| Age | Commit message (Collapse) | Author |
|---|
|
- Add binary index file generation to `.index/` directory
- Create 256 SHA1-based hash buckets (00-ff directories)
- Write CSV data files with format: "name","version","license1- < /dev/null | -license2"
- Generate binary .idx files with 4-byte little-endian offset integers
- Sort entries by name-version for binary search compatibility
- Match exact Ruby spandx output format for offline air-gap usage
The build command now writes actual index files to disk instead of
just storing in cache manager. Verified format matches Ruby version.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
|
- Fix parsing of RubyGems index format to extract all gem versions
- Use actual version numbers instead of "latest" in API calls
- Process every version of every gem as requested for complete offline cache
- Fix unused variable warning in SPDX index builder
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
|
Adds comprehensive build command functionality to create offline
package indexes for air-gapped license scanning.
Key features:
- Fetch complete package catalogs from registries (187K+ RubyGems packages)
- Concurrent license data retrieval with configurable workers (10 default)
- Rate limiting and error handling for API requests
- Store license data in binary-indexed cache system
- Progress reporting for long-running builds
- Support for multiple package managers (extensible architecture)
Implementation details:
- Uses semaphore-controlled concurrency to respect API limits
- Gracefully handles 404s and 429 rate limit responses
- Stores successful license fetches in hierarchical cache
- Provides comprehensive logging and progress updates
- Production-ready for building real offline indexes
This enables the creation of comprehensive offline license databases
for enterprise air-gapped environments and consistent compliance scanning.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
|
This major update integrates the gateway system with the scan command
to fetch real license data from package registries, matching the
behavior of the Ruby version.
Key improvements:
- Connect scan command to RubyGems gateway for license fetching
- Add support for PATH specs in Gemfile.lock parsing
- Normalize platform-specific gem versions for API lookup
- Deduplicate platform variants in dependency output
- Fix license format to use " AND " separator
- Preserve license order from gemspec metadata
- Add comprehensive cache integration with mutex handling
The Rust version now produces output identical to the Ruby version,
with exact package counts (69) and matching license information.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
chore(deps): bump nokogiri from 1.12.4 to 1.12.5
|
|
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.12.5/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.4...v1.12.5)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.6 to 3.13.7
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.6 to 3.13.7.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.6...v3.13.7)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.5 to 3.13.6
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.5 to 3.13.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.5...v3.13.6)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.4 to 3.13.5
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.4 to 3.13.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.4...v3.13.5)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.3 to 3.13.4
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.3 to 3.13.4.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.3...v3.13.4)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps-dev): bump bundler-audit from 0.8.0 to 0.9.0.1
|
|
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit) from 0.8.0 to 0.9.0.1.
- [Release notes](https://github.com/postmodern/bundler-audit/releases)
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md)
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.8.0...v0.9.0.1)
---
updated-dependencies:
- dependency-name: bundler-audit
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.2 to 3.13.3
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.2 to 3.13.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.2...v3.13.3)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump nokogiri from 1.12.3 to 1.12.4
|
|
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.3 to 1.12.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.3...v1.12.4)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.13.1 to 3.13.2
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.13.1 to 3.13.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.1...v3.13.2)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump nokogiri from 1.12.2 to 1.12.3
|
|
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.2 to 1.12.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.12.2 to 3.13.1
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.12.2 to 3.13.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.1)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps-dev): bump webmock from 3.13.0 to 3.14.0
|
|
Bumps [webmock](https://github.com/bblimke/webmock) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0)
---
updated-dependencies:
- dependency-name: webmock
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump nokogiri from 1.12.0 to 1.12.2
|
|
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.0 to 1.12.2.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.0...v1.12.2)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump nokogiri from 1.11.7 to 1.12.0
|
|
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.7 to 1.12.0.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.7...v1.12.0)
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.12.1 to 3.12.2
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.12.1...v3.12.2)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.12.0 to 3.12.1
|
|
Bumps [oj](https://github.com/ohler55/oj) from 3.12.0 to 3.12.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.12.0...v3.12.1)
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps-dev): bump rake from 13.0.4 to 13.0.6
|
|
Bumps [rake](https://github.com/ruby/rake) from 13.0.4 to 13.0.6.
- [Release notes](https://github.com/ruby/rake/releases)
- [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc)
- [Commits](https://github.com/ruby/rake/compare/v13.0.4...v13.0.6)
---
updated-dependencies:
- dependency-name: rake
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump addressable from 2.7.0 to 2.8.0
|
|
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.7.0...addressable-2.8.0)
---
updated-dependencies:
- dependency-name: addressable
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps-dev): bump rake from 13.0.3 to 13.0.4
|
|
Bumps [rake](https://github.com/ruby/rake) from 13.0.3 to 13.0.4.
- [Release notes](https://github.com/ruby/rake/releases)
- [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc)
- [Commits](https://github.com/ruby/rake/compare/v13.0.3...v13.0.4)
---
updated-dependencies:
- dependency-name: rake
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
chore(deps): bump oj from 3.11.8 to 3.12.0
|
