v2.4.0

New features

• Allow for ignoring OSV warnings by ID by @ikretz in #161

Bug fixes and improvements

• Handle missing Datadog agent when removing config by @danshome in #167
• Handle KeyboardInterrupt by @ikretz in #168

New Contributors

• @danshome made their first contribution in #167

Full Changelog: v2.3.0...v2.4.0

v2.3.0

New features

• Allow commands on unsupported versions via CLI option by @ikretz in #152

Bug fixes and improvements

• Delay check for supported package manager version based on need by @ikretz in #143
• Account for verbose option in pip commands by @ikretz in #144
• Make dry-run exit code reflect findings status by @ikretz in #145
• [Suggestion] More in-depth runtime error when npm isn't installed by @d-niu in #148
• Warn on logger errors instead of exiting early by @ikretz in #150
• Update .rc files in-place while configuring by @ikretz in #154
• Handle non-interactive shells gracefully by @ikretz in #158

Chores

• Bump certifi from 2025.8.3 to 2025.10.5 by @dependabot[bot] in #157
• Bump datadog-api-client from 2.43.0 to 2.44.0 by @dependabot[bot] in #156
• Bump version for release of v2.3.0 by @ikretz in #159

New Contributors

• @d-niu made their first contribution in #148
• @dependabot[bot] made their first contribution in #157

Full Changelog: v2.2.1...v2.3.0

v2.2.1

Bug fixes and improvements

• Update README.md to add CTA for design partners by @netcode in #120
• Documentation: Configuring Datadog site parameter by @ikretz in #128
• Add a hierarchy of Python binary names when resolving executable by @ikretz in #131

Full Changelog: v2.2.0...v2.2.1

v2.2.0

New features

• Allow verifiers to support only certain ecosystems by @ikretz in #106
• Allow for erroring on malicious findings by @ikretz in #108
• Allow for automatically allowing or blocking on warning by @ikretz in #109

Bug fixes and improvements

• Handle compromised libs in malicious packages dataset verifier by @ikretz in #117

Chores

• Bump version number release of v2.2.0 by @ikretz in #118

Full Changelog: v2.1.0...v2.2.0

v2.1.0

New features

• Add local auditing of installed packages by @ikretz in #88
• Cache malicious packages data to use as a fallback by @ikretz in #100
• Add Datadog logging for local audits by @ikretz in #103

Bug fixes and improvements

• Replace PackageManagerCommand with PackageManager by @ikretz in #85

Full Changelog: v2.0.0...v2.1.0

v2.0.0

Breaking changes

• Clarify firewall actions by @ikretz in #71

New features

• Add initial support for Poetry by @ikretz in #74
• Add support for poetry install by @ikretz in #79
• Add support for poetry sync by @ikretz in #82
• Add support for poetry update by @ikretz in #83

Bug fixes and improvements

• Adding guarddog dependency scanning by @sobregosodd in #81

Chores

• Bump version number to 2.0.0 by @ikretz in #84

Full Changelog: v1.3.3...v2.0.0

v1.3.3

Bug fixes and improvements

• Handle OSV.dev results pagination by @ikretz in #60
• Rank OSV.dev findings by severity by @ikretz in #61

Chores

• Update dependencies and tests by @ikretz in #59
• Update dev dependencies by @ikretz in #66
• Bump version number to 1.3.3 by @ikretz in #68

Full Changelog: v1.3.2...v1.3.3

v1.3.2

Bug fixes and improvements

• Update tests with latest pip and npm versions by @ikretz in #51
• Collect username in Datadog logs by @ikretz in #52
• Add executable to default log handler by @ikretz in #53

Chores

• Bump version number for release v1.3.2 by @ikretz in #54

Full Changelog: v1.3.1...v1.3.2

v1.3.1

Bug fixes and improvements

• Hotfix: Add missing subpackage to pyproject.toml by @ikretz in #50

Full Changelog: v1.3.0...v1.3.1

v1.2.0

New features

• Add default logger for local Datadog Agent by @ikretz in #44

Bug fixes and improvements

• Standardize Datadog log format by @ikretz in #46

Chores

• Bump jinja2 to 3.1.5 by @ikretz in #46

Full Changelog: v1.1.0...v1.2.0