44.0.0

What's Changed

🛠 Breaking Changes

• 4872713 feat(cyclonedx)!: Change default format to JSON

🐞 Bug Fixes

• 4b1fb5d aosd: Lookup node linkage breadth-first
• 6121e99 aosd: Only set the selectedLicense if it actually selects something
• 62cdb88 aosd: Populate the selectedLicense unless it offers a choice
• 3cb5f2b bazel: Correctly get the Buildozer version
• 81f58ea npm: Collect issues when listing the packages instead of failing
• 3c62407 reporter: Only write major / minor SPDX license list version info
• 806363a scripts: Use the default image root when running Docker
• a72d6b3 spdx-utils: Fix offersChoice() for equal OR-operands

🎉 New Features

• 804a505 aosd: Sort output by componentName for easier comparison
• a100dcb aosd: Trim trailing whitespace from license texts
• 69a15f4 cyclonedx: Change the default schema version to 1.6
• 8965839 spdx-utils: Make simplify() remove redundant choices

✅ Tests

• d2ba8e4 common-utils: Test EnvironmentVariableFilter with empty deny list
• 1dd2237 oss-index: Change some constants to use packages instead of ids
• 8bc47a4 oss-index: Use coordinates as keys
• 33f3470 osv: Move identifierToPackage() to test-utils
• 58dfc82 osv: Operate on coordinates keys instead of Packages
• 256bc5c e7f4ada pub: Update expected results
• acf9415 spdx-utils: Add a test for simplifying OR-operands
• 419f36e spdx-utils: Compare strings to not rely on semantic equality
• 60b6c4c spdx-utils: Increase a test timeout a bit
• 5d534ad spdx-utils: Simplify comparing a string representation

🐘 Build & ⚙️ CI

• 08b79a0 gradle: Remove an unneeded artifact version filter
• 9ccb771 renovate: Shorten the commit message for Gradle dependencies

📖 Documentation

• 83a9a58 analyzer: Improve PackageManager class documentation
• 7c12d92 bower: Clarify a misleading TODO regardig source artifacts
• c208a15 spdx-utils: Add comments about the validChoices() algorithm

🔧 Chores

• 6b68dd8 aosd: Rename a few variables to singular
• 0753d33 common-utils: Uniformly use lists in EnvironmentVariableFilterTest
• 7b412ef fossid: Add affected path for unmappable licenses
• 8ecb98f model: Allow setting the affected path of an issue
• b2e6c3d model: Return early from collectDependencies()
• ab90bf9 npm: Group lines about missing and invalid packages
• 8ad3a00 npm: Ignore the log file error message of NPM stderr output
• 03d9166 opossum: Prefer add functions when building collections
• 8c65925 scancode: Print JSON raw results non-pretty
• fce2829 Align on constructing URIs without create()

🚀 Dependency Updates

• 5dcde82 Upgrade the JIRA REST client to version 6.0.1
• 6c83409 update actions/setup-java digest to 7a6d8a8
• 12b4e3c update ch.qos.logback:logback-classic to v1.5.13
• cba5464 update codecov/codecov-action digest to 1e68e06
• 56179d5 update com.autonomousapps:dependency-analysis-gradle-plugin to v2.6.1
• 6db8eae update dependency prism-react-renderer to v2.4.1
• 72eca7e update docker/setup-buildx-action digest to 6524bf6
• f3c9a4f update gradle/actions digest to 0bdd871
• 44cbdcc update jetbrains/qodana-action action to v2024.3.3
• 5771756 update log4j2 monorepo to v2.24.3
• 7675665 update software.amazon.awssdk:s3 to v2.29.34
• c259ffb update wagoid/commitlint-github-action digest to 0184f5a

🚜 Refactorings

• efb0711 model: Extract effectiveLicense() code for later reuse
• 1c5cff8 npm: Rename installIssues to allow other issue types