Release Notes
Interlynk's Platform release notes.
v3.3.1
June 12th 2025
๐ Release Highlights
This release focuses on SBOM management improvements, performance optimizations, and enhanced user experience across the platform. Key highlights include the introduction of SBOM draft mode, Automatic Parts Sync, significant performance improvements for component queries, and streamlined PDF export functionality.
โจ New Features
SBOM Draft Mode
Draft Lifecycle Management: Introduced a new 'draft' lifecycle state for SBOMs, allowing users to work on SBOM development before finalizing
Enhanced Preview Experience: Improved visual feedback and preview capabilities for draft mode SBOMs
Conditional JIRA Sync: Added conditional preview for JIRA sync actions to better manage integration workflows
๐ง Performance Improvements
Query Optimization
Component Tab Performance: Optimized component tab queries for significantly better performance
Vulnerability Exports: Added optimized vulnerability queries for both CSV and global exports
Cache-First Policy: Implemented cache-first policy for SBOM components expanded fetching to reduce load times
Reduced API Calls: Minimized redundant API requests during component updates and SBOM update flows
SBOM Management
Automatic Parts Sync: Added automatic SBOM parts synchronization across projects for improved consistency
Streamlined Update Flow: Optimized SBOM update process to trigger only required API calls
๐ Bug Fixes
Access Control & Security
Access Control Issues: Resolved critical access control bugs affecting user permissions
Permission Normalization: Normalized permission names for consistency across the platform
User Authentication: Fixed NoMethodError for ShareUser#generate_jwt functionality
SBOM Operations
Upload Modal: Refactored and fixed multiple issues with SBOM upload modal functionality
Summary Card Logic: Fixed description preview logic in SBOM summary cards
Loader Issues: Resolved SBOM upload loader display problems
Build Refetch: Fixed SBOM build refetch functionality after updates
Delete Refetch: Corrected refetch behavior after SBOM deletion
PDF Export Improvements
Layout Fixes: Corrected layout misalignment issues in SBOM PDF exports
Vulnerability Status: Fixed vulnerability status display in SBOM PDF exports
Attribution Page: Updated both PDF and HTML export template layouts for attribution pages
Component Management
Component Details: Enhanced component details card functionality
Support Modal: Updated component support modal preview based on resolved checks
Query Optimization: Fixed component query requests during component edits
UI Cleanup: Removed OpenSSF scorecard field from component UI for cleaner interface
Policy & Project Management
Global Policy Layout: Improved global policy table layout to prevent overlap issues
Project Settings: Updated project settings with latest parts check functionality
Policy Pages: Added excluded column to product and version policy pages
Project Deletion: Fixed critical project deletion functionality
Automation & Validation
Component Checks: Fixed NoMethodError when automation component checks encounter nil values
Support Level Validation: Resolved 'Actively Maintained' support level validation errors
Priority Determination: Updated system to skip determining priority from severity when appropriate
Organization Issues: Fixed organization deserialize error
๐ Technical Improvements
Modal Refactoring: Comprehensive refactoring of SBOM upload modal for better maintainability
API Efficiency: Reduced redundant API calls across multiple workflows
Error Handling: Enhanced error handling for edge cases and nil value scenarios
Data Consistency: Improved data synchronization and consistency across projects
v3.2.9
June 6th 2025
โจ Highlights
This release brings significant enhancements to the Interlynk Platform with improved performance, new integrations, and enhanced user experience. Key highlights include:
๐ Linear Issue Tracker Integration - Seamlessly connect your vulnerability management with Linear
๐ Enhanced SBOM Scanning - Improved policy, support level, and vulnerability tracking in scan jobs
๐ Smart Notifications - Incremental notifications for policy violations and new vulnerabilities
โก Performance Optimizations - Multiple query optimizations for faster data loading across the platform
๐ New Features
๐ฏ Linear Issue Tracker Integration
Complete Linear integration for streamlined issue tracking
Support for markdown preview in issue descriptions
Generic ticket sync functionality for better workflow management
๐ Enhanced SBOM Capabilities
SBOM Parts in Scan Jobs: Now includes comprehensive policy, support level, and vulnerability data
Component Data Enhancement: Extended support for copying additional fields from primary components
Improved SBOM Comparison: Added end-to-end testing for SBOM comparison workflows
๐ Advanced Notification System
Incremental Policy Notifications: Real-time alerts for policy violations
Vulnerability Notifications: Configurable notification options for new vulnerabilities
Smart Filtering: Enhanced notification management with better targeting
๐ Reporting & Export Improvements
Updated Attribution Reports: New layout for both HTML and PDF export formats
Enhanced Export Performance: Optimized CSV and Excel export functionality
Improved Report Styling: Consistent icon styling and better table formatting
๐ Bug Fixes & Improvements
๐ง User Interface Fixes
โ Fixed package license preview display issues
โ Resolved table overflow problems in version columns
โ Fixed overlapping issues in parts overview cards
โ Corrected component expand view functionality
โ Fixed health map view rendering
โ Resolved attribution report dialog issues
โก Performance Optimizations
Query Optimization: Streamlined multiple database queries across components
Product page labels query optimization
HealthMap query field limiting
Package versions query optimization
Component data query improvements
Component Performance: Enhanced ProductInfo component with optimized state management
E2E Test Optimization: Reduced SBOM components test execution time
๐ ๏ธ Backend Improvements
Migration Fixes: Resolved database migration issues
Policy Logic: Fixed policy rescan functionality
Data Consistency: Improved vulnerability data handling and display
Component Cards: Enhanced performance and readability with better query optimization
๐ฑ User Experience Enhancements
Table Components: Consistent styling across all table interfaces
Vulnerability Displays: Improved popover functionality and conditional severity previews
Modal Improvements: Enhanced policy modal and primary component check modal
Description Handling: Better truncation for component descriptions in summary cards
๐ Technical Improvements
Refactored Components: Multiple component refactoring for better maintainability
Test Coverage: Enhanced E2E test coverage for critical workflows
Code Organization: Improved code structure for license expanded views
Automation Fields: Updated automation action fields with required changes
v3.2.8
May 29th 2025
๐ Highlights
This release brings significant improvements to JIRA integration, enhanced analytics capabilities, and numerous bug fixes to improve platform stability and user experience. Key highlights include bulk JIRA ticket creation, lifecycle filtering for analytics, and Global Package Version Overrides & Management for Attributions.
โจ New Features
๐ Enhanced JIRA Integration
Bulk JIRA Ticket Creation: Create multiple JIRA tickets at once with improved efficiency and user experience
JIRA Sync from Vulnerability Table: Trigger JIRA synchronization directly from the vulnerability management interface
Enhanced JIRA Settings: Updated fields and sync actions with improved configuration options
JIRA Description Field Updates: Better formatting and content for automatically generated JIRA tickets
JIRA Ticket Association Retention: Maintain ticket associations even when SBOM versions are updated
๐ Analytics & Reporting Improvements
Lifecycle Filter for Analytics: Filter analytics data by product lifecycle stage for better insights
Attribution Report Enhancements: New comprehensive attribution reporting capabilities
Enhanced Component Insights: Improved E2E testing and data retrieval for component analysis
๐ง Platform Enhancements
Global Package Version Management: Enhanced package version listing with override capabilities during attribution report generation
Organization Context Sync: Maintain consistent organization context across multiple browser tabs
Component Filter Query Updates: Dynamic component filters that update based on include_parts flag
๐ Bug Fixes
๐ Security & Vulnerability Management
Sharelynk Crash Fix: Resolved critical crash issue on vulnerability page in sharelynk
SBOM Vulnerability Query: Updated to omit retracted entries by default for cleaner results
Vulnerability Links Preview: Fixed parts vulnerability links preview functionality
๐ฅ๏ธ User Interface Improvements
Support Status Selection: Fixed support status selection behavior on tab changes
Product Tab Switching: Resolved onChange handler issues for seamless tab navigation
Settings Dropdown: Fixed dropdown preview behavior on page refresh
Policy Violation Drawer: Updated preview functionality for better user experience
Logs Column Preview: Fixed logs changed by column preview display
๐ฆ Package & Component Management
Default Sorting: Improved default sorting in package version global listing
Package Override Modal: Enhanced UI and code improvements for better usability
Attribution Report Bulk Selection: Fixed bulk source select preference handling
License Data Validation: Enhanced license data validation with better expression handling
๐ง System & Performance Fixes
API Optimization: Removed unnecessary JIRA API calls from customer view for improved performance
Bitbucket Integration: Removed bitbucket from user integrations as part of cleanup
Component Filter Updates: Enhanced component filter query to properly retrieve parts data
Error Message Improvements: Updated error messages for better user understanding
CI Fixes: Resolved failing specs in continuous integration pipeline
Field Ordering: Fixed ordering for updated_at field across various components
v3.2.7
May 23rd 2025
Highlights โจ
๐ง Enhanced JIRA Integration - Added environment-level default fields configuration for streamlined workflow management
๐ Advanced Dashboard Filtering - New version lifestage filter support with improved product progress metrics visualization
๐ Resolved Vulnerability Count Issues - Fixed incorrect vulnerability calculations in dashboard analytics for accurate reporting
๐จ Refreshed User Interface - Updated authentication layout, icons, and product settings for better user experience
โก Performance Optimizations - Code refactoring and query optimizations across components for improved platform efficiency
๐ฏ New Features
JIRA Integration Enhancements
๐ง Environment-Level Default Fields: Added support for configuring default JIRA fields at the environment level, streamlining issue creation workflows
๐งช Enhanced E2E Testing: Comprehensive end-to-end test coverage for JIRA integration flows
Dashboard & Analytics Improvements
๐ Version Lifestage Filtering: New dashboard filter support for version lifestage management
๐ Product Progress Metrics: Restructured and improved product progress overview with better metrics visualization
๐ Parts Overview Enhancement: Enabled parts overview cards across all dashboard tabs
Component Management
โ๏ธ Enhanced Component Editing: Added edit functionality for parts components with improved usability
๐ Latest Version Display: Component tables now display the latest version information for better visibility
๐๏ธ Improved Visibility: Adjusted vulnerability component columns for enhanced readability
User Interface Enhancements
๐จ Refreshed Authentication Layout: Updated authentication page design for better user experience
๐ฑ Product Automation UI: Enhanced product automation interface and changelog table presentation
๐ฏ Updated Icons: Refreshed icon set throughout the platform
๐ PDF Layout Optimization: Improved product progress PDF generation with better layout and structure
๐ง Custom Components: New reusable separator component for consistent UI elements
โ๏ธ Settings Layout: Updated product settings interface for improved navigation
๐ Bug Fixes
Vulnerability Management
๐ข Fixed Vulnerability Counts: Resolved incorrect vulnerability count calculations in dashboard analytics
๐ SBOM Vulnerability Status: Updated vulnerability run status to properly display in-progress state on SBOM pages
๐ Vulnerability Resolution: Fixed issues with vulnerability resolution workflows
Data Import & Processing
๐ SPDX Import Fix: Resolved SPDX import functionality issues
๐ SBOM Request Validation: Fixed SBOM request messaging when product name or version information is missing
๐ Lifecycle Modal: Fixed SBOM lifecycle modal incorrectly saving cleared date values
Configuration & Validation
โ Address Validation: Added proper validation for configuration addresses before form submission
๐ Slack Notifications: Fixed internal Slack notification delivery issues
User Interface Fixes
๐ SBOM Comparison: Updated SBOM comparison UI feedback and conditional rendering logic
๐งช E2E Component Tests: Fixed E2E test reliability for component insights rendering
๐ง Technical Improvements
Code Quality & Performance
๐๏ธ Code Structure Refactoring: Improved code structure and readability across multiple components
โก Query Optimization: Optimized attribution report queries with improved state management and code reuse
๐งน Component Restructuring: Enhanced component architecture for better maintainability
v3.2.5
May 16th 2025
Highlights โจ
Attributions Reports [Alpha Feature]
Basic Progress Reports
Notifications for Critical Vulnerabilities
Jira custom fields Support.
New Features ๐
SBOM & License Management
๐ Added support level metrics to SBOM GraphQL type [#2239]
๐ Added expression filter to licenses resolver [#2246]
๐ Implemented fixes for SPDX license import [#2234]
๐พ Improved dependency storage with unique deps feature [#2233]
JIRA Integration
โ๏ธ Added support for custom JIRA fields [#2229]
๐งฉ Implemented custom JIRA fields with UI improvements [#6323]
๐ ๏ธ Fixed JIRA component field functionality [#6362]
Analytics & Reporting
๐ Implemented Basic analytics reporting [#6250]
๐ Added ability to export attribution reports [#6329]
๐ Improved product progress report PDF export with charts and better layout [#6357, #6358]
๐จ๏ธ Enhanced attribution report export with license text [#6356]
System Improvements
๐ Added support status scan to change log [#2240]
๐ Added notice field to component model and mutations [#2242]
๐ Added support scan logging in system logs [#2243]
๐ Added logging for support level field changes [#2244]
๐จ Fixed email saving functionality [#2250]
๐ Added filters to project_groups field [#2232]
UI Enhancements
๐จ Updated product labels card preview [#6328]
๐ผ๏ธ Updated icons for better visual consistency [#6270]
๐งฉ Implemented conditional preview logic for part info cards [#6307]
๐ฏ Updated compliance logo to match consistent design [#6347]
๐ Updated Product Progress UI with fixes and improvements [#6352]
๐ Updated EPSS, CVSS and CWE preview on vulnerability details page [#6354]
Bug Fixes ๐
Notifications & Alerts
๐ Fixed notifications not being sent for newly matched vulnerabilities [#2241]
โ Added validation for Slack and Team webhook URLs [#6343]
๐ Updated custom toast icons [#6338]
UI & Display Issues
๐ฅ๏ธ Fixed incorrect affected products in vulnerability view [#6325]
๐ Fixed half-circle icon display for unspecified VEX status [#6335]
๐ Fixed version table rendering in customer view [#6339]
โ Fixed VEX status form validation [#6337]
๐ Adjusted column width for vulnerability status [#6336]
๐ Fixed part info cards alignment [#6348]
๐ข Fixed pagination issue in support status table [#6363]
๐ท๏ธ Added None type to severity tag component [#6365]
๐ Fixed custom vulnerability search function [#6366]
License Management
๐ Fixed license list display [#2249]
Testing & Quality Improvements ๐งช
โ Added E2E test for version lifecycle update flow [#6340]
โ Fixed SBOM upload E2E test [#6353]
๐ Refactored JIRA config modal for better performance [#6324]
v3.2.2
May 8th 2025
๐ Highlights
GraphQL Subscriptions: Added support for GraphQL subscriptions using ActionCable for real-time updates
Automation Improvements: Introduced ability to copy version details from primary components
UI Enhancements: Standardized selection fields with LynkSelect throughout the platform
Performance Optimization: Improved component rendering to avoid unnecessary queries
๐ New Features
Component Management
โจ Added support to copy version from primary component (#6289)
๐ Setup code for GraphQL subscriptions using ActionCable (#2207)
๐ Updated parts overview card with new design changes (#6300)
๐งฉ Replaced scope dropdown with LynkSelect in component details (#6277)
User Experience
๐ Standardized selection fields in Product Settings with LynkSelect (#6278)
๐ Added navigation support to product from global vulnerability view (#6318)
๐พ CSV export now persists selected column configuration with sessionStorage (#6302)
Vulnerability Management
๐ Added internal notes to vulnerability CSV export (#6290)
๐ Included status fields in vulnerability CSV export (#6305)
๐ Bug Fixes
UI & Layout
๐ง Fixed UI overlap in Add Component Modal (#6282)
๐ Fixed parts tooltip issue in vulnerability table (#6280)
๐ง Fixed VEX status layout and UI consistency issues (#6319)
๐ง Fixed alignment for icon and status in vulnerability status import (#6322)
๐ง Fixed component tree view (#6303)
Component Functionality
๐ ๏ธ Fixed component scope update issue (#6281)
๐ ๏ธ Fixed CWE list preview (#6291)
๐ ๏ธ Fixed CWE field preview when data doesn't exist (#6299)
๐ ๏ธ Disabled Scope Field in Component view for ShareLynk (#6283)
ShareLynk
๐ง Resolved SBOM components query failure in ShareLynk (#6274)
Integrations
๐ Fixed Github connection card (#6316)
Data Management
๐ง Fixed multiple license submissions with loading state (#6310)
๐ง Fixed support CSV export (#6315)
Testing
โ Fixed e2e tests for product settings and support status (#6288)
โ Added E2E test for component notes and license status (#6317)
๐งน Code Improvements
๐ Modified logic for env based on aidash dev workflow (#2231)
๐งน Removed duplicate utility functions (#6273)
๐งน Component Notes Logic Cleanup (#6279)
๐งน Removed supplier details from parts table (#6298)
๐งน Conditionally render ProductGraphs to avoid unnecessary queries (#6272)
v3.2.1
May 2th 2025
โจ Highlights
Enhanced Webhook Functionality: Added PullRequestCreated and PullRequestUpdated triggers to expand integration capabilities
Improved Performance: Refactored database queries and component vulnerabilities import service for better efficiency
UI Improvements: Refreshed global search bar with new designs and enhanced dashboard experience
๐ New Features
Backend Enhancements
๐ Added vulnerability_id and environment filter to ProjectsResolver
๐ท๏ธ Added component_support_level field to query type
๐ Using source branch name as version name for better traceability
๐ Added GitHub token for staging environment
Frontend Improvements
๐ Added parts overview section with new cards for better component visualization
๐๏ธ Added reusable delete confirmation component for list items
๐พ Implemented dashboard card state persistence using localStorage
๐ Added async product search filter to global vulnerability view
๐ Added refresh action to policy table
๐ Bug Fixes
Backend Fixes
๐ง Fixed incorrect number of 'unspecified' items
๐งน Refactored component vulnerabilities import service
๐๏ธ Optimized database queries for efficiency
๐๏ธ Improved record removal functionality
Frontend Fixes
๐จ Fixed global license table header
๐ฏ Fixed drag and drop issue for dashboard cards
๐ Fixed global vulnerabilities search
๐งฉ Fixed support analysis function
๐ฅ Updated support CSV download function
๐ Fixed analytics filter logic
๐ Fixed support status E2E test
๐ Fixed component link test
๐ Fixed CPE Editor autocomplete disappearance issue
๐ Fixed ShareLynk vulnerability links
๐ญ Fixed component filters incorrect query
๐ Fixed support table preview
๐ Fixed error when downloading SBOM excel sheet
๐ง Fixed status update issue for parts vulnerability
๐ Fixed component license update issue
๐ ๏ธ Fixed admin navbar overlap issue
๐ผ๏ธ Fixed component insights display issue
๐๏ธ Fixed support status not displaying in SBOM support status tab
UI Improvements
๐จ Removed unused assets to optimize project size
๐จโ๐ป Updated executive dashboard with new changes
๐ง Adjusted save pending alert position in component identifiers
๐ Updated vulnerability table styling
๐ Refactored global vulnerability table
๐จ Enhanced sidebar and breadcrumb with subtle colors and better interaction
๐งน Updated admin navbar styling
๐ฏ Implemented outline icons globally
๐ Refactored SBOM component table layout
๐ฑ Improved initial loading experience after login
v3.1.9
April 17th 2025
Interlynk Platform Release v3.1.9 ๐ฆ
Release Highlights โจ
This release introduces several improvements to the Interlynk Platform, focusing on enhanced filtering capabilities, better label management, and improved user experience across various components. Key highlights include:
๐ท๏ธ Bitbucket Project Label Support - Integration of Bitbucket project information as labels
๐ Product Lifestage Filtering - New filtering options at version level
๐ ๏ธ SBOM Download Improvements - Added support status parameters
๐ Health Score Calculations - Refactored to handle "NA" values properly
๐งน UI/UX Improvements - Multiple usability and interface enhancements
New Features ๐
Label Management
๐ท๏ธ Added Bitbucket label handling to repository service and data migration (#2173, #6118)
๐ Refactored global label filter for improved performance (#6154)
โ๏ธ Enhanced label delete flow with a toast message for better feedback (#6172)
Filtering & Export
๐ Added lifestage filter at version level (#2165)
๐ Enabled product lifestage filter throughout the application (#6053)
๐ Added include_support_status argument to SBOM download (#2179, #5977)
๐ Updated Component CSV Export with correct data and missing fields (#6113)
๐ Added Part column to vulnerability CSV export (#6165)
UI Enhancements
๐ Made product description expandable for large content (#6128)
๐จ Implemented row highlight on hover for better table navigation (#6110)
๐ Updated organization activity cards layout (#6140)
๐ Fixed component insights preview (#6171)
Bug Fixes ๐
UI Fixes
๐ง Fixed graphql warnings (#2181)
๐ง Fixed global vulnerability sorting issues (#2192)
๐ง Fixed Jira users listing (#2193)
๐ง Fixed Product Group Breadcrumb Duplicates (#6108)
๐ง Fixed Vulnerability Links UI Jump and Button Disable Logic (#6114)
๐ง Fixed CWE list to display 'N/A' when invalid CWE values are present (#6115)
๐ง Fixed username preview (#6120)
๐ง Fixed component health score issue (#6152)
๐ง Fixed shared component table with part details (#6161)
๐ง Fixed SBOM actions spacing (#6167)
๐ง Added null check to prevent crash in expandable text component (#6149)
Functional Fixes
๐ง Refactored health score calculations to handle "NA" values (#2188)
๐ง Fixed custom vulnerability create function (#6138)
๐ง Fixed assessment expire field (#6153)
๐ง Fixed global vulnerability edit permission for non-admin users (#6162)
๐ง Fixed Export to only include Part name in Vulnerability CSV Export (#6176)
Code Improvements ๐งฐ
Component Refactoring
๐งฐ Improved connection card component code (#6112)
๐งฐ Made Delete Button reusable and consistent across app (#6100)
๐งฐ Cleaned up Config modal component and improved code structure (#6123)
๐งฐ Refactored support and users data export mapping for improved clarity (#6130)
๐งฐ Improved SBOM support card component code (#6136)
๐งฐ Refactored Edit Button Component for reusability and consistency (#6129)
๐งฐ Refactored SBOM alternatives drawer (#6139)
๐งฐ Refactored global policy table (#6150)
Testing Improvements
๐งช Fixed Labels E2E tests (#6119)
๐งช Optimized Security Token CRUD E2E Test Time (#6124)
๐งช Fixed role E2E test (#6125)
๐งช Fixed product label E2E test (#6126)
๐งช Updated GitHub actions schedule timing for playwright tests (#6145)
Security & Dependencies
๐ Bumped serialize-javascript from 6.0.1 to 6.0.2 (#6117)
๐ฆ Updated all patch-level dependencies to latest versions (#6104)
v3.1.7
April 10th 2025
๐ Highlights
Interlynk Platform v3.1.7 brings significant improvements to the user interface, vulnerability management, and SBOM functionality. This release focuses on enhancing the overall user experience with the introduction of LynkSelect components across multiple features, improved CSV export capabilities, and several critical bug fixes.
โจ New Features
UI Enhancements
LynkSelect Implementation ๐จ
Replaced standard select components with LynkSelect in multiple areas:
Vulnerability Edit Links (#6038)
Support Status Bulk Edit (#6040)
Relationship Drawer (#6024)
Automation Rule Conditions (#6056)
Enhanced CSV Export with Add/Remove All Columns functionality (#6059)
Updated action buttons in Component Links and Relationships Edit (#6058)
Vulnerability Management
Advisory System Improvements ๐
Added new drawer for vulnerability advisory list (#6065)
Updated vulnerability expand view with advisory list (#6107)
Fixed advisory link issues (#6083)
Updated vulnerability information for non-CVE entries (#2170)
SBOM Enhancements
Component Information Access ๐ฆ
Added SBOM Component PURL and CPE Modals in Customer View (#6079)
Implemented copy to clipboard functionality for CPE and PURL (#6095)
Improved Archived SBOM list drawer component and query (#6063)
Refactored SBOM details component for better performance (#6077)
Support Status Management
Support Status Workflow ๐
Updated component support status system (#2166)
Fixed support status update logic (#6066)
Added conditional preview for product label filter (#6075)
Backend Improvements
Security Updates ๐
Updated OSV client (#2169)
Fixed policy failures (#2175)
Updated vulnerability information query (#2176)
๐ Bug Fixes
UI Fixes
Fixed layout issues in policy conditions section (#6057)
Resolved CVSS Vector display issues in main view (#6061) and customer view (#6078)
Fixed UI breaking issue in customer view vulnerabilities (#6076)
Corrected version data display in support status expanded component (#6067)
Fixed incorrect rendering of policy condition fields (#6096)
Removed accessibility warnings for improved compliance (#6097)
Functional Fixes
Fixed validation for community count thresholds (#6062)
Corrected support status drawer with required changes (#6060)
Fixed support status preview (#6074)
Resolved component link and relationship CRUD functionality E2E tests (#6082)
Fixed support expand view (#6084)
Corrected License Expression in SBOM License CSV Export (#6085)
Fixed Support Level data in SBOM Support Status CSV Export (#6087)
Fixed UI break in Vulnerability CWEs List when no data is present (#6103)
Corrected typo in email connections description (#6109)
Fixed rendering issues in policy and automation fields (#6111)
Fixed CWE link in vulnerability expand view (#6088)
Fixed vulnerability advisory link preview (#6094)
๐ง Other Improvements
Refactored Bitbucket Config Modal for optimizations (#6064)
Removed support action and filters from component table (#6081)
Updated seed data (#2171)
Updated CSV export fields and headers for Support Status (#6102)
v3.1.6
April 4th 2025
Release Highlights โจ
Enhanced Vulnerability Management: Added support for CWE & Advisories persistence, improved NVD client implementation, and custom vulnerability handling
Improved UI Components: Integrated LynkSelect across multiple platform areas for better user experience
Lifecycle Support: Implemented SBOM lifecycle for dashboard based on project and enabled lifecycle support at the version level
Performance Optimizations: Refactored package lookup and storage logic to use normalized PURL format
New Features ๐
Backend Improvements
โ Added NVD client implementation
โ Added support for webhook secrets
โ Implemented bulk create and update capabilities for support levels
โ Added SBOM lifecycle for dashboard based on project
โ Implemented license notification on license components
โ Refactored package lookup and storage to use normalized PURL format
UI Enhancements
โ Refactored SBOM vulnerability table
โ Integrated LynkSelect across multiple UI components:
Support Checks
Upload Modal
Life Stage Modal
Component Support
Component Relations
Request Accept Modal
Role Deletion
Links Edit
Policy Rule Modal
PURL Editor
Switch Environment Modal
Custom Vulnerability Modal
License Status Drawer
Pagination Select
โ Updated support status check form
โ Updated assessment expiration field
โ Enhanced product and version tables
โ Added dashboard card for version lifestage
โ Improved component links preview
Bug Fixes ๐
Backend Fixes
โ Fixed NVD client issues
โ Fixed rubocop job
โ Fixed EPSS KEV job
โ Fixed vulnerability metrics to consider environment
โ Fixed issues with custom vulnerabilities
โ Removed bad data affecting system performance
UI Fixes
โ Fixed component links preview
โ Fixed automation, license and health permissions
โ Fixed version breadcrumb
โ Fixed request table actions
โ Fixed CSV download bug - properly handling comma in strings
โ Fixed version lifestage API call
โ Fixed component relationship E2E tests
โ Fixed breadcrumbs layout issue for product and version name
โ Fixed SBOM license update issue
โ Fixed bulk VEX update with required validation
โ Fixed user details modal
โ Fixed vulnerability severity graph
Other Improvements ๐ง
โ Updated Ruby gems
โ Added new test for organization score settings
โ Added new test for component support status
โ Added conditional preview for product label card
โ Truncated long descriptions from vulnerability info page
โ Added retries and updated timeout for E2E tests
โ Disabled CSV download when no columns are selected
v3.1.5
March 27th 2025
Interlynk Platform Release v3.1.5
๐ Highlights
Enhanced Component Management: Improved SBOM vulnerability component code and refactored component links for better performance
Enrich Java Packages: Enrich java components from maven central.
Bitbucket: Support Searching & Pagination.
Security Enhancements: Added KEV details for CSV exports from Vulnerabilities
Performance Optimizations: Optimized E2E tests by reusing authentication state
Backend Improvements: Added cron job for cleaning up webhook events
๐ New Features
Backend Enhancements
โจ Add cron job for cleaning up webhook_events (#2104)
โจ Feature/enrich maven (#2128)
โจ Add pagination support for bitbucket repositories (#5908)
โจ Update age score limit (#5936)
โจ Add KEV details for CSV Export from Vulnerabilities (#5955)
UI/UX Improvements
โจ Create Reusable ToggleVisibilityButton for Password Fields (#5921)
โจ Integrate LynkSelect in Config Modal (#5926)
โจ Integrate LynkSelect in Invite User Modal (#5927)
โจ Integrate LynkSelect in License Modal (#5932)
โจ Add loading indicator for license creation and update process (#5937)
โจ Integrate LynkSelect in Edit Custom Vulnerability Drawer (#5966)
โจ Integrate LynkSelect in Change Role Modal (#5967)
โจ Integrate LynkSelect in Vulnerability Custom Field Modal (#5968)
โจ Update bitbucket icon (#5947)
๐ Bug Fixes
Security Fixes
๐ Support deprecated flag for cpe & remove from CPE autocomplete (#2137)
๐ Remove token create permission from user level (#5956)
๐ Fixed viewer role permissions (#5976)
Component Management
๐ ๏ธ Improve SBOM Vulnerability Component Code (#5917)
๐ ๏ธ Fixed component tag in SBOM license table (#5930)
๐ ๏ธ Update the logic for previewing End-of-Support field (#5928)
๐ ๏ธ Refactor SBOM archived check logic for reusability (#5933)
๐ ๏ธ Fixed component actions preview (#5952)
๐ ๏ธ Refactor Component Links (#5957)
๐ ๏ธ Refactor SBOM component table (#5961)
๐ ๏ธ Fixed component relation preview logic (#5979)
User Interface
๐จ Hide Component Support Filter for Free Tier and Customer View (#5918)
๐จ Fix Policy CRUD E2E tests (#5920)
๐จ Fixed routes flag hook (#5941)
๐จ Update toast message for component creation (#5943)
๐จ Fix License Modal Bug and Refactor Code (#5946)
๐จ Fixed ENV filter styling on vulnerability page (#5962)
๐จ Remove version search field from SBOM details page (#5964)
๐จ Update column sizing in custom vulnerability table (#5975)
๐จ Fixed misc styling issue (#5980)
Performance & Optimization
โก Handle exceptions with specific error logging (#2139)
โก Refactor RepositoryConnection code to get value of total_count (#2126)
โก Remove unused components (#5923)
โก Remove org connection API call from customer view (#5929)
โก Cleanup unused queries (#5931)
โก Refactor request modal (#5938)
โก Remove licenseAutoComplete API call from customer view (#5939)
โก Add conditional preview for global vuln filters (#5940)
โก Refactor vuln product drawer (#5942)
โก Refactor component links tab (#5944)
โก Cleanup Unused Utility Functions (#5950)
โก Optimize E2E Tests by Reusing Auth State (#5948)
โก Update Patch Dependencies (#5958)
โก Optimize SBOM Request E2E Test (#5959)
โก Optimize Policy CRUD E2E Test (#5960)
โก Optimize Support CRUD E2E Test (#5970)
โก Fix and Optimize License E2E Test (#5971)
v3.1.3
March 20th 2025
๐ฏ Highlights
React 18 Upgrade: Major frontend framework upgrade from React 17.0.2 to React 18.3.1
UI Enhancements: LynkSelect integration across multiple components
Improved Component Management: Bulk edit support status across versions/parts
Enhanced Analytics: Executive dashboard improvements
BitBucket: New webhook events now supported.
โจ New Features
User Interface Improvements
๐ Added Executive Dashboard card for number of SBOMs in specific lifecycle
๐ Implemented search functionality to RepositoriesConnection and updated query type
โจ๏ธ Added Kbar shortcut from Policy Details page and improved navigation
๐ Integrated LynkSelect in multiple components:
Component Add Modal and related fields
Build version drawer
Vulnerability status component
VEX modal component
Policy modal dropdowns
Repository Management
๐๏ธ Implemented Bitbucket repository deletion service
๐ Support for PullRequestMerged event with environment and version generation
Component Management
โ Added ability to bulk edit component support status across versions/parts
๐ท๏ธ Added internal tag to the support status drawer
๐ Refactored component relationship drawer with reusable component
๐ Bug Fixes
UI and User Experience
๐ Fixed header alignment in vulnerability table
๐ญ Fixed VEX custom field validation
๐ Fixed UI crash on User Role Delete modal
โฌ Updated dark mode color for regex highlighter
๐ Fixed incorrect theme for calendar field
๐ Adjusted column widths in license table to improve readability
๐ Fixed System Log visibility issue
โ Added loader to Role Delete Modal
๐ Fixed pagination item count in Global Vulnerability Affected Products
Data Management
๐ค Fixed export functionality for searched users and user lists
๐งฉ Fixed support level with NA disappearing when sorting
๐ง Fixed email retention issue on login
๐ Updated support CSV export with part information
๐ Enabled filters during user export
๐ Updated column order for support status export
๐ Added sorting for support end date and support level
๐ Fixed analytics to zero-out data when not available
๐ซ Removed assessment expiration when no longer maintained
๐ Removed assessment expiration from support bulk edit
Backend Improvements
๐ง Refactored Packages processor for improved PURL handling
๐ ๏ธ Fixed GitHub update job
๐ Updated repositories job
๐๏ธ Fixed migration issues
๐ Fixed project vulnerability metrics
๐ Fixed indexes on component support override
E2E Tests
๐งช Fixed SBOM E2E tests
๐งช Fixed SBOM General tab Author E2E tests
๐งช Fixed SBOM Components E2E tests
๐งช Fixed SBOM Vulnerabilities E2E tests
Technical Debt & Maintenance
๐งน Removed unused components
๐ Updated patch versions for dependencies
๐ Updated minor versions for dependencies
๐ Added ESLint rule to prevent direct drawer imports
๐ Refactored Configuration Modal and removed redundant code
๐ Updated jspdf to the latest version
๐ Updated apollo-upload-client to the latest version
๐ง Improved SBOM Components code
v3.1.2
March 12th 2025
Minor release to fix crashing job process.
v3.1.1
March 11th 2025
๐ Highlights
This release brings significant improvements to component support management, enhanced SBOM capabilities, and new integrations with source code management tools. We've also made the user interface more intuitive and fixed several important bugs to ensure a smoother experience.
๐ New Features
๐ Component Support Management
โ Bulk Update Support Status - Update multiple components at once to save time
๐ฅ CSV Export with Support Details - Export all your component support data including parts support level
๐๏ธ Assessment Expiration Dates - Assessment expiration days now converted to specific dates for clarity
๐ท๏ธ Improved Support Status UI - Clearer icons, tooltips, and visual indicators
๐ Source Code Integrations
๐งฉ Bitbucket Integration - Full Bitbucket configuration interface with webhook support
๐ Enhanced Repository Connections - Improved GitHub connection handling
๐ Webhook Improvements - More reliable event handling for source code changes
๐ฅ User Management
๐ User CSV Export - Export user information to CSV for external reporting
โฑ๏ธ Improved Invitation Flow - Added loading indicators when managing user invitations
๐ Enhanced User Table - Fixed display issues in the user management interface
๐ฑ Organization User Pagination - Better handling of large user lists with pagination
๐ SBOM Enhancements
๐ Comparison Layout Improvements - Clearer visualization when comparing SBOMs
๐ฑ๏ธ Drag and Drop Upload - Enhanced SBOM upload with full-screen drag and drop support
๐ Auto-Archive for Ready Status - Automatic archiving when SBOM reaches ready state
๐งฐ Updated SBOM Info Card - Clearer information display on the tools page
๐ง Enhancements
๐ซ User Interface Improvements
๐จ Standardized Table Layouts - Consistent design across product details and changelog views
๐ Refactored Filter Components - More intuitive filtering across all tables
๐ Fixed Text Cropping - No more cut-off text in version tables
๐ท๏ธ Required Field Indicators - Clear marking of required PURL fields
๐ข Better Pagination - Hide controls when not needed and show total item counts
๐ก๏ธ Vulnerability Management
๐ฏ Direct Only Filtering - New filter option for component and vulnerability tables
๐ Impacted Products View - See all affected products in Global Vulnerability View
๐ Dashboard Status Counts - Fixed vulnerability severity status counts on dashboard
๐ Expanded View Improvements - Integrated detail components for better information display
โก Performance Optimizations
๐ Lazy Loading in Dropdowns - Faster loading in Tools Product List
โ๏ธ License Loading Optimization - More efficient license processing
๐ Improved Memory Management - Better application performance and stability
๐ Enhanced Database Connections - More reliable database operations
๐ Bug Fixes
๐ ๏ธ SBOM Status Issues - Fixed SBOM not ready state when vulnerability scan is disabled
๐ SBOM Comparison - Resolved runtime errors in comparison functionality
๐ Search Shortcut - Fixed disappearing search shortcut bug
๐ VEX Status History - Fixed data display issues in vulnerability status history
๐ท๏ธ Component Support Tags - Fixed run status indicators
โ๏ธ Email Configuration - Improved validation for email settings
๐ค Author Creation - Fixed issues with creating new authors
๐ Repository Connections - Resolved issues with Bitbucket integration
๐ System Improvements
๐ Enhanced Logging - Better system logging capabilities
๐ Code Quality - Added ESLint rules to restrict console logs
โ๏ธ Email Security - Updated email validation for better security
๐ Monitoring Enhancements - Improved error handling and system monitoring
v3.1.0
Release Error
v3.0.9
Feb 27th 2025
๐ฅ Highlights
๐ Dependent Auto-Completion in CPE Editor โ Improves accuracy and efficiency.
๐ Major Refactoring โ Multiple drawers now use LynkDrawer for a more consistent UI.
๐ Enhanced Analytics & Metrics โ Process execution time, Patch Velocity updates, and improved component expand view.
๐จ UI/UX Improvements โ New severity & EPSS styling, input field theme updates, and better support for different viewports.
๐ Security & Compliance โ Fixes to login notification handling, email verification, and product lifecycle tracking.
๐ข Notifications & Reports โ Improvements in product notifications and report notification cleanup.
โจ New Features & Enhancements
โ CPE Editor Auto-Completion โ Dependent fields now auto-complete based on previous values. [#5660]
โ System Logs with Execution Time โ Added process execution time tracking. [#5668]
โ Product Auto-Archive Feature โ New settings introduced for auto-archiving inactive products. [#5686, #2012]
โ Enhanced Rule Import โ Drag and drop works across the entire screen with improved stability. [#5679]
โ Kbar Navigation Enhancements โ New route flags added from the Vulnerability Details page. [#5683]
โ Support Tab Updates โ Now includes required information for better insights. [#5698]
๐ UI & UX Improvements
โ LynkDrawer Refactor โ Standardized UI for multiple drawers,.
โ Analytics Page Optimization โ Improved layout for different viewports. [#5687]
โ Severity & EPSS Styling Updates โ Better visual cues for security issues. [#5688]
โ Scrollbar Hidden in LynkDrawer โ Provides a cleaner look. [#5674]
โ Updated Component Expand View โ Now includes support details. [#5670]
โ Reordered Product Settings Tags โ Improves accessibility. [#5707]
โ Support Status Drawer Enhanced โ Additional details added. [#5725]
โ Compliance Card Styling Fixes โ Ensures consistent appearance. [#5694]
โ Updated Component Version Column โ Added required spacing for better readability. [#5696]
๐ Bug Fixes
โ Forgot Password Link Alignment โ UI fix for better visibility. [#5661]
โ Fix PURL and CPE Preview Tag Issues โ Ensures correct tag rendering. [#5671]
โ Fix UI Breaking in Component Support Modal โ Prevents layout issues. [#5672]
โ Fix Security Tokens, Roles & Internal Components Alignment โ Ensures proper display. [#5723]
โ Fix Patch Velocity Metrics โ Now zeroed out like other metrics. [#5708]
โ Fix Support CSV Export โ Resolves incorrect exports. [#5709]
โ Fix Login Notifications โ Now triggers only for actual user logins. [#2027]
โ Fix Filter for Multiple Fields in Labels โ Improves accuracy. [#2015]
โ Prevent Forgot Password Email Bombing โ Strengthened security. [#1996]
โ Fix Disabled Products in Lifecycle Calculations โ Improves lifecycle tracking. [#2014]
v3.0.8
Feb 20th 2025
๐ Highlights
Performance Improvements: Optimized various API queries, reducing redundant calls and improving dashboard performance.
Enhanced SBOM Actions: Added support for SBOM actions mutation and refined SBOM upload and comparison.
Component Support Level: Full Support for component level support.
Policy & Compliance Updates: New filters for policy details and global policy lists.
GitHub Integration: Improved GitHub client functionality and token handling.
๐ New Features
License Status Update: Added the ability to update
license_statuson components. (#1945, #5564)Global Policy Filters: Introduced filters to refine policy searches. (#1962, #5574)
SBOM Actions Mutation: Added mutation support for SBOM actions. (#1988)
Support Level Download API: Implemented an API for downloading support levels. (#1974, #5618)
Re-run Support Analysis: Added a new action for rerunning support analysis. (#5642)
๐ ๏ธ Bug Fixes
SBOM Upload & Processing:
Fixed end-to-end (E2E) test issues with SBOM uploads. (#5593, #5644)
Corrected repository lookup logic. (#1984)
Fixed invalid SBOM notification update count. (#1986)
Dashboard & Vulnerability Fixes:
Resolved double vulnerability severity counting. (#1980)
Fixed vulnerability lookup form and styling. (#5603, #5612)
Optimized vulnerability query execution. (#5598, #5605)
UI & UX Improvements:
Standardized combo-box styling. (#5650)
Improved component insights and support preview. (#5610, #5611)
Fixed various layout and styling inconsistencies. (#5612, #5614, #5633, #5655)
Policy & Compliance Fixes:
Fixed typo in policy conditions component. (#5607)
Refactored policy creation modal. (#5604)
Updated policy result queries for efficiency. (#5599)
๐ Performance Improvements
Optimized API Calls:
Reduced product stage API calls from 7 to 1. (#5588)
Optimized vulnerability severity API calls from 5 to 1. (#5589)
Streamlined environment total counts API. (#5651)
Improved SBOM comparison query execution. (#5649)
Refactoring & Cleanup:
Removed unused imports, hooks, and components. (#5594, #5656, #5657)
Introduced a reusable
fetchNodesutility function. (#5638)Enhanced vendor root path validation with regex matching. (#5634)
v3.0.7
Feb 13th 2025
๐ Highlights
Major refactoring and optimizations across SBOM components and compliance modules.
Enhanced UI components with improved styling and usability.
Introduced new policy violation page and lifecycle stage updates.
Improved support for free-tier users with updated dashboards and feature restrictions.
โจ New Features
Reusable UI Components: Created reusable divider, drawer, and label components for better UI consistency. (#5507, #5540, #5541)
Policy Violation Page: Added a dedicated policy violation page with required details. (#5518)
Executive Dashboard Enhancements: Introduced new filters for better dashboard analytics. (#5539)
Improved Component Notes Drawer: Implemented the Components Notes Drawer using
LynkDrawer. (#5554)Global Variables: Added global lists for severity levels and VEX types. (#5567, #5572)
New Lifecycle Stage: Added a new product lifecycle stage for better categorization. (#5552)
๐ ๏ธ Bug Fixes
Fixed crash when API returns null for license autocomplete. (#5517)
Fixed UI crash when switching tabs after expanding policy table. (#5521)
Fixed incorrect count of products in 'None' lifecycle stage. (#1960)
Fixed failing SBOM build and changelog E2E tests. (#5551, #5553)
Fixed error 500 on re-running automation. (#1956)
Fixed organization and product E2E tests. (#5550, #5569)
Fixed empty graphs, updated formulas, and stylistic changes. (#5581)
Fixed regular expression logic for better accuracy. (#5528)
Fixed incorrect parts checkbox logic in SBOM download dialog. (#5583)
Fixed CPE and PURL editor issues. (#5584, #5585)
Fixed PURL version check. (#5547)
Fixed layout issues in SBOM download menu. (#5555)
Fixed changelog table styling for dark mode. (#5542)
๐ Refactoring & Improvements
SBOM Compare Code: Refactored SBOM comparison logic in tools and version lists. (#5144)
Compliance Tab Update: Refactored SBOM compliance tab for improved performance. (#5520)
Free Tier Enhancements:
Hide compliance and parts checkbox in SBOM download. (#5548)
Hide product by label for free-tier users. (#5546)
Update dashboard by removing restricted metrics. (#5563)
Remove label select in import status for free tier. (#5565)
Centralized free-tier check logic. (#5577)
Performance Optimizations:
Removed unused components, variables, and mutations. (#5509, #5510, #5578, #5576)
Improved default checkbox styling in tables. (#5523)
Updated SBOM reprocess function for better efficiency. (#5516)
Updated vulnerability graphs API with paginated queries. (#5586)
Optimized routing logic for global vulnerability access. (#5545)
Refactored customer check logic in
useProjectGroup. (#5575)Centralized route checks logic in a dedicated hook. (#5571)
v3.0.6
Feb 5th 2025
Highlights
Interlynk Platform v3.0.6 introduces enhanced filtering, model validation improvements, and multiple UI/UX refinements to improve overall user experience. This release also includes essential bug fixes and performance optimizations.
New Features
Improvements
Bug Fixes
v3.0.5
January 27th 2025
Highlights of New Features and Improvements
SBOM Lifecycle Management
Introduced a feature to seamlessly manage and update SBOM lifecycles. (#5410)
Executive Dashboard Enhancements
Dashboard now populates with key data to improve high-level decision-making. (#5415)
Severity and CVSS Metrics
Added Severity and CVSS Scores to the Vulnerability View Page for better risk assessment. (#5418)
Improved Dashboard UI
Updated the dashboard with new graphs and data for better insights. (#5362, #5419)
Streamlined Component Lookup
Enhanced the UX for faster and easier component search. (#5383)
Contribution Suppression
Added the ability to suppress specific contribution types. (#1922)
Validation and Modal Enhancements
Manufacturer and component add modals updated with required validations and new changes. (#5398, #5408)
Health Scoring Updates
Stylistic and functional updates made to health scoring for improved usability. (#5387, #5405)
Bug Fixes
Fixed alignment issues in component notes. (#5396)
Resolved inconsistencies in component insight data. (#5390)
Fixed issues with the Vulnerability Info View and included Known Exploited Vulnerabilities (KEV) in the expanded view. (#5407)
Removed unnecessary component warnings. (#5404)
Addressed multiple entries in metric aggregation reports. (#5420)
Other Improvements
Updated description tags with icons for better visual clarity. (#5389)
Implemented UI improvements across the platform for a more cohesive experience. (#5409)
Improved tools loading view for better user feedback. (#5406)
Added an end-to-end test for organization creation and switching workflows. (#4752)
v3.0.4
January 23rd 2025
Highlights of the Release
The v3.0.4 release introduces significant enhancements to platform usability, performance, and compliance workflows. With additional features such as improved filtering, enriched SBOM operations, and a variety of bug fixes, this update reinforces our commitment to delivering a robust and user-friendly experience.
New Features
Annotate Gem Initialization: Enhanced annotation capabilities with the addition of the annotate gem to streamline development workflows. [#1905]
Attach Existing Custom Vulnerabilities to SBOMs: Simplified vulnerability management by allowing custom vulnerabilities to be linked directly to SBOMs. [#1902]
Package Lookup Functionality: Added the ability to perform detailed package lookups, leveraging Package URLs (PURLs) for precision. [#1907, #1913]
Score Settings in Command Bar: Easily access and adjust score settings via the command bar for a more seamless experience. [#5369]
Enhancements
Policy Rule Violations Finder: Extended filtering options for more granular policy rule violation analysis. [#1870]
Weight Control for Package Health Logic: Enabled fine-tuned control over package health calculations to improve reporting accuracy. [#1898, #5029]
Updated Plan Details View: Improved clarity and accessibility in the plan details interface. [#5341]
Refactored Components: Significant refactoring of components, including CVSS, CPE, and PURL info cards for better maintainability and performance. [#5342, #5365]
Improved SBOM Operations:
Fixed SBOM creation tool tests. [#5351]
Enhanced SBOM general tab functionality. [#5375]
Updated SBOM end-to-end tests for increased coverage. [#5366, #5384]
Compliance and Vulnerability Management:
Removed compliance selector and custom vulnerability actions for free-tier users, streamlining operations. [#5349, #5350]
Improved vulnerability table preview for customer view. [#5370]
Bug Fixes
Health Score Calculations:
Resolved issues with health score bugs and null breakdowns. [#1912, #1919]
Fixed health score fields validation. [#5382]
Concurrency Control: Controlled the concurrency of workflows and jobs to prevent resource contention. [#1908]
Date Filter: Fixed a bug with date filtering for component vulnerabilities. [#1909]
Custom Vulnerability Operations: Addressed issues with custom vulnerability creation and operation support. [#1915, #5380]
General Fixes:
Fixed typos, calculation errors, and stylistic changes in various areas. [#1919, #5360]
Resolved modal auto-closing issues in SBOM tabs. [#5375]
Fixed missing brace errors. [#5367]
Corrected end-to-end test failures across SBOM and components. [#5359, #5376, #5384]
Fixed color code validation issues. [#5353]
Performance Improvements
Refactoring and Cleanup:
Refactored utility functions for better code reuse and readability. [#5336, #5356, #5357]
Removed unused global states and redundant functions. [#5345, #5355]
Cleaned up policy table and automation column components. [#5363, #5364]
Loading Feedback: Added feedback for the refresh button to enhance user experience during data updates. [#5372]
Security Updates
X-Permitted-Cross-Domain-Policies: Implemented additional security headers to ensure stricter domain access controls. [#5378]
v3.0.3
January 14th 2025
๐ Highlights
Introduced Defect Density Calculation Service to provide deeper insights into project health.
Added Reconcile Service to ensure vulnerability data remains consistent across the platform.
Enhanced custom fields for workflow integration, supporting more personalized workflows.
โจ New Features
Defect Density Calculation: Introduced the DefectDensityService to calculate defect density for projects, offering better visibility into overall project health.
Reconcile Service: Implemented a reconciliation service to prevent mismatches in vulnerability data across different sections of the platform.
Custom Fields for Workflow Integration: Enhanced workflow integrations by allowing custom fields, making it easier to tailor workflows to specific needs in tools like Jira.
๐ Improvements
Annotatable Support in Changelogs: Replaced the term annotation with annotatable to improve consistency in changelogs.
Global Vulnerability Table Refactor: Refactored the Global Vulnerability Table for better performance and a cleaner interface.
System Logs Update: Updated system logs to support new scan types, improving traceability.
SBOM Selection Issue Fixed: Resolved various SBOM selection issues, ensuring a smoother experience across workflows.
Email Styling Enhancements: Improved the styling of email templates for better readability and consistency.
๐ Bug Fixes
Compliance Bug in SBOM Score Report: Fixed an issue where compliance reports failed when the report format was present but not selected.
Vulnerability Status History Fix: Resolved an issue where vulnerability status history did not display imported statuses correctly.
Vendor Page Redirection: Fixed a redirection issue on the vendor page.
404 Page Setup: Implemented a 404 error page for better user experience when navigating invalid links.
Component Description Preview Update: Updated component previews to improve readability.
Invalid Expressions Handling: Improved error handling to manage invalid expressions, preventing crashes.
Dashboard Redirection Issue: Fixed redirection issues when navigating through the dashboard.
๐ง Other Fixes and Enhancements
Issue
Description
Fixed email styling
Improved email template readability
Compliance list preview update
Updated compliance lists with new styling
Fixed analytics filter issue
Resolved issues with filtering analytics data
Product delete modal verification
Added input verification to the product delete modal
Update policy expand view
Enhanced policy expand view for better UX
Fixed SBOM checks test
Fixed end-to-end test issues related to SBOM checks
Data license modal fix
Resolved issues with data license modal
Handle invalid CVSS expressions
Fixed handling of invalid CVSS vector expressions
โ
Quality of Life Changes
Updated the default sort order for Global Vulnerabilities to improve relevance.
Fixed various navigation bugs, ensuring sort orders are retained across pages.
Enhanced Custom Vulnerability Form with input validation to avoid submission errors.
Improved the SBOM General Tab Styling for consistency across the platform.
Added delete checks to the Product Table for easier record management.
โ๏ธ Technical Enhancements
Refactored external navigation URLs into reusable components for better maintainability.
Updated node options in staging deployment to improve performance.
Updated CVSS Info Modal with conditional previews to improve flexibility.
v3.0.2
January 7th, 2025
๐ New Features & Highlights
Project Filtering by Name
Easily filter projects by their name to quickly find what youโre looking for, especially in large environments.
Defect Density Graph in Analytics
Visualize vulnerabilities across your components with the new Defect Density Graph, helping you track defect trends over time.
Custom Vulnerability Tab
Manage organization-specific vulnerabilities more effectively with the new Custom Vulnerability Tab.
SBOM Quality Metrics Enhancements
The SBOM Quality Score preview and calculation have been improved, offering more accurate insights into your SBOM health.
๐ ๏ธ Improvements & Fixes
Added detailed Activity Logs for Annotations to track changes and updates.
Resolved issues with Component Relationship Preview to display accurate relationships between components.
Fixed SBOM Download Issue when the quality score was blank.
Improved Manufacturer URL Navigation to ensure all links work as expected.
Updated Email Styling for cleaner, more professional email templates in production.
Environment Selector is now disabled after selection to prevent accidental changes.
Multiple Analytics Page Enhancements, including updated icons, filters, and default values for a better user experience.
๐ Bug Fixes
Fixed SQL Error in the project metrics finder to ensure smoother performance.
Resolved Compliance Score Lookup issues that always defaulted to NTIA.
Fixed SBOM Quality Score Calculation to ensure consistency across reports.
Corrected a Typo in Project Vulnerability Metrics for more accurate reporting.
Fixed Graph Styling in Dark Mode to improve readability.
๐ Analytics & Metrics Improvements
Added Vulnerability Status Counts to the Analytics dashboard for a clearer overview of your vulnerabilities.
Updated the Patch Velocity Metric to improve tracking of remediation efforts.
Enhanced SBOM Statistics for more accurate and actionable data.
Automatically Reset Analytics Filters when changing environments to ensure fresh data views.
โ
Security Enhancements
Implemented Organization Name Validation to prevent potential code injection risks.
Fixed issues with Activity Logs to ensure accurate tracking of actions and changes.
v3.0.1
January 3rd, 2025
๐ New Features
SBOM Automation Rules Saving Across Environments
Automation rules can now persist across different environments, providing better flexibility in managing your SBOM processes. [#5211, #5234]
Conditional Preview for Organizational Lists
Users can now preview organizational lists based on specific conditions, improving user experience and navigation. [#5213]
Component Annotation Support
Added support for component-level annotations, allowing users to add custom notes and metadata for better tracking. [#5206, #5221]
System Log Functionality
Implemented system logging to provide better visibility into platform actions and audit trails. [#5232, #1851]
SBOM Vulnerability Statistics
Added a detailed vulnerability statistics view for each SBOM, giving users quick insights into their SBOMโs security posture. [#5230]
โจ Enhancements
SBOM Compliance View Loading Screen
A loading screen has been added to the SBOM compliance view to improve user experience during data fetches. [#5231]
ShareLynk Drawer Refactor
The ShareLynk drawer has been updated with a new form layout for a more intuitive user experience. [#5228]
User Update Validation
Improved user update validation to handle various scenarios accurately and securely. [#5249]
Email Notifications Styling
Fixed styling issues in email notifications to render correctly across different devices and platforms. [#1792]
Global Icon Style Update
Updated icon styles globally for a more consistent and polished look across the platform. [#5246]
Annotation Type Updates
Annotations now include timestamps for better tracking of updates and creation dates. [#1848]
SBOM Activity Logs
Updated SBOM activity logs to include additional details, making it easier to track changes and activities. [#5243]
UI and Analytics Improvements
Improved the overall UI consistency and made enhancements to the analytics page for a better user experience. [#5220, #1847]
๐ Bug Fixes
Fixed SBOM Download Issues in ShareLynk
Resolved missing code for SBOM download options, ensuring a smoother download experience. [#5136, #5261]
Fixed Vulnerability Badge Alignment
Addressed misalignment issues with vulnerability badges for better visibility. [#5256]
Fixed SBOM Checks Rescan
Resolved an issue causing errors when re-running SBOM checks. [#5241, #5240]
Fixed Daily Metrics Collection
Fixed errors in the daily metrics collection job and optimized it to use upserts. [#1845, #1853]
Fixed Missing Component Vulnerabilities
Resolved issues with missing component vulnerabilities from certain parts of the platform. [#1838]
Fixed SBOM Download Authorization Issue
Addressed an issue where ShareLynk SBOM downloads failed due to missing authorization checks. [#1843]
User Name Sanitization
Implemented user name sanitization to avoid potential code injection vulnerabilities. [#5245]
Fixed Organization Name Update Validation
Ensured proper validation when updating organization names to prevent invalid entries. [#5247]
Fixed Search Query Trimming
Resolved an issue with untrimmed search queries causing mismatches. [#1840]
Fixed Vulnerability Statuses Globally
Standardized the vulnerability status column across the platform for consistency. [#5242]
Fixed Repo Crashes
Addressed crashes occurring in specific repo configurations. [#1844]
v3.0.0
December 23, 2024
๐ New Features
Hide SBOM Quality Score Added the ability to hide SBOM quality scores for enhanced flexibility in compliance workflows. [#1715]
Unignore SBOM Checks Users can now โUnignoreโ checks, providing greater control over ignored items. [#5160]
Component Search in Relationship Form Implemented a robust search functionality for components within the relationship form. [#5175]
โจ Enhancements
FDA Component Support Updated support levels for FDA components, ensuring up-to-date compliance. [#1808]
Default and Manual Scan Organization Moved default and manual scans to more intuitive facets for better user experience. [#1829]
Optimized SBOM PDF Export Refactored and optimized SBOM PDF exports for smaller, more efficient files. [#5170, #5178]
Tooltip and Label Updates Improved tooltips for Version Health Score and SBOM Quality Score for better clarity. [#5188, #5198]
Improved Vulnerability Feeds Cleaned up and optimized vulnerability/exploitability feed listings. [#5158]
UI Consistency Enhanced component side-drawer consistency and updated the compliance drawer for a cohesive UI. [#5161, #5121]
API Call Optimization Reduced unnecessary API calls for better performance. [#5130]
Updated SBOM Defaults Adjusted SBOM export defaults for user convenience. [#5190]
๐ Bug Fixes
Nil Panic Error Resolved issues causing nil panic errors for users. [#1814]
SBOM Checks Filter Fixed filter reset issue in SBOM checks. [#5159]
Tooltip Mismatch Fixed incorrect tooltips on Version Health Score. [#5188]
Vulnerability Badge Styling Adjusted styling for vulnerability badges for better visibility. [#5194]
Vulnerability Count Display Updated SBOM details to show
-for vulnerability count when scans are pending. [#5192]Component Update Fixed component update functionality with required changes. [#5187]
Relationship Updates Addressed issues in primary relationship previews and updates. [#5173, #5195]
Search Query Trimming Fixed issues with untrimmed search queries causing mismatches. [#5199]
PDF Export Issues Resolved missing data hashes and fixed descriptions from products in PDFs. [#5189, #5191]
License Table Display Fixed SBOM license table in customer views. [#5197]
Compliance List Addressed inconsistencies in the compliance list. [#5208]
โ๏ธ Technical Improvements
Sidekiq Configurations Added configurations for Sidekiq, improving job management. [#1830]
Job Scheduling Changes Updated job scheduling for improved reliability. [#1833]
Removed Debug Code Cleaned up unnecessary debug code to streamline performance. [#1824]
Removed New Relic Eliminated unused New Relic and Solid Errors to reduce overhead. [#1811]
v2.9.9
December 17th, 2024
Added API to retrieve a single custom vulnerability within the current organization
Introduced support for Level CSV download option
Enabled SBOM export as FDA specific Excel
Dynamic addition of custom fields to vulnerability CSV Export
Improved validation for vulnerability ID uniqueness
Enhanced SBOM build drawer with supplier fields
Refined SBOM general tab
Updated vulnerability card layout
Implemented context-sensitive label menu
Updated product settings tooltip
Improved SBOM actions and components
Refined product details and ShareLynk table components
Added vulnerability indicator to components
Enabled delete feature for dependency_of relationships
Fixed crash when component vulnerability is null in component VEX update API
Resolved timeout issues in organization vulnerability queries
Corrected severity filter functionality
Fixed crash in daily metrics job
Resolved issues with SBOM download options
Corrected custom field bugs in CSV export
Fixed vulnerability count display before scanning
Resolved key prop and React ref warnings
Fixed progress bar overflow issue
Corrected inconsistencies in global and product vulnerability views
Addressed ShareLynk SVG link preview issues
Fixed SBOM modal and drawer inconsistencies
v2.9.8
December 5th, 2024
Enhanced Vulnerability Management: Introduced features to identify and manage vulnerabilities, including custom vulnerability additions and updates.
Improved User Interface: Multiple UI enhancements across SBOM components, license management, and analytics.
PDF Export Improvements: Fixed critical PDF export issues and added dynamic custom fields for export.
Performance Optimization: Removal of unused libraries, variables, and static media to streamline builds and improve performance.
Custom Vulnerability Addition: Add and manage custom vulnerabilities for SBOMs (#4996).
Label Filtering: Added label-based filtering for analytics and part selection (#5021, #5053).
CSV Export: Enabled CSV export for the support tab (#5040).
SBOM PDF Enhancements: Dynamic custom fields added to SBOM PDF exports (#5064).
Vulnerability Scanning: Auto vulnerability scan triggered upon adding or updating custom vulnerabilities (#1763).
Order-by Search Support: Added support for ordering search results (#1751).
Component Management: Updated the component tree, state, info modal, and expand views for a more streamlined experience (#4983, #4979, #5033, #5059).
UI Updates: Improved styling for tools page, license expand views, and editors (#5062, #5060, #5037).
Improved Validation: Enhanced error handling for invalid CPE checks and custom vulnerabilities (#4999, #5050).
Analytics Page: Added new environment filters and updated analytics components (#5034).
Automation Rules: Introduced a toast notification for rule generation and added โcontainsโ to automation rules (#5012, #1762).
Search Functionality: Fixed SBOM search field and duplicate SBOM transfer issues (#4997, #1773).
License Modal: Addressed UI and error handling issues (#4990).
PDF Export: Resolved issues in PDF export, including vulnerability and parts details (#5041, #5063).
PURL and CPE Editors: Fixed styling, validation, and search options for better usability (#5037, #5017).
Component Validation: Fixed issues with component supplier validation and other vulnerabilities (#5004, #5051).
SBOM Reprocessing: Automatically reprocess SBOMs upon updates to primary (#1767).
Code Refactoring: Updated global styles, removed unused components, and replaced tooltips for consistency (#4986, #5014, #5015).
Library Updates: Bumped dependencies for cross-spawn, http-proxy-middleware, and rollup for security and compatibility (#4940, #4673, #4476).
Error Handling: Improved error messages and validation for various operations (#5032, #5054).
Build Optimization: Improved build times by removing unwanted media files and unused variables (#5025, #5036).
v2.9.7
November 27, 2024
๐ Improved User Experience: Enhanced workflows in component creation, SBOM management, and vulnerability analysis.
๐ Advanced Security Features: Added safeguards and improvements to ensure compliance and data integrity.
๐ SBOM Enhancements: Seamless SBOM transfer between environments and new export fixes.
Custom Vulnerabilities: Add and manage vulnerabilities tailored to your specific needs.
SBOM Management: Transfer SBOMs between environments and streamline SBOM list interactions.
Enhanced License Handling: Custom license transformations and text display improvements.
Component Tree Updates: Added primary paths, dependency tagging, and action enhancements.
Accessibility Improvements: Fixed button and image accessibility issues.
Fixed validation errors in component creation and updates.
Corrected user permission issues for Viewer roles.
Resolved analytics bugs for environment selections.
Fixed parts navigation and dependency linking issues.
Addressed deadlock issues and optimized PURL normalization.
Updated SBOM author tags with tooltips and reordered columns for better usability.
Fixed alignment and modal display inconsistencies.
Removed unused code and integrated consistent Chakra components.
v2.9.6
November 19, 2024
Enhanced Usability: Improved support for large SBOM files, reducing UI freezing and enhancing download/edit functionality
Advanced Graph Support: Added directional support for the relationship graph view, making visualization more intuitive.
Improved Validation: Introduced license expression validation and refined product and vulnerability input handling.
Streamlined Error Management: Fixed upload error handling and enhanced modal behaviors for better error visibility.
Directional Relationship Graph View: Graph views now support directional visualization for better clarity.
License Expression Validator: A new feature to validate license expressions during uploads.
Trace View for E2E Tests: Trace view support added for end-to-end tests on CI, aiding debugging and performance insights.
Vulnerability & Component Matching: Enhanced logic for matching vulnerabilities and components by intersecting names.
EPSS Score: Null values are now allowed, ensuring flexibility in data input.
Status Field: Made optional to accommodate partial inputs.
Vulnerability Field: Can now be left blank if applicable.
Fixed edit and download button issues for large SBOMs.
Reduced chances of UI freezing with large files.
Error Handling Enhancements: Improved error handling during upload and reprocess actions. โข Fixed issues with reset and indication in the VEX update flow.
Enhanced VEX import table and history drawer with custom fields.
Relationship Graph and Table Refinements:
Resolved issues with vulnerability link forms and table action buttons.
Addressed bugs in relationship deletion modals.
Updated component linking in the vulnerabilities tab. โข Improved import vulnerability status UI.
Resolved e2e test issues, including product deletion and label validation.
Updated SBOM files and product creation validation for tests.
v2.9.5
November 14, 2024
Custom VEX Fields: Easily manage and add customized VEX (Vulnerability Exploitability Exchange) fields for better vulnerability tracking.
License Notifications: Receive notifications related to software license compliance and updates.
Enhanced Export Options: Seamlessly export and import End of Support (EOS) data, along with improved SBOM PDF layouts.
Component Dependency Tree: Visualize and analyze component dependencies within the platform to understand the structure and potential vulnerabilities better.
SBOM PDF Enhancements: Added missing labels, data mappings, and refined layout for better readability and compliance with export needs.
UI/UX Refinements
Updated mailer font styling, component subheaders, and the integration tab name for improved navigation.
Enhanced search functionality for better score filtering.
New tooltip and styling across lists, modals, and menus for a more consistent experience.
Updated dashboard header and increased search bar width for quicker data access.
Policy and Automation
New SB-HC-25 checks implemented for enhanced policy adherence.
Automated validation added to streamline creating and managing automation rules.
Data Handling
Filtering for unknown ecosystem entries and handling of null values to enhance data integrity.
Improved CSV and PDF exports, ensuring only relevant data is included.
Notifications:
Refined notification settings, including adherence to personal settings for targeted updates.
Component and Vulnerability Updates
Resolved issues in the component update process, including null strings and prefix issues.
Fixed vulnerabilities and licensing data in the global vulnerability table.
Enhanced form validation across VEX forms and vulnerability tables to ensure data accuracy.
SBOM and Export Refinements
Fixed issues with CSV filter and export, ensuring reliable downloads.
Improved logic for filtering out disabled products and maintaining format consistency.
UI Bug Fixes
Corrected layout bugs, icon placements, and button spacing across several views.
Addressed vulnerabilities in navigation and vulnerability status indication.
v2.9.4
November 4, 2024
SBOM Enhancements
Added SPDX Lite export support
Implemented PDF export functionality
Enhanced SBOM phases management
Added flag to indicate SBOM reprocess status
Authentication & Security
Added unauthenticated access support for organization requests
Improved request workflow for public APIs
Enhanced password security mechanisms
User Experience
Redesigned email templates and footer
Updated SBOM upload request UI
Improved organization selector interface
Optimized policy count logic
Enhanced SBOM request flow
Fixed component health score calculations
Resolved policy matching for SPDX ID
Fixed CPE error in component support
Addressed SBOM level policy result metrics
Fixed license search and validation issues
Resolved multiple clicks on upload SBOM button
Added comprehensive E2E tests for core functionalities
Enhanced validation for SBOM phases
Improved error handling and user feedback
v2.9.3
October 24, 2024
Added support for CPE 2.2
Introduced SBOM lifecycle management
Improved SBOM export functionality with exclude parts option
New upload request UI for SBOM
Implemented automation rules for internal component checking
Enhanced CPE finder with improved exact match and prefix search prioritization
Added internal Slack monitoring system
Fixed component evaluator for less_than, more_than, and range operations
Comprehensive CSV export functionality for multiple views
Updated organization and environment selectors
Refined label management system
Enhanced dashboard filters and analytics
v2.9.1
October 17, 2024
SBOM Lifecycle Support (UI Pending): Added functionality to manage SBOM lifecycles phases, streamlining compliance workflows. (#1634)
SBOMs Count Availability: SBOMs count is now accessible through Sharelynk for easier tracking. (#1625)
Notification for Manual Policy Scans: Implemented a notification system for manual policy scan results, keeping you informed. (#1611)
Email Template Overhaul: Introduced a new email template as part of a unified email strategy. (#1624)
CSV Export for Enhanced Reporting: Now export data from the Global Vulnerability Detail View and SBOM Components View. (#4599)
Loader for Policy Violation Counts: Displays a loader instead of zero when a policy scan is in progress, providing a more accurate view. (#4530)
Product Permission Renaming: Updated "Archive Product" permission to "Delete Product" for better clarity. (#1631)
Async Scroll for Product Breadcrumbs: Improved user experience with a new asynchronous scrolling component. (#4576)
End-to-End Testing Improvements: Expanded E2E tests to cover more features, such as internal component CRUD. (#4607)
Custom Mobile Warnings and Device View Updates: Added custom warnings for mobile users and refined the device warning views. (#4591, #4610)
Logout After Email Confirmation: Users will be logged out upon confirming their email if they are already logged in, enhancing security. (#1626)
SPDX Export and Import Issues: Resolved crashes during SPDX export and fixed duplicate component imports. (#1633)
Policy Scan Fixes: Addressed an issue where policy scans would not complete when using certain parts. (#4586)
Ribbon Badge Count Accuracy: Corrected the display of policy counts on ribbon badges. (#1632)
Automation File Naming: Fixed export file names for automation, ensuring consistency. (#4572)
Modal and UI Enhancements: Resolved issues with modals, such as the archive automation modal close button. (#4577)
Playwright and Test Fixes: Updated playwright report issues and SBOM delete tests. (#4605, #4612)
UI Consistency: Addressed alignment, color scheme, and height issues in various components. (#4564, #4595, #4597)
v2.8.8-HotFix
October 17, 2024
v2.8.8
October 10, 2024
Component Insights: Added component insights for better visibility into usage and vulnerabilities (#4496, #4552).
SPDX 2.3 Export: Added export functionality for SPDX 2.3 specification (#1615).
SBOM Download: You can now download the original SBOM.
Slack Notifications: Notifications for failed E2E tests now sent to Slack, with log URLs included (#4547, #4557).
Vulnerability Actions: Updated vulnerability actions for improved workflow (#4561).
JIRA Validation Rule: Added a validation rule for JIRA ticket creation (#4553).
Products Enable/Disable E2E Tests: Added E2E tests for product enable/disable actions (#4556).
UI Updates: Improved component and vulnerabilities layout, insights preview, and VEX status (#4523, #4552, #4527).
Component License Tag: Updated license tag for better component identification (#4565).
SBOM Support Status: Added visibility for SBOM-related activities (#1586).
JIRA Link, Component Card, Sidebar, and Search: Fixed issues with JIRA link, component card display, responsive sidebar, and changelog search (#4541, #4555, #4563, #1563).
SPDX Validation and Repo Key: Resolved SPDX export validation and repo key issues (#1618, #1610).
Miscellaneous Fixes: Addressed sign-up button, E2E label tests, and unit test failures (#4562, #4551, #4549, #4569).
Code Clean-up: Various clean-ups to improve codebase (#4560).
Export and Test Updates: Fixed export issues and updated specs test actions (#1616, #4571).
v2.8.7
October 4, 2024
Refactored the version table and product modal for better structure and performance (#4466, #4475).
Updated the SBOM vulnerability table and optimized API calls like
GetOrgNamefor faster performance (#4463, #4467).Several user interface improvements, including:
Refactor of PURL and CPE card (#4500).
Updated settings header and sidebar with documentation links (#4499, #4529).
Improved component edit drawer, modal, and search functionality (#4489, #4516).
Added ShareLynk validation and updated validation messages (#4494, #4513).
Updated column identifiers and fixed alignment issues in the user table (#4485, #4497).
Enhanced vulnerability state handling and validation, including vulnerability filters and link validation (#4486, #4515, #4540).
Fixed multiple UI bugs related to dark color schemes, product updates, and component state issues (#4490, #4491, #4537, #4539).
Other minor performance improvements and refactors, including E2E tests switched to Linux and improved cron job handling (#4487, #4526).
Fixed vulnerability scanning failures and PURL validation issues (#1599, #4506).
Resolved bugs like vulnerability expand view, NVD link, and missing dependencies in the version table (#4490, #4524, #4507).
Fixed issues related to FDA compliance support level and security token initialization (#1575, #4525).
Several fixes related to Docker and workflow configurations (#1587, #1588, #1589).
Improved license handling, including case-insensitive search and removed VEX completed check (#1596, #1600).
v2.8.6
September 26, 2024
Component Library[BETA/NOUI]: Introduced a new component library to streamline UI elements across the platform, enhancing consistency and maintainability.
SBOM Support Enhancements: Updates to the SBOM support query, expanding compatibility and improving query accuracy.
Global Custom Date Input: A custom date input field was introduced for global use, standardizing date selection across multiple features.
Manufacturer Modal Improvements: Added a confirmation modal for archiving manufacturers, improving user interaction with sensitive actions.
Error Messaging: Enhanced error messages for SVG link issues and unexpected errors during automation rule imports.
Component Support Updates: Fixed issues with support updates, including renaming fields and adding new validation checks to prevent errors.
Vulnerability Page Fixes: Adjustments to vulnerability displays, including showing low severity counts and fixing breadcrumb navigation.
Playwright Test Fixes: Multiple fixes and optimizations for Playwright tests to ensure better CI/CD integration and reduce timeouts.
User Interface Updates: Refined UI in several areas, including the general tab, component type fields, and policy violation counts.
Dockerfile and Workflow Optimizations: Updates to Dockerfile and GitHub Actions workflows for better efficiency, including enabling Docker BuildKit.
Search Functionality: Removed prefix search in favor of substring search for better accuracy in results.
Policy and Parts Modal Refactoring: The policy modal and parts modal were refactored for improved usability and performance.
v2.8.5
September 19th, 2024
Archive Version Preview: Enabled preview of archived versions with necessary changes (
#4319).Automation Import/Export: Implemented automation import/export feature (
#4403).Component Author: Added support for displaying component author information (
#1539).Component PURL & CPE: Added missing PURL and CPE data for components (
#4374).Docker Image Versioning: Created
Image-version.ymlto track Docker image versions (#1543).
Search Functionality: Resolved issue where search for check ID was not working (
#1531).Expired Invitations: Fixed handling of expired invitations (
#1538).Internal Component Tagging: Fixed component tagging issues (
#1503,#4269).Supplier Check: Addressed supplier check issue in SBOM (
#4392).Component Version Validation: Resolved validation issues for component versions (
#4361,#4398).Reset Password Page: Fixed reset password link issue (
#4397).Policy View Alignment: Corrected alignment of the policy view (
#4356).SBOM Fixes: Fixed issues in SBOM support table, CPE validation, supplier modal, and details page in customer view (
#4372,#4371,#4408,#4393).Invitation Handling: Resolved additional invitation handling issues (
#4395).Dark Mode Styling: Fixed styling issues in dark mode and license field validation (
#4400).Checks Preview: Fixed logic for previewing checks (
#4399).
Restart Policy: Updated Docker container restart policy to "always" (
#1534).License Updates: Added updated licenses (
#1540).Progress Bar Styling: Enhanced progress bar styling (
#4340).Component Relation Drawer: Added expand action to the component relation drawer (
#4364).General Styling Updates: Updated styling for the general tab, login/register page, and success messages (
#4367,#4346,#4390).Consolidation & Workflow: Consolidated files and updated workflows accordingly (
#1544).Modal Enhancements: Refined modal consistency and styling (
#4410,#4414).Product Status Modal: Enhanced product status modal functionality (
#4421).
v2.8.4
September 12, 2024
Added violation count functionality
Implementation of component unsaved warning
Update to VEX status view and global vulnerability UI
Addition of component support tooltip
Update to authentication UI
Enhanced SBOM (Software Bill of Materials) features:
Fixed SBOM table spacing
Updated SBOM general tab layout and styling
Added info tooltip in SBOM general tab
Improved SBOM data license modal
Refined component management:
Updated component end-of-support field
Refactored component identifier fields
Enhanced component health score view
Improved component fields validation
Enhanced product features:
Fixed product search issue
Updated product actions preview
Upgraded policy management:
Updated policy stats color
Fixed policy count display
Fixed SVG link issues
Resolved EOL (End of Life) finder problems
Addressed staging errors from demo data
Fixed null copyright value on component creation
Corrected valid expression showing as custom license
Resolved components create function issues
Fixed license update problems
Addressed VEX status modal issues
Various styling improvements across the application
Fixed compliance card alignment and styling
Refined dashboard stats alignment
Updated progress bar functionality
Implemented dark mode color corrections
Updated security tokens with required validation
Upgraded various dependencies for improved security and performance
Removed SBOM reprocess option from customer view
Removed label option from free tier accounts
Updated free tier limits
Various settings and modal fixes
Environment configuration updates for staging and production
Product Vuln tab "set status" crashes
In the component Edit tab, if you click save on a component, even if no changes are made, it throws a no-component error.
Ctrl-K search has settings navigations not working correctly.
2.8.0
September 4, 2024
Added SSO support (Google & Github)
Introduced request functionality for plan upgrades.
Enabled component-level support information and exposed it on the SBOM support page.
Added new fields and updated views like compliance warning for disabled checks, component copyright field, connection tab renaming, and vulnerability info page redesign.
Improved UI for the SBOM upload modal, label filter dropdown, and compliance drawer.
Fixed various UI issues, including compliance tab, select styling, component drawer, vex completed filter, SBOM parts UI, policy violation drawer, organization register modal, breadcrumb fetching, product filter in global vulnerability page, component update function, import wizard, overflow issue in component drawer, and more.
Fixed modal behaviors including Add/Edit License, Create Role, Create Token, and settings modals.
Fixed policy stats and SBOM download modal.
Fixed config not saving issue, errors, and orphaned dependencies.
Ensured consistency in documentation.
Enhanced support delete modal, SBOM build drawer, organization table, product label filter, compliance tab design, login page (privacy policy and terms of services), compliance description, and compliance tab with new design.
Improved component dependency view, label dropdown, label filter instructions, product page, and label size.
Refined styling and layout consistency for various UI components.
Added a flag for invalidating entries in the CPE info table.
Updated the demo name and description.
Refactored component vulnerability scope in the resolver.
Updated staging environment settings and hostnames.
Made modal fixes and other general settings changes.
2.7.9
August 27, 2024
Labels [GA]
Free Tier [Beta]
Demo account seed data
Compliance Tab
Component Library alpha (No user-facing data as yet)
AWS marketplace integration alpha
Limit server log files to 100MB
Various fixes for notifications.
Sanitize and remove bad data from SBOMs.
Refetch refactor in UI, for consistent performance.
Modal consistency fixes.
Tons for additional fixes and consistency improvements.
2.7.8
August 15th, 2024
Version Archive Support - Individual versions can now be archived. Archival removes the version from all metrics, vulnerabilities & policies.
Notification Support - We support personal & organization level notification support. Notifications are supported over Email/Slack & Teams. This is an early release; currently we support only Sbom upload/failures & Vuln report scans. More notifications will be added on an ongoing basis.
Labels Support: Products can now be labelled for easy management.
Permanent fix for Delete Role crash.
Checks does not flag an sbom with a single component with relationship failure.
Text alignment for SBOM Card.
Product Listing fixes a bunch of them.
Version Compare fixes.
Toast bar notification consistency.
2.7.7
August 1st, 2024
PURL & CPE vulnerabilities are merged, producing a single list of vulnerabilities by component.
Product Progress Graph [ Demo account only ]
Compliance score fixes
Other identifiers now take into account either CPE or PURL
Comp suppliers accounting issue.
Migration to remove old roles
Fixed permissions wipe out
Invalid PURL crash fix
Updated info tooltips
Google Analytics fixes
Last updated