Update dependency reuse to v2 #124
Reference in New Issue
Block a user
No description provided.
Delete Branch "renovate/reuse-2.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
==0.14.0->==2.1.0Release Notes
fsfe/reuse-tool (reuse)
v2.1.0Compare Source
After the yanked 2.0.0 release, we're excited to announce our latest major
version packed with new features and improvements! We've expanded our file type
recognition, now including Fennel, CommonJS, Qt .pro, .pri, .qrc, .qss, .ui,
Textile, Visual Studio Code workspace, Application Resource Bundle, Svelte
components, AES encrypted files, Jakarta Server Page, Clang format, Browserslist
config, Prettier config and ignored files, Flutter pubspec.lock, .metadata,
Terraform and HCL, Typst and more.
We've also added the ability to detect SPDX snippet tags in files and introduced
additional license metadata for the Python package. A new
--jsonflag has beenadded to the
lintcommand, marking the first step towards better integrationof REUSE output with other tools.
On the changes front, we've bumped the SPDX license list to v3.21 and made
significant updates to our Sphinx documentation. Please note that Python 3.6 and
3.7 support has been dropped in this release.
We've fixed several issues including automatic generation of Sphinx
documentation via readthedocs.io and a compatibility issue where reuse could not
be installed if gettext is not installed.
This update is all about making your experience better. Enjoy adding copyright
and licensing information to your code!
Added
.fnl) (#638).cjs) (#632).pro) (#632).pri) (#755).qrc) (#755).qss) (#755).ui) (#755).textile) (#712).code-workspace) (#747).arb) (#749).svelte).aes) (#758).jsp) (#757).clang-format) (#632).browserslist).prettierrc) and ignored files (.prettierignore)pubspec.lock) (#751).metadata) (#751).tf,tfvars) and HCL (.hcl). (#756).typ)(#645).
--add-license-concluded,--creator-person, and--creator-organizationadded to
reuse spdx. (#623)SPDX license expression remains the same:
Apache-2.0 AND CC0-1.0 AND CC-BY-SA-4.0 AND GPL-3.0-or-later. (#733)--contributoroption toannotate. (#669)--jsonflag tolintcommand (#654).reuse.ReuseInfonow hascopyandunionmethods. (#759)reuse.ReuseInfonow stores information about the source from which theinformation was gathered. (#654, #787)
--suppress-deprecationto hide (verbose) deprecation warnings. (#778)Changed
reuse.SpdxInfowas renamed toreuse.ReuseInfo. It is now a (frozen)dataclass instead of a namedtuple. This is only relevant if you're using reuse
as a library in Python. Other functions and methods were similarly renamed.
(#669)
pkg_resourcesto determine the installedversion of reuse. (#724)
Project.reuse_info_ofnow returns a list ofReuseInfoobjects instead of asingle one. This is because the source information is now stored alongside the
REUSE information. (#787)
Deprecated
and licensing information is defined both within e.g. the file itself and in
the DEP5 file, then the information is merged or aggregated for the purposes
of linting and BOM generation. In the future, this will no longer be the case
unless explicitly defined. The exact mechanism for this is not yet concrete,
but a
PendingDeprecationWarningwill be shown to the user to make them awareof this. (#778)
Removed
setuptools. (#724)Fixed
adding a
.readthedocs.yamlconfiguration file (#648)gettext is not installed. (#691)
/datadirectory in Docker containers as safe in Git, preventingerrors related to linting Git repositories. (#720)
Security
v2.0.0Compare Source
This version was yanked because of an unanticipated workflow that we broke. The
breaking change is the fact that an order of precedence was defined for
copyright and licensing information sources. For instance, if a file contained
the
SPDX-License-Identifiertag, and if that file was also (explicitly orimplicitly) covered by DEP5, then the information from the DEP5 setting would no
longer apply to that file.
While the intention of the breaking change was sound (don't mix information
sources; define a single source of truth), there were legitimate use-cases that
were broken as a result of this.
Apologies to everyone whose CI broke. We'll get this one right before long.
v1.1.2Compare Source
Fixed
buildmodule tobuild this module. Previously, there was a namespace conflict. (#640)
v1.1.1Compare Source
Fixed
README.md) in top-level (i.e.,site-packages/). (#657)v1.1.0Compare Source
Added
.kts).aidl).pem).vm,.vtl) (#554).xq(l|m|y|uery|)) (#610)statements (#602):
">(and variations such as'>," >, and"/>)] ::Changed
setup.pyand replaced it with a Poetry configuration. Maintainersbeware. (#600)
lintas an overridable argument. (#574)addheaderhas been renamed toannotate. The functionality remains thesame. (#550)
Deprecated
addheaderhas been deprecated. It still works, but is now undocumented.(#550)
Removed
setup.py. (#600)Poetry and not planned. (#600)
requestsremoved; usingurllib.requestfrom the standardlibrary instead. (#600)
Fixed
of Git no longer allow
git submodule add repository pathwhere repository isa file. A flag was added to explicitly allow this in the test framework.
(#619)
properly detected (#560)
comment style on a single line could not be parsed (#593).
<?php(#543).v1.0.0Compare Source
A major release! Do not worry, no breaking changes but a development team
(@carmenbianca, @floriansnow, @linozen, @mxmehl and @nicorikken) that is
confident enough to declare the REUSE helper tool stable, and a bunch of
long-awaited features!
Apart from smaller changes under the hood and typical maintenance tasks, the
main additions are new flags to the
addheadersubcommand that ease recursiveand automatic operations, the ability to ignore areas of a file that contain
strings that may falsely be detected as copyright or license statements, and the
option to merge copyright lines. The tool now also has better handling of some
edge cases with copyright and license identifiers.
We would like to thank the many contributors to this release, among them
@ajinkyapatil8190, @aspiers, @ferdnyc, @Gri-ffin, @hexagonrecursion, @hoijui,
@Jakelyst, @Liambeguin, @rex4539, @robinkrahl, @rpavlik, @siiptuo, @thbde and
@ventosus.
Added
using this tool and automating some steps that are not built into the tool
itself. (#500)
reuse lint. Simplyadd
REUSE-IgnoreStartandREUSE-IgnoreEndas comments and all linesbetween the two will be ignored by the next run of
reuse lint. (#463)by default. (#496)
.sbt).vim)--skip-existingflag toaddheaderin order to skip files thatalready contain SPDX information. This may be useful for only adding SPDX
information to newly created files. (#480)
--recursiveflag toaddheader. (#469)transforming multiple lines with a single year into a single line with a
range. (#328)
Changed
setuptoolsinstead of the deprecateddistutilswhich will be removedwith Python 3.12. (#451)
addheader --explicit-licenserenamed to--force-dot-license. (#476)docker. (#499)Copyright(c)andCopyright(C). (#440)Deprecated
--explicit-licensein favour of--force-dot-license.--explicit-licensewill remain useable (although undocumented) for theforeseeable future. (#476)
Removed
JsxCommentStylein favor of usingCCommentStyledirectly (see sectionFixed). (#406)Fixed
Apache-1.0+appears as a declared license, it should not be identified asmissing, bad, or unused if
LICENSES/Apache-1.0.txtexists. It is, however,identified separately as a used license. (#123)
addheadercreates a.licensefile, that file now has a newline at theend. (#477)
.jxsand.tsx) actually uses C comment syntax as JSX blocks neverstand at the beginning of the file where the licensing info needs to go.
(#406)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.