Release version 1 of DS analyzer

Why are we doing this work

The Dependency Scanning analyzer that supports the DS using SBOM feature is still in major version 0 and this is considered experimental in semantic versioning

Major version zero (0.y.z) is for initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.

As part of the GA phase of the DS using SBOM feature, we should release the version 1 of this analyzer to communicate its stability.

Note

At one point we incorrectly pushed a v1.0.0 release. We should ensure that this is no longer available as a release, or git tag (including our community mirror).

Relevant links

Non-functional requirements

• Documentation:
• Feature flag:
• Performance:
• Testing:

Implementation plan

1. Create a changelog entry of kind Changed with the major highlights of the new analyzer.
2. Release via the automated Changie process.
3. Update the dependency scanning component, and template to use 1 as the image tag.
4. Move component to GA in its readme.

Verification steps

1. Run the latest dependency scanning template so that it enforces the new analyzer.
2. Verify that version 1 is used and runs without issue.
3. Run the latest version of the CI/CD component and verify that the behavior is the same.