Skip to content

Commit 6b4adba

Browse files
authored
Merge pull request #104 from sktelecom/release/v1.2.0
chore(release): v1.2.0
2 parents 336dfde + 4c94243 commit 6b4adba

2 files changed

Lines changed: 20 additions & 1 deletion

File tree

CHANGELOG.md

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,25 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
## [v1.2.0] - 2026-06-11
11+
12+
### Added
13+
14+
- Web UI source scans (current directory, Git URL, ZIP upload) now resolve transitive dependencies through cdxgen language images, matching the CLI. The web UI previously used syft, which captured only directly declared dependencies; a Spring Boot sample went from 8 to 91 components. (#95)
15+
- Scan results gained Components and Vulnerabilities tabs with searchable, sortable tables, next to the existing summary. (#96)
16+
- Source scans now fetch dependency licenses (`FETCH_LICENSE`, on by default), so components and the NOTICE carry real license data instead of NOASSERTION. Set `FETCH_LICENSE=false` to skip the lookups. (#98)
17+
- The NOTICE normalizes license aliases to SPDX ids, shows component copyright when present, and appends the SPDX standard full text of each used license from a bundled set (21 common licenses, offline). (#99)
18+
- The security report surfaces CVSS, EPSS (exploit probability) and CISA KEV (known-exploited) signals, sorting findings KEV first, then by severity, then by EPSS. Set `SECURITY_ENRICH=false` for offline runs. (#100)
19+
- Redesigned the post-scan artifact download experience with per-format chips and a bulk ZIP download. (#102)
20+
21+
### Changed
22+
23+
- Synced the user documentation, in-app help, and screenshots with the new features. (#101, #103)
24+
25+
### Fixed
26+
27+
- Removed the redundant maven pre-resolve step in build-prep that printed a spurious NoPluginFoundForPrefix error on every Java source scan, with no effect on the resulting SBOM. (#97)
28+
1029
## [v1.1.1] - 2026-06-09
1130

1231
### Added

electron/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "sbom-generator-desktop",
3-
"version": "1.1.1",
3+
"version": "1.2.0",
44
"private": true,
55
"type": "module",
66
"description": "Double-click desktop app that wraps the SBOM Generator web UI (runs the scanner in Docker).",

0 commit comments

Comments
 (0)