All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- added --deduplicate/--no-deduplicate (enabled by default) flag on products-contain-component which performs additional deduplications (all deduplication steps are listed in the --help)
- added rhel-br/rhel deduplication (GRIF-150)
- change verbosity level 0 to return component name on service products-contain-component
- verbosity level 0 (without -v option) now deduplicates multiple same components per product version
- fixed picking the latest NVR with natural sort instead of normal sort
- fixed listing product streams sorted naturally
- fixed error when using -vvvv (verbosity level 4) without GRIFFON_MIDDLEWARE_CLI set
- deprecated OSIDB_API_URL environmental variable
- deprecated CORGI_API_URL environmental variable
- deprecated COMMUNITY_COMPONENTS_API_URL environmental variable
- if default --search_provides finds no children then revert to --search-latest
- pin osidb-bindings==3.6.0
- fixed searches with middleware CLI enabled (GRIF-221)
- fixed regex escaping logic for -r and -s
- removed --search-redhat on service products-contain-component
- several minor output fixes
- --filter-rh-naming enabled by default (GRIF-121)
- --include-root-containers filters on the query (not the output)
- --filter-rh-naming default value can be set via .griffonrc in default section(GRIG-121)
- refactor output format of service products-contain-component (GRIF-209)
- container roots are excluded by default (need to use --include-container-roots)
- when using -r highlight matched term
- --include-container_roots in service products-contain-component
- --exclude-unreleased in service products-contain-component
- GRIFFON_VERIFY_SSL environment variable
- fixed wrong progress bar usage accross several commands
- fixed error in raw json transform for single entities
- existing --search-upstreams changed to --search-all-upstreams in service products-contain-component
- OSIDB_API_URL environment variable changed to OSIDB_SERVER_URL
- CORGI_API_URL environment variable changed to CORGI_SERVER_URL
- COMMUNITY_COMPONENTS_API_URL environment variable changed to COMMUNITY_COMPONENTS_SERVER_URL
- Migrated from setup.py to pyproject.toml
- searched names regex escaped by default
- --search-provides in service products-contain-component which will search name of components that are provide dependencies
- --search-upstreams in service products-contain-component which will search name of components that are upstream dependencies
- example plugin introduced
- osidb-bindings and component-registry-bindings dependency versions are now pinned in pyproject.toml
- -r option for regex name search without escaping the searched string
- standardized progress bar accross whole Griffon which fixes no_progress_bar functionality
- fixed tab autocompletion for mutually exclusive and one of option/argument groups
- data obtained from middleware CLI are now correctly filtered
- CRUD operations for Flaw CVSS, Flaw Package Versions and Affect CVSS (create, retrieve, list, update, delete)
- Fix affects sorting with no CVE ID attached in component-flaws output
- CRUD operations for Flaw Acknowledgment (create, retrieve, list, update, delete)
- add error handling to some async invokes
- fix mypy error
- process all product version upon generating affects
- ensure we select released components
- minor perf enhancements
- added back parallism for resolving sub resources (sources & upstreams)
- added back upstream retrieval when performing --search-all
- minor perf enhancement when retrieving sources/upstreams
- operations now use binding async methods
- replace manual count internals to use binding count methods
- added limits on returned items (to be removed in the future)
- prep for component registry service release
- minor text output fix to properly emit source component names
- minor affects fix
- enhanced http debug logging with --debug
- enhanced status bar
- ensure we search latest community components with --search-latest
- make 'new' default for -a (when generating affects)
- --no-upstream-affects which will exclude upstream components when generating affects
- ensure we handle upstreams with component name containing special chars (as in regex special chars)
- enable searching community upstreams using --search-upstreams
- ensure verbosity is always set
- exclude products can now use regexes
- exclude components (defined in .griffonrc or product definitions) now support regex patterns
- --output-type-filter which filter on component type
- griffon will now use product stream exclude_components by default
- added --include-product-stream-exclude-components flag to disable exclude_components
- ensure affects respect active product stream configuration
- ensured use of regexes with verbose settings do not interact everywhere!
- fixed -v output with components-affected-by-flaw
- ensured use of regexes with verbose settings do not interact
- return components in active product streams for products-contains-component operation
- --include-inactive-product-streams option for products-contains-component operation
- pin osidb-bindings 3.3.0
- update crypto python module
- fix generation of affects
- CRUD operations for OSIDB entities Flaw Comment (create, retreive, list), Flaw Reference (create, retrieve, list, update, delete)
- ensure we choose latest version of component using products-contains-component
- update user docs (include krb5_config as required dependency)
- add terminal --width flag
- bumped python requests module in tests, dev and lint requirements to address vuln
- minimal middleware support to products-contains-component, requires Requires GRIFFON_MIDDLEWARE_CLI to be set.
- bumped python requests module to address vuln
- fixed products-contains-component when used with --purl
- add --no-wrap flag
- enhanced error handling when retrieving product streams and manifests
- fixed regex display
- fixed summary counts
- fix --search-upstreams
- add summary count of sources
- bugzilla bzowner plugin
- cleaner and more memory efficient text output
- first GA release
- bump component-registry-bindings == 1.3.4 to enable accessing latest corgi
- fix various incompatibilities with latest component registry prod
- bump osidb-bindings == 3.1.0 to enable accessing latest osidb
- allow -v at the end of CLI invoke
- prefer nvr for component name in text output
- added entities component-registry components tree which displays dependency tree
- when products-contain-components has no switches enable --search-latest by default
- narrowed products-contain-component text output
- fixed community flag which was incorrectly enabling --search-related-url switch
- deactivate progress bar when performing entity CRUD
- enabled community searching when using --search-all
- added --search-redhat
- fixed json format output
- added exclude_component logic when generating affects with -a
- refined exclude_components
- added some more component exclude patterns to default .griffonrc
- removed spurious logging statement
- added exclude_components to .griffonrc which controls which components should be excluded from text output
- ensure griffon service product-manifest is fast and correct
- refactored service flaw related operations to take advantage of faster filters
- enable griffon service products-contains-component --search-community
- enable griffon entities community-component-registry
- speed up griffon service products-contain-component with --search-related-urls
- fix griffon service products-contain-component with --search-upstreams
- enhanced griffon service report-license
- simple griffon plugins semgrep
- products, product-versions, product-variants, channels to corgi entities
- minor plugin enhancements
- minor docs updates
- refactored low level entities with nested entrypoint
- moved manage to entities
- expose more flags on product-components
- add license_concluded to license report when available
- rename upstream_url to download_url in license report
- include upstream_url / download_url on more component types in license report
- enable OSIDB local development instances to be used with Griffon
- added editor option to .griffonrc
- CRUD operations for OSIDB entitites. Flaws (create, update, get, list), Affects (create, update, delete, get, list), Trackers (get, list)
- removed old code paths in core-queries
- tweaked service components-contain-component text output
- refine product-components text output
- shortern sha256 versions in service product-components
- added type,latest and download_url to service component-summary operation
- fixed --search-upstreams to reflect changes on component-registry REST API
- updated dependency component-registry-bindings v.1.3.2
- pegged component-registry-bindings==1.3.1 and osidb-bindings=3.0.0
- added service report-license operation
- added custom_plugin_dir to .griffonrc which defines a custom directory for user plugins
- fix imports of Flaw/Affect resolution from osidb-bindings
- added --all to service product-summary to return all products
- fixed --search-all when it encounters a Bad Gateway
- fixed logging which was emitting double statements
- handling short version name processing on empty version
- refactored profiles (changed 'all' to match 'default' section) and added verbosity and default setting in .griffonrc
- minor text output formatting (shortern sha256 version names)
- new draft tutorial
- use pkg_resources to access static resources
- changed .griffonrc file path to the correct path
- Initial official release to the PyPI