v1.4.0

Changelog

Features

• 86d7a92: feat: add GOOS and GOARCH into PURL (#217) (@zdtsw)
• df6b19e: feat: add support for output of older spec versions (@nscuro)

Fixes

• e219a24: fix: module tests for cross-platform compatibility (#253) (@neilnaveen)

Building and Packaging

• e59fa66: build(deps): bump actions/checkout from 3.1.0 to 3.2.0 (@dependabot[bot])
• a18e39d: build(deps): bump actions/checkout from 3.2.0 to 3.3.0 (@dependabot[bot])
• 18adb3e: build(deps): bump actions/checkout from 3.3.0 to 3.5.0 (@dependabot[bot])
• 2907e70: build(deps): bump actions/checkout from 3.5.0 to 3.5.1 (@dependabot[bot])
• a33451c: build(deps): bump actions/setup-go from 3.3.1 to 3.4.0 (@dependabot[bot])
• 0055cba: build(deps): bump actions/setup-go from 3.4.0 to 3.5.0 (@dependabot[bot])
• 2c330f4: build(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (@dependabot[bot])
• 99e5f7a: build(deps): bump aquasecurity/trivy-action from 0.6.2 to 0.7.1 (#190) (@dependabot[bot])
• feb93f9: build(deps): bump aquasecurity/trivy-action from 0.7.1 to 0.8.0 (@dependabot[bot])
• 65bdf0b: build(deps): bump aquasecurity/trivy-action from 0.8.0 to 0.9.2 (@dependabot[bot])
• 3cf1b61: build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1 (@dependabot[bot])
• 4182911: build(deps): bump github.com/bradleyjkemp/cupaloy/v2 from 2.7.0 to 2.8.0 (@dependabot[bot])
• 7aa9e25: build(deps): bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.1 (@dependabot[bot])
• d99f077: build(deps): bump github.com/go-git/go-git/v5 from 5.5.1 to 5.5.2 (@dependabot[bot])
• 5cfaac3: build(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.0 (@dependabot[bot])
• f1c3f57: build(deps): bump github.com/go-git/go-git/v5 from 5.6.0 to 5.6.1 (@dependabot[bot])
• 7479f0a: build(deps): bump github.com/rs/zerolog from 1.27.0 to 1.28.0 (@dependabot[bot])
• 24ba9c2: build(deps): bump github.com/rs/zerolog from 1.28.0 to 1.29.0 (@dependabot[bot])
• 405ca77: build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (@dependabot[bot])
• 6c5a0f6: build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (@dependabot[bot])
• a47841a: build(deps): bump github/codeql-action (@dependabot[bot])
• 98787d9: build(deps): bump github/codeql-action from 2.1.31 to 2.1.36 (@dependabot[bot])
• 99ad277: build(deps): bump github/codeql-action from 2.1.36 to 2.1.39 (@dependabot[bot])
• fe4d108: build(deps): bump github/codeql-action from 2.1.39 to 2.2.5 (@dependabot[bot])
• c44f8f1: build(deps): bump github/codeql-action from 2.2.5 to 2.2.7 (@dependabot[bot])
• 7a2b1b0: build(deps): bump github/codeql-action from 2.2.7 to 2.2.8 (@dependabot[bot])
• 37d77e4: build(deps): bump github/codeql-action from 2.2.8 to 2.2.11 (@dependabot[bot])
• 5f86996: build(deps): bump gitpod/workspace-go from 2be827f to 7bf5091 (@dependabot[bot])
• 8e2f88a: build(deps): bump golang from 1.18.5-alpine3.16 to 1.19.3-alpine3.16 (@dependabot[bot])
• 0dbe27b: build(deps): bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 (@dependabot[bot])
• 4529125: build(deps): bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 (@dependabot[bot])
• b27f4b9: build(deps): bump golang from 1.19.5-alpine3.16 to 1.20.2-alpine3.16 (@dependabot[bot])
• 811371b: build(deps): bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 (@dependabot[bot])
• 20b6a25: build(deps): bump golang from 8558ae6 to dc4f475 (@dependabot[bot])
• bedf9f6: build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 (@dependabot[bot])
• 5040afa: build(deps): bump golang.org/x/crypto from 0.4.0 to 0.5.0 (@dependabot[bot])
• 9e982a2: build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 (@dependabot[bot])
• e091e69: build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 (@dependabot[bot])
• 963cf30: build(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (@dependabot[bot])
• 993dab0: build(deps): bump golang.org/x/mod (@dependabot[bot])
• 4a2610b: build(deps): bump golang.org/x/mod from 0.8.0 to 0.9.0 (@dependabot[bot])
• 58c520a: build(deps): bump golang.org/x/mod from 0.9.0 to 0.10.0 (@dependabot[bot])
• 2b5037c: build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 (@dependabot[bot])
• 44d49f4: build(deps): bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 (@dependabot[bot])
• 896135d: build(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.3.1 (@dependabot[bot])
• 8316594: build(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (@dependabot[bot])
• f512843: build(deps): bump goreleaser/goreleaser-action from 3.0.0 to 3.1.0 (@dependabot[bot])
• b851cf6: build(deps): bump goreleaser/goreleaser-action from 3.1.0 to 3.2.0 (@dependabot[bot])
• ec3a94c: build(deps): bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 (@dependabot[bot])
• b2f95c8: build(deps): bump goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (@dependabot[bot])
• 730898b: build(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (#188) (@dependabot[bot])
• 9eb69fa: build(deps): bump sigstore/cosign-installer from 2.5.1 to 2.6.0 (@dependabot[bot])
• 9008f06: build(deps): bump sigstore/cosign-installer from 2.6.0 to 2.7.0 (@dependabot[bot])
• f5716c2: build(deps): bump sigstore/cosign-installer from 2.7.0 to 2.8.1 (@dependabot[bot])
• bc3fb39: build: pin digest of gitpod dockerfile (@nscuro)
• 9a1042a: build: update cyclonedx-cli to 0.24.2 (@nscuro)

Documentation

• a045269: docs: update README.md (#189) (@tusharxoxoxo)

Others

• 96b10ee: ci: pin digests of github actions (@nscuro)