v0.0.2

What's Changed

• chore: add /health endpoint to expose agent status by @vbelouso in #152
• Java transitive search performance improvements by @tmihalac in #155
• Use Tekton for automation Testing on exploit-iq by @RedTanny in #148
• fix:Clean exclusions to enable repeated runs by @TamarW0 in #153
• fix: Remove invalid character from query by @TamarW0 in #154
• fixed trigger for running cm testing by @RedTanny in #159
• check by @RedTanny in #160
• update tekton gh token by @RedTanny in #161
• add ngnix support and small improve locator for go by @RedTanny in #162
• add disable option disable web search by @RedTanny in #163
• update toolchain by @RedTanny in #164
• update tekton script to override older tags incase of rerunning the c… by @RedTanny in #165
• Fix 2 fqcn in different jars by @tmihalac in #157
• Added members inheritance by @tmihalac in #158
• Java transitive search constructor support by @tmihalac in #169
• security(mongo): add DB authentication and RBAC by @vbelouso in #175
• solve 1 hour limit tekton pac gh token by @RedTanny in #176
• chore: add /api/v1 prefix to API endpoints in configs by @vbelouso in #172
• ignore python 2 code since our ast only works on python 3 by @RedTanny in #174
• fix: resolve invalid project version selection by @IlonaShishov in #178
• fix: change example from concrete one to generic one by @zvigrinberg in #177
• ci: add integration tests by @zvigrinberg in #180
• Add Resource limits for tekton and Fix C transitive search issue by @RedTanny in #181
• chore: implement exploit_iq_commons shared package by @vbelouso in #179
• feat: added method reference support to java transitive search by @tmihalac in #182
• Improve C performance test running by @RedTanny in #183
• fix: incorrect Ecosystem enum interpolation in SerpApi query by @vbelouso in #186
• feat: add CSAF VEX document generation by @IlonaShishov in #170
• chore: configure Nginx to use IPv4 only for external connections by @vbelouso in #188
• fix: vex kustomize by @IlonaShishov in #187
• chore: buildah task should get resolved from new ci namespace by @zvigrinberg in #192
• fix: Python 2 detection regex false positive on tuple exception syntax by @TamarW0 in #194
• chore: improve C/C++ project detection using content verification by @vbelouso in #190
• chore: fix Python integration tests repo ref by @vbelouso in #196
• feat: SerpAPI key rotation with automatic failover on rate limits by @vbelouso in #189
• Appeng 4284 telemetry by @RedTanny in #197
• feat: Transitive dependencies for javascript by @TamarW0 in #171
• APPENG-4285 - Intercept Tracing Context in ExploitIQ Agent and save to DB by @RedTanny in #198
• Appeng 4360 telemetry UI by @RedTanny in #200
• Mlops overlay by @IlonaShishov in #199
• APPENG-4421: Send all traces and spans to Grafana Tempo by @RedTanny in #201
• chore(nginx): use worker_processes equal 1 by @vbelouso in #202
• chore: create tests overlay variant by @zvigrinberg in #193
• feat: add private repository support with PAT and SSH authentication by @vbelouso in #206
• Fix thread race and other issues by @RedTanny in #210
• add failure flow to graph by @RedTanny in #211
• fix(dep-tree): rewrite Python version detection and ecosystem discovery by @vbelouso in #213
• chore: run agent container as non-root user by @zvigrinberg in #212
• fix APPENG-4780 Not specific error indication for commit errors on U… by @RedTanny in #215
• Use UTC for scan timestamps and document ISO-8601 fields by @batzionb in #217
• fix: widen fetch refspec so branch names are checkable after shallow clone by @tmihalac in #218
• fix: remove runAsGroup override in exploit-iq container by @vbelouso in #219
• feat: add custom Git SSL CA certificate support by @vbelouso in #221
• fix: move SERPAPI_API_KEY to secret reference by @vbelouso in #220
• feat: add UBI 9 based Dockerfile by @vbelouso in #225

New Contributors

• @batzionb made their first contribution in #217

Full Changelog: v0.0.1...v0.0.2

v0.0.1

What's Changed

• feat: migrate transitive code search tool to NAT by @zvigrinberg in #90
• feat: Migrate Plugin based intel retrieval to NAT by @zvigrinberg in #91
• Merge Low Quality CVE score by @tmihalac in #92
• fix: handle go and transitive code search issues by @zvigrinberg in #93
• Add traceid , Tailor Image build process ,and prepare deployment variants changes by @zvigrinberg in #94
• ExploitIQ OCP Deployment issues by @zvigrinberg in #95
• docs: add missing uv command, markdown formatting by @vbelouso in #97
• chore: Fix self hosted deployment variant by @zvigrinberg in #98
• ci: migrate Tekton PipelineRun to NAT by @vbelouso in #99
• CVSS feature migration to Nemo Agent Toolkit by @IlonaShishov in #96
• fix: intel score exception by @zvigrinberg in #103
• fix: agent startup crash by @zvigrinberg in #107
• Configure image registry credentials by @IlonaShishov in #106
• Add GitHub PAT to client config by @IlonaShishov in #108
• chore: fix crash of agent at cvss stage in self hosted variant deployment by @zvigrinberg in #110
• ci: trigger PipelineRun on non-draft PRs only by @vbelouso in #102
• APPENG-2959: Add python transitive support on top of NAT framework by @TamarW0 in #100
• fix: configure VDB persistent cache directory by @vbelouso in #112
• chore: replace concrete url with url placeholder in agent config by @zvigrinberg in #114
• fix: add callee_function argument by @TamarW0 in #115
• fix: correct repo path handling and directory traversal by @vbelouso in #119
• chore: point cache directories to persistent volume mount path by @vbelouso in #113
• fix: pin litellm and enforce lockfile to fix build by @vbelouso in #121
• Expand input support by @IlonaShishov in #120
• chore: add Swagger UI to deployment by @zvigrinberg in #122
• tests: add transitive code search tool' tests by @zvigrinberg in #123
• fix: prevent excessive agent guidance by @zvigrinberg in #125
• fix: Move ecosystem saving to earlier stage by @TamarW0 in #127
• fix: prevent error during parsing types in go transitive search by @zvigrinberg in #128
• test: add tests for python transitive search by @TamarW0 in #131
• bug: correctly handle checkouts in SourceCodeGitLoader by @vbelouso in #135
• ci: enable unit tests with shared cache storage by @vbelouso in #133
• APPENG-3181: Feature Add C support to transitive tool by @RedTanny in #104
• fix: Fix checklist escaping parsing error by @zvigrinberg in #137
• fix: golang tests failed for some standard libs checks by @zvigrinberg in #140
• Fix: csegmenter handle cases where segment contains two functions by @RedTanny in #139
• fix: do not throw exceptions in agent loop. by @zvigrinberg in #141
• feat: improve tools errors handling and logging by @zvigrinberg in #143
• feat: add caching of Go modules to persistent storage by @vbelouso in #145
• feat(kustomize): add Argilla feedback service to base deployment by @rhartuv in #144
• APPENG-3801-B - Agent performance fixes - all agent stages by @etsien in #134
• chore: add pvc for postgresql and elasticsearch by @rhartuv in #149
• fix: llm send invalid characters and when get_function in c returns a… by @RedTanny in #150
• fix: regressive bugs of agent by @zvigrinberg in #151
• Java transitive search by @tmihalac in #130

New Contributors

• @RedTanny made their first contribution in #104
• @rhartuv made their first contribution in #144
• @etsien made their first contribution in #134

Full Changelog: https://github.com/RHEcosystemAppEng/vulnerability-analysis/commits/v0.0.1