Skip to content

0.57.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 Mar 14:26
· 640 commits to main since this release
0.57.0
6147e75

Upgrade Notes

With this release three new environment variables must be set for the core deployment:

  • CLI_KEYCLOAK_BASE_URL
  • CLI_KEYCLOAK_REALM
  • CLI_KEYCLOAK_CLIENT_ID

These are required to enable auto-configuration of authentication details for the CLI. See the docs for details.

What's Changed

🛠 Breaking Changes

  • 8358f84 refactor(core)!: Add separate config for CLI authentication

🐞 Bug Fixes

  • f8ddbab compose: Add the missing basic client scope

🎉 New Features

  • 5b9d754 compose: Reconfigure the Keycloak clients
  • cfe43e5 ui: Add resolution source to vulnerability resolutions
  • 6147e75 ui: Create vulnerability resolutions on the server
  • be426f6 workers: Add an ORT Server resolution provider
  • 95ba6cf workers: Assign the correct source for resolutions
  • dfef3fd Add a model for the source of resolutions
  • 7721f14 Include new resolutions in vulnerabilities for run
  • 356e469 Mark removed server-managed vulnerability resolutions as deleted

🐘 Build & ⚙️ CI

  • fd7b44b gradle: Update Eclipse Maven Repository URL
  • ed25366 ui: Make UI Docker image compatible with read-only root fs

📖 Documentation

  • dd3ed8a ui: Fix the port mapping for the UI image
  • 776685e website: Add documentation for the required Keycloak setup
  • 8082c5a Document the VulnerabilityResolution classes

🔧 Chores

  • 3b31e5b api-model: Remove an unneeded import
  • 85abfd0 compose: Fix description of ort-server-backend client
  • 0f788e3 model: Remove unused default values
  • 478d7c1 Fix kotlin-result deprecation warnings

🚀 Dependency Updates

  • 9c3ebae update actions/download-artifact action to v8.0.1
  • f1b9f24 update com.michael-bull.kotlin-result:kotlin-result to v2.2.0
  • cb85f82 update com.michael-bull.kotlin-result:kotlin-result to v2.3.0
  • cd1c918 update com.squareup.okio:okio to v3.17.0
  • 3599633 update dependency @hey-api/openapi-ts to v0.94.1
  • 707a524 update dependency @vitejs/plugin-react to v5.2.0
  • 2df723c update dependency @vitejs/plugin-react to v6
  • e5431e0 update dependency @vitejs/plugin-react to v6.0.1
  • 15a2516 update dependency oidc-client-ts to v3.5.0
  • c3b68c8 update dependency react-oidc-context to v3.3.1
  • ede1174 update dependency vite to v8
  • 87cfcb8 update dependency vitest to v4.1.0
  • f6f66e3 update kotest to v6.1.6
  • 0d38579 update nginx:1.29-alpine docker digest to 5bad1dd
  • c290b12 update nginx:1.29-alpine docker digest to f46cb72
  • ef539ef update org.ossreviewtoolkit:version-catalog to v82.1.0
  • 53775bb update pnpm to v10.32.1

🚜 Refactorings

  • 19eb94e api: Align a class name with the model class
  • f51e06e api: Remove OrganizationVulnerability
  • 8b89078 model: Rename a class to VulnerabilityWithStats
  • 8b6e4e6 ort-run-service: Return API classes from VulnerabilityService
  • ceac14b workers: Move resolution matching helper to provider class
  • 50083b8 workers: Switch to the OrtServerResolutionProvider

💡 Other Changes

  • 93190c4 style(core): Add a missing argument name
Assets 7
Loading