devonfw guide

https://github.com/devonfw/solicitor/pull/212: Improvement in determining License-URL within NpmLicenseCheckerReader.

https://github.com/devonfw/solicitor/issues/213: Avoid (too) long filenames when caching license texts or licenseurls. See Encoding of URLs.

https://github.com/devonfw/solicitor/issues/218: Update dependencies to latest version.

https://github.com/devonfw/solicitor/issues/208: Add two new lifecycle methods to SolicitorLifecycleListener.

https://github.com/devonfw/solicitor/issues/207: Add a new feature allowing the exclusion of paths and files of scanned artifacts from the Scancode information.

https://github.com/devonfw/solicitor/issues/211: Allow setting alternative locations for curation data (curationDataSelector). Note that the standard implementation included within Solicitor does not yet honor this value.

https://github.com/devonfw/solicitor/issues/202: Include parameter in CurationProvider.findCurations() to allow getting curation from alternative locations.

https://github.com/devonfw/solicitor/issues/190: Deprecate repoType attribute in configuration of readers.

https://github.com/devonfw/solicitor/issues/198: Add PackageUrlHandler for nuget packages.

https://github.com/devonfw/solicitor/issues/191: Refactoring of the (experimental) Scancode integration (formerly class ScancodeFileAdapter).

https://github.com/devonfw/solicitor/issues/192: References to files within the sources of a component (e.g. license or notice files) are now returned from the Scancode adapter by a uri with schme/prefixed pkgcontent:. This replaces the usage of file: urls in this case. The same syntax needs to be used within curation data if the url pointing to license texts within the component needs to be curated.

https://github.com/devonfw/solicitor/issues/199: Refactoring of Source_Download_Script.vm to use packageUrl instead of repoType.

https://github.com/devonfw/solicitor/issues/182: Add new data quality and traceability attributes to the ComponentInfo data structure.

https://github.com/devonfw/solicitor/issues/185: Fixed random ordering of rows in OSS-Inventory-Simple, which causes false differences to be marked.

https://github.com/devonfw/solicitor/issues/189: Added a CycloneDX Reader, to enable reading SBOMs in CycloneDX 1.4 or 1.5 format.

https://github.com/devonfw/solicitor/pull/179: Added further name mapping rules.

https://github.com/devonfw/solicitor/issues/168: Fixed NullPointerException for blank license in License URL Guessing.

https://github.com/devonfw/solicitor/issues/175: Introduce new properties packageDownloadUrl and sourceDownloadUrl in ApplicationComponent. Process file origin.yaml within Experimental Scancode Integration to be able to set these properties to non default values.

https://github.com/devonfw/solicitor/issues/177: Contents of local resources (file:) are no longer cached in FilesystemCachingContentProvider.

https://github.com/devonfw/solicitor/issues/171: Multiple improvements in processing of ScanCode results.

https://github.com/devonfw/solicitor/issues/167: Fixed a bug which prevented license URLs given in scancode curations (see Curations file) to be resolved properly when they point to the local file system (starting with file:).

https://github.com/devonfw/solicitor/issues/164: Fixed a bug which might result in license texts not being retrieved.

https://github.com/devonfw/solicitor/issues/154: Corrected dependency declaration for solicitor-core.jar.

https://github.com/devonfw/solicitor/issues/156: Included engagement name as member in class SolicitorSetup.

https://github.com/devonfw/solicitor/issues/158: Include library com.auth0/java-jwt to make it available for extensions.

https://github.com/devonfw/solicitor/issues/160: License texts are now included in the data model json.

https://github.com/devonfw/solicitor/issues/162: Include added notice file content and license texts to the ComponentInfo interface.

https://github.com/devonfw/solicitor/issues/152: Enhancements for using java code in extensions.

https://github.com/devonfw/solicitor/issues/146: Fixed the bug which prevented already defined velocity macro with same name to be redefined in different template.

https://github.com/devonfw/solicitor/issues/135: Introduce sourceRepoUrl as new property in ApplicationComponent. Depending on the kind of Reader either ossHomepage and/or sourceRepoUrl will be filled with data.

https://github.com/devonfw/solicitor/issues/149: Added name mappings so that for all SPDX-IDs used in the name mapping the SPDX-ID itself is also recognized and formally mapped.

https://github.com/devonfw/solicitor/issues/6: Fixed the bug by allowing multiple NormalizedLicense entries with same id per ApplicationComponent if the declared license differs. This allows to assign multiple licenses of same type (e.g. MIT) to a component and also will allow multiple "UNKNOWN" licenses to be reported for the same component. Note that as a side effect additional and unexpected NormalizedLicense entries might now be created. This might be caused from multiple LicenseAssignment*.xls rules firing for different RawLicense entries in the same ApplicationComponent and resulting in identical NormalizedLicense id. In this case it is necessary to restrict those different rules to only fire for specific RawLicense entries.

https://github.com/devonfw/solicitor/issues/141: Improved robustness of report generation in cases where PackageURL can not be determined (e.g. if data originates from CSV reader).

https://github.com/devonfw/solicitor/issues/139: Provide extension interface to allow reading information about components/licenses from alternative sources. See Extension Interfaces.

https://github.com/devonfw/solicitor/issues/137: Internal restructuring of Solicitor modules which allows Solicitor code to be used as dependency in other projects.

https://github.com/devonfw/solicitor/issues/129: Added spellcheck support within documentation for run-together words like camel cased ones.

https://github.com/devonfw/solicitor/issues/130: Fixed a bug where the guessedLicenseUrl and guessedLicenseUrlAuditInfo fields were not filled correctly in the aggregated inventory.

Added reader for data generated by OSS Review Toolkit (ORT). See OSS Review Toolkit (ORT).

Added support for API changes of new scancode release (v31) https://github.com/nexB/scancode-toolkit/releases/tag/v31.0.1.

https://github.com/devonfw/solicitor/issues/124: Added documentation of '--production' option for npm-license-checker plugin.

https://github.com/devonfw/solicitor/issues/125: Deprecated usage of npm-license-crawler.

Stability and data corruption safety for bash scripts of scancode integration.

Initial version of experimental scancode integration. See Experimental Scancode Integration.

New decision table structure LicenseAssignmentV2 with additional condition origin. Old structure deprecated but still supported. Migrate existing project decision tables by renaming LicenseAssignmentProject.xls to LicenseAssignmentV2Project.xls and introducing a new (empty) column Origin between existing columns OSS Version and Declared License.

Added Solicitor Logo and code for creating variants / animation.

https://github.com/devonfw/solicitor/issues/117: New attribute packageUrl in ApplicationComponent.

Experimental scancode-toolkit integration changed to using Bash scripting.

Ruleset change: For GPL/LGPL-Licenses use …​-only or …​-or-later IDs instead of the deprecated ones like GPL-3.0.

https://github.com/devonfw/solicitor/issues/113: Allow project specific writers (additionalWriters) to be defined without overriding default writers.

https://github.com/devonfw/solicitor/issues/15: Enable Decision Tables to be alternatively defined as CSV. Allow dynamic determination of applicable format by specifying resource names without file extension.

https://github.com/devonfw/solicitor/issues/108: Updated spring boot framework, drools rule engine and other used components to latest versions.

https://github.com/devonfw/solicitor/issues/110: Allow an additional user guide to be extracted when using an extension.

New report ScancodeDownloadScript.vm to compile copyright information using ScanCode.

https://github.com/devonfw/solicitor/issues/75: Added license URL guessing, see Guessing of license URLs.

https://github.com/devonfw/solicitor/issues/86: In case that downloading content for a given URL fails no WARN message with stacktrace will be shown any more. Instead there will be an info message (SOLI-047 or SOLI-048) indicating that the content could not be downloaded. This change is due to the fact that failed downloads are expected - especially with the new feature license URL guessing.

Readers for PIP and YARN added.

https://github.com/devonfw/solicitor/issues/101: If downloaded license texts contain large amounts of html formatted content they will be replaced by a placeholder indicating the need for cleanup. A warning message will be written in this case (SOLI-050).

https://github.com/devonfw/solicitor/issues/103: Changed structure of Solicitor source code repository to maven multi module structure.

https://github.com/devonfw/solicitor/issues/7: Allow more flexible CSV file format within the CsvReader.

https://github.com/devonfw/solicitor/issues/78: Introduce new suffix (REGEX) in decision tables to mark regular expressions. Using this suffix avoids breaking any sorting when using mixed verbatim strings and regex patterns. The old prefix syntax REGEX: has been deprecated.

https://github.com/devonfw/solicitor/issues/97: Fixed the bug which made the GradleReader and GradleReader2 skip the first entry in the file.

https://github.com/devonfw/solicitor/issues/87: GradleReader and GradleReader2 no longer fail when reading files that contain no entry. Actually this was due to bug https://github.com/devonfw/solicitor/issues/97.

Fixed bug which resulted in corrupt XLS report due to cell comment exceeding maximum allowed size.

https://github.com/devonfw/solicitor/issues/94: Fixed by making sure that formulas get evaluated when opening the workbook with excel.

Fixed bug when reading saved data model for delta calculation. (repoType was not read correctly and resulted in always reporting a difference.)

Added some license name mapping rules in LicenseNameMappingSample.xls.

https://github.com/devonfw/solicitor/issues/71: New "Quality Report" which might be helpful in validating the outcome of the Solicitor run. Currently this report contains a list of all application components which have more than one effective license attached. This might be helpful for spotting cases where appropriate rules for selecting the applicable license in case of dual-/multilicensing is missing.

Corrected order of license name mapping which prevented Unlicense, The W3C License, WTFPL, Zlib and Zope Public License 2.1 to be mapped.

https://github.com/devonfw/solicitor/issues/67: Inclusion of detailed license information for the dependencies included in the executable JAR. Use the '-eug' command line option to store this file (together with a copy of the user guide) in the current work directory.

Additional rules for license name mappings in decision table LicenseNameMappingSample.xls.

https://github.com/devonfw/solicitor/pull/61: Solicitor can now run with Java 8 or Java 11.

https://github.com/devonfw/solicitor/issues/62: New Reader of type npm-license-checker for reading component/license data collected by NPM License Checker (https://www.npmjs.com/package/license-checker). The type of the existing Reader for reading CSV data from the NPM License Crawler has been changed from npm to npm-license-crawler-csv. (npm is still available but deprecated.) Projects should adopt their Reader configuration and replace type npm by npm-license-crawler-csv.

https://github.com/devonfw/solicitor/issues/56: Enable continuing analysis in multiapplication projects even is some license files are unavailable.

Described simplified usage of license-maven-plugin without need to change pom.xml. (Documentation only)

Ensure consistent sorting even in case that multiple "Ignored" licenses exist for a component