Releases: verkada/guac
Releases · verkada/guac
Verkada GUAC v1.0.1-verkada-001
Verkada Custom GUAC Release
This release contains custom modifications for Verkada's use case:
- VEX status mappings for Vigiles SBOM ingestion
- Enhanced empty analysis state handling
- Improved RFC3339 timestamp parsing
Base version: GUAC v1.0.1
Changelog
- b7c8690 Ent - IngestPkgEquals with tests (guacsec#1243)
- 8e8bf52 guacsec#1996 Improve package's qualifiers query (guacsec#1997)
- 8e929e7 --- (guacsec#1917)
- 5402c79 --- (guacsec#1918)
- 79bb957 --- (guacsec#1919)
- 1f57e79 --- (guacsec#1920)
- febf594 --- (guacsec#1923)
- 8336525 1434-docker-compose - backend selection on startup (guacsec#1435)
- c197a9d 1550 Ent: hasSBOM 'included' implementation (guacsec#1583)
- 463b800 📖 Included comments for the bfs on patchPlanning (guacsec#1130)
- 3f96625 Add 'integration' tag to golangci-lint (guacsec#1202)
- 64dfda6 Add @jeffmendoza as Maintainer. (guacsec#1144)
- 9279015 Add CVE, GHSA and OSV tries GraphQL schema (guacsec#399)
- 13b9a49 Add Certifier cmd to guacone (guacsec#246)
- 649c204 Add Certify bad query and re-org the query CLI (guacsec#807)
- 035bf1f Add CertifyGood as a copy of CertifyBad (guacsec#652)
- 85868ea Add CertifyLegal to query known package (guacsec#2254)
- f407e04 Add CertifyPkg schema with testing backend (guacsec#455)
- 7ee10f0 Add ClearlyDefined to e2e test (guacsec#2168)
- 7510cab Add Compose Tarball to Release Workflow (guacsec#1076)
- ad806a2 Add DSSE processor
- ede754a Add Deps.dev collector to guacone (guacsec#1661)
- cdc11e0 Add EOL processor so the certifier will run (guacsec#2394)
- c0e35bf Add GUAC Version to Logs (guacsec#1856)
- 3c59c1e Add Github Collector (guacsec#498)
- 3bc26e4 Add GraphQL documentation doc. (guacsec#785)
- 8daf872 Add Guacone collect files json.bz2 capability (guacsec#1395)
- ddabdf6 Add HasMetadata operations and inmem implementation (guacsec#1023)
- bf20b1a Add HasSBOM attestation with testing backend (guacsec#452)
- acad3d7 Add Hash equal schema for GraphQL (guacsec#442)
- 4c14629 Add ID and backedges for certifyPkg. (guacsec#628)
- df08235 Add IDs and back edges for certify vex and certify bad (guacsec#626)
- 10b6b4d Add IsDependency batch querying (guacsec#2221)
- 5234d9b Add IsOccurrence to GraphQL Schema (guacsec#447)
- 68e0455 Add Legal information schema and inmem backend. (guacsec#1207)
- 2c19f25 Add License and CertifyLegal to Arango backend. (guacsec#1349)
- 354783c Add Luke to TAM (guacsec#271)
- 43f3e34 Add Neo4j Backend queries (guacsec#417)
- 6ab04cd Add NoKnownVuln node and related operations. (guacsec#673)
- f3e8991 Add Node query (guacsec#679)
- a7180a4 Add Nodes query needed for UI. (guacsec#812)
- bc034e3 Add OCI Registry Collector (guacsec#2185)
- 6ee6b6e Add OCI Registry Collector CLI (guacsec#2241)
- 696557b Add POC to setup.md (guacsec#162)
- 2b196f5 Add Pagination to the Rest API (guacsec#1720)
- 08bfd91 Add PkgEqual and HashEqual predictaes -- testing + code planning (guacsec#1069)
- 778091b Add PointOfContact predicate ingest (guacsec#1075)
- 9368f3a Add PointOfContact predicate to PatchPlanning (guacsec#1088)
- 1fb5ee9 Add Redis and TiKV kv stores (guacsec#1502)
- b7ff00e Add SECURITY-INSIGHTS (guacsec#1353)
- 37fde17 Add SETUP-new.md and supporting query and script files. (guacsec#662)
- e3add68 Add WhichVersionMatchesfunction implementation (guacsec#796)
- 2aeb88c Add
CONTRIBUTING.md - 57d60ea Add a CI step to run current go tests.
- 794cf66 Add a CI workflow using neo4j.
- 663b076 Add a collectsub client type Datasource for collectors (guacsec#403)
- 89019ad Add a demo level docker compose yaml (guacsec#1747)
- ffadd34 Add a developer readme to the cli commands. (guacsec#1324)
- 3bb8b21 Add a transitive dependencies endpoint to the REST API (guacsec#1867)
- 8c812fd Add a user to the Dockerfile for ent migrations. (guacsec#2793)
- 9cc17ad Add ability to add ingestPredicates documents for ingestion (guacsec#1051)
- 09db2dc Add additional DSSE tests
- cf8ab73 Add artifact and builder graphQL schema (guacsec#400)
- 4936a26 Add back testing utils
- 0f694a3 Add batch querying for clearly defined to reduce ingestion time (guacsec#2088)
- bb36eab Add benchmark for TiKV (guacsec#1579)
- b93696d Add bot configurations (guacsec#85)
- 2290eb0 Add check for docker compose (guacsec#1176)
- 7bbf610 Add check for empty CertifyBad nodes in query bad (guacsec#2365)
- cda3a6b Add collectsub service and OCI collector to all-in-one deployment (guacsec#430)
- ab37eb4 Add comment for id field on PkgSpec (guacsec#1631)
- df88a40 Add comment on Edge schema to note that edges are bidirectional (guacsec#1632)
- 7176dec Add concurrency to arango hasSBOM query (guacsec#1609)
- f4a1e53 Add contributor ladder process. (guacsec#750)
- d55629f Add default SECURITY.md policy (guacsec#2004)
- 4cd1e8c Add deps.dev cmd implementation of collector subscriber (guacsec#660)
- 14be5a3 Add deps.dev collector, processor and parser (guacsec#654)
- debb811 Add developer documentation (guacsec#126)
- b0490b1 Add edges
- 58cfe73 Add end to end test (guacsec#685)
- 0020edb Add eol to e2e and fix certifier logic (guacsec#2396)
- 3d2f3da Add file collector (guacsec#79)
- 22c8728 Add gotestfmt to improve test output formatting (guacsec#2310)
- 3b51228 Add graphql query examples (guacsec#473)
- 136ad62 Add guaccollect files option to set origin to blob path (guacsec#1811)
- fc6860d Add identity verifier interface
- 9a33cd4 Add ingestion for sources, on both backends (guacsec#481)
- 7b31843 Add ingestion mutation for SLSA (guacsec#553)
- b5db2c1 Add initial graphdb package
- 3587e04 Add initial nodes for arangoDB backend implementation (guacsec#911)
- b515708 Add instructions to start docker with apoc (guacsec#174)
- c45498b Add log level configuration (guacsec#1422)
- 02968d0 Add maintainers and governance
- af5516a Add markdown format check to ci (guacsec#686)
- fa67e93 Add missing VEX status mappings for resolved_with_pedigree and false_positive
- ae3c1aa Add missing dev tools to nix shell (guacsec#1819)
- 2d684f0 Add missing use-csub flag to oci collector (guacsec#2424)
- 4fb814c Add more error checking for inmem backend. (guacsec#700)
- 3f9016b Add mutation to ingest artifacts (guacsec#485)
- caa8efd Add mutation to ingest builders (guacsec#491)
- 0917297 Add neighbors and path GraphQL queries. (guacsec#624)
- bb96252 Add nil checks for pkgConn and PackagesList (guacsec#1948)
- 70f291d Add nodes for attestations, artifacts and builders
- 6ad13e9 Add otel instrumentation to http/grpc/sql libraries. (guacsec#2440)
- 2a96e7f Add package qualifiers to package trie and query spec (guacsec#394)
- 7eced3b Add package trie GraphQL schema (before qualifiers) (guacsec#391)
- 3885c0e Add packages to shell.nix (guacsec#1025)
- cb92e23 Add performance test for redis. (guacsec#1562)
- 7334096 Add processorInput structs
- b0659a8 Add query vulnerability CLI demo documentation (guacsec#742)
- 48acf14 Add reachability testdata (guacsec#609)
- 4c46dc7 Add reference attestation for multiple equivalent images (guacsec#2467)
- d0fe46...