Skip to content

Commit b71b5a9

Browse files
funnelfiascofunnelfiasco
committed
Add a blog post announcing the v0.8.0 release
Signed-off-by: Ben Cotton <ben@kusari.dev>
1 parent 5154812 commit b71b5a9

File tree

1 file changed

+35
-0
lines changed

1 file changed

+35
-0
lines changed

content/blog/2024-07-25-guac-v0.8.0.md

+35
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
---
2+
title: GUAC v0.8.0 released
3+
layout: post
4+
authors: ["GUAC Maintainers"]
5+
date: 2024-07-25
6+
include_footer: true
7+
---
8+
9+
[GUAC v0.8.0](https://github.com/guacsec/guac/releases/tag/v0.8.0) is now available.
10+
This release brings support for license information, node deletion, and many other improvements.
11+
You can now run vulnerability scans immediately on SBOM ingestion with the `--add-vuln-on-ingest` flag instead of waiting for the OSV certifier to run.
12+
To better represent the real world, the `isDependency` relationship now only exists on package versions instead of the package name.
13+
For a full list of changes, see the [release page on GitHub](https://github.com/guacsec/guac/releases/tag/v0.8.0).
14+
15+
### License information support
16+
17+
GUAC v0.8.0 adds support for parsing license information provided in [CycloneDX SBOMs](https://cyclonedx.org/use-cases/#license-compliance).
18+
The new release also includes a new experimental ClearlyDefined certifier.
19+
GUAC will query the [ClearlyDefined license data store](https://clearlydefined.io/) to discover license information for packages, even when the SBOM does not include that information.
20+
21+
Although licenses don't directly impact security, they are an important part of understanding your software supply chain.
22+
We're excited to expand GUAC's capabilities in this area.
23+
24+
### Node deletion
25+
26+
GUAC v0.8.0 adds support for deleting the following evidence nodes: `certifyVuln`, `hasSBOM`, and `hasSLSA`.
27+
This is helpful when SBOMs were ingested by accident or as part of a short-term demo.
28+
`Delete` is supported in both the key value and the ENT backends.
29+
If there are other nodes that you have a use case for deleting, please [file an issue](https://github.com/guacsec/guac/issues/new?assignees=&labels=enhancement&projects=&template=feature_request.md&title=%5Bfeature%5D+FILL+THIS+IN) to let us know.
30+
31+
### Join the community
32+
33+
Thanks to the 10 contributors who made this release possible, including new contributor [Collin Berman](https://github.com/cberman).
34+
We'd love to have your contribution.
35+
If you have uses cases GUAC should support, or want to contribute to our code or documentation, [join us](/community)!

0 commit comments

Comments
 (0)