0.71.0

What's Changed

🐞 Bug Fixes

• 3bb11b9 ui: Treat STRING_LIST values as strings in plugin template forms

🎉 New Features

• 3b1868c ui: Add long-lived caching for hashed files
• be70870 ui: Add robots.txt to disallow search engine indexing
• 05c1ea4 ui: Compress static assets
• b3ed86c ui: Force browsers to revalidate a cached index.html

🐘 Build & ⚙️ CI

• ed7e68f gradle: Prefer buildHealth over projectHealth

📖 Documentation

• 8149680 gradle: Remove some weird chars from a because string
• d16d16d kubernetes: Add mountPvcs and mountEmptyDirs documentation

🔧 Chores

• 31072af core: Add missing OpenAPI tags and sort them alphabetically

🚀 Dependency Updates

• dff385a scanner: Upgrade Provenant to version 0.1.8
• 6032ec5 update actions/checkout action to v6.0.3
• 18f6823 update awssdk to v1.6.84
• 5efa705 update buildconfigplugin to v6.0.10
• 884c013 update ch.qos.logback:logback-classic to v1.5.34
• 8bb17d7 update com.autonomousapps.build-health to v3.14.1
• 2d6bc48 update dependency @hey-api/openapi-ts to v0.97.3
• 6398724 update dependency react-hook-form to v7.76.1
• af57545 update flyway to v12.7.0
• 752d241 update flyway to v12.8.0
• 36d9830 update io.mockk:mockk to v1.14.11
• 4a93436 update org.ossreviewtoolkit:version-catalog to v88
• e95e2f7 update pnpm to v11.3.0
• 7fbf7a3 update pnpm to v11.4.0
• 0dd2c70 update tanstack-query monorepo to v5.100.14
• bb107b3 update tanstack-router monorepo
• 6606942 update typesafeconfig to v1.4.9
• 7eac6d3 update typescript-eslint monorepo to v8.60.0

🚜 Refactorings

• b5a0a1c server-settings: Align code with the renaming of the module
• 004a47c server-settings: Change routes to /settings/server
• 0ecfa26 Integrate ContentManagementService into server-settings
• c73bae8 Rename admin-config component to server-settings

0.70.0

What's Changed

🐞 Bug Fixes

• 8b3c23b compose: Update the UID used for the secrets volume

🎉 New Features

• 80d7214 api: Filter all vulnerability endpoints with advisors
• 7b8d76f model: Add advisors field to all filter models and mappings
• 9185115 service: Filter by advisors in single- and multi-run queries
• 6ad5dd6 ui: Filter vulnerabilities with advisors
• 655442e ui: Render plugin descriptions in Markdown

🐘 Build & ⚙️ CI

• d3c78c9 gradle: Remove the global ExperimentalSerializationApi opt-in
• 2393675 gradle: Replace detached config with named config in custom plugin

🚀 Dependency Updates

• 0f24d58 scanner: Upgrade Provenant to version 0.1.5
• b2c6400 scanner: Upgrade Provenant to version 0.1.6
• 6ce7d24 update ch.qos.logback:logback-classic to v1.5.33
• 65da310 update com.autonomousapps.build-health to v3.14.0
• 6c8fa96 update com.azure:azure-security-keyvault-secrets to v4.11.0
• 3318d6d update com.networknt:json-schema-validator to v3.0.3
• efb2057 update com.rabbitmq:amqp-client to v5.31.0
• 78ebf25 update dependency @hookform/resolvers to v5.4.0
• 05482f5 update dependency vite to v8.0.14
• 10b6336 update org.ossreviewtoolkit:version-catalog to v87.2.0
• d826a05 update org.ossreviewtoolkit:version-catalog to v87.3.0
• 5b6c048 update org.slf4j:slf4j-api to v2.0.18
• 6c9ebf8 update pnpm to v11.2.0
• 7c00058 update pnpm to v11.2.1
• 6500325 update pnpm to v11.2.2

🚜 Refactorings

• a8ec79d api: Unify the vulnerability filter handling
• 50d4474 ui: Align column ordering of the vulnerability tables

0.69.0

What's Changed

🐞 Bug Fixes

• 34e7b3b dao: Filter duplicate provenance resolution issues
• 507f1ad kubernetes: Include the run ID in worker job names

🎉 New Features

• d496694 scanner: Store provenance resolution issues for current run

🐘 Build & ⚙️ CI

• 503b5ab gradle: Use the same dependency substitutions as in ORT

📖 Documentation

• 603be13 scanner: Fix an incomplete comment

🚀 Dependency Updates

• e29a154 update com.google.devtools.ksp to v2.3.9
• b6598df update dependency @types/react to v19.2.15
• 5cb702d update dependency vitest to v4.1.7
• 5abea23 update ktor monorepo to v3.5.0
• 4c67af9 update node.js to 242549c
• 764aa59 update rabbitmq docker tag to v4.3.1

0.68.0

What's Changed

🐞 Bug Fixes

• af4d769 docker: Delete the "ubuntu" default user
• 9aaa210 worker: re-enable publishing of the config worker artifact

🎉 New Features

• dae878f ui: Add buttons to rerun and delete runs to the admin runs table

🐘 Build & ⚙️ CI

• 26e1466 gradle: Use rich version declaration instead of enforcedPlatform

🔧 Chores

• 97c3b2c docker: Set the user ID back to 1000
• c170f77 kubernetes: Add a direct dependency to the fluent API
• 368d1a2 Add AI-related directory to .gitignore

🚀 Dependency Updates

• c8dded5 update awssdk to v1.6.80
• e533186 update com.autonomousapps.build-health to v3.12.2
• 264434f update com.autonomousapps.build-health to v3.13.0
• 07b7204 update dependency @hey-api/openapi-ts to v0.97.2
• 55ac93a update dependency @vitejs/plugin-react to v6.0.2
• 674bc9b update dependency eslint to v10.4.0
• ee4ec6c update dependency lucide-react to v1.16.0
• aaca2fd update dependency postcss to v8.5.15
• 54e4a7e update dependency react-hook-form to v7.76.0
• de7fec9 update dependency vite to v8.0.13
• 4d21b77 update dev.panuszewski.typesafe-conventions to v0.11.1
• b574c7c update docker/build-push-action action to v7.2.0
• 3554199 update docker/login-action action to v4.2.0
• 221d2c5 update docker/metadata-action action to v6.1.0
• 1a49aeb update docker/setup-buildx-action action to v4.1.0
• 1318e83 update flyway to v12.6.2
• f8dacc2 update nginx:1.31-alpine docker digest to 8b1e787
• e3ea0d7 update org.ossreviewtoolkit:version-catalog to v87.1.0
• 6455f7f update pnpm to v11.1.2
• c5e1e74 update pnpm to v11.1.3
• 9ca1a84 update tanstack-query monorepo to v5.100.10
• c7fb600 update tanstack-router monorepo
• 710d49d update typescript-eslint monorepo to v8.59.4

0.67.1

What's Changed

📖 Documentation

• 83d5cec docker: End code comment sentences with periods

🔧 Chores

• eb9b6e9 docker: Align how scanners are added to PATH

🚀 Dependency Updates

• 9e80202 docker: Add Provenant to the scanner Docker image
• 69f5e55 docker: Make the Corepack version configurable
• f809480 docker: Use a pinned Corepack version and revert to 0.34.7
• 29733d3 update dependency axios to v1.16.1

0.67.0

What's Changed

🐞 Bug Fixes

• c685cf9 analyzer: Install libncurses6 which is required by Swift at runtime
• b9311df dao: Correctly match issues when storing resolutions
• 732586a nuget: Quote API key attribute in NuGet.Config
• 15cdb9d secrets: Scope in-use check to the secret's hierarchy level
• b9ee1a2 ui: Add missing OrtProjectFile package manager to UI
• f6cf0c8 Ensure that component classes are on the classpath at runtime

🎉 New Features

• cf8ee44 api: Get advisors from organization vulnerabilities
• 1eef765 api: Get advisors from product vulnerabilities
• 58defa7 api: Get advisors from run vulnerabilities
• 3e6468a service: Add advisor lookup methods to vulnerability service

✅ Tests

• c66a3bd common: Decouple schema validation from Jackson
• 335d154 keycloak: Share a single Keycloak test container to speed up tests

🐘 Build & ⚙️ CI

• 2e4ac7d gradle: Do not use libs in convention plugins
• 0ddc2ce gradle: Enable more dependency analysis rules
• a2ceabf gradle: Remove all unused dependencies
• cca4ca6 gradle: Restore using the "build-health" settings plugin
• da3b4c8 gradle: Use correct configurations for dependencies
• 33ff6f5 static-analysis: Add a job to run the projectHealth task

📖 Documentation

• c32daa4 gradle: Document why a dependency analysis rule is disabled

🔧 Chores

• 5ef46fd analyzer: Remove redundant echo calls from Dockerfile
• d0c37b8 docker: Remove redundant apt list cleanup
• 745f07f plugin-manager: Rename option to pluginOptions

🚀 Dependency Updates

• be32046 docker: Update default python-inspector version to 0.15.2
• 26322bb docker: Upgrade Swift to version 6.3.1
• 1456ea6 docker: Upgrade to Ubuntu Noble LTS as the base
• 8dd3a2c Update the dependency-analysis-gradle-plugin to version 3.12.0
• 27a0535 update awssdk to v1.6.75
• c02a5a7 update com.autonomousapps.build-health to v3.12.1
• 886013d update com.azure:azure-storage-blob to v12.34.0
• 49436d3 update com.google.devtools.ksp to v2.3.8
• 8e3eb90 update com.networknt:json-schema-validator to v3
• 6abbbd3 update dependency @eslint/compat to v2.1.0
• 6247b6f update dependency @playwright/test to v1.60.0
• 040d2ba update dependency @types/node to v24.12.3
• 2e90eca update dependency @types/node to v24.12.4
• 5a4f494 update dependency tailwind-merge to v3.6.0
• b5379b8 update dependency vite to v8.0.11
• c391656 update dependency vite to v8.0.12
• 86c8a5b update dependency vitest to v4.1.6
• 73e6cd0 update docker/dockerfile docker tag to v1.24
• d79a0b9 update eclipse-temurin docker tag to v21.0.11_10-jdk-noble
• 334f380 update exposed to v1.3.0
• 6c07fe7 update grafana/logstash-output-loki docker tag to v3.7.2
• 59e0f5e update grafana/loki docker tag to v3.7.2
• 2ddb0c8 update nginx docker tag to v1.31
• bb6a0bc update nginx:1.30-alpine docker digest to 94da95f
• 02f4434 update nginx:1.31-alpine docker digest to 2f07d83
• 530b0d7 update nginx:1.31-alpine docker digest to dc48b7a
• 5fbe9ca update org.ossreviewtoolkit:version-catalog to v87
• 5fd723c update pnpm to v11.0.9
• 2a33d5b update pnpm to v11.1.0
• d70ebe8 update pnpm to v11.1.1
• e050dcb update quay.io/keycloak/keycloak docker tag to v26.6.2
• 27ca124 update react monorepo to v19.2.6
• 2a0ecc8 update tailwindcss monorepo to v4.3.0
• 9d7e55e update tanstack-router monorepo
• 7026ecb update typescript-eslint monorepo to v8.59.3

0.66.0

What's Changed

🎉 New Features

• cfae523 ui: Align buttons in edit forms

🚀 Dependency Updates

• 8df49c8 Update Nuget-Inspector to version 0.10.0

0.65.0

What's Changed

🐞 Bug Fixes

• 4d5adbf api: Fix the query filters for identifier
• 20de3c7 scanner: Return issues from scan summaries
• 76dbbdf ui: Allow the EPSS scoring system to be written in upper-case
• ab042da ui: Generalize the Conan entry to not only refer to 1.x
• 10bc26d ui: Remove a text color class duplicate
• 2f8fa25 ui: Use plain #L fragment for single-line findings
• 3af2a3d worker: Add missing Bazel generator instantiation
• 9bb2d04 worker: Update the Bazel credential helper's path in the generator
• 451abda worker: Update the Git credential helper's path in the generator

🎉 New Features

• c04ec0f api: Add required properties to VulnerabilityFilters
• 3397c74 api: Align sorting and filtering of ORT run vulnerabilities endpoint
• 83f3d19 api: Change default sorting of vulnerabilities
• 0786f46 service: Align sorting and filtering of ORT run vulnerability query
• feb12c4 ui: Add a select filter for rule violation rules
• 54aad4b ui: Add support for Conan environment definition
• 9ff8633 ui: Add support for Gradle environment definition
• 526fe1b ui: Add support for Maven environment definition
• 3a144f5 ui: Add support for NuGet environment definition
• cdf5e33 ui: Add support for Yarn environment definition
• b9df250 ui: Change accordion open/close logic for items with resolutions
• c9a5f8f ui: Enable editing plugin templates
• 968ffe8 ui: Further improvements to "create template"
• d7e6998 ui: Improve the UX for the "undefined" template fields
• b9ba9ed ui: Polish the UI for the environment configuration
• f848a2f ui: Relocate the "delete template" button
• acc6ed1 ui: Server-side data manipulation for run vulnerability table
• c35a5ce ui: Tune the template cards
• 3c5ad88 worker: Add the Bazel credential helper to the workers' base image
• 6c9737c worker: Add the Git credential helper to the workers' base image
• b2de9e9 Add support for advisor's provider-level issues

✅ Tests

• 2bff717 Correctly group tests for OrtServerScanResultStorageTest

🐘 Build & ⚙️ CI

• db3954f pnpm: Approve required build scripts
• 92cab24 renovate: Group the docusaurus-openapi-docs dependencies
• 2d7168f renovate: Remove obsolete in-range-only for eslint
• 0b3a651 Run pnpm from the project dir to fix corepack version detection

📖 Documentation

• 91ec92d api: Fix a typo in class documentation
• b9100b0 core: Fix example for Maven environment definition
• aa4055b workers: Fix the docs for resolveSecrets
• 2cd0e5c workers: Fix two KDoc references

🔧 Chores

• 4bd0289 core: Make creating license filter creation more compact
• 62adf18 ui: Render "No description available." in italic
• ba505cf ui: Write in italic if no data is available
• 39ed2cf workers: Fix indentation of multi-line strings
• 6b3ba55 workers: Remove redundant companion references

🚀 Dependency Updates

• cc71ab6 docker: Update Bazelisk to version 1.29
• 1b4bfd0 docker: Update Python Inspector to version 0.15.1
• bf0ca61 Update the dependency-analysis-gradle-plugin to version 3.11.0
• f930f85 pin dependency eslint to 10.3.0
• 1250da6 update alpine docker tag to v3.23
• a2295c4 update awssdk to v1.6.72
• 28adbf9 update azure-sdk-for-java monorepo
• db3225a update dependency @hey-api/openapi-ts to v0.97.1
• 386833d update dependency axios to v1.16.0
• 4d84253 update dependency eslint to v10
• 771a960 update dependency globals to v17.6.0
• 91d9711 update dependency lucide-react to v1.14.0
• 640c020 update dependency postcss to v8.5.13
• 8cc0ca1 update dependency postcss to v8.5.14
• 33056b8 update dependency react-hook-form to v7.75.0
• faddf3a update dependency zod to v4.4.1
• 0557f92 update dependency zod to v4.4.2
• dd40596 update dependency zod to v4.4.3
• 7d53180 update dependency zustand to v5.0.13
• 32f0c63 update dev.panuszewski.typesafe-conventions to v0.11.0
• a6ea5b5 update docusaurus monorepo to v3.10.1
• d6a6d69 update docusaurus-openapi-docs to v5.0.2
• 759dab2 update eclipse-temurin docker tag to v21.0.11_10-jdk-jammy
• c592903 update flyway to v12.6.0
• cabe724 update flyway to v12.6.1
• 9ec1ca7 update gradle to v9.5.1
• 522a62a update kotlinx-coroutines monorepo to v1.11.0
• 3dfe3b4 update node.js to 24dc26e
• ea982e9 update org.apache.logging.log4j:log4j-to-slf4j to v2.26.0
• 4bd77ea update org.ossreviewtoolkit:version-catalog to v85.1.0
• ea2ae3c update org.ossreviewtoolkit:version-catalog to v85.1.1
• c523271 update org.ossreviewtoolkit:version-catalog to v86
• 9198725 update pnpm to v11.0.8
• 56bd996 update tanstack-query monorepo to v5.100.9
• 881ce51 update tanstack-router monorepo
• 2831885 update typescript-eslint monorepo to v8.59.2

🚜 Refactorings

• 325bdfc ui: Drive environment definition forms from field schemas
• 711c511 ui: Generalize current package manager environment definition
• 114319b ui: Pass plugin configs to scanners in a more readable way
• bba3d42 workers: Reduce dependencies of ConfigFileBuilder
• 9cad0e9 workers: Rename CredentialResolver to SecretResolver

0.64.0

What's Changed

🛠 Breaking Changes

• d75c222 feat(Keycloak)!: Use the standard HTTP client
• 0807919 feat(elasticsearch)!: Use the standard HTTP client
• 74ddba9 feat(loki)!: Use the standard HTTP client
• bfd5c97 feat(vault)!: Use the standard HTTP client

🐞 Bug Fixes

• 3ae3173 s3: Add forcePathStyle option to config files
• a47a3c0 ui: Allow unsetting optional plugin secrets only
• 77e2250 ui: Ensure empty table messages span the actual table width
• df2dac9 ui: Ignore plugin secret defaults in create-run payload
• 6c1acf3 ui: Preserve scanner plugin config on rerun
• 16ec097 ui: Show UNKNOWN instead of negative line numbers

🎉 New Features

• b5b88d4 github-config: Use the standard HTTP client
• f8b727f http-client: Add a class for default HTTP client settings
• 5825b5c http-client: Add a function to create configured HTTP clients
• 5b6e429 http-client: Add a functionality to deal with rate limiting
• 7e05590 scaleway: Use the standard HTTP client
• 65c733e ui: Add a button to open a repository to the repository breadcrumb
• 0b83890 ui: Add helper methods for linking to Software Heritage
• e850f01 ui: Add links from license findings to Software Heritage page
• e8a4645 ui: Add the environment config path to the ORT run
• 2d9d82f ui: Explain missing detected licenses when scanner is skipped
• 6ddaa69 ui: Make each plugin type an extendable Accordion
• 0f8d569 ui: Render the plugin descriptions as Markdown
• 74765e7 ui: Use descriptive plugin type names in plugin templates
• 2d37637 Store the excluded status for packages and projects

✅ Tests

• 6bf8f86 analyzer: Disambiguate Identifier types in AnalyzerWorkerTest

🐘 Build & ⚙️ CI

• 25c2f93 ui: Add the Software Heritage logo
• db564b4 Add a new project for Ktor client utils

🔧 Chores

• 56c2155 Restructure configuration for logaccess modules

🚀 Dependency Updates

• 59b5675 analyzer: Update the default Node.js version to the latest LTS
• 2bbc41e update awssdk to v1.6.68
• 5780f7a update com.azure:azure-identity to v1.18.3
• b4d83e0 update com.sksamuel.aedile:aedile-core to v3.0.4
• 8849253 update com.typesafe:config to v1.4.8
• b11149b update dependency @hey-api/openapi-ts to v0.97.0
• e7cc62d update dependency lucide-react to v1.11.0
• 1b40a96 update dependency postcss to v8.5.11
• ba55595 update dependency postcss to v8.5.12
• a6d1bce update dependency prettier-plugin-tailwindcss to v0.7.3
• 85f369b update dependency prettier-plugin-tailwindcss to v0.8.0
• ec0573c update dependency react-hook-form to v7.74.0
• f9e1c78 update dependency vite to v8.0.10
• 54325ea update dependency-analysis-gradle-plugin to v3.10.0
• 35f77bf update org.ossreviewtoolkit:version-catalog to v85
• 81b026a update pnpm to v10.33.2
• 2dcc80b update tanstack-query monorepo to v5.100.5
• 6f5efce update tanstack-router monorepo
• ddc2945 update typescript-eslint monorepo to v8.59.1

0.63.0

What's Changed

🐞 Bug Fixes

• 2c85e75 service: Fix detected licenses showing results from wrong scanner

🎉 New Features

• afe267c s3: Add an option to force path-style endpoint URLs
• 5b0986b ui: Preserve search params when switching runs

🚀 Dependency Updates

• b7ffb88 update pnpm to v10.33.1