Skip to content

13.0.0
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Jan 08:39
· 2275 commits to main since this release
13.0.0
34046a6

What's Changed

Breaking Changes 🛠

  • 4e4c475 refactor(model)!: Simplify constructor of DefaultLicenseInfoProvider
  • 3042e35 refactor(reporter)!: Remove ReporterInput.packageConfigurationProvider
  • 233eb8b refactor(scanner)!: Remove the Package parameter from scanPackage()

Bug Fixes 🐞

  • 488027d cargo: Only read checksum metadata entries as hashes
  • e7bdb21 pub: Do not set namespaces for "Pub" packages
  • a547788 scanner: Keep the VCS path for a package scanner's reference package
  • 1e22bc4 spdx-utils: Correctly determine choices for AND expressions
  • 3205ec9 spm: Ensure uniqueness of identifiers for projects
  • 59942dc spm: Stop setting the author field for consistency
  • 6a8bd94 spm: Stop using the repository name as the name of dependencies

Chores 🔧

  • 0a33af9 scanner: Add a closing quote when logging the scanner name

Dependency Updates 🚀

  • 89521b5 website: Upgrade to Docusaurus 3.1.0
  • 25e1de1 Update the foojay-resolver-convention plugin to version 0.8.0
  • 711bdd5 update davidanson/markdownlint-cli2-action action to v15
  • d7dbd01 update dependency com.autonomousapps.dependency-analysis to v1.29.0

Documentation 📖

  • e0560f3 evaluated-model: Fixup references to resolutions
  • 920fd0c helper-cli: Fix-up a copy and paste mistake
  • 5dca9cf jenkins: Document that VulnerableCode is enabled by default
  • 2cf9032 model: Improve docs for RepositoryProvenance properties
  • 00bc82b model: Improve various ProvenanceResolutionResult texts

New Features 🎉

  • 0c748f4 composer: Use PackageManager.getFallbackProjectName
  • 07d06bb model: Introduce OrtResult.getPackageConfigurations()
  • c5671ee pub: Use PackageManager.getFallbackProjectName
  • 3f4073f reporter: Use 
     block for issue messages
  • 2b230b8 website: Integrate tutorial with docs

Other Changes 💡

  • 523e898 evaluated-model: Consume package configs via the OrtResult
  • 2bf0203 evalutator-command: Include package configs in input OrtResult
  • 7754349 list-copyrights-command: Simplify passing on package configs
  • 79fcd67 reporter-command: Include package configs in the OrtResult
  • be38f7f scanner: Get the nested provenance only once
  • 972e24c scanner: Move downloadRecursively() to ProvenanceDownloader
  • 3c795a1 spdx-utils: Remove disjunctiveNormalForm()
  • 0ea02d6 spdx-utils: Simplify the OR case of validChoicesForDnf()
  • dac1854 spm: Stop setting the homepage URL

Tests ✅

  • 8bc273e fossid: Align the way to call scanPackage()
  • ccb4d67 node: Update expected test results
  • 4336048 ort-utils: Add more Copyright symbol tests
  • 6ae49d8 osv: Update expected results
  • cb47b19 osv: Update expected test results
  • 0fb41d1 pub: Update expected test results
  • 34046a6 spdx-utils: Add a test for a complex license choice
  • 43b446c spdx-utils: Compare choices by string representation
  • fad0008 spm: Update expected results
  • 7032df2 utils: Improve assertions for the processed statements
  • 4d915d6 utils: Use a shorter name for actualResult
Assets 4
Loading