Skip to content

Release 2025.11.28

Choose a tag to compare

View all tags
@github-actions github-actions released this 28 Nov 13:07
· 31 commits to main since this release
2025.11.28
a37eea7

What's Changed

  • Setup tests in testcontainers by @fwilhe in #2
  • Bump org.asciidoctor.jvm.convert from 3.3.2 to 4.0.2 by @dependabot[bot] in #3
  • Bump io.rest-assured:rest-assured from 5.2.0 to 5.4.0 by @dependabot[bot] in #4
  • Bump io.spring.dependency-management from 1.1.4 to 1.1.5 by @dependabot[bot] in #6
  • Implement endpoint to get CVEs per distro by @fwilhe in #5
  • Implement endpoint for readiness check by @fwilhe in #7
  • Deploy docs to github pages by @fwilhe in #8
  • Improve rest docs by @fwilhe in #9
  • build container image based on unbase_oci by @fwilhe in #10
  • Parse CVE DB objects into domain objects by @fwilhe in #11
  • Bump org.springframework.boot from 3.2.5 to 3.3.0 by @dependabot[bot] in #12
  • Implement get cve for packages endpoint by @fwilhe in #13
  • Bump org.springframework.boot from 3.3.0 to 3.3.1 by @dependabot[bot] in #14
  • Update gradle to 8.8 by @fwilhe in #15
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.5.0 to 2.6.0 by @dependabot[bot] in #16
  • Bump io.rest-assured:rest-assured from 5.4.0 to 5.5.0 by @dependabot[bot] in #17
  • Bump io.spring.dependency-management from 1.1.5 to 1.1.6 by @dependabot[bot] in #18
  • Bump org.springframework.boot from 3.3.1 to 3.3.2 by @dependabot[bot] in #20
  • Bump org.asciidoctor.jvm.convert from 4.0.2 to 4.0.3 by @dependabot[bot] in #19
  • Bump gradle/actions from 3.1.0 to 3.5.0 by @dependabot[bot] in #21
  • Bump gradle/actions from 3.5.0 to 4 by @dependabot[bot] in #22
  • Bump org.junit.jupiter:junit-jupiter from 5.9.2 to 5.10.3 by @dependabot[bot] in #23
  • Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.11.0 by @dependabot[bot] in #24
  • Bump org.springframework.boot from 3.3.2 to 3.3.3 by @dependabot[bot] in #25
  • Build multi-arch container image by @fwilhe in #26
  • Bump gradle/actions from 4.0.0 to 4.0.1 by @dependabot[bot] in #27
  • Packages api by @fwilhe in #28
  • Simplify HTTP API by @fwilhe in #29
  • API for List of impacted package(s) by a CVE by @fwilhe in #30
  • Use SAPMachine in CI by @fwilhe in #31
  • Use views instead of native queries where possible by @fwilhe in #33
  • Enable sorting in API by @fwilhe in #34
  • Simplify HTTP API by @fwilhe in #35
  • Pagination by @fwilhe in #36
  • Put package list by @fwilhe in #37
  • Bump gradle/actions from 4.0.1 to 4.1.0 by @dependabot[bot] in #39
  • Simplify image build by @fwilhe in #40
  • add cvss base score and vector string to api response by @fwilhe in #41
  • Use Garden Linux-based SAPMachine container image by @fwilhe in #42
  • Bump org.springframework.boot from 3.3.3 to 3.3.4 by @dependabot[bot] in #43
  • CVE detail page by @fwilhe in #44
  • Don't try to deploy the image from a PR by @fwilhe in #45
  • Improve and unify styling by @fwilhe in #46
  • Extend CVE detail view with distro-specific info by @fwilhe in #47
  • Bump org.junit.jupiter:junit-jupiter from 5.11.0 to 5.11.1 by @dependabot[bot] in #48
  • Bump org.junit.jupiter:junit-jupiter from 5.11.1 to 5.11.2 by @dependabot[bot] in #49
  • Bump org.springframework.boot from 3.3.4 to 3.3.5 by @dependabot[bot] in #52
  • Bump org.junit.jupiter:junit-jupiter from 5.11.2 to 5.11.3 by @dependabot[bot] in #51
  • build and deploy bare image by @fwilhe in #50
  • use jlink to build a smaller image by @fwilhe in #53
  • Improve CVE context by @fwilhe in #55
  • Bump gradle/actions from 4.1.0 to 4.2.0 by @dependabot[bot] in #56
  • Use new unbase_oci script by @fwilhe in #57
  • Bump org.springframework.boot from 3.3.5 to 3.4.0 by @dependabot[bot] in #58
  • Bump gradle/actions from 4.2.0 to 4.2.1 by @dependabot[bot] in #59
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.6.0 to 2.7.0 by @dependabot[bot] in #60
  • Show version fixed in cve details page by @fwilhe in #61
  • Bump gradle/actions from 4.2.1 to 4.2.2 by @dependabot[bot] in #62
  • Bump org.asciidoctor.jvm.convert from 4.0.3 to 4.0.4 by @dependabot[bot] in #63
  • Bump org.junit.jupiter:junit-jupiter from 5.11.3 to 5.11.4 by @dependabot[bot] in #64
  • Bump io.spring.dependency-management from 1.1.6 to 1.1.7 by @dependabot[bot] in #66
  • Bump org.springframework.boot from 3.4.0 to 3.4.1 by @dependabot[bot] in #65
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.7.0 to 2.8.0 by @dependabot[bot] in #67
  • Switch to latest tag of postgres image for tests by @fwilhe in #69
  • Add api endpoint to query cve details with contexts by @fwilhe in #68
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.0 to 2.8.3 by @dependabot[bot] in #71
  • View CVE context in a table by @fwilhe in #70
  • Improve tests with small set of test data by @fwilhe in #72
  • Display cveLastModifiedDate and cveLastIngestedDate by @fwilhe in #73
  • Show Modified and Ingested Dates on CVE Details by @fwilhe in #74
  • Add links to switch between Garden Linux versions by @fwilhe in #75
  • Display all non-dummy cve context entries for dists by @fwilhe in #76
  • Display NVD exclusive CVEs in GLVD by @fwilhe in #77
  • Bump org.springframework.boot from 3.4.1 to 3.4.2 by @dependabot[bot] in #78
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.3 to 2.8.4 by @dependabot[bot] in #79
  • Bump gradle/actions from 4.2.2 to 4.3.0 by @dependabot[bot] in #80
  • Generate the 'Changes' section for Garden Linux release notes by @fwilhe in #81
  • Take CVE context into account for release notes generation by @fwilhe in #82
  • Bump org.junit.jupiter:junit-jupiter from 5.11.4 to 5.12.0 by @dependabot[bot] in #86
  • Bump org.springframework.boot from 3.4.2 to 3.4.3 by @dependabot[bot] in #85
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.4 to 2.8.5 by @dependabot[bot] in #83
  • Bump io.rest-assured:rest-assured from 5.5.0 to 5.5.1 by @dependabot[bot] in #84
  • Remove testcontainers from setup, replace with compose file by @fwilhe in #87
  • Bump org.springframework.boot from 3.4.3 to 3.4.4 by @dependabot[bot] in #89
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.5 to 2.8.6 by @dependabot[bot] in #90
  • Bump gradle/actions from 4.3.0 to 4.3.1 by @dependabot[bot] in #91
  • Bump org.junit.jupiter:junit-jupiter from 5.12.0 to 5.12.1 by @dependabot[bot] in #88
  • Bump org.junit.jupiter:junit-jupiter from 5.12.1 to 5.12.2 by @dependabot[bot] in #92
  • Upgrade tests to new sql schema by @fwilhe in #93
  • Use kernel.org vulnerabilities repo for kernel CVEs by @fwilhe in #95
  • Improve handling of release notes if the distro is not yet available in glvd by @fwilhe in #96
  • Bump org.springframework.boot from 3.4.4 to 3.4.5 by @dependabot[bot] in #97
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.6 to 2.8.8 by @dependabot[bot] in #98
  • Make ci workflow more easy to work with forks by @fwilhe in #99
  • Render cve context description as markdown by @fwilhe in #101
  • Add API endpoint to list triages per Garden Linux release by @fwilhe in #100
  • Bump io.rest-assured:rest-assured from 5.5.1 to 5.5.2 by @dependabot[bot] in #103
  • Bump gradle/actions from 4.3.1 to 4.4.0 by @dependabot[bot] in #104
  • Workaround release notes by @fwilhe in #102
  • use better format for release notes in ui by @fwilhe in #105
  • Bump io.rest-assured:rest-assured from 5.5.2 to 5.5.5 by @dependabot[bot] in #107
  • Bump org.springframework.boot from 3.4.5 to 3.5.0 by @dependabot[bot] in #106
  • Bump org.junit.jupiter:junit-jupiter from 5.12.2 to 5.13.1 by @dependabot[bot] in #109
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.8 to 2.8.9 by @dependabot[bot] in #111
  • Bump gradle/actions from 4.4.0 to 4.4.1 by @dependabot[bot] in #110
  • Update Gradle to 8.14.2 by @fwilhe in #112
  • Refactor: move cve differ into new class by @fwilhe in #113
  • Bump org.commonmark:commonmark from 0.24.0 to 0.25.0 by @dependabot[bot] in #115
  • Bump org.springframework.boot from 3.5.0 to 3.5.3 by @dependabot[bot] in #114
  • Bump org.junit.jupiter:junit-jupiter from 5.13.1 to 5.13.2 by @dependabot[bot] in #116
  • Implement needed endpoints for triage process by @fwilhe in #117
  • Implement v1 of the triage schema by @fwilhe in #118
  • Bump org.junit.jupiter:junit-jupiter from 5.13.2 to 5.13.3 by @dependabot[bot] in #119
  • Don't include linux kernel CVEs when list of packages contains 'linux' in a package name by @fwilhe in #120
  • Bump org.springframework.boot from 3.5.3 to 3.5.4 by @dependabot[bot] in #122
  • Bump org.junit.jupiter:junit-jupiter from 5.13.3 to 5.13.4 by @dependabot[bot] in #121
  • Bump org.commonmark:commonmark from 0.25.0 to 0.25.1 by @dependabot[bot] in #123
  • Bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #124
  • Bump gradle/actions from 4.4.1 to 4.4.2 by @dependabot[bot] in #125
  • Bump actions/checkout from 4 to 5 by @dependabot[bot] in #126
  • Bump io.rest-assured:rest-assured from 5.5.5 to 5.5.6 by @dependabot[bot] in #127
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.9 to 2.8.13 by @dependabot[bot] in #133
  • Bump org.asciidoctor.jvm.convert from 4.0.4 to 4.0.5 by @dependabot[bot] in #132
  • Bump org.springframework.boot from 3.5.4 to 3.5.5 by @dependabot[bot] in #130
  • Bump actions/upload-pages-artifact from 3 to 4 by @dependabot[bot] in #129
  • Bump actions/setup-java from 4 to 5 by @dependabot[bot] in #128
  • Bump org.commonmark:commonmark from 0.25.1 to 0.26.0 by @dependabot[bot] in #134
  • Bump gradle/actions from 4.4.2 to 4.4.3 by @dependabot[bot] in #135
  • Add error page by @fwilhe in #136
  • Bump org.springframework.boot from 3.5.5 to 3.5.6 by @dependabot[bot] in #137
  • Handle CVEs that are not in the debian security tracker by @fwilhe in #138
  • Parse cve with cveTags by @fwilhe in #139
  • Update java to 25 ☕ by @fwilhe in #140
  • Update gradle to 9.1.0 by @fwilhe in #141
  • Handle three digit Garden Linux versions by @fwilhe in #142
  • Bump org.junit.jupiter:junit-jupiter from 5.13.4 to 6.0.0 by @dependabot[bot] in #144
  • Bump gradle/actions from 4.4.3 to 5.0.0 by @dependabot[bot] in #145
  • Ignore CVEs with status 'Rejected' in list of vulnerabilities by @fwilhe in #143
  • Bump org.commonmark:commonmark from 0.26.0 to 0.27.0 by @dependabot[bot] in #146
  • Bump org.springframework.boot from 3.5.6 to 3.5.7 by @dependabot[bot] in #147
  • Bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in #148
  • Bump actions/download-artifact from 5 to 6 by @dependabot[bot] in #149
  • Bump org.junit.jupiter:junit-jupiter from 6.0.0 to 6.0.1 by @dependabot[bot] in #151
  • Implement endpoint for viewing all triages by @fwilhe in #150
  • Update PostgreSQL schema to latest version by @fwilhe in #156
  • Implement Release Process by @fwilhe in #155
  • Reenable actuator by @fwilhe in #157
  • Bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.13 to 2.8.14 by @dependabot[bot] in #153
  • Update url to point to new live cluster by @fwilhe in #159
  • Make access to actuator endpoints opt-in by @fwilhe in #158
  • Bump gardener/cc-utils from b7e4d874f30171964c5262a0bc20d644f4bcedba to 9dc83024923245f56cbe366344c5ae25c10423a9 by @dependabot[bot] in #154
  • Rewrite API docs for more consistency by @fwilhe in #160
  • Configure new dev cluster for ci/cd by @fwilhe in #161
  • Bump actions/checkout from 5 to 6 by @dependabot[bot] in #165
  • Refactor HTML structure and styles for index and CVE distribution pages by @fwilhe in #166
  • Add an html table for formatting the landing page by @moritzkirchnersap in #167

New Contributors

Full Changelog: https://github.com/gardenlinux/glvd-api/commits/2025.11.28

Contributors

fwilhe, dependabot, and moritzkirchnersap
Assets 2
Loading