Skip to content

Navigation Menu

Explore
For
- Enterprise
- Teams
- Startups
- Education
By Solution
Resources
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

spdx / tools Public

Notifications
Fork 67
Star 123

Code
Issues 26
Pull requests 3
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Releases: spdx/tools

Releases · spdx/tools

Release 2.2.8 - security updates

22 Aug 20:32

goneall

Compare

Choose a tag to compare

Release 2.2.8 - security updates Latest

Latest

What's Changed

Bump log4j-core from 2.17.0 to 2.17.1 by @dependabot in #288
Bump log4j-api from 2.17.0 to 2.17.1 by @dependabot in #289
Extract method code rafactoring in FileContext by @asadshaik1103 in #291
extract method code refactoring SpdxLicenseTemplateHelper by @asadshaik1103 in #295
Move refactoring for locateOriginalText by @asadshaik1103 in #297
pull up field refactoring in DocumentInfoSheet by @asadshaik1103 in #299
Remove unused Jackson databind from dependencies by @goneall in #305
Make the LicenseJson class public by @goneall in #306
Update GSON to version 2.8.9 by @goneall in #307

New Contributors

@asadshaik1103 made their first contribution in #291

Full Changelog: v2.2.7...v2.2.8

Contributors

goneall, asadshaik1103, and dependabot

Assets 3

All reactions

Version 2.2.7 of the SPDX Java Tools (Legacy)

18 Dec 19:18

goneall

Compare

Choose a tag to compare

Version 2.2.7 of the SPDX Java Tools (Legacy)

Updates the Log4J version to version 2.17.0 to resolves a severe denial of service vulnerability CVE-2021-45105

Assets 3

All reactions

Version 2.2.6 of the SPDX Tools (Legacy)

14 Dec 22:19

goneall

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

Version 2.2.6 of the SPDX Tools (Legacy)

What's Changed

Resolves critical security issue in log4j library CVE-2021-44228
Resolves moderate security issue in log4j library CVE-2021-45046
Resolves minor security issue in Guava library CVE-2018-10237
Resolves minor security issue in Guava library CVE-2020-8908
Update POM file to deploy to sonatype by @goneall in #275
Bump commons-compress from 1.19 to 1.21 by @dependabot in #277
Bump jsoup from 1.11.3 to 1.14.2 by @dependabot in #279
Fix spelling of anonymous by @goneall in #280
Update log4j to version 2.16.0 and guava to version 29.0-jre by @goneall in #285

Full Changelog: v2.2.5...v2.2.6

Note that there is a re-designed version of this tool: tools-java

Contributors

goneall and dependabot

Assets 3

All reactions

Version 2.2.5 of the SPDX Tools (Legacy)

26 Mar 17:10

goneall

Compare

Choose a tag to compare

Version 2.2.5 of the SPDX Tools (Legacy)

This release includes the following fixes:

#273 Resolves an issue introduced with the latest release of the License List
#269 Parses out Boolean types from the RDF when parsing the RDF/XML format

Note that there is a re-designed version of this tool: tools-java

Assets 4

All reactions

Version 2.2.4 of the SPDX tools

14 Nov 03:52

goneall

Compare

Choose a tag to compare

Version 2.2.4 of the SPDX tools

Add CrossRefs to support LicenseListPublisher enhancements to URL handling.
Resolve issue #260
Various bug fixes.

Assets 3

All reactions

Version 2.2.2 of the SPDX tools

26 Jul 03:38

goneall

Compare

Choose a tag to compare

Version 2.2.2 of the SPDX tools

Release 2.2.2 of the SPDX tools.

Includes support for additional cross reference fields required by the LicenseListPublisher and additional minor fixes.

Assets 5

All reactions

Version 2.2.1 of the SPDX Java tools

05 May 02:35

goneall

Compare

Choose a tag to compare

Version 2.2.1 of the SPDX Java tools

This release fixes a major defect for License Ref case sensitive matching.

Assets 5

All reactions

Version 2.2.0 of the SPDX Java tools

04 May 22:38

goneall

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23

Expired

Learn about vigilant mode.

Compare

Choose a tag to compare

Version 2.2.0 of the SPDX Java tools

Implements SPDX spec version 2.2.

Assets 5

All reactions

Version 2.1.20 of the SPDX Java Tools

16 Oct 04:42

goneall

Compare

Choose a tag to compare

Version 2.1.20 of the SPDX Java Tools

Resolve minor defects and a possible denial of service vulnerability.

Assets 2

All reactions

Version 2.1.19 of the SPDX Java Tools

01 Aug 02:49

goneall

Compare

Choose a tag to compare

Version 2.1.19 of the SPDX Java Tools

Fixes issue with normalizing HTTP and HTTPS while doing license text compares.

Assets 2

All reactions

Previous 1 2 3 Next

Previous Next

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.