deps: update ort to v38 (major) #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

sschuberth merged 1 commit into main from renovate/major-ort

Oct 31, 2024

Contributor

renovate bot commented Oct 31, 2024

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.ossreviewtoolkit.utils:test-utils (source)	`37.0.0` -> `38.0.0`
org.ossreviewtoolkit:model (source)	`37.0.0` -> `38.0.0`
org.ossreviewtoolkit:detekt-rules (source)	`37.0.0` -> `38.0.0`
org.ossreviewtoolkit:cli (source)	`37.0.0` -> `38.0.0`
org.ossreviewtoolkit.plugins.commands:analyzer-command (source)	`37.0.0` -> `38.0.0`
org.ossreviewtoolkit:analyzer (source)	`37.0.0` -> `38.0.0`

Release Notes

oss-review-toolkit/ort (org.ossreviewtoolkit.utils:test-utils)

`v38.0.0`

What's Changed

Breaking Changes 🛠

e01a1f2 refactor(node)!: Move Pnpm into its own dedicated package

Bug Fixes 🐞

a1652ea dos: Edit downloading the source to be scanned
3a8812d model: Correctly map Identifier namespaces to purl namespaces
b1740ef model: Rework purl conversion according to the specs
42f0f33 spdx-reporter: Also check LicenseRef exceptions of snippets
fe7d1ef spdx-reporter: Remove a conflicting license validity check
f1a49b5 utils: Support deleting read-only files on Windows
41d1c6f yarn: Fix up the error handling in getRemotePackageDetails()

New Features 🎉

c9d2a49 spdx: Deal with cycles in dependency relations
2161ffd yarn: Also log warnings output by yarn info

Chores 🔧

d2dd061 model: Nest purl tests in preparation for adding more tests
2c79d17 model: Remove a few redundant purl tests
24f44d8 osv: Remove the work-around for Swift
51f5ec6 spdx-reporter: Map to a Set for distinct entries
7cd95a4 spdx-reporter: Remove a default strictness argument
4814301 Align on "purl" spelling for Package URLs

Dependency Updates 🚀

e39a48c Update the dependency-analysis-gradle-plugin to version 2.3.0
b3c1124 Update the dependency-analysis-gradle-plugin to version 2.4.0
d2cfce1 update actions/checkout digest to 11bd719
bc94e33 update actions/setup-java digest to 8df1039
17767fb update actions/setup-node digest to 39370e3
d0cf5be update dependency ch.qos.logback:logback-classic to v1.5.12
f38c1f4 update dependency com.charleskorn.kaml:kaml to v0.62.0
2b4e7fb update dependency com.charleskorn.kaml:kaml to v0.62.1
52162c5 update dependency software.amazon.awssdk:s3 to v2.29.0
01340ed update exposed to v0.56.0
cee8a78 update github/codeql-action digest to 6624720
69fcc36 update jackson to v2.18.1
31edf71 update jetbrains/qodana-action action to v2024.2.5
8f00ece update jetbrains/qodana-action action to v2024.2.6

Documentation 📖

1219605 model: Clarify in a test what a "clean" purl is supposed to be
b4d9313 spdx-utils: Clarify that licenseInfoFromFiles contains license IDs
6f3aaa5 spdx-utils: Document each main class with a link to the spec
0460948 yarn: Add information about the mentioned network issue
02192a3 yarn: Re-align the docs with the function

Refactorings 🚜

7f07648 model: Move purl-related tests to PurlExtensionsTest
49c654a model: Turn purl test data assertions into sanity checks
771a6a5 npm: Allow getRemotePackageDetails() to return null
6f802f8 npm: Make getRemotePackageDetails() handle unsuccessful runs
1394274 npm: Move parsePackage() outside of the Npm class
5bff7a2 npm: Move parseProject() out of the class
6999a12 npm: Remove a now unnecessary runCatching()
0223e40 osv: Simplify queries with purls
0eb1eea pnpm: Make Pnpm separate from Npm
26703f9 yarn: Extract extractDataNodes()
8e90a79 yarn: Use a more speaking name for output

Tests ✅

a265d38 model: Add name(space) specific purl tests
419b42b model: Test against the official purl test suite data
bfa893b npm: Re-create the lockfile for the babel project
f63b068 osv: Update expected results
61c4721 pnpm: Add some more functional test coverage
db0ec55 python: Update expected results
b688a9c python: Update expected results
c535f61 vulnerable-code: Test lookup for a Go package
507ee30 yarn: Add some more functional test coverage
d59b609 yarn2: Move the functional test into the yarn2 package

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.


          deps: update ort to v38

ad0fbc4

renovate bot added the dependencies label

sschuberth enabled auto-merge (rebase)

October 31, 2024 09:55

sschuberth approved these changes

View reviewed changes

sschuberth merged commit c86de59 into main

8 checks passed

sschuberth deleted the renovate/major-ort branch

October 31, 2024 09:55

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels