v0.39.3

Release notes for syft v0.39.3
Categories:
Tags:

Release Notes

Version v0.39.3

v0.39.3 (2022-02-26)

Full Changelog

Added Features

  • Allow for CPE strings that can later be sanitized [PR #844] [wagoodman]
  • Ability to sign or attest the generated SBOM [Issue #510]

Bug Fixes

  • Resolve symlinks when fetching file contents [PR #782] [wagoodman]
  • Add exception for handlebars java package to generate nodejs CPE [PR #837] [wagoodman]
  • Do not generate empty CPEs for non-compliant CPE fields [PR #850] [spiffcs]
  • unable to catalog dpkg package=/var/lib/dpkg/status [Issue #733]
  • Deduplicate docker image manifests [Issue #825]
  • scan crash with panic: runtime error: index out of range [1] with length 1 when parsing invalid formatted requirements.txt file [Issue #831]
Last modified October 10, 2025: fix reference links (1594d93)