v32.0.6

This is a minor release with a lot of license and package detection improvements, specially for maven packages. We also support the SPDX license list 3.21 now. The main updates over the previous stable release are:

• New and updated licenses, including support for newly released SPDX license list version 3.21. For more details see #3437
• Fixes in summary plugin for licenses, and top-level license detections. #3430
• Updated maven license and package detections, with fixes for various maven package manifest parsing, improved top-level package assembly, ecosystem specific package license detection, fixes in --todo plugin, updated license detection rules/heuristics and other misc changes. For more details see: #3447
• Improved Gemfile.lock parsing. For more details see #3444
• Auto-review plugin to get todo items for scan review, with the new --todo CLI option. For more details see: #3353
• Misc. license and copyright detection improvements at #3346
• Other misc. minor bugfixes detailed in all the previous release-candidates.

What's Changed

• Ambiguous Detections ToDo items by @AyanSinhaMahapatra in #3353
• License detection improvements and review by @pombredanne in #3346
• Fix maven pom resource assignment by @AyanSinhaMahapatra in #3427
• Bump version to v32.0.5rc1 by @AyanSinhaMahapatra in #3428
• Bump version to v32.0.5rc2 by @AyanSinhaMahapatra in #3433
• Release prep v32.0.5rc3 by @AyanSinhaMahapatra in #3436
• Update licenses and rules by @AyanSinhaMahapatra in #3437
• Fix licenses data in summary plugin by @AyanSinhaMahapatra in #3430
• Update proprietary-license_553.RULE by @pombredanne in #3441
• support parsing BUNDLED WITH by @akostadinov in #3444
• Update maven detections by @AyanSinhaMahapatra in #3447
• Release prep v32.0.6 by @AyanSinhaMahapatra in #3454

New Contributors

• @akostadinov made their first contribution in #3444

Full Changelog: v32.0.4...v32.0.6