This release adds important corrections to 4.4.0

The release 4.5.0-rc1 introduces a number of corrections to 4.4.0 and changes to FOSSology, including:

• Support SPDX v3.0 Reports
  • SPDX3.0 report in JSON format.
  • SPDX3.0 report in JSON-LD format.
  • SPDX3.0 report in RDF format.
  • SPDX3.0 report in tag/value format.
• New Compatibility Agent with auto-conclusion feature using license_type
  • Users can create new license type from admin > customize
  • By default all the licenses are of type 'permissive'.
  • One can change license type by editing a license.
  • For importing OSADL compatibility matrix refer documentation.
  • Create/update compatibility rules from admin.
• JSON format export and import of licenses and obligations.
• Import licenses from licenseDb.
• Multi upload reuse support.
• Improved ML based copyright false positive deactivation and clutter.
• Number of API endpoints & test cases for existing features.

Credits to contributors for 4.5.0-rc1

From the GIT commit history, we have the following contributors since 4.4.0:

> Abhishek Kumar <[email protected]>
> abhishekrj02 <[email protected]>
> Akash Kumar Sah <[email protected]>
> Alberto Pianon <[email protected]>
> Andreas Menzl <[email protected]>
> Anupam Ghosh <[email protected]>
> deo002 <[email protected]>
> Dinesh Ravi <[email protected]>
> Divij Sharma <[email protected]>
> Florian Greinacher <[email protected]>
> Gaurav Mishra <[email protected]>
> Grigory Balashov <[email protected]>
> Hero2323 <[email protected]>
> Ibrahim-Muhammad13 <[email protected]>
> Jan Altenberg <[email protected]>
> Jeronimo Ortiz <[email protected]>
> Kaushlendra Pratap Singh <[email protected]>
> martyone <[email protected]>
> Rajul Jha <[email protected]>
> scanoss-qg <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Sushant Kumar <[email protected]>
> valens200 <[email protected]>

Features

• b35ba4784 feat(spdx): Support SPDX v3.0 Reports
• e3297b8e6 enhancement(ui): add server side pagination to compatibility rule page
• f42555771 doc(compatiblity): add docs to compatibility agent
• c90827b83 test(compatibility): add unit and functional tests
• c0cff0dd0 feat(compatibility): convert OSADL matrix to yaml
• 09b4f2582 feat(automation): Add custom allowlist.json
• c978bd4a8 feat(differential scans): Add differntial scans to CI Scanner
• 009f1df15 feat(automation) : Add custom keyword.conf file
• ed7ada3a2 feat(api): New endpoints to get/delete/restore/update scancode email, author, url findings
• 00bdea4ef feat(api): New endpoints to get/delete/restore/update scancode copyright findings
• 66302bdb1 feat(api): Added OneShot analysis endpoints for Nomos, Monk and Copyright scanners
• 632073271 feat(api): New endpoints to delete/restore/update/count user copyright findings
• 7cf8ab759 feat(api): New endpoint to retrieve user copyright findings
• 909b6ac72 test(api): added more unit test cases for maintenance and upload tree APIs
• fe4d8f20e feat(treeview): make the bulk option availible for multiple folders
• baa4db049 feat(api): sort and status filter options to jobs endpoint
• 75b6e6c67 feat(ui): multi upload support for reuse In case of multi file upload, provide a modal to select reuse options for each upload. Multi file upload modal data and the mapping.
• eaaea7257 feat(newAgent/Compatibility): compatibility agent
• 8ca3cbc6c test(api): added unit test cases for api including folder,upload,license,maintenance andd overview
• bfea384ad test(api): upgraded controller test cases to support v2 standards
• c01458e8d test(models): added more unit tests for group,job,scancode.etc
• 2adcd36d7 feat(api): modify /jobs and related endpoints
• 6eef93663 feat(nomos): Add start, end, len to nomos JSON output.
• 9664b00ce feat(automation) : Add line numbers to copryright and keyword
• 682f56006 feat(automation) : Add line number to copyright and keyword scans for diff scans
• 6d4d08c78 feat(info): add assignee, assigned data and clearing duration in info page
• 60da85491 feat(import): introduce json format to import licenses and obligations via json
• 69773a089 feat(experimental): change color and tooltip information
• a1d5f914d feat(api): Upgrade Jobs & Report APIs to Version 2
• a871f3cfb feat(api): Upgrade User & Group APIs to Version 2
• dfd3a1a53 feat(decider): send heartbeat
• 9a2cc13cc feat(copyright): integerate safaa for copyright
• 7a2caa8c0 feat(api): Completed tasks 7, 8, 12, 14, 15, 16, 17 and changed unit tests, models and documentation
• 7a53e741d feat(api): task 1,3,4,5,6,9,10,11 done, unit-tess, models and documentation changed accordingly.
• cc4c95873 feat(userFindings): club unique user findings of copyright ecc and ipra for report
• 4337ea4cb feat(buildsystem): Introduce FORCE_CONF_OVERWRITE option
• 0a104650a feat(licenses): introduce JSON format export for licenses and obligations
• 0f43cfa88 feat(api): Upgrade Folder, License & Obligation APIs to Version 2
• 52cf30d3b feat(api): JSON format export and import of licenses and obligations via APIs
• 2e11f5e01 feat(line_numbers) : Add line numbers to CI Scanners output
• 02972d94b feat(upload): add tooltips and description to individual agents
• c6c757d5f feat(api): Upgrade Search, Copyright & Admin APIs to Version 2

Corrections

• bca013ddc fix(licensedb): remove redundant usage of LicenseDBSleep
• deeb8464f fix(reportImport): Adding a fallback to ShortName for RDF imports.
• f3f5b1286 fix(reportImport): Parse for ListedLicense when importing an RDF report
• f543afa1e fix(reports): remove additional licenses in obligation section
• bed7627bc fix(conf): unify license names to match in reports
• 2c126e86d fix(ui): Ignore SCM files option is always disabled when use Upload - From Server page
• 56dedaa49 fix(reportutils): use groupId to get concludedlicense
• ada8c0d12 fix(api): Modified openapiv2.yaml to accommodate V2 post upload requests with multipart/form-data content type
• 8d2e68777 fix internal server error
• 3debd2f65 fix(monk): filter bulk scan files by agent for current upload
• 8feee2853 fix(composer): update phpoffice/phpspreadsheet without XSS vulnerability
• c251676a8 fix(decisionimporter): fix agent to handle missing pfile
• 1d6aed3ba fix(ui): wrong pagination for show jobs page & missing upload accessible check
• 82ac4b9bf fix(ui): Add exactmatch to license search
• bfdb34d63 fix(ecc): Update conf file to satisfy specific use cases for ecc
• d059c57e0 fix(scanoss): Add heartbeat to scanoss agent
• 37a3b52c3 fix(ui): Add loader to upload per and edit dec page
• 833a93a69 fix(created_by): Add created by column to candidate license table
• 3dc1ee285 fix(scanoss): Fix row number out of range. Restore Snippet match UI. Delete temp folders
• 3c221e245 fix(ui): DataTable Showing last addition
• 02f403a1d fix(report): use groupId to get candidate licenses which are main license
• 75efafafc fix(Report): Check the return value of getLicenseById()
• e45d4a9f7 fix(AjaxExplorer): Check the return value of getLicenseByShortName()
• 9bf69d4df fix(ReportUtils): Include files with No_license_found as well
• 2f09bfc15 fix(scancode): Use spdx_license_key instead of key
• 2a604b8c8 fix(scancode): Fixed failing scancode agent in Docker
• 95260a6ca fix(spdx): encode rdfs:seeAlso uri if contains &
• 31ac4128d fix(RestAuthMiddleware): exclude from auth only the right endpoints
• 3ec401409 fix(ojo): ignore extra symbols at end
• 0f821c075 fix(fo_mapping_license.php): Fix update_license()
• 1f01b5a49 fix(delagent): use uploadtree as default table name
• 7175642f1 fix(unifiedreport): excluded obligation license
• 2f02bf561 fix(ui): implemented search in software heritage page and search and filter in file browser page
• 48b76d5b9 fix(doc): Update UploadTree Description
• acc545c8e fix(import): Do not require an agent if the report has no related data
• d4046f949 fix issue 1868: SPDX import does not conclude licenses based on hash values but on file name
• 192b0091e fix(licenseExport): add all licenses to csv and fix cells
• ebd05d4e1 fix(spdx2): Mark duplicates correctly with LicenseRef prefix
• dc7cb7c90 hotfix(scanner): fix scanner image build
• 51817c752 hotfix(docker tests): Migrate to docker compose from docker-compose
• df2fde3e5 hotfix(docker_test): Use docker compose (v2) instead of docker-compose (v1)
• 7aa37b778 refactor(php): used expressions with combined operators (#2685)
• 04ec5efa7 refactor(automation): Upgrade spdx_tools package from 0.8.0a2 to 0.8.2(latest) in requirements.txt
• 3f7440edb refactor(search): refactor search page
• 51df904b4 refactor(report): remove datetime from report names
• 6be8f6e24 refactor(reportImport): use EasyRdf to read report
• 0233f5e53 feat(ubuntu): support ubuntu noble 24.04 for fossology
• 574b7b635 refact(models): renamed services.xml to services.xml.in file

Infrastructure

• 1102c20e7 build(deps): bump lukka/get-cmake from 3.31.3 to 3.31.4
• c30a578fe build(deps): bump the composer group across 1 directory with 3 updates
• 5424418e5 build(deps): bump docker/login-action from 2 to 3
• 66669d54a build(deps): bump docker/build-push-action from 3 to 6
• dd7f9dd7f build(deps): bump lukka/get-cmake from 3.31.2 to 3.31.3
• `0a...

4.4.0 (Jan 15th 2024)

This release adds important corrections to 4.4.0-rc2

The release 4.4.0 introduces a number of corrections to 4.3.0 and major changes to FOSSology, including:

• Major changes from GSoC contributors:
  • During GSoC 2023, FOSSology saw a major influx in REST API endpoints. Now there are endpoints for almost all information available on UI.
  • During same operations, we also created the framework changes to allow 2 versions of REST API (v1 & v2). This will allow us to unify the REST API in future while still supporting v1.
  • Another big change was creation of new agent to generate CycloneDX reports.
  • We also changed the integration mechanism with ScanCode resulting in major speed improvements in the scan.
• With this release, we also bring support for Debian Bookworm (12)
• Support extraction of Zstandard files
• Support GitHub Actions in the scanner image and generate SPDX reports
• Multiple fixes in SPDX reports
• Sync with SPDX License list v3.22

Credits to contributors for 4.4.0

From the GIT commit history, we have the following contributors since 4.3.0:

> Abdelrahman Jamal <[email protected]>
> Devesh Negi
> Divij Sharma <[email protected]>
> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> Hero2323 <[email protected]>
> Igor Mishchuk <[email protected]>
> Kamal Nayan
> Kgitman
> lata <[email protected]>
> Marc-Etienne Vargenau <[email protected]>
> mayank-pathakk <[email protected]>
> Nejc Habjan <[email protected]>
> Richard Diederen <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Simran Nigam <[email protected]>
> soham4abc <[email protected]>
> srideep-banerjee <[email protected]>
> Sushant Kumar <[email protected]>

Corrections

• 68dbed209 fix(spdx_ref): use LicenseRef to check ref license
• 8d990bb05 fix(ui): use group id to get shortname
• 5a70fbddf fix(api): read optional agentId, UploadController
• 24b0e1a67 fix(postinstall): check status of a2ensite

4.4.0-rc2 (Jan 8th 2024)

This release adds important corrections to 4.4.0-rc1

The release 4.4.0-rc2 introduces a few corrections to 4.4.0-rc1 and changes to FOSSology, including:

• fix token generation for user.
• fix dependencies for bookworm.
• check if ScanOSS is installed.

Credits to contributors for 4.4.0-rc2

From the GIT commit history, we have the following contributors since 4.4.0-rc1:

> Devesh Negi <@DEVESH-N2>
> Divij Sharma <[email protected]>
> Gaurav Mishra <[email protected]>
> Kgitman <@Kgitman>
> Richard Diederen <[email protected]>
> Shaheem Azmal M MD <[email protected]>

Features

• 9e9085b1e feat(api): make cyclonedx report available via the API

Corrections

• 3f2bda48d fix(api): do not check page for empty response
• c9b396dc0 fix(view): check if ScanOSS is installed
• e712da2c6 fix(token): fix token generation for user
• ad5636fdb fix(action): Ensure proper handeling of enum values in argparse
• bef8ca024 fix(licenseRef): make dataype consistent
• 01c073c89 fix(php): Fix null pointer issue in createClearingDecisions() (#2658)
• dff597d00 fix(deb): fix dependencies for bookworm
• 6761de11d style(php): Corrected the SQL syntax error in AllDecisionsDao.php

Infrastructure

• 9028e7dc8 chore(notice): update both notice and notice.spdx files to latest
• 23be4848c chore(notice): update third party notices 4.4.0

4.4.0-rc1 (Nov 21st 2023)

This release adds important corrections to 4.3.0

The release 4.4.0-rc1 introduces a number of corrections to 4.3.0 and major changes to FOSSology, including:

• Major changes from GSoC contributors:
  • During GSoC 2023, FOSSology saw a major influx in REST API endpoints. Now there are endpoints for almost all information available on UI.
  • During same operations, we also created the framework changes to allow 2 versions of REST API (v1 & v2). This will allow us to unify the REST API in future while still supporting v1.
  • Another big change was creation of new agent to generate CycloneDX reports.
  • We also changed the integration mechanism with ScanCode resulting in major speed improvements in the scan.
• With this release, we also bring support for Debian Bookworm (12)
• Support extraction of Zstandard files
• Support GitHub Actions in the scanner image and generate SPDX reports
• Multiple fixes in SPDX reports
• Sync with SPDX License list v3.22

Credits to contributors for 4.4.0-rc1

From the GIT commit history, we have the following contributors since 4.3.0:

> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> Hero2323 <[email protected]>
> Igor Mishchuk <[email protected]>
> Kamal Nayan @legendarykamal
> lata <[email protected]>
> Marc-Etienne Vargenau <[email protected]>
> mayank-pathakk <[email protected]>
> Nejc Habjan <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Simran Nigam <[email protected]>
> soham4abc <[email protected]>
> srideep-banerjee <[email protected]>
> Sushant Kumar <[email protected]>

Features

• 7ed5f9ad9 feat(licenseRef): add new licenses from SPDX
• 572fdaeda feat(menu): add new button to indicate system load in banner
• f154bfd53 feat(upload): track assignee and closing events
• 33a581909 feat(bulk): checkbox to select scan for findings only
• 16f8cffce feat(conf): support CLIXML conf for a upload
• 2f16eef42 feat(os): add support for Debian Bookworm (12)
• 8c28b2f72 feat(api): migrate /tokens endpoints to v2
• 16331926b feat(dashboard): add new page for upload and folder dashboard
• dc47e29b1 feat(unifiedreport): support json format for rows and also html break
• bc1cc0d24 feat(api): add 'topitem' endpoint to Upload API
• c217a3991 feat(schedule agent): add select2 to search for uploads with name
• 88d04ec6d feat(api): unify cx endpoints
• 4e3e0bfc5 feat(api): added author API endpoints
• deeb79e20 feat(api): Export Obligation list as CSV
• 54f4859e0 feat(api): delete obligation based on id
• 697960066 feat(api): Import obligation list from CSV
• a5f29c38c feat(api): get all obligations details
• 8d8573ff8 feat(api): get details of a particular obligation using id
• 1630e79d0 feat(api): export single license as CSV
• 94d874dcb feat(api): The REST API to export licenses-list as CSV
• e0220f921 feat(api): api to get the list of obligations
• 7fb494c4c feat(api): Get all contents of a specific folder
• be9d9cba6 feat(api): get Banner message
• bfff708bc feat(api): Unlink folder contents
• 524090aed feat(api): Get removable folder contents
• 4e213d350 feat(api): update conf data endpoint implemented
• d9223a635 feat(api): update customise endpoint
• 1d6898920 feat(api): Get Customise page data
• ce3b009e2 feat(api): Run scheduler based on the given operation's option
• 3a48ab052 feat(api): Get scheduler options for a given operation
• 8c45508e6 feat(api): Get active queries for Dashboard overview
• 9af03d271 feat(api): Get database metrics overview for dashboard
• 5da361699 feat(api): Suggest license from reference text
• f591d2a28 feat(api): Get all server jobs for Admin Dashboard
• f878673df feat(api): Get PHP-Info for the Dasbhoard Overview
• e19384ef3 feat(api): Get disk space usage overview
• 1234f19e0 feat(api): Get the database contents for the overview of Foss. operations
• e607bcc45 feat(api): Merge a license into an existing one
• 7e7e0ebfa feat(api): verify license as new or variant
• 7404e6b37 feat(ununpack): support for Zstandard
• 7e51fed2c feat(api): Add, Edit, toggle standard-license comment
• 34af20910 feat(api): Get the summary statistics for all Jobs
• f55fed9ac feat(SETUP-V2): Support Multiple Versions (V1 & V2)
• a95d77459 feat(api): get-all standard comments
• eccede06d feat(api): REST API to schedule the bulk-scan
• 01f73826a feat(api): Get Customise page data
• cbee2ee97 feat(api): Add, edit & delete license decision
• 0dd1c3e89 feat(api): Add, Edit & toggle admin license acknowledgement
• 89e7748ae feat(api): get all agents revisions
• e82a0cf8a feat(api): conf info for upload
• c755ff564 feat(api): get a list of scanned licenses for an upload
• 0bde97682 feat(CycloneDX): Add new agent cyclonedx
• 7e181f87d feat(api): Get licenses reuse summary API
• 309dd70d5 feat(api): get list of license decisions for an item
• 13d79e23e feat(api): File info API implemented
• e4085b07e feat(api): get edited licenses list
• bf5a8c569 feat(api): Get all licenses-admin acknowlegments
• 33f75c7f5 feat(api): get the license tree-view of the upload and item
• e2370c786 feat(nomos): add more regex to nomos to identify different licenses
• ac1897635 feat(api): Update upload-summary API for additional info
• 08fba9484 feat(api): get all agents for the upload
• 707094c31 feat(api): API to return total number of copyrights for a file
• 87e756c63 feat(api): get licenses histogram
• 670a37de4 feat(api): Get the clearing-progress info for an upload.
• 76d75929b feat(api): restore deleted copyrights
• 3bb66039b feat(api): REST API to get keywords and hightlight-entries from content
• c0e6c8b00 feat(api): Get clearing-history data API
• ea3adb358 feat(api): Get list of bulk-history API
• e6b086f8d feat(api): handle three filters to get prev & next item
• 779e2331a feat(scanner): generate spdx report
• ee2b2f703 feat(api): update file copyright api added
• bec422b64 feat(api): delete copyright
• 22b4c594c feat(api): copyright info for file
• b3351361c feat(scanner): support github in scanner
• b8a3590f3 feat(api): Remove a particular main license from an upload
• c36b317cf feat(api): add the new main license for the upload
• f34019cae feat(api): set the clearing decision for a particular item
• 9207e349a feat(api): content negotiation on /openapi
• 55b06cc2c feat(api): get the contents of the file
• 5bcb4f5a6 feat(api): openapi.yaml exposed through api
• 3f701df9b feat(api): add pagination to license browser
• f4a578b87 feat(api): get main licenses assigned on an upload
• 992c0b2d1 feat(delete-job-endpoint): Added a delete job endpoint to the Fossology API

Corrections

• a943cb4ad fix(spdx2): avoid license text duplication in rdf
• 145318a5f fix(spdx2): accept null values for arrays
• 19041f0d9 fix(unifiedreport): replace double quotes with single to fix line breaks
• ccad99efa fix(documentation): update README.md with PHP version
• 099fe015c fix(ci): fix build in Debian Buster
• 6373c574c fix(api): default values of page and limit
• 4160f35db fix(user-edit): handle HttpForbiddenException
• 249207f8b fix(user-edit): compare old email and skip email count check
• e979e2782 fix(db): change agent_rev to text
• 9af3fcf9c fix(php): replace array_push by assignment
• ba6506619 fix(php): add missing semicolon
• 2915b7534 fix(php): remove & to be compatible with PHP 8
• a882ff932 fix(php): Factor common code
• df39a6744 fix(cylonedx): update for changes in SPDX
• e01006b21 fix(spdx): de-duplicate licenses with same SPDX ID
• 8682ab5c5 fix(php): replace deprecated split by explode
• d871f83d6 fix(php): Using ${var} in strings is deprecated
• f3b2e0a8b fix(php) Optional parameter declared before required parameter
• 7370c2bd6 fix(PSR-12): closing ?> tag MUST be omitted
• c10906db7 fix(test): fix REST API testcases
• 226d38e0d fix(api): move obligation removal code for rest
• 0eb928490 fix(api): use ObligationMap instead of Model class
• 7e630262f fix(api): extend obligation model don't create new
• 1e9ef3739 fix(api): use ObligationMap instead of modifying UI
• 8d6ab4550 fix(dao): use DbManager in SysConfigDao
• cdc011348 fix(api): fix ConfController to accept diff values
• 9ba7b468a fix(api): fix sysconfig controller and dao
• b7b611ecd fix(api): fix lint error and use UTC where possible
• ea4d682fe fix(test): fix wrong test according to comment
• 92e1eb44b fix(cd): Fix release workflow for version
• 7f7a5c362 fix(delagent): Use bcrypt to check password
• a49f6c8d6 fix(clixml): fix deb package name
• 879e205bf fix(api): fix linter issues
• 70aca2a63 fix(automation): update copyright
• fb3a5600a fix(eyeButtonForPasswords): removed external css usage
• 6bc1ddd05 fix(clixml.php): Fixed the issue of PhP 8 Warning

Infrastructure

• 05bf86a9b deps(composer): update composer/spdx-licenses
• c356f1b38 chore(lib): refactor code
• ebeeadbdb chore(ununpack): drop upx support
• ce8a51553 test(nomos): add new test files
• 82f169228 chore(ci): tag scanner image on release
• 5a4b9b1ff refactor(api): introduce error handling
• 8ee16e820 chore(api)!: update minor version; breaking change
• f143d709d chore(api): update API version 20231006
• 8d44d989b chore(api): move obligation endpoints from license
• `7...

4.3.0 (Jun 22nd 2023)

This release adds important corrections to 4.3.0-rc2

The release 4.3.0 introduces a number of corrections to 4.2.1 and major changes to FOSSology, including:

• Integration with ScanOSS
• Add new field SPDX ID for licenses, making FOSSology reports more SPDX compliant.
  • Same time, fix SPDX reports and update to v2.3
  • Rename deprecated licenses like GPL-2.0+
• Update build system to CMake from GNU Make.
• New option to export and import FOSSology decisions.
• Several security fixes.
• New list to define predefined acknowledgements for easy reuse.
• Consider folder level and package level bulk.
• Drop Ubuntu Bionic support.

Credits to contributors for 4.3.0

From the GIT commit history, we have the following contributors since 4.2.1:

> Avinal Kumar <[email protected]>
> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> hero2323 <[email protected]>
> Krishna Mahato <[email protected]>
> mayank-pathakk <[email protected]>
> Sanjay Krishna S R <[email protected]>
> scanoss-qg <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Simran Nigam <[email protected]>
> soham4abc <[email protected]>
> srideep-banerjee <[email protected]>
> Toussaint Nicolas <[email protected]>

Features

• 83191c8e9 feat(thirdpartyLicenses): update third notices

Corrections

• 753fbbbc9 fix(scanoss): check json-c version for buster

4.3.0-rc2 (Jun 13th 2023)

This release adds important corrections to 4.3.0-rc1

The release 4.3.0-rc2 introduces following major corrections to 4.3.0-rc1:

• Consider folder level and package level bulk.
• Drop Ubuntu Bionic support.
• Replace two single quotes to one in escaped string.

Credits to contributors for 4.3.0-rc2

From the GIT commit history, we have the following contributors since 4.3.0-rc1:

> Gaurav Mishra <[email protected]>
> hero2323 <[email protected]>
> Shaheem Azmal M MD <[email protected]>

Corrections

• c9abbe0c7 fix(user-edit.php): Fixed editing emails allows for duplicate emails for multiple users.
• c9fb01d93 fix(user-add.php): Fixed email can be blank but required.
• a3f7d469a fix(bulkReuse): consider folder level and package level bulk
• 3a782ceb0 fix(composer.json.in): update slim/psr7 in .in file
• 97ef64c67 fix(warnings): fix unified report warnings
• 0d175334d fix(conf): replace two single quotes to one in escaped string
• a3a022c6b fix(cd): fix release build action
• 78737f772 fix(cd): fix release package building

Infrastructure

• c50da8045 chore(scanoss): remove jq
• 6c393d4e1 chore(composer): update min php to 7.3.31
• 2cc1b4249 chore(os): drop Ubuntu Bionic support
• b8fbcb4e9 chore(deps): bump slim/psr7 from 1.4 to 1.4.1 in /src

4.3.0-rc1 (May 9th 2023)

This release adds important corrections to 4.2.1

The release 4.3.0-rc1 introduces a number of corrections to 4.2.1 and major changes to FOSSology, including:

• Integration with ScanOSS
• Add new field SPDX ID for licenses, making FOSSology reports more SPDX compliant.
  • Same time, fix SPDX reports and update to v2.3
  • Rename deprecated licenses like GPL-2.0+
• Update build system to CMake from GNU Make.
• New option to export and import FOSSology decisions.
• Several security fixes.
• New list to define predefined acknowledgements for easy reuse.

Credits to contributors for 4.3.0-rc1

From the GIT commit history, we have the following contributors since 4.2.1:

> Avinal Kumar <[email protected]>
> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> Krishna Mahato <[email protected]>
> mayank-pathakk <[email protected]>
> Sanjay Krishna S R <[email protected]>
> scanoss-qg <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Simran Nigam <[email protected]>
> soham4abc <[email protected]>
> srideep-banerjee <[email protected]>
> Toussaint Nicolas <[email protected]>

Features

• e826f5141 feat(docker): update images to Debian 11 (bullseye)
• 081bc812c feat(clixml): introduce LinkScanTool
• 1faf25a60 feat(licenseCsv): export spdx id in license CSV
• d62e603d9 feat(deleteFileFromBrowse): Ability to delete file from browse page
• bda57059b feat(viewPasswordInLogin): Eye button to view Password while logging in
• 0576ef943 feat(scanoss-agent): Initial version of SCANOSS agent for FOSSology
• 987b2774a feat(API): POST report/import route for initiating a report import job
• de006de77 feat(decision-dump): export-import IPRA data
• 485bb8856 feat(invertSearch):Added inverse search in Email/Url/Author Page
• e40e7ae37 feat(API): /jobs/{id}/history GET route to get the history of all the jobs queued based on an upload
• fec0e60da feat(highlightRows):Highlighted deleted rows on copyright/URL/Author/Email tables
• 644879dd6 feat(api): update response for candidate delete
• a4721ab4a feat(API): delete admin-license candidate
• 7ed947d3c feat(API): get license candidates
• 0fd6be41c feat(api): clearing status
• 2ac466b19 feat(api): change API schema for file uploads
• 23ff12e3f feat(API): change group member's permission
• d9b2597a7 feat(spdx): validate SPDX ID before adding
• a113b816c feat(spdx): update tag:value format to v2.3
• f844ea1d7 feat(spdx): update to v2.3
• c173a05ce feat(nomos): update SPDX license shortnames
• 738c259c2 feat(spdx-tools): update to new repository
• d6aaaf805 feat(license): use spdx identifiers for licenses
• c4e702f82 feat(copyright): add new agent IPRA to FOSSology
• 266299f06 feat(copyright): add new keywords for ECC and keyword agent
• 7e1b7a801 feat(cmake): include libraries using cmake style
• 52ac2abad feat(install): cmake changes for easy-install and vagrantfile
• df8ddfe41 feat(eximporter): add file path for upload tree
• f9d7e2156 feat(acknowledgements): add new ack dropdown to select saved ack
• c5d8c5b78 feat(showjobs): show status link for inprogress jobs
• de52028e6 feat(newagent): new agent decision export import
• 4b9c941c0 feat(buildsystem): Add CMake Build System

Corrections

• 24983d146 fix(dao): getLicenseByCondition set statement name on condition
• add8abf00 fix(report): check array key exists
• d4adf4a09 fix(spdx): create LicenseRef for custom license text
• 54562ca00 fix(README): Fix broken Travis SVG
• fb9d50f8e fix(api): check if hist has required keys
• fc34bb660 fix(clixml): add acknowledgement to reports
• e98e22e15 fix(api): jti not required for oauth tokens
• 9540a9cbd fix(adminLicensecandidate): replace while loop with foreach and correct variables
• 5ba11350b fix(rest): swap upload and folder id to create job
• 01019b5f4 fix(dumpExport): create pfile table always
• 8c729eee8 fix(import): ignore missing utree in dump import
• 1295ea11d fix(clixml): use license full name in clixml report
• d1bd7b55d fix(api): unify dump and report import
• ada5f201a fix(search): fix search endpoint
• 56ba70bb0 fix(manualCopyright):Made Disabled Manual Copyrights Visible in UI
• 73c471438 fix(api): change response of job history
• e40e7ae37 feat(API): /jobs/{id}/history GET route to get the history of all the jobs queued based on an upload
• 62212dbed fix(decisionImporter): deduplicate file
• 5bf20e3ef fix(obligationsGetter): separate licenses
• 963faaae1 fix(unifiedreport): fix warnings of unified report agent
• 7f4df1597 fix(spdx-rdf): use CDATA for attributionText
• affc84466 fix(core-schema): fix index to match DB
• 14723b5d3 fix(api): add new model LicenseCandidate for admin endpoint
• eb5d5e0bd fix(api): add new model FileLicenses for REST API
• 4c7be95ca fix(API): merge multiple upload-api calls into one.
• bd38495bc fix(api): check user permission before editing groups
• b7a6a9c15 fix(unifiedReport): fix table distortion for component link
• 523d832fc fix(ci): add missing dependency to runner image
• 7bd7ecba6 fix(spdx): add license text for valid RDF
• f5eb9ea13 fix(security) fix inaproppriate encoding for output context Added ENT_HTML5 | ENT_QUOTES to ensure that all characters are properly encoded on output
• d10d972e5 fix(security) fix Reflected XSS vulnerability, where input data was displayed directly on the web page
• 29604025e fix(security) Sanitized external command parameter with escapeshellarg as untrusted string may contain malicious system-level commands engineered by an attacker
• bd2fb8f2e fix(security) Replaced cryptographically insecure PHP rand() function with built-in for PHP random_int() with secure pseudo-random number generator
• 58fec86e2 fix(build): various build fixes
• 47066a32c fix(oauth): update username if oauth email matches
• 1fcc19be9 fix(licenseRef): show only active licenses in bulk and user decisions
• 5d39fab5a Fix(api): Fixed filesearch request
• 5dafd15a5 fix(conf): add escape string and fetch raw content

Infrastructure

• 3149e444d chore(deps): bump guzzlehttp/psr7 from 2.4.3 to 2.5.0 in /src
• df2fb2716 chore(scancode): fix the version to 31.2.4
• 34fd909db chore(cmake): do not cache git version
• c443aebca chore(build): fix building of monkbulk package
• 14f8ea382 chore(Makefile): remove old Makefiles

4.2.1 (Nov 15th 2022)

This release is for the quick hot-fix on 4.2.0.

This release applies fix for REST API to patch access to User object. More fixes like importing missing classes and handling other PHP Errors and Notices.

Credits to contributors for 4.2.1

From the GIT commit history, we have the following contributors since 4.2.0:

> Gaurav Mishra <[email protected]>
> Shaheem Azmal M MD <[email protected]>

Features

• 4bcf25682 feat(user-edit): make use of retention period to display expired tokens

Corrections

• 53c047bfb fix(ui): fix PHP error and notices
• aeceaff6a hotfix(ui): fix User object accessing

4.2.0 (Nov 11th 2022)

This release adds important corrections to 4.2.0-rc1

Since RC1, minor updates with dependencies and a fix to unified report has happened.

The release 4.2.0 introduces a number of corrections to 4.1.0 and major changes to FOSSology, including:

• Adopting REUSE.software standards to FOSSology source code.
• Detecting copyrights as per REUSE standards.
• Support for Ubuntu Jammy (22.04)
• Display package health according to Licenses folder.
• Update various dependencies.
• Fix line breaks for LibreOffice.
• Multiple new features in REST API.

Credits to contributors for 4.2.0

From the GIT commit history, we have the following contributors since 4.1.0:

> aman1971 <[email protected]>
> Antoine Auger <[email protected]>
> Avinal Kumar <[email protected]>
> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> Karthik Krishna <[email protected]>
> Krishna Mahato <[email protected]>
> Martin Daur <[email protected]>
> pret3nti0u5 <[email protected]>
> rohitpandey49 <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> Soham Banerjee <[email protected]>
> Thanvi pendyala <[email protected]>

Features

• 76dc5801d chore(php-jwt): use new features from v6.3.0
• fd8eef901 feat(composer): update composer dependencies

Corrections

• 88faee7e7 fix(debian): prevent duplication of bootstrap
• 965552b12 fix(unifiedReport): fix line break issue in libre office
• f2650a9de fix(oneShotMonk): convert value to int to fix php fatal
• 28de987d6 fix(licenseView): fix missing comment select

4.2.0-rc1 (Oct 3rd 2022)

This release adds important corrections to 4.1.0

The release 4.2.0-rc1 introduces reuse specifications to fossology.

The release 4.2.0-rc1 introduces a number of corrections to 4.1.0 and major changes to FOSSology, including:

• Support ubuntu jammy 22.04
• Detect SPDX-FileCopyrightText keyword
• Allow user to configure token
• Reuse all report columns
• Detect Licenses Folder

Credits to contributors for 4.2.0-rc1

From the GIT commit history, we have following contributors since 4.1.0:

> aman1971 <[email protected]>
> Antoine Auger @antoineauger
> Avinal Kumar <[email protected]>
> dushimsam <[email protected]>
> Gaurav Mishra <[email protected]>
> Karthik Krishna <[email protected]>
> Krishna Mahato <[email protected]>
> Martin Daur <[email protected]>
> pret3nti0u5 <[email protected]>
> rohitpandey49 <[email protected]>
> Shaheem Azmal M MD <[email protected]>
> soham4abc <[email protected]>
> Thanvi pendyala <[email protected]>

Features

• eb07d7626 feat(reuse): detect Licenses Folder
• f9f9023a2 feat(ubuntu): support ubuntu jammy 22.04 for fossology
• afa5fd58a feat(licenseRef): add/update licenses from spdx.org
• 88025d5a6 feat(copyright): Detect SPDX-FileCopyrightText keyword
• 41674a5bd feat(API): add user to a group.
• b154feee9 feat(api): Download file using UploadID
• 7fbbe736c feat(API): import csv-license file
• 85cf46567 feat(oidc): allow user to configure token
• 54f80533c feat(api): Set permissions for a upload in a folder for different groups
• 14aba0a4c feat(API): REST-API to initiate FOSSology mantainance
• a5d6a18d5 feat(API): get group members with corresponding roles
• 42e7f0c13 feat(API): remove member from group.
• 0c9620e95 feat(api): new endpoint for geting copyright details
• c2b09f16e feat(api): jobs/all endpoint added
• 53b043b19 feat(API): delete user group
• 917ee86af feat(API): jobs returns only logged in user's jobs
• 4038daac1 feat(reuse): ignore text of testdata
• 454c8cede feat(resue): reuse standard
• 40dfd5833 feat(reuse): implemented REUSE standard
• f60b09983 feat(reuse): implemented REUSE standard
• a3e8f235e feat(reuse): Adopted Reuse.software standard
• 3424028f5 feat(API): Add pagination to search request
• 9c12b6222 feat(copyrightexport): Added copyright export to fo_nomos_license_list
• 262b93954 feat(ui): close banner for a session
• 11f424ac3 feat(API): added a copyright feat in /uploads/{id}/licenses api

Corrections

• cc1f48985 fix(lint): openapi lint corrected
• f88a614ec fix(api): add missing variables
• b8de588a6 fix(reportImport): remove dual check for access and fix array warning
• 6778a6041 refactor(demomod): add missing code in makefile
• 118f29e0f fix(copyright): fix regex conf files
• 41cd3d446 fix(default_group): exposed deafult_group in /users/self
• 8bde786a7 fix(ui): restore license text for bulk modal
• fa4964c83 fix(reuser): reuse all report columns
• b9f727dc4 fix(ci): update spectral-action to fix ci test
• a9054815a fix(uploadPermission):introduced error on changing upload permissions
• 20376e602 fix(reuse): perform code fixes on reuse branch
• 75a386bc1 test(ci): Run REUSE compliance check in CI
• dd873faf6 fix(reuser): add scancode as dependency if sched
• 8c9f8bf92 fix(ui): Fix upload from Srv for parameterize agent
• 13fb71910 fix(make): Fix warnings in make for Ubuntu 20.04.2 LTS
• d94cced54 fix(readme): typo fixed

Infrastructure

• 251be4682 chore(deps): bump twig/twig from 3.3.8 to 3.4.3 in /src
• 03b180355 chore(Dockerfile): add OCI annotations
• 534564bc9 docs(openapi): fix spectral lint warnings/errors
• 045440de8 chore(component-id): use package-url instead purl
• ff8e440de chore(deps): bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /src
• 42aa7c40d chore(workflow): update GHA dependencies
• c7d61ba6d chore(deps): bump guzzlehttp/guzzle from 7.4.4 to 7.4.5 in /src
• 113253c2d chore(deps): bump guzzlehttp/guzzle from 7.4.3 to 7.4.4 in /src
• fe2bd41a0 docs(reuse): reuse badge added