This is the changelog file of the sw360 project. It starts with the first release being provided at eclipse/sw360. For older releases, please refer to the first project location:
https://github.com/sw360/sw360portal/releases
This tag covers many corrections/bug fixes after the 15.0 release.
This release provides features, muliple bug fixes for release 15.0, for example, new REST endpoints, new integration test suite.
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
The following github users have contributed to the source code since the last release (in alphabetical order):
Abdul Kapti <[email protected]>
Alberto Pianon <[email protected]>
Anupam Ghosh <[email protected]>
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Helio Chissini de Castro <[email protected]>
hoangnt2 <[email protected]>
Jaideep Palit <[email protected]>
Kouki Hama <[email protected]>
Pham Van Hieu <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Tran Vu Quan <[email protected]>
tuan99123 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
709a5ec9
feat(UI): ModifiedOn & MOdifiedBy fields for Project/COmponent/Release73fe7e68
feat(export): Enable mailing for exported spreadsheet for componentsbbc37a93
feat(ProjectUI): added filter for linked release/projects tablea9053df2
feat(ProjectUI): AttachmentUsages - Added option to filter for releases without source attachmentsf7aebb1e
feat(rest): Add upload description to trigger fossology process26226fbb
feat(exportExcel): Send an email to user with download link once export completed860e420d
feat(exportExcel): Generate and save excel to file system, Download generated file with token07b54e93
feat(UI): Display Licenses from Scanner findings in ISR attachments9511adb7
feat(obligation): add function Edit/Duplicate/Changelog for Obligation830f463a
feat(ui) : Strengthen sw360 admin privileges about Read and Write7dd31343
feat(compose): Common network adn Fossology decoupling5974152f
feat(ProjectUI): Disabled CR based on project Group0f2e4c14
feat(rest): Get Project Vulnerability by external id and release id3dfe2bbc
feat(projectUi): Update some fields in a Project in closed state440a6fda
feat(docker): Overhaul SW360 docker0dc962d0
feat(script): Addition to update project field starting with some valuee5516c21
feature(docker): Run sw360 as non-priv usercec73056
feature(docker): Use volumes with tomcat33481c32
feature(docker): Add fossology on the mix4036a822
feat(project): Added vendor for project
5f5bca8a
fix(ISR):Fixed source file not found in ISR & Total files count mismatchb4f0b870
Fix (Release): Fixed vulnerability can't be deleted when it is linked with a deleted releasef8052466
fix(UI): fix Some long sentence can't show property in License Obligation8ead75c3
fix(ui): Display url, email, text of Additional Data for Component and Releasebafd477f
fix(CR-UI): fixed the count mismatch in Open Components column of CR tablee776a969
fix(excel-export): fixed project filter issue while exporting excelbcc2d89c
fix(Obligation): Save Admin Level Obligation based on Obligation topic1bec6af2
fix bug Invalid GitHub action #15199bc9b9bb
Fix(License): Fix bug one license cound add only 10 obligations4b7197b4
Fix(REST): fix visibility of Project Rest APIaef08989
fix(docker): Add better proxy documentation to docker-compose534ee6f7
fix(ui): Fixed Obligation count in project viewcac1b13e
fix(thrift): Updated thrift configuration to adopt configurable max message size and max framesize2fab647b
typo in the docker run command8d1ddfc3
fix(compoent-visibility): Moderation request for clearing admind92ecace
fix(ui) : modify translation for search functionce57d9b5
Update information about port redirection3792db20
fix(ModerationRequestUI): Fixed project Moderation Request UI is not loadingea798093
Update README_DOCKER with typos fixing1c0dd050
fix(Dockerfile): Make Dockerfile more consistenta8c2334e
fix(merge): Optimized code to check for write permission of release and components before starting to merge9bbb49ba
fix(modReq): Fixed moderation request for release with version overwrited1fd4307
fix(ReleaseClearingState): ClearingState not changing to New from Scan Availablecbec94a4
fix(api): Correct the ECC status when release is created by APIf0f9ff62
fix(docker): Added missing license6fb1f415
fix(docker): Add Document Library as volume to enable keep custom settingsfde1f460
fix(docker): Add proper missing clucene configb719f989
fix(docker): Add better proxy handling11e24172
fix(docker): Get liferay from github releases6bddc2bf
fix(docker): Reduce first bootstrapping5df8eb4a
fix(docker): Update README_DOCKER.md0e917987
fix(docker): Update documentation with CSS issuee1a21e07
fix(docker): Update documentation with CSS issuecfe7e413
fix(docker): Improve documentation and persist porta-ext.propertiese335c374
fix(docker): README update and cert ignore for curlab23d0cc
fix(docker): Thrift builds now under tmpfsff9409fd
fix(docker): Improve build speed and build layers size5467abf9
Update docker base using Eclipse Temurin681eb0c4
fix(ui): Restrict visibility of each component/release like Project0b06f3ee
fix(ui): Fixed pagination of component list with search paramsf14298a4
Fix search function with key is empty
3efa3a56
(chores): updated README.md and download_dependencies.sh files7541ec8d
chore(deps): bump spring-security-core in /frontend/sw360-portleta17efda8
chore(deps): bump gson from 2.8.6 to 2.8.918763b51
chore(deps): bump jackson-databind from 2.11.3 to 2.12.6.12502b58d
(chores): fix security vulnerabilitiesa7a75336
chore(rel): Changing back to 15.1.0-SNAPSHOT
This tag covers many corrections/bug fixes after the 14.0 release.
This release provides features, muliple bug fixes for release 14.0, for example, new REST endpoints, new integration test suite.
The following github users have contributed to the source code since the last release (in alphabetical order):
Anupam Ghosh <[email protected]>
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Gaurav Mishra <[email protected]>
He, Albert <[email protected]>
Jaideep Palit <[email protected]>
ravi110336 <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
9807d381
feat(ui): Added new Clearing State and Attachment Type77f06a6e
feat(ci): Remove dependency of commonsIO from clientbe212373
feat(ci): Fixed Attachment test casesbf43f889
feat(ci): Fixed Release test cases790c935f
feat(ci): Fixed component test cases32ae085f
feat(ci): Run Client Integration Test for rest api on DB77f49ec2
feat(ui): Added new column for ECCN in ECC status tab of project details view8ed3c68d
feat(AttachmentTypeUI):Add a new attachment type Security Assessment.2e593adf
feat(client): Added Java Client Apis for vulnerability endpoints.
2b562699
fix(ci): Fixed vulnerability IT testcases854c6453
fix(release): Fixed mainline state is empty when creating a release by ui or restbe26f6ca
fix(ci): Fixed Project Client Testcasese06eb192
fix(ci): Fixed License Testcases2261b62f
fix(script): Fixed deployment status check after spring boot updat02ecfe6f
Fix default config not working issue30e404bd
Fix component list sorting errorf6337094
fix(rest): Optimize rest api for get project by tag, type, group
376d5b94
chore(deps): bump log4j-core from 2.17.0 to 2.17.14fc46d41
chore(deps): bump log4j-core from 2.16.0 to 2.17.0c386b4c6
log4j version upgrade to 2.16.0(log4j-vulnerability)b8ebd682
chore(rel): Changing back to 14.1.0-SNAPSHOT0368ae99
chore(readme): Update release badge to latest
This tag covers many corrections/bug fixes after the 13.4 release.
This release provides features, muliple bug fixes for release 13.4, for example, new REST endpoints, new functions in the UI and changelog enable/disable from sw360.properties.
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
The following github users have contributed to the source code since the last release (in alphabetical order):
Abdul Kapti <[email protected]>
Anupam Ghosh <[email protected]>
Jaideep Palit <[email protected]>
Kouki Hama <[email protected]>
Michael C. Jaeger <[email protected]>
ravi110336 <[email protected]>
Shi Qiu <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Tran Vu Quan <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
e1923ac3
feat(UI): import OSADL obligation information and update screen of Adding new obligation2b6b9a9d
feat(UI): CLI file clean up assistant3702de56
feat(rest): Added rest api to create duplicate of project8ff2748f
feat(RestAPI):Update the attachment status with the approver/rejecter Name and Group.e3d8122a
feat(ProjectUI): Add new values to Obligation status3bab5e99
feat(ui): Display,update vulnerability for linked projects in project details view8d1f96ff
feat(log): Added output processing of the change loga873ad83
feat(ReleaseUI): License to SourceFile Mapping533ace69
feat(rest): Add Rest API for linking release to release
ea72ce63
fix(ui): Fixed redirect page from Release Edit page to Release Details pagece9d9550
fix(changelog):Fixed the file permission issue for sw360 changelog.9ef38314
fix(rest): Change base url of health api from /actuator to /843f1f8d
fix(rest): Get component by name case insensitive96a59335
fix(rest): Create duplicate project clearing state should always be open and not copiedfc1f1e39
fix(sw360ChangeLog):Configure the sw360ChangeLog path.d27527d3
fix(docker): Fixed cannot upload attachment more than 1 MB by Rest Api46e6eb18
fix(views): Optimize views for components2e8a9cc8
fix(views): Optimize views for releases21682a3a
fix(views): Optimize views to load large projects65719867
fix(rest): Fixed hateoas link not showing correct protocol0ed91d75
fix(ui): Links in ReadmeOss as HTMl are not rendered properlyedeb13d2
fix(ui): fix the bug that attachments usages in project cannot show other line5bff785f
fix(rest): Update project vulnerabilities0202f9df
fix(rest): Fixed projects loading issue in REST62d8887b
fix(UI):Component details not shown for the Security Admin Role.1db9afda
fix(rest): Added new parameter luceneSearch to Get Project List Api, to get project list based on lucene search3305fc6b
fix(Japanese) : Update and modify Japanese translations2f85cf70
fix(projects): Fixed thrift timeout by optimizing projects loadingaa8574eb
fix(upgradeVersion): Updated resource server properties for Spring 2.Xa0f1861b
fix(upgrade version): fixed the test cases failure issue when generating the rest docs.033d912a
fix(upgradeVersion): Fixed Test case for authorization server with spring boot version upgrade * Refactored code and removed commented lines71bf74bc
fix(upgradeVersion):Upgrade version.2e98d07d
fix(RestAPI):500 Internal server error from releases API.eb6192bc
fix(ui): Cleanup moderation request on deleting project/release/component57e08173
fix(ui): Changes in External urls in Project are not registered in Moderation Request. Closed Moderation Request doesnot show Proposed changes8b5ffecc
fix(Rest):make SW360 REST API Get Releases by Name Case-Insensitive.97a72951
fix(DBTestsFail): Migrating databasetest.properties to couchdb-test.properties.6c3c51ec
fix(log): Fix indentation issue in source code.4ab50904
fix(MyProjectErrorMessage):update the error message in UI for the project which is not accessible.d2f22b80
fix(ui): Fixed js error while merge component/release with null additional data9c4d2f0d
fix(rest): Added exception processing for authorizationaf443442
fix(script): add password and user in couchdb-lucene.ini318d0923
fix(docker):Update couchdb3.1 ubuntu20.04 liferay7.3.4 postgresql125ec1df6a
fix(ci) added new files to license check script26dc7333
fix(ui): Fixed create/update users with uppercase email or externaliddb1c1a97
fix(ui): User should be able to edit group of project
This tag covers many corrections and bug fixes after the 13.3 release. Th eproductive use of 13.3 has revealed a number of issues resulting from the big persistence layer switch.
This release provides also features, however, some smaller news are there, for example, new REST endpoints or new functions in the UI.
For this version, no database migration is necessary.
The following github users have contributed to the source code since the last release (in alphabetical order):
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
3089008c
feat(rest): Support map of release id to usage as request body in addition to previous array of release id fordf2f6dad
feat(VirusScanSchedulerService): Scheduler Service for deletion of attachment from local FS276650a9
feat(ObligationHelpTextforProject): Provide the different obligation help text from the Projects Screenec37c480
feat(moderations): Pagination in requests tab for moderations0d739556
feat(obligationlevelhelptext):Provide info text for different obligation Level83282112
feat(ProjectUI): feature to add License Info to linked releases from License Clearing tabafdac6f5
feat(ProjectVersion): Added the project version in the search Project filter4b1a1b3f
feat(ProjectUI): Fixed copy of projects removes linked subprojectsd44b63ba
feat(ProjectGroupFilter):Filter the projects in Advanced Search based on Projects Group4140a8ad
feat(rest): Added new endpoints to update attachment info of Project, Component, Release96443359
feat(rest): Added rest endpoint to update project-release-relationship information of linked releases in a project756190b4
feat(ProjectUI): feature to display the source files linked with the licenses
ef27ad5d
fix(rest): Auto-set release clearing statedebfe70d
Fix: Rest interface can not handle licenses which do not exist in the database #5342d56d0b4
fix: Wrong error handling when deleting multiple components #851 [email protected]9a31049d
fix(script): Build failure of sw360dev.Dockerfile and compileWithDocker.sh9f32b882
fix(readmeossdownload): Null pointer while downloading readme_ossf0aa5cbf
fix(ui/rest): Issue fetching releases by external ids and null value in external id breaks the release viewbaaa9f42
fix(search): search releases while linking to project00083ea8
fix(backend): Issues with boolean and timestamp field deserialization and get attachment info REST
This tag is applied to have the migration from cloudant to ektorp in one single step. Ektorp is a Java library which provides an object oriented interface to the (REST-based) access to couchdb. It has been used in sw360 from day 1. Now we concluded to replace ektorp: it does not support paging; having our server growing larger and lager and serving more and more users, receiving results sets from a couchdb view without paging is a pain. And it did not look like it will be supported, because the ektorp project looks calm now (last commit to master in 2017). Among the available options for replacing ektorp, we choose the java-client from the open source project cloudant (version 2.19.1, see https://github.com/cloudant/java-cloudant). It supports paging and offers potentially other interesting features (caching, compatibility with MongoDB, etc.).
For this version, no database migration is necessary.
The following github users have contributed to the source code since the last release (in alphabetical order):
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
0e22d55e
feat(components-pagination): paginated view response for componentsfd95a2cf
feat(cloudant): Migrating from ektorp to cloudant java client
The reason for this tag is to have the last release before the ektorp framework to the new cloudant framework for access to the couchdb. This upcoming change will touch a large number of places in the code and thus a last release before this larger change will be merged.
As per notable feature there is the new UI in the admin area to issue the OAuth client credentials for the OAuth legacy workflow for the REST API. Another feature is the storing of all attachments (at upload) also to a configurable location in the file system. This helps anti virus software to scan these instead of requesting them from the couchdb. Note that files are stored at the configured path with user_mail/document_id
folder structure to quickly track down origin of viruses and malware.
This milestone tag also chovers changes to the build infrastructure on the eclipse servers to prepare future releases.
For this version, no database migration is necessary.
The following github users have contributed to the source code since the last release (in alphabetical order):
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
d8021733
feat(AttachmentVirusScan): Store attachment to File System asynchronously, handle saving of large multi-part attachments. Fix test cases5c77743f
feat(AttachmentVirusScan):Store the attachment to local file system for virus scan.d97146a3
feat(REST): Added new Rest API endpoint for reading clearing request50f576a2
feat(OAuthClient): Create, update, delete OAuthClient from UId4017345
feat(PredefinedTags):Predefined tags per group in the Projects Tag field.0c7fc59a
feat(UI): added button for copying document id to clipboard
d19d08d0
fix(rest): Added support for pagination and retrival using multi valueprojectRelevance
param3419b4a6
fix(search): Removing support for_fti
hook based lucene search for couchdb 1.xf783240a
fix(rest): Fix status code when moderation request is created as a part of an API call4f2c2121
fix(moderaion):add CommonUtils.addAll(moderators, dbcomponent.getModerators());8b867c19
fix(build): Fix issue with overwriting of patchlevel variable in pom.xmlb9a38744
fix(test): Use test databases in maven test phasec68b4d4a
fix(OrtIntegration): Fix client to perform case insensitive search of component.784fbafc
fix(script): Utility script to recompute clearing state of releasece69b3bd
bug(eclipse): Quickfix for maven flatten pom problem
958a8a77
chore(tag) changing back pom.xml shapshot version tag
This time: client libraries. This release among other things brings the client libraries taken over from the sw360antenna project and moved them into the sw360 code base. The client libraries enable Java applications to communicate with a sw360 server via REST calls. Other notable contributions include:
- Support for CouchDB 3.x
- Massive speedup of SPDX import by switching to streaming based parsing for license information for large files
- Single container setup (see
Dockerfile
in project root) for super easy deployment of sw360 - More UI improvement on sorting and filtering in list views
- Supporting multiple templates for the project clearing reports
- REST: Manage used attachments for license info generation and better querying of vulnerabilities
For this version, no database migration is necessary.
The following github users have contributed to the source code since the last release (in alphabetical order):
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
0b7818de
feat(MyProjectsUI):Add additional filter to MY PROJECTS homepage based on clearing state9e98dd3f
feat(ChangeLog): Highlight changes between old and new revision of Documenteef05a1b
feat(ProjectUI): Sort & Filter for ClearingStatus TreeView tableb6cd9df7
feat(Issue Template):Update issue templates for bug and featurefb15708c
feat(ui):Rename and Re-arrange the Tabs under Projects section98aa0859
feat(ProjectUI): Release Filter based on attachment availability29308987
feat(clearingreport): Feature to select template for Project Clearing reportfc024b45
feat(ReleaseUi): Add other / detected license in release04139347
feat(ui-rest): Provide option in attachment usage to include/exclude concluded licenses during LicenseInfo Generation1f995bfa
feat(rest): Filter for get project vulnerabilities endpoint1d771d30
feat(rest): Added endpoint to get changel og by document id68ce3cf8
feat(ui): Display Id in summary page of project, component and release5f2a4089
feat(http-support): add http support library for sw360502d9087
feat(sw360Docker): Single container Docker for SW360948924f0
client(test): add failsafe plugin
7091c4b6
fix(spdxtools):Use toArray(new Node[0]) for shorter code and better performance8b4ebc00
fix(version): Increase minor version to ensure proper version sequence31909cce
fix(pom): Fix indentation of profileeefcf17f
fix(excelexport): Projects with linked releases excel export error2ed2ad80
fix(LicenseInfo): Optimized loading of license info, source code download, Clearing report page034f291c
fix(mergeComponentRelease): Attachments not linked properly from source component/Releasec3830559
fix(spdx): import large spdx rdf filesb08d2f44
fix(datahandler): Modified ektorp queryView call to support CouchDB 3d9756e6a
fix(Rest): Create/Update Release with name same as component name
306c2080
chore(eclipse): Change Jenkinsfile to run release or commit count builds948c7bac
chore(eclipse): Build on eclipse ci for deployment of java artifactsba666266
refactor(client): missing license headers867372bd
refactor(http): Change http mockito to same versionba72cb7d
test(client): fix mockito dependencycfa8d512
refactor(pom): move version of purl to parent pom31a239eb
doc(client): add documentation of the sw360 data modelcd3ac486
doc(http-support): Add site to http support4670fffe
refactor(client): Remove all antenna mentionsb89e04ce
refactor(client): remove antenna http support and switch to sw360834c1c79
refactor(client): Refactor package name7a6f295c
refactor(client): Add dependencies to poms
We tagged this release, because there are persons testing the current master and not seeing the migration script on the database required. The migration on the database came in because of changes on the obligations. After the major work on the obligations data model in the previous release, more work on the UI made a migration script necessary (number 042
). Please note that per our versioning convention, the database migration script makes the tag 13.0
not 12.1
.
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations
to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN
variable and the couchdb URL (if that is not on localhost or requires password or both).
The following github users have contributed to the source code since the last release (in reverse order of commit appearance):
1246c023
feat(SplitComponent): Add tooltip for releases of component with SourceCodeDownloadUrl and BinaryDownloadUrl during split feature2eafe3d5
feat(rest): Accept 'downloadurl' in request body as 'sourceCodeDownloadurl' as an alternative to original value 'sourceCodeDownloadurl' for Create and update Release APIsccf05247
feat(ChangeLogs): Fixed issue related to null to empty string or collection conversion20be42db
fix(rest): Fixed update Project API issue - unexpected changes in some fields like moderators, contributors, etccf4bdcfa
feat(UtilityScript): Script for couchdb 2.x to update a field(String) in project document to a new valueea009aed
feat(Obligation): Add License Obligation from License Database based on licenses found in accepted attachments in Release and its LicenseInfo attachmentUsage in Projecta6cf31a3
feat(projectEdit): Project creators and moderators can edit few fields in a closed project2496f037
feat(ClearingReport): Added hyperlink to release document in project clearing report, Changed Font Style (Arial) and Font Size (9) for table contentbd07d53e
feat(CR-UI): Added Advaced filter for CR & fix # of components count
c18b42b9
fix(clearingreport): Error while downloading clearing report3ff60a09
fix(ExportSpreadSheet): Fixed ClassNotFoundException while export Spreadsheet431e1673
fix(ClearingReport): Fixed null pointer issue for replace text in Clearing report3ff60a09
fix(ExportSpreadSheet): Fixed ClassNotFoundException while export Spreadsheet431e1673
fix(ClearingReport): Fixed null pointer issue for replace text in Clearing report
71348b4f
chore(deps): Upgrade dependencies (LibreOffice et al)
This release something special because it brings a lot, really a lot of changes in the database model, more specifically it is a refactoring of the licenses and obligation objects. Following corrections:
- Risks are dropped and migrated to obligations
- Term "todo" is eliminated and we aim at consistently use "obligation"
Then there are two new dimensions of obligations, first obligation level
- Organisation obligations: obligations that apply for all projects of the sw360 instance.
- Project obligations: obligations that apply for a specific project, for example, obligations need to be applied to software which is delivered on a device without display.
- Component obligations: obligations that apply to a release to be more precise, for example IP issues coming when using a particular release.
- License obligations: obligations which come from using software under a license.
Second, the obligations have types:
- Permissions
- Restrictions
- Obligations (finally)
- Risks (for example patent litigation clauses)
- Exceptions (for example classpath exception with GPL)
So that involves a lot of changes to the data model, and resulting a lot of migrations. We apologize in advance for the 18 migrations scripts to execute. But it will be easier to have individual migration scripts for particular changes instead of having a large one. Please refer to scripts/migrations/README.md for further details. Please note that in general, all scripts have a DRYRUN
variable which is set to True
by default and needs to be set to False
to apply actually changes to the database.
Besides, this release has also some other changes, including:
- changing download URL into two attributes: binary download URL and source code download URL
- New REST Endpoint: Search!
- if you ant to write clients using REST: Pagination for some of the major listings!
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations
to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN
variable and the couchdb URL (if that is not on localhost or requires password or both).
The following github users have contributed to the source code since the last release (in order of appearance):
<[email protected]>
github dependabot ;-)
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
596ed7bb
feat(ProjectListUI): Added clearing state filter in Project List693dc596
feat(rest): New search resource endpoint and get releases for multiple projectsa2577cf0
feat(rest/ui): Project vulnerability enpoint update & added new projectrating in UIc1b1e33b
feat(ui-rest): Changes in Release information, change title "Download URL" to "Source Code Download URL", add new data filed "Binary Download URL", added new field in excel sheet99b3f816
feat(ProjectTodo): Remove ProjectTodo and UI changes for Obligation and ProjectTodo7b9b73a7
feat(projecttodo): Migration Scriptscb890218
feat(ProjectTodo): Renamed type to obligationType ,Changed required licenseIds to optional, Added optional ObligationLevel obligationLevel in ObligationStatusInfo04020bef
feat(CR-UI): Enhancement & Bug fixes1d6d2b32
feat(licensemodel): Drop Risk and Risk category and merge it with Obligation3ac3ba23
feat(ProjectObligation): Changes in Project Obligation Data Model, renamed linkedObligations to linkedObligationStatus in ProjectObligation struct, renamed struct ProjectObligation to struct ObligationListc009f2c8
feat(obligation): Rename product obligation to project obligationfcfec496
feat(LicenseDataModel): Merge LiceneObligation with Obligationc5e4e1e6
feat(ui): Allow access to merge/split of component and release based on user role configured in properties (6 weeks ago) [email protected]af625d7b
feat(ProjectUI): Added 2 new fields in Project Obligation5b837649
feat(Project-UI): Added new field in Advanced Search for Projetsff4a9af4
feat(LicenseInfoObligation): Rename Obligation in LicenseInfo.thrift to ObligationAtProject, added null check in change log for merge release6c13cc93
feat(ObligationDataModel): Changes in Obligation data model, Renamed struct Obligations to struct Obligation in License.thrift, Renamed existing obligationType to obligationLevel, Created new obligationType field which has Permission,Risk,Exception,Restriction as options, Fixed adding obligation in licenses tab067b731f
feat(rest): Adding pagination while listing projects and listing project releases
a2dd35de
fix(lucene): fix parameter allow leading wildcard to true9ac6e93e
fix(ModerationRequest): Fixed Moderation Request not opening when associated attachment deleted51ab6e0b
fix(ProjectListUI): Fixed sorting of project clearing state in Project List page0d525531
fix(Report): Fixed Clearing report to show project, component, organisation obligation92d00ab1
fix(Obligation): Expand/Collapse all columns including comment using single leftmost toggle button for a row, Remove truncate for Obligation Text, Added expand collapse column feature for comments5a1422e6
fix(obligations):cover null pointer case if file with obligations is missing51860a0f
fix(moderation): Project moderation fix2f9a6879
fix(UserSearch): Fixed search user functionality
d04911b8
chore(deps-dev): Bump junit in /backend/src/src-attachments4a3e8904
chore(deps-dev): Bump junit in /backend/src/src-licenseinfo4f3c3ea8
chore(deps): Bump junit from 4.12 to 4.13.1ca348628
typo(rest): fix patchComponent in releasecontroller is patchRelease
The changes for this release incorporate a larger jump from the previous release, because it changes the sw360 infrastructure to the following versions:
- From Couchdb 1.X to Couchdb 2.X and Couchdb Lucene 2.1
- From Java 8 to Java 11 - tested with the OpenJDK
- From Liferay Community Edition 7.2.1 to 7.3.3
- From thrift 0.11 to 0.13
Accordingly, also the vagrant project has changed: the current latest master of sw360/sw360vagrant builds with Java-11-based versions of sw360 (onwards from commit 0269392
at https://github.com/sw360/sw360vagrant).
Apart from the changes to the infrastructure, a number of nice new features are introduced, including:
- A Japanese language file for SW360
- Multiple values for external ids for the same keys
- A completely new health check service for better monitoring of an sw360 installation
- Improvements on project handling
For corrections and further changes on the infrastructure, please refer to the listed commits below.
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations
to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package.
The following users have contributed to the source code since the last release (in order of appearance):
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
And many thanks to all the other contributions in presentation, issues, discussions!
60f82182
feat(ProjectReleaseRelation): Added new Field comment, createdOn, createdBy in ProjectReleaseRelationc4342f38
feat(ui): Added link to project button from project detail view137b46a7
feat(language): add Japanese properties4d4184d3
feat(ProjectUI):Added Expand/Collapse All and Search in AttachmentUsageTable1b4f2362
feat(project-report): Layout and content update in project report1ee05b59
feat(ComponentUI): Added new filters in Advance search30ce4db1
feat(ExternalIds): Change file permission2442e1f2
feat(ExternalIds): Change file permission and fix typo of special character753d3889
feat(ExternalIds): Add comments to Component, Release and Project rest APIs0049dd3b
feat(ExternalIds): Add byExternalIds views migration scripts, and upgrade to new version 11.0.0-SNAPSHOTbb2f2950
feat(ExternalIds): 1. Handle EscapeXml for external id value, 2. Fix "Upon update of existing project or Component or Release without any change in External IDs"6ec67338
feat(REST): Whitelisting field in REST API response5ee02f75
feat(EditProjectUI): Release table in edit project page should be sorted and omit vendor namec0bf7132
feat(CRView): Clearing Request Comments enhancements
73894c08
fix(resource-server): Resolve logback conflict40f4a3aa
fix(ui): Prevent resubmission of form for Project, Component, Vendor, Moderation inorder to prevent loss of data.6b484677
fix(ui): Fixed download license disclosure error upon selection of corrupted attachmentb8446dc1
fix(license): Fixed the NullPointerException and addressed code duplicationa92d2677
fix(byExternalIdView): Fixed the byExternalIds view not working if the value is numberf62a685f
fix(Language_ja): change datatables.lang's URLd65be244
fix(ImportSPDXBOM): Set Default value[Default_Category] to categories field of Component if found null or emptyfda56f18
Fix: 'Download license archive' button in Admin>'import & Export' page is not working #90656eb7074
Fix: import spdx information #927 #915 and change quotes538b1aa7
fix(license): Fixed the license loading issue
c0685187
chore(script): Added support to uninstall the current thrift version14b1a4af
chore(deps): Bump jackson-databind in /backend/src/src-fossology4f7234cc
chore(java): Support for Liferay 7.3.3 GA4d4c6983c
chore(java): Fixed Deployment issues5d484ee1
chore(java): Updated Spring versiond247a0ff
chore(java): updating test deps for java 113a5958b6
chore(java): migrating to openjdk java version 11c5f82e0e
chore(logging): Added a library containing the log4j2 classesaa6d5ae0
chore(logging): Fixed test failures caused by NoClassDefFound errorsfe659050
chore(logging): Updated OSGi package imports68b91bcc
chore(logging): More tweaks of logging dependenciese4060da6
chore(logging): Switched logging configuration to log4j2 formatebc8f852
chore(logging): Upgraded from log4j 1 to log4j 27866a852
chore(logging): Removed unused dependency to logback465fc5fa
chore(couchdb): Support CouchDb Lucene 2.1.0 with CouchDb 2.1.2 and backward compatibilitybbabafd7
chore(Portlet): Rename Moderation portlet to Requestsf512b867
chore(changelog): fixing formattinga6d07505
chore(release): changing pom file for 10.0.0-SNAPSHOT
Again, another data model change, new major version. Please see the script 018_remove_unwanted_field_from_clearing_request.py
in the directory scripts/migrations
to change the data model accordingly. The script is necessary for existing clearing request records; not executing the script will lead to malfunction of the sw360 application.
The update improves also runtime stability, because the escaping when displaying quotes has been improved: previously, special characters such as quotes have compromised the rendering of the page. Now, the content is rendered in a correct way.
Further improvements include:
- The ability to split releases from a component and assign this release to another component. This is the opposite case of merging components. On one hand it can undo mistaken component merges. On the other hand, user input, creating a release at the wrong component, can be corrected now.
- a new REST endpoint to request all details from a larger list in one REST call.
- a new REST endpoint to delete attachments from the REST API
More features include the ability to search for IDs when linking releases to projects or enhancements to the clearing request structures.
ef6170e1
feat(attachments): Evaluate check status before deletion.ea6d31ad
feat(CRUI): Modifications in Clearing Request table in moderation tab.90dbdb52
feat(attachments): Updated REST documentation.220f991f
feat(attachments): ComponentController can now delete attachments.5f504aef
feat(attachments): ReleaseController now supports deleting attachments.2930cea5
feat(attachments): Added function to prepare deleting attachments.8adb9147
feat(attachments): Implemented ThriftAttachmentServiceProvider.daa3b3fb
feat(attachments): Introduced ThriftServiceProvider interface.5783cc3b
feat(rest): Whitelisting project 'state' and 'phaseOutSince' field.fc0c7e43
feat(ui/search): Search using rel. id and added link to the release in the search result.2ec0e6d9
feat(REST): Added new allDetails Parameter to List Projects and List Releases API to fetch records with all details.c0bf7132
feat(CRView): Clearing Request Comments enhancements.8528ecfe
feat(SplitComponentUI): Move Component data like releases and attachments from Source Component to Target Component.
9c01170b
fix(escapeXML): Added missing escapeXML, to prevent js script execution and rendering break due to single or double quotes, Added missing escapeXml to merge-split Component, merge releases, license details view, list-details-edit view of project, component and release.887533ba
fix(ProjectModeration): Fixed isWriteActionAllowedOnProject check for project update, Fixed incorrect value for Visibility in Edit Project view which has existing moderation request.
This release brings new features which also change the data model. Therefore, a major version step is justified. Major new features are:
- Support for custom field layout using the referring Liferay mechanism, fully transparent with the REST API using additional data fields
- Changelog for changed data for projects, components and releases
- Reordered sections in detail view
- A completely new view Clearing Status offering tree and list view
Besides bug fixes and features correct bugs so far. In order to fix a bug with the REST API, note that a migration script should be executed. It corrects a missing value for the status of the release which is also now automatically set when creating releases using the REST API (and not only in the Web user interface).
a2e65103
feat(PreferenceUI): Enabled Email notification for CR49311164
feat(ProjectUI): Custom Field for Additional data in Project1d3423cb
feat(ReadmeOss): Filter linked project from ReadmeOss based on selection03000401
feat(ProjectUI): Unified view of Linked Project and Releases, Clearing status, Linked Release Hierarchy. View includes tree view and list view89714248
feat: Support custom fields in additionalData group in Component and Release page04b57fd1
feat(ChangeLogs): Revision history of Document
fb09ccee
fix(MigrationScript): Update releases with empty clearingState to default value - NEW_CLEARING7bbd4235
fix(ClearingStatus): Tree View Release name getting truncated, Sort for Project mainline state and Clearing State in List View fixed , added search filter4c7b0e72
fix(ClearingStatusView): Fixed uneven button height, console error related to createVulnerabilityTable, takes lot of time to load Clearing status list view for large dataset.d1c3731f
fix(ChangelogBasicInfoUI): Applied generic style and reordered the metadatas for Basic Info.78bff1ba
fix(UI): Clearing Request and Obligations fixes79f5c9d4
fix(mergeComponent): Prevent multiple releases with same name and version for a component, which may occur during merge componenta4b44107
fix: Resolve conflictcd4cba10
fix(Changelog): Fixed missing fields like componentType in Changelog history3ee65c9b
fix(REST): Added default value(NEW_CLEARING) for Clearing status while create and update Release67875856
fix(spreadsheet-export): Project spreadsheet export returns blank spreadsheetb91b9e2d
fix(ui): Release overview from component detailscd29922a
fix(UI): Clearing Request bug fix and improvements
79850290
chore(deps): Bump spring-security-core in /frontend/sw360-portlete1aabab1
chore(deps-dev): Bump dom4j in /backend/src/src-licenseinfo
Although there are only few commits listed below for this release, the change from 8.1 to 8.2 is huge: sw360 supports now an UI which can be extended with different languages.
With the initial pull request, the English and Vietnamese languages is supported. More languages can be supported. For this, a translation file must be added. Please see README_LANG.md
in the root level of the project directory for more details.
Many thanks to the colleagues at Toshiba for providing this big feature to the community.
8bd91be
feat: SW360 support multi-language update after review994ad5c
feat: SW360 support multi-language
ae45236
fix(mergeUI): Provided fix for error message on merge component, release, vendor.
A version upgrade is justified, because of a number of new features have been integrated: FOSSology scans can be now triggered over the SW360 REST API. By this feature, an upload, for example from sw360antenna, could also trigger the FOSSology scan right away. It requires FOSSology being integrated with sw360.
Another new endpoint is the query for SHA1 values of a file to check if that attachment is actually already found at some release. With this endpoint, one would not need to search for release names and version before making a new entry, but just search for the source code attachment using its SHA1 value to check if an upload has been performed already.
A third new feature is the ability to agree on a clearing job for the software components of a project or product. A project owner can now send to a clearing expert a request to perform the clearing of software components right from SW360.
bb9f2ba
feat(REST): Trigger FOSSology process and check status99e23dc
feat(ObligationUI): Added new status fields for Obligationd025c4a
feat(rest): Attachement sha1 improvement9a53e7b
feat(ProjectUI): Project Clearing Report
7bd1fd5
fix(UI/REST): Remove Trailing and leading whitespace for all fields in component, release and projecta2a4b16
fix(components): components listing limited to 200 entries both in UI and excel spreadseet0de1db1
fix(vulerability): vulnerability view breaks at backslash in description83e6f28
fix(REST): Updated upload attachment documentation
1fc2e0b
Add pull request tempalte and .github folder (11 days ago) [email protected]
There is some small but very substantial bug in 8.0.0, which prevents the user from creating records in special conditions. Therefore, version 8.0.0 is deprecated and replaced by version 8.0.1.
c20fa46
fix(component/release): Add component and release error in UI
It is not really that we like to ignore minor releases, but release 8 is coming because:
- changes in the DB for external id handling, pls see migration script:
scripts/migrations/016_update_byExternalIds_component_view.py
- changes in the Thrift API, allowing for SPDX BOM import pls see:
libraries/lib-datahandler/src/main/thrift/projects.thrift
And as a larger, very important feature, there is the SPDX BOM import there in a first version, adding two modes:
- Import a project with linked releases from a SPDX BOM file
- Import a list of components and releases from a SPDX BOM file
Moreover a very important feature or fix has been provided for ensuring that malformed REST requests do not lead to failure in the application. Previously, providing wrong typed references (for example: linking releases to a project) was accepted by the application and can lead to malfunction then. The following list lists the detailed changes since 7.0.1:
712ba79
feat(rest): validate the linked document ids in the payload before updating it in the DBf90fcc4
feat(bomImport): implement SPDX BOM import for projects and releases24999ce
feat(AddProjectReleaseRelation): add a project release relation for source code snippets48de678
feat(REST): Patch Releases to Project
d34d454
fix(ReleaseUI): fixed reload report in FOSSology Process336534a
fix(REST): fixed search component by external idbc28c54
fix(EditReleaseUI): Fixed missing functionality of button to delete release to release relatione437a5b
fix(spreadsheet-export): fixed the secuence of values based on headers4c0d5c9
fix(thrift): add should return ID on duplicate1d65e70
fix(html): fix minor bugs and stylingb7a83d6
fix(ui): saving attachment usage issue for source code bundle and others
After tagging 7.0.0, we found two bugs to be corrected to provide a sound SW360. Therefore, here a new tagged version of sw360. Everyone should use 7.0.1-M1 instead of 7.0.0.
Adding rolling version since last tag will prepare automated tagging with incrementing patch level, retaining manual tagging for major and minor version only.
0dcd109
fix(ProjectUI: fixed blank / non-responsive screen on projectda677b5
fix(ui): fix issue #762
a37e24d
chore(readme): adding some more badgesf1a7c63
feat(chore): adding rolling versions based on commit count
The main reason for release version 7 is to have the license upgrade from EPL-1.0 to EPL-2.0. All contributing parties have submitted their consent by e-mail and on most cases also approved the referring pull request (eclipse-sw360#756).
Another change which justifies a major version jump is the required view update in the couchdb. Please see https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md for more information when migrating from an older version. The view update allows users to configure the My Projects
portlet.
9b92795
feat(docs): relicensing from EPL-1.0 to EPL-2.066a4126
feat(Component/ReleaseUI): Added button to remove selected vendor for component and release860aa3e
feat(ProjectMigration): script to migrate a project field to new valuebd99641
feat(REST): Add parameter to GET release by name322c45d
feat(WelcomePageUI): display configurable content for guidelines on welcome pageabac231
feat(fossology-pull-report): Added the button to pull the already generated report from fossology062c899
feat(HomePageUI): Listing of MyProjects is made configurable9849cb0
feat(licenseinfo): Added filter to exclude releases based on selected relationship
2a52475
fix(ProjectUI): Show proper error msg ,when loading of project fails due to access or dependency not found752bd78
fix(ProjectUI): fixed 'Project is temporarily unavailable' issue due to obligation featureb32afd5
fix(ReleaseUI/REST): prevent cyclic link in release0d2647d
fix(licenseinfo): White page while downloading license disclosure
d22aaaf
test: add script to start temporary couchdb with dockerdf54014
chore(cleanup): drop unused and outdated code related to the codescoop integration
This release covers as the biggest change the new integration with the FOSSology REST API. It replaces the previous integration using an ssh login. It requires a migration of the couchdb database. More information about the scripts can be found in scripts/migrations/README.md
.
Apart from changing the integration with FOSSology from ssh to the REST API, the entire data structure has been changed to be tool agnostic: A data structure for external tool requests replaces the info for the FOSSology upload. In future, albeit not supported today by the UI, also other tools could be integrated using the same data structure.
Warning Although the was much care for migrating existing data. It may happen with old datasets where source code attachments have been transferred to FOSSology using the ssh integration, the migration fails. For those datasets, the data must be changed manually. For example, just remove the status values.
Warning Migrations run per default in dry run mode, meaning that no changes are written to the database. After you have reviewed the changes (and checked that the scripts runs), you must change the DRY_RUN
variable accordingly to False
.
Two notable more features are provided by this release:
- Management for project obligations
- Merging release and vendor records added
653a7e3
feat(ProjectUI): added project obligation logic on change of accepted license file648755a
feat(REST): Added parameter to GET project by Group and Tag8eae7d3
feat(rest): get attachmentUsages for a projectb8549de
feat(REST): linked release hierarchy is included in the response1bc03f9
feat(Project-UI) License Obligation tracker at Project Level1f506f2
feat(Rest): New end points for project/component/release usage summary176557a
feat(moderation): Moderation requests to all clearing admin irrespective of their group82977a0
feature(merge): add wizard for merging vendorse476f39
feat(rest): Added support to add role category fields while creating project86afeef
feat(Projects): enabled Project/Release mainline state change only for clearing admins578f53c
feat(fossology-rest): replaced ssh communication to fossology with RESTd19f658
feat(external-tool-request): added general datastructure for external tool requests71535e6
feat(Authorization): Added support to read keystore from central configuration43bd667
feature(release): add release merge wizard
ca88b44
fix(ProjectUI): Added options to generate ReadmeOSS for main project only or main project with subprojects.51bc423
fix(rest): Error getting component/project with unknown creator7814e7e
fix(ProjectUI): Obligation view for changes in linked release attachment255f54e
fix(ui): Added missing tooltip00c3110
fix(businessrules): NPE in clearingStateSummaryComputer6bb0cc2
fix(project): Keep release mainline state as it is while cloning project7b488d5
fix(projectUI): NPE in SW360Utils.getApprovedClxAttachmentForRelease7181861
fix(LicenseInfo): NPE in ProjectPortlet.prepareLicenseInfo and downloadLicenseInfo7df48da
fix(rest): License information generation based on attachment usages from rest.466185e
fix(project): prevent cyclic link in linked projectsdcc4192
fix(projectUI): NPE in ProjectDatabaseHandler.setReleaseRelations6f02ae7
fix(component): incorrect release edit link in component edit page20211c9
fix(component): component merge not workinge1921d7
Fix(Project UI): Removed 'Unknown' from Project Clearing Team dropdown16c3452
fix(REST): added support for createdComment field for uploadAttachements2e0d776
fix(Project/Admin): Set to default text feature is not working correctly for Obligationaa71a06
fix(Componnet): ComponentType field should be mandatoryc7a0737
fix(links): Fixed the incorrect links
This release contains a number of corrections after the Liferay Portal 7.2 CE GA1 based release has been rolled out. Therefore it contains mostly corrections for the UI. In addition to these, also the REST API endpoints were further improved. The report generation has been improved: Now, external Ids can be added to the generated documents.
Because it contains many corrections, every 5.0.0-M1 installation should be updated to this release.
c86c97b
feat(License Disclosure): Change order of listed items in disclosure documents82a45cf
feat(license-disclosure): External Ids incorporated in the license disclosure5b554ae
feature(table-filter): add filter box, fix print
9b02a75
fix(components): Recompute aggrated fields on save17d90ee
fix(DownloadLicenseInfo): Corrected license selection based on attachment selection on attachmentusaged6d8540
fix(EditRelease UI): Removed duplicate field 'Licenses' from edit releaseb9be0e4
fix(licenseDisclosure): Added acknowledgements in TEXT and Docx format of License Disclosureb123c48
fix(LicenseDisclosureDocument): Ordering and formating license disclosure document.97008f3
fix(merge): allow merging of complex fields, style improvementscd4c788
fix(merge): fix update conflict on component mergec6b3838
fix(merge): Some fields were not merged1e6f424
fix(Release-UI): Vertical scrollbar for link release to project popup20fb3d2
fix(ui): Added missing search boxdcd681b
fix(vendor): fix view name used when editing vendorsabc6404
fix(vulnerability): Vulnerability tab loading issuedc0b9d6
fix(fossology): fossology and fossolgy4fe4d4f
fix(Rest-API): Corrected 'createdBy' field value for Project and Componenteb15c85
fix(Rest-API): Small fix around ProjectClearingState during create and update projectfae1c99
fix(Rest-Component): Corrected all components by type rest end pointf7d204e
fix(REST: Project) : Fixed error response for create project from resta2750bf
fix(rest): Fixed get component API having default vendor id as empty
d9ff676
chore(pom): change snapshot version from 6.0.0-SNAPSHOT to 5.1.0-SNAPSHOTe59f8b3
chores(config): Fix friendly URL for license page81600f4
chores(merge): Retain owner as moderatora80b82c
chores(pom): Update to next development version
This release is the first release using the Liferay Portal 7.2 CE GA1 release. The codebase of the portal project has been updated from the previously used Liferay 6.2 version. As this represents a huge change also to related areas (pom files, etc.), the sw360 5.0.0 is bascially a sw360 4.0.1 with the newer Liferay. The following commits have been applied:
35165e6
feat(auth): script to add the unsafe default client directly to DB4fd501c
feat(thrift): add timeout for thrift client
3c4d3ed
chores(all): Upgrade to Liferay 7.2 (Part I)6657e79
chores(configuration): Update Liferay configuration7fbd42e
chores(all): Upgrade to Liferay 7.2 (Part II)52592bf
chores(build): add build plugin7d9e30e
chores(deploy): add new deploy profile1d5bff2
chores(liferay): Feedback from Liferay 7 review36ae2c1
chores(build): Fix deploy profile918d054
chores(configuration): allow external files- `` chores(changelog): initial commit
deb868c
fix(tests): Use configured couch db urlda1f0b8
fix(search): make search logic consistent1d830ee
fix(project): fix compare if no version is set0c2a341
fix(Components): Fix naming component error (name's component contain...c7f03c8
fix(rest): fix broken logic in updateProjectbe90070
fix(rest): auth server is broken due to LifeRay api change
This release fixes a small issue at the project creation. It was added to have a good working sw360 4 release.
c7f03c8
fix(rest): fix broken logic in updateProject
Proudly announcing a new milestone release for SW360. We have many additions since the last release 3.3.0 in November 2018. The main reason why it turned into the 4.0.0, a major version change, was the change on the database model. According to our versioning guidelines, we have major release jumps when the DB changes. Please see below for details about how to deal with the change.
The release has the following new features:
- A first release of the project / product approval report, listing and maintaining obligations resulting from OSS use.
- Support for integration for single-sign-on and identity management server keycloak
- A lot of enhancements (new endpoints) to the REST API
- More management for using attachments (license information, source code)
- Starting to parse and show SPDX information in the Web UI
- Integration of Codescoop`s OSS library OSMAN.
There are many different contributors which lead to new releases a release, for example doing presentations and promoting sw360. If you count the committers who have commited since 3.3.0-M1 and this release, the credits for code go to the following persons:
akapti
alexbrdn
aratib
blaumeiser-at-bosch
bs-jokri
bs-matil
dreh23
greimela-si
hemarkus
henrik
imaykay
kallesoranko
lepokle
maierthomas
maxhbr
mcjaeger
nutanv1contr
smrutis1
sweetca
Larger areas of improvements include the work on the REST API (see individual changes below) and on the reporting for projects, which includes now a project clearing report.
4b12200
feat(attachment-usage): Restrict users to change the attachment usage without any WRITE access68f28f7
feat(attachment-usages): Take over the attachment usages from the original project, while cloning one.29ba68d
feat(client-management): added support to dynamically manage oauth clients4722f04
feat(codescoop): osman integration923d236
feat(default vendor): added possibility to save a default vendor for componentse21d358
feat(duplicates): added support to prevent duplicate projects/components/releasesca45db7
feat(homepage): show accepted releases in MyProjects portlet093bc8a
feat(licenseinfo): Add version string to file namefe58767
feat(licenseinfo): Use property for controlling license info generation111e99d
feat(licenseInfoMigration): added manual migration script for license infos28d252e
feat(licenses): add support for project-only obligationsed7e9f9
feat(project): Reporting Improvements4f2166a
feat(project): Reporting Improvements33397be
feat(Projects): Added new field "domain" to project summary65fa6d5
feat(Projects): displayuploadedBy
&Relation
in Attachment Usages1944686
feat(releaselink): add release to project from release view477019b
feat(report): add common rules tableb46cb4d
feat(report): add common rules table67975c2
feat(report): fill development detail and additional requirements table2acd46d
feat(REST-Doc): Updated the REST API Documentation2cdaa1c
feat(Rest-Project) : Added possibility to update project from rest endpoint.2faffb9
feat(rest): add keycloak support for sw360 rest api834e676
feat(rest): Added CORS module to fix CORS problems with JS clientsa666bc3
feat(rest): Added CORS module: fixes after reviewd9f6164
feat(rest): Added missing fields to REST API json5438233
feat(rest): Allow to search only by externalId-Key (without specific value)b35b265
feat(rest): make screenName auth case insensitivee270a28
feat(rest): REST Authentification with ScreenName390fb16
feat(rest): Search by externalIds endpoints for releases and components381469f
feat(rest): Updated response for GET requests on resource lists if there are no resources available6821256
feat(rest): Whitelist fields in REST API response2c68620
feat(rest): Whitelisting Fields in the REST API Responseeb0c44d
feat(search-dialog): improved multi item search dialog1dc69ad
feat(spdx-import): added functionality to view and use spdx information2b788b7
feat(spreadsheet): Added component categories field on spreadsheet export of Project with linked releases45ba41e
feat(sso-oauth): added possibility to get oauth access tokens when pre authenticated94971ec
feat(subproject licenses): added possibility to take over license selection from subproject8ca3200
feat(tabview): added better navigation support for tabview3bb68c9
feat(thrift): add http proxy for thrift clients26401da
feat(thrift): add newadditionalData
Field for generic data storageee7b374
feat(todoMigration): migration script for todosa903ba4
feat(UI-attachment): Create attachment bundle zip container, even for only one attachment9a59372
feat(UI-Project): Jump to edit release from ProjectDetails19bd0fa
feat(UI:PageTitle): Show selected Project/Component Name in Browser Tab2f7474f
feat(ui): Send to fossology error message.
ba57b76
fix: Security changes in source codeaa9ccf3
fix(attachment): Multiple attachment upload stall issue94fedc4
fix(Attachments-UI):Restrict user from adding attachements with same file name31deb6f
fix(chores): updated documentation including licenses file862915f
fix(component edit): fixed an issue where external id and attachment changes were not savedd10022c
fix(cve-search): disable tests by assume statement and refactor8908b66
fix(license-import): add missing dependency0cf598a
fix(license-todo): Adding TODOs to License8fee825
fix(licenseinfo): Exclude old commons-lang3 dependencies8ac21e0
fix(licenseinfo): NPE at Generate License Reportbe69470
fix(Project UI): Fixed "Set To Default Text" feature for project license info header144a8ac
fix(Project): Only users with Admin access should be allowed to edit a closed projectbe38717
fix(ReleaseLink): Remove self link from LinkedReleases hierarchy8015cc8
fix(report): adding coverage if content exceeds the max number of characters in cell2fc4bd3
fix(report): corrections to report0525fde
fix(report): fix indentation and message textfb70f43
fix(report): Fix merge error, fix rest payloadc8d15ac
fix(REST API): Attachmentupload endpoint documentationb3615b3
fix(rest): do not answer with 404 if resource list is empty12931ff
fix(rest): Download licenseinfo file error026cb34
fix(rest): Hiding unwanted fields in project listing response in REST4a1f90c
fix(scripts): add missing dependency to scripts/install-thrift.sh06d113d
fix(sso-oauth): feedback from review00368cf
fix(treetables): fix inconsistent indentation in treetables8ddce65
fix(UI-Release): UI error on duplicate release creation7db8c86
fix(ui): After removing a task from Home page, the task is back in the list when navigating back01453cb
fix(ui): datepicker date and year selection is made available8cad8ea
fix(UI): Deleting submitted task under My Task Submission section.4f07ca5
fix(ui): Fix infinity loop by expanding empty projects in AttachmentUsagec07932b
fix(user export): fix Nullpointer Exception on user export166b03d
fix(user): migrate completly from getOpenId -> getScreenname20ea660
fix(users): write screenname into externalID field6acf644
fix(vendors): Remove vendorId and vendor of release in case of deletion6453b69
fix(vul-scheduler): fixed an issue where vulnerabilities were stored in the wrong dbc94e999
fix(wsimport): remove projects from components that are createdc54ef0e
fix(wsimport): small fixes and some refactoring for wsimporte3c47ba
fix(wsimport):download url for releases3cca3b8
fix(documentation): Fixed link to issue tracker in eclipse org71c6f6f
fix(rest): Fix self link for user resourcec2b5f90
fix(licenses): added log message and handle GPL-2.0+ case when converting licensesbbf55aa
fix(wsimport): removed unnecessary check
The most important part on the infrastructure part is the change of the thrift compile to version 0.11.0. This has an impact to all, because an update of the installed thrift compiler is required from the previous version for all machines where the sw360 projects needs to build. Note that also the ektrop lib has been updated as well as the webjars which include the Java script components for the Web UI.
7128acd
chore(common): Mail service sends notifications asynchronousbdd45d2
chore(rm): Change Thrift Version in Readmec4228b0
chore(thrift): update thrift version to 0.11.07089e19
chore(thrift): use install/fast make target5ba0ebf
chore(ui): Auto resize textarea in project view and edit mode517faaa
chore(ui): Display banner warning for IE0864e14
chore(ui): Improve lucene search logic for project versionf51c4af
chore(ui): Some fixes for UI regarding search and filtersabf5be7
chore(vulnerabilities): Linked releases can be empty or null (rest create project)b6da7ca
chores(developer): remove developer tag in pom.xmld4d522d
chores(quick-deploy): add quick deploy for portlet165f9ca
chore(REST): add documentation for Licenses in Releases53ae7b0
refactor(db-bridge): updated ektorp library version to current 1.5.00632505
refactor(velocity): update to new version6e8c349
refactor(webjars): update versions of webjars
Because of changes in the couchdb schema you likely need to run a migration script. Please find more information here: sw360/scripts/migrations/
, in summary, you will need to update in the database:
- Changes to the way how the selected licenses and resulting attachment usage information is stored leads to the need to execute
011_migrate_attachment_usages_license_info.py
. - An identified for a todo was not used, but it was changed to title, so execute
012_migrate_todoid_to_title.py
.
48741ac
feat(rest): Token Generate with API Keys implementation (9 days ago)a20a225
feat(licenseImport): fix and improve26e4c55
feat(rest): Add externalId endpoint (projects) to REST API20e4472
feat(projects): add a flag to enable/disable displaying project's vulnerabilities0a3a636
feat(wsimport): Whitesource import service1386a75
feat(rest): Specify properties dynamically in GET /releases7918a40
feat(rest) Added route DELETE /releases/{ID},{ID2} to delete releases8d36000
feat(rest): Update REST Attachment endpoints and documentationc55c5f7
feat(rest) Paging/Sorting for GET /components, response contains pagination...dd7025a
feat(attachments): enable viewing/editing of attachment usages...dc1be63
feat(rest) Route PATCH /release/{id} added to update an existing releaseed79f9a
feature: codescoop integration590841b
feat(rest) Batch-Deletion for components5933bb7
feat(rest) Route PATCH /component/{id} added to update an existing componentcc5a5a1
feat(search): Improve lucene search logic and handling of resultsf9f6604
feat(licenses): allow to create unchecked licenses897acbf
feat(rest) Specify required fields for components in GET /components0ed834a
feat(rest): Read client id and client secret from configuration file7fa5164
feat(ui): Add preferred external id keys for projects, components and releases0eb74f9
feat(ui): Pagination of entries in project and component view5581b19
feat(release): Add project mainline state to export spreadsheet (clearing status)
5ddf781
fix(license): fix problem in editing licenses06ea9d0
fix(rest): GET /components response will contain all components...942f263
fix(projects): prevent duplicate attachment usages from crashing project display0f936d7
fix(wsimport): add lar filef145f0b
fix(rest): Correct REST embedded User to prevent error messagesc2c0afe
fix(rest): Show attachments as embedded resource list187756b
fix(projects): fix assertion exception when requesting attachment uses with empty...ffd6884
fix(licenseInfo): remove the unnecessary license text input field from license info...90791fc
fix(rest): Trying to sort components by an unsupported property causes NPE74c6512
fix(projects): Enable phrase search for group and tag in projectsa4a4244
fix(components): Remove updateOnlyRequested condition47045ad
fix(component): No update for all component properties if they are not in requestd7c6fec
fix(licenseinfo): Update merge handling for licenseInfo objects02d1289
fix(search): impose the defined search limit on all searches by defaultf844a42
fix(attachments): Set content encoding to identity only for gzip files4b7a2f3
fix(attachments): Set content encoding to identity in case of gzip filesc19298b
fix(licenses): Validate obligation list in LicenseDatabaseHandler7e75dfb
fix(moderation): Add external id map to moderation request4f7b441
fix(releases): Show release summary if the search text is emptyf28df1b
fix(search): Remove special characters in lucene search48ad171
fix(datahandler): Handle duplicate names in source code bundle generation...a149ff9
fix(user): Change user id field to optional1b7aa8a
fix(ui): Fix table styling for components and projects54e5286
fix(users): handle external change of user email address by storing...4bfaea3
fix(home): Truncate long document names in homepage datatablesb70bc7f
fix(test): replace "BLACK_HOLE_ADDRESS" with real onee693af5
fix(test): add IOException to the expected ones in BlackHole testa1f8433
fix(attachments): Allows to set attachments for source bundle generation
7d41a20
chore(vulnerabilities): Improve handling of null values in lastUpdated553979
chore(licenseinfo): Add separate DOCX template for reports56834d7
chore(rest): Change docs reference in HAL Browser7ffab39
chore: move attachments db classes to commonc638bb8
chore(rakefile): drop Rakefile, since it is unused and partially does no longer work3da002e
chore(moderation): Adjust footer length with datatable width (columns)ba44539
chore(projects): Remove default value for clearingTeam in projectse480824
chore(datahandler): Fix typo Repostitory to Repositorybc4128a
chore(components): Autoset ECC options should check if component is OSS59cf17a
chore(projects): Change the file name of export spreadsheet756d7b9
chore(rest): Add delivery start date to REST API guide37b61cd
chore(docs): removing orphan architecture document to wikiae16c73
chore(config): Restore sw360.properties configuration file1c156ce
chore(travis): Add travis configuration file to project848c233
chore(config): Change sw360portal specific links because of new repository69a4fd7
chore(git): restore .gitignore that's gone missing during move to eclipse repository
This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0 which is available at https://www.eclipse.org/legal/epl-2.0/
SPDX-License-Identifier: EPL-2.0