3.3.0

What's Changed

• Update dependencies by @heruan in #184
• chore: upgrade springboot to 3.4.0 by @ZheSun88 in #186

Full Changelog: 3.2.3...3.3.0

3.2.3

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 3.2 has support for Vaadin 24 (starting from 24.4); support for Vaadin 14 and 23 is still available in AppSec Kit 2.0 and support for Vaadin 7 and 8 is still available in AppSec Kit 1.0.

Documentation and how to get started: https://vaadin.com/docs/latest/tools/appsec

What's Changed

• Add check for supported CVSS versions by @tamasmak in #182

Full Changelog: 3.2.2...3.2.3

3.2.2

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 3.2 has support for Vaadin 24 (starting from 24.4); support for Vaadin 14 and 23 is still available in AppSec Kit 2.0 and support for Vaadin 7 and 8 is still available in AppSec Kit 1.0.

Documentation and how to get started: https://vaadin.com/docs/latest/tools/appsec

What's Changed

• upgrade cyclonedx-core-java to 9.0.4 by @ZheSun88 in #179

Full Changelog: 3.2.1...3.2.2

3.1.1

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 3.1 has support for Vaadin 24 (starting from 24.3); support for Vaadin 14 and 23 is still available in AppSec Kit 2.0 and support for Vaadin 7 and 8 is still available in AppSec Kit 1.0.

Documentation and how to get started: https://vaadin.com/docs/latest/tools/appsec

Full Changelog: 3.1.0...3.1.1

3.2.1

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 3.2 has support for Vaadin 24 (starting from 24.4); support for Vaadin 14 and 23 is still available in AppSec Kit 2.0 and support for Vaadin 7 and 8 is still available in AppSec Kit 1.0.

Documentation and how to get started: https://vaadin.com/docs/latest/tools/appsec

What's Changed

• upgrade spring-boot to 3.2.6 by @ZheSun88 in #172
• Filter out affected elements with unsupported ecosystem by @tamasmak in #174
• chore: upgrade license-checker to 1.12.13 by @vaadin-bot in #178

Full Changelog: 3.2.0...3.2.1

2.0.1

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 2.0 has support for Vaadin 14 and 23; support for Vaadin 7 and 8 is still available in AppSec Kit 1.0.

Documentation and how to get started:
https://vaadin.com/docs/v14/tools/appsec
https://vaadin.com/docs/v23/tools/appsec

What's Changed

• Update release and analysis caches during automatic scan too (#154) (CP: 2.0) by @vaadin-bot in #156
• Add option to provide a custom analysis.json file by system property by @tamasmak in #163
• Filter out affected elements with unsupported ecosystem [2.0] by @tamasmak in #176

Full Changelog: 2.0.0...2.0.1

1.0.6

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 1.0 has support for Vaadin Framework 7 and 8.

Documentation and how to get started:
https://vaadin.com/docs/v7/appseckit/appseckit-overview
https://vaadin.com/docs/v8/appseckit/appseckit-overview

What's Changed

• Backport to 1.0 all changes related to V7/V8 by @heruan in #118
• CP: read timeout by @sosa-vaadin in #129
• CP: fix: handle exceptions by @sosa-vaadin in #151
• Update release and analysis caches during automatic scan too (#154) (CP: 1.0) by @vaadin-bot in #155
• Add option to provide a custom analysis.json file by system property by @tamasmak in #164
• Filter out affected elements with unsupported ecosystem [1.0] by @tamasmak in #177

Full Changelog: 1.0.5...1.0.6

3.2.0

With AppSec Kit, developers can now easily identify and manage vulnerabilities within their open-source dependencies directly from Vaadin Development Tools. Because AppSec Kit identifies vulnerabilities in the local development environment, even before code is checked in, developers can resolve issues more quickly and with less friction, resulting in saved time and money.

By facilitating early issue detection and reducing false positives, AppSec Kit enables developers to fix issues more quickly and avoid alert fatigue, strengthening application security and maximizing efficiency.

AppSec Kit 3.2 has support for Vaadin 24 (starting from 24.4); support for Vaadin 7 and 8 is still available in AppSec Kit 1.0

What's Changed

• Ship js instead of ts by @tamasmak in #160
• Add option to provide a custom analysis.json file by system property by @tamasmak in #159
• feat: Copilot plugin by @MarcinVaadin in #152
• Upgrade Flow to 24.4 by @heruan in #165
• chore: Update License file text for Commercial modules by @alvarezguille in #166
• chore: upgrade license-checker to 1.12.9 by @vaadin-bot in #167
• chore: upgrade license-checker to 1.12.10 by @vaadin-bot in #168
• Update cyclonedx-core-java dependency to 8.0.3 by @tamasmak in #170
• chore: upgrade license-checker to 1.12.12 by @vaadin-bot in #169
• Bump to 3.2-SNAPSHOT by @heruan in #171

New Contributors

• @MarcinVaadin made their first contribution in #152
• @alvarezguille made their first contribution in #166

Full Changelog: 3.1.0...3.2.0

3.2.0.rc1

What's Changed

• Ship js instead of ts by @tamasmak in #160
• Add option to provide a custom analysis.json file by system property by @tamasmak in #159
• feat: Copilot plugin by @MarcinVaadin in #152
• Upgrade Flow to 24.4 by @heruan in #165
• chore: Update License file text for Commercial modules by @alvarezguille in #166
• chore: upgrade license-checker to 1.12.9 by @vaadin-bot in #167
• chore: upgrade license-checker to 1.12.10 by @vaadin-bot in #168
• Update cyclonedx-core-java dependency to 8.0.3 by @tamasmak in #170
• chore: upgrade license-checker to 1.12.12 by @vaadin-bot in #169
• Bump to 3.2-SNAPSHOT by @heruan in #171

New Contributors

• @MarcinVaadin made their first contribution in #152
• @alvarezguille made their first contribution in #166

Full Changelog: 3.1.0...3.2.0.rc1

3.2.0.beta1

What's Changed

• Ship js instead of ts by @tamasmak in #160
• Add option to provide a custom analysis.json file by system property by @tamasmak in #159
• feat: Copilot plugin by @MarcinVaadin in #152
• Upgrade Flow to 24.4 by @heruan in #165
• chore: Update License file text for Commercial modules by @alvarezguille in #166
• chore: upgrade license-checker to 1.12.9 by @vaadin-bot in #167
• chore: upgrade license-checker to 1.12.10 by @vaadin-bot in #168
• Update cyclonedx-core-java dependency to 8.0.3 by @tamasmak in #170
• chore: upgrade license-checker to 1.12.12 by @vaadin-bot in #169
• Bump to 3.2-SNAPSHOT by @heruan in #171

New Contributors

• @MarcinVaadin made their first contribution in #152
• @alvarezguille made their first contribution in #166

Full Changelog: 3.1.0...3.2.0.beta1