Release v2.0.0 · clearlydefined/crawler

Release tag: v2.0.0

Upgrade Notes

No steps are required to upgrade to this release as a user of ClearlyDefined. Any local harvesters will need to get the latest crawler image from Docker Hub and restart their crawler.

All major changes are related to data output changes brought in by updates to license identification tools and the license extraction process.

Note: Requests for definitions do not initiate a harvest request when a definition already exists. A harvest request is required to update raw tool results from which the definition will be constructed. Note as well that harvesting takes significant time. There will be a delay from the time the harvest request is made before the results will be reflected in a definition request.

What’s changed

Major Changes

Update license detection tools

Update licensee scan tool updated from v9.12 to v9.16.1 by @yashkohli88 in #549
Update scancode-toolkit from v30.1.0 to v32.1.0 by @lumaxis in #537

Modifications to ClearlyDefined license extraction

Update PodExtract tool version by @qtomlinson in #566
Derive license from info.license over classifiers in pypi registry data by @qtomlinson in #586

Minor Changes

New traversal policy

Introduce “reharvestAlways” traversal policy to make re-harvest simpler by @qtomlinson in #598

New “reharvestAlways” policy behavior:

When the tool result for a component is available, the tool will be rerun and tool result updated, similar to the "always" policy.
When the tool result for a component is not available, the component will be fetched and the tool will be run. This differs from the “always” policy which skips running when the results do not already exist.

Other minor changes

Remove rimraf by @lumaxis in #558
Update spdx parsing which includes support for passing in LicenseRef map by @ljones140 in #606

Bug Fixes and Patches

Development related

add sha and version to ‘/‘ endpoint by @elrayle in #574
Fix fetching latest version for some pod components by @qtomlinson in #588
Make scancode parallelism configurable by @RomanIakovlev in #612

DevOps

Deploy production crawler to Clearly Defined’s Azure account, along with MSFT by @ljones140 in #608
Deploys to dev on master merge by @ljones140 in #601
Deploy dev crawler via GitHub action by @ljones140 in #599
tests should run for changes in prod and have the option to run manually by @elrayle in #592
Add separate workflow step for testing Docker build by @lumaxis in #580
docs: add SECURITY.md by @nickvidal in #584

Dependencies

Bump express from 4.18.2 to 4.19.2 by @dependabot in #564
Bump debug from 4.1.1 to 4.3.5 by @dependabot in #581
Bump braces and patch-package by @dependabot in #582
Updated deprecated dependency request-promise-native by @yashkohli88 in #576
Cleanup dependencies by @lumaxis in #557

New Contributors

@nickvidal made their first contribution in #584
@ljones140 made their first contribution in #591

Full Changelog: v1.2.0...v2.0.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v2.0.0