Skip to content

43.0.0 (SBOM Plugfest)
Compare
Choose a tag to compare
@github-actions github-actions released this 10 Dec 07:47
· 107 commits to main since this release
43.0.0
097eb5d

What's Changed

🛠 Breaking Changes

  • b12f874 refactor(commands)!: Migrate command plugins to new plugin API
  • b306a87 refactor(common-utils)!: Do not require success for a CLI's run()

🐞 Bug Fixes

  • 390fd75 cyclonedx: Filter out scores that would cause problems
  • c0c5ad6 cyclonedx: Improve mapping of vulnerability methods
  • ef538ee model: Keep the description when converting a project to a package
  • f56a744 ort-utils: Use the latest available JDK when bootstrapping
  • d70813b spdx: Write the description instead of the summary

🎉 New Features

  • 101f5e4 cyclonedx: Add the dependency graph
  • 5d2b5a6 cyclonedx: Also set BOM-level component info
  • 473ad0a cyclonedx: Also write out the vulnerability vector, if any
  • 097eb5d cyclonedx: Set basic supplier information
  • eead59c spdx: Set originator and supplier information

✅ Tests

  • da80bad cyclonedx: Rewrite expected JSON test results
  • e7da326 cyclonedx: Use a valid length for the fake UUID
  • 4946204 osv: Update expected results
  • 4f59b2a reporters: Set repository VcsInfo in test data

📖 Documentation

  • 4a1031a cyclonedx: Document remaining functions
  • 03ba516 ort-util: Improve an exception message when bootstrapping a JDK

🔧 Chores

  • 2e31827 advisor: Prefer also over let when not mapping
  • 431c75a conan: Move a potentially throwing call into runCatching
  • 30b098e cyclonedx: Set a Component's properties in a different order
  • e2c62d1 cyclonedx: Split functions across files
  • 7674ae3 cyclonedx: Stick to CycloneDX naming for BOM extensions
  • c7d7312 model: Align the YAML sequence / list style in reference.yml
  • a2c5cd6 model: Sort the when cases in getPurlType() alphabetically
  • 513a089 node: Remove unneeded open modifiers from Yarn code
  • 1b024c4 spdx: Set SpdxPackage properties exactly in order

🚀 Dependency Updates

  • cd6e57e update actions/attest-build-provenance digest to 7668571
  • bd2b523 update actions/attest-build-provenance digest to c4fbc64
  • 7a11f09 update codecov/codecov-action digest to 7f8b4b4
  • b8edd0c update dependency com.github.jmongard.git-semver-plugin to v0.13.0
  • 23eac5f update dependency org.metaeffekt.core:ae-security to v0.131.0
  • f526c1a update dependency software.amazon.awssdk:s3 to v2.29.29
  • ab9756a update exposed to v0.57.0

🚜 Refactorings

  • 21be05b cyclonedx: Rename implicit it lambda arguments
  • e6e24bd cyclonedx: Turn some functions into extension for ease of use
Assets 10
Loading