--------------------
- Add support for importing CycloneDX SBOM 1.2, 1.3, 1.4 and 1.5 spec formats.
https://github.com/nexB/scancode.io/issues/1045
- The pipeline help modal is now available from all project views: form, list, details.
The docstring are converted from markdown to html for proper rendering.
https://github.com/nexB/scancode.io/pull/1105
- Add a new `CollectSymbols` pipeline (addon) for collecting codebase symbols using
Universal Ctags.
https://github.com/nexB/scancode.io/pull/1116
- Capture errors during the `inspect_elf_binaries` pipeline execution.
Errors on resource inspection are stored as project error message instead of global
pipeline failure.
The problematic resource path is stored in the message details and displayed in the
message list UI as a link to the resource details view.
https://github.com/nexB/scancode.io/issues/1121
https://github.com/nexB/scancode.io/issues/1122
- Use the `package_only` option in scancode `get_package_data` API in
`inspect_packages` pipeline, to skip license and copyright detection in
extracted license and copyright statements found in package metadata.
https://github.com/nexB/scancode-toolkit/pull/3689
- Rename the ``match_to_purldb`` pipeline to ``match_to_matchcode``, and add
MatchCode.io API settings to ScanCode.io settings.
- In the DiscoveredPackage model, rename the "datasource_id" attribute to
"datasource_ids" and add a new attribute "datafile_paths". This is aligned
with the scancode-toolkit Package model, and package detection information
is now stored correctly. Also update the UI for discovered packages to
show the corresponding package datafiles and their datasource IDs.
A data migration is included to facilitate the migration of existing data.
https://github.com/nexB/scancode.io/issues/1099
- Add PurlDB tab, displayed when the PURLDB_URL settings is configured.
When loading the package details view, a request is made on the PurlDB to fetch and
and display any available data.
https://github.com/nexB/scancode.io/issues/1125
- Create a new management command `purldb-scan-queue-worker`, that runs
scancode.io as a Package scan queue worker for PurlDB.
`purldb-scan-queue-worker` gets the next available Package to be scanned and
the list of pipeline names to be run on the Package from PurlDB, creates a
Project, fetches the Package, runs the specified pipelines, and returns the
results to PurlDB.
https://github.com/nexB/scancode.io/pull/1078
https://github.com/nexB/purldb/issues/236
- Update matchcode-toolkit to v4.0.0