45.0.0

What's Changed

🛠 Breaking Changes

• f9c7220 refactor(model)!: Simplify the CuratedPackage and its creation

🐞 Bug Fixes

• 59702b2 evaluator: Add remaining configuration files to console output
• c57a94c model: Apply author to copyright mapping also for concluded licenses
• 958c08c scancode: Ensure to find license texts in the Docker image
• d03afe6 website: Move a link out of the tagline variable

🎉 New Features

• ef95789 ReporterCommand: Use console colors for the result summary
• 8c2d67a advisor: Add BlackDuck as security vulnerability provider
• f0dd53a cocoapods: Add custom error message
• 98ee1ee cocoapods: Add support for Podspecs from external sources
• de04788 cocoapods: Support tag and branch names in checkout options
• d3ee492 helper-cli: Extend the PackageList by labels
• 79f7805 model: Add the property Package.labels
• 9465fba model: Allow setting package labels via curations

✅ Tests

• a83e03e model: Make use of Package.EMPTY to make the code more compact
• 0e4eb80 model: Verify that authors are added to concluded license
• 6b4e302 7a49056 60edfdf osv: Update expected results
• 17fd3c3 18031e3 90cd058 bf65b8c osv: Update expected results
• bbbb900 17bb877 pub: Update expected results
• e70f36a python: Update expected results

🐘 Build & ⚙️ CI

• c7d899a notifier: Make the Jakarta REST API dependency a constraint

📖 Documentation

• ca43fab cocoapods: Document all Lockfile-related properties
• 31c718a examples: Add a curation which sets a package label
• ab0256c model: Illustrate how to configure the BlackDuck advisor
• 1ca8d2a model: Trivially end comment sentences with dots
• e1a32cc website: Add a curation which sets a package label
• e7b8a3a website: Add a section for the new BlackDuck advisor
• 85fc02f website: Further fix-up the configuration entries
• 547c295 website: Link to the server and make clear these are CLI tools
• 1d6fcf5 website: Re-align the advisor configuration examples
• 11fbb12 website: Sort the advisor sections alphabetically
• c07420d Clarify that repo config is specific to a "distribution"

🔧 Chores

• 666120a GradleDependencyHandler: Use a more specific variable name
• 79ef703 SpdxResolvedDocument: Use a more specific variable name
• ba1d093 bundler: Use StringFormat's decodeFromString
• 6c7b108 cargo: Be explicit about the defintion file to query metadata for
• 37ec0b1 cargo: Give a variable a more fitting name
• b74e81c cocoapods: Remove the workingDir parameter from getPodspec()
• 2663df0 cocoapods: Reorder Lockfile properties to match file order
• dbc5d4f cocoapods: Simplify error handling in getPodspec()
• 5aef26b gradle: Drop a trailing slash for consistency
• 35dde45 model: Rename package curation apply variables for clarity
• d5ccb50 model: Serialize OrtResult.labels in alphabetical order

🚀 Dependency Updates

• 8ebd8c0 docker: Upgrade Node.js to the latest LTS version 22.13.0
• 1ffe4df docker: Upgrade Yarn 1 to the latest version 1.22.22
• 4227d86 docker: Upgrade to the latest ScanCode patch version 32.3.1
• 8527570 web-app-template: Sync the Node / Yarn versions with Docker
• f0b825b update ch.qos.logback:logback-classic to v1.5.14
• 96139ed update ch.qos.logback:logback-classic to v1.5.15
• 2ad4db4 update ch.qos.logback:logback-classic to v1.5.16
• 8b3ff75 update com.charleskorn.kaml:kaml to v0.67.0
• af19524 update dependency gradle to v8.12
• fa99144 update docusaurus monorepo to v3.7.0
• 3523d00 update github/codeql-action digest to 48ab28a
• c3e6c58 update io.mockk:mockk to v1.13.14
• 9370d95 update jetbrains/qodana-action action to v2024.3.4
• f70acdc update ks3 to v1
• 227ca61 update org.cyclonedx:cyclonedx-core-java to v10.1.0
• 7c8d867 update org.freemarker:freemarker to v2.3.34
• f9c4d3e update org.jetbrains.kotlinx:kotlinx-coroutines-core to v1.10.0
• 4cf87b5 update org.jetbrains.kotlinx:kotlinx-coroutines-core to v1.10.1
• 77b0526 update org.jetbrains.kotlinx:kotlinx-serialization-core to v1.8.0
• 1558a59 update org.metaeffekt.core:ae-security to v0.133.0
• fedb94b update org.semver4j:semver4j to v5.5.0
• 2df03a1 update software.amazon.awssdk:s3 to v2.29.39
• d665978 update software.amazon.awssdk:s3 to v2.29.43
• 9b481ba update software.amazon.awssdk:s3 to v2.29.45

🚜 Refactorings

• 4a31d54 MavenDependencyHandler: Make support internal
• dab7a88 cocoapods: Correct the type of a Pod's direct dependencies
• 31153a7 cocoapods: Migrate to the dependency graph API
• 8174eb6 cocoapods: Simplify caching of Podspecs
• 40c9d15 maven: Inline an identifier() extension function
• 7d65f74 maven: Split the handler's managerName property into two
• cbeabfc maven: Use regular AnalyzerConfiguration to set sbtMode
• 4cae987 model: Turn `getDeclaredLicenseMapping()´ into an extension
• 14b2d68 reporter: Extract function for resolving copyrights