Skip to main content

Changelog

2023 Weeks 49-52โ€‹

Newโ€‹

  • UI: Added an email invitation system when attempting to add an unknown user to a group
  • Extension: Added a Snyk import extension

2023 Weeks 43-48โ€‹

Newโ€‹

  • Notifications: Added email and webhook notification feature that triggers on continuous monitoring events
  • Integration: Added an integration for Snyk
  • Integration: Added an integration for Sumo Logic
  • Integration: Added an integration for CircleCI
  • Authentication: Added support for AzureAD authentication provider

Improvedโ€‹

  • UI: Improved color palette
  • SBOM: Added vulnerabilities to CycloneDX exports

2023 Weeks 37-42โ€‹

Newโ€‹

  • CLI/CI: Added support for manifest files by leveraging lockfile generation
  • Integration: Added an integration for Netskope
  • Experimental: Added GenerativeAI remediation suggestion capability

2023 Weeks 31-36โ€‹

Newโ€‹

  • API Token: Added an API token service making it much easier to interact directly with the API
  • Policy: Added support for group-level package suppression
  • CLI: Capture and display lockfile paths making it easier to see where a dependency comes from
  • SBOM: Added CycloneDX support for both SBOM ingest and export

Improvedโ€‹

  • UI: Improved project detail page view focusing more on package-level triage
  • CLI: Added bundle and cargo extensions for Phylum pre-check
  • Search: Added support for contexualized CVE searching in the global search bar
  • Dashboard: Added contexualized dashboard elements

2023 Weeks 25-30โ€‹

Newโ€‹

  • Search: Added a global search bar which can include contextualized results from your projects
  • Policy: Added support for group-level policy preferences
  • Integration: Added an integration for Tines

Improvedโ€‹

  • CLI: Support for NuGet's packages.lock.json lockfiles
  • CLI: Support for pnpm-lock.yaml lockfiles

2023 Weeks 19-24โ€‹

Newโ€‹

  • Threat Feed: Added a threat feed capability highlighting software supply chain attacks (contact sales if interested)
  • Dashboard: Created Dashboard view showing software supply chain statistics
  • CLI: Added support for lockfile generation from manifest files (updated list of supported filetypes here)

Improvedโ€‹

  • CLI: Added pip version checking to the phylum pip extension
  • CLI: Removed pip-compile requirement for lockfile generation
  • SBOM: SPDX export supports PURL
  • SBOM: SPDX ingest supports tag:value format

2023 Weeks 13-18โ€‹

Newโ€‹

  • Policy: Open Policy Agent (OPA) has been implemented allowing users to create custom policies
  • Event Logs: A UI view was added showing project/group event logs
  • SBOM: SPDX export added for generating an SBOM from a Phylum project
  • SBOM: spdx added as a type allowing an SBOM to be analyzed with the phylum analyze -t spdx command

Improvedโ€‹

2023 Weeks 7-12โ€‹

Newโ€‹

  • Integrations: A Bitbucket Cloud integration was created

Improvedโ€‹

  • CLI: v4.7.0 was released including automatic lockfile detection

2023 Weeks 1-6โ€‹

Newโ€‹

  • Groups: The ability to delete Groups was added to the UI/CLI/API
  • CLI: An extension supporting the pip package manager for installation pre-check and sandboxing was published

Improvedโ€‹

  • CLI: phylum package command now automatically submits a package for analysis if results are not already available
  • Analysis: Phylum project/analysis job submissions can now contain multiple lockfiles/ecosystems