This repository has been archived by the owner on Apr 1, 2022. It is now read-only.
Releases: fossas/spectrometer
Releases · fossas/spectrometer
v2.4.2
Resolve: fossa vps would not function correctly due to a build process issue.
v2.4.1
v2.4.0
v2.4.0
Major change
As of this release, vpscli and its functionality is no longer a separate binary from the normal fossa tool. The same functionality is accessed by a subcommand, namely fossa vps. There are a few changes in the command-line arguments, and an example of the change is shown below. Please check the --help output for more info.
Notable differences (only relavant to previous vpscli usage):
vpscli scanhas changed tofossa vps analyze. This matches the analyze/test/report convention from the normal dependency scanner.vpscli ninja-graphhas changed tofossa vps ninja-graph.-d/--basedir PATHis now a positional argument, same asfossa analyze. You can use--before an argument to force it to be treated as a positional argument. Default value is the string".", which represents the current working directory.--project-name NAMEis no longer required, and has been renamed to--project. If omitted, we use the same inference rules as the normal dependency scanner.--fossa-urlhas been renamed to--endpoint. This allows us to re-use the same argument for multiple commands.--debugis required to see the trace logs fromfossa vps analyze. This is a result of switching vpscli's internals to use our standard logger.
# Original invocation
vpscli scan -d path/to/project/ --project-name 'quick' --fossa-url 'https://app.vps.fossa.team' --fossa-api-key <key>
# New invocation
fossa vps analyze --endpoint 'https://app.vps.fossa.team' --fossa-api-key <key> path/to/projectFull Changelog
- Integrates
vpscli scanasfossa vps analyze(#148) - Removes
vpsclibinary (#148) - Adds support for
--teamand other metadata flags to vps analysis (#149) - Adds
fossa vps testcommand, analogous tofossa testfor vps projects (#150) - Adds
fossa vps reportcommand, analogous tofossa reportfor vps projects (#150) - Adds support for unpacking of gzipped RPMs (#154)
v2.3.5
Updates binary dependencies in vpscli to resolve the following issues:
- Issues checking some files in the project for first-party licenses should no longer prevent a scan from completing.
- The special case when scanning zip archives with duplicate file names should no longer prevent the scan from completing.
v2.3.4
v2.3.3
Small bugfix release for 2.3.2. 2.3.2 release notes below:
v2.3.2
- Adds
fossa list-targetsto list "analysis-targets" (projects and subprojects) available for analysis (#140) - Adds
--filter TARGEToption tofossa analyze(#140) - Merges the dependencies of
*req*.txtandsetup.pyfiles we find (#140) - Improves maven project discovery (#140)
- Fixes gradle wrapper integration (#140)
- Adds support for "detached HEAD" state in git and svn (#141)
vpscli
v2.3.2
v2.3.2
- Adds
fossa list-targetsto list "analysis-targets" (projects and subprojects) available for analysis (#140) - Adds
--filter TARGEToption tofossa analyze(#140) - Merges the dependencies of
*req*.txtandsetup.pyfiles we find (#140) - Improves maven project discovery (#140)
- Fixes gradle wrapper integration (#140)
- Adds support for "detached HEAD" state in git and svn (#141)
vpscli
v2.3.1
v2.3.0
- Adds a user guide
- Fixes bug where the rebar3 strategy would incorrectly find dependencies as top-level projects (#119)
- Fixes various issues in the setup.py parser (#119)
- Adds an analyzer for haskell projects using cabal-install and stack (#122) (#126)
- Adds an analyzer for PHP projects via composer (#121)
v2.2.7
Update vpscli to upload an empty IPR result set to FOSSA if IPR scanning is skipped.