v1.18.0

Release notes for syft v1.18.0

Categories:

Release

Tags:

Syft

Release Notes

Version v1.18.0

Added Features

convert spdx absolute to relative [#3509 @spiffcs]
Add relationships for rust audit binary packages [#3500 @wagoodman]
support configuration of layer size in Syft [#3428 #3464 @tomersein]
Support Dart arm/v7 in 3.x and 2.x [#3278 #3475 @witchcraze]

Bug Fixes

fix order of rust dependencies and support git sources in Cargo.lock dependencies [#3502 @willmurphyscode]
Use file indexer directly when scanning with file source [#3333 @adammcclenaghan]
Remove incorrect power-user help text that only image sources are supported [#2046]
Invalid SPDX: missing copyright text [#3346 #3495 @spiffcs]
Scanning a source tree with duplicate conanfile.txt dependencies generates multiple components [#3403]

(Full Changelog)

Last modified October 10, 2025: fix reference links (1594d93)