Release Notes

This page maintains the FOSSology Project release notes, from the most recent release back to release 1.3.0.

2.6.0-RC1 Released September 15, 2014

  • monk. This is a new license scanner contributed by our friends at Siemens and TNGTech. Monk looks for complete licenses (as defined in the database) and reports the percentage match (see also License highlighting below).
  • License highlighting. Now when you view a license you can see exactly what was added or removed from a license. This works especially well with monk since monk scans for complete licenses (stored in the fossology database). But it also works to show you what snippet nomos matched to identify a license.
  • New license browser
  • fo_copyright_list can now list files that contain a copyright, or list files that do not contain a copyright.
  • fo_license_list has new options to exclude licenses (or directories)
  • Many new licenses added
  • Old bugs fixed, new ones added. see our issue tracker

2.5.0 Released April 9, 2014

See the RC1 notes below for what changed.
If you are upgrading an RPM system make sure you follow the System administration documentation. There was a serious bug in our previous rpm packages that can delete your existing repository. So please follow the updated upgrade instructions. Debian/Ubuntu systems are not effected by this.

2.5.0-RC1 Released March 26, 2014

NOTICE
  • Be aware that the only supported upgrade path is a sequential one 2.0 > 2.1 > 2.2 > 2.3 > 2.4 > 2.5.
  • If you run into any upgrade errors, for example with the copyright table, please let us know.
  • Many thanks to all of you who submitted bugs, patches and suggestions. FOSSology is for everyone, please help make it better.

What Changed

  • Switched source code repository to GIT (but still on SourceForge)
  • Fixed unpack failure when archive asks for password
  • Make nightly builds publicly accessible
  • Fix Ubuntu 12.04 packaging error
  • Improve FOSSology upgrade speed
  • New command line program to list buckets (fo_bucket_list)
  • Several user interface bugs fixed.
License scanner updates:
  • Fixed issue detecting Apache 2.0 reference
  • Fix for GPL-v3 being labeled GPL-v3+ in certain cases
  • Fixed several special cases where GPL was labelled LGPL or missed completely
  • Fix problem of embedded quote in license names
  • Fix case of GPL-2.0+ being identified as GPL-2.0
  • Fix EPL labeled as CPL
  • Fix special case of missed Boost software license
  • Multiple fixes for special cases where GPL was missed
  • Fix missed Sun Legal Notice
  • Fix case where upload was failing on directories that contain spaces
  • Fix special case where Freetype license was missed
  • Fix MIT that should have been MIT-style
  • Fix special case of missed CPL-1.0
  • Fix cases of missed file references
  • Add LIBGCJ license
  • Add WordNet (was being detected as MIT/Princeton license
  • Add Interbase-1.0 license
  • Add KnowledgeTree-1.1
  • Add Open Cascade Technology Public License
  • Add identifing licenses referenced in .spec files
  • Add ACE license
  • Add FACE license
  • Add Tapjoy license
  • Add ClearSilver license
  • Add LGPL-2.1+-KDE-exception

All the issues can be seen in our issue tracker

2.4.0 Released Jan. 15, 2014

NOTICE

  • Be aware that the database migration step can take a very long time. During the upgrade it will look like it is stuck after printing "Update reference licenses". For example, a 31 GB database (based on pg_dumpall output size) can take an hour. The smaller the database, the faster this will go.
  • The system user fossy home directory has been moved to /home. If you have a fossology cluster configured, you will need to reestablish your ssh keys.
  • For the CentOS 6.4 later system, the postgresql database needs to be installed separately and the command "service postgresql initdb" needs to be executed before install the packages.

New Features

  • New Dashboard. (Admin > Dashboard). It's now fast and contains more useful information.
  • FOSSology Admin now has a link to see all jobs, not just their own.
  • Uploads now can have a "Public" permissions.
  • New license support for CC v4, Intel-wlan, IBM-pibs, SIL-OFL, ...
  • SPDX License list 1.19 compatibility update
  • There is a new Maintenance agent (Admin > Maintenance). It can clean up some past database inconsistencies as well as run vacuum and analyze for you. This will be further enhanced in the next release to do even more checking, upload expirations, and more. As per all our features, let us know if you have any suggestions for improvement. I want to reiterate the importance of running "vacuum analyze" on a postgres database. This can make a very large performance improvement. This is why postgres has autovacuum and autoanalyze daemons. If you can't set those up, you can run the maintenance agent to do the vacuum analyze in the GUI, or through a cron job. Admin > Dashboard will show you the last time vacuum and analyze have been run.
  • Added column sort options to license and copyright browsers

Issues Addressed

  • "Freeze column" in compare browsers now works as expected.
  • Affero false positives fixed.
  • Multiple license scanner accuracy refinements
  • Show Jobs now shows delete jobs
  • Show Jobs shows items processed per second
  • Admin's can now see the entire job queue, not just their own jobs
  • The stand alone nomos license scanner is now installed in package install
  • Fixed issue where unpack failure would return success
  • All the issues can be seen in our issue tracker

2.3.0 Released September 26, 2013

No issues were found so 2.3.0-rc1 becomes 2.3.0 general release

2.3.0-rc1 Released September 12, 2013

New Features

  • 2.3.0 contains a version of the license scanner (nomos) that can be built and run without installing the rest of fossology.
  • Search now includes license and copyright filters
  • You can now upload directly from GIT and subversion

Issues Addressed

  • Many license scanner updates
  • Fixes for RHEL/Fedora dependencies installation
  • Fixed Edit Upload Properties so you can select different folders.
  • Many enhancements to testing and developers continuous integration system. This includes integrating nomos regression testing into CI.
  • Group management UI improved to be less confusing.
  • Folder properties can now be changed for other than the Software Repository folder.
  • Agents can now accept a -v option to return their version number.
  • apt-get purge now works correctly
  • see all 100+ issues addressed

Known Issues

2.2.0 Released June 28, 2013

  • rc3 becomes the 2.2.0 official release!

2.2.0-rc3 Released June 25, 2013

  • Features and issues are the same as rc2. This iteration was mostly to allow the inclusion of a migration script to prevent duplicate license names.

2.2.0-rc2 Released May 13, 2013

New Features

  • Stronger Group and User Permissions scheme per this spec: http://www.fossology.org/projects/fossology/wiki/Perms . The upshot of this is, to browse a file you need three things: A) the user needs to have READ access or better to fossology, and B) the user has to be in a group that has read permission for the file (upload).
  • Ability to view the full text of a license while browsing license results.
  • Allow uploadtree to be an optional parameter for command line fo_nomos_license_list & fo_copyright_list - Contributed by Alexander Kanevskiy. Thanks!
  • Improved robustness of dbcreate, delagent and the scheduler.
  • Completion of changing license names to conform to SPDX names. (This may require you to reexamine your bucket definitions.)
  • New licenses added that were found in SPDX but not FOSSology.

Issues Fixed

Known Issues in 2.2.0-rc2

  • Copyright missed after long string of years
  • Container search returning non-containers
  • Upload from server using wildcards is not working

2.1.1 Released December 18, 2012

New Features

No new major fossology functionality. This is primarily a bug fix release. The 2.1.1 release has had minimal testing to verify the bugs addressed below. We do not recommend upgrading unless you must have one or more of the bug fixes below. The next release and major testing cycle (2.2.0) is scheduled for March.

  • License short names have been changed to match SPDX naming conventions. Thanks to a contribution from Camille Moulin! :-)
  • Ability to choose from multiple report versions for the same upload.
  • Automated package creation & testing.

Issues Fixed

  • Nomos license additions and corrections.
  • Improved syntax checking for fossology config files.
  • Copyright agent fixed to detect copyright dates after 2010.
  • Copyright UI fixed to display correct results when 'Show files without licenses' is selected.
  • Removed obsolete table from database schema.
  • Notification email for wget-agent failure fixed to accurately report failure.
  • common-agents.php fixed to only show valid agents choices in the Upload UI.
  • "Special" characters are now acceptable as part of the license reference text.
  • Clicking on "Show" for a specific license now shows files only (not containers).

Known Issues in 2.1.0

Installation/Upgrade Issues

2.1.0 Released October 19, 2012

New Features

  • You can now correct the nomos scanner if it misidentified a license.
  • There are two new command line utilities to get a license and copyright list (fo_nomos_License_list and fo_copyright_list).
  • The scheduler can now pause jobs that haven't started.
  • Upload from Server can now select the server on a FOSSology cluster.
  • There is a new document on how to interpret log files (http://www.fossology.org/projects/fossology/wiki/How_to_Interpret_the_log_files)

Issues Fixed

  • Serious scheduler performance problem if you were running glib < v2.32.
  • Scheduler crash if log file wasn't being initialized correctly.
  • Some unprintable filename characters were causing ununpack to crash with postgres 8.3 (later versions of postgres were ok).
  • Search was misinterpreting some filename characters.
  • Default user (unauthenticated user) was not being given permissions in user record.
  • Several new nomos license signatures including "Dual-license"
  • fo-installdeps now only installs a new version of postgres if there is not already a version installed.
  • Several programs improved their error reporting.
  • PHP library files were inadvertantly GPL. Now they are LGPL.
  • Database performance improved for large (over 500 MB uploads. uploadtree table is now partitioned.
  • wget agent can now use https_proxy and ftp_proxy.
  • Many testing improvements.
  • Prototype FOSS discovery. If interested, ask about this on the mailing list.
  • Add user/password from command line (cp2foss). Prior to this any user could do anything, like deleting another users uploads.
  • One plugin load failure would prevent other plugins from installing.
  • Could not get a bucket report when the upload is only a single file.
  • Upload from server wasn't handling wildcards correctly.
  • View License file path was missing.
  • Fix one-shot micro menus
  • Copyright failure on weird file.
  • Scheduler now sends email on job completion instead of the individual job steps.
  • Copyright column width could sometimes be out of proportion to each other.
  • FOSSology installed files are now owned by user fossy instead of root.
  • apt-get purge fossology wasn't setting the correct exit status.
  • license_ref table gave sql errors with postgres 9.1.
  • fossology.conf now has better syntax checking.
  • fo-cleanold missed deleting some files when you installed from source.
  • email notification failed when wget-agent failed.

Known Issues in 2.1.0

Installation/Upgrade Issues

  • RHEL6
    • Need to install the EPEL sources (see http://fedoraproject.org/wiki/EPEL) in order to get the 'p7zip-plugins' package required by fossology-ununpack
    • Need to temporarily disable selinux prior to installing ('sudo setenforce 0') to allow user/group creation. Then selinux can be re-enabled ("sudo setenforce 1")
    • Need to disable the iptables firewall, or more preferably add a new rule to allow port 80 access to the FOSSology web UI (see below)
  • Fedora 15
    • Need to temporarily disable selinux prior to installing ('sudo setenforce 0') to allow user/group creation. Then selinux can be re-enabled ("sudo setenforce 1")
    • Need to disable the iptables firewall, or more preferably add a new rule to allow port 80 access to the FOSSology web UI (see below)
  • Fedora 17
    • Need to temporarily disable selinux prior to installing ('sudo setenforce 0') to allow user/group creation. Then selinux can be re-enabled ("sudo setenforce 1")
    • Need to disable the iptables firewall, or more preferably add a new rule to allow port 80 access to the FOSSology web UI (see below)
  • To add a specific HTTP port 80 rule to the iptables firewall on RHEL/Fedora systems, edit /etc/sysconfig/iptables and add lines such as the following:

-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

  • Note: Consult your operating system documentation or a security export before making changes to your system's firewall configuration
  • Other known issues with 2.1.0 are documented in our issue tracker

2.0.0 Released June 6, 2012

New Features

  • The scheduler has been redesigned and reimplemented to improve robustness.
  • Modular agents. Agents can now have their own release stream.
  • Scan logs are now independent of the fossology scheduler log, and can be viewed using the GUI.
  • Nomos license additions and corrections.
  • Buckets can now select from a list of datasets.
  • bsam license scanner no longer installed by default.
  • Tagging can be done from Nomos and Buckets file browser.
  • Search by tag.
  • Tags are now listed in Nomos and Buckets file browser.
  • Nomos and Buckets reports can be filtered by tag.
  • New agents can rescan files.

Issues fixed in 2.0

Known Issues in 2.0

Known Install Issues

  1. Note for Rhel6 packages: FOSSology depends on the package php-process, which is not available from the default RHEL repository. You can download a copy from:
    http://fossology.org/rpms/epel/testing/6/i386/php-process5.3.2-6.el6_0.1.i686.rpm

    http://fossology.org/rpms/epel/testing/6/x86_64/php-process-5.3.2-6.el6_0.1.x86_64.rpm

    Or apply this update: https://rhn.redhat.com/errata/RHSA-2011-0195.html

  2. If this is an upgrade, the proper way to upgrade FOSSology is to use apt-get|yum update; apt-get|yum install fossology after changing the sources.list file. Using apt-get upgrade fossology will not work. See Recommended steps for upgrading below.
  3. The apache configuration may need to be modified (remove the old 1.x.x configuration from sites-available/default). FOSSology now configures apache to use fossology.
  4. The baseurl in the fossology.repo file for Fedora and RHEL releases is incorrect. After fossology installation the above file should be edited to use one of the URL's below.

Install Steps

New Installs

  1. Configure apt or yum with one of the url's below.
  2. Read the INSTALL document for configuration of postgresql, php5 and apache/httpd. http://fossology.svn.sourceforge.net/viewvc/fossology/branches/fossology2.0/fossology/install/INSTALL
  3. After the system is configured, install fossology.
  4. Restart apache/httpd and postgresql

Recommended steps for upgrading

  1. Change sources.list or the baseurl in the fossology.repo file (see below)
  2. Debian/Ubuntu: apt-get update; apt-get install fossology
    RHEL/Fedora: yum update; yum install fossology
  3. Shut down the scheduler: /etc/init.d/fossology stop
  4. Make adjustments in the apache2/httpd configuration as needed.
  5. Restart apache/http and postgresql so the new configurations take affect.
  6. Start the fossology scheduler: /etc/init.d/fossology start

FOSSology uses a new combined configuration file, called fossology.conf. Therefore the configuration data in:

  • Depth.conf
  • Hosts.conf
  • Proxy.conf
  • RepPath.conf
  • Scheduler.conf

must be migrated into fossology.conf. After their data is migrated, these files can be removed. Do not remove Db.conf.

For details on installing FOSSology, see FOSSology2.0 Install and Upgrades

Unofficial FOSSology packages

Unofficial install packages for RHEL, Fedora, Debian and Ubuntu (32 and 64 bit) are now available for download from:

FOSSology 2.0.0

Use the lines below to edit the baseurl in the fossology.repo file:

RHEL/Centos:

http://www.fossology.org/releases/2.0.0/RHEL/6/

Fedora 15:

http://fossology.org/releases/2.0.0/Fedora/15/

Use the lines below to edit the /etc/apt/sources.list file:

Debian:

http://fossology.org/releases/2.0.0/Debian/ 6.0 contrib

Ubuntu:

10.04.3:

http://fossology.org/releases/2.0.0/Ubuntu/ 10.04 contrib

11.04:

http://fossology.org/releases/2.0.0/Ubuntu/ 11.04 contrib

11.10

http://fossology.org/releases/2.0.0/Ubuntu/ 11.10 contrib

1.4.1
Date: July 2011

  • Bug Fix release

1.4.0

Date: April 2011

  • [[compare:licensediff|New Comparison tool]]. This allows one to focus on the differences between two file trees. For example, you might want to compare two versions of a package to see what licenses changed.
  • A new [[altui:alternateui|simplified User Interface]] AND the option to assign the “Simplified” or “Original” UI on a per user basis. The Simplified UI is now the default for new users.
  • Implement [[tasks:authentication_using_siteminder|authentication using Siteminder]]
  • Improved user documentation
  • Multiple file upload from URL
  • Dramatic Improvements to the [[copyright:copyright_1.4.0|copyright agent]]
  • New FOSSology website customization.
  • Bugs addressed in this release: 1.4.0 Defect List
  • If you have created bucket files or scripts, then you need to move your bucketpool directory from DATADIR to PROJECTSTATEDIR. Admins can see where these locations are from the main menu Help > Debug > Global Variables. If you don't use buckets, or all your buckets are by regexes in the database, then you can ignore this.

1.3.0

Date: January 2011

New! FOSSology generated Ubuntu debs for Karmic, Lucid and Maverick.

The 'supported distros' matrix can be found here.

New features and fixes in 1.3.0 include:

  • Groups. Implemented user groups inside of fossology as an indirect but critical requirement for 1.3 because tagging (the real 1.3 requirement) is dependent on having groups to administer tag permission.
  • File Tagging. The ability to attach a tag (short (max 32 character) tag, plus a long text) to a file or container.
  • Copyright agent replaced. A quick experiment showed that we get better results with simple heuristics rather than the old agent based on naive Bayes.
  • Fixed a cp2foss authentication bug that prevented bucket agent from getting scheduled.
  • fixed unpack defects and made some improvements.

Last Release for bsam agent

After the 1.3.0 release the bsam and spec file agents will be removed from the product. Existing bsam analysis will still be able to be viewed, but no new analysis by the bsam agent will be available. The nomos agent is much faster and more accurate. Users are encouraged to use the nomos license agent and to rescan their existing bsam uploads with nomos.

Known Issues in 1.3.0

  • Details for outstanding non-critical bugs can be found at our bug tracking site.
  • When upgrading from the previous version, you'll have to manually update the /etc/fossology/Scheduler.conf file to
    1. delete entries for pkgmettagetta
    2. modify the entry for the copyright agent. The copyright line in Scheduler.conf should look something like this (where <agent_hostname> should be replace with the actual hostname):
agent=copyright host=&lt;agent_hostname&gt; | /usr/bin/ssh fossy@&lt;agent_hostname&gt; "/usr/lib/fossology/agents/copyright"
  • The 1.3.0 upgrade for a fossology instance with a large number of entries in the copyright table (millions) can take a several hours due to a change in data type. (This was discovered while attempting to update a copyright table with >51 million records.) If your installation appears to hang at "Applying database schema", then you may find it faster to use the following workaround to speed up the installation.

Use the following ALTER command to change the datatype:

  $ psql -U fossy -d fossology
Password for user fossy:

  Welcome to psql 8.3.12, the PostgreSQL interactive terminal.
  Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help with psql commands
       \g or terminate with semicolon to execute query
       \q to quit

  fossology=> ALTER TABLE "public"."copyright" ALTER COLUMN "ct_pk" TYPE bigint;

You can examine the size of your copyright table using this SELECT command:

 
   fossology=> Select count(*) from public.copyright;
    count

  ---------

   67366928
  (1 row)
* In order to unpack rar(>=RAR 3.x) file(s), you need to install rar(non-free) manually. In debian, you can install it through adding the non-free source, then apt-get install unrar. In centos and fedora, you can install it through adding the rpmfusion source, then yum install unrar.