Nosey Parker v0.18.0 #200
bradlarsen
announced in
Announcements
Nosey Parker v0.18.0
#200
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Additions
The README now includes several animated GIFs that demonstrate simple example use cases (#154).
The
reportcommand now offers a new--finding-status=STATUSfiltering option (#162). This option causes findings with an assigned status that does not matchSTATUSto be suppressed from the report.The
reportcommand now offers a new--min-score=SCOREfiltering option (#184). This option causes findings that have a mean score less thanSCOREto be suppressed from the report. This option is set by default with a value of 0.05.A new
datastore exportcommand has been added (#166). This command exports the essential content from a Nosey Parker datastore as a .tgz file that can be extracted wherever it is needed.New experimental
annotations exportandannotations importcommands have been added (#171). These commands allow annotations (finding comments, match comments, and match statuses) to be converted between JSON and datastore representations.New rules have been added:
Prebuilt releases now included separate debug symbols (.dSYM or .dwp files) (#191). Having the debug symbols available makes stack traces more useful in the rare event of a crash. The Alpine-based Docker image does not include these debug symbols, as its point of existing is to provide a small distribution.
The
summarizecommand now includes additional columns for the assigned finding status (#196).Changes
The vendored copy of Boost included in the internal
vectorscan-syscrate has been removed in favor of using the system-provided Boost (#150 from @seqre). This change is only relevant to building Nosey Parker from source.The vendored copy of the Vectorscan regular expression library included in the internal
vectorscan-syscrate has been removed (#151 from @seqre). Instead, a copy of the Vectorscan 5.4.11 source tarball is included in this repository, and is extracted and patched during the build phase.SARIF reporting format is now listed as experimental.
In the
scanandrulescommand, the command-line option to load additional rules and rulesets from files has been renamed from--rulesto--rules-path. The old--rulesoption is still supported as an alias, but this is deprecated and will be removed in the v0.19 release.The
rules listcommand now includes additional fields when using JSON format (#161).The
vectorscanandvectorscan-syscrates have been split off into a separate project with crates published on crates.io (#168).The
scancommand is now more conservative in its default degree of parallelism (#174). Previously the default value was determined only by the number of available vCPUs. Now the default value is additionally limited to ensure at least 4 GiB of system RAM per job.The
scancommand now records its results incrementally to the datastore instead of in one enormous transaction (#189). Now, results are recorded in transactions about every second. This helps avoid complete loss of scan results in the rare event of a crash.Fixes
A rare crash when parsing malformed Git commit timestamps has been fixed by updating the
gix-datedependency (#185).Upon
noseyparkerstartup, if resource limits cannot be adjusted, instead of crashing, a warning is printed and the process attempts to continue (#170).The prepackaged releases and binaries produced by the default settings of
cargo buildshould now be more portable across microarchitectures (#175). Previously, the builds would be tied to the microarchitecture of the build system; this would sometimes result in binaries that were not portable across machines, particularly on x86_64.The
--ignore-certscommand-line option is now a global option and can be specified anywhere on the command line.This discussion was created from the release Nosey Parker v0.18.0.
Beta Was this translation helpful? Give feedback.
All reactions