Releases · DataDog/supply-chain-firewall · GitHub

10 Feb 11:17

ikretz

v2.6.0 Latest

Latest

New features

Add a verifier for recently created packages by @ikretz in #202

Bug fixes and improvements

Add language about Agent log file tailing by @ikretz in #206
Reorganize README documentation by @ikretz in #207
Log current working directory by @ikretz in #216

Chores

Add CODEOWNERS by @ikretz in #194
Add new package manager versions to matrix tests by @ikretz in #213
Bump version number for v2.6.0 by @ikretz in #217

Full Changelog: v2.5.0...v2.6.0

Contributors

ikretz

Assets 2

16 Dec 13:37

ikretz

v2.5.0

New features

Allow custom Datadog log attributes by @ikretz in #173
Add a local file logger by @ikretz in #190
Add a default verifier for user-provided findings lists by @ikretz in #191

Bug fixes and improvements

Bugfix: npm installation target resolution by @ikretz in #184
Bugfix: Handle optional dependencies in npm audit by @ikretz in #189

Chores

Update PyPI publish workflow to use Trusted Publisher by @ikretz in #174
Bump version number for v2.5.0 by @ikretz in #193

Full Changelog: v2.4.0...v2.5.0

Contributors

ikretz

Assets 2

29 Oct 16:53

ikretz

v2.4.0

New features

Allow for ignoring OSV warnings by ID by @ikretz in #161

Bug fixes and improvements

Handle missing Datadog agent when removing config by @danshome in #167
Handle KeyboardInterrupt by @ikretz in #168

New Contributors

@danshome made their first contribution in #167

Full Changelog: v2.3.0...v2.4.0

Contributors

danshome and ikretz

Assets 2

07 Oct 15:14

ikretz

v2.3.0

New features

Allow commands on unsupported versions via CLI option by @ikretz in #152

Bug fixes and improvements

Delay check for supported package manager version based on need by @ikretz in #143
Account for verbose option in pip commands by @ikretz in #144
Make dry-run exit code reflect findings status by @ikretz in #145
[Suggestion] More in-depth runtime error when npm isn't installed by @d-niu in #148
Warn on logger errors instead of exiting early by @ikretz in #150
Update .rc files in-place while configuring by @ikretz in #154
Handle non-interactive shells gracefully by @ikretz in #158

Chores

Bump certifi from 2025.8.3 to 2025.10.5 by @dependabot[bot] in #157
Bump datadog-api-client from 2.43.0 to 2.44.0 by @dependabot[bot] in #156
Bump version for release of v2.3.0 by @ikretz in #159

New Contributors

@d-niu made their first contribution in #148
@dependabot[bot] made their first contribution in #157

Full Changelog: v2.2.1...v2.3.0

Contributors

dependabot, ikretz, and d-niu

Assets 2

08 Sep 15:16

ikretz

v2.2.1

Bug fixes and improvements

Update README.md to add CTA for design partners by @netcode in #120
Documentation: Configuring Datadog site parameter by @ikretz in #128
Add a hierarchy of Python binary names when resolving executable by @ikretz in #131

Full Changelog: v2.2.0...v2.2.1

Contributors

netcode and ikretz

Assets 2

08 Aug 08:54

ikretz

v2.2.0

New features

Allow verifiers to support only certain ecosystems by @ikretz in #106
Allow for erroring on malicious findings by @ikretz in #108
Allow for automatically allowing or blocking on warning by @ikretz in #109

Bug fixes and improvements

Handle compromised libs in malicious packages dataset verifier by @ikretz in #117

Chores

Bump version number release of v2.2.0 by @ikretz in #118

Full Changelog: v2.1.0...v2.2.0

Contributors

ikretz

Assets 2

03 Jul 15:00

ikretz

v2.1.0

New features

Add local auditing of installed packages by @ikretz in #88
Cache malicious packages data to use as a fallback by @ikretz in #100
Add Datadog logging for local audits by @ikretz in #103

Bug fixes and improvements

Replace PackageManagerCommand with PackageManager by @ikretz in #85

Full Changelog: v2.0.0...v2.1.0

Contributors

ikretz

Assets 2

07 May 13:26

ikretz

v2.0.0

Breaking changes

Clarify firewall actions by @ikretz in #71

New features

Add initial support for Poetry by @ikretz in #74
Add support for poetry install by @ikretz in #79
Add support for poetry sync by @ikretz in #82
Add support for poetry update by @ikretz in #83

Bug fixes and improvements

Adding guarddog dependency scanning by @sobregosodd in #81

Chores

Bump version number to 2.0.0 by @ikretz in #84

Full Changelog: v1.3.3...v2.0.0

Contributors

ikretz and sobregosodd

Assets 2

07 Apr 11:30

ikretz

v1.3.3

Bug fixes and improvements

Handle OSV.dev results pagination by @ikretz in #60
Rank OSV.dev findings by severity by @ikretz in #61

Chores

Update dependencies and tests by @ikretz in #59
Update dev dependencies by @ikretz in #66
Bump version number to 1.3.3 by @ikretz in #68

Full Changelog: v1.3.2...v1.3.3

Contributors

ikretz

Assets 2

20 Mar 15:23

ikretz

v1.3.2

Bug fixes and improvements

Update tests with latest pip and npm versions by @ikretz in #51
Collect username in Datadog logs by @ikretz in #52
Add executable to default log handler by @ikretz in #53

Chores

Bump version number for release v1.3.2 by @ikretz in #54

Full Changelog: v1.3.1...v1.3.2

Contributors

ikretz

Assets 2