Skip to content

Commit 0376dab

Browse files
go-redrock-nicolasgo-redrock-nicolas
committed
docs: add CHANGELOG.md for v0.1.0
Initial changelog entry covering all features, CLI commands, and bug fixes in the first release.
1 parent 992de5d commit 0376dab

File tree

1 file changed

+41
-0
lines changed

1 file changed

+41
-0
lines changed

CHANGELOG.md

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
# Changelog
2+
3+
All notable changes to license-patrol will be documented in this file.
4+
5+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7+
8+
## [0.1.0] - 2026-03-07
9+
10+
Initial release of license-patrol — a free, fast, CI-ready tool for scanning dependencies across any language for license compliance.
11+
12+
### New Features
13+
14+
- **Multi-ecosystem dependency scanning** — Automatically detect and scan dependencies across Python (pip/poetry/uv), JavaScript (npm/yarn/pnpm), Go (go.mod), Rust (Cargo), PHP (Composer), and C#/.NET (NuGet) projects.
15+
16+
- **License resolution** — Resolve license identifiers from package registries (PyPI, npm, crates.io, pkg.go.dev, Packagist, NuGet) with concurrent async fetching for fast results.
17+
18+
- **Configurable policy engine** — Define allow, deny, and review lists in `.license-patrol.toml` using SPDX identifiers and wildcard patterns (e.g., `BSD-*`). Includes built-in `strict` and `permissive` policies.
19+
20+
- **Multiple output formats** — Generate reports as a rich terminal table, JSON, CSV, SPDX 2.3 tag-value SBOM, or CycloneDX 1.5 JSON BOM.
21+
22+
- **CI integration** — Exit code 1 on policy violations, making it plug-and-play for CI pipelines. Includes a GitHub Actions workflow.
23+
24+
- **Override system** — Manually override license metadata for packages with missing or incorrect information via the `[overrides]` section in config.
25+
26+
- **Pre-commit hook**`.pre-commit-hooks.yaml` included for automated license checks on every commit.
27+
28+
### CLI Commands
29+
30+
- `license-patrol scan` — Auto-detect ecosystems and scan for license compliance
31+
- `license-patrol report` — Generate SPDX, CycloneDX, JSON, or CSV compliance reports
32+
- `license-patrol init` — Create a `.license-patrol.toml` configuration template
33+
- `license-patrol version` — Display the installed version
34+
35+
### Bug Fixes
36+
37+
- Concurrent license resolution via `asyncio.gather` instead of serial requests
38+
- Removed invalid hardcoded SPDX PackageVerificationCode from SBOM output
39+
- Fixed `.csproj` regex to handle multiline XML attributes correctly
40+
41+
[0.1.0]: https://github.com/nicolascorder/license-patrol/releases/tag/v0.1.0

0 commit comments

Comments
 (0)