v3.2.0rc1 release candidate

This the first release candidate of 3.2
Some notable changes:

• Improve copyright detection #2140
• Add new license rules for "bad" licenses #1899 @viragumathe5
• Improve copyright detection @WizardOhio24
• Improve tests @hanif-ali
• Add and improve support for package manifest for #2080 Go, Ruby gem gemspec, Cocoapod podspec, opam, Python PKG-INFO - Rohit Potter @rpotter12
• Add and improve support for package lockfiles for Pipfile.lock, requirements.tx, Cargo.lock - Rohit Potter @rpotter12
• Add new --max-depth option to limit sca depth - Hanif Ali @hanif-ali
• Add initial Debian packaging - @aj4ayushjain
• Add new documentation web site and documentation generation system
• The "headers" attribute in JSON outputs now contains a 'duration' field. #1942
• Rework packaging and third-party support handling: Create new scripts and
  process to provision, install and manage third-party dependencies - Abhishek Kumar @Abhishek-Dev09
• Improve CSV output and fix manifest path bug #1718 Aditya Viki8
• Add new documentation, as well as tools and process. Ayan Sinha Mahapatra
• Add new license detection rules - Ayan Sinha Mahapatra
• Improve license detection #1999 - Bryan Sutula
• Correct CC0 license #1984 - Carmen Bianca Bakker
• Add documentation for the usage of cpp_includes plugin - Chin Yeung Li
• Improve andling of npm package-lock.json #1993 - Chin Yeung Li
• Add new license detection rules - Gaupeng
• Improve documentation - Issei Horie
• Improve consolidation plugin - Jono Yang @JonoYang
• Improve Python wheels detection #1749 - Jono Yang @JonoYang
• Add support for BUCK and Bazel build scripts #1678 - Jono Yang @JonoYang
• Improve handing of ignores #1748 - Jono Yang @JonoYang
• Improved package models #1773 #1532 #1678 #1771 #1791 #1220 - Jono Yang @JonoYang
• Parse package lock files for Composer #1850, Yarn #1220, Gemfile.lock #1885 - Jono Yang @JonoYang
• Add parser for Alpine 'installed' file #2061 - Jono Yang @JonoYang
• Add support for Debian packagesinstalled files #2058 - Jono Yang @JonoYang
• Add new licenses -@Pratikrocks
• Improve support for DWARF, ELF and C++ include plugins #1712 #1752#1762 - Li Ha @licodeli
• Add support for parsing java class files #1712 #1726- Li Ha @licodeli
• Add new license detection rules - @MankaranSingh
• Add new duration field to JSON output #1937 - @MankaranSingh
• Add new rule for GPL historical note #1794 - Martin Petkov
• Add --replace-originals flag to extractcode -Maximilian Huber
• Improve Documentation - Michael Herzog
• Add new checksum type for sha256 - Nitish @nitish81299
• Improve documentation - Philippe Ombredanne
• Add new license detection rules and improve detection #1777 #1720 #1734 #1486 #1757 #1749 #1283 #1795 #2214 #1978
• Add new license detection rules and improve detection #2187 #2188 #2189 #1904 #2207 #1905 #419 #2190 #1910 #1911
• Add new license detection rules and improve detection #1841 #1913 #1795 #2124 #2145 #1800 #2200 #2206 #2186
• Allow to call "run_scan" as a function #1780
• Update license data to SPDX 3.7 #1789
• Collect matched license text correctly including with Turkish diacritics #1872
• Detect SPDX license identifiers #2007
• Add Windows 64 as supported platform #616
• Add and improve support for archive with lzip, lz4 and zstd #245 #2044 #2045
• Detect licenses in debian copyright files #2058
• Improve copyright detections #2140
• Improve FSF, unicode and Perl license detection - Qingmin Duanmu
• Add COSLi and ethical licenses - Ravi @JRavi2
• Add tests for extract.py and extract_cli.py - Ravi @JRavi2
• Add a new copyright to grammar - Richard Menzies
• Fix external URLs in documentation - Ritiek Malhotra
• Improve doc - Rohit Potter
• Correct configure on Windows and improve doc - Sebastian Schuberth
• Improve license detection. Add tests for #1758 and #1691- Shankhadeep Dey
• Improve tests of utility code - Shivam Chauhan
• Improve tests and documentation - Shivam Sandbhor @sbs2001
• Add new hippocratic license #1739 - Shivam Sandbhor
• Add new and improved licenses - Steven Esser @MaJuRG
• Improve test suite - Steven Esser @MaJuRG
• Improve fingerprint plugin #1690 - Steven Esser @MaJuRG
• Add support for Debian packages #2058 - Steven Esser @MaJuRG
• Improve FreeBSD support - @aj4ayushjain
• Add new plugins to get native code from install packages - @aj4ayushjain
• Fix license name and data - Thomas Steenbergen
• Improve runtime support for FreeBSD #1695 @knobix
• Update macOS image on azure pipeline @TG1999
• Improve documentation - @Vinay0001

Release candidate 2 for 3.1.x

v3.1.1

Release v3.1.1 which the release candidate 2 of 3.1.x

Release v3.0.2: minor bug fix

This is a minor bug fix version for 3.0.0. See https://github.com/nexB/scancode-toolkit/releases/tag/v3.0.0 for major changes.

• A tracing flag was turned on in the summary module by mistake. Reported by @tdruez #1374
• Correct a Maven parsing error. Reported and fixed by @linexb #1373
• Set proper links in the README. Reported and fixed by @sschuberth #1371
• No changes from v3.0.1

See the CHANGELOG for details at https://github.com/nexB/scancode-toolkit/blob/master/CHANGELOG.rst

To install, download scancode-toolkit-3.0.2.zip or scancode-toolkit-3.0.2.tar.bz2 from the Downloads section below and follow installation instructions in the README at https://github.com/nexB/scancode-toolkit/blob/master/README.rst

This is also available as a Python library from Pypi with pip install scancode-toolkit

You can also download the corresponding source code for bundled pre-built third-party binaries from these locations:

• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.tar.gz
• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.zip

Release v3.0.0: new major release

This is the first 3.0 release with the best, fastest and most efficient ScanCode ever released.

This releases contains many improvements, fixes and new features including breaking API changes (when compared to 2.2.x). See the CHANGELOG for details at https://github.com/nexB/scancode-toolkit/blob/master/CHANGELOG.rst

To install, download scancode-toolkit-3.0.0.zip or scancode-toolkit-3.0.0.tar.bz2 from the Downloads section below and follow installation instructions in the README at https://github.com/nexB/scancode-toolkit/blob/master/README.rst

This is also available as a Python library from Pypi with pip install scancode-toolkit

You can also download the corresponding source code for bundled pre-built third-party binaries from these locations:

• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.tar.gz
• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.zip

Release beta/preview v2.9.2: a beta/preview for the latest develop, before 3.0

This is a stable pre-release of what will come up for 3.0
This has many changes and bug fixes including improved SPDX license detection, package reporting and additional plugins and more: these are not yet fully documented but this release can be used for testing and is stable.

Some major changes include:

• A security fix The support for Rar archives extraction in extractcode has been changed and downgraded to use libarchive instead of 7zip as a mitigation for a 7Zip vulnerability referenced as CVE-2018-10115 https://nvd.nist.gov/vuln/detail/CVE-2018-10115 . As a result, you may expect some extraction failures when extracting some Rar archives as fewer Rar archive formats are supported by libarchive. When the bug is properly fixed on all OS in 7Zip this may be reverted.

• The package models have been updated significantly and streamlined. Then now also use the Package URL (purl) semantics. If you rely on the previous v2.x models and data structures, with a --package scans things are rather improved now. Documentation will come up next.

• The license detection has been updated in several ways:

  • a new --license-expression option allow to return license expressions (using ScanCode keys)
  • several licenses have been added, updated or retired after a sync with the latest SPDX license list v3.1 and AboutCode
  • SPDX license identifiers are now detected by the license scan

Release beta/preview v2.9.1: a beta/preview for the latest develop, before 3.0

This is a stable pre-release of what will come up for 3.0
This has a lot of new changes including improved license detection, plugins, speed and detection that are not yet fully documented but it can be used for testing.

Release beta/preview v2.9.0b1: a beta/preview for the latest develop, before 3.0

This is a pre-release of what will come up for 3.0
This has a lot of new changes including improved plugins, speed and detection that are not yet fully documented but it can be used for testing.

Release v2.2.1: Several bug fixes, minor new features and an API change

This is a minor release with several bug fixes, one new feature and one (minor) API change.

To install, download scancode-toolkit-2.2.1.zip or scancode-toolkit-2.2.1.tar.bz2 from the Downloads section below and follow installation instructions in the README at https://github.com/nexB/scancode-toolkit/blob/master/README.rst

This is also available as a Python library from Pypi with pip install scancode-toolkit

You can also download the source code for pre-built third-party binaries from these locations:

• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.tar.gz
• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.zip

API change:

• Licenses data now contains a new reference_url attribute instead of a
  dejacode_url attribute. This defaults to the public DejaCode URL and
  can be configured with the new --license-url-template command line
  option.

New feature:

• There is a new "--format jsonlines" output format option.
  In this format, each line in the output is a valid JSON document. The
  first line contains a "header" object with header-level data such as
  notice, version, etc. Each line after the first contains the scan
  results for a single file formatted with the same structure as a
  whole scan results JSON documents but without any header-level
  attributes. See also http://jsonlines.org/

Other changes:

• Several new and improved license detection rules have been added.
  The logic of detection has been refined to handle some rare corner
  cases. The underscore character "_" is treated as part of a license
  word and the handling of negative and false_positive license rules
  has been simplified.

• Several issues with dealing with codebase with non-ASCII,
  non-UTF-decodable file paths and other filesystem encodings-related
  bug have been fixed.

• Several copyright detection bugs have been fixed.

• PHP Composer and RPM packages are now detected with --package

• Several other package types are now detected with --package even
  though only a few attributes may be returned for now until full parsers
  are added.

• Several parsing NPM packages bugs have been fixed.

• There are some minor performance improvements when scanning some
  large file for licenses.

Thank you to all contributors to this release and the 250+ stars and 80+ forks on GitHub!

Release v2.1.0: New plugin architecture, minor new features, bug fixes and other improvements

This is a minor release with several new and improved features and bug
fixes but no significant API changes.

To install, download scancode-toolkit-2.1.0.zip or scancode-toolkit-2.1.0.tar.bz2 from the Downloads section below and follow installation instructions in the README at https://github.com/nexB/scancode-toolkit/blob/master/README.rst

This is also available as a Python library from Pypi with pip install scancode-toolkit

You can also download the source code for pre-built third-party binaries from these locations:

• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.tar.gz
• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.zip

Key changes:

• New plugin architecture by @yashdsaraf
• Several new and improved licenses and license detection rules
• Multiple bug fixes

Thank you to all contributors to this release and the 240+ stars and 70+ forks on GitHub!
Some of the contributors to this release with either code and bug reports include
(and this list is likely missing some):

• @abuhman
• @chinyeungli
• @jimjag
• @JonoYang
• @jpopelka
• @MaJuRG
• @mjherzog
• @pgier
• @pkajaba
• @pombredanne
• @scottctr
• @sschuberth
• @yahalom5776
• @yashdsaraf

Release v2.0.1: Minor new features, bug fixes and improvements

This is a minor release with some minor improved features and bug fixes.

To install, download scancode-toolkit-2.0.1.zip or scancode-toolkit-2.0.1.tar.bz2 from the Downloads section below and follow installation instructions in the README at https://github.com/nexB/scancode-toolkit/blob/master/README.rst

This is also available as a Python library from Pypi with pip install scancode-toolkit

You can also download the source code for pre-built third-party binaries from these locations:

• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.tar.gz
• https://github.com/nexB/scancode-thirdparty-src/archive/v1.0.0.zip

Thank you to all contributors to this release and the 200+ stars and 60+ forks on GitHub!

Key changes:

• New and improved license detection, including refined match scoring for #534
• Bug fixed in License detection leading to a very long scan time for some rare JavaScript files. Reported by @jarnugirdhar
• New "base_name" attribute returned with file information. Reported by @chinyeungli
• Bug fixed in Maven POM package detection. Reported by @kalagp