The biggest potential impact with this release should be that when the tool is used on
a package-lock.json file, it may detect fewer entries as dependencies. Some additional
work was done to refine how the tool identifies local dependencies, which are generally
dependencies that are in the source repository (that is, local dependencies are most
likely project code).
- Refactored out a
coremodule that does not shade dependencies #283 - Update all dependencies to latest and greatest
- Now uses
jakarta.injectannotations #264 - More resilient handling of Bad Gateway (502) errors
- More resilient handling of rate limiting on when connecting to IPLab #260
- Ignores all "local" dependencies when parsing a
package-lock.jsonfile #287
- Created a new module for creating a
shadedartifact (the shaded artifact uses the same naming convention as before, so this should not break anybody) #283 - Added a new
repoproperty includes the URL of the Git repository as part of review requests #224