v34.5.0
Changelog
- Display the current path location in the "Codebase" panel as a navigation breadcrumbs. #1158
- Fix a rendering issue in the dependency details view when for_package or
datafile_resource fields do not have a value. #1177 - Add a new
CollectPygmentsSymbolsAndStrings
pipeline (addon) for collecting source
symbol, string and comments using Pygments. #1179 - Workaround an issue with the cyclonedx-python-lib that does not allow to load
SBOMs that contains properties with no values.
Also, a few fixes pre-validation are applied before deserializing thr SBOM for
maximum compatibility. #1185 #1230 - Add a new
CollectTreeSitterSymbolsAndStrings
pipeline (addon) for collecting source
symbol and string using tree-sitter. #1181 - Fix
inspect_packages
pipeline to properly link discovered packages and dependencies to
codebase resources of package manifests where they were found. Also correctly assign
the datasource_ids attribute for packages and dependencies. #1180 - Add "Product name" and "Product version" as new project settings. #1197
- Add "Product name" and "Product version" as new project settings. #1197
- Raise the minimum RAM required per CPU code in the docs.
A good rule of thumb is to allow 2 GB of memory per CPU.
For example, if Docker is configured for 8 CPUs, a minimum of 16 GB of memory is
required. #1191 - Add value validation for the search complex query syntax. #1183
- Bump matchcode-toolkit version to v5.0.0.
- Fix the content of the
package_url
field in CycloneDX outputs. #1224 - Enhance support for encoded
package_url
during the conversion to model fields. #1171 - Remove the
scancode_license_score
option from the Project configuration. #1231 - Remove the
extract_recursively
option from the Project configuration. #1236 - Add support for a
ignored_dependency_scopes
field on the Project configuration. #1197 - Add support for storing the scancode-config.yml file in codebase.
The scancode-config.yml file can be provided as a project input, or can be located
in the codebase/ immediate subdirectories. This allows to provide the configuration
file as part of an input archive or a git clone for example. #1236 - Provide a downloadable YAML scancode-config.yml template in the documentation. #1197
- Add support for CycloneDX SBOM component properties as generated by external tools.
For example, theResolvedUrl
generated by cdxgen is now imported as the package
download_url
.
What's Changed
- Display the current path location in the "Codebase" panel #1158 by @tdruez in #1173
- Add D2D for ELFs and Go binaries #1113 #1114 by @TG1999 in #1170
- Fix a rendering issue in the dependency details view #1177 by @tdruez in #1178
- Addon pipeline to collect pygments symbols by @keshav-space in #1179
- Workaround a loading issue with cyclonedx-python-lib #1185 by @tdruez in #1186
- Addon pipeline to collect tree-sitter symbols by @keshav-space in #1181
- Populate package and dependency attributes in inspect_packages by @AyanSinhaMahapatra in #1180
- Increase scancodeio version length by @TG1999 in #1202
- Add "Product name" and "Product version" as new project settings #1197 by @tdruez in #1204
- Skip source-inspector installation on darwin arm64 (not compatible) by @tdruez in #1205
- Raise the minimum RAM required per CPU in the docs #1191 by @tdruez in #1192
- Mock download get requests #1206 by @JonoYang in #1209
- Add value validation for the search complex query syntax #1183 by @tdruez in #1210
- Add tutorial for symbol and string collection by @keshav-space in #1198
- Bump matchcode-toolkit to v5.0.0 by @JonoYang in #1221
- Rename symbols pipelines by @keshav-space in #1222
- Add requires-review tag for resources not mapped by @TG1999 in #1218
- Fix the content of the
package_url
field in CycloneDX outputs #1224 by @tdruez in #1225 - Add support for the empty lists in delete_empty_properties #1185 by @tdruez in #1226
- Enhance support for encoded package_url in the conversion to fields by @tdruez in #1227
- Bump matchcode-toolkit version to v5.1.0 by @JonoYang in #1228
- Bump source-inspector to v0.5.1 by @keshav-space in #1233
- Improve the CycloneDX SBOM pre-validation fixes #1230 by @tdruez in #1232
- Enhance help text documentation for Project settings form #1197 by @tdruez in #1229
- Remove the license_score option from Project configuration #1231 by @tdruez in #1234
- Add new flag for approximate file matches in scanpipe.pipes.flag by @JonoYang in #1239
- Add support for CycloneDX SBOM component properties from external tools by @tdruez in #1241
- Add new resolved_to field on DiscoveredDependency #1066 by @tdruez in #1240
- Bump container-inspector and commoncode versions by @JonoYang in #1242
- Add support for scancode-config.yml in codebase #1236 by @tdruez in #1243
- Add support for ignored_dependency_scopes field for configuration by @tdruez in #1235
- Provide a downloadable scancode-config.yml template in docs #1197 by @tdruez in #1245
- Release 34.5.0 by @tdruez in #1246
Full Changelog: v34.4.0...v34.5.0