What's Changed

• Update SPDX Java Tools to version 1.1.4 by @goneall in #20
• Update SPDX Java Tools to version 1.1.5 by @goneall in #22
• Update POM with correct Java versions by @goneall in #21
• Update SPDX java libraries to version 1.1.5 by @goneall in #25
• Handle version in Purl Git external refs by @goneall in #27
• Improve error message for HTTP 400 response by @goneall in #28

Full Changelog: v0.1.1...v0.1.2

What's Changed

• error explanation output by @esnible in #12
• Update SPDX tools to version 1.1.3 by @goneall in #13
• Support git+ prefixes in download locations by @goneall in #18

New Contributors

• @esnible made their first contribution in #12

Full Changelog: v0.1.0...v0.1.1

What's Changed

• Change return type for OSV Vulnerability from string to JSON Array by @goneall in #4
• Edit parsing to support golang bom tool output by @lumjjb in #7
• Rename package from source-auditor to SPDX by @goneall in #8
• Update SPDX library versions to 1.1.1 by @goneall in #11
  • See SPDX Java Library release notes for additional information

New Contributors

• @lumjjb made their first contribution in #7

Full Changelog: v0.0.3...v0.1.0

What's Changed

• Add support for dependency tracing by @goneall in #3

Full Changelog: v0.0.2...v0.0.3

Proof of concept for converting an SPDX document to an OSV vulnerability report.

What's Changed

• Fix Maven API calls to include organization in package name by @goneall in #1
• Fix purl maven name by @goneall in #2

New Contributors

• @goneall made their first contribution in #1

Full Changelog: v0.0.1...v0.0.2