Skip to content

v34.1.0
Compare
Choose a tag to compare
@github-actions github-actions released this 27 Mar 11:20
· 102 commits to main since this release
v34.1.0
8afebab

Changelog:

  • Add support for importing CycloneDX SBOM 1.2, 1.3, 1.4 and 1.5 spec formats. #1045
  • The pipeline help modal is now available from all project views: form, list, details.
    The docstring are converted from markdown to html for proper rendering. #1105
  • Add a new CollectSymbols pipeline (addon) for collecting codebase symbols using
    Universal Ctags. #1116
  • Capture errors during the inspect_elf_binaries pipeline execution.
    Errors on resource inspection are stored as project error message instead of global
    pipeline failure.
    The problematic resource path is stored in the message details and displayed in the
    message list UI as a link to the resource details view. #1121 #1122
  • Use the package_only option in scancode get_package_data API in
    inspect_packages pipeline, to skip license and copyright detection in
    extracted license and copyright statements found in package metadata. nexB/scancode-toolkit#3689
  • Rename the match_to_purldb pipeline to match_to_matchcode, and add
    MatchCode.io API settings to ScanCode.io settings.
  • In the DiscoveredPackage model, rename the "datasource_id" attribute to
    "datasource_ids" and add a new attribute "datafile_paths". This is aligned
    with the scancode-toolkit Package model, and package detection information
    is now stored correctly. Also update the UI for discovered packages to
    show the corresponding package datafiles and their datasource IDs.
    A data migration is included to facilitate the migration of existing data. #1099
  • Add PurlDB tab, displayed when the PURLDB_URL settings is configured.
    When loading the package details view, a request is made on the PurlDB to fetch and
    and display any available data. #1125
  • Create a new management command purldb-scan-queue-worker, that runs
    scancode.io as a Package scan queue worker for PurlDB.
    purldb-scan-queue-worker gets the next available Package to be scanned and
    the list of pipeline names to be run on the Package from PurlDB, creates a
    Project, fetches the Package, runs the specified pipelines, and returns the
    results to PurlDB. #1078 nexB/purldb#236
  • Update matchcode-toolkit to v4.0.0

Full Changelog: v34.1.0...v34.1.0

Assets 4
Loading