Some text here

Announcing GUAC v0.8.0 Enhancements

GUAC v0.8.0 brings support for license information, running vuln scans upon SBOM ingestion, node deletion, and many other improvements.

Parth Patel

July 25, 2024

GUAC v0.8.0 is now available. This release brings support for license information, node deletion, and many other improvements. You can now run vulnerability scans immediately on SBOM ingestion with the < --add-vuln-on-ingest> flag instead of waiting for the OSV certifier to run. To better represent the real world, the isDependency relationship now only exists on package versions instead of the package name. For a full list of changes, see the release page on GitHub.

License information support

GUAC v0.8.0 adds support for parsing license information provided in CycloneDX SBOMs. The new release also includes a new experimental ClearlyDefined certifier. GUAC will query the ClearlyDefined license data store to discover license information for packages, even when the SBOM does not include that information.

Although licenses don’t directly impact security, they are an important part of understanding your software supply chain. We’re excited to expand GUAC’s capabilities in this area.

Node deletion

GUAC v0.8.0 adds support for deleting the following evidence nodes: <certifyVuln>, <hasSBOM>, and <hasSLSA>. This is helpful when SBOMs were ingested by accident or as part of a short-term demo. <Delete> is supported in both the key value and the ENT backends.

If there are other nodes that you have a use case for deleting, please file an issue to let us know.

Join the community

Thanks to the 10 contributors who made this release possible, including new contributor Collin Berman. We’d love to have your contribution. If you have uses cases GUAC should support, or want to contribute to our code or documentation, join us!

Like what you read? Share it with others.

Other blog posts 

The latest industry news, interviews, technologies, and resources.

View all posts

Previous

No older posts

Next

No newer posts

Want to learn more?

Book a Demo
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.