Releases: oss-review-toolkit/ort
Releases · oss-review-toolkit/ort
66.0.3
66.0.2
What's Changed
🐞 Bug Fixes
- d968db5 fossid-webapp: Ignore duplicate rule creation
- c51acbd gradle: Rework conversion of repositories to ORT model
🔧 Chores
- 2ec5bb5 gradle-plugin: Slightly improve a warning message
- 868881c model: Silence an inspection hint to use a range indicator
- a50a3b7 Avoid the use of
JsonInclude.Include.NON_DEFAULTwhere possible - 802bfa2 Do not name the
valueparameter for@Json...annotations
🚀 Dependency Updates
- d724cc1 update actions/checkout action to v5
- 981242e update com.icegreen:greenmail to v2.1.5
- 5bf8d0a update com.zaxxer:hikaricp to v7.0.1
- 73d1b40 update dependency node to v22
- fad569b update github/codeql-action digest to 51f7732
- b66f508 update github/codeql-action digest to 76621b6
- 2815fe0 update github/codeql-action digest to a4e1a01
- 277bd58 update org.apache.tika:tika-core to v3.2.2
- ce8d5bb update org.glassfish.jersey.core:jersey-common to v3.1.11
66.0.1
What's Changed
🐞 Bug Fixes
- 9608c38 fossid: Use the URL with credentials when cloning the repo
- 46dfc5d package-configuration-providers: Fix support for version ranges
✅ Tests
- 1104652 conan: Update expected results
- 03f90c7 osv: Update the expected JSON schema to make test pass again
🔧 Chores
- db6fd5d node: Simplify running of
asynccode a bit - cc81d52 osv-client: Remove a wrapper function that was only used in tests
- 6a20c9e osv-client: Remove an endpoint that was only used in a test
🚀 Dependency Updates
- 97a1b69 update com.blackduck.integration:blackduck-common to v67.0.17
- ee4947b update gradle/actions digest to 017a9ef
🚜 Refactorings
- 6569d7a osv-client: Use
suspendfunctions for Retrofit interfaces
66.0.0
What's Changed
🛠 Breaking Changes
- c04c02d refactor(model)!: Replace
Hash.verify(Hash)withequals()
🐞 Bug Fixes
- 2761e42 docker: Correct an ignore pattern to not match
utils/test/ - af95c97 fossid-webapp: Don't store credentials in the scan comment
- 193ddb1 fossid-webapp: Fix request Logging
- 385044b model: Fix getting package configurations from an ORT result
- 7cce0a4 scanner: Fix the CLI printing scanner names
- e821fa5 scanners: Determine paths invariantly for Windows
- 2b42a52 swiftpm: Properly close an input stream
🎉 New Features
- abfd259 fossid: Add file filtering support for archive uploads
- d1b432f model: Make the sanity check for
Hashmore strict - 123a981 swiftpm: Provide URL to artifact on Swift PM registry
✅ Tests
- 6463d03 model: Make more clear that unknown hashes maintain the value
- 9a87295 python: Update expected results
🐘 Build & ⚙️ CI
- c41b4ba docker: Remove a confusing dot in a
chowncall - f9980c6 gradle: Always show all warnings to identify issues early
- 4f26ec9 gradle: Remove the Jakarta migration plugin
- fe3510a gradle: Remove the reproducible-builds plugin
- 790ba2e github: Switch "windows-2022" to "windows-2025"
- f6771fa release: Disable the dependency grap generation
📖 Documentation
- d6443c6 scanner: Fix capitalization of nested test titles
🔧 Chores
- d885044 model: Remove another case of unnecessary hash lowercase conversion
- 606a2b5 swiftpm: Simplify exception handling
🚀 Dependency Updates
- 101ebd3 update com.netflix.nebula.jakartaee-migration to v0.25.0
- 9b07295 update com.tmatesoft.svnkit:svnkit to v1.10.13
- 0c8d4d0 update dependency gradle to v9
- 5b04681 update docker/login-action digest to 184bdaa
- b4e0e0a update docker/metadata-action digest to c1e5197
🚜 Refactorings
- 8657f2d common-utils: Avoid
Regexuse inexpandTilde() - 305904b dos: Don't create fake scan result in error cases
- 972e3f6 scanner: Catch an exception from
scanPackage - f412004 scanner: Catch an exception from
scanProvenance - f0aaa4e scanner: Do not return an empty
ScannerRunfromscan() - be45630 swiftpm: Inline two rarely used functions
- c71b3bc swiftpm: Move the function logger to the top
- 0c16fca utils: Extract a
getConflictingKeys()function for maps
💡 Other Changes
65.0.0
This release introduces support for includes in the .ort.yml file (#10347 ). Please note that the implementation of that feature is not yet complete, for example, some reports will not correctly show excluded packages when includes are used (see #10347 (comment)).
What's Changed
🛠 Breaking Changes
- 26aef72 chore(scanner)!: Remove the Boyter
lcscanner
🐞 Bug Fixes
- 306135b fossid-webapp: Ignore duplicate rule creation
- ba4a6a8 git: Improve the logic to determine the remote URL
- 08cef9b maven: Do not override repository properties with unset values
- b92be44 scanner: Correct setting scanner tool versions
- f3c95a5 utils: detect key‑based duplicates in Set inputs
🎉 New Features
- 11f4c9c RepositoryConfiguration: Add a model for path includes
- e111395 analyzer: Honor includes to the
PackageManager - b1a1450 cli: Also merge the includes
- e8bbb85 common-utils: Add convenience operators to resolve
Filepaths - 6c5ab2e gradle: Support authentication for repositories
- 7c59584 model: Add
+merge operators for scan-domain objects - 6ca7dd6 model: Apply includes to the
OrtResult - ac41769 model: Guard duplicate scan results / file lists per provenance
- bb9f295 ort-utils: Support merging non-conflicting
Environments - ac3df58 scanner: Expose includes in the scan context
- 927e47c scanner: Merge duplicate scan results that share a provenance
📖 Documentation
- 0db3737 ort-yml: Fix a small typo in the
ort-ymldocumentation
🔧 Chores
- 82e4628 fossid: Inline a few properties for simplicity and compactness
- 3d14c8c fossid: Remove superfluous parentheses
- 4749254 Add clarifying parentheses for the
/operator - e2dd087 Prefer the
/operator to resolve files in simple cases
🚀 Dependency Updates
- 87268bd update aws-java-sdk-v2 monorepo to v2.32.12
- c9da84f update com.blackduck.integration:blackduck-common to v67.0.15
- 3753063 update com.sun.mail:jakarta.mail to v2.0.2
- 8ff323f update github/codeql-action digest to 51f7732
- 309c5a3 update org.apache.commons:commons-compress to v1.28.0
🚜 Refactorings
- b58c8ba model: replace
let { … }withalso { … }in ScannerRun checks
💡 Other Changes
64.1.0
What's Changed
🐞 Bug Fixes
- 31da20b fossid-webapp: Deduplicate and normalize ignore rules
- a385973 fossid-webapp: Ignore unknown properties in file license
- 96503b6 scripts: Correct the name of the default custom Dockerfile
- 7aca3ba spdx: Convert hash value to lowercase when creating SpdxChecksum
- a637094 Properly handle
CancellationExceptions from coroutines
🎉 New Features
- acee7e5 fossid-webapp: Add delta scan support for archive upload mode scans
- 0b9fa5b python: Add a consistency check to
python-inspectorruns - edd1b84 python: Add prominent dependency properties to the data model
🔧 Chores
- 376d116 python: Create a more nicely named temporary
requirements.txt
🚀 Dependency Updates
- c4b1967 docker: Update Android Command line tools to the latest version
- d07c168 docker: Upgrade
python-inspectorto version 0.14.3 - d555525 update com.zaxxer:hikaricp to v7
- 8af870a update io.github.pdvrieze.xmlutil:serialization to v0.91.2
- 967cddf update jirarestclient to v7
- 4c40da8 update org.metaeffekt.core:ae-security to v0.141.1
- 3143886 update org.metaeffekt.core:ae-security to v0.141.2
64.0.0
What's Changed
🛠 Breaking Changes
- 9115e7a refactor(sbt)!: Require at least SBT 1.3.3 to simplify version parsing
🐞 Bug Fixes
- f60dbe4 model: Do not create
archiveDirbefore it is used - e2971d2 model: Rework
archiveDirdeletion - 817f145 node: Ignore dangling linked dependencies
- 638b05e python: Always run
python-inspectorwith theen_US.UTF-8locale
📖 Documentation
- 71e9a29 common-utils: Explain temporary file / directory deletion
🔧 Chores
- 4fb3131 common-utils: Remove the test for Kotlin's
toHexString() - d1d0a3d common-utils: Split tests into matching files
- 66d9188 node: Highlight that
falsecorresponds toisDirectory
🚀 Dependency Updates
- a4fc860 docker: Upgrade ScanCode to version 32.4.1
- 3319819 update aws-java-sdk-v2 monorepo
- 2c892e5 update com.zaxxer:hikaricp to v6.3.2
- 3c1609d update dependency @easyops-cn/docusaurus-search-local to v0.52.1
- 21f59de update github/codeql-action digest to 4e828ff
- b19af68 update graalvm/setup-graalvm digest to 7f488cf
🚜 Refactorings
- 44aabf8 ort-utils: Split
Extensions.ktandUtils.kt
63.1.1
63.1.0
What's Changed
🐞 Bug Fixes
- a324f29 fossid-webapp: Change the return type of
extractArchives
🎉 New Features
- 301c5b0 fossid-webapp: Add support for archive upload mode
- 7e1269a node: Do not install
devDependencieswithout need - 61100b7 utils: Support disabling of caching in
OrtAuthenticator
✅ Tests
- 886b00d bazel: Update expected results
📖 Documentation
- 7cdc69d clients: Add a heading to the dedicated README
- f7a1cd4 clients: Add dedicated descriptions to artifacts
- bebeac3 model: Clarify on the
configurationofScannerDetails
🔧 Chores
- 8935153 Remove verbose logging from
python-inspector
🚀 Dependency Updates
- a89164f update com.charleskorn.kaml:kaml to v0.85.0
- 91d4cc8 update com.zaxxer:hikaricp to v6.3.1
- 884269b update commons-io:commons-io to v2.20.0
- a7f6289 update github/codeql-action digest to d6bbdef
- ed8b271 update jackson monorepo to v2.19.2
- ac8d628 update org.graalvm.buildtools:native-gradle-plugin to v0.11.0
- ba28cb4 update org.springframework:spring-core to v6.2.9
- 2384720 update umbrelladocs/action-linkspector digest to 874d01c
🚜 Refactorings
63.0.0
What's Changed
🛠 Breaking Changes
- e0a732d chore(scanner)!: Reduce the visibility of
scan() - e089879 refactor(common-utils)!: Make the OS name an enum
🐞 Bug Fixes
- a24c91b conan: Update the enum of valid package types for Conan 2
🎉 New Features
- e47bf2d clients: Create a Foojay Disco API client
- 9bd115c common-utils: Add operating system architecture detection
- 35163c9 fossid: Add link to FossID scan in pending files issue message
- cc509b8 fossid-webapp: Add a function to extract uploaded archives
- 6ecd00f fossid-webapp: Add a function to remove uploaded content
- 3eca6b9 fossid-webapp: Add a function to upload files, possibly in chunks
- 5be1b53 intellij: Add a configuration to run CLI help
- c6be238 maven: Improve initialization of execution requests
- cdea001 pnpm: Support up to version 10.*
✅ Tests
- cafab39 bundler: update expected output for multi_json homepage move
🐘 Build & ⚙️ CI
- b79986c gradle: Ensure that the
runtask is always executed - 6eee366 gradle: Fix GraalVM symlinks only at execution time
- 5a2de5f gradle: Only warn about new Detekt rules if they were recompiled
- 0891406 github: Allow configuration caching when publishing
🔧 Chores
- 7237b82 cli-helper: Avoid passing a default parameter value
- 6fd4e18 fossid-webapp: Remove an unnecessary dollar escape character
- 196d1ba ort.yml: Add OSADL matrix to path excludes
- 5cb8e4c scancode: Add a
constmodifier - 2ee4f2e scancode: Turn
getSpdxId()into a member function - 55df621 scancode: Turn getSpdxId() into an expression
- 585c4d3 utils: Make use of
buildMap - 0614da8 utils: Remove the unused
getAssetAsString() - 08b0084 utils: Slightly simplfy computing
processedStatements - c401bc1 utils: Use decomposition for readability
🚀 Dependency Updates
- af2e6da Dockerfile: Use corepack to install npm, pnpm, and Yarn
- f52093c docker: Upgrade Poetry to version 2.1.3
- 47bc46b docker: Upgrade go to the latest minor revision 1.24.5
- a6b5ae6 update aws-java-sdk-v2 monorepo to v2.32.1
- 7f772bb update aws-java-sdk-v2 monorepo to v2.32.2
- 62c4d85 update com.icegreen:greenmail to v2.1.4
- b951c54 update com.vanniktech:gradle-maven-publish-plugin to v0.34.0
- 584f33e update dependency @easyops-cn/docusaurus-search-local to ^0.52.0
- 4528374 update io.mockk:mockk to v1.14.5
- 7302511 update log4j2 monorepo to v2.25.1
- adb12f1 update maven to v3.9.11
- 2e4d968 update org.jetbrains.gradle.plugin.idea-ext to v1.2
- 2fc5651 update org.metaeffekt.core:ae-security to v0.141.0