Changes in Update Released on 10-March-2023
This Update includes the changes described in the following sections.
Issues/Bugs Addressed
The following issues were addressed in the Update:
| Issue ID | Issue Summary |
|---|---|
| SCA-44820 | NPM Notices Text: Fixing the Missing release_license_text mappings for Npm components |
| SCA-46203, SCA-44502 | Integration of PURL to the collectors Npmjs and Nuget |
| SCA-47061 | Addition of cocoapods forge to our data library |
| SCA-46161, SCA-46144, SCA-42593, SCA-46477 | Fixed false positive vulnerabilities for components like android-json, prometheus_client 0.15.0, jqueryui, Microsoft Reportviewer and Microsoft vcruntime etc. |
Enhanced License Detection Capability for Components
License detection capability and license evidence mechanism for the following components was updated/added:
-
Sendmail
-
SISSL
-
SISSL-1.2
-
SMLNJ
-
SMPPL
-
SNIA
-
Spencer-86
-
Spencer-94
-
Spencer-99
-
TCL
-
TCP-wrappers
-
TORQUE-1.1
-
TOSL
-
u-boot-exception-2.0
-
Unicode-DFS-2015
-
Unicode-DFS-2016
-
Unicode-TOU
-
UPL-1.0
-
VOSTROM
-
W3C-20150513
-
W3C-19980720
-
Wsuipa
-
WTFPL
-
X11
-
Xerox
-
Xpp
-
XSkat
-
Zed
-
Zimbra-1.4
-
Zimbra-1.3
-
zlib-acknowledgement
-
zlib
-
UCL-1.0
-
SSPL-1.0
-
SHL-0.5
-
SHL-0.51
-
Sendmail-8.23
-
PSF-2.0
-
TAPR-OHL-1.0
-
PolyForm-Small-Business-1.0.0
-
PolyForm-Noncommercial-1.0.0
-
Parity-7.0.0
-
Parity-6.0.0
-
OGL-UK-1.0
-
OGL-UK-2.0
-
OGL-UK-3.0
-
OGL-Canada-2.0
-
OGDL-Taiwan-1.0
-
TU-Berlin-1.0
-
TU-Berlin-2.0
-
SSH-OpenSSH
-
SSH-short
Collector Status
The following table lists Collector Status information.
| Name | Date of Last Successful Run |
|---|---|
| npm | 1/31/2023 |
| crates | 8/25/2022 |
| cpan | 2/9/2023 |
| clojars | 2/9/2023 |
| rubygems | 2/10/2023 |
| maven-google | 2/10/2023 |
| cran | 2/11/2023 |
| hackage | 2/12/2023 |
| packagist | 2/13/2023 |
| go | 2/14/2023 |
| pypi | 2/15/2023 |
| nuget gallery | 2/15/2023 |
| maven2-ibiblio | 1/18/2023 |
| github | 2/15/2023 |
| fedora-koji | 2/15/2023 |
| alpine | 2/15/2023 |
| gitlab | 11/19/2022 |