0.62.0

What's Changed

🐞 Bug Fixes

• cdae157 database: Close the outputSteam after copying large objects
• 57f4717 orchestrator: Keep recipient addresses after job completion
• 8a15aa8 plugin-manager: Allow setting options to their final value
• dfbe2e6 plugin-manager: Properly reset the plugin template state on delete
• 19b7119 ui: Adjust padding and margins in plugin and advisor fields
• 1c7ce85 ui: Coerce plugin option types to prevent validation errors
• 75d450f ui: Fix an anti-pattern with useState and useEffect
• 4b1406b ui: Normalize username to lowercase on creation to prevent 404

🎉 New Features

• 182cf55 api: Add route to get dependency graph of an ORT run
• 0823f60 config-worker: Correctly handle restricted package managers
• 317ac14 logaccess: Add Elasticsearch log file provider
• c4f380a model: Add model for the new component
• bac9454 plugin-manager: Return ErrorResponse if a route fails
• f1c6a45 service: Add a service to return dependency graphs
• 41f0a0e ui: Add helper methods and components for dependengy graph
• 6dfde90 ui: Add support for scanner plugin options
• 7ea8250 ui: Also make SBOM texts links
• 531c30f ui: Set options to undefined when creating a new plugin template
• 99b875b ui: Show the dependency graphs in the UI
• 7979379 Resolve default package managers in config worker
• 92c5f25 Sort the dependency graphs

✅ Tests

• 423f1cc rabbitmq: Work around a deprecation issue

🐘 Build & ⚙️ CI

• cdc9fba ui: Add Collapsible shadcn-ui component
• 8355756 Fix the logic to opt-in to the experimental serialization API

🔧 Chores

• ac64ee0 core: Remove unused jwt.roleCacheLifetimeSeconds
• c60520f database: Align "create"- with "open"-access
• 4bcea1e mailmap: Declare full names for some adresses
• 4142d90 mailmap: Prefer Double Open .io addresses
• c790226 mailmap: Sort entries alphabetically
• ec5369b Use sealed interfaces instead of classes where possible

🚀 Dependency Updates

• 8cdff13 Replace wiremock-standalone dependency
• ae2e161 pin dependency @radix-ui/react-collapsible to 1.1.12
• 40b0247 update awssdk to v1.6.64
• d10f2a5 update com.github.dasniko:testcontainers-keycloak to v4.2.1
• 533afe0 update com.google.devtools.ksp to v2.3.7
• d8c8bac update com.typesafe:config to v1.4.7
• a1d8717 update dependency @hey-api/openapi-ts to v0.96.1
• c43ada0 update dependency axios to v1.15.1
• 9596d45 update dependency axios to v1.15.2
• 9ac4394 update dependency eslint-plugin-react-hooks to v7.1.0
• acbebe1 update dependency eslint-plugin-react-hooks to v7.1.1
• d3e395e update dependency postcss to v8.5.10
• db52a8e update dependency react-hook-form to v7.73.1
• cd87c73 update dependency typescript to v6.0.3
• e6a4d45 update dependency vite to v8.0.9
• cdad940 update dependency vitest to v4.1.5
• 3afabfd update detektplugin to v2.0.0-alpha.3
• 1bf87b9 update flyway to v12.5.0
• b1e47eb update gradle to v9.5.0
• 823637e update kotlin monorepo to v2.3.21
• e2f8d17 update ktor monorepo to v3.4.3
• b60f7c2 update node.js to 03eae3e
• e5465dc update org.ossreviewtoolkit:version-catalog to v84.1.0
• 834a241 update org.ossreviewtoolkit:version-catalog to v84.2.0
• 83da572 update org.postgresql:postgresql to v42.7.11
• 2ab6644 update rabbitmq docker tag to v4.3.0
• cbfe583 update tailwindcss monorepo to v4.2.3
• 791071d update tailwindcss monorepo to v4.2.4
• 3b19c17 update tanstack-query monorepo to v5.99.2
• 40bcb2e update tanstack-router monorepo
• a6e1013 update typescript-eslint monorepo to v8.59.0

🚜 Refactorings

• f228e44 ktor-utils: Expose some sorting helpers
• 38e227a logaccess: Apply default timeout when creating the config object
• 9461f3e plugin-manager: Centralize handling of template errors
• 7cd2ec5 ui: Clean up the refactor
• 59260c2 ui: Extract form primitives
• 7c1b41b ui: Extract form schema
• 9d78c26 ui: Extract handling of default values in the form
• 1792c87 ui: Extract plugin utilities
• 4061184 ui: Extract the form payload builder
• 42f1d38 ui: Use barrel export also for form subfields

0.61.0

What's Changed

🎉 New Features

• 9e49ae5 secrets: Add configurable HTTP timeout for Vault client

🐘 Build & ⚙️ CI

• d1e50ae gradle: Disable Detekt's HTML and Markdown reports

🚀 Dependency Updates

• f26f531 update com.autonomousapps:dependency-analysis-gradle-plugin to v3.9.0
• aa64797 update dependency autoprefixer to v10.5.0
• 2954c3e update dependency docusaurus-plugin-openapi-docs to v5.0.1
• f3e74ea update dependency docusaurus-theme-openapi-docs to v5.0.1
• 3a71b68 update dependency prettier to v3.8.3
• 5013347 update org.ossreviewtoolkit:version-catalog to v84
• e6123d2 update org.springframework.security:spring-security-crypto to v7.0.5
• 50475b9 update testcontainers-java monorepo to v2.0.5
• d2882f9 update typescript-eslint monorepo to v8.58.2

0.60.2: fix(workers): Add advisors to the Advisor runner Docker image again

What's Changed

🛠 Breaking Changes

• eac36bb feat(api)!: Add support for repository names
• 6284e08 feat(dao)!: Persist repository names

🐞 Bug Fixes

• 7d775fa ui: Validate required plugin options only for selected advisors
• e09c8fb workers: Add advisors to the Advisor runner Docker image again

🎉 New Features

• 24b615b api: Wire the dependency filter to the endpoint
• 50dbad3 dao: Add a new junction table for performance
• d12c60b dao: Add an Exposed table definition for the junction table
• cecbd1d license-findings: Add API routes for license findings
• ea8fc60 license-findings: Add a service for querying license findings
• af3eedc license-findings: Add component API model
• 1c4f629 model: Add isDirectDependency to PackageFilters
• b63b240 rate-limit: Add configurable rate limiting for API endpoints
• 93cc579 scanner: Populate the junction table when writing scan results
• 650702a service: Add package filtering for direct vs transitive dependencies
• 027f7a7 service: Add support for repository names
• 2011d9c ui: Add UI to show the license detection data
• 36217a0 ui: Add a single-select variant of the select filter
• 0d12cdc ui: Add form inputs for advisor plugin options
• c8df518 ui: Disable advisor option inputs for fixed values
• d224df5 ui: Filter packages table with direct/indirect dependency
• 009f269 ui: Show dropdowns for secret plugin options
• c832b9d ui: Show repository name in the UI where feasible
• 62556a8 ui: Use default values for advisor options
• bd9e86a workers: Generate package manager config files only in analyzer
• 9f8fb12 Enable filtering by repository name or URL
• 158ceab Store the ORT Server version for each run

⚡ Performance Enhancements

• 124eccf dao: Add index on packages.identifier_id
• cba3d51 service: Improve the performance of LicenseFindingService

✅ Tests

• a8c0a49 db: Bump PostgreSQL version to 15 in test containers

🐘 Build & ⚙️ CI

• d895549 docker: Bump Rust to version 1.91.0
• 162c5ad scanner: Install ScanCode to /opt/scancode

🔧 Chores

• 3c412af scanner: Remove the Askalono archive after install
• 687bafc scanner: Return to $HOME after installing Licensee
• 34409b0 Prefer the char-version of split if possible

🚀 Dependency Updates

• 17eb0a4 update actions/setup-node action to v6.4.0
• 5ff7028 update awssdk to v1.6.59
• 7bdc959 update com.autonomousapps:dependency-analysis-gradle-plugin to v3.8.0
• 78b4c93 update com.github.jmongard.git-semver-plugin to v0.19.0
• e33dbd8 update dependency @eslint/compat to v2.0.5
• fc9b8d3 update dependency @hey-api/openapi-ts to v0.96.0
• 0ae3689 update dependency globals to v17.5.0
• 8dbabae update dependency lucide-react to v1.8.0
• bfc65ef update dependency prettier to v3.8.2
• 3aa5e75 update dependency vite to v8.0.8
• e522272 update dependency vitest to v4.1.4
• 0897e31 update docusaurus monorepo to v3.10.0
• 846212e update docusaurus-openapi-docs to 5.0.0
• df1668f update eclipse-temurin:21.0.10_7-jdk-jammy docker digest to 25d1276
• d74a374 update ktoropenapi to v5.7.0
• e6b3d94 update nginx:1.30-alpine docker digest to 0272e46
• cd116e9 update nginx:1.30-alpine docker digest to 2e665df
• 9c2b386 update nginx:1.30-alpine docker digest to f60d139
• 97e8961 update node.js to 879b21a
• 535ae2e update quay.io/keycloak/keycloak docker tag to v26.6.1
• 85d6779 update react monorepo to v19.2.5
• a1ee641 update schemakenerator to v2.7.2
• fcc19bf update tanstack-query monorepo to v5.99.0
• e704ccf update tanstack-router monorepo

🚜 Refactorings

• 5fe79db dao: Make toSortOrder() in DAO public for reuse
• 093a002 ui: Convert createRunFormSchema to a function
• 137f9bc ui: Extract function to convert plugin payload
• d81a984 ui: Extract function to get defaults for plugin options
• 2467249 Move toCoordinates() to Identifier class for reuse

0.60.1

What's Changed

🐞 Bug Fixes

• b607927 ui: Fix an invalid data-[state] for TailwindCSS

🔧 Chores

• 75fed75 keycloak: Specify the container version explicitly

🚀 Dependency Updates

• 361af7e update actions/cache action to v5.0.5
• 5f65a7a update com.rabbitmq:amqp-client to v5.30.0
• 0ab673f update dependency postcss to v8.5.9
• 8af546f update dependency vite to v8.0.6
• e3f9a84 update dependency vite to v8.0.7
• 88c83fa update dependency vitest to v4.1.3
• 53e0bdc update flyway to v12.4.0
• 380eaf4 update grafana/grafana docker tag to v13
• 2820395 update nginx docker tag to v1.30
• bf47c47 update typescript-eslint monorepo to v8.58.1

0.60.0

What's Changed

🐞 Bug Fixes

• d4ca58a resolutions: Persist server rule violation resolutions by hash
• 0ecae1a ui: Fix overflows in MoveRepository component

🎉 New Features

• e75a9de evaluator: Resolve rule violation resolutions from the repository
• 5020d0d kubernetes: Add support for custom empty dir mounts
• 0d11f96 resolutions: Add a read model for rule violation resolutions
• 061dfcd resolutions: Add a service to manage rule violation resolutions
• 9c5a1cd resolutions: Add a store for rule violation resolution events
• 2448aa6 resolutions: Add routes to manage rule violation resolutions
• 5aae0f2 resolutions: Define rule violation resolution events
• 633f531 resolutions: Include unapplied and deleted resolution info
• e353193 ui: Add component to render SPDX expressions
• d6f6a36 ui: Add license color helpers and an internal badge component
• c9d2d34 ui: Handle rule violation resolutions in the UI
• c9d5df6 ui: Wire up the new component to the UI for license coloring

🐘 Build & ⚙️ CI

• 99ec767 renovate: Use the config preset from the renovate repo

🔧 Chores

• fca69c1 ui: Add SPDX parser and adapter helpers for it

🚀 Dependency Updates

• 596eac8 update actions/upload-artifact action to v7.0.1
• 7ab24be update actions/upload-pages-artifact action to v5
• 61ba9a6 update awssdk to v1.6.51
• 3347582 update awssdk to v1.6.56
• 014421f update com.autonomousapps:dependency-analysis-gradle-plugin to v3.7.0
• a68b753 update com.github.dasniko:testcontainers-keycloak to v4.2.0
• 2ac900a update dependency @eslint/compat to v2.0.4
• 77b3c70 update dependency @hey-api/openapi-ts to v0.95.0
• 0f061a5 update dependency @playwright/test to v1.59.1
• 8e6e492 update dependency @types/node to v24.12.1
• 2c243cc update dependency @types/node to v24.12.2
• 1d68941 update dependency axios to v1.15.0 [security]
• a5b97b4 update dependency react-hook-form to v7.72.1
• cd70dc8 update dependency vite to v8.0.5 [security]
• 5a90e29 update dev.panuszewski.typesafe-conventions to v0.10.1
• 8e41e7b update docker/build-push-action action to v7.1.0
• 6f59e25 update docker/login-action action to v4.1.0
• a22b311 update eclipse-temurin:21.0.10_7-jdk-jammy docker digest to f780cc4
• 9669221 update exposed to v1.2.0
• 54fc422 update gradle/actions action to v6.1.0
• 2492c1b update io.micrometer:micrometer-registry-graphite to v1.16.5
• f03be5e update koin to v4.2.1
• 827e327 update kotest to v6.1.11
• 51db0f7 update nginx:1.29-alpine docker digest to 582c496
• f27d19d update nginx:1.29-alpine docker digest to 645eda1
• 473081e update nginx:1.29-alpine docker digest to 9c5e088
• fbe55d7 update node.js to b506e73
• cacddba update org.jetbrains.kotlinx:kotlinx-serialization-json to v1.11.0
• af36e70 update org.ossreviewtoolkit:version-catalog to v83.0.2
• 6625ff7 update org.ossreviewtoolkit:version-catalog to v83.1.0
• fc8feed update quay.io/keycloak/keycloak docker tag to v26.5.7
• a947601 update quay.io/keycloak/keycloak docker tag to v26.6.0
• 7c5d66c update schemakenerator to v2.7.1
• 83c4c56 update tanstack-query monorepo to v5.96.2
• aa77fd2 update tanstack-router monorepo
• 6bee61f update tel.schich.tinyjib to v0.3.4

🚜 Refactorings

• f8c966d api: Move rule violation resolution classes to shared model
• d88c3ec ui: Align UI code

0.59.0

What's Changed

🛠 Breaking Changes

• c1d5d85 feat(plugin-manager)!: Add RESTRICTED plugin availability state

🐞 Bug Fixes

• 6924b9a analyzer: Fix logging the enabled package managers
• b70e43a resolutions: Persist server issue resolutions by message hash
• 40231a1 ui: Apply custom favicon earlier to reduce default favicon flash
• e347e08 ui: Clarify that a resolution's comment field is optional

🎉 New Features

• fc26c55 api: Resolve secret values from user secrets
• e058fda resolutions: Add a read model for issue resolutions
• e9d69c1 resolutions: Add a service to manage issue resolutions
• e727dd9 resolutions: Add a store for issue resolution events
• e28b4cf resolutions: Add routes to manage issue resolutions
• 0cfb601 resolutions: Define issue resolution events
• 230e3b2 resolutions: Include unapplied and deleted issue resolution info
• 4055246 s3: Add an optional key prefix
• 24cb726 ui: Add ToggleGroup Shadcn component
• 31a3bd4 ui: Add profile page and Keycloak account links
• fd6ed46 ui: Add the new SPDX package manager to the UI
• 290d596 ui: Change repository count to a link
• 5e761a9 ui: Handle issue resolutions in the UI
• 22a664a ui: Improve appearance of "manage templates" link
• 07dede8 ui: Shorten a long issue message by default
• d7d750d ui: Show tooltips for truncated usernames and emails
• 833542e workers: Resolve issue resolutions from the repository

✅ Tests

• be6dc61 core: Add a test to verify the source of secrets in run requests
• fb2b242 s3: Replace !! with shouldNotBeNull
• fca3f76 workers: Avoid depending on ORT's GitCommand

🐘 Build & ⚙️ CI

• 5e20370 gradle: Avoid rebuilds due to version changes only
• f1da049 renovate: Enable automerge for non-major updates

📖 Documentation

• 85c50e8 website: Consistently say "ORT Server" instead of "server"
• e5fa54b Add @mnonnenmacher to ui code owners

🔧 Chores

• bb2c55a dao: Add resolution message hash calculation
• 9a7d6ab ui: Capitalize "Pending rerun" as following a colon
• 1c8ce66 Update .gitignore for agent related files

🚀 Dependency Updates

• a9cdfc3 pin dependencies
• 0f5c3cc update actions/configure-pages action to v6
• e798a34 update actions/deploy-pages action to v5
• 45ef7aa update awssdk to v1.6.46
• 230c475 update azure-sdk-for-java monorepo
• 28b3c43 update com.azure:azure-storage-blob to v12.33.3
• 8b33efa update com.sksamuel.aedile:aedile-core to v3.0.3
• 38f7796 update dependency @hey-api/openapi-ts to v0.94.5
• 06e1c4f update dependency @playwright/test to v1.59.0
• 5289a44 update dependency ae-cvss-calculator to v1.0.12
• 2a541c8 update dependency axios to v1.14.0
• e6a8342 update dependency lucide-react to v1
• 0641a7e update dependency recharts to v3.8.1
• 6549c26 update dependency typescript to v6
• cf65c52 update dependency vite to v8.0.3
• ea7d66b update dependency vitest to v4.1.2
• a8c9240 update docker/dockerfile docker tag to v1.23
• ba00f03 update flyway to v12.2.0
• 0f8fea9 update flyway to v12.3.0
• 0613513 update gradle/actions action to v6.0.1
• 6ee4d65 update grafana/logstash-output-loki docker tag to v3.6.8
• 8b9fb7b update grafana/logstash-output-loki docker tag to v3.7.0
• b26761d update grafana/logstash-output-loki docker tag to v3.7.1
• 43d2d91 update grafana/loki docker tag to v3.6.8
• 0d4673c update grafana/loki docker tag to v3.7.0
• bb45c37 update grafana/loki docker tag to v3.7.1
• 4e3e69e update io.ktor:ktor-version-catalog to v3.4.2
• 34a4bdb update kotest to v6.1.10
• 8670922 update kotest to v6.1.9
• a560e90 update kubernetesclient to v26
• 4a84c31 update nginx:1.29-alpine docker digest to d436955
• c0d57ec update nginx:1.29-alpine docker digest to e7257f1
• a232c20 update node.js to 06e5c9f
• 00fe246 update org.apache.logging.log4j:log4j-to-slf4j to v2.25.4
• b535d02 update org.ossreviewtoolkit:version-catalog to v83
• 6360594 update org.ossreviewtoolkit:version-catalog to v83.0.1
• 406a7af update pnpm to v10.33.0
• 342d8f5 update tanstack-query monorepo to v5.95.2
• 2fc6558 update tanstack-router monorepo
• aa1b3e1 update typescript-eslint monorepo to v8.58.0

🚜 Refactorings

• c15a1e6 api: Move issue resolution classes to shared model
• 1238f99 model: Make hierarchy IDs serializable
• 355187d plugin-manager: Use hierarchy ID value classes
• bf7c326 ui: Refactor resolutions handling

0.58.0

What's Changed

🛠 Breaking Changes

• b01d122 refactor(api)!: Refactor the vulnerability resolution component

🐞 Bug Fixes

• 05119c5 analyzer: Store issues from the dependency graph
• b78e455 docker: Fix problems with the UI image on OpenShift
• a19abca services: Deduplicate dependency graph issues

🎉 New Features

• a0db093 dao: Add a function to collect the issues of dependency graphs
• 1b12055 dao: Add table for storing encrypted secrets
• aa0127e secrets: Add a database secrets provider

🐘 Build & ⚙️ CI

• 6c8df6e Enable Gradle build scan for tests and CLI build

📖 Documentation

• b3da97b ui: Tweak the title for visible runs in the durations chart

🔧 Chores

• 4605492 docker: Make copy statements in UI entrypoint.sh more robust

🚀 Dependency Updates

• e9ae3dd update actions/cache action to v5.0.4
• 3f16cbf update awssdk to v1.6.41
• 09da666 update dependency @hey-api/openapi-ts to v0.94.3
• 4d71d4a update dependency @hey-api/openapi-ts to v0.94.4
• f1050d0 update dependency @t3-oss/env-core to v0.13.11
• 7c467c8 update dependency react-hook-form to v7.72.0
• 9988773 update dependency vite to v8.0.1
• c58488c update dependency vite to v8.0.2
• 82146f6 update dependency vitest to v4.1.1
• 264bd74 update flyway to v12.1.1
• ac53295 update gradle to v9.4.1
• c2339a7 update gradle/actions action to v6
• 4db0213 update koin to v4.2.0
• d633ea1 update kotest to v6.1.8
• ca47504 update node.js to d8e448a
• 7afad1c update org.jetbrains.kotlin.plugin.serialization to v2.3.20
• 383aa26 update org.ossreviewtoolkit:version-catalog to v82.2.0
• dd9f96d update org.springframework.security:spring-security-crypto to v7.0.4
• 0171d7e update quay.io/keycloak/keycloak docker tag to v26.5.6
• 5ea25c4 update rabbitmq docker tag to v4.2.5
• 7d50a01 update tailwindcss monorepo to v4.2.2
• 0c4412c update tanstack-query monorepo to v5.95.0
• 80f2535 0a61c16 update tanstack-router monorepo
• 58770c0 update tel.schich.tinyjib to v0.3.3
• 91b4dfe update testcontainers-java monorepo to v2.0.4
• 0759d5d update typescript-eslint monorepo to v8.57.2

0.57.1

What's Changed

🐞 Bug Fixes

• d3e4d4c dao: Fix the values for the source command

🚀 Dependency Updates

• dd8cf74 update awssdk to v1.6.36
• d98a762 update com.michael-bull.kotlin-result:kotlin-result to v2.3.1
• e1bc505 update dependency @hey-api/openapi-ts to v0.94.2
• 492c8c7 update dependency zustand to v5.0.12
• 5b73ea2 update eclipse-temurin:21.0.10_7-jdk-jammy docker digest to 93916be
• 2cdf1c4 update eclipse-temurin:21.0.10_7-jdk-jammy docker digest to db76cc1
• cd42044 update kotest to v6.1.7
• 7c8180d update typescript-eslint monorepo to v8.57.1

0.57.0

Upgrade Notes

With this release three new environment variables must be set for the core deployment:

• CLI_KEYCLOAK_BASE_URL
• CLI_KEYCLOAK_REALM
• CLI_KEYCLOAK_CLIENT_ID

These are required to enable auto-configuration of authentication details for the CLI. See the docs for details.

What's Changed

🛠 Breaking Changes

• 8358f84 refactor(core)!: Add separate config for CLI authentication

🐞 Bug Fixes

• f8ddbab compose: Add the missing basic client scope

🎉 New Features

• 5b9d754 compose: Reconfigure the Keycloak clients
• cfe43e5 ui: Add resolution source to vulnerability resolutions
• 6147e75 ui: Create vulnerability resolutions on the server
• be426f6 workers: Add an ORT Server resolution provider
• 95ba6cf workers: Assign the correct source for resolutions
• dfef3fd Add a model for the source of resolutions
• 7721f14 Include new resolutions in vulnerabilities for run
• 356e469 Mark removed server-managed vulnerability resolutions as deleted

🐘 Build & ⚙️ CI

• fd7b44b gradle: Update Eclipse Maven Repository URL
• ed25366 ui: Make UI Docker image compatible with read-only root fs

📖 Documentation

• dd3ed8a ui: Fix the port mapping for the UI image
• 776685e website: Add documentation for the required Keycloak setup
• 8082c5a Document the VulnerabilityResolution classes

🔧 Chores

• 3b31e5b api-model: Remove an unneeded import
• 85abfd0 compose: Fix description of ort-server-backend client
• 0f788e3 model: Remove unused default values
• 478d7c1 Fix kotlin-result deprecation warnings

🚀 Dependency Updates

• 9c3ebae update actions/download-artifact action to v8.0.1
• f1b9f24 update com.michael-bull.kotlin-result:kotlin-result to v2.2.0
• cb85f82 update com.michael-bull.kotlin-result:kotlin-result to v2.3.0
• cd1c918 update com.squareup.okio:okio to v3.17.0
• 3599633 update dependency @hey-api/openapi-ts to v0.94.1
• 707a524 update dependency @vitejs/plugin-react to v5.2.0
• 2df723c update dependency @vitejs/plugin-react to v6
• e5431e0 update dependency @vitejs/plugin-react to v6.0.1
• 15a2516 update dependency oidc-client-ts to v3.5.0
• c3b68c8 update dependency react-oidc-context to v3.3.1
• ede1174 update dependency vite to v8
• 87cfcb8 update dependency vitest to v4.1.0
• f6f66e3 update kotest to v6.1.6
• 0d38579 update nginx:1.29-alpine docker digest to 5bad1dd
• c290b12 update nginx:1.29-alpine docker digest to f46cb72
• ef539ef update org.ossreviewtoolkit:version-catalog to v82.1.0
• 53775bb update pnpm to v10.32.1

🚜 Refactorings

• 19eb94e api: Align a class name with the model class
• f51e06e api: Remove OrganizationVulnerability
• 8b89078 model: Rename a class to VulnerabilityWithStats
• 8b6e4e6 ort-run-service: Return API classes from VulnerabilityService
• ceac14b workers: Move resolution matching helper to provider class
• 50083b8 workers: Switch to the OrtServerResolutionProvider

💡 Other Changes

• 93190c4 style(core): Add a missing argument name

0.56.0

What's Changed

🛠 Breaking Changes

• 0426e7a feat(api)!: Expose typed permissions in user info

🐞 Bug Fixes

• 25d9294 compose: Actually use the secrets.properties file
• aacc1dc orchestrator: Add variables to configure pod labels
• 963a5ea ui: Also disable "delete ORT run" with insufficient permissions
• d7e599e correct case in SCANNEr_SENDER_TRANSPORT_CPU_REQUEST

🎉 New Features

• 0df7403 authorization: Add permission enums to API model
• b1e3d79 authorization: Add the repository permission MANAGE_RESOLUTIONS
• aec7162 compose: Use a dedicated Keycloak client for the backend
• 94ac570 resolutions: Add a read model for vulnerability resolutions
• eeb56b0 resolutions: Add a service to manage vulnerability resolutions
• 19f5638 resolutions: Add a store for vulnerability resolution events
• 1530adb resolutions: Add routes to manage vulnerability resolutions
• a2b18c5 resolutions: Define vulnerability resolution events
• b56b385 ui: Add copy button to error toasts
• 359f274 ui: Add links to projects table
• e05fa0e ui: Align capitalization and wording of buttons
• 1111461 ui: Open subrow also in projects table
• 42a2861 ui: Prettify the error copied to clipboard
• 3c3deb4 ui: Prevent "Rerun" without TRIGGER_ORT_RUN permission
• 0320082 ui: Prevent admins to manage secrets from higher hierarchy level
• 554cb4b ui: Protect users without access rights to create items
• c4d00d2 workers: Resolve vulnerability resolutions from the repository
• 21248e8 Add a new resolutions component

⚡ Performance Enhancements

• fbd37ba service: Optimize listForOrtRuns() for performance

🔧 Chores

• d935adc compose: Recreate the master realm file with Keycloak 26.5.5
• 667137f compose: Remove the unused superuser role
• c2b035b dao: Remove tests for old migrations
• 14e66b8 Beautify some test assertions
• 73c9e57 Ignore some more agent directories
• d36f7c7 Prefer enumEntries over enumValues
• 393cc09 Remove superfluous test assertions

🚀 Dependency Updates

• 58fbbbb update actions/setup-node action to v6.3.0
• a9209e5 update awssdk to v1.6.31
• 89c6a89 update com.github.gmazzo.buildconfig to v6.0.8
• 2cfb827 update com.github.gmazzo.buildconfig to v6.0.9
• 5068a4d update dependency @eslint/compat to v2.0.3
• b709627 update dependency @eslint/eslintrc to v3.3.5
• 322bf5a update dependency @hey-api/openapi-ts to v0.94.0
• 744c1d2 update dependency @types/node to v24.11.2
• bc5c4cd update dependency @types/node to v24.12.0
• 3067aba update dependency eslint to v9.39.4
• 8f33b09 update dependency lucide-react to v0.577.0
• 2adaf74 update dependency recharts to v3.8.0
• 8a0596d update docker/build-push-action action to v7
• a1d7e46 update docker/dockerfile docker tag to v1.22
• 695be38 update docker/login-action action to v4
• 53bbba8 update docker/metadata-action action to v6
• e55bded update docker/setup-buildx-action action to v4
• 2ac8f88 update flyway to v12.1.0
• b9560ed update gradle to v9.4.0
• 7f20015 update io.ktor:ktor-version-catalog to v3.4.1
• 8e90850 update io.micrometer:micrometer-registry-graphite to v1.16.4
• cdf70c1 update kotest to v6.1.5
• 7544141 update org.ossreviewtoolkit:version-catalog to v81
• 1f82eec update org.ossreviewtoolkit:version-catalog to v82
• bfb5dad update pnpm to v10.31.0
• 567ef44 update pnpm to v10.32.0
• 152bb51 update quay.io/keycloak/keycloak docker tag to v26.5.5
• 2500ae2 update tanstack-router monorepo
• 4550d6b update typescript-eslint monorepo to v8.57.0

🚜 Refactorings

• da148ad api: Move vulnerability resolution classes to shared model
• a15918a dao: Add a helper function for enum columns
• e6557fa ort-run-service: Avoid an unnecessary query
• ed989c0 ort-run-service: Keep the order of issue rows
• 31d2f07 ort-run-service: Keep the order of rule violation rows
• 31b33e7 ort-run-service: Simplify building identifiers

💡 Other Changes

• 04f721b style(ui): Add aria-disabled styling to button variants