Skip to content

1.5.6

Choose a tag to compare

View all tags
@oscarvalenzuelab oscarvalenzuelab released this 14 Nov 00:47
· 38 commits to main since this release
v1.5.6
255d62b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed in v1.5.6

Split Legal Notices Generation into Two Clear Tools

CLARITY IMPROVEMENT: Separated source scanning from PURL downloads

Problem:

  • v1.5.5 had one tool with two modes (path OR purls parameter)
  • Confusing for LLMs to choose which parameter to use
  • Not obvious which approach is faster/recommended

Solution:

Split generate_legal_notices into two distinct tools with clear purposes:

1. generate_legal_notices(path, ...) - PRIMARY TOOL (FAST)

  • Default tool for most cases
  • Scans source code directly (node_modules/, site-packages/)
  • Detects all transitive dependencies automatically
  • 10x faster than downloading from registries
  • Required parameter: path (no optional parameters confusion)

2. generate_legal_notices_from_purls(purls, ...) - SPECIAL CASES (SLOW)

  • Use only when dependencies NOT installed locally
  • Downloads packages from npm/PyPI/etc registries
  • Required parameter: purls list
  • Clear name indicates it's downloading from registries

Benefits:

  • Clear separation of concerns: Each tool does one thing
  • Better LLM guidance: Tool names indicate purpose and performance
  • No parameter confusion: path vs purls is now two separate tools
  • Self-documenting: Names make it obvious which to use

Updated Workflow Instructions:

  • CRITICAL WORKFLOW RULES now lists two tools clearly
  • Guidance on when to use each tool
  • Emphasizes generate_legal_notices (path) as default

Breaking Changes

  • generate_legal_notices(purls=[...]) no longer works
  • Use generate_legal_notices_from_purls(purls=[...]) instead
  • generate_legal_notices now requires path parameter (not optional)

Migration Guide

# OLD (v1.5.5 - no longer works):
generate_legal_notices(purls=purl_list, output_file="NOTICE.txt")

# NEW (v1.5.6):
generate_legal_notices_from_purls(purls=purl_list, output_file="NOTICE.txt")

# RECOMMENDED (v1.5.6 - use this instead):
generate_legal_notices(path="/path/to/project", output_file="NOTICE.txt")

User Impact

- Clearer workflow: Know which tool to use by default
- 10x performance improvement: Fast source scanning vs slow downloads
- Better LLM guidance: Tool names are self-documenting
- Simpler API: Each tool has one clear purpose
Assets 2
Loading