Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: update ort to v33 (major) #311

Merged
merged 1 commit into from
Sep 19, 2024
Merged

deps: update ort to v33 (major) #311

merged 1 commit into from
Sep 19, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 19, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.ossreviewtoolkit:reporter (source) 32.1.0 -> 33.0.0 age adoption passing confidence
org.ossreviewtoolkit.plugins:package-configuration-providers (source) 32.1.0 -> 33.0.0 age adoption passing confidence
org.ossreviewtoolkit:model (source) 32.1.0 -> 33.0.0 age adoption passing confidence
org.ossreviewtoolkit:detekt-rules (source) 32.1.0 -> 33.0.0 age adoption passing confidence

Release Notes

oss-review-toolkit/ort (org.ossreviewtoolkit:reporter)

v33.0.0

Compare Source

What's Changed
Breaking Changes 🛠
  • 60ef7c9 feat(advisor)!: Rework VulnerabilityReference semantics
  • 01ca824 refactor(model)!: Generalize the scoring system mapping
  • 6015cc9 refactor(yarn2)!: Inline YARN_PATH_PROPERTY_NAME
  • 630a8db refactor(yarn2)!: Move some vals and funs outside of the companion
Bug Fixes 🐞
  • 2ac103a bazel: MODULE.bazel files from a local registry should be ignored
  • cb7c914 model: sslmode typo in reference.yml
  • e8e9b83 osv: Improve error handling a bit
  • 508dbfc spdx-utils: Support reading dashed reference category names
New Features 🎉
  • 24656e2 model: Add underscore variants to CVSS names
  • 95cba40 vulnerable-code: Add scoring elements to the data model
Build 🐘 & CI ⚙️
  • e833172 gradle: Do not set a global duplicatesStrategy anymore
  • 9928629 gradle: Replace custom code with the reproducible-builds plugin
  • c6523c4 github: Do not configure a custom linter version anymore
  • 9f7b625 renovate: Disable NuGet package manager updates
Chores 🔧
  • 61eb5c1 evaluator: Remove a few named lambda variables to simplify code
  • d29db08 gradle-plugin: Explicitly set a duplicatesStrategy
  • ce409f9 helper-cli: Consistently make commands internal
  • a577470 helper-cli: Consistently name the help parameter explicitly
  • bb0654c node: Add a couple of links to upstream documentation
  • c725523 node: Slightly simplify Yarn code to get package details
  • f675a32 osv: Improve mapping from OSV to ORT vulnerability references
  • 275c2c1 yarn2: Drop an obsolote TODO comment
Dependency Updates 🚀
  • a488e05 Update clikt to version 5.0.0 and Mordant to version 3.0.0
  • 0b24c91 Update dependency-analysis-gradle-plugin to version 2.0.2
  • 0c10c2f Update kotlinx-coroutines to version 1.9.0
  • 280d8fb update dependency org.semver4j:semver4j to v5.4.0
  • 521bd69 update dependency software.amazon.awssdk:s3 to v2.28.0
  • fd28fcf update github/codeql-action digest to 8214744
  • 21a3289 update gradle/actions digest to d156388
  • 12c8019 update jetbrains/qodana-action action to v2024.1.10
  • c750cfd update jetbrains/qodana-action action to v2024.1.11
  • 0c540bd update jetbrains/qodana-action action to v2024.2.2
Documentation 📖
  • 8a1e42a gradle: Improve the wording of a code comment
  • 1b15bfa yarn2: Fix-up a couple of broken KDoc references
Refactorings 🚜
  • 5a303ad helper-cli: Introduce an abstract OrtHelperCommand base
  • d1fa1f2 model: Extract vulnerability rating code to a function
  • 8b45010 npm: Use a simpler return type for two functions
  • 5bc030e yarn2: Extract isCorepackEnabled()
  • e2bca6b yarn2: Inline DEFAULT_EXECUTABLE_NAME
  • da6cc49 yarn2: Move a couple of functions / classes to the file level
  • 12c99e1 yarn2: Move some sanity logic into getYarnExecutable()
  • 5d0f002 yarn2: Reduce the scope of the version variable
  • 098ef99 yarn2: Simplify cleanYarn2VersionString()
  • 9db096c yarn2: Use a shorter name for versionFromLocator
Tests ✅
  • c17e5c3 bazel: Update expected results
  • 52cb0e0 conan: Split out the lockfile case into a dedicated test
  • a9e964e conan: Update expected results
  • 6123c13 node: Consistently place Npm projects in the npm directory
  • 06fe673 node: Drop the README.md for Npm test assets
  • c67d544 node: Improve a test case name
  • b0bd418 node: Merge NpmVersionUrlFunTest into NpmFunTest
  • 8cbbb57 node: Move Yarn test projects into a dedicated yarn directory
  • 254a64a node: Slightly improve a project name and metadata
  • 49b65dd osv: Update expected results
  • 6e181ef bc819cc osv: Update expected results

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner September 19, 2024 09:02
@sschuberth sschuberth enabled auto-merge (rebase) September 19, 2024 13:27
@sschuberth sschuberth merged commit a9adc01 into main Sep 19, 2024
7 checks passed
@sschuberth sschuberth deleted the renovate/major-ort branch September 19, 2024 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sschuberth sschuberth sschuberth approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sschuberth