Skip to content

39.0.0
Compare
Choose a tag to compare
@github-actions github-actions released this 07 Nov 08:36
· 388 commits to main since this release
39.0.0
96ded74

What's Changed

Breaking Changes 🛠

  • 31592d4 refactor(node)!: Also move Npm into its own dedicated directory
  • 743fd64 refactor(node)!: Invert the inheritance between Yarn and Npm
  • 96ded74 refactor(node)!: Limit visibility of NpmDetection code to internal
  • 5e1d04e refactor(node)!: Move Yarn into its own dedicated directory
  • 5f8ee66 refactor(node)!: Move all files from utils one level up
  • 9d63529 refactor(yarn)!: Make loadWorkspaceSubmodules() private

Bug Fixes 🐞

  • 06059dd cli: Guard against foreign classpath items with a pathing JAR
  • 4a7d58a freemarker: Apply license choices for NOTICE_DEFAULT
  • 78fa878 jenkins: Do not use deprecated config key names
  • 9c22891 node: Deserialize repository: {} in package.json to null
  • bfcfe62 spdx-report: Apply license choices

New Features 🎉

  • 0b2b2af osv: Support parsing CVSS v4 vectors
  • 70c5179 spdx-reporter: Report detected root licenses for packages
  • f1da1cf spdx-utils: Add a function to simplify SPDX expressions
  • 31b9be8 spdx-utils: Simplify and / or operators for equal operands

Chores 🔧

  • 1de3e08 freemarker: Trivially improve formatting of a comment
  • ec77849 npm: Add a missing import
  • 390a055 spdx-reporter: Simplify licenseDeclared expressions
  • fb6e648 vulnerable-code: Sort tests alphabetically

Dependency Updates 🚀

  • f8a0c39 Update the dependency-analysis-gradle-plugin to version 2.4.2
  • 95cec36 update actions/attest-build-provenance digest to ef24412
  • 151437d update dependency com.charleskorn.kaml:kaml to v0.62.2
  • 0690c94 update dependency com.networknt:json-schema-validator to v1.5.3
  • 757d38d update dependency com.zaxxer:hikaricp to v6.1.0
  • ea8470f update dependency io.github.pdvrieze.xmlutil:serialization to v0.90.3
  • fe80e46 update dependency org.jruby:jruby to v9.4.9.0
  • f2f45c0 update mordant to v3.0.1

Documentation 📖

  • 1f45fda integrations: Add note on running Jenkins as a docker container
  • b43a41a integrations: Add required plugin for Jenkins >=2.462.3 to list

Refactorings 🚜

  • c702648 dos: Add error message from DOS in issue
  • 241da93 dos: Log id for scan job
  • 8478040 node: Move the logger variable to the top
  • f566a2d node: Move two model mapping functions to NpmSupport
  • ccdcad4 node: Remove a dependency on Npm
  • 7f61de7 spdx: Move nullOrBlankToSpdxNoassertionOrNone()
  • d44917c spdx-reporter: Extract a variable for later reuse
  • 94a8708 spdx-utils: Split the large SpdxExpressionTest

Tests ✅

  • 5cf22e6 node: Re-align test class name and location
  • f100ed0 753d72d 482a499 python: Update expected results
  • 254ae3b spdx-reporter: Add a test for a Go project
  • 52d1ce0 vulnerable-code: Add a test for an NPM package

Other Changes 💡

  • 8e196ab Revert "refactor(script): Migrate from deprecated constructorArgs to properties"
Assets 10
Loading