- Add retry logic to OSV API requests (up to 3 attempts on timeout or connection errors)
- Fix severity extraction for OSS-Fuzz vulnerabilities by reading
ecosystem_specific.severityfrom OSV data
- Add CycloneDX SBOM output with vulnerabilities (
--cyclonedx) - Add Brewfile scanning support (
--brewfile) to check packages from a Brewfile - Add SARIF output for GitHub code scanning integration (
--sarif) - Add severity filtering to only show vulnerabilities at or above a threshold (
--severity) - Add configurable summary truncation length (
--max-summary) - Fetch vulnerability details in parallel for faster scans
- Add GitLab and Codeberg support alongside GitHub
- Log warnings when version parsing fails instead of silently ignoring errors
- Initial release