation
🛑 Fixed UI crash on User Role Delete modal
⬛ Updated dark mode color for regex highlighter
📅 Fixed incorrect theme for calendar field
📏 Adjusted column widths in license table to improve readability
📊 Fixed System Log visibility issue
✅ Added loader to Role Delete Modal
📊 Fixed pagination item count in Global Vulnerability Affected Products

Data Management

📤 Fixed export functionality for searched users and user lists
🧩 Fixed support level with NA disappearing when sorting
📧 Fixed email retention issue on login
📊 Updated support CSV export with part information
🔄 Enabled filters during user export
📊 Updated column order for support status export
🔄 Added sorting for support end date and support level
📉 Fixed analytics to zero-out data when not available
🚫 Removed assessment expiration when no longer maintained
🛑 Removed assessment expiration from support bulk edit

Backend Improvements

🔧 Refactored Packages processor for improved PURL handling
🛠️ Fixed GitHub update job
🔄 Updated repositories job
🗃️ Fixed migration issues
📊 Fixed project vulnerability metrics
📑 Fixed indexes on component support override

E2E Tests

🧪 Fixed SBOM E2E tests
🧪 Fixed SBOM General tab Author E2E tests
🧪 Fixed SBOM Components E2E tests
🧪 Fixed SBOM Vulnerabilities E2E tests

Technical Debt & Maintenance

🧹 Removed unused components
🔄 Updated patch versions for dependencies
🔄 Updated minor versions for dependencies
📚 Added ESLint rule to prevent direct drawer imports
🔄 Refactored Configuration Modal and removed redundant code
📜 Updated jspdf to the latest version
🔄 Updated apollo-upload-client to the latest version
🔧 Improved SBOM Components code

v3.1.2

March 12th 2025

Minor release to fix crashing job process.

v3.1.1

March 11th 2025

🚀 Highlights

This release brings significant improvements to component support management, enhanced SBOM capabilities, and new integrations with source code management tools. We've also made the user interface more intuitive and fixed several important bugs to ensure a smoother experience.

🎁 New Features

📊 Component Support Management

✅ Bulk Update Support Status - Update multiple components at once to save time
📥 CSV Export with Support Details - Export all your component support data including parts support level
🗓️ Assessment Expiration Dates - Assessment expiration days now converted to specific dates for clarity
🏷️ Improved Support Status UI - Clearer icons, tooltips, and visual indicators

🔄 Source Code Integrations

🧩 Bitbucket Integration - Full Bitbucket configuration interface with webhook support
🔗 Enhanced Repository Connections - Improved GitHub connection handling
🔁 Webhook Improvements - More reliable event handling for source code changes

👥 User Management

📋 User CSV Export - Export user information to CSV for external reporting
⏱️ Improved Invitation Flow - Added loading indicators when managing user invitations
📄 Enhanced User Table - Fixed display issues in the user management interface
📱 Organization User Pagination - Better handling of large user lists with pagination

📑 SBOM Enhancements

🔍 Comparison Layout Improvements - Clearer visualization when comparing SBOMs
🖱️ Drag and Drop Upload - Enhanced SBOM upload with full-screen drag and drop support
🏁 Auto-Archive for Ready Status - Automatic archiving when SBOM reaches ready state
🧰 Updated SBOM Info Card - Clearer information display on the tools page

🔧 Enhancements

💫 User Interface Improvements

🎨 Standardized Table Layouts - Consistent design across product details and changelog views
🔍 Refactored Filter Components - More intuitive filtering across all tables
📏 Fixed Text Cropping - No more cut-off text in version tables
🏷️ Required Field Indicators - Clear marking of required PURL fields
🔢 Better Pagination - Hide controls when not needed and show total item counts

🛡️ Vulnerability Management

🎯 Direct Only Filtering - New filter option for component and vulnerability tables
🔗 Impacted Products View - See all affected products in Global Vulnerability View
📊 Dashboard Status Counts - Fixed vulnerability severity status counts on dashboard
🔍 Expanded View Improvements - Integrated detail components for better information display

⚡ Performance Optimizations

🚀 Lazy Loading in Dropdowns - Faster loading in Tools Product List
⚙️ License Loading Optimization - More efficient license processing
📈 Improved Memory Management - Better application performance and stability
🔌 Enhanced Database Connections - More reliable database operations

🐞 Bug Fixes

🛠️ SBOM Status Issues - Fixed SBOM not ready state when vulnerability scan is disabled
🔄 SBOM Comparison - Resolved runtime errors in comparison functionality
🔍 Search Shortcut - Fixed disappearing search shortcut bug
📝 VEX Status History - Fixed data display issues in vulnerability status history
🏷️ Component Support Tags - Fixed run status indicators
✉️ Email Configuration - Improved validation for email settings
👤 Author Creation - Fixed issues with creating new authors
🔗 Repository Connections - Resolved issues with Bitbucket integration

🔒 System Improvements

📋 Enhanced Logging - Better system logging capabilities
🔍 Code Quality - Added ESLint rules to restrict console logs
✉️ Email Security - Updated email validation for better security
📊 Monitoring Enhancements - Improved error handling and system monitoring

v3.1.0

Release Error

v3.0.9

Feb 27th 2025

🔥 Highlights

🚀 Dependent Auto-Completion in CPE Editor – Improves accuracy and efficiency.
🛠 Major Refactoring – Multiple drawers now use LynkDrawer for a more consistent UI.
🔍 Enhanced Analytics & Metrics – Process execution time, Patch Velocity updates, and improved component expand view.
🎨 UI/UX Improvements – New severity & EPSS styling, input field theme updates, and better support for different viewports.
🔐 Security & Compliance – Fixes to login notification handling, email verification, and product lifecycle tracking.
📢 Notifications & Reports – Improvements in product notifications and report notification cleanup.

✨ New Features & Enhancements

✅ CPE Editor Auto-Completion – Dependent fields now auto-complete based on previous values. [#5660]
✅ System Logs with Execution Time – Added process execution time tracking. [#5668]
✅ Product Auto-Archive Feature – New settings introduced for auto-archiving inactive products. [#5686, #2012]
✅ Enhanced Rule Import – Drag and drop works across the entire screen with improved stability. [#5679]
✅ Kbar Navigation Enhancements – New route flags added from the Vulnerability Details page. [#5683]
✅ Support Tab Updates – Now includes required information for better insights. [#5698]

🛠 UI & UX Improvements

✅ LynkDrawer Refactor – Standardized UI for multiple drawers,.
✅ Analytics Page Optimization – Improved layout for different viewports. [#5687]
✅ Severity & EPSS Styling Updates – Better visual cues for security issues. [#5688]
✅ Scrollbar Hidden in LynkDrawer – Provides a cleaner look. [#5674]
✅ Updated Component Expand View – Now includes support details. [#5670]
✅ Reordered Product Settings Tags – Improves accessibility. [#5707]
✅ Support Status Drawer Enhanced – Additional details added. [#5725]
✅ Compliance Card Styling Fixes – Ensures consistent appearance. [#5694]
✅ Updated Component Version Column – Added required spacing for better readability. [#5696]

🐞 Bug Fixes

✅ Forgot Password Link Alignment – UI fix for better visibility. [#5661]
✅ Fix PURL and CPE Preview Tag Issues – Ensures correct tag rendering. [#5671]
✅ Fix UI Breaking in Component Support Modal – Prevents layout issues. [#5672]
✅ Fix Security Tokens, Roles & Internal Components Alignment – Ensures proper display. [#5723]
✅ Fix Patch Velocity Metrics – Now zeroed out like other metrics. [#5708]
✅ Fix Support CSV Export – Resolves incorrect exports. [#5709]
✅ Fix Login Notifications – Now triggers only for actual user logins. [#2027]
✅ Fix Filter for Multiple Fields in Labels – Improves accuracy. [#2015]
✅ Prevent Forgot Password Email Bombing – Strengthened security. [#1996]
✅ Fix Disabled Products in Lifecycle Calculations – Improves lifecycle tracking. [#2014]

v3.0.8

Feb 20th 2025

🚀 Highlights

Performance Improvements: Optimized various API queries, reducing redundant calls and improving dashboard performance.
Enhanced SBOM Actions: Added support for SBOM actions mutation and refined SBOM upload and comparison.
Component Support Level: Full Support for component level support.
Policy & Compliance Updates: New filters for policy details and global policy lists.
GitHub Integration: Improved GitHub client functionality and token handling.

🆕 New Features

License Status Update: Added the ability to update license_status on components. (#1945, #5564)
Global Policy Filters: Introduced filters to refine policy searches. (#1962, #5574)
SBOM Actions Mutation: Added mutation support for SBOM actions. (#1988)
Support Level Download API: Implemented an API for downloading support levels. (#1974, #5618)
Re-run Support Analysis: Added a new action for rerunning support analysis. (#5642)

🛠️ Bug Fixes

SBOM Upload & Processing:
- Fixed end-to-end (E2E) test issues with SBOM uploads. (#5593, #5644)
- Corrected repository lookup logic. (#1984)
- Fixed invalid SBOM notification update count. (#1986)
Dashboard & Vulnerability Fixes:
- Resolved double vulnerability severity counting. (#1980)
- Fixed vulnerability lookup form and styling. (#5603, #5612)
- Optimized vulnerability query execution. (#5598, #5605)
UI & UX Improvements:
- Standardized combo-box styling. (#5650)
- Improved component insights and support preview. (#5610, #5611)
- Fixed various layout and styling inconsistencies. (#5612, #5614, #5633, #5655)
Policy & Compliance Fixes:
- Fixed typo in policy conditions component. (#5607)
- Refactored policy creation modal. (#5604)
- Updated policy result queries for efficiency. (#5599)

📈 Performance Improvements

Optimized API Calls:
- Reduced product stage API calls from 7 to 1. (#5588)
- Optimized vulnerability severity API calls from 5 to 1. (#5589)
- Streamlined environment total counts API. (#5651)
- Improved SBOM comparison query execution. (#5649)
Refactoring & Cleanup:
- Removed unused imports, hooks, and components. (#5594, #5656, #5657)
- Introduced a reusable fetchNodes utility function. (#5638)
- Enhanced vendor root path validation with regex matching. (#5634)

v3.0.7

Feb 13th 2025

🚀 Highlights

Major refactoring and optimizations across SBOM components and compliance modules.
Enhanced UI components with improved styling and usability.
Introduced new policy violation page and lifecycle stage updates.
Improved support for free-tier users with updated dashboards and feature restrictions.

✨ New Features

Reusable UI Components: Created reusable divider, drawer, and label components for better UI consistency. (#5507, #5540, #5541)
Policy Violation Page: Added a dedicated policy violation page with required details. (#5518)
Executive Dashboard Enhancements: Introduced new filters for better dashboard analytics. (#5539)
Improved Component Notes Drawer: Implemented the Components Notes Drawer using LynkDrawer. (#5554)
Global Variables: Added global lists for severity levels and VEX types. (#5567, #5572)
New Lifecycle Stage: Added a new product lifecycle stage for better categorization. (#5552)

🛠️ Bug Fixes

Fixed crash when API returns null for license autocomplete. (#5517)
Fixed UI crash when switching tabs after expanding policy table. (#5521)
Fixed incorrect count of products in 'None' lifecycle stage. (#1960)
Fixed failing SBOM build and changelog E2E tests. (#5551, #5553)
Fixed error 500 on re-running automation. (#1956)
Fixed organization and product E2E tests. (#5550, #5569)
Fixed empty graphs, updated formulas, and stylistic changes. (#5581)
Fixed regular expression logic for better accuracy. (#5528)
Fixed incorrect parts checkbox logic in SBOM download dialog. (#5583)
Fixed CPE and PURL editor issues. (#5584, #5585)
Fixed PURL version check. (#5547)
Fixed layout issues in SBOM download menu. (#5555)
Fixed changelog table styling for dark mode. (#5542)

🔄 Refactoring & Improvements

SBOM Compare Code: Refactored SBOM comparison logic in tools and version lists. (#5144)
Compliance Tab Update: Refactored SBOM compliance tab for improved performance. (#5520)
Free Tier Enhancements:
- Hide compliance and parts checkbox in SBOM download. (#5548)
- Hide product by label for free-tier users. (#5546)
- Update dashboard by removing restricted metrics. (#5563)
- Remove label select in import status for free tier. (#5565)
- Centralized free-tier check logic. (#5577)
Performance Optimizations:
- Removed unused components, variables, and mutations. (#5509, #5510, #5578, #5576)
- Improved default checkbox styling in tables. (#5523)
- Updated SBOM reprocess function for better efficiency. (#5516)
- Updated vulnerability graphs API with paginated queries. (#5586)
- Optimized routing logic for global vulnerability access. (#5545)
- Refactored customer check logic in useProjectGroup. (#5575)
- Centralized route checks logic in a dedicated hook. (#5571)

v3.0.6

Feb 5th 2025

Highlights

Interlynk Platform v3.0.6 introduces enhanced filtering, model validation improvements, and multiple UI/UX refinements to improve overall user experience. This release also includes essential bug fixes and performance optimizations.

New Features

Filter by Project Group Label IDs in daily metrics, providing more granular insights (#1929).
Refresh Token Implementation to enhance authentication flow (#1796).
OSV Lookup Integration for vulnerability management (#1917).

Improvements

Model Validation Enhancements: Updated validation logic for organization settings and schema updates (#1928).
Health Icons in Action Panels for improved visibility (#5417).
Executive Dashboard Enhancements: Added business unit filtering (#5438).
Lifecycle Updating Feature moved to SBOM Details Page (#5444).
Component Insights & Icons Refinements (#5412).
New Graphs for Vulnerability Age & Identification Velocity (#5502).

Bug Fixes

Fix Resetting of All Compliance (#1930).
Fix Retraction Issues (#1927).
Fix Custom Vulnerability Issues (#1923).
Resolve Login Error Handling (#5463).
Fix User Registration Button Disable Bug (#5473).
Remove Environment Selector from Author Modal in SBOM Detail Page (#5475).
Fix Lifecycle Modal Bug: Remove Lynk Alert on Close (#5458).
Fix Global Env State Link to Global Vulnerability Env Filter (#5454).
Fix Component Relationship CRUD E2E Test (#5498).
Fix Import Vulnerability Status Functionality E2E Test (#5496).
Fix Parts Functionality E2E Test (#5495).

v3.0.5

January 27th 2025

Highlights of New Features and Improvements

SBOM Lifecycle Management

Introduced a feature to seamlessly manage and update SBOM lifecycles. (#5410)

Executive Dashboard Enhancements

Dashboard now populates with key data to improve high-level decision-making. (#5415)

Severity and CVSS Metrics

Added Severity and CVSS Scores to the Vulnerability View Page for better risk assessment. (#5418)

Improved Dashboard UI

Updated the dashboard with new graphs and data for better insights. (#5362, #5419)

Streamlined Component Lookup

Enhanced the UX for faster and easier component search. (#5383)

Contribution Suppression

Added the ability to suppress specific contribution types. (#1922)

Manufacturer and component add modals updated with required validations and new changes. (#5398, #5408)

Health Scoring Updates

Stylistic and functional updates made to health scoring for improved usability. (#5387, #5405)

Bug Fixes

Fixed alignment issues in component notes. (#5396)
Resolved inconsistencies in component insight data. (#5390)
Fixed issues with the Vulnerability Info View and included Known Exploited Vulnerabilities (KEV) in the expanded view. (#5407)
Removed unnecessary component warnings. (#5404)
Addressed multiple entries in metric aggregation reports. (#5420)

Other Improvements

Updated description tags with icons for better visual clarity. (#5389)
Implemented UI improvements across the platform for a more cohesive experience. (#5409)
Improved tools loading view for better user feedback. (#5406)
Added an end-to-end test for organization creation and switching workflows. (#4752)

v3.0.4

January 23rd 2025

Highlights of the Release

The v3.0.4 release introduces significant enhancements to platform usability, performance, and compliance workflows. With additional features such as improved filtering, enriched SBOM operations, and a variety of bug fixes, this update reinforces our commitment to delivering a robust and user-friendly experience.

New Features

Annotate Gem Initialization: Enhanced annotation capabilities with the addition of the annotate gem to streamline development workflows. [#1905]
Attach Existing Custom Vulnerabilities to SBOMs: Simplified vulnerability management by allowing custom vulnerabilities to be linked directly to SBOMs. [#1902]
Package Lookup Functionality: Added the ability to perform detailed package lookups, leveraging Package URLs (PURLs) for precision. [#1907, #1913]
Score Settings in Command Bar: Easily access and adjust score settings via the command bar for a more seamless experience. [#5369]

Enhancements

Policy Rule Violations Finder: Extended filtering options for more granular policy rule violation analysis. [#1870]
Weight Control for Package Health Logic: Enabled fine-tuned control over package health calculations to improve reporting accuracy. [#1898, #5029]
Updated Plan Details View: Improved clarity and accessibility in the plan details interface. [#5341]
Refactored Components: Significant refactoring of components, including CVSS, CPE, and PURL info cards for better maintainability and performance. [#5342, #5365]
Improved SBOM Operations:
- Fixed SBOM creation tool tests. [#5351]
- Enhanced SBOM general tab functionality. [#5375]
- Updated SBOM end-to-end tests for increased coverage. [#5366, #5384]
Compliance and Vulnerability Management:
- Removed compliance selector and custom vulnerability actions for free-tier users, streamlining operations. [#5349, #5350]
- Improved vulnerability table preview for customer view. [#5370]

Bug Fixes

Health Score Calculations:
- Resolved issues with health score bugs and null breakdowns. [#1912, #1919]
- Fixed health score fields validation. [#5382]
Concurrency Control: Controlled the concurrency of workflows and jobs to prevent resource contention. [#1908]
Date Filter: Fixed a bug with date filtering for component vulnerabilities. [#1909]
Custom Vulnerability Operations: Addressed issues with custom vulnerability creation and operation support. [#1915, #5380]
General Fixes:
- Fixed typos, calculation errors, and stylistic changes in various areas. [#1919, #5360]
- Resolved modal auto-closing issues in SBOM tabs. [#5375]
- Fixed missing brace errors. [#5367]
- Corrected end-to-end test failures across SBOM and components. [#5359, #5376, #5384]
- Fixed color code validation issues. [#5353]

Performance Improvements

Refactoring and Cleanup:
- Refactored utility functions for better code reuse and readability. [#5336, #5356, #5357]
- Removed unused global states and redundant functions. [#5345, #5355]
- Cleaned up policy table and automation column components. [#5363, #5364]
Loading Feedback: Added feedback for the refresh button to enhance user experience during data updates. [#5372]

Security Updates

X-Permitted-Cross-Domain-Policies: Implemented additional security headers to ensure stricter domain access controls. [#5378]

v3.0.3

January 14th 2025

📋 Highlights

Introduced Defect Density Calculation Service to provide deeper insights into project health.
Added Reconcile Service to ensure vulnerability data remains consistent across the platform.
Enhanced custom fields for workflow integration, supporting more personalized workflows.

✨ New Features

Defect Density Calculation: Introduced the DefectDensityService to calculate defect density for projects, offering better visibility into overall project health.
Reconcile Service: Implemented a reconciliation service to prevent mismatches in vulnerability data across different sections of the platform.
Custom Fields for Workflow Integration: Enhanced workflow integrations by allowing custom fields, making it easier to tailor workflows to specific needs in tools like Jira.

🛠 Improvements

Annotatable Support in Changelogs: Replaced the term annotation with annotatable to improve consistency in changelogs.
Global Vulnerability Table Refactor: Refactored the Global Vulnerability Table for better performance and a cleaner interface.
System Logs Update: Updated system logs to support new scan types, improving traceability.
SBOM Selection Issue Fixed: Resolved various SBOM selection issues, ensuring a smoother experience across workflows.
Email Styling Enhancements: Improved the styling of email templates for better readability and consistency.

🐞 Bug Fixes

Compliance Bug in SBOM Score Report: Fixed an issue where compliance reports failed when the report format was present but not selected.
Vulnerability Status History Fix: Resolved an issue where vulnerability status history did not display imported statuses correctly.
Vendor Page Redirection: Fixed a redirection issue on the vendor page.
404 Page Setup: Implemented a 404 error page for better user experience when navigating invalid links.
Component Description Preview Update: Updated component previews to improve readability.
Invalid Expressions Handling: Improved error handling to manage invalid expressions, preventing crashes.
Dashboard Redirection Issue: Fixed redirection issues when navigating through the dashboard.

🔧 Other Fixes and Enhancements

Issue

Description

Fixed email styling

Improved email template readability

Compliance list preview update

Updated compliance lists with new styling

Fixed analytics filter issue

Resolved issues with filtering analytics data

Product delete modal verification

Added input verification to the product delete modal

Update policy expand view

Enhanced policy expand view for better UX

Fixed SBOM checks test

Fixed end-to-end test issues related to SBOM checks

Data license modal fix

Resolved issues with data license modal

Handle invalid CVSS expressions

Fixed handling of invalid CVSS vector expressions

✅ Quality of Life Changes

Updated the default sort order for Global Vulnerabilities to improve relevance.
Fixed various navigation bugs, ensuring sort orders are retained across pages.
Enhanced Custom Vulnerability Form with input validation to avoid submission errors.
Improved the SBOM General Tab Styling for consistency across the platform.
Added delete checks to the Product Table for easier record management.

⚙️ Technical Enhancements

Refactored external navigation URLs into reusable components for better maintainability.
Updated node options in staging deployment to improve performance.
Updated CVSS Info Modal with conditional previews to improve flexibility.

v3.0.2

January 7th, 2025

🆕 New Features & Highlights

Project Filtering by Name
Easily filter projects by their name to quickly find what you’re looking for, especially in large environments.
Defect Density Graph in Analytics
Visualize vulnerabilities across your components with the new Defect Density Graph, helping you track defect trends over time.
Custom Vulnerability Tab
Manage organization-specific vulnerabilities more effectively with the new Custom Vulnerability Tab.
SBOM Quality Metrics Enhancements
The SBOM Quality Score preview and calculation have been improved, offering more accurate insights into your SBOM health.

🛠️ Improvements & Fixes

Added detailed Activity Logs for Annotations to track changes and updates.
Resolved issues with Component Relationship Preview to display accurate relationships between components.
Fixed SBOM Download Issue when the quality score was blank.
Improved Manufacturer URL Navigation to ensure all links work as expected.
Updated Email Styling for cleaner, more professional email templates in production.
Environment Selector is now disabled after selection to prevent accidental changes.
Multiple Analytics Page Enhancements, including updated icons, filters, and default values for a better user experience.

🐞 Bug Fixes

Fixed SQL Error in the project metrics finder to ensure smoother performance.
Resolved Compliance Score Lookup issues that always defaulted to NTIA.
Fixed SBOM Quality Score Calculation to ensure consistency across reports.
Corrected a Typo in Project Vulnerability Metrics for more accurate reporting.
Fixed Graph Styling in Dark Mode to improve readability.

📈 Analytics & Metrics Improvements

Added Vulnerability Status Counts to the Analytics dashboard for a clearer overview of your vulnerabilities.
Updated the Patch Velocity Metric to improve tracking of remediation efforts.
Enhanced SBOM Statistics for more accurate and actionable data.
Automatically Reset Analytics Filters when changing environments to ensure fresh data views.

✅ Security Enhancements

Implemented Organization Name Validation to prevent potential code injection risks.
Fixed issues with Activity Logs to ensure accurate tracking of actions and changes.

v3.0.1

January 3rd, 2025

🚀 New Features

SBOM Automation Rules Saving Across Environments
Automation rules can now persist across different environments, providing better flexibility in managing your SBOM processes. [#5211, #5234]
Conditional Preview for Organizational Lists
Users can now preview organizational lists based on specific conditions, improving user experience and navigation. [#5213]
Component Annotation Support
Added support for component-level annotations, allowing users to add custom notes and metadata for better tracking. [#5206, #5221]
System Log Functionality
Implemented system logging to provide better visibility into platform actions and audit trails. [#5232, #1851]
SBOM Vulnerability Statistics
Added a detailed vulnerability statistics view for each SBOM, giving users quick insights into their SBOM’s security posture. [#5230]

✨ Enhancements

SBOM Compliance View Loading Screen
A loading screen has been added to the SBOM compliance view to improve user experience during data fetches. [#5231]
ShareLynk Drawer Refactor
The ShareLynk drawer has been updated with a new form layout for a more intuitive user experience. [#5228]
User Update Validation
Improved user update validation to handle various scenarios accurately and securely. [#5249]
Email Notifications Styling
Fixed styling issues in email notifications to render correctly across different devices and platforms. [#1792]
Global Icon Style Update
Updated icon styles globally for a more consistent and polished look across the platform. [#5246]
Annotation Type Updates
Annotations now include timestamps for better tracking of updates and creation dates. [#1848]
SBOM Activity Logs
Updated SBOM activity logs to include additional details, making it easier to track changes and activities. [#5243]
UI and Analytics Improvements
Improved the overall UI consistency and made enhancements to the analytics page for a better user experience. [#5220, #1847]

🐛 Bug Fixes

Fixed SBOM Download Issues in ShareLynk
Resolved missing code for SBOM download options, ensuring a smoother download experience. [#5136, #5261]
Fixed Vulnerability Badge Alignment
Addressed misalignment issues with vulnerability badges for better visibility. [#5256]
Fixed SBOM Checks Rescan
Resolved an issue causing errors when re-running SBOM checks. [#5241, #5240]
Fixed Daily Metrics Collection
Fixed errors in the daily metrics collection job and optimized it to use upserts. [#1845, #1853]
Fixed Missing Component Vulnerabilities
Resolved issues with missing component vulnerabilities from certain parts of the platform. [#1838]
Fixed SBOM Download Authorization Issue
Addressed an issue where ShareLynk SBOM downloads failed due to missing authorization checks. [#1843]
User Name Sanitization
Implemented user name sanitization to avoid potential code injection vulnerabilities. [#5245]
Fixed Organization Name Update Validation
Ensured proper validation when updating organization names to prevent invalid entries. [#5247]
Fixed Search Query Trimming
Resolved an issue with untrimmed search queries causing mismatches. [#1840]
Fixed Vulnerability Statuses Globally
Standardized the vulnerability status column across the platform for consistency. [#5242]
Fixed Repo Crashes
Addressed crashes occurring in specific repo configurations. [#1844]

v3.0.0

December 23, 2024

🚀 New Features

Hide SBOM Quality Score Added the ability to hide SBOM quality scores for enhanced flexibility in compliance workflows. [#1715]
Unignore SBOM Checks Users can now “Unignore” checks, providing greater control over ignored items. [#5160]
Component Search in Relationship Form Implemented a robust search functionality for components within the relationship form. [#5175]

✨ Enhancements

FDA Component Support Updated support levels for FDA components, ensuring up-to-date compliance. [#1808]
Default and Manual Scan Organization Moved default and manual scans to more intuitive facets for better user experience. [#1829]
Optimized SBOM PDF Export Refactored and optimized SBOM PDF exports for smaller, more efficient files. [#5170, #5178]
Tooltip and Label Updates Improved tooltips for Version Health Score and SBOM Quality Score for better clarity. [#5188, #5198]
Improved Vulnerability Feeds Cleaned up and optimized vulnerability/exploitability feed listings. [#5158]
UI Consistency Enhanced component side-drawer consistency and updated the compliance drawer for a cohesive UI. [#5161, #5121]
API Call Optimization Reduced unnecessary API calls for better performance. [#5130]
Updated SBOM Defaults Adjusted SBOM export defaults for user convenience. [#5190]

🐛 Bug Fixes

Nil Panic Error Resolved issues causing nil panic errors for users. [#1814]
SBOM Checks Filter Fixed filter reset issue in SBOM checks. [#5159]
Tooltip Mismatch Fixed incorrect tooltips on Version Health Score. [#5188]
Vulnerability Badge Styling Adjusted styling for vulnerability badges for better visibility. [#5194]
Vulnerability Count Display Updated SBOM details to show - for vulnerability count when scans are pending. [#5192]
Component Update Fixed component update functionality with required changes. [#5187]
Relationship Updates Addressed issues in primary relationship previews and updates. [#5173, #5195]
Search Query Trimming Fixed issues with untrimmed search queries causing mismatches. [#5199]
PDF Export Issues Resolved missing data hashes and fixed descriptions from products in PDFs. [#5189, #5191]
License Table Display Fixed SBOM license table in customer views. [#5197]
Compliance List Addressed inconsistencies in the compliance list. [#5208]

⚙️ Technical Improvements

Sidekiq Configurations Added configurations for Sidekiq, improving job management. [#1830]
Job Scheduling Changes Updated job scheduling for improved reliability. [#1833]
Removed Debug Code Cleaned up unnecessary debug code to streamline performance. [#1824]
Removed New Relic Eliminated unused New Relic and Solid Errors to reduce overhead. [#1811]

v2.9.9

December 17th, 2024

🆕 New Features

Added API to retrieve a single custom vulnerability within the current organization
Introduced support for Level CSV download option
Enabled SBOM export as FDA specific Excel
Dynamic addition of custom fields to vulnerability CSV Export

🖐️ Enhancements

Improved validation for vulnerability ID uniqueness
Enhanced SBOM build drawer with supplier fields
Refined SBOM general tab
Updated vulnerability card layout
Implemented context-sensitive label menu
Updated product settings tooltip
Improved SBOM actions and components
Refined product details and ShareLynk table components
Added vulnerability indicator to components
Enabled delete feature for dependency_of relationships

⚒️ Bug Fixes

Fixed crash when component vulnerability is null in component VEX update API
Resolved timeout issues in organization vulnerability queries
Corrected severity filter functionality
Fixed crash in daily metrics job
Resolved issues with SBOM download options
Corrected custom field bugs in CSV export
Fixed vulnerability count display before scanning
Resolved key prop and React ref warnings
Fixed progress bar overflow issue
Corrected inconsistencies in global and product vulnerability views
Addressed ShareLynk SVG link preview issues
Fixed SBOM modal and drawer inconsistencies

v2.9.8

December 5th, 2024

⭐ Highlights

Enhanced Vulnerability Management: Introduced features to identify and manage vulnerabilities, including custom vulnerability additions and updates.
Improved User Interface: Multiple UI enhancements across SBOM components, license management, and analytics.
PDF Export Improvements: Fixed critical PDF export issues and added dynamic custom fields for export.
Performance Optimization: Removal of unused libraries, variables, and static media to streamline builds and improve performance.

🆕 New Features

Custom Vulnerability Addition: Add and manage custom vulnerabilities for SBOMs (#4996).
Label Filtering: Added label-based filtering for analytics and part selection (#5021, #5053).
CSV Export: Enabled CSV export for the support tab (#5040).
SBOM PDF Enhancements: Dynamic custom fields added to SBOM PDF exports (#5064).
Vulnerability Scanning: Auto vulnerability scan triggered upon adding or updating custom vulnerabilities (#1763).
Order-by Search Support: Added support for ordering search results (#1751).

🖐️ Enhancements

Component Management: Updated the component tree, state, info modal, and expand views for a more streamlined experience (#4983, #4979, #5033, #5059).
UI Updates: Improved styling for tools page, license expand views, and editors (#5062, #5060, #5037).
Improved Validation: Enhanced error handling for invalid CPE checks and custom vulnerabilities (#4999, #5050).
Analytics Page: Added new environment filters and updated analytics components (#5034).
Automation Rules: Introduced a toast notification for rule generation and added “contains” to automation rules (#5012, #1762).

⚒️ Bug Fixes

Search Functionality: Fixed SBOM search field and duplicate SBOM transfer issues (#4997, #1773).
License Modal: Addressed UI and error handling issues (#4990).
PDF Export: Resolved issues in PDF export, including vulnerability and parts details (#5041, #5063).
PURL and CPE Editors: Fixed styling, validation, and search options for better usability (#5037, #5017).
Component Validation: Fixed issues with component supplier validation and other vulnerabilities (#5004, #5051).
SBOM Reprocessing: Automatically reprocess SBOMs upon updates to primary (#1767).
Code Refactoring: Updated global styles, removed unused components, and replaced tooltips for consistency (#4986, #5014, #5015).
Library Updates: Bumped dependencies for cross-spawn, http-proxy-middleware, and rollup for security and compatibility (#4940, #4673, #4476).
Error Handling: Improved error messages and validation for various operations (#5032, #5054).
Build Optimization: Improved build times by removing unwanted media files and unused variables (#5025, #5036).

v2.9.7

November 27, 2024

⭐ Highlights

🚀 Improved User Experience: Enhanced workflows in component creation, SBOM management, and vulnerability analysis.
🔒 Advanced Security Features: Added safeguards and improvements to ensure compliance and data integrity.
📄 SBOM Enhancements: Seamless SBOM transfer between environments and new export fixes.

🆕 New Features

Custom Vulnerabilities: Add and manage vulnerabilities tailored to your specific needs.
SBOM Management: Transfer SBOMs between environments and streamline SBOM list interactions.
Enhanced License Handling: Custom license transformations and text display improvements.
Component Tree Updates: Added primary paths, dependency tagging, and action enhancements.
Accessibility Improvements: Fixed button and image accessibility issues.

⚒️ Bug Fixes

Fixed validation errors in component creation and updates.
Corrected user permission issues for Viewer roles.
Resolved analytics bugs for environment selections.
Fixed parts navigation and dependency linking issues.

🏃 Performance Improvements

Addressed deadlock issues and optimized PURL normalization.

🖐️ UI Enhancements

Updated SBOM author tags with tooltips and reordered columns for better usability.
Fixed alignment and modal display inconsistencies.
Removed unused code and integrated consistent Chakra components.

v2.9.6

November 19, 2024

⭐ Highlights

Enhanced Usability: Improved support for large SBOM files, reducing UI freezing and enhancing download/edit functionality
Advanced Graph Support: Added directional support for the relationship graph view, making visualization more intuitive.
Improved Validation: Introduced license expression validation and refined product and vulnerability input handling.
Streamlined Error Management: Fixed upload error handling and enhanced modal behaviors for better error visibility.

🆕 New Features

Directional Relationship Graph View: Graph views now support directional visualization for better clarity.
License Expression Validator: A new feature to validate license expressions during uploads.
Trace View for E2E Tests: Trace view support added for end-to-end tests on CI, aiding debugging and performance insights.
Vulnerability & Component Matching: Enhanced logic for matching vulnerabilities and components by intersecting names.
EPSS Score: Null values are now allowed, ensuring flexibility in data input.
Status Field: Made optional to accommodate partial inputs.
Vulnerability Field: Can now be left blank if applicable.

⚒️ Bug Fixes

Fixed edit and download button issues for large SBOMs.
Reduced chances of UI freezing with large files.
Error Handling Enhancements: Improved error handling during upload and reprocess actions. • Fixed issues with reset and indication in the VEX update flow.
Enhanced VEX import table and history drawer with custom fields.
Relationship Graph and Table Refinements:
Resolved issues with vulnerability link forms and table action buttons.
Addressed bugs in relationship deletion modals.
Updated component linking in the vulnerabilities tab. • Improved import vulnerability status UI.
Resolved e2e test issues, including product deletion and label validation.
Updated SBOM files and product creation validation for tests.

v2.9.5

November 14, 2024

⭐ Highlights

Custom VEX Fields: Easily manage and add customized VEX (Vulnerability Exploitability Exchange) fields for better vulnerability tracking.
License Notifications: Receive notifications related to software license compliance and updates.
Enhanced Export Options: Seamlessly export and import End of Support (EOS) data, along with improved SBOM PDF layouts.
Component Dependency Tree: Visualize and analyze component dependencies within the platform to understand the structure and potential vulnerabilities better.
SBOM PDF Enhancements: Added missing labels, data mappings, and refined layout for better readability and compliance with export needs.

🖐️ Improvements

UI/UX Refinements
- Updated mailer font styling, component subheaders, and the integration tab name for improved navigation.
- Enhanced search functionality for better score filtering.
- New tooltip and styling across lists, modals, and menus for a more consistent experience.
- Updated dashboard header and increased search bar width for quicker data access.
Policy and Automation
- New SB-HC-25 checks implemented for enhanced policy adherence.
- Automated validation added to streamline creating and managing automation rules.
Data Handling
- Filtering for unknown ecosystem entries and handling of null values to enhance data integrity.
- Improved CSV and PDF exports, ensuring only relevant data is included.
Notifications:
- Refined notification settings, including adherence to personal settings for targeted updates.

⚒️ Fixes

Component and Vulnerability Updates
- Resolved issues in the component update process, including null strings and prefix issues.
- Fixed vulnerabilities and licensing data in the global vulnerability table.
- Enhanced form validation across VEX forms and vulnerability tables to ensure data accuracy.
SBOM and Export Refinements
- Fixed issues with CSV filter and export, ensuring reliable downloads.
- Improved logic for filtering out disabled products and maintaining format consistency.
UI Bug Fixes
- Corrected layout bugs, icon placements, and button spacing across several views.
- Addressed vulnerabilities in navigation and vulnerability status indication.

v2.9.4

November 4, 2024

🆕 Features

SBOM Enhancements
Added SPDX Lite export support
Implemented PDF export functionality
Enhanced SBOM phases management
Added flag to indicate SBOM reprocess status
Authentication & Security
Added unauthenticated access support for organization requests
Improved request workflow for public APIs
Enhanced password security mechanisms
User Experience
Redesigned email templates and footer
Updated SBOM upload request UI
Improved organization selector interface

🏃 Performance Improvements

Optimized policy count logic
Enhanced SBOM request flow
Fixed component health score calculations

⚒️ Bug Fixes

Resolved policy matching for SPDX ID
Fixed CPE error in component support
Addressed SBOM level policy result metrics
Fixed license search and validation issues
Resolved multiple clicks on upload SBOM button

🧪 Testing & Quality

Added comprehensive E2E tests for core functionalities
Enhanced validation for SBOM phases
Improved error handling and user feedback

v2.9.3

October 24, 2024

⭐ SBOM Enhancements

Added support for CPE 2.2
Introduced SBOM lifecycle management
Improved SBOM export functionality with exclude parts option
New upload request UI for SBOM

🔓 Security & Automation

Implemented automation rules for internal component checking
Enhanced CPE finder with improved exact match and prefix search prioritization
Added internal Slack monitoring system
Fixed component evaluator for less_than, more_than, and range operations

🖐️ UI/UX Improvements

Comprehensive CSV export functionality for multiple views
Updated organization and environment selectors
Refined label management system
Enhanced dashboard filters and analytics

v2.9.1

October 17, 2024

🆕 Features & Enhancements

SBOM Lifecycle Support (UI Pending): Added functionality to manage SBOM lifecycles phases, streamlining compliance workflows. (#1634)
SBOMs Count Availability: SBOMs count is now accessible through Sharelynk for easier tracking. (#1625)
Notification for Manual Policy Scans: Implemented a notification system for manual policy scan results, keeping you informed. (#1611)
Email Template Overhaul: Introduced a new email template as part of a unified email strategy. (#1624)
CSV Export for Enhanced Reporting: Now export data from the Global Vulnerability Detail View and SBOM Components View. (#4599)
Loader for Policy Violation Counts: Displays a loader instead of zero when a policy scan is in progress, providing a more accurate view. (#4530)
Product Permission Renaming: Updated "Archive Product" permission to "Delete Product" for better clarity. (#1631)
Async Scroll for Product Breadcrumbs: Improved user experience with a new asynchronous scrolling component. (#4576)
End-to-End Testing Improvements: Expanded E2E tests to cover more features, such as internal component CRUD. (#4607)
Custom Mobile Warnings and Device View Updates: Added custom warnings for mobile users and refined the device warning views. (#4591, #4610)

⚒️ Fixes

Logout After Email Confirmation: Users will be logged out upon confirming their email if they are already logged in, enhancing security. (#1626)
SPDX Export and Import Issues: Resolved crashes during SPDX export and fixed duplicate component imports. (#1633)
Policy Scan Fixes: Addressed an issue where policy scans would not complete when using certain parts. (#4586)
Ribbon Badge Count Accuracy: Corrected the display of policy counts on ribbon badges. (#1632)
Automation File Naming: Fixed export file names for automation, ensuring consistency. (#4572)
Modal and UI Enhancements: Resolved issues with modals, such as the archive automation modal close button. (#4577)
Playwright and Test Fixes: Updated playwright report issues and SBOM delete tests. (#4605, #4612)
UI Consistency: Addressed alignment, color scheme, and height issues in various components. (#4564, #4595, #4597)

v2.8.8-HotFix

October 17, 2024

🔺 An issue was identified, impacting the automation of supplier additions at version level. This has been fixed in this hot-fix release.

v2.8.8

October 10, 2024

🆕 New Features

Component Insights: Added component insights for better visibility into usage and vulnerabilities (#4496, #4552).
SPDX 2.3 Export: Added export functionality for SPDX 2.3 specification (#1615).
SBOM Download: You can now download the original SBOM.
Slack Notifications: Notifications for failed E2E tests now sent to Slack, with log URLs included (#4547, #4557).
Vulnerability Actions: Updated vulnerability actions for improved workflow (#4561).
JIRA Validation Rule: Added a validation rule for JIRA ticket creation (#4553).
Products Enable/Disable E2E Tests: Added E2E tests for product enable/disable actions (#4556).

🖐️ Enhancements

UI Updates: Improved component and vulnerabilities layout, insights preview, and VEX status (#4523, #4552, #4527).
Component License Tag: Updated license tag for better component identification (#4565).
SBOM Support Status: Added visibility for SBOM-related activities (#1586).

⚒️ Fixes

JIRA Link, Component Card, Sidebar, and Search: Fixed issues with JIRA link, component card display, responsive sidebar, and changelog search (#4541, #4555, #4563, #1563).
SPDX Validation and Repo Key: Resolved SPDX export validation and repo key issues (#1618, #1610).
Miscellaneous Fixes: Addressed sign-up button, E2E label tests, and unit test failures (#4562, #4551, #4549, #4569).

🧹 Clean-ups & Miscellaneous

Code Clean-up: Various clean-ups to improve codebase (#4560).
Export and Test Updates: Fixed export issues and updated specs test actions (#1616, #4571).

v2.8.7

October 4, 2024

🆕 Features and Enhancements:

Refactored the version table and product modal for better structure and performance (#4466, #4475).
Updated the SBOM vulnerability table and optimized API calls like GetOrgName for faster performance (#4463, #4467).
Several user interface improvements, including:
- Refactor of PURL and CPE card (#4500).
- Updated settings header and sidebar with documentation links (#4499, #4529).
- Improved component edit drawer, modal, and search functionality (#4489, #4516).
- Added ShareLynk validation and updated validation messages (#4494, #4513).
- Updated column identifiers and fixed alignment issues in the user table (#4485, #4497).
Enhanced vulnerability state handling and validation, including vulnerability filters and link validation (#4486, #4515, #4540).
Fixed multiple UI bugs related to dark color schemes, product updates, and component state issues (#4490, #4491, #4537, #4539).
Other minor performance improvements and refactors, including E2E tests switched to Linux and improved cron job handling (#4487, #4526).

⚒️ Fixes

Fixed vulnerability scanning failures and PURL validation issues (#1599, #4506).
Resolved bugs like vulnerability expand view, NVD link, and missing dependencies in the version table (#4490, #4524, #4507).
Fixed issues related to FDA compliance support level and security token initialization (#1575, #4525).
Several fixes related to Docker and workflow configurations (#1587, #1588, #1589).
Improved license handling, including case-insensitive search and removed VEX completed check (#1596, #1600).

v2.8.6

September 26, 2024

🆕 Features

Component Library[BETA/NOUI]: Introduced a new component library to streamline UI elements across the platform, enhancing consistency and maintainability.
SBOM Support Enhancements: Updates to the SBOM support query, expanding compatibility and improving query accuracy.
Global Custom Date Input: A custom date input field was introduced for global use, standardizing date selection across multiple features.
Manufacturer Modal Improvements: Added a confirmation modal for archiving manufacturers, improving user interaction with sensitive actions.

⚒️ Fixes

Error Messaging: Enhanced error messages for SVG link issues and unexpected errors during automation rule imports.
Component Support Updates: Fixed issues with support updates, including renaming fields and adding new validation checks to prevent errors.
Vulnerability Page Fixes: Adjustments to vulnerability displays, including showing low severity counts and fixing breadcrumb navigation.
Playwright Test Fixes: Multiple fixes and optimizations for Playwright tests to ensure better CI/CD integration and reduce timeouts.

🖐️ Enhancements

User Interface Updates: Refined UI in several areas, including the general tab, component type fields, and policy violation counts.
Dockerfile and Workflow Optimizations: Updates to Dockerfile and GitHub Actions workflows for better efficiency, including enabling Docker BuildKit.
Search Functionality: Removed prefix search in favor of substring search for better accuracy in results.
Policy and Parts Modal Refactoring: The policy modal and parts modal were refactored for improved usability and performance.

v2.8.5

September 19th, 2024

🆕 Features

Archive Version Preview: Enabled preview of archived versions with necessary changes (#4319).
Automation Import/Export: Implemented automation import/export feature (#4403).
Component Author: Added support for displaying component author information (#1539).
Component PURL & CPE: Added missing PURL and CPE data for components (#4374).
Docker Image Versioning: Created Image-version.yml to track Docker image versions (#1543).

⚒️ Fixes

Search Functionality: Resolved issue where search for check ID was not working (#1531).
Expired Invitations: Fixed handling of expired invitations (#1538).
Internal Component Tagging: Fixed component tagging issues (#1503, #4269).
Supplier Check: Addressed supplier check issue in SBOM (#4392).
Component Version Validation: Resolved validation issues for component versions (#4361, #4398).
Reset Password Page: Fixed reset password link issue (#4397).
Policy View Alignment: Corrected alignment of the policy view (#4356).
SBOM Fixes: Fixed issues in SBOM support table, CPE validation, supplier modal, and details page in customer view (#4372, #4371, #4408, #4393).
Invitation Handling: Resolved additional invitation handling issues (#4395).
Dark Mode Styling: Fixed styling issues in dark mode and license field validation (#4400).
Checks Preview: Fixed logic for previewing checks (#4399).

🖐️ Enhancements

Restart Policy: Updated Docker container restart policy to "always" (#1534).
License Updates: Added updated licenses (#1540).
Progress Bar Styling: Enhanced progress bar styling (#4340).
Component Relation Drawer: Added expand action to the component relation drawer (#4364).
General Styling Updates: Updated styling for the general tab, login/register page, and success messages (#4367, #4346, #4390).
Consolidation & Workflow: Consolidated files and updated workflows accordingly (#1544).
Modal Enhancements: Refined modal consistency and styling (#4410, #4414).
Product Status Modal: Enhanced product status modal functionality (#4421).

v2.8.4

September 12, 2024

🆕 New Features

Added violation count functionality
Implementation of component unsaved warning
Update to VEX status view and global vulnerability UI
Addition of component support tooltip
Update to authentication UI

🖐️ Improvements

Enhanced SBOM (Software Bill of Materials) features:
- Fixed SBOM table spacing
- Updated SBOM general tab layout and styling
- Added info tooltip in SBOM general tab
- Improved SBOM data license modal
Refined component management:
- Updated component end-of-support field
- Refactored component identifier fields
- Enhanced component health score view
- Improved component fields validation
Enhanced product features:
- Fixed product search issue
- Updated product actions preview
Upgraded policy management:
- Updated policy stats color
- Fixed policy count display

⚒️ Bug Fixes

Fixed SVG link issues
Resolved EOL (End of Life) finder problems
Addressed staging errors from demo data
Fixed null copyright value on component creation
Corrected valid expression showing as custom license
Resolved components create function issues
Fixed license update problems
Addressed VEX status modal issues

🖐️ UI/UX Enhancements

Various styling improvements across the application
Fixed compliance card alignment and styling
Refined dashboard stats alignment
Updated progress bar functionality
Implemented dark mode color corrections

🔓 Security and Performance

Updated security tokens with required validation
Upgraded various dependencies for improved security and performance

🔵 Other Changes

Removed SBOM reprocess option from customer view
Removed label option from free tier accounts
Updated free tier limits
Various settings and modal fixes
Environment configuration updates for staging and production

🔺 Known Issues

Product Vuln tab "set status" crashes
In the component Edit tab, if you click save on a component, even if no changes are made, it throws a no-component error.
Ctrl-K search has settings navigations not working correctly.

2.8.0

September 4, 2024

🆕 New Features

Added SSO support (Google & Github)
Introduced request functionality for plan upgrades.
Enabled component-level support information and exposed it on the SBOM support page.
Added new fields and updated views like compliance warning for disabled checks, component copyright field, connection tab renaming, and vulnerability info page redesign.
Improved UI for the SBOM upload modal, label filter dropdown, and compliance drawer.

⚒️ Bug Fixes

Fixed various UI issues, including compliance tab, select styling, component drawer, vex completed filter, SBOM parts UI, policy violation drawer, organization register modal, breadcrumb fetching, product filter in global vulnerability page, component update function, import wizard, overflow issue in component drawer, and more.
Fixed modal behaviors including Add/Edit License, Create Role, Create Token, and settings modals.
Fixed policy stats and SBOM download modal.
Fixed config not saving issue, errors, and orphaned dependencies.
Ensured consistency in documentation.

🖐️ UI Improvements

Enhanced support delete modal, SBOM build drawer, organization table, product label filter, compliance tab design, login page (privacy policy and terms of services), compliance description, and compliance tab with new design.
Improved component dependency view, label dropdown, label filter instructions, product page, and label size.
Refined styling and layout consistency for various UI components.

💡Miscellaneous

Added a flag for invalidating entries in the CPE info table.
Updated the demo name and description.
Refactored component vulnerability scope in the resolver.
Updated staging environment settings and hostnames.
Made modal fixes and other general settings changes.

2.7.9

August 27, 2024

🆕 New Features

Labels [GA]
Free Tier [Beta]
Demo account seed data
Compliance Tab
Component Library alpha (No user-facing data as yet)
AWS marketplace integration alpha

⚒️ Bug Fixes

Limit server log files to 100MB
Various fixes for notifications.
Sanitize and remove bad data from SBOMs.
Refetch refactor in UI, for consistent performance.
Modal consistency fixes.
Tons for additional fixes and consistency improvements.

2.7.8

August 15th, 2024

🆕 New Features

Version Archive Support - Individual versions can now be archived. Archival removes the version from all metrics, vulnerabilities & policies.
Notification Support - We support personal & organization level notification support. Notifications are supported over Email/Slack & Teams. This is an early release; currently we support only Sbom upload/failures & Vuln report scans. More notifications will be added on an ongoing basis.
Labels Support: Products can now be labelled for easy management.

⚒️ Bug Fixes

Permanent fix for Delete Role crash.
Checks does not flag an sbom with a single component with relationship failure.
Text alignment for SBOM Card.
Product Listing fixes a bunch of them.
Version Compare fixes.
Toast bar notification consistency.

2.7.7

August 1st, 2024

🆕 New Features

PURL & CPE vulnerabilities are merged, producing a single list of vulnerabilities by component.
Product Progress Graph [ Demo account only ]

⚒️ Bug Fixes

Compliance score fixes
- Other identifiers now take into account either CPE or PURL
- Comp suppliers accounting issue.
Migration to remove old roles
Fixed permissions wipe out
Invalid PURL crash fix
Updated info tooltips
Google Analytics fixes

PreviousTechnical Support

Last updated 4 days ago