Update dependency org.ossreviewtoolkit:analyzer to v91#196
Merged
Conversation
sschuberth
approved these changes
Jul 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
90.0.0→91.0.0Release Notes
oss-review-toolkit/ort (org.ossreviewtoolkit:analyzer)
v91.0.0Compare Source
What's Changed
🛠 Breaking Changes
02e4a2dchore(license-fact-providers)!: Do not use "Provider" in the plugin IDd67da13refactor(model)!: Use a more speaking name forDirLicenseFactProvider8fe0b5brefactor(vulnerable-code)!: Use API v3 by default🐞 Bug Fixes
f405b39commands: Support listing license-fact-provider plugin types8e9ba4cvulnerable-code: Normalize also the API v1 URL4cbd614Support associating LicenseRef exceptions to licenses🎉 New Features
b9749a1common-utils: Add helper functions to ensure prefix / suffix strings25bb428freemarker: EnhancelicensesNotInLicenseFiles()68eed69license-fact-provider: Add aLicenseTextCurationProviderd229841model: AddDefaultLicenseTextCurationProviderto default configa34c3a7model: Add a data class for license text curationsb30d6abvulnerable-code: Add support for API v3bb5e09dPrefer a single applicable license over NOASSERTION for association⚡ Performance Enhancements
d92b066vulnerable-code: Only query advisories for PURLs that have results✅ Tests
cc39d4blicense-fact-provider: Use a more speaking name forlicenseDir91f4e6ascancode: Rename a test classf133e55scancode: Showcase a current failure in exception association🐘 Build & ⚙️ CI
388347bclients: Add kfx codegen setup for VulnerableCode📖 Documentation
ac0803eADOPTERS: Update Double Open's contact details and description2a62bb4advisor: Move the data sources links from client to advisor89e08bcgo: Document that test dependencies of projects are omittedef6b699license-fact-providers: Fixup a display name0b01b87license-fact-providers: Reword summaries46282f4scancode: Make a test name refer to the correct function1ca1b36vulnerable-code: Mention that API v1 is deprecated444fa63website: Fix the link to a renamed license texts provider🔧 Chores
3deed82commands: Fail for unknown plugin types0549561commands: List plugin descriptions9713e92spdx-expression: Adjust a private constant name4fdbcd8spdx-expression: Prefer theinoperator for a Regex check37f5795vulnerable-code: Extract shared utilitiesb2b2e15vulnerable-code: Log details about the throwable on error740aec6vulnerable-code: Remove a superfluous type specifier25510efvulnerable-code: Simplify test helper functions🚀 Dependency Updates
5873baedocker: Upgrade Provenant to version 0.2.1ed02494update at.yawk.lz4:lz4-java to v1.11.1024f8f4update docker/login-action action to v4.3.025fdd50update docker/login-action action to v4.4.088aa662update docker/metadata-action action to v6.2.02fd31c7update docker/setup-buildx-action action to v4.2.04976a6dupdate github/codeql-action action to v4.36.3a790cf4update graalvm/setup-graalvm action to v1.6.00367698update jirarestclient to v7.0.2acbda51update log4j2 monorepo to v2.26.1🚜 Refactorings
5719d27clients: Patch schema and add workaroundsb637e5elicense-fact-provider: RenamescanCodeLicenseTextDir4c45d4fmodel: Factor outisMatchedBy()15e1c11model: Factor outmatchesDisregardingVersion()2fa0f2bspdx-expression: Factor outisException()for reuse90ca2ddvulnerable-code: Create a VC instance only once per testdfe465avulnerable-code: Extract some constants to a common locationd2c90abvulnerable-code: Prepare for multiple API versionsConfiguration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.