This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
The following commit(s) were added to refs/heads/master by this push:
new b17077b1 RAT-339: Prepare release notes
b17077b1 is described below
commit b17077b114f0b7000d626f4bd98b031e4d093f1a
Author: P. Ottlinger <[email protected]>
AuthorDate: Wed Jan 24 21:02:23 2024 +0100
RAT-339: Prepare release notes
---
RELEASE-NOTES.txt | 80 ++++++++++++++++++++++---------------------------------
RELEASE_NOTES.txt | 39 +++++++++++++++++++++++++++
2 files changed, 71 insertions(+), 48 deletions(-)
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
index 3168c520..a5cd0f47 100644
--- a/RELEASE-NOTES.txt
+++ b/RELEASE-NOTES.txt
@@ -1,7 +1,7 @@
- Apache Creadur Rat 0.16
+ Apache Creadur Rat 0.16.1
RELEASE NOTES
-The Apache Creadur Rat team is pleased to announce the release of Apache
Creadur Rat 0.16
+The Apache Creadur Rat team is pleased to announce the release of Apache
Creadur Rat 0.16.1
Apache Rat is a release audit tool. It improves accuracy and efficiency when
checking
releases. It is heuristic in nature: making guesses about possible problems. It
@@ -15,60 +15,44 @@ Note that binary compatibility is not guaranteed between
0.x releases.
Apache Rat is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
-Apart from dependency updates and multiple bugfixes, this release brings the
ability to use SPDX license identifiers and enhances the .gitignore-exclusion
filterung during RAT runs.
-Furthermore new CLI options were added and new file types can be used by
default. This release makes RAT a fully Maven3-compatible plugin and removes
deprecated Maven2 completely.
-Thanks to all new contributors for improving RAT!
+As release 0.16 introduced breaking changes concerning the configurability of
the Maven plugin, these configuration options are reintroduced albeit as
deprecated elements. You need to adapt your configuration in contrast to
pre-0.16 settings: please consult our webpage for more details and examples.
+Apart from dependency updates the release contains new features in
.gitignore-parser and reduces log spam of RAT.
+The most important bugfix relates to performance issues (due to expensive
regex scanning) in combination with the Copyright-matcher and SPDX-detection.
+All feedback was used to overhaul the homepage to include how to configure
custom licenses and matchers.
+We migrated to jUnit5 and removed the 'apache-rat-api' module in this release.
+Thanks for your patience and all the feedback in the making of this release!
Changes in this version include:
New features:
-o RAT-338: Update minimal build Maven version to 3.2.5 and maven dependencies
to 3.9.6. Remove pre-JDK8 code constructs and minor refactorings. Thanks to
Tamás Cservenák.
-o RAT-335: Enhance .gitignore handling; support multiple .gitignore files and
allow a more complete parsing of Git's ignore files. Thanks to Niels Basjes.
-o RAT-322: Add configuration option to scan hidden directories:
--scan-hidden-directories on the command line and scanHiddenDirectories as a
Maven plugin parameter. Thanks to Jean-Baptiste Onofré.
-o RAT-320: Add new command line option -o/--output to write RAT's output to a
file. Thanks to Jean-Baptiste Onofré.
-o RAT-329: Add markdown (MD) and yaml (YML/YAML) as a recognized extension
for file and license processing. Thanks to Claude Warren.
-o RAT-316: Add default exclusion of MANIFEST.MF as it must not contain
comment lines to include a license.
-o RAT-321: Allow text-based XML configuration of RAT. Thanks to Claude Warren.
+o RAT-342: Use Maven wrapper (with version 3.9.6) for reproducable local
builds and on ASF Jenkins and Github Actions.
+o RAT-348: Update gitignore-reader library to 1.3.1 to get latest changes in
gitignore parsing. Thanks to Niels Basjes.
+o RAT-346: Issue a warning if a user defined License family has the same name
as an existing one. Thanks to Claude Warren.
+o RAT-346: Migrate to JUnit5 and fix minor issues in tests and javadoc.
Thanks to Claude Warren.
+o RAT-325: Set log level default for CLI runs to WARN. This applies to test
runs as well, as other UIs configure their logging natively. Thanks to Claude
Warren.
+o RAT-325: Add missing dejavu font in Javadoc, generate MOJO metadata in site
and fix broken links in webpage.
Fixed Bugs:
-o RAT-326: Fix existing javadoc build errors and add javadoc generation to
existing GithubActions to not introduce build errors via merge requests.
-o RAT-328: Ensure that System.out does not get closed during report
generation and updated javadocs. Thanks to Claude Warren.
-o RAT-311: Update commons-compress to 1.24.0 in order to circumvent
CVE-2023-42503.
-o RAT-251: Added SPDX processing for default licenses. Thanks to Claude
Warren.
-o RAT-315: Fix warnings when using RAT with newer Maven versions as methods
from Maven v2 are deprecated. Minimum version of required Maven changed to
3.2.5. Thanks to Guillaume Nodet.
-o RAT-317: Change log output level of SCM ignore parser from info to debug in
order to produce less log output in RAT runs. Thanks to Gary Gregory.
-o RAT-314: Add default recursive exclusion for maven-induced build artifacts
in folder .mvn. Thanks to François Guillot.
-o RAT-312: Remove Travis build as it is unreliable. Builds with ASF Jenkins
and Github Actions remain as before.
+o RAT-343: Reimplement old configuration elements for custom licenses in
Maven plugin configurations (and updates to the webpage). Thanks to Claude
Warren.
+o RAT-343: Add integration test to allow enhanced testing of custom licenses.
Thanks to Niels Basjes.
+o RAT-349: Fix NPE by falling back to default stylesheet if none was
configured before. Thanks to Niels Basjes.
+o RAT-325: To improve the performance during SPDX processing a check to skip
expensive regex operations was added. Thanks to Claude Warren.
+o RAT-325: Internal logging feature enabled for license matching tests to
avoid random test failures when manipulating System.out in test runs. Thanks to
Claude Warren.
+o RAT-325: Do not load fonts via Google/remotely, but use files hosted by ASF
only and add privacy link to comply with ASF- and data protection/privacy
regulations.
+o RAT-344: Fix double output by deleting any existing RAT report before
writing a fresh file during plugin runs.
Changes:
-o RAT-311: Update actions/setup-java from 3.4.1 to 4.0.0. Thanks to
dependabot.
-o RAT-311: Update actions/cache from 3.0.11 to 3.3.2 Thanks to dependabot.
-o RAT-311: Update actions/checkout from 3 to 4. Thanks to dependabot.
-o RAT-311: Update mockito-core from 4.7.0 to 4.11.0, newer versions 5.x
cannot be applied due to our JDK8-compatibility restriction. Thanks to
dependabot.
-o RAT-311: Update plexus-utils from 3.4.2 to 3.5.1, versions 4.x are for
upcoming Maven4 and must not be applied here. Thanks to dependabot.
-o RAT-311: Update maven-plugin-version from 3.6.4 to 3.8.2. Thanks to
dependabot.
-o RAT-311: Update wagon-ssh from 3.5.2 to 3.5.3. Thanks to dependabot.
-o RAT-311: Update Ant from 1.10.12 to 1.10.14. Thanks to dependabot.
-o RAT-311: Update ASF parent pom from 27 to 31 and update multiple maven
plugin versions implicitly (surefire, release, project-info, enforcer, jxr).
Thanks to dependabot.
-o RAT-311: Update doxiaVersion from 1.11.1 to 1.12.0. Thanks to dependabot.
-o RAT-311: Update maven-shared-utils from 3.3.4 to 3.4.2. Thanks to
dependabot.
-o RAT-311: Update org.slf4j:slf4j-simple from 1.7.36 to 2.0.9. Thanks to
dependabot.
-o RAT-311: Update commons-lang3 from 3.5 to 3.14.0. Thanks to dependabot.
-o RAT-311: Update commons-compress from 1.21 to 1.25. Thanks to dependabot.
-o RAT-311: Update commons-io from 2.11.0 to 2.15.1. Thanks to dependabot.
-o RAT-311: Update commons-cli from 1.5.0 to 1.6.0. Thanks to dependabot.
-o RAT-311: Update maven-pmd-plugin from 3.18.0 to 3.21.2. Thanks to
dependabot.
-o RAT-311: Update maven-dependency-plugin from 3.3.0 to 3.6.1. Thanks to
dependabot.
-o RAT-311: Update maven-compiler-plugin from 3.10.1 to 3.12.1. Thanks to
dependabot.
-o RAT-311: Update maven-javadoc-plugin from 3.4.1 to 3.6.3. Thanks to
dependabot.
-o RAT-311: Update maven-release-plugin from 2.5.3 to 3.0.1. Thanks to
dependabot.
-o RAT-311: Update maven-enforcer-plugin from 3.1.0 to 3.4.1. Thanks to
dependabot.
-o RAT-311: Update extra-enforcer-rules from 1.6.1 to 1.7.0 Thanks to
dependabot.
-o RAT-311: Update maven-release-plugin from 2.5.3 to 3.0.1. Thanks to
dependabot.
-o RAT-311: Update animal-sniffer-maven-plugin from 1.22 to 1.23. Thanks to
dependabot.
-o RAT-311: Update maven-project-info-reports-plugin from 3.4.1 to 3.5.0.
Thanks to dependabot.
-o RAT-311: Update maven-surefire-plugin from 3.2.2 to 3.2.3. Thanks to
dependabot.
-
+o RAT-339: Update mavenPluginPluginVersion from 3.10.2 to 3.11.0 and
introduce goalPrefix in plugin configuration. Thanks to dependabot.
+o RAT-339: Update junit-platform-runner from 1.8.1 to 1.10.1. Thanks to
dependabot.
+o RAT-339: Update junit from 5.10.0 to 5.10.1. Thanks to dependabot.
+o RAT-339: Update actions/cache from 3.3.2 to 4.0.0. Thanks to dependabot.
+o RAT-339: Update maven-surefire-plugin from 3.2.3 to 3.2.5. Thanks to
dependabot.
+o RAT-339: Update maven-jxr-plugin from 3.3.1 to 3.3.2. Thanks to dependabot.
+o RAT-339: Update slf4j-simple from 2.0.9 to 2.0.11. Thanks to dependabot.
+o RAT-339: Update assertj-core from 3.24.2 to 3.25.1. Thanks to dependabot.
+
+Removed:
+o RAT-346: Remove apache-rat-api module that contains misleading
license-related classes. Thanks to Claude Warren.
Historical list of changes: https://creadur.apache.org/rat/changes-report.html
diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt
index 3fd8df1c..681e8de2 100644
--- a/RELEASE_NOTES.txt
+++ b/RELEASE_NOTES.txt
@@ -1,3 +1,42 @@
+Rat 0.16.1
+==========
+As release 0.16 introduced breaking changes concerning the configurability of
the Maven plugin, these configuration options are reintroduced albeit as
deprecated elements. You need to adapt your configuration in contrast to
pre-0.16 settings: please consult our webpage for more details and examples.
+Apart from dependency updates the release contains new features in
.gitignore-parser and reduces log spam of RAT.
+The most important bugfix relates to performance issues (due to expensive
regex scanning) in combination with the Copyright-matcher and SPDX-detection.
+All feedback was used to overhaul the homepage to include how to configure
custom licenses and matchers.
+We migrated to jUnit5 and removed the 'apache-rat-api' module in this release.
+Thanks for your patience and all the feedback in the making of this release!
+
+New features:
+o RAT-342: Use Maven wrapper (with version 3.9.6) for reproducable local
builds and on ASF Jenkins and Github Actions.
+o RAT-348: Update gitignore-reader library to 1.3.1 to get latest changes in
gitignore parsing. Thanks to Niels Basjes.
+o RAT-346: Issue a warning if a user defined License family has the same name
as an existing one. Thanks to Claude Warren.
+o RAT-346: Migrate to JUnit5 and fix minor issues in tests and javadoc.
Thanks to Claude Warren.
+o RAT-325: Set log level default for CLI runs to WARN. This applies to test
runs as well, as other UIs configure their logging natively. Thanks to Claude
Warren.
+o RAT-325: Add missing dejavu font in Javadoc, generate MOJO metadata in site
and fix broken links in webpage.
+
+Fixed Bugs:
+o RAT-343: Reimplement old configuration elements for custom licenses in
Maven plugin configurations (and updates to the webpage). Thanks to Claude
Warren.
+o RAT-343: Add integration test to allow enhanced testing of custom licenses.
Thanks to Niels Basjes.
+o RAT-349: Fix NPE by falling back to default stylesheet if none was
configured before. Thanks to Niels Basjes.
+o RAT-325: To improve the performance during SPDX processing a check to skip
expensive regex operations was added. Thanks to Claude Warren.
+o RAT-325: Internal logging feature enabled for license matching tests to
avoid random test failures when manipulating System.out in test runs. Thanks to
Claude Warren.
+o RAT-325: Do not load fonts via Google/remotely, but use files hosted by ASF
only and add privacy link to comply with ASF- and data protection/privacy
regulations.
+o RAT-344: Fix double output by deleting any existing RAT report before
writing a fresh file during plugin runs.
+
+Changes:
+o RAT-339: Update mavenPluginPluginVersion from 3.10.2 to 3.11.0 and
introduce goalPrefix in plugin configuration. Thanks to dependabot.
+o RAT-339: Update junit-platform-runner from 1.8.1 to 1.10.1. Thanks to
dependabot.
+o RAT-339: Update junit from 5.10.0 to 5.10.1. Thanks to dependabot.
+o RAT-339: Update actions/cache from 3.3.2 to 4.0.0. Thanks to dependabot.
+o RAT-339: Update maven-surefire-plugin from 3.2.3 to 3.2.5. Thanks to
dependabot.
+o RAT-339: Update maven-jxr-plugin from 3.3.1 to 3.3.2. Thanks to dependabot.
+o RAT-339: Update slf4j-simple from 2.0.9 to 2.0.11. Thanks to dependabot.
+o RAT-339: Update assertj-core from 3.24.2 to 3.25.1. Thanks to dependabot.
+
+Removed:
+o RAT-346: Remove apache-rat-api module that contains misleading
license-related classes. Thanks to Claude Warren.
+
Rat 0.16
========
Apart from dependency updates and multiple bugfixes, this release brings the
ability to use SPDX license identifiers and enhances the .gitignore-exclusion
filterung during RAT runs.
