Grimoirelab

Latest version: v1.9.0

Safety actively analyzes 688924 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

1.9.0

**New components:**

* grimoirelab-toolkit 1.0.8
* kidash 1.0.9
* sortinghat 1.6.0
* cereslib 1.0.8
* perceval 1.1.0
* perceval-mozilla 1.0.10
* perceval-opnfv 1.0.10
* perceval-puppet 1.0.10
* perceval-weblate 1.0.10
* graal 1.1.1
* grimoire-elk 1.3.2
* sirmordred 1.1.4

The following list describes the changes by component:

grimoirelab-toolkit

* Update Poetry's package dependencies

kidash

* Update Poetry's package dependencies

sortinghat

**New features:**

* Skip recommendations (937)\
Users can now skip a recommendation and review the next one if they
are unsure of whether to apply it or dismiss it.
* Sort organizations by number of enrollments (940)\
Organizations are now sorted by the number of enrollments they have by
default. Clicking on a column header sorts the table results by that
field.

cereslib

* Update Poetry's package dependencies

perceval

**Bug fixes:**

* Git stats not assigned with their actions\
Git stats were not assigned to their actions in a commit for filenames
that contain whitespaces. Instead, an empty stat was created like in a
merge commit, where actions normally don't take place.

**Performance improvements:**

* Git sync improved for `--latest-items` flag\
The speed updating a git repository when `--lates-items` is set was
very poor. The main problem was when the references were updated to
the new hashes. All the active refs on the repository were modified,
even when they were up-to-date. Now, only references updated on the
remote repository are modified on the local one. Repositories are
synched 2 times faster than before.

perceval-mozilla

* Update Poetry's package dependencies

perceval-opnfv

* Update Poetry's package dependencies

perceval-puppet

* Update Poetry's package dependencies

perceval-weblate

* Update Poetry's package dependencies

graal

* Update Poetry's package dependencies

grimoire-elk

* Update Poetry's package dependencies

sirmordred

* Update Poetry's package dependencies

1.8.0

**New components:**

* grimoirelab-toolkit 1.0.7
* kidash 1.0.8
* sortinghat 1.5.1
* cereslib 1.0.7
* perceval 1.0.9
* perceval-mozilla 1.0.9
* perceval-opnfv 1.0.9
* perceval-puppet 1.0.9
* perceval-weblate 1.0.9
* graal 1.1.0
* grimoire-elk 1.3.1
* sirmordred 1.1.3

The following list describes the changes by component:

grimoirelab-toolkit

* Update Poetry's package dependencies

kidash

* Update Poetry's package dependencies

sortinghat

* Update Poetry's package dependencies

cereslib

* Update Poetry's package dependencies

perceval

* Update Poetry's package dependencies

perceval-mozilla

**Bug fixes:**

* Kitsune resuming feature fixed (79)\
Kitsune backend resuming feature was broken. It didn't retrieve the
updated questions right using the parameter 'offset'. Changing the
backend to use 'from-date' parameter instead has fixed the problem.

perceval-opnfv

* Update Poetry's package dependencies

perceval-puppet

* Update Poetry's package dependencies

perceval-weblate

* Update Poetry's package dependencies

graal

**New features:**

* Compatible namespace package for Python 3.12\
Remove old format to define namespace packages. And use native
namespace packages that requires removing the `__init__.py` file. It
is important that every distribution that uses the namespace package
omits that file. For more information see
https://peps.python.org/pep-0420/

grimoire-elk

* Update Poetry's package dependencies

sirmordred

**Bug fixes:**

* Panels import bug and Micro Mordred failure\
A bug was causing Panels to fail to import in Kibiter and preventing
micro Mordred from working. The issue was in tasks that didn’t require
a SortingHat client to run.

1.7.0

**New components:**

* grimoirelab-toolkit 1.0.6
* kidash 1.0.7
* sortinghat 1.5.0
* cereslib 1.0.6
* perceval 1.0.8
* perceval-mozilla 1.0.8
* perceval-opnfv 1.0.8
* perceval-puppet 1.0.8
* perceval-weblate 1.0.8
* graal 1.0.8
* grimoire-elk 1.3.0
* sirmordred 1.1.2

The following list describes the changes by component:

grimoirelab-toolkit

* Update Poetry's package dependencies

kidash

* Update Poetry's package dependencies

sortinghat

**New features:**

* Mark individuals as reviewed\
Individuals can now be marked as reviewed to keep track of which
profiles have already been checked and when. A profile can be marked
as reviewed more than once, it will show the date of the last review.
If there have been any changes to the profile data since the last
review, the review button displays a warning icon. The list of
individuals can be filtered by whether they have been reviewed and by
their review date. The list can also be ordered by review date.

**Bug fixes:**

* Wrong arrong direction when merging recommendations (934)\
When recommendations were merged, the arrow showing the direction of
the merge was wrong. It showed `foo → bar` but the resulting identity
will be named `foo` instead of `bar`. The arrow now points in the
other direction showing that `bar` will be merged on `foo`.

cereslib

* Update Poetry's package dependencies

perceval

* Update Poetry's package dependencies

perceval-mozilla

* Update Poetry's package dependencies

perceval-opnfv

* Update Poetry's package dependencies

perceval-puppet

* Update Poetry's package dependencies

perceval-weblate

* Update Poetry's package dependencies

graal

* Update Poetry's package dependencies

grimoire-elk

**New features:**

* Keywords data on enriched items\
Keywords field is included now on the enriched items of bugzilla and
bugzillarest indices.
* New reponse times on bugzilla items\
The Bugzilla enriched items include two new fields to track response
times on these type of repositories. The field
`time_to_first_attention` is the the time expressed in days between
the ticket creation and the first comment from a contributor different
from the author creating the bug. The field `last_comment_date` is the
date of the last comment posted in the bug.

**Bug fixes:**

* All references processed for the reference analysis study\
The `enrich_reference_analysis` study analyzes the cross-references
between "issues" and "pull request". When we use an aggregations
query, it returns only the first 10 items (ElasticSearch/OpenSearch by
default). By using 'composite aggregations', we can paginate the
result and thus, obtain all the references.

sirmordred

* Update Poetry's package dependencies

1.6.0

**New components:**

* grimoirelab-toolkit 1.0.5
* kidash 1.0.6
* sortinghat 1.4.0
* cereslib 1.0.5
* sigils 1.1.1
* perceval 1.0.7
* perceval-mozilla 1.0.7
* perceval-opnfv 1.0.7
* perceval-puppet 1.0.7
* perceval-weblate 1.0.7
* graal 1.0.7
* grimoire-elk 1.2.0
* sirmordred 1.1.1

The following list describes the changes by component:

grimoirelab-toolkit

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

kidash

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

sortinghat

**New features:**

* Less distracting main identity indicator (920)\
The star icon that marked an individual's main identity was
distracting and potentially misleading for users. It has changed to a
more subtle indicator since it is not relevant for most users.
* Redirect to the original URL after log in (925)\
Users are now redirected to the page they originally requested after
they log in.
* Merge organizations when adding an alias\
Users now have the option to merge the organizations when adding an
alias that already exists on the "Edit organization" dialog. That
option was only previously available at the organization's detail
page.
* Customizable trusted sources for username matching\
Enable customization of trusted sources for username matching in
settings. This feature allows to define and manage the trusted data
sources for username matching from the configuration.

**Bug fixes:**

* Users permissions migrated (849)\
User permissions are stored in a separate table within the database.
These permissions will be automatically migrated when running
`sortinghat-admin upgrade`.
* Update workspace when identities are split (919)\
When an individual's identities are split, they are shown in the
workspace, but they were only shown the first time. The workspace is
now updated with the new individuals every time.

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project. Update the Docker images
to use Python 3.9.

cereslib

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

sigils

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

perceval

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

perceval-mozilla

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

perceval-opnfv

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

perceval-puppet

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

perceval-weblate

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

graal

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

grimoire-elk

**New features:**

* Status in SUMO enriched index\
Add the missing status in the SUMO backend. The status could be
`solved`, `archived`, `locked` or `open`.

**Bug fixes:**

* Avoid UNDEFINED values in author fields\
Avoid `-- UNDEFINED --` values for all SortingHat fields when Mordred
loses connection to the SortingHat server during the enrichment or
autorefresh execution. It will keep the values of the `name`, `email`,
`id` and `uuid` fields.
* Handle OpenSearch page info on pagination\
In OpenSearch and ElasticSearch < 7.x the page info on pagination is
different. This will handle both of them.

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

sirmordred

**Dependencies updateds:**

* Python minimum version updated\
Python 3.8 will reach its end of life in October 2024. Python 3.9 is
the minimum version required by the project.

1.5.0

**New components:**

* kidash 1.0.5
* sortinghat 1.3.0
* perceval 1.0.6
* perceval-mozilla 1.0.6
* perceval-opnfv 1.0.6
* perceval-puppet 1.0.6
* perceval-weblate 1.0.6
* graal 1.0.6
* grimoire-elk 1.1.5
* sirmordred 1.1.0

The following list describes the changes by component:

kidash

* Update Poetry's package dependencies

sortinghat

**New features:**

* Remove merge recommendations (883)\
Recommendations can now be deleted from the database and not just
dismissed. This is useful in case there are too many recommendations
to handle manually.
* Merge organizations when adding an alias (913)\
When adding an alias on an organization's page, if the new alias is an
existing organization, users now have the option to merge them. This
is useful in cases where organizations can't be merged using drag and
drop.
* User permissions per tenant\
Update the permissions system to allow assigning permissions to users
based on the tenant they are accessing. The command `sortinghat-admin
set-group` has been renamed to `sortinghat.-admin set-permissions`.

**Bug fixes:**

* Duplicated GitHub links (912)\
The link to an individual's GitHub profile no longer appears several
times when there is more than one GitHub identity.
* Connection closed when job is executed\
RQ workers create a fork to run the jobs. The issue arises when, after
completing the job, the MariaDB logs display the warning: `Aborted
connection to db. Got an error reading communication packets`. This
change ensures the database connection is closed before the fork ends,
preventing the warning from appearing.

perceval

**Bug fixes:**

* Fix issue 782 (782)\
The issue was that perceval would not delete old tags from upstream
references. This change deletes tags locally if tags are deleted
upstream.

perceval-mozilla

* Update Poetry's package dependencies

perceval-opnfv

* Update Poetry's package dependencies

perceval-puppet

* Update Poetry's package dependencies

perceval-weblate

* Update Poetry's package dependencies

graal

* Update Poetry's package dependencies

grimoire-elk

**Bug fixes:**

* Git branches study improved\
Previously, while the branches study was running, the `branches` field
remained empty or partially filled until the study was completed,
leading to incorrect data being displayed on the dashboard. With this
change, the branches field is updated only after the study has
finished.

sirmordred

**Performance improvements:**

* Reduced the number of connections to SortingHat\
Mordred makes a lot of connections to the SortingHat server which
could cause the uWSGI queue to fill up. When the uWSGI queue is full,
Mordred cannot connect to the SortingHat server.

1.0.0

For eight years, we have been working to produce the best platform for
software development analytics possible. With the work of more than
150 developers and after over 11,600 commits, we’re excited to announce
the release of the first major version of GrimoireLab.

GrimoireLab is an evolution of the work done during more than 10 years by
[Bitergia](https://bitergia.com/), LibreSoft URJC research group, and several
contributors in [Metrics Grimoire](http://metricsgrimoire.github.io/)
and [VizGrimorie](http://vizgrimoire.bitergia.org/) projects.
Since 2017, GrimoireLab has been part of The Linux Foundation
[CHAOSS Software](http://chaoss.community) community as one of its founding
projects.

GrimoireLab has become the de facto standard for open source project
health dashboards. It has been used by some of the most important
software companies and open source foundations in the world.
The platform has also been used as the underlying foundation for
other applications, including
[Bitergia Analytics](https://github.com/bitergia-analytics),
[OSS Compass](https://compass.gitee.com/),
[LFX Insights](https://lfx.linuxfoundation.org/tools/insights/),
[Cauldron](https://gitlab.com/cauldronio/), and
[Mystic](https://opensource.ieee.org/rit/mystic-group).

This release of GrimoireLab includes:

- An automated platform to generate software analytics and insights.
- Data collection from more than 30 data sources.
- Generation of more than 150 metrics and visualizations to understand activity,
performance, and community of open source projects.
- Identities manager to track the activity of an individual across platforms
and organizations.
- Integration with third-party applications to visualize and analyze data
(Kibana/OpenSearch Dashboards/Jupiter Notebooks).

This release would not have been possible without the help of the entire
community. We are deeply thankful to all our users. We would especially
like to thank Álvaro del Castillo, Valerio Cosentino, Jesús González-Barahona,
Alberto Pérez García-Plaza, J. Manrique López, Venu Vardhan Reddy Tekula,
David Moreno, Gregorio Robles, Andy Grunwald, and the members of the
CHAOSS project.

Special recognition to [Bitergia](https://bitergia.com/) and
[The Document Foundation](https://www.documentfoundation.org/)
for being early adopters.

The GrimoireLab Developers.

Page 1 of 6

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.