Scancode-toolkit

-------------------

Major new feature:

- Complete port to Python 3.6+ 295 Abhishek-Dev09

New features:

- Improve package manifest support for 1643 RPMs, 1628 Cran, Python 1600, Maven 1649 Chef 1600 licodeli JonoYang
- Add plugin to collect ELF and LKM clues 1685 licodeli
- Add runtime support for FreeBSD 1695 knobix
- Add support to extract lzip archives 245 989
- Add new consolidation plugin 1686 JonoYang

Other features and fixes:

- Improve license detection 1700 1704 1701
- Improve copyright detection 1672
- Improve handling of plugins for native binaries aj4ayushjain
- Add CODE OF CONDUCT inishchith
- Fix extractcode error 749
- Add new version notification 111 1688 jdaguil

-------------------

- Add partial suport for Python 3.6+ 295 Abhishek-Dev09
- Add plugin to collect dwarf references 1167 licodeli
- Add fingerprint plugin 1651 arnav-mandal1234
- Add summary and consolidation plugin 1673
- Improve license detection 1606 1659 1675
- Improve copyright detection 1672
- Add owned files to package manifests 1554 JonoYang
- Improve package manifest support for Conda 1147, Bower and Python licodeli
- Add an option to include the original matched license text 1668 260 LemoShi

-------------------

Minor bug fixes:

- A tracing flag was turned on in the summary module by mistake. Reported by tdruez 1374
- Correct a Maven parsing error. Reported and fixed by linexb 1373
- Set proper links in the README. Reported and fixed by sschubert 1371
- No changes from v3.0.1

-------------------

License detection:
- Add new and improved licenses and license detection rules 1334 1335 1336 1337 1357
- Fix-up the license text inside the `bsl-*.LICENSE` files 1338 by fviernau
- Add tests for commnon NuGet license bare URLs (until recently NuGet nupsec
only had a license URL as licensing documentation)
- Add a license for the `PSK` contributions to OpenSSL 1341 by fviernau
- Improve License Match scoring and filtering for very short rules
- Do not run license and copyright detection on media files: Media should not
contain text 1347 1348
- Detect scea-1.0 license correctly 1346
- Do not detect warranty disclaimer as GPL 1345
- Support quoted SPDX expressions and more comment marker prefixes
- Use Free Restricted category for fraunhofer-fdk-aac-codec 1352 by LeChasseur
- Remove the spdx_license_key from here-proprietary 1360 by sschuberth
- Add new post-scan plugin to tag a file containing only license 1366
- Add new license 1365 and rules 1358

Packages:
- Improve npm vcs_url handling 1314 by majurg
- Improve Maven POM license detection 1344
- Add Maven POM URL detection
- Recognize .gem archives as packages
- Improve parsing of Pypi Python setup.py
- Improve package summaries. Add new plugin to improve package classification 1339

Other:
- Fix doc typo by 1329 farialima
- Add new experimental pre-scan plugin to ignore binaries

-------------------

This is the penultimate pre-release of what will come up for 3.0 with some API change for packages.

API changes:
- Streamline Package models 1226 1324 and 1327. In particular the way checksums are managed has changed

Other changes:
- Copyright detection improvements 1305 by JonoYang
- Correct CC-BY V3.0 and V4.0 license texts by correct one by sschuberth 1320
- Add new and improved licenses and license detection rules including the latest SPDX list 3.4 and 1322 1324
- Rename proprietary license key to proprietary-license
- Rename commercial license key to commercial-license
- Improve npm package.json handling 1308 and 1314 by majurg

-------------------

This is a close-to-final pre-release of what will come up for 3.0 with some API change for packages.

API changes:
- In Package models, rename normalized_license to license_expression and
add license detection on the declared_license to populate the license_expression 1092 1268 1278

Outputs:
- Do not open output files until the command lines are validated as correct 1266
- The html-app output is marked as DEPRECATED. Use the AboutCode manager app instead
- Ensure HTML outputs can deal with non-ASCII file paths without crashsing 1292
- JSON outputs now use a "headers" attributes for top-level scan headers
- SPDX output is now possible even without "--info" SHA1 checksums. This creates a partially valid document
- LicenseRef for non-SPDX ScanCode licenses are named as "LicenseRef-scancode-<scancode key>"
- license_expression are correctly included in the CSV output 1238
- do not crash with multiple outputs 1199
- Ensure CSV output include packages 1145

License detection:
- Ensure license expressions are present in CSV output 1238
- Fix 'license detection tests' collection on Windows 1182
- An optional "relevance" attribute has been added to the license YAML
attributes. This is to store the relevance to e matched .LICENSE text when used
as a rule.
- Licenses have been synchronized with the latest v3.3 SPDX license list and the latest DejaCode licenses 1242
- Duplicated SPDX keys have been fixed 1264
- Add new and improved license detection rules 1313 1306 1302 1298 1293
1291 1289 1270 1269 1192 1186 1170 1164 1128 1124 1112 1110 1108
1098 1069 1063 1058 1052 1050 1039 987 962 929

Packages:
- Add support for haxe "haxelib" package manifests 1227
- Remove code_type attribute from Package models
- In Package models, rename normalized_license to license_expression and
add license detection on the declared_license to populate the license_expression 1092 1268 1278
- Improve data returned for PHP Composer packages
- Add PackageURL to top level output for packages
- Report nuget as proper packages 1088

Summary:
- improve summary and license score computation 1180

Misc:
- Minor copyright detection improvements 1248 1244 1234 1198 1123 1087
- Ensure all temporary directories are prefixed with "scancode-"
- Drop support for Linux 32 bits 1259
- Do not attempt to scan encrypted PDF documents
- Improve "data" files detection
- ScanCode can be installed from Pypi correctly 1214 1183
- Improve reporting of programming languages 1194
- Fix running post scan plugins 1141

Command line:
- Always delete temporary files when no longer needed. 1231
- Add a new --keep-temp-files option to keep temp files which is false by default. 1231
- Improve dependent plugin activation so it is done only when needed 1235

Internals:
- Improve reusing resource.VirtualCode
- Place all third-party packages under thirdparty 1219 and update ABOUT files


Credits: Many thanks to everyone that contributed to this release with code and bug reports

- nicoddemus
- chinyeungli
- johnmhoran
- jonasob
- DennisClark
- arthur657834
- JonoYang
- armijnhemel
- furuholm
- mjherzog
- sschuberth
- MartinPetkov
- jhgoebbert
- bobgob
- majurg
- tdruez
- tomeks666
- geneh
- jonassmedegaard

and many other that I may have missed.