Skip to content

Releases: synthesiseng/depgraph-cli

depgraph-cli: v0.3.0

14 Apr 23:07
@depgraph-release-bot depgraph-release-bot
depgraph-cli-v0.3.0
31f0451
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
depgraph-cli: v0.3.0 Latest
Latest

0.3.0 (2026-04-14)

Features

  • add canonical label resolution and resolved review state (2dd68f3)
  • add canonical label resolution and resolved review state (6144e26)
  • add explicit review targets for findings and edge findings (fac97eb)
  • add first-class edge findings and metadata coverage observability (f48bdbb)
  • add first-class edge findings, baseline identity, and metadata coverage stats (e39d575)
  • add package-lock project scanning (9778d32)
  • add package-lock project scanning support (85eb563)
  • add scan history, edge-level delta, review events, and eval command (d98a231)
  • add scan history, edge-level delta, review events, and eval command (951bce3)
  • benchmark: add benchmark runner and manifest-driven evaluation pipeline (9b4fb64)
  • benchmark: add internal benchmark runner and execution pipeline (a197cae)
  • eval: add ADR-012 data readiness reporting (884f441)
  • eval: add explicit export readiness semantics to eval (bf9c3f6)
  • eval: add failure surfacing for persisted scan history (7584259)
  • eval: add failure surfacing for persisted scan history (009ab81)
  • eval: eval data readiness reporting with explicit denominator semantics (2886b1e)
  • eval: harden export readiness reporting with explicit denominator semantics (fa042e4)
  • implement depgraph scan MVP (end-to-end dependency risk analysis) (b076353)
  • implement depgraph scan MVP end to end (cde220b)
  • improve risk scoring and introduce rich Ink-based scan UI (b8ef1d0)
  • improve supply-chain risk signals and introduce rich Ink scan UI (9bda0c0)
  • initialize depgraph CLI with clean architecture scaffold (3530ad6)
  • make review targets explicit for findings and edge events (eaead2b)
  • metadata: add explicit missingness contract for metadata fields (0b128b3)
  • metadata: add explicit missingness contract for metadata fields (4717ed5)
  • refine new package risk signals for supply-chain detection (b91a625)
  • refine new package risk signals for supply-chain detection (dc2c63b)
  • scan: add ADR-012 field reliability policy to scan results (155205b)
  • scan: add ADR-012 field reliability policy to scan results (0d37114)
  • scan: add pnpm lockfile scan mode and traversal support (e659108)
  • scan: add pnpm lockfile scanning support (6419a0e)
  • scan: add summary mode for compact scan output (86ab58c)
  • scan: add summary mode for compact scan output (806e950)
  • scan: add warning for weekly downloads lookup fallback (a1261c2)
  • scan: add warning for weekly downloads lookup fallback (3e1f136)
  • scan: polish TUI and plain-text scan presentation (5a303b8)
  • scan: polish TUI and plain-text scan presentation (87184d6)
  • scan: refine plain-text and TUI presentation layering (0947fe7)
  • scan: refine plain-text and TUI presentation layering (e83e889)
  • scorer: add security deprecation language signal (5ec2873)
  • scorer: add security deprecation language signal (28ce356)
  • scorer: calibrate freshness and churn interaction (6b16e0a)
  • scorer: calibrate freshness and churn interaction (50352da)
  • scorer: calibrate freshness signal for mature packages (78364d5)
  • scorer: calibrate freshness signal for mature packages (6d769ac)
  • surface unresolved registry metadata in package-lock scans (5739446)
  • surface unresolved registry metadata in package-lock scans (278485d)

Bug Fixes

  • add source precedence to canonical label resolution (a877769)
  • adjust Node mascot asset sizing (cc324ce)
  • clean up duplicate unresolved metadata handling (7fb40c3)
  • eval: normalize legacy eval history and add readiness blocker breakdown (fd735b4)
  • eval: normalize legacy scan history and add blocker breakdown (8c824d5)
  • expose depgraph and depgraph-cli bins (172c24a)
  • expose depgraph and depgraph-cli bins (6bf718f)
  • expose depgraph and depgraph-cli bins (9ffbbad)
  • harden canonical label resolution behavior (6c526df)
  • make package-lock scans resilient to unresolved dependencies (5af643e)
  • make package-lock scans resilient to unresolved dependencies (2328813)
  • persistence: align scan-level explanation with primary finding (16fdd84)
  • persistence: align scan-level explanation with primary finding ([43d2e11...
Read more
Assets 2
Loading