GUAC v0.8.6 is now available. It fixes one bug from the just-released version 0.8.5, which includes a few improvements. The command line vulnerability query now searches for hasSBOM nodes on artifacts. In addition, the CycloneDX parser now captures version for image artifacts. Finally, the Docker compose files provided in the release now include the ClearlyDefined certifier that was added in GUAC 0.8.0.
This release also contains several bug fixes. The GitHub release page has a complete list of changes in this release. Want to contribute to GUAC? You can join our community.