Skip to content

1.11.3

Latest
Latest

Choose a tag to compare

View all tags
@oscarvalenzuelab oscarvalenzuelab released this 06 Nov 02:08
· 12 commits to main since this release
v1.11.3
7eae72c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

BinarySniffer v1.11.3 Release Notes

Release Date: November 5, 2025

Critical Fix Release

Fixed

  • Integration Restoration - Restored critical osslili and UPMEX integrations that were incorrectly removed
    • Re-added binarysniffer/integrations/enhanced_oslili.py for comprehensive license detection
    • Re-added binarysniffer/integrations/upmex_adapter.py for package metadata extraction
    • Re-added binarysniffer/integrations/init.py with proper module exports
    • Fixed analyzer_enhanced.py to initialize and use both integrations properly
    • Fixed archive.py to extract licenses and package metadata from archives
    • Added conversion of UPMEX license data to ComponentMatch objects with upmex_detection match type
    • OSLiLi license detection now shows oslili_detection match type with proper confidence scores
    • Package metadata now properly extracted and displayed for JAR, WAR, WHL, and other supported formats

Verified

  • Complete Integration Testing - Verified all integrations work correctly across file types
    • OSLiLi detects licenses in source code files (.py, .js, .java, .c, .cpp, etc.) with 80-100% confidence
    • UPMEX extracts package metadata including Maven coordinates, SPDX licenses, and notice text
    • Archive files (JAR, IPA) properly analyzed with both component signatures and license detection
    • Binary files (libssl.so, libcurl.so) correctly identify OpenSSL, cURL, and other components
    • CLI output displays package type, license info, and comprehensive match evidence

What This Fixes

This release restores functionality that was accidentally removed in repository cleanup commits d6bef5c and 1ed6695. Users will now see:

  • License Detection: Proper oslili_detection and upmex_detection match types in results
  • Package Metadata: Maven coordinates, SPDX licenses, and package information for supported formats
  • Enhanced Coverage: Comprehensive analysis across source code, archives, and binary files
  • Evidence Details: Detailed confidence scores, detection methods, and source attribution

Upgrade Instructions

pip install --upgrade binarysniffer

No configuration changes required - all functionality is restored automatically.

Dependencies: osslili>=1.5.6, upmex>=1.6.7

Assets 2
Loading