From c83ae776be18238aa90fb28ff38c58ef86fe82bd Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Mon, 2 Jun 2025 20:40:16 +0530
Subject: [PATCH 1/3] Get tag from VERSION manifest

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 setup.cfg                  |  2 +-
 vulnerabilities/models.py  |  2 +-
 vulnerablecode/__init__.py | 25 ++++++++++++++++++++++++-
 3 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/setup.cfg b/setup.cfg
index ae58b59b4..81f29d43f 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = vulnerablecode
-version = 36.1.0
+version = 36.1.2
 license = Apache-2.0 AND CC-BY-SA-4.0
 
 # description must be on ONE line https://github.com/pypa/setuptools/issues/1390
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
index b6bd861eb..e1fe7353e 100644
--- a/vulnerabilities/models.py
+++ b/vulnerabilities/models.py
@@ -2005,7 +2005,7 @@ def set_vulnerablecode_version_and_commit(self):
             msg = f"Field vulnerablecode_version already set to {self.vulnerablecode_version}"
             raise ValueError(msg)
 
-        self.vulnerablecode_version = VULNERABLECODE_VERSION
+        self.vulnerablecode_version = vulnerablecode.get_git_tag()
         self.vulnerablecode_commit = vulnerablecode.get_short_commit()
         self.save(update_fields=["vulnerablecode_version", "vulnerablecode_commit"])
 
diff --git a/vulnerablecode/__init__.py b/vulnerablecode/__init__.py
index 6ad120243..1ac063667 100644
--- a/vulnerablecode/__init__.py
+++ b/vulnerablecode/__init__.py
@@ -14,7 +14,7 @@
 
 import git
 
-__version__ = "36.1.0"
+__version__ = "36.1.2"
 
 
 PROJECT_DIR = Path(__file__).resolve().parent
@@ -49,6 +49,29 @@ def get_git_commit_from_version_file():
         return
 
 
+def get_git_tag_from_version_file():
+    """Return the tag from the ".VERSION" file."""
+    version_file = ROOT_DIR / ".VERSION"
+    if not version_file.exists():
+        return
+
+    try:
+        lines = version_file.read_text().splitlines()
+        ref_line = lines[0]
+        if "tag:" in ref_line:
+            if vcio_tag := ref_line.split("tag:")[-1].strip():
+                return vcio_tag
+    except (UnicodeDecodeError):
+        return
+
+
+def get_git_tag():
+    """Return the tag from the ".VERSION" file or __version__."""
+    if vcio_tag := get_git_tag_from_version_file():
+        return vcio_tag
+    return __version__
+
+
 def get_short_commit():
     """
     Return the short commit hash from the .VERSION file or from `git describe`

From ec8c90e251ada148588b2e73f7e9f63692f7c80d Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Mon, 2 Jun 2025 20:55:47 +0530
Subject: [PATCH 2/3] Update vulnerabilities search url

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 docs/source/user-interface.rst | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/source/user-interface.rst b/docs/source/user-interface.rst
index 251896c8a..b907ecfd5 100644
--- a/docs/source/user-interface.rst
+++ b/docs/source/user-interface.rst
@@ -15,11 +15,11 @@ package URL or purl prefix fragment such as
 
 The search by packages is available at the following URL:
 
-    `https://public.vulnerablecode.io/packages/search <https://public.vulnerablecode.io/packages/search>`_
+    `https://public.vulnerablecode.io/packages/search/ <https://public.vulnerablecode.io/packages/search/>`_
 
 How to search by packages:
 
-    1. Go to the URL: `https://public.vulnerablecode.io/packages/search <https://public.vulnerablecode.io/packages/search>`_
+    1. Go to the URL: `https://public.vulnerablecode.io/packages/search/ <https://public.vulnerablecode.io/packages/search/>`_
     2. Enter the package URL or purl prefix fragment such as ``pkg:pypi``
        or by package name in the search box.
     3. Click on the search button.
@@ -46,11 +46,11 @@ fragment of these identifiers like ``CVE-2021``.
 
 The search by vulnerabilities is available at the following URL:
 
-    `https://public.vulnerablecode.io/vulnerabilities/search <https://public.vulnerablecode.io/vulnerabilities/search>`_
+    `https://public.vulnerablecode.io/vulnerabilities/search/ <https://public.vulnerablecode.io/vulnerabilities/search/>`_
 
 How to search by vulnerabilities:
 
-    1. Go to the URL: `https://public.vulnerablecode.io/vulnerabilities/search <https://public.vulnerablecode.io/vulnerabilities/search>`_
+    1. Go to the URL: `https://public.vulnerablecode.io/vulnerabilities/search/ <https://public.vulnerablecode.io/vulnerabilities/search/>`_
     2. Enter the VCID, CVE, GHSA, CPEs etc. in the search box.
     3. Click on the search button.
 

From 8f79fc0412d808d4d0e01a97dcceb66ee398056c Mon Sep 17 00:00:00 2001
From: Keshav Priyadarshi <git@keshav.space>
Date: Mon, 2 Jun 2025 21:18:28 +0530
Subject: [PATCH 3/3] Add CHANGELOG for v36.1.2

Signed-off-by: Keshav Priyadarshi <git@keshav.space>
---
 CHANGELOG.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index e81e19831..5776daa9b 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -2,6 +2,18 @@ Release notes
 =============
 
 
+Version v36.1.2
+---------------------
+
+- Get tag from VERSION manifest #1895
+
+
+Version v36.1.1
+---------------------
+
+- Update is_active help text in pipeline migration #1887
+
+
 Version v36.1.0
 ---------------------