Added parsing of dependencies declared in unified format in build.gradle
Added sign bom command to sign SBoM files
Added verify bom command to verify the authenticity of the SBoM file signature
Added work with the predefined CodeScoring_All_Dependencies task for correct dependency resolution in multi-module projects of the gradle environment
Added the project-proprietor parameter to link the scanned project to the department (since version 2025.29.0 of the installation)
Added support for aliases for yarn.lock and pnpm-lock.json
Added support for reports for alerts in the following formats: coloredtable, table, text, json, csv. The format is controlled by the --alerts-format parameter
Added --branch-or-tag and --commit flags to the scan build and scan build ebpf commands
Added unloading of the HasExploit flag to the sarif format
Added output of license information to the text, table, coloredtable formats
Added unloading of Relation, Parents, Match type, Env data to the CSV format
Added the ability to pass flags to package managers when resolving dependencies
Added output of a warning about parsing errors during scanning
Added support for dependency groups with an arbitrary name in pyproject.toml
Added the ability to pass the SHA hash of an image in the --hash parameter of the scan image command (since version 2025.29.0 of the installation)
Added a check for the availability of the dir command of the local version of gitleaks
Added scan build ebpf command to scan C/C++ project builds using eBPF
Added export to sarif of data on dependency relationships within a project, direct or transitive, in the format: results.properties.relation: direct|indirect
Added ignoring of commented lines when parsing conanfile.py files
Fixed version detection from requirements of the type ==3.0.0.post1 in Python manifests
Fixed upload of vulnerabilities to sarif that have criticality specified without a numerical assessment
Fixed parsing in the Go environment: transitive dependencies for which it was not possible to determine the parent package are excluded from the scanning results
Added handling of the --ignore parameter when scanning archives and files inside images
Added the ability to specify a link to a branch/tag and commit using the branch-or-tag and commit parameters when scanning a file and directory (when interacting with installation version 2024.52.0 and higher)
Added the ability to specify a hash using the hash parameter when scanning images (when interacting with installation version 2024.52.0 and higher)
Added the ability to specify a policy stage when creating a CLI project (when interacting with installation version 2024.52.0 and higher)
Added specifying paths to manifests inside scanned images where information about a vulnerable package was found
Added paths to manifests where a vulnerable package was found in sarif format
Fixed crash when processing an incorrect file in yaml format
Added handling of an error that occurs when a file was deleted during scanning
Fixed the presence of extra characters when unloading in sarif format
Fixed environment detection when parsing Poetry manifests
Added parsing of pnpm-lock.yaml manifests. Supported versions: 5.0-5.4, 6.0, 9.0
Added parsing in the pnpm environment
Takes into account the use of the pnpm-workspaces.yaml configuration file when parsing package.json
Added the ability to specify a group when creating a CLI project, for admin role only
Added the ability to specify the format of the generated SBoM using the --bom-format parameter (starting with on-premise version 2024.44.1)
Implemented parsing in the pip environment
Implemented parsing in the composer environment
When resolving dependencies in the go environment, the mechanism for determining the parent library for transitive dependencies obtained from the test environment has been improved
Fixed the unsupported type error for composer components in the scan bom command