0.80.0

What's Changed

• ci: fix mergify configuration by @tiran in #1005
• ci: pin GitHub Actions to full commit SHAs by @mprpic in #1014
• ci: add minimal permissions to GitHub Actions workflows by @tiran in #1015
• Add a Security policy file by @mprpic in #1013
• refactor(sources): use EAFP pattern instead of is_file() check by @mikedep333 in #1011
• Generate minimal SBOM by @mprpic in #977
• docs(agents): reduce duplication and add concise writing guidance by @LalatenduMohanty in #1010
• refactor(resolver): return lists of matching versions by @rd4398 in #975
• ci: add OpenSSF Scorecard workflow by @mprpic in #1020
• ci: add CodeQL static analysis workflow by @mprpic in #1022
• fix(build_environment): re-raise exception for the JSON parse failure by @LalatenduMohanty in #1026
• build(deps): bump github/codeql-action from 7fc1baf373eb073c686865bd453d412d506a05a2 to 5c8a8a642e79153f5d047b10ec1cba1d1cc65699 by @dependabot[bot] in #1028
• [proposal] New patcher config by @tiran in #940
• fix: use proper URL parsing for GitHub API domain by @mprpic in #1039
• test(sbom): add SPDX 2.3 schema validation with spdx-tools by @mprpic in #1040
• feat(test): add hatch scripts and docs for coverage reports by @LalatenduMohanty in #1043
• feat(bootstrap): add --multiple-versions flag to bootstrap all matching versions by @rd4398 in #1035
• build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 by @dependabot[bot] in #1056
• mergify: add auto-rebase and conflict notification rules by @LalatenduMohanty in #1058
• build(deps): bump github/codeql-action from 3.35.1 to 4.35.1 by @dependabot[bot] in #1055
• build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 by @dependabot[bot] in #1054

New Contributors

• @mikedep333 made their first contribution in #1011

Full Changelog: 0.79.0...0.80.0