Skip to content

32.0.0
Compare
Choose a tag to compare
@github-actions github-actions released this 12 Sep 07:32
· 1226 commits to main since this release
32.0.0
e571858

What's Changed

Breaking Changes 🛠

  • 1621941 feat(gradle)!: Make GradleInspector the new default
  • c21b31b refactor(reporter)!: Rename the reporter to AOSD2 to avoid confusion

Bug Fixes 🐞

  • 2438448 gradle-inspector: Do not assume all POM artifacts to be metadata-only
  • 7c421cc gradle-inspector: Handle dependency cycles properly
  • 78f0a07 gradle-inspector: Keep the artifact URL on invalid hash values
  • 04b0356 model: Add a heuristic to get the manager in dependency graphs
  • 7b12e72 osv: Remove an invalid reference type
  • 694ac3c pub: Improve containsFlutterSdk()
  • 9cca883 pub: Use the correct key name when replacing options

New Features 🎉

  • 8ce9483 gradle-inspector: Allow to customize the Java home for analysis
  • af559df jenkins: Allow to configure the list of advisors
  • 9bcb485 osv: Add new ecosystem constants for completeness
  • 723e003 plugins-api: Allow to manually set the plugin ID
  • da7b11f pub: Always use the (one) enabled Gradle package manager
  • 94e30b1 scripts: Add a script to generate all CLI completion scripts
  • 3a68e61 scripts: Align on more portable env shebangs to discover bash

Build 🐘 & CI ⚙️

  • e609a22 refactor: Use the new script to generate CLI completions

Chores 🔧

  • 7c52615 analyzer: Remove a too strict assumption in dependency verification
  • cc04a19 docker: Update Npm to the latest minor version
  • 002b58b docker: Update Pnpm to version 9.9.0
  • 45ff021 docker: Update Swift to version 5.10.1
  • f2fc447 docker: Upgrade Go to version 1.23.0
  • 7373195 gradle-inspector: Rename the init.gradle template
  • 7689ecb yarn2: Fix a typo
  • d9eb1da Remove references to JitPack in favor of Maven Central
  • 54a2e4e Use ifEmpty and ifBlank to simplify code
  • 714996c Use ifEmpty and ifBlank to simplify code
  • de66c45 Use singleOrNull to simplfiy code

Dependency Updates 🚀

  • 3a1fbf6 Update the native-gradle-plugin to version 0.10.3
  • fbe3ae8 update actions/attest-build-provenance digest to 1c608d1
  • f7d2368 update dependency ch.qos.logback:logback-classic to v1.5.8
  • d80b9d2 update dependency dev.adamko.dokkatoo:dokkatoo-plugin to v2.4.0
  • e20681a update dependency gradle to v8.10.1
  • 64828ac update detektplugin to v1.23.7
  • 80f62a1 update exposed to v0.54.0
  • 8836de6 update ksp to v2.0.20-1.0.25
  • 01f3d58 update log4j2 monorepo to v2.24.0
  • 7be755c update wagoid/commitlint-github-action digest to 3d28780

Documentation 📖

  • a53b7c6 README: Remove the wrapper validation badge
  • d06e12e README: Swap OpenSSF Best Practices and Scorecard badges
  • 0d1965b gradle-inspector: Fix the link to the init script resource
  • eaba79c gradle-inspector: Mention javaHome as part of class docs
  • 9646794 gradle-inspector: Update the list of known limitations
  • 5daae47 issues: Limit ort requirements output to commands
  • f5d54b8 model: Improve VulnerabilityReference property docs
  • 15bf4fc osv: Add documentation to all top-level classes
  • f57e046 osv: Generalize wording from "list" to "collection"
  • f54636e plugins-api: Fix description of PluginDescriptor.id
  • 785514e plugins-api: Improve docs for OrtPlugin
  • 81561d1 Avoid "our" in comments and use passive voice
  • 2b2bb87 Avoid "we" in comments and use passive voice

Refactorings 🚜

  • b0fc861 model: Inline some default parameters in a test function
  • dabcd27 model: Inline the misleading Project.managerName property
  • 8272678 node: Drop the --fields option
  • aa46f27 node: Factor out mapNpmLicenses()
  • b4205ba node: Improve code for parsing package.json and beyond
  • 2cd8fe4 node: Improve the name of packagesHeaders
  • 4e19bbd node: Move Yarn2 into its own dedicated package
  • 77590e3 node: Port the parsing of Yarn2 package infos to KxS
  • f567582 node: Re-use getProjectAdditionalData() also for projects
  • 9ea65f9 node: Rename parseNpmAuthors() to singular form
  • 3382b5b node: Turn fixNpmDownloadUrl() into an extension
  • 407172e node: Use an object mapper for parsing Yarn2's info output
  • 4d854a7 node: Use the info alias for the view command
  • 0efc494 npm: Use a more speaking name for packageFile
  • 8553c7f npm: Use a more speaking name for packageJson
  • 6ecdb9e plugins: Fix casing in plugin IDs
  • 6c653f1 plugins-api: Rename OrtPlugin.name to displayName
  • 399d507 pub: Inline some variables in parseProject()
  • 7ef80e6 pub: Port Pubspec parsing to KxS and use a data class
  • f5b8f6d pub: Rename several manifest variable
  • fca5d83 pub: Use a more speaking name for pubspec
  • 34e2339 yarn: Relax strictness in processAdditionalPackageInfo()

Tests ✅

  • e571858 bazel: MODULE.bazel files from a local registry should be ignored
  • 55fa8bd conan: Update expected results
  • 1132b40 nuget: Disable NuGetFunTest
  • 146f9a0 pub: Update expected results
  • e84d43a pyhton: Update expected results
Assets 10
Loading