What's Changed

• Improve Project list page navigation #1200 by @tdruez in #1505
• Do not fail project on memory spikes by @AyanSinhaMahapatra in #1504
• Add rust binary support #1435 by @AyanSinhaMahapatra in #1488
• Add support extra_data value from the JSON input in load_inventory #926 by @tdruez in #1507
• Turn off CycloneDX document validation and load data anyway #1515 by @tdruez in #1516
• Add a report action on project list to export XLSX of packages #1437 by @tdruez in #1517
• Add labels to Project level search #1520 by @tdruez in #1522
• Add a batch-create management command by @tdruez in #1509
• Add a TODOs sheet containing on REQUIRES_REVIEW resources in XLSX #1524 by @tdruez in #1527
• Improve XLSX output for Vulnerabilities #1519 by @tdruez in #1531
• Skip package creation when no package_data from purldb by @keshav-space in #1532
• Do not download input_urls in CLI commands #1437 by @tdruez in #1535
• Ensure that we process specifically JavaScript map files #1538 by @JonoYang in #1541
• Escape special characters in directory path regex by @keshav-space in #1542
• Add support for download URL as --input-list in batch-create #1524 by @tdruez in #1544
• Add a report management command to generate XLSX reports #1524 by @tdruez in #1545
• Keep the InputSource objects when using reset on Projects #1536 by @tdruez in #1549
• Add a select_across checkbox on the ProjectReportForm #1524 by @tdruez in #1534
• Refine the map_java_to_class implementation #1552 by @tdruez in #1554
• Ignore large data files and bump scancode-toolkit by @AyanSinhaMahapatra in #1508

Full Changelog: v34.9.3...v34.9.4

What's Changed

• Refine the available options for RQ_QUEUES settings #1465 by @tdruez in #1467
• Update matchcode-toolkit to v7.0.0 by @JonoYang in #1466
• Add a run-docker-dev Makefile command by @tdruez in #1480
• Refine the run-docker-dev to watch changes and restart worker service by @tdruez in #1483
• Bump aboutcode.hashid to v0.2.0 by @keshav-space in #1479
• Move the for_packages field in SCIO XLSX output #1487 by @tdruez in #1489
• Load the LAYERS sheet data in load_inventory_from_xlsx #1490 by @tdruez in #1491

Full Changelog: v34.9.2...v34.9.3

What's Changed

• Fix a bug in scan_rootfs_for_system_packages #1462 by @tdruez in #1464

Full Changelog: v34.9.1...v34.9.2

What's Changed

• Refactor the group decorator for pipeline steps as optional_step … by @tdruez in #1442
• Bump aboutcode.pipeline version to 0.2.0 for release by @tdruez in #1451
• Enable filtering on Project API actions #1449 by @tdruez in #1450
• Fix the ability to provide multiple optional step in API #1454 by @tdruez in #1455
• Make the header row of tables sticky to the top of the screen #1457 by @tdruez in #1458
• Bump commoncode to v32.1.0 by @AyanSinhaMahapatra in #1460

Full Changelog: v34.9.0...v34.9.1

What's Changed

• Add pipeline selected groups in create project API endpoint #1426 by @tdruez in #1427
• Bump go-inspector to v0.4.0 by @AyanSinhaMahapatra in #1425
• Add a list-pipelines management command #1397 by @tdruez in #1428
• Refactor the policies related code to its own module #386 by @tdruez in #1430
• Project policies #386 by @tdruez in #1440
• Upgrade RQ to v2.0.0 and django-rq to 3.0.0 by @tdruez in #1441
• Add pipeline to publish scan to federatedcode by @keshav-space in #1400
• Do not fail on invalid extracted requirements by @AyanSinhaMahapatra in #1429
• Spelling and Grammatical Errors in ScanCode.io Official Documentation #1443 by @alok1304 in #1448

New Contributors

• @alok1304 made their first contribution in #1448

Full Changelog: v34.8.3...v34.9.0

Changelog

• Include the aboutcode module in the wheel and source distribution. #1423
• Update ScanCode-toolkit to v32.3.0 #1418

What's Changed

• Update sctk version to v32.3.0 by @AyanSinhaMahapatra in #1418
• Include the aboutcode module in the wheel and source distribution… by @tdruez in #1424

Full Changelog: v34.8.2...v34.8.3

Changelog

• Add android_analysis to extra_requires. This installs the package
  android_inspector, which provides a pipeline for Android APK
  deploy-to-development analysis.
• Remove the sleep time in the context of testing matchcode.poll_run_url_status
  to speed up the test. #1411
• Add ability to specify the CycloneDX output spec version using the output
  management command and providing the cyclonedx:VERSION syntax as format value. aboutcode-org/scancode-action#8
• Add new compliance REST API action that list all compliance alert for a given
  project. The severity level can be provided using the
  ?fail_level={ERROR,WARNING,MISSING} parameter. #1346
• Add new Compliance alerts panel in the project detail view. #1346

What's Changed

• Updated the typo mistakes of documentation of ScanCode.io (#1386) by @VarshaUN in #1387
• Add android_inspector in new extra_requires #1373 by @JonoYang in #1391
• Update docs for netrc usage in Docker context #1384 by @JonoYang in #1385
• Upgrade Django to security release 5.1.2 by @tdruez in #1410
• Remove the sleep time in the context of testing poll_run_url_status #… by @tdruez in #1412
• Add ability to specify the CycloneDX output spec version by @tdruez in #1413
• Add new compliance REST API action to list compliance alerts #1346 by @tdruez in #1416
• Base implementation if the project compliance panel view #1346 by @tdruez in #1417

New Contributors

• @VarshaUN made their first contribution in #1387

Full Changelog: v34.8.1...v34.8.2

What's Changed

• Update match to matchcode by @JonoYang in #1365
• Release 34.8.1 by @tdruez in #1380

Full Changelog: v34.8.0...v34.8.1

Changelog

• Add a new enrich_with_purldb add-on pipeline to enrich the discovered packages
  with data available in the PurlDB. #1182
• Add the ability to define a results_url on the Pipeline class.
  When available, that link is displayed in the UI to easily reach the results view
  related to the Pipeline run. #1330
• Expands on the existing WebhookSubscription model by adding a few fields to
  configure the behavior of the Webhooks, and moves some of the fields to a new
  WebhookDelivery model, which captures the results of a WebhookSubscription
  "delivery". #1325
• Add support for creating dependencies using the load_sboms pipeline on CycloneDX
  SBOM inputs. #1145
• Add a new Dependency view that renders the project dependencies as a tree. #1145
• The purldb-scan-worker command has been updated to send project results
  back using the Project webhook subscriptions. This allows us to not have the
  main task loop to monitor a single project run for completion in order to
  return data, and allows us to have multiple scan projects active at once while
  we use purldb-scan-worker. A new option --max-concurrent-projects has
  been added to set the number of purldb packages that can be requested and
  processed at once. #1287
• Add notes field on the DiscoveredPackage model. #1342
• Fix an issue with conflicting groups checkbox id in the Add pipeline modal. #1353
• Move the BasePipeline class to a new aboutcode.pipeline module. #1351
• Update link references of ownership from nexB to aboutcode-org #1350
• Add a new check-compliance management command to check for compliance issues in
  a project. #1182

What's Changed

• Add a new enrich_with_purldb Pipeline #1328 by @tdruez in #1329
• Add the ability to define a results_url on the Pipeline class by @tdruez in #1330
• Add mariner to supported distros by @AyanSinhaMahapatra in #1161
• Add full test coverage for the enrich_with_purldb Pipeline by @tdruez in #1331
• Replace all linter and validation libraries by ruff by @tdruez in #1333
• Put the virtualenv into a .venv directory instead of the project root by @tdruez in #1334
• 1328 enrich with purldb collect endpoint by @tdruez in #1336
• Webhook behavior customization and delivery records by @tdruez in #1338
• Load CycloneDX SBOMs dependencies #1145 by @tdruez in #1344
• 1287 purldb scan worker update by @JonoYang in #1320
• Add notes field on the DiscoveredPackage model #1342 by @tdruez in #1349
• Thirdparty upgrade and .dockerignore updates by @tdruez in #1352
• Fix issue with conflicting groups checkbox id in Add pipeline modal #… by @tdruez in #1354
• Move the BasePipeline class to a new aboutcode.pipeline module #1351 by @tdruez in #1357
• Refactor the BasePipeline, move out all Project related logic #1351 by @tdruez in #1358
• Add pyproject.toml for packaging aboutcode.pipeline module #1351 by @tdruez in #1359
• Upgrade Django to latest 5.1 release by @tdruez in #1361
• 1350 owner migration by @chinyeungli in #1362
• Simplify the Project.add_message method for object_instance by @tdruez in #1363
• Add a new check-compliance management command #1346 by @tdruez in #1364

New Contributors

• @chinyeungli made their first contribution in #1362

Full Changelog: v34.7.1...v34.8.0

Changelog

• Add pipeline step selection for a run execution.
  This allows to run a pipeline in an advanced mode allowing to skip some steps,
  or restart from a step, like the last failed step.
  The steps can be edited from the Run "status" modal using the "Select steps" button.
  This is an advanced feature and should we used with caution. #1303
• Display the resolved_to_package as link in the dependencies tab. #1314
• Add support for multiple instances of a PackageURL in the CycloneDX outputs.
  The package_uid is now included in each BOM Component as a property. #1316
• Add administration interface. Can be enabled with the SCANCODEIO_ENABLE_ADMIN_SITE
  setting.
  Add --admin and --super options to the create-user management command. #1323
• Add results_url and summary_url on the API ProjectSerializer. #1325

What's Changed

• Add pipeline step selection for a run execution #1303 by @tdruez in #1310
• Display the resolved_to_package as link in the dependencies tab by @tdruez in #1314
• Add support for multiple instances of a PURL in the CycloneDX outputs… by @tdruez in #1317
• Refactor the Webhook.get_payload to use Serializers #1325 by @tdruez in #1326
• Display sizes in bytes and humanized #1322 by @tdruez in #1324
• Add administration site for main scanpipe models by @tdruez in #1323

Full Changelog: v34.7.0...v34.7.1