52.1.0

What's Changed

🐞 Bug Fixes

• c3f75e3 Maven: Do not duplicate hints about auto-generated POMs
• 4537580 Maven: Pin the version of the dependency tree plugin

🎉 New Features

• 10243af Maven: Add a function to detect Tycho projects
• d5f0272 Maven: Add an initial Tycho package manager implementation
• 25754e6 Maven: Add functionality to parse JSON-based dependency trees
• 2a91005 Maven: Add more error handling for Tycho
• 7655ba1 Maven: Filter out Tycho definition files in Maven
• 17f979e Maven: Generate hints about auto-generated POMs for Tycho
• 985b09f Maven: Support path excludes for Tycho
• 5b69a8b Maven: Support scope excludes for Tycho
• 1be81f2 reporter: Replace javax usages by jakarta in the Jira REST client

✅ Tests

• 67b0b11 Maven: Replace organizations in test projects
• b43803a reporter: Add a Jira REST API client test

📖 Documentation

• d8d38d3 website: Mention Tycho support
• 366713a website: Remove some unneeded wrapping in Markdown code
• 5c6a900 website: Remove the Node peer dependency limitations

🔧 Chores

• 7c6e483 Maven: Let the dependency tree plugin write the output file

🚀 Dependency Updates

• 8c4beb9 update actions/attest-build-provenance digest to f9eaf23
• 8d2e72d update ch.qos.logback:logback-classic to v1.5.17
• b35f0e3 update codecov/codecov-action digest to 0565863
• c5414d3 update dependency gradle to v8.13
• a91733c update docker/build-push-action digest to 471d1dc
• e5a0d34 update docker/metadata-action digest to 902fa8e
• a74589a update docker/setup-buildx-action digest to b5ca514
• 9b9bb70 update kotlinpoet to v2.1.0
• 6068604 update org.metaeffekt.core:ae-security to v0.135.6
• 63d424d update org.slf4j:slf4j-api to v2.0.17

🚜 Refactorings

• 08bc01a Maven: Extract LocalProjectWorkspaceReader
• 944c377 Maven: Move creation of projects to an extension function
• dbc2e7b Maven: Move extension functions to a separate file

52.0.1

What's Changed

🐞 Bug Fixes

• 2e20fbc reporter: Change default FossID report type
• 9fdf2ae scanners: Make the DOS token a secret again

📖 Documentation

• b2969be reporter: Update FossID report types documentation

🚀 Dependency Updates

• feaf969 Update the dependency-analysis-gradle-plugin to version 2.10.1
• 4fe3487 update com.blackduck.integration:blackduck-common-api to v2023.10.0.7
• ec4e9f1 update com.scanoss:scanoss to v0.10.1
• 2a4ba59 update dependency gradle to v8.13-rc-2
• b5938cc update detektplugin to v1.23.8
• a6720fc update docker/build-push-action digest to 0adf995
• 04e311a update github/codeql-action digest to b56ba49
• 6660649 update ossf/scorecard-action action to v2.4.1
• 8caadba update software.amazon.awssdk:s3 to v2.30.26

52.0.0

Actions Required

ScanCode command line options now need to be comma-separated, for example, replace

ScanCode:
  options:
    commandLine: '--copyright --license --info --strip-root --timeout 300'
    commandLineNonConfig: '--processes 4'

with

ScanCode:
  options:
    commandLine: '--copyright,--license,--info,--strip-root,--timeout,300'
    commandLineNonConfig: '--processes,4'

in your config.yml.

What's Changed

🛠 Breaking Changes

• 40fa386 feat(scanner)!: Migrate to new plugin API
• 212eb7b refactor(scanner)!: Extract command line tools

🐞 Bug Fixes

• 8b31459 docker: Pre-create "$HOME/.gradle" for proper permissions

🎉 New Features

• 4eedf22 cli: Add a command to list installed plugins
• 70c3dd0 spdx-utils: Add more mappings for deprecated licenses
• 6054e0b spdx-utils: Expose simple mapping of licenses to SpdxExpression

📖 Documentation

• 0f92a13 analyzer: Fix a typo in function docs

🔧 Chores

• 5d1803b DependencyGraphBuilder: Slightly improve dependency comparison
• f71062c commands: Remove obsolete code
• 19da2db model: Prefer entries over values() for enums
• 552147d scanner: Simplify Semver parsing with coerce()
• 4ee1030 spdx-utils: Add checkNotNull() calls to resource lookups
• 431abea spdx-utils: Say "simple mapping" instead of "custom mapping"
• 4a6ef3d Avoid import of some Companion object members
• fbd08eb Avoid the use of toRelativeString()

🚀 Dependency Updates

• b70d31a docker: Upgrade to the latest stable Go version 1.24.0
• a25942a update com.networknt:json-schema-validator to v1.5.6
• 4ccd149 update com.scanoss:scanoss to v0.10.0
• cbb60a8 update ksp monorepo to v2.1.10-1.0.30
• 1563b20 update mordant to v3.0.2
• 545475b update org.springframework:spring-core to v6.2.3
• 4d6800c update software.amazon.awssdk:s3 to v2.30.21

🚜 Refactorings

• cf145cf spdx-utils: Map deprecated and simple licenses separately

51.1.0

What's Changed

🎉 New Features

• 0797f37 Dockerfile: Install the rng-tools5 package
• 5956a45 model: Match the type case insensitively in package configurations

✅ Tests

• 038961f model: Add two tests for a recently fixed performance issue
• 8ba5d1d model: Avoid unnecessary temporary list creations
• c28f005 model: Move SimpleLicenseInfoProvider to TestUtils
• 7c8d3ec model: Move a function to the top level for consistency
• f75a87d model: Remove an init block to reduce the level of nesting
• 56f3034 model: Turn createResolvedLicenseInfo() into a constant

🐘 Build & ⚙️ CI

• cd855be Upgrade to Gradle 8.13 RC1

📖 Documentation

• 69ae168 github: Adjust issue templates to issue types
• 9c32fea model: Fix-up a comment
• eba69a9 model: Remove a duplicate comment
• 4391f15 spdx-utils: Document a couple of recently introduced functions

🔧 Chores

• 48b9cfc reporter: Show the total time only after per-file results

🚀 Dependency Updates

• 4a87084 update com.autonomousapps:dependency-analysis-gradle-plugin to v2.8.2
• d7cb050 update com.charleskorn.kaml:kaml to v0.72.0
• b6c8262 update org.jruby:jruby to v9.4.12.0
• b80d751 update org.metaeffekt.core:ae-security to v0.135.3
• 4c9d11c update org.metaeffekt.core:ae-security to v0.135.4
• 6b5b865 update org.wiremock:wiremock to v3.12.0

💡 Other Changes

• 594e39b Revert "fix(Git): Work around a bug with JGit vs MINA"

51.0.0

Actions Required

• The renaming of "SpdxDocumentFile" to "SpdxDocument" from release 47.0.0 was reverted, so package configurations that refer to SPDX projects have to use "SpdxDocumentFile" instead of "SpdxDocument" as the identifier's type again.

What's Changed

🛠 Breaking Changes

• 730e480 feat(spdx)!: Revert renaming of SpdxDocumentFile to SpdxDocument

🐞 Bug Fixes

• 154cf90 schema: Fix schema for snippet choices
• 7243c75 spdx-utils: Fix performance issue in callers of and()

🚀 Dependency Updates

• f485966 update com.autonomousapps:dependency-analysis-gradle-plugin to v2.8.1
• 6af84b1 update com.charleskorn.kaml:kaml to v0.71.0
• 650e8b6 update com.github.ajalt.clikt:clikt to v5.0.3
• c96f2e8 update docker/setup-buildx-action digest to f7ce87c
• aeb3a4b update github/codeql-action digest to 9e8d078
• 5ef526a update software.amazon.awssdk:s3 to v2.30.16

50.0.0

What's Changed

🛠 Breaking Changes

• 48b638f refactor(utils)!: Rename FileMatcher.matches to matches

🐞 Bug Fixes

• 55798c3 AnalyzerResultBuilderTest: Do not index graphs by project type
• af35e43 pnpm: Fix parsing of JSON output for nested projects
• d9ec5d8 web-app-template: Auto-fix minor linter issues
• cade929 web-app-template: Correct pagination in various tables
• 264995d web-app-template: Display id property for vulnerability resolutions
• 631ca81 web-app-template: Enhance issue severity filtering
• 04b9a04 web-app-template: Enhance rule severity icons
• 281c269 web-app-template: Enhance vulnerability severity filtering
• 8b4ed97 web-app-template: Fix issue severity filtering
• 1df67af web-app-template: Fix webAppRuleViolation.package.id typeError
• 1ece908 web-app-template: Reduce unnecessary render recomputations

🎉 New Features

• abe81f8 ctrlx-reporter: Allow license filtering based on classifications
• d96b46e fossid-webapp: Support FossID 2024.2
• 153ae3c web-app-template: Add score and vector to VulnerabilityReference
• 4a21385 web-app-template: Add helper function to WebAppVulnerability
• c52a2d0 web-app-template: Display vulnerability references

✅ Tests

• d38880f ctrlx-reporter: Improve the functional test
• fe56fb4 pnpm: Add a funTest for a project with a nested subproject
• 26381f0 python: Update expected results

🐘 Build & ⚙️ CI

• f18be69 gradle: Fix excluding generated code for Detekt on Windows

📖 Documentation

• 1c9f09d model: Add a missing "the" in withResolvedScopes() docs
• ad803a0 utils: Fix a reference to a static function
• c738de9 utils: Remove a broken KDoc reference

🔧 Chores

• b759371 commands: Remove obsolete service loader files
• 4594429 plugins: Always set a default value for plugin descriptors
• b81fd97 web-app-template: Improve CSS comment for clarity

🚀 Dependency Updates

• 81ddd72 update com.charleskorn.kaml:kaml to v0.70.0
• c5ba909 update com.github.jmongard.git-semver-plugin to v0.15.0
• c7277ab update com.google.code.gson:gson to v2.12.1
• 87562f2 update com.icegreen:greenmail to v2.1.3
• b876f06 update com.scanoss:scanoss to v0.9.0
• 8a3812c update exposed to v0.59.0
• 5536c8a update gradle/actions digest to 94baf22
• fd8adfb update kotlin monorepo to v2.1.10
• 57546c9 update org.graalvm.buildtools:native-gradle-plugin to v0.10.5
• 79332d6 update org.metaeffekt.core:ae-security to v0.135.2
• 50435a4 update org.wiremock:wiremock to v3.11.0

🚜 Refactorings

• 7681705 common-utils: Remove "Command" suffix from displayName()

💡 Other Changes

• f7723e6 style(web-app-template): Align error color

49.0.0

What's Changed

🛠 Breaking Changes

• 397fecc chore(model)!: Remove the possibility to return qualified scope names

🐞 Bug Fixes

• 2d5e526 Git: Work around a bug with JGit vs MINA
• 5629cd5 black-duck: Properly parse vector and scoring system from CVSS2
• e7f7669 black-duck: Remove duplicate URIs in references

🎉 New Features

• 330ce58 Provenance: Add a RemoteProvenance sub-interface
• d8a4050 black-duck: Make the log output show how the origin is determined

✅ Tests

• a7a251c black-duck: Add a test which shows that links lack deduplication
• fab515f black-duck: Make the test cover the cocoapods purl type
• 235dd05 black-duck: Rename a variable for consistency
• 123ffbc black-duck: Test parsing a vulnerability with CVSS 2 only
• 3df50fa black-duck: Test vulnerability parsing from a CVSS 2

📖 Documentation

• b71d16f Composer: Improve the comment about filtering vendored dependencies
• be43390 black-duck: Add a dot to the end of a sentence
• 89e2bed black-duck: Fix-up a TODO comment
• fb07211 examples: Illustrate how to set the Black Duck origin-id
• b7410dc schema: Fix package manager configurations schema title
• 889577b schema: Fix the JSON schema for the repository configuration
• 7cf4e47 schema: Use reference to fixed analyzer configuration schema

🔧 Chores

• e3600d4 black-duck: Remove an unnecessary override

🚀 Dependency Updates

• 496bb8d docker: Update Swift to version 6.0.3
• c15996b Update the KSP plugin to v2.1.10-1.0.29
• c5b0b5b update actions/setup-java digest to 3a4f6e1
• 9fde78b update actions/setup-node digest to 1d0ff46
• 2113092 update com.autonomousapps:dependency-analysis-gradle-plugin to v2.8.0
• df546a3 update com.blackduck.integration:blackduck-common to v67.0.4
• f73d63d update com.charleskorn.kaml:kaml to v0.67.1
• 53792fb update com.google.code.gson:gson to v2.12.0
• d01921b update github/codeql-action digest to 17a820b
• 18396a0 update github/codeql-action digest to 6e54559
• 2e0a300 update github/codeql-action digest to dd74661
• 95db685 update org.jetbrains.gradle.plugin.idea-ext to v1.1.10
• 3112d9d update org.jruby:jruby to v9.4.11.0
• 87dd873 update org.metaeffekt.core:ae-security to v0.135.1

🚜 Refactorings

• 19770cc black-duck: Move two variables out of a block
• 71d4614 model: Remove the convenience qualifyScope() overload

💡 Other Changes

• 7381fe4 style(black-duck): Use a shorter name for cvssVector
• 20f1749 style: Prefer the infix version of shouldBe{Success,Failure}()
• 253dfba style: Trivially trim trailing spaces from log messages

48.0.0

What's Changed

🛠 Breaking Changes

• dbb65bf fix(PackageManager)!: Use the projectType also when resolution failed
• 852e377 refactor(analyzer)!: Change when {before,after}Resolution() are called
• 403d1bc refactor(web-app-template)!: Use React state handling

🐞 Bug Fixes

• 7c63104 OrtModelBuilder: Add an OrtDependency cache
• b56820b package-managers: Properly close MavenSupport's disk cache
• 59562ef pub: Use the projectType for project references
• 817278b web-app: Change the range in file size check
• 2311698 web-app-template: Add prop function to WebAppRuleViolation
• ef61629 web-app-template: Fix effective stats in models
• 66ba969 web-app-template: Improve vulnerability icons
• 3106879 web-app-template: Show source of an issue

🎉 New Features

• ae2ae6e black-duck: Add a mechanism to query vulnerabilities by origin-id
• 72662ff black-duck: Support external IDs using the "conan" namespace
• b040129 black-duck: Support external IDs using the "long_tail" namespace
• 78ac845 node: Keep created node_modules directories until after resolution
• ff6306e package-managers: Use isolated disk caches for Gradle and Maven
• 33b7a4f spdx: Add file level information to SPDX projects
• e350ab2 web-app-template: Add helper function to WebAppPackage
• 15a7b8b web-app-template: Add helper functions to WebAppOrtIssue
• 418d0a0 web-app-template: Add helper functions to WebAppOrtResult
• 34fe1a7 web-app-template: Enable filtering of findings
• 584ae6e web-app-template: Show effective licenses in Summary

✅ Tests

• d6334b3 black-duck: Fix-up a package identifier
• f327a17 black-duck: Fix-up the alphabetical ordering of properties
• 9eeb644 black-duck: Make a test name more specific
• 0da05f5 pub: Update expected results

📖 Documentation

• 1df21b7 AbstractDependencyNavigatorTest: Trivially add a dash to a test name
• 38c16c9 MavenFunTest: Improve a comment to use passive voice
• 79d089f Yarn2: Remove a comment that does not add value
• d900f44 node: Remove outdated comments
• 68bc2e6 website: Remove the note about Bazel support being experimental

🔧 Chores

• cb82c6a DependencyGraphNavigator: Make clear that managers are names here
• 0ca7c39 DiskCache: Use the more modern java.time API
• aae654b TestUtils: Prefer also over let if the return value is not used
• a68769f black-duck: Align on 'origin-id' in log output
• 84660eb black-duck: Use Identifier.toCoordinates() for log output
• 449e89c github: Use ubuntu-24.04 for Linkspector
• e77fadf package-managers: Name the MavenSupport variable consistently
• 0868bb4 pub: Avoid some toList() conversions
• 955155a pub: Improve the check for package info
• 19159af web-app-template: Add code repo link in About Modal
• e99d818 web-app-template: Clean up WebAppTreeNode
• 0797e9c web-app-template: Remove unused Redux code
• 527fada web-app-template: Rename webAppPath variable
• 191fa23 yarn: Make createPackage() code a bit more readable
• 90ec14e yarn: Prefer also over let if the return value is not used
• fd2fd98 yarn: Remove / replace remaining NPM references
• 64b58c5 yarn: Remove a superfluous toSet() conversion
• 9101dd1 yarn: Use existing scope name constants

🚀 Dependency Updates

• 80aa6e0 web-app-template: Remove unused dev dependencies
• fd20468 web-app-template: Update versions of dependencies
• c13c2f6 update codecov/codecov-action digest to 0da7aa6
• 8193c23 update codecov/codecov-action digest to 13ce06b
• aaca056 update com.scanoss:scanoss to v0.8.2
• debbb73 update dependency gradle to v8.12.1
• ad34316 update docker/build-push-action digest to ca877d9
• e3b5c3d update github/codeql-action digest to ee117c9
• 04a2aa4 update github/codeql-action digest to f6091c0
• fec3fe9 update org.metaeffekt.core:ae-security to v0.135.0

🚜 Refactorings

• ce8bf94 web-app-template: Clean up main CSS file
• 128daeb yarn: Extract an isProject variable for reuse

💡 Other Changes

• f8f2b3c style(AnalyzerResultBuilder): Make an apply call a one-liner
• 3eb2b4a style(node): Remove one level of nesting from tests
• 06d231c style(web-app-template): Add new circuit background

47.0.0

Actions Required

• Update package configurations that refer to SPDX projects to use "SpdxDocument" instead of "SpdxDocumentFile" as the identifier's type.

What's Changed

🛠 Breaking Changes

• 01f1930 fix(package-managers)!: Use projectType as the ID type for projects

🐞 Bug Fixes

• 7154214 downloader: Do not even try empty source code origins
• 7c71782 downloader: Improve the output of error messages
• 025c751 downloader: Support project URLs with query parameters
• 5ffb576 go: Use "GoMod" as the project type
• 66b5b15 node: Properly use the projectType to create projects
• 255d294 package-managers: Do not set the package type to the manager name
• ae58bb8 vcs: Consider VCS configurations in cache lookup

🎉 New Features

• c9f51e9 AnalyzerCommand: Sort output of found definition files
• 6547d1f analyzer: Also fail early if managers for the same type are enabled
• b230f26 detekt-rules: Add autoCorrect for OrtImportOrder rule
• 9b57816 node: Add the project type to the Node package manager type
• c737701 scanner: Add flag to scanner to detect unlicensed files
• 34444c3 test-utils: Support regex patterns in patchExpectedResult()
• 170a3b8 Upgrade Poetry to 2.x series

✅ Tests

• bc4d972 model: Factor out fromJson()
• 7d817f8 model: Factor out toJson()
• da07e1e opossum: Rewrite reporter-test-output.json
• 4bfd33f osv: Make the test for getting vulnerability IDs less flaky
• b9fd340 osv: Make the test which queries by commit less flaky
• 718d762 osv: Make the test which queries by name and version less flaky
• dcd71a5 osv: Rename patchFields()
• bf9de57 osv: Rename a constant for consistency
• 7552dd4 osv: Update expected results
• 16ca9a4 osv: Use WordSpec in the functional test
• 3f56118 pub: Update expected results

🐘 Build & ⚙️ CI

• 5ab6a92 gradle: Make detektAll only run tasks with type resolution

📖 Documentation

• d8ebd62 PackageCurationData: Fix the docs for apply()
• 78edc76 development: Add documentation about Detekt's auto-correct feature
• ecb1186 downloader: Improve the --vcs-path CLI help
• e510c6f website: Also mention the "detektAll" task in the table
• 9e4b989 website: Mention the "detektAll" task instead of individual ones

🔧 Chores

• 46479e5 DependencyGraphNavigator: Avoid relying on manager name prefixes
• 19a2074 OpossumReporterFunTest: Extract a variable to ease debugging
• ec73f3f SpdxLicenseTest: Use Kotest's dedicated resource matcher
• ac2fef5 docker: Upgrade Composer to version 2.8.4
• 55ae851 docker: Upgrade Conan to the latest 1.x version
• a22a7e0 docker: Upgrade Go to version 1.23.5
• cb49aeb docker: Upgrade Licensee to version 9.18.0
• 3c4de5d docker: Upgrade pip to version 24.3.1
• d26dd73 docker: Upgrade pnpm to version 9.15.4
• 4f4b7c4 Capitalize hard-coded issue sources
• c2f1546 Prefer the more fluent infix variant of shouldNotBeNull

🚀 Dependency Updates

• 42d48aa docker: Upgrade ScanCode to version 32.3.2
• 353de0d spdx: Update the license list to version 3.26
• 43f5982 update actions/attest-build-provenance digest to 520d128
• b6560a6 update codecov/codecov-action digest to 5a605bd
• 1d9c9c8 update com.github.ben-manes.versions to v0.52.0
• 1fd0a2d update com.scanoss:scanoss to v0.8.1
• cac29ae update github/codeql-action digest to d68b2d4
• 0d1d615 update github/codeql-action digest to dd196fa
• ceaa7da update org.jruby:jruby to v9.4.10.0
• 7a00318 update org.semver4j:semver4j to v5.6.0
• c504d62 update org.springframework:spring-core to v6.2.2
• 7f8d3d3 update software.amazon.awssdk:s3 to v2.30.1
• 5648515 update software.amazon.awssdk:s3 to v2.30.2
• 92df4f8 update umbrelladocs/action-linkspector digest to de84085

🚜 Refactorings

• 0c454e7 docker: Rename PIPTOOL_VERSION to PIP_VERSION
• 7b21289 node: Introduce an abstract base class for common code
• 71f3467 node: Move parseProject() to NodePackageManager
• 16558a3 node: Rename non-NPM-specific files
• bc3a1b8 scanner: Inline the TOOL_NAME constant

46.0.0

What's Changed

🛠 Breaking Changes

• 4363881 chore(common-utils)!: Remove zipWithCollection() for collections
• e37bf19 chore(common-utils)!: Remove zipWithDefault()
• 716e3b8 feat(fossid)!: Remove support for custom naming variables
• 87b4c04 refactor(commands)!: Migrate VCS plugins to new plugin API
• 5e0f716 refactor(common-utils)!: Rename zipWithCollection() for sets
• 3f2bf92 refactor(common-utils)!: Simplify the semantics of zip() for maps
• 3ea4ec5 refactor(fossid)!: Define URL mappings in a single option
• 43c6e36 refactor(fossid)!: Rename projectName to repositoryName
• e98c703 refactor(fossid)!: Replace namingProjectPattern with projectName
• fa6e2be refactor(vcs)!: Directly store the VCS type as a VcsType

🐞 Bug Fixes

• f57751d VersionControlSystem: Also take configs for forDirectory()
• 0030739 cargo: Add lockfile version 4 to allow-list
• 3498798 common-utils: Make zip work as expected for sorted maps
• f827885 model: Make withPackageManagerOption() case-insensitive
• fdc2be7 python: Use the correct projectType for Pipenv and Poetry
• 7900f0f Correctly mark VersionControlSystem plugins as not configurable yet
• 482ffc8 Remove VersionControlSystemConfiguration

🎉 New Features

• 7c84264 PluginManager: Allow to create plugins with default configuration
• bb301a1 cargo: Handle virtual workspaces
• a5abd0a fossid: Add projectName as a built-in variable
• 6243b60 model: Allow duplicate PackageManagerConfigurations and merge them
• e50fcce vcs: Add Git-specific configuration options for submodule handling

✅ Tests

• c212fc0 VersionControlSystemTest: Remove tests for isAvailable()
• 6bd50bc dfd0292 7241bd8 05ae5d4 8f8de6a 05d94a6 ba0e4ed osv: Update expected results

📖 Documentation

• 373f997 OrtPlugin: Be more specific about the plugin ID derivation logic
• 9d1a14d README: Update the installation from binaries section
• a7238a1 VersionControlSystemFactory: Rewrap comments for compactness
• b85af8b black-duck: Add a missing "the"
• 84e29b1 fossid: Fix issues in FossIdNamingProvider docs
• 7d79190 fossid: Improve docs of normalizeBranchName
• f032c13 fossid: Improve docs of the built-in branch naming variable
• bb610d0 npm: Document the ModuleInfo class
• e8c0b8b sbt: Move a comment before the correct line
• 35b668c website: Fix color for links in banner
• 749d6ff website: Use <Link> instead of <a>
• 1d9f415 Add a missing whitespace to all "BlackDuck" occurences
• c40a759 Extend the Copyright year to 2025 in Markdown files

🔧 Chores

• e9daee1 AnalyzerConfigurationTest: Improve test names
• 355b657 AnalyzerConfigurationTest: Start with the simpler test
• d3901da BlackDuck: Remove the default value of the plugin id
• e86c8be BlackDuck: The display name should spell "Back Duck" with space
• a032f27 EvaluatedModelReporter: Remove unused properties
• ccd0dac Git: Import JGit's Git as JGit for clarity
• d2e2732 NpmDependencyHandler: Make a non-null assumption explicit
• 5238f3e PnpmDependencyHandler: Make use of Dependency.workingDir
• ce80152 YarnDependencyHandler: Rename a variable for clarity
• 1b316ee fossid: Improve error message for too long scan code
• c9de4c6 gradle-inspector: Rename the handler's constructor parameter
• 6cb7dd8 model: Rename other merge parameters
• 842d3c9 node: Introduce a typealias for getting package details
• 402d2ee node: Make use of the definition file constant
• 9ea70d9 node: Remove the workingDir parameter for getting package info
• 95a192f node: Rename the typealias to get package details
• ab91b6a package-curation-providers: Align the display names
• 9aca6b0 version-control-systems: Omit null default arguments
• eb7b571 Do not silently map unparsable booleans to false
• 22a13c8 Do not silently map unparsable booleans to true
• 1858cb7 Prefer the char-version of split() for single chars
• 85defa3 Prefer the infix version of shouldBeInstanceOf where possible
• ec69780 Remove unneeded default java.lang imports

🚀 Dependency Updates

• a7078fe docker: Upgrade Rust to the latest version 1.84
• 5033ab1 update com.autonomousapps:dependency-analysis-gradle-plugin to v2.7.0
• 768060d update com.github.jmongard.git-semver-plugin to v0.14.0
• f7ecd6e update com.networknt:json-schema-validator to v1.5.5
• 5cd9a00 update docker/build-push-action digest to 67a2d40
• 75cf08a update docker/build-push-action digest to b32b51a
• e20304b update exposed to v0.58.0
• ab0161e update github/codeql-action digest to b6a472f
• 1b63f86 update org.jetbrains.kotlinx:kotlinx-html-jvm to v0.12.0
• f373751 update org.metaeffekt.core:ae-security to v0.134.0
• 2eaaaa1 update org.postgresql:postgresql to v42.7.5
• 10583c3 update wagoid/commitlint-github-action digest to b948419

🚜 Refactorings

• 5d8fb72 AnalyzerConfigurationTest: Inline expected result variables
• a967f9d NpmDependencyHandler: Inline the only use of readPackageJson
• 5c67bcd fossid: Add namingScanPattern to FossIdConfig
• 35095c4 fossid: Extract a regular expression to a constant
• 1a9be88 fossid: Extract logic to build default naming pattern
• c21cb64 fossid: Inline scan code generation functions
• 29ef411 fossid: Make convertGitUrlToProjectName internal
• a1b8c3a fossid: Remove #branch inside of normalizeBranchName
• 2931b4c fossid: Rename a function for clarity
• 9859afc gradle: Make handlers take the projectType explicitly
• 226d277 node: Only pass required information to dependency handlers
• 61a3a06 scancode: Always add all built-in variables
• fcced14 vcs: Decouple the base class from CommandLineTool
• debbc8d vcs: Make VCS plugins configurable

💡 Other Changes

• 0f6dad4 style(version-control-systems): Define factory classes at the top