Skip to content

2.0.0-rc.0

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 15 May 19:33
· 594 commits to main since this release
v2.0.0-rc.0
e0e230a

Breaking Changes:

  • Class Factories.LicenseFactory was modified
    • Function makeFromString() was changed in its behaviour (#271, #530 via #547)
      Will try to create Models.SpdxLicense if value is eligible,
      else try to create Models.LicenseExpression if value is eligible,
      else fall back to Models.NamedLicense.
    • Renamed function makeDisjunctiveWithId() -> makeSpdxLicense() (#530 via #547)
    • Renamed function makeDisjunctiveWithName() -> makeNamedLicense() (#530 via #547)
  • Class Models.LicenseExpression was modified
    • Removed static function isEligibleExpression() (via #547)
      Use Spdx.isValidSpdxLicenseExpression() instead.
    • Constructor no longer throws, when value is not eligible (#530 via #547)
      You may utilize Factories.LicenseFactory to mimic the previous behaviour.
    • Property expression setter no longer throws, when value is not eligible (#530 via #547)
      You may utilize Factories.LicenseFactory to mimic the previous behaviour.
  • Class Models.SpdxLicense was modified
    • Constructor no longer throws, when value is not eligible (#530 via #547)
    • Property id setter no longer throws, when value is not eligible (#530 via #547)
  • Interface Spec.Protocol now defines a new mandatory property supportsComponentEvidence:boolean (via #753)
  • Interface Spec.Protocol now defines a new mandatory property supportsVulnerabilities:boolean (via #722)
  • Removed deprecated symbols (#747 via #752)
    • Namespace {Builders,Factories}.FromPackageJson -> use {Builders,Factories}.FromNodePackageJson instead
    • Class Models.HashRepository -> use Models.HashDictionary instead
    • Function Serialize.{Json,Xml}.Normalize.*.normalizeRepository() -> use Serialize.{Json,Xml}.Normalize.*.normalizeIterable() instead
    • Type alias Types.UrnUuid - use string instead
      Type predicate Types.isUrnUuid() no longer exists

Changed

  • Removed beta state from symbols {Enums,Models}.Vulnerability.* (#164 via #722)
    The structures are defined as stable now.
  • Class Models.Attachment was modified
    • Property content was widened to be any stringable, was string (#516 via #753)
      This enables the use of Buffer and other data-saving mechanisms.
  • Class Models.Component was modified
    • Property copyright was widened to be any stringable, was string (#516 via #753)
      This enables the use of Buffer and other data-saving mechanisms.
  • Class Models.Vulnerability.Credits was modified
    • Property organizations is no longer optional (via #722)
      This collection(Set) will always exist, but might be empty.
      This is considered a non-breaking change, as the class was in beta state.
    • Property individuals is no longer optional (via #722)
      This collection(Set) will always exist, but might be empty.
      This is considered a non-breaking change, as the class was in beta state.

Added

  • Serializers and Bom-Normalizers will take Bom.vulnerabilities into account (#164 via #722)
  • Serializers and Component-Normalizers will take Component.evidence into account (#516 via #753)
  • Namespace Models was enhanced
    • Class Component was enhanced
      • New optional property evidence of type Models.ComponentEvidence (#516 via #753)
    • New Classes ComponentEvidence (#516 via #753)
    • NamespaceVulnerability was enhanced
      • Class Advisory was enhanced
        • New method compare() (via #722)
      • Class AdvisoryRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
      • Class Affect was enhanced
        • New method compare() (via #722)
      • Class AffectRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
      • Class AffectedSingleVersion was enhanced
        • New method compare() (via #722)
      • Class AffectedVersionRange was enhanced
        • New method compare() (via #722)
      • Class AffectedVersionRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
      • Class Rating was enhanced
        • New method compare() (via #722)
      • Class RatingRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
      • class Reference was enhanced
        • New method compare() (via #722)
      • Class ReferenceRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
      • class Source was enhanced
        • New method compare() (via #722)
      • class Vulnerability was enhanced
        • New method compare() (via #722)
      • Class VulnerabilityRepository was enhanced
        • New method sorted() (via #722)
        • New method compare() (via #722)
  • Namespace Serialize.{Json,Xml}.Normalize was enhanced
    • Class Factory was enhanced
      • New Method makeForComponentEvidence() (#516 via #753)
      • New method makeForVulnerability() (#164 via #722)
      • New method makeForVulnerabilitySource() (#164 via #722)
      • New method makeForVulnerabilityReference() (#164 via #722)
      • New method makeForVulnerabilityRating (#164 via #722)
      • New method makeForVulnerabilityAdvisory (#164 via #722)
      • New method makeForVulnerabilityCredits (#164 via #722)
      • New method makeForVulnerabilityAffect (#164 via #722)
      • New method makeForVulnerabilityAffectedVersion (#164 via #722)
      • New method makeForVulnerabilityAnalysis (#164 via #722)
    • New class ComponentEvidenceNormalizer (#516 via #753)
    • Class OrganizationalEntityNormalizer was enhanced
      • New method normalizeIterable() (via #722)
    • New class VulnerabilityNormalizer (#164 via #722)
    • New class VulnerabilityAdvisoryNormalizer (#164 via #722)
    • New class VulnerabilityAffectNormalizer (#164 via #722)
    • New class VulnerabilityAffectedVersionNormalizer (#164 via #722)
    • New class VulnerabilityAnalysisNormalizer (#164 via #722)
    • New class VulnerabilityCreditsNormalizer (#164 via #722)
    • New class VulnerabilityRatingNormalizer (#164 via #722)
    • New class VulnerabilityReferenceNormalizer (#164 via #722)
    • New class VulnerabilitySourceNormalizer (#164 via #722)
  • Namespace Spec
    • Const Spec1dot{2,3,4}
      • New Property supportsComponentEvidence:boolean (via #753)
      • New Property supportsVulnerabilities:boolean (via #722)
  • Namespace Spdx
    • New function isValidSpdxLicenseExpression() (#271 via #547)

Misc

  • New dependency spdx-expression-parse (via #547)

Full Changelog: v1.14.0...v2.0.0-rc.0

Assets 2
Loading