Skip to content

28.0.0
Compare
Choose a tag to compare
@github-actions github-actions released this 15 Aug 07:33
· 324 commits to main since this release
28.0.0
b1dd96a

What's Changed

Breaking Changes 🛠

  • 0137bde refactor!: Replace is{False,True}() with toBooleanStrictOrNull()
  • d03abd4 refactor(bazel)!: Align create function and parameter naming
  • fa35e72 refactor(bazel)!: Rework collection use for URLs
  • 37ea3e6 refactor(bazel)!: Simplify code with an url not being nullable
  • 56e2fb7 refactor(model)!: Use a secondary Hash constructor instead of create()
  • 506ef31 refactor(reporter)!: Change to return per-file-format results

Bug Fixes 🐞

  • c43047a Bazel: Fix BazelTest
  • d6b7404 Bazel: Force a Bazel version for BazelTest
  • 7d6a7e9 Bazel: Recreate the test data for the test with local registry
  • b1dd96a bazel: Distict registry URLs by their normalized form
  • 6160df2 compose: Ignore definition files from vendor directories
  • 471a65d compose: Stash any present "vendor" directory
  • 37e0e5c composer: Do not use the managerName for packages
  • b579f88 composer: Support the license field to be a primitive string
  • ae14f3f conan: Properly inspect null values
  • 46aa773 ctrlx-reporter: Make the $schema field non-nullable
  • b194374 ctrlx-reporter: Only use real SPDX IDs
  • af556b0 downloader: Correctly get the repository root path
  • 743873a scanoss: Ignore the logging provider from `scanoss'

New Features 🎉

  • b4e4156 Bazel: Support Bazel 7.2.0
  • ebd6454 bazel: Add MultiBazelModuleRegistryService class
  • 378f6e2 bazel: Support multiple registry services
  • e8e3416 reporter: Add a reporter for the AOSD 2 format

Build 🐘 & CI ⚙️

  • bb0a326 gradle: Remove the unused scanoss client project
  • a603d3d github: Use latest instead of linked CodeQL tooling
  • 5092c18 renovate: Enable Renovate for the website
  • 0b94998 renovate: Update NPM only once a week

Chores 🔧

  • fb15bb1 Bazel: replace the test done by BazelTest by a functional test
  • 48f4128 bazel: Omit a default argument
  • 4e86921 bower: Remove the now unnecessary inspection hint suppressions
  • b9f521e composer: Make top-level data classes internal
  • fcc91b7 composer: Reduce the visibility of two constants
  • 0454248 composer: Remove an uncessary log warning
  • d2a1434 composer: Simplify associateBy to associate
  • 949b5de docker: Replace Bazel by Bazelisk
  • 727705f docker: Upgrade PHP to the latest active version
  • b694901 docker: Upgrade composer to the latest version
  • dfa843c downloader: Add a debug log when deleting working tree caches
  • 977707d evaluated-model: Remove a superfluous file format case
  • 400e0f4 gradle: Sort compiler options alphabetically
  • 1ba1116 model: Consistently use HTTPS for example.com URLs
  • df82c97 node: Use curly-brace-syntax for logging
  • 2839a76 package-manager: Force a Bazel version for the existing test
  • f8dc4e3 scanoss: Do not apply the BlacklistRules
  • bdbc11d Align code and wording of either-or property checks
  • f6ba8bc Do not used the named with parameter for @Serializable
  • 424dfcb Use the recommended function to get serializers for a type

Dependency Updates 🚀

  • 7aec1fb website: Upgrade to Docusaurus 3.4.0
  • 4c3ed0b website: Upgrade transitive dependencies
  • c8cf639 pin dependencies
  • ce116dd update actions/attest-build-provenance digest to 210c191
  • 090c43c update actions/attest-build-provenance digest to 310b0a4
  • 7a297b5 update actions/deploy-pages action to v4
  • 223676b update actions/setup-node action to v4
  • aee9f08 update actions/upload-pages-artifact action to v3
  • b2acb25 update dependency com.autonomousapps.dependency-analysis to v1.33.0
  • f7c54c6 update dependency com.charleskorn.kaml:kaml to v0.61.0
  • a469c1d update dependency com.github.ajalt.mordant:mordant to v2.7.2
  • 9391fd1 update dependency com.networknt:json-schema-validator to v1.5.1
  • 0621a90 update dependency gradle to v8.10
  • dc6db0f update dependency org.apache.commons:commons-compress to v1.27.0
  • 7f4903c update dependency org.apache.logging.log4j:log4j-api-kotlin to v1.5.0
  • 897298d update dependency org.asciidoctor:asciidoctorj-pdf to v2.3.18
  • 56d5421 update dependency org.cyclonedx:cyclonedx-core-java to v9.0.5
  • 3e819a0 update dependency org.slf4j:slf4j-api to v2.0.14
  • a0cbc63 update dependency org.slf4j:slf4j-api to v2.0.15
  • 4f3af43 update dependency org.slf4j:slf4j-api to v2.0.16
  • 93907bc update dependency org.springframework:spring-core to v5.3.39
  • f891232 update dependency org.tukaani:xz to v1.10
  • fd2290f update dependency org.wiremock:wiremock to v3.9.0
  • a60d045 update dependency org.wiremock:wiremock to v3.9.1
  • c1f1795 update dependency software.amazon.awssdk:s3 to v2.27.1
  • ee94143 update docker/build-push-action digest to 16ebe77
  • 85936e7 update docker/build-push-action digest to 5176d81
  • e3087af update docker/build-push-action digest to 5cd11c3
  • 39a638e update docker/login-action digest to 9780b0c
  • 7faea4d update docker/setup-buildx-action digest to 988b5a0
  • 5d4985b update docker/setup-buildx-action digest to aa33708
  • dc9a0dc update docusaurus monorepo to v3.5.1
  • 3b079c4 update exposed to v0.53.0
  • 8853da4 update github/codeql-action digest to 29d86d2
  • 5fdc763 update github/codeql-action digest to 2d79040
  • 17ed779 update github/codeql-action digest to 429e197
  • 942d706 update github/codeql-action digest to 5cf07d8
  • b2ee73b update github/codeql-action digest to afb54ba
  • eb64faa update github/codeql-action digest to eb055d7
  • b0bddf9 update gradle/actions action to v4
  • 1741aff update jetbrains/qodana-action action to v2024.1.9
  • f9d3bd0 update kotlin monorepo to v2.0.10
  • af4c8b1 update mavenresolver to v1.9.22
  • 942539a update ossf/scorecard-action action to v2.4.0
  • 691c31e update wagoid/commitlint-github-action digest to baa1b23

Documentation 📖

  • 48bb017 README: Add a Repobeats contribution statistics image
  • a98f22b README: Add a sentence aboout the governance model
  • 2d8257c README: Reword the contribution section
  • 742b393 bazel: Quote a file name in fluent text
  • a7d5987 conan: Explain why a temporary file is required for inspect
  • 1c0713d github: Add icons to the issue workflow
  • b7ae659 reporter: Update the link to Ctrl-X Automation FOSS information
  • f19c276 Add Volkswagen AG to the list of adopters

Refactorings 🚜

  • 2c18272 bazel: Create an issue instead of throwing on no registry
  • c2ff612 bazel: Map directly to a set
  • 2274638 bazel: Nest an internal data class for better grouping
  • 5dd19ff bazel: Simplify creating Bazel module registries
  • 1cca35a bower: Also take the authors from the project package
  • 1a00466 bower: Factor out getProjectPackageInfo()
  • c8e47f2 bower: Factor out toProject()
  • 99a44e8 bower: Filter out unreferenced packages
  • d09bb6f bower: Inline getDependencyInfos()
  • 668813f bower: Inline parseAuthors()
  • 15f0650 bower: Inline functions for parsing VCS info components
  • cf40585 bower: Inline two variables
  • db1a710 bower: Make PackageInfo.key non-nullable
  • ed68c89 bower: Move PackageInfo extensions next to one another
  • 985b25b bower: Port the deserialization code from Jackson to KxS
  • b848267 bower: Prefer isNotEmpty() over !isEmpty()
  • e010352 bower: Remove redundant tree traversal logic
  • e996180 bower: Remove repetition from scope creation
  • b704120 bower: Rename a variable
  • e288ded bower: Reword obsolete uses of the terminology of nodes
  • 3cba5ca bower: Simplify a non-null check
  • 0de5f6e bower: Simplify calling code of getScopeDependencies()
  • 269df54 bower: Simplify the accounting for missing dependency entries
  • d9183dc bower: Simplify the return type of parsePackages()
  • 2c7c11f bower: Simply use the package ID as key
  • ab42ed9 bower: Turn dependencyKeyOf() into an extension property
  • 95fe15b bower: Turn parseDependencyTree() into an expression
  • 8885926 bower: Turn parseDependencyTree() into an extension
  • 01657fc bower: Use a LinkedList for the queues
  • 6560451 bower: Use a more speaking name for it
  • d65c0c0 bower: Use a more speaking name for packageInfo
  • f4aa253 bower: Use data classes for deserializing the package list
  • 06ff6cc bower: Use extension functions for mapping from PackageInfo
  • a35a20d composer: Extract scope names to constants
  • 2636851 composer: Factor out PackageInfo.toPackage()
  • 00395eb composer: Inline parseArtifact()
  • 490f003 composer: Inline parseInstalledPackages()
  • 34f3760 composer: Port the deserialization code from Jackson to KxS
  • e736b96 composer: Remove redundancy in scope construction
  • d6e0ddb composer: Simplify parseVirtualPackageNames()
  • 543de7b composer: Use data classes for the deserialization
  • 78a0a7b conan: Inline the parsePackageField() one-liner function
  • 3ea3898 conan: Make the return type of inspectField() nullable
  • 52f3919 conan: Rename inspectOrNull() to inspectPyFile()
  • c68d2af conan: Simplify the parsing of Conan data
  • b0dadb5 cyclonedx: Map extension strings to typed formats
  • 7d5deb6 fossid: Simplify code with createAndLogIssue()
  • e013788 model: Teach hash algorithms about their value string size
  • f6de731 plugins: Factor out Collection<Scope>.collectDependencies()
  • 976007f scanoss: Migrate from the deprecated scanner to scanoss

Tests ✅

  • 2399ee5 conan: Update expected results
  • 3f7160c conan: Update the conanfile.py project
  • f3a96ae evaluator: Add two concrete OSADL compatibility matrix tests
  • 58267f5 osv: Update an expected result
  • 1a277d1 scanoss: Add a test for the Winnowing function
  • 636411b Use realistic RemoteArtifact placeholder values
Assets 10
Loading