Data

Tools

Indexes

Applications

Experiments

Open Source Science

Recent Releases of phylum-ci

phylum-ci - v0.59.0

Features

  • Support tag pipelines in gitlab integration (#588) (d9deb74)

Documentation

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.58.1...v0.59.0

- Python
Published by phylum-bot 9 months ago

phylum-ci - v0.58.1

Documentation

  • Update language for veracode transition (#543) (42d05ac)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.58.0...v0.58.1

- Python
Published by phylum-bot about 1 year ago

phylum-ci - v0.58.0

Breaking

  • Remove SUCCESS comments from PRs/MRs (#526) (6cca5bd)

    • PRs/MRs will no longer have SUCCESS comments.

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.57.0...v0.58.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.57.0

Breaking

  • Add python 3.13 support and drop python 3.9 support (#522) (5ac96e0)

    • Support for Python 3.9 was removed.

Features

  • Ensure git repository access as prerequisite (#518) (5317fd9)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.56.0...v0.57.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.56.0

Features

  • Automatically analyze newly created projects (#514) (2683fe4)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.55.0...v0.56.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.55.0

Features

  • Add option to fail for incomplete analysis (#510) (d2c21ae)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.54.0...v0.55.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.54.0

Features

  • Allow for ignoring non-analysis errors (#508) (a372523)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.53.0...v0.54.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.53.0

Features

  • Avoid github api calls during version check (#505) (25d9c85)

Bug Fixes

  • gradle lockfile generation requires javac (#507) (17994a6)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.52.1...v0.53.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.52.1

Bug Fixes

  • Account for analysis started in repo sub-dirs (#504) (3055ce8)

  • Exit cleanly when no current dependencies (#503) (d43a047)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.52.0...v0.52.1

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.52.0

Breaking

  • Add organization support (#499) (1ad0ea7)

    • Phylum CLI installs before v7.1.4-rc1 are no longer supported. That release is the first one providing support for analysis with organizations via extensions.

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.51.0...v0.52.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.51.0

Feature

  • Add windows standalone archive install option (#481) (83538a0)

Fix

  • Include phylum-ci.exe in release artifacts (#477) (23c1e28)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.50.0...v0.51.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.50.0

Breaking

  • Add windows support with standalone binary (#474) (24a20c9)

    • Phylum CLI installs before v7.1.0-rc1 are no longer supported. That release is the first one providing full Windows support.

Documentation

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.49.0...v0.50.0

- Python
Published by phylum-bot over 1 year ago

phylum-ci - v0.49.0

Feature

  • Add option to exclude dependency files (#462) (258709b)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.48.0...v0.49.0

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.48.0

Feature

Documentation

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.47.0...v0.48.0

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.47.0

Feature

  • Allow groups to be specified without a project (#443) (ec3bd63)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.46.0...v0.47.0

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.46.0

Feature

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.45.0...v0.46.0

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.45.0

Feature

Documentation

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.44.1...v0.45.0

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.44.1

Fix

  • Account for cargo_suffix in cli version (#433) (bfbd426)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.44.0...v0.44.1

- Python
Published by phylum-bot almost 2 years ago

phylum-ci - v0.44.0

Feature

  • Ensure bitbucket repo urls use https scheme (#406) (5ea8cb2)

Documentation

  • Recommend triggering scans for default branch (#407) (efa67d0)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.43.0...v0.44.0

- Python
Published by phylum-bot about 2 years ago

phylum-ci - v0.43.0

Feature

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.42.4...v0.43.0

- Python
Published by phylum-bot about 2 years ago

phylum-ci - v0.42.4

Fix

Documentation

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.42.3...v0.42.4

- Python
Published by phylum-bot about 2 years ago

phylum-ci - v0.42.3

Fix

  • Image failures for non-root uses of yarn and pnpm (#391) (345ecd2)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.42.2...v0.42.3

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.42.2

Performance

  • Reduce phylum binary size for slim images (#385) (ac5e477)

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.42.1...v0.42.2

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.42.1

Documentation

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.42.0

Breaking

  • Phylum CLI installs before v6.0.0-rc3 are no longer supported. That release introduced a number of breaking changes which are only functional with this release of the phylum package. (35adcaf)
  • The --lockfile/-l argument to to the phylum-ci script has changed to --depfile/-d. (35adcaf)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.41.0

Feature

  • Extend GHA integration to support pull_request_target events (#341) (6ed6c14)

Breaking

  • Phylum CLI installs before v5.9.0-rc2 are no longer supported. A version with support for disabling lockfile generation and skipping sandbox usage is required. (6ed6c14)
  • The phylum-ci return code for a policy violation that results from a Phylum analysis has been changed from 1 to 2 in order to make it distinct from the default failure code that is generated for all raised SystemExit exceptions with a message instead of a code. (6ed6c14)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.40.0

Feature

  • Parse current dependencies only once (#359) (a96dccb)

Fix

  • Repository URL sometimes formatted with False (#361) (195136d)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.39.0

Feature

  • Set repository URL for CI environments (#355) (28cf1a9)
  • Ensure remote HEAD set for CINone implementation (#351) (e303919)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.38.0

Feature

  • Support workspace projects for all lockfile types (#344) (2bf66c7)
  • Cache parsing results of current dependency files (#342) (1ceff86)

Breaking

  • CLI installs prior to v5.8.0 are no longer supported. A Phylum CLI version with the find-lockable-files command is needed. (2bf66c7)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.37.1

Fix

  • More container tools broken when home-less (#337) (403eb7d)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.37.0

Feature

  • Add Python 3.12 support and drop Python 3.8 support (#335) (feb3502)
  • Enforce strict engine control for npm (#336) (4e69e3e)

Breaking

  • Support for Python 3.8 was removed due to the change in CONTRIBUTING policy to support only the current/latest release plus the previous three minor versions of Python. (feb3502)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.36.0

Feature

Fix

  • Container tools broken when home-less (#329) (f951e3c)

Breaking

  • The phylum-ci docker image created from the default Dockerfile is much larger, containing all the required tools for lockfile generation across all supported ecosystems. To retain the previous functionality, a new slim tag is offered for those instances where no manifest files are present and/or only lockfiles are used. (f96ff48)

Documentation

  • Add more detail for manifest file support (#328) (3241d2d)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.35.2

Fix

  • Integrations should check for previous comments (#305) (12e7445)

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.35.1

Fix

- Python
Published by phylum-bot over 2 years ago

phylum-ci - v0.35.0

Feature

Breaking

  • CLI installs prior to v5.7.0 are no longer supported. A Phylum CLI version with ability to parse CycloneDX lockfiles is needed. (3897879)

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.34.0

Feature

  • Improve GitLab integration for partial checkouts (#291) (ca33672)

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.33.0

Feature

  • Add packages.*.lock.json lockfile detection (#287) (00e1d57)

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.32.1

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.32.0

Feature

  • Add pnpm-lock.yaml and packages.lock.json lockfile support (#277) (a24b2c2)

Breaking

  • CLI installs prior to v5.5.0 are no longer supported. A Phylum CLI version with ability to parse pnpm-lock.yaml and packages.lock.json lockfiles is needed. (a24b2c2)

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.31.0

Feature

  • Update the phylum analysis technique (#269) (4a6367b)

Documentation

  • Remove docs hosted in documentation repo (#264) (1bcc72b)

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.30.1

Style

  • Account for new report format by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/259

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.30.0...v0.30.1

- Python
Published by phylum-bot almost 3 years ago

phylum-ci - v0.30.0

Feature

  • Add npm-shrinkwrap.json and requirements*.txt to supported lockfiles (#250) (c21b0e6)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.29.0

Feature

  • Add logging support and better error output (#247) (0350be9)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.28.1

Fix

  • Link to Phylum UI project clipped in logs (#227) (8d2e91e)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.28.0

Feature

Breaking

  • The risk domain threshold options have been removed. (ed3532e)
  • CLI installs prior to v5.0.0 are no longer supported. A Phylum CLI version with ability to return policy results and specify the --base option in the analyze command is required. (ed3532e)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.27.0

Feature

  • Provide ability to specify Phylum API URI (#222) (80a54db)

Breaking

  • The short option -u for --vul-threshold was removed. (80a54db)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.26.0

Feature

Breaking

  • Support for Python 3.7 was removed due to its imminent end of life (1b65787)

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.25.0

Feature

  • Allow .phylum_project file to be optional (#209) (7092c93)

Breaking

  • CLI installs prior to v4.5.0 are no longer supported. A Phylum CLI version with ability to specify multiple lockfiles is required. (7092c93)

Documentation

- Python
Published by phylum-bot about 3 years ago

phylum-ci - v0.24.1

Fix

Documentation

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.24.0

Feature

Documentation

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.23.1

Fix

  • Link to Phylum UI project clipped in logs (#186) (95d6838)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.23.0

Feature

  • Improve experience around GitHub rate limiting API requests (#179) (df5f1e2)

Breaking

  • The --phylum-release option (-r) default is no longer latest. Default behavior now is to use the installed version and fall back to latest when no Phylum CLI is already installed. (df5f1e2)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.22.1

Fix

  • Issue summary entries repeated in output (#175) (30d9e42)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.22.0

Feature

Breaking

  • For GitLab branch pipelines, the analyzed dependencies are now determined by comparing the lockfile in the branch to the default branch instead of the previous commit that ran in that branch pipeline. All dependencies will be analyzed when the branch pipeline is run on the default branch. (7d6d859)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.21.0

Feature

  • Add go.sum and Cargo.lock as supported lockfiles (#169) (187a863)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.20.0

Feature

  • Support RSA SHA256 signature verification in phylum-init (#165) (4fad7dd)

Breaking

  • CLI installs prior to v3.12.0 are no longer supported (4fad7dd)
  • CLI installs and upgrades can no longer be confirmed with .minisig minisign signatures and must instead use .signature RSA SHA256 based signatures (4fad7dd)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.19.0

Feature

  • Extend Azure Pipelines integration to support GitHub repos (#160) (39e80ac)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.18.0

Feature

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.17.1

Fix

  • Sanitize user input to guard against possible cmd injection (#144) (4d72ece)

Documentation

  • Provide more hints about using the SVG files (#146) (747e230)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.17.0

Feature

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.16.1

Fix

  • Account for shallow fetch in Azure Pipelines integration (#135) (36e2413)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.16.0

Feature

  • Add support for Azure Pipelines CI environment (#127) (a22de2c)

Documentation

  • Use long form options in documentation examples (#129) (bbca9d3)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.15.0

Feature

  • Allow docker image use for non-root users (3e87aa9)
  • Don't require serial processing of pre-commit hook (#115) (b0fb110)

Breaking

  • CLI installs prior to v2.2.0 are no longer supported. (e5c0fca)

- Python
Published by phylum-bot over 3 years ago

phylum-ci - v0.14.0

Feature

  • Change supported maven lockfile to effective-pom.xml (#112) (c98fa8e)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.13.3

Documentation

  • Revert bad script options SVG files (907e8f2)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.13.2

Fix

  • Script options auto update still can't find package (#108) (967c1c0)

Documentation

  • Revert bad script options SVG files (0c9dfc2)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.13.1

Fix

  • Script options auto update can't find package (#107) (9fb7164)

Documentation

  • Revert bad script options SVG files (9d7d6fc)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.13.0

Feature

  • Provide a Docker image with glibc instead of musl libc (#104) (c5fadb4)

Breaking

  • Versions of the CLI older than v3.8.0-rc2 are no longer possible to install on Linux systems with the phylum-init script. (c5fadb4)

Documentation

  • Add script options docs with auto updates (#102) (6ba8e96)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.12.1

Fix

  • Issue Summary data missing for vulnerability domain (#99) (3a833cf)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.12.0

Feature

  • Host phylum-ci Docker image on GitHub Container Registry (#97) (ebc882e)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.11.0

Feature

  • Add git pre-commit hook integration (#91) (99c5726)

Fix

  • Incorrect vulnerability risk domain package key name (#94) (247b4a4)

Documentation

  • Update CONTRIBUTING.md to show how to add dependencies without constraints (d25dd1f)
  • Create exclusive directory for Integrations docs to sync properly (#80) (d8b608b)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.10.0

Feature

  • Check for and list valid versions and targets programmatically in phylum-init (#74) (7066565)

Documentation

  • Add integration documentation to Phylum docs page (5b988b9)

Performance

  • Allow native Docker image creation (#77) (9ee4123)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.9.1

Fix

  • Detect lockfile changes in GitHub PRs (#73) (c119a4a)
  • Apply total threshold to all risk domains (#71) (0b19167)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.9.0

Feature

  • Add support for GitHub Actions CI environment (#68) (b59da0a)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.8.1

Fix

  • Docker image tags are inconsistent (#67) (00a2b53)

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.8.0

Feature

  • Coordinate phylum-ci Docker image releases with new CLI releases (#63) (82b57e2)
  • Expose version arguments with a short form -V (92e9149)

Fix

  • Using gh cli requires specifying a token (#65) (1e070fd)
  • Logical prefixed not fails GitHub workflow syntax (#64) (00a5cb1)
  • Re-enable building docker images with pre-built distributions (c5d7aa0)

Documentation

  • Add a Code of Conduct (#60) (c953f68)
  • Add a security policy (21fce1b)
  • Reformat code examples to add whitespace lines (a31fdce)

Performance

- Python
Published by phylum-bot almost 4 years ago

phylum-ci - v0.7.0

Feature

  • Use a single character for "single dash" options (6a4b032)

Breaking

  • The short options for the following arguments changed (6a4b032):
    • --force-analysis was changed from -fa to -f
    • --force-install was changed from -fi to -i
    • --vul-threshold was changed from -vt to -u
    • --mal-threshold was changed from -mt to -m
    • --eng-threshold was changed from -et to -e
    • --lic-threshold was changed from -lt to -c
    • --aut-threshold was changed from -at to -o

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.6.0

Feature

  • Provide an option to force analysis (#55) (4d6fc3b)
  • Default to project settings for risk domain thresholds (#52) (9f10442)
  • Default to analyzing new dependencies only (#53) (e0894fc)

Fix

  • Ensure the "CI Platform Name" portion of a label is correct (#55) (1867fb6)
  • Enable Phylum UI links for groups (#54) (8775a63)

Breaking Changes

  • Individual risk domain threshold values can be set with command line options, which now accept values between 0 and 100, inclusive
    • Previously, the accepted values were between 0 and 99, inclusive
  • The option to analyze --new-deps-only was removed and replaced with one that has the opposite meaning: --all-deps
  • The short option to --force-install was changed from -f to -fi

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.5.2...v0.6.0

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.5.2

Fix

  • Ensure notes are not duplicated in GitLab MRs (#43) (a8ffe7f)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.5.1

Fix

  • Sync package issue key name changes from CLI v3.4.0 release (#41) (2f5f8d5)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.5.0

Feature

  • Add support for GitLab CI environment (#38) (732daea)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.4.0

Feature

  • Expose the Python package as a Docker image (#37) (0976f1d)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.3.0

Feature

  • Add phylum-ci script entry point to analyze lockfile changes (#36) (f1cbac7)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.2.1

Fix

  • Use phylum-bot account instead of a personal account (#34) (40ba743)

- Python
Published by phylum-bot about 4 years ago

phylum-ci - v0.2.0-rc.0

What's Changed

  • Add phylum-init package and script by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/22
  • Create Python project shell by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/8
  • Create testing structure by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/10
  • ci: enable Phylum analysis for this repository 🍾 by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/21
  • ci: modernize the release workflow by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/28

New Contributors

  • @maxrake made their first contribution in https://github.com/phylum-dev/phylum-ci/pull/7

Full Changelog: https://github.com/phylum-dev/phylum-ci/commits/v0.2.0-rc.0

- Python
Published by maxrake about 4 years ago

phylum-ci - v0.0.2rc5

Full Changelog: https://github.com/phylum-dev/phylum-ci/compare/v0.0.2rc3...v0.0.2rc5

- Python
Published by github-actions[bot] about 4 years ago

phylum-ci - v0.0.2rc3

What's Changed

Other Changes

  • Task: update templates by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/7
  • Create Python project shell by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/8
  • Get first draft of first workflow in place by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/9
  • Create testing structure by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/10
  • Add initial workflows by @maxrake in https://github.com/phylum-dev/phylum-ci/pull/16

New Contributors

  • @maxrake made their first contribution in https://github.com/phylum-dev/phylum-ci/pull/7

Full Changelog: https://github.com/phylum-dev/phylum-ci/commits/v0.0.2rc3

- Python
Published by github-actions[bot] about 4 years ago