New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: update ort to v47 (major) #116

Merged

mnonnenmacher merged 1 commit into main from renovate/major-ort

Jan 23, 2025

Contributor

renovate bot commented Jan 23, 2025

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.ossreviewtoolkit:model (source)	`46.0.0` -> `47.0.0`
org.ossreviewtoolkit:detekt-rules (source)	`46.0.0` -> `47.0.0`
org.ossreviewtoolkit:cli (source)	`46.0.0` -> `47.0.0`
org.ossreviewtoolkit.plugins.commands:analyzer-command (source)	`46.0.0` -> `47.0.0`
org.ossreviewtoolkit:analyzer (source)	`46.0.0` -> `47.0.0`

Release Notes

oss-review-toolkit/ort (org.ossreviewtoolkit:model)

`v47.0.0`

Actions Required

Update package configurations that refer to SPDX projects to use "SpdxDocument" instead of "SpdxDocumentFile" as the identifier's type.

What's Changed

🛠 Breaking Changes

01f1930 fix(package-managers)!: Use projectType as the ID type for projects

🐞 Bug Fixes

7154214 downloader: Do not even try empty source code origins
7c71782 downloader: Improve the output of error messages
025c751 downloader: Support project URLs with query parameters
5ffb576 go: Use "GoMod" as the project type
66b5b15 node: Properly use the projectType to create projects
255d294 package-managers: Do not set the package type to the manager name
ae58bb8 vcs: Consider VCS configurations in cache lookup

🎉 New Features

c9f51e9 AnalyzerCommand: Sort output of found definition files
6547d1f analyzer: Also fail early if managers for the same type are enabled
b230f26 detekt-rules: Add autoCorrect for OrtImportOrder rule
9b57816 node: Add the project type to the Node package manager type
c737701 scanner: Add flag to scanner to detect unlicensed files
34444c3 test-utils: Support regex patterns in patchExpectedResult()
170a3b8 Upgrade Poetry to 2.x series

✅ Tests

bc4d972 model: Factor out fromJson()
7d817f8 model: Factor out toJson()
da07e1e opossum: Rewrite reporter-test-output.json
4bfd33f osv: Make the test for getting vulnerability IDs less flaky
b9fd340 osv: Make the test which queries by commit less flaky
718d762 osv: Make the test which queries by name and version less flaky
dcd71a5 osv: Rename patchFields()
bf9de57 osv: Rename a constant for consistency
7552dd4 osv: Update expected results
16ca9a4 osv: Use WordSpec in the functional test
3f56118 pub: Update expected results

🐘 Build & ⚙️ CI

5ab6a92 gradle: Make detektAll only run tasks with type resolution

📖 Documentation

d8ebd62 PackageCurationData: Fix the docs for apply()
78edc76 development: Add documentation about Detekt's auto-correct feature
ecb1186 downloader: Improve the --vcs-path CLI help
e510c6f website: Also mention the "detektAll" task in the table
9e4b989 website: Mention the "detektAll" task instead of individual ones

🔧 Chores

46479e5 DependencyGraphNavigator: Avoid relying on manager name prefixes
19a2074 OpossumReporterFunTest: Extract a variable to ease debugging
ec73f3f SpdxLicenseTest: Use Kotest's dedicated resource matcher
ac2fef5 docker: Upgrade Composer to version 2.8.4
55ae851 docker: Upgrade Conan to the latest 1.x version
a22a7e0 docker: Upgrade Go to version 1.23.5
cb49aeb docker: Upgrade Licensee to version 9.18.0
3c4de5d docker: Upgrade pip to version 24.3.1
d26dd73 docker: Upgrade pnpm to version 9.15.4
4f4b7c4 Capitalize hard-coded issue sources
c2f1546 Prefer the more fluent infix variant of shouldNotBeNull

🚀 Dependency Updates

42d48aa docker: Upgrade ScanCode to version 32.3.2
353de0d spdx: Update the license list to version 3.26
43f5982 update actions/attest-build-provenance digest to 520d128
b6560a6 update codecov/codecov-action digest to 5a605bd
1d9c9c8 update com.github.ben-manes.versions to v0.52.0
1fd0a2d update com.scanoss:scanoss to v0.8.1
cac29ae update github/codeql-action digest to d68b2d4
0d1d615 update github/codeql-action digest to dd196fa
ceaa7da update org.jruby:jruby to v9.4.10.0
7a00318 update org.semver4j:semver4j to v5.6.0
c504d62 update org.springframework:spring-core to v6.2.2
7f8d3d3 update software.amazon.awssdk:s3 to v2.30.1
5648515 update software.amazon.awssdk:s3 to v2.30.2
92df4f8 update umbrelladocs/action-linkspector digest to de84085

🚜 Refactorings

0c454e7 docker: Rename PIPTOOL_VERSION to PIP_VERSION
7b21289 node: Introduce an abstract base class for common code
71f3467 node: Move parseProject() to NodePackageManager
16558a3 node: Rename non-NPM-specific files
bc3a1b8 scanner: Inline the TOOL_NAME constant

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.


          deps: update ort to v47

4a51eec

renovate bot added the dependencies label

mnonnenmacher approved these changes

View reviewed changes

mnonnenmacher enabled auto-merge (rebase)

January 23, 2025 10:39

mnonnenmacher merged commit 2c53330 into main

8 checks passed

mnonnenmacher deleted the renovate/major-ort branch

January 23, 2025 10:42

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels