v1.0.4 — Disable Rich Auto-Highlighting + Dependency Upgrades

What's new

• Disable Rich Auto-Highlighting: Fixed a visual formatting bug where Rich's default Console parser automatically colorized path-like substrings, IP addresses, and numbers inside plain f-strings (e.g. coloring parts of "aisbom 1.0.4" or "(CycloneDX v1.6)" cyan). Setting highlight=False ensures CLI output displays exactly as authored, while manual Rich formatting markup tags remain supported.
• Upgraded Dependencies: Integrates the 5 recently merged Dependabot dependency and security updates (including click, torch, packaging, typer, and pyinstaller).

What's not changing

All core scanner rules, exit codes, SBOM output schemas, and command signatures are identical to v1.0.3.

v1.0.3 — Fix Early-Exception Crashes + Security Update

What's new

• Fix Early-Exception Crashes: Fixed a bug where a failed file open operation (due to permission errors, broken symlinks, or file deletions) during PyTorch, SafeTensors, or GGUF inspections triggered an UnboundLocalError inside their clean-up code. The scanner now gracefully logs the file system error in the scan metadata instead of crashing and throwing a false cli_error event.
• Security Update: Updated the transitive dependency idna to version 3.16 to resolve a medium-severity vulnerability (CVE-2026-45409 / GHSA-65pc-fj4g-8rjx).
• Aligned Versioning: Formally aligned the CLI versioning under the v1.x.x release line to match the GitHub Action's releases, preventing version order issues on GitHub and the website changelog.
• Release Guidelines: Added a formalized release process document in docs/release-process.md.

What's not changing

All core scanner rules, exit codes, SBOM output schemas, and command signatures are identical to v0.10.0.

v1.0.2 — Fix positional-args migration + PIPESTATUS bash dep

Patch release. Two e2e-discovered bugs in v1.0.1 fixed: inputs are now passed positionally so we don't depend on POSIX-illegal env var names with hyphens, and the entrypoint uses bash so PIPESTATUS captures the scan's exit code (not tee's). The fail-on-risk gate works correctly now.

v1.0.1 — Fix hyphenated INPUT_* env vars for Docker actions

Patch release. Action correctly reads inputs.github-token (and the other hyphenated inputs) from the Docker container env. v1.0.0's comment-posting step silently no-op'd because the token resolved to empty. No API or behavior changes beyond fixing the comment post.

v1.0.0 — AIsbom Action: first Marketplace release

First Marketplace release of the AIsbom Security Scanner Action.

What it does

Scans ML model artifacts (.pt, .safetensors, .gguf) in your PRs for pickle-bomb malware, license risk, and silent drift. Posts a single idempotent comment to the PR summarizing findings, with a link to the hosted viewer at aisbom.io. Re-runs update the same comment in place via a hidden marker — you'll never see stacked AIsbom comments on the same PR.

Uses aisbom-cli 0.10.0 under the hood, installed inside the Action's Docker image.

Quick start

See README_ACTION.md for the full workflow snippet, inputs/outputs reference, permissions block, and troubleshooting.

Minimum permissions in the consuming workflow:

permissions:
  contents: read
  pull-requests: write

Pin via Lab700xOrg/aisbom@v1 (floating) or Lab700xOrg/aisbom@v1.0.0 (immutable).

Telemetry

Two new events (github_action_run and github_action_comment_posted) fire from the Action container. Honors AISBOM_NO_TELEMETRY=1 like the CLI.

v0.10.0

What's new

Two changes you'll see on every successful scan.

• Acquisition footer. Every aisbom scan now ends with a "Next steps" panel pointing at the right place to view your SBOM (your hosted share URL if you used --share, otherwise the drag-and-drop offline viewer) and at the rolling AISBOM advisories page for the AI/ML supply chain. Recurring re-engagement vector; no scan output formats changed.
• Friendlier help surface. Several small --help improvements based on a coverage audit of recently shipped features:
  • New top-level --version / -V flag — print the installed version without spinning up aisbom info.
  • Top-level help now documents the AISBOM_NO_TELEMETRY=1 env-var opt-out directly (no more "read the README" friction).
  • --share help text now explicitly calls out that uploaded SBOMs are publicly viewable and expire after 30 days. --share-yes is flagged as CI/CD-only with a warning about interactive use.
  • aisbom info adds a Telemetry: line showing current state (enabled vs opted-out) — one canonical place to confirm whether events are firing.
  • scan target arg spells out all three forms with concrete examples (local dir, HTTP(S) URL, hf:// slug).

Privacy: attribution tagging

The new footer URLs include ?ref=cli so we can measure CLI → web conversion in GA4 Acquisition. This tag is automatically stripped when AISBOM_NO_TELEMETRY=1 is set — opt-out users still see the URLs (still useful), just without attribution.

What's not changing

Scanner behavior, exit codes, output formats, the --share flow, and what data is collected — all identical to 0.9.x. The footer replaces the previous "Visualize this report" panel; everything else in scan output is unchanged.

Opting out

# Permanent
export AISBOM_NO_TELEMETRY=1

# One invocation
AISBOM_NO_TELEMETRY=1 aisbom scan ./my-project

v0.9.2

What's new

Friendlier first-touch experience. Two small changes that make the first 30 seconds with AIsbom click.

• Concrete-example default command. Running aisbom with no arguments now prints a one-screen quickstart with a working example (aisbom scan hf://google-bert/bert-base-uncased) instead of Typer's auto-generated help dump. aisbom --help still shows the full command reference for power users.

• Zero-install path documented. New "Zero-Install (pipx run)" section in the README and a third install option on aisbom.io. Try AIsbom without committing to a system install:

  pipx run --spec aisbom-cli aisbom scan hf://google-bert/bert-base-uncased

Housekeeping

• CI: bumped softprops/action-gh-release from v2 to v3 in the binary-release workflow.

What's not changing

Scanner behavior, exit codes, output formats, the --share flow, telemetry events, and what data is collected — all identical to 0.9.1. The default-command change is presentation-only; scripts that parse aisbom no-args output should already be relying on --help instead.

v0.9.1

What's new

Telemetry default-flip — Anonymous CLI usage telemetry is now on by default.

• The AISBOM_TELEMETRY_V2=1 opt-in introduced in 0.8.x has been retired after a successful soak. The single lever from now on is the opt-out: AISBOM_NO_TELEMETRY=1.
• No new events, no new fields, no change to what's collected — the schema shipped in 0.8.x continues unchanged. See the Telemetry & Privacy section in the README for the full list.
• If you previously set AISBOM_TELEMETRY_V2=1 in your shell rc or CI environment, you can remove it; it's now a no-op.

What's not changing

Scanner behavior, exit codes, output formats, the --share flow shipped in 0.9.0, and what data is collected — all identical to 0.9.0.

Opting out

# Permanent
export AISBOM_NO_TELEMETRY=1

# One invocation
AISBOM_NO_TELEMETRY=1 aisbom scan ./my-project

v0.9.0 — Shareable SBOM URLs

What's new

Shareable SBOM URLs — Instantly generate a secure, hosted viewer link for your SBOM by appending the --share flag to your scan.

• Privacy-first: Includes a strict confirmation prompt before uploading, unless explicitly bypassed with --share-yes for CI/CD pipelines.
• Telemetry: Added cli_share_created event tracking the has_share_yes parameter to measure bypass usage.
• Safe Empty Scans: Automatically aborts upload if the target path is empty and no artifacts or dependencies are discovered.
• Documentation: Added a new "Share Your SBOM" section to the README and updated the Telemetry & Privacy section to reflect the opt-in upload behavior (data retained for 30 days).

What's not changing

Scanner behavior, exit codes, output formats — all identical to v0.8.x.

Telemetry behavior remains the same as v0.8.0.

v0.8.0 — CLI telemetry preview

What's new

• CLI telemetry preview — opt-in via AISBOM_TELEMETRY_V2=1. Off by default in this release while we soak the pipeline.
• New events: cli_install_first_seen, cli_scan (with target_type, model_format, risk_level_max, scan_duration_ms, file_count, parse_error_count, strict_mode), cli_scan_critical_found, cli_strict_mode, cli_diff, cli_error (exception class name only).
• Anonymous user_id (SHA-256 of MAC + salt, 16 hex chars) stored in ~/.aisbom/config.json for returning-user analytics.
• New "Telemetry & Privacy" section in README documenting the full schema, where data goes, and how to opt out.

Privacy

Set AISBOM_NO_TELEMETRY=1 to disable telemetry entirely. This setting wins over every other gate. The opt-out is forward-compatible — it'll work the same way after the next release flips the default.

What's not changing

• Scanner behavior, exit codes, output formats — all identical to v0.7.x.
• aisbom-cli 0.7.x clients keep working unchanged against the deployed Worker.

Next release

Will flip telemetry to default-on, with AISBOM_NO_TELEMETRY=1 documented as the opt-out.