47.0.0

Actions Required

• Update package configurations that refer to SPDX projects to use "SpdxDocument" instead of "SpdxDocumentFile" as the identifier's type.

What's Changed

🛠 Breaking Changes

• 01f1930 fix(package-managers)!: Use projectType as the ID type for projects

🐞 Bug Fixes

• 7154214 downloader: Do not even try empty source code origins
• 7c71782 downloader: Improve the output of error messages
• 025c751 downloader: Support project URLs with query parameters
• 5ffb576 go: Use "GoMod" as the project type
• 66b5b15 node: Properly use the projectType to create projects
• 255d294 package-managers: Do not set the package type to the manager name
• ae58bb8 vcs: Consider VCS configurations in cache lookup

🎉 New Features

• c9f51e9 AnalyzerCommand: Sort output of found definition files
• 6547d1f analyzer: Also fail early if managers for the same type are enabled
• b230f26 detekt-rules: Add autoCorrect for OrtImportOrder rule
• 9b57816 node: Add the project type to the Node package manager type
• c737701 scanner: Add flag to scanner to detect unlicensed files
• 34444c3 test-utils: Support regex patterns in patchExpectedResult()
• 170a3b8 Upgrade Poetry to 2.x series

✅ Tests

• bc4d972 model: Factor out fromJson()
• 7d817f8 model: Factor out toJson()
• da07e1e opossum: Rewrite reporter-test-output.json
• 4bfd33f osv: Make the test for getting vulnerability IDs less flaky
• b9fd340 osv: Make the test which queries by commit less flaky
• 718d762 osv: Make the test which queries by name and version less flaky
• dcd71a5 osv: Rename patchFields()
• bf9de57 osv: Rename a constant for consistency
• 7552dd4 osv: Update expected results
• 16ca9a4 osv: Use WordSpec in the functional test
• 3f56118 pub: Update expected results

🐘 Build & ⚙️ CI

• 5ab6a92 gradle: Make detektAll only run tasks with type resolution

📖 Documentation

• d8ebd62 PackageCurationData: Fix the docs for apply()
• 78edc76 development: Add documentation about Detekt's auto-correct feature
• ecb1186 downloader: Improve the --vcs-path CLI help
• e510c6f website: Also mention the "detektAll" task in the table
• 9e4b989 website: Mention the "detektAll" task instead of individual ones

🔧 Chores

• 46479e5 DependencyGraphNavigator: Avoid relying on manager name prefixes
• 19a2074 OpossumReporterFunTest: Extract a variable to ease debugging
• ec73f3f SpdxLicenseTest: Use Kotest's dedicated resource matcher
• ac2fef5 docker: Upgrade Composer to version 2.8.4
• 55ae851 docker: Upgrade Conan to the latest 1.x version
• a22a7e0 docker: Upgrade Go to version 1.23.5
• cb49aeb docker: Upgrade Licensee to version 9.18.0
• 3c4de5d docker: Upgrade pip to version 24.3.1
• d26dd73 docker: Upgrade pnpm to version 9.15.4
• 4f4b7c4 Capitalize hard-coded issue sources
• c2f1546 Prefer the more fluent infix variant of shouldNotBeNull

🚀 Dependency Updates

• 42d48aa docker: Upgrade ScanCode to version 32.3.2
• 353de0d spdx: Update the license list to version 3.26
• 43f5982 update actions/attest-build-provenance digest to 520d128
• b6560a6 update codecov/codecov-action digest to 5a605bd
• 1d9c9c8 update com.github.ben-manes.versions to v0.52.0
• 1fd0a2d update com.scanoss:scanoss to v0.8.1
• cac29ae update github/codeql-action digest to d68b2d4
• 0d1d615 update github/codeql-action digest to dd196fa
• ceaa7da update org.jruby:jruby to v9.4.10.0
• 7a00318 update org.semver4j:semver4j to v5.6.0
• c504d62 update org.springframework:spring-core to v6.2.2
• 7f8d3d3 update software.amazon.awssdk:s3 to v2.30.1
• 5648515 update software.amazon.awssdk:s3 to v2.30.2
• 92df4f8 update umbrelladocs/action-linkspector digest to de84085

🚜 Refactorings

• 0c454e7 docker: Rename PIPTOOL_VERSION to PIP_VERSION
• 7b21289 node: Introduce an abstract base class for common code
• 71f3467 node: Move parseProject() to NodePackageManager
• 16558a3 node: Rename non-NPM-specific files
• bc3a1b8 scanner: Inline the TOOL_NAME constant