v0.15.2

Changelog for poutine v0.15.2 🚀

Improvements 🔧

• GitHub Native Changelog Formatting: Updated changelog generation to follow GitHub's native format, enhancing readability and consistency. (#208)
• Gracefully Skip Empty Repositories: Improved handling to skip over empty repositories without errors during analysis. (#209)
• Poutine Build Platform Advisories: Added platform-specific advisories to the build process, providing more tailored insights. (#221)
• Git Error Handling Improvements: Enhanced error handling in Git, including resilience during local analysis to allow scanning of folders that are not git repositories. (#222)

Security Updates 🔒

• Update osv.rego with New GHA CVE: Integrated the latest GitHub Actions CVE from the OSV database for more comprehensive vulnerability scanning. (#210)
• CVE Database Update: Refreshed CVE database with the latest entries to maintain up-to-date security checks. (#211)

Dependency Updates 📦

• sigstore/cosign-installer: Bumped cosign-installer from v3.5.0 to v3.6.0 for enhanced functionality. (#200)
• actions/upload-artifact: Updated to v4.4.0 for improved artifact handling in GitHub Actions. (#201)
• ossf/scorecard-action: Upgraded to v2.4.0 for the latest enhancements in scorecard assessments. (#202)
• Go 1.23 Update: Updated to Go v1.23 as part of general dependency and compatibility improvements. (#220)
• actions/checkout: Increased to v4.2.0 for streamlined workflows. (#217)
• step-security/harden-runner: Upgraded to v2.10.1 to strengthen security in CI workflows. (#216)
• github/codeql-action: Updated to v3.26.10 for more effective code scanning capabilities. (#215)

Full Changelog 📜

For a detailed diff of all changes, see the full changelog.