Change log¶
This change log follows the Keep a Changelog spec. Every release contains the following sections:
Added
for new features.Changed
for changes in existing functionality.Deprecated
for soon-to-be removed features.Removed
for now removed features.Fixed
for any bug fixes.Security
in case of vulnerabilities.
The versions follow semantic versioning for the reuse
CLI command and its behaviour. There are no guarantees of stability for the
reuse
Python library.
v5.0.2 - 2024-11-14¶
Fixed¶
The release date for the v5.0.0 entry in the change log was wrong.
v5.0.1 - 2024-11-14¶
Fixed¶
Fix readthedocs build.
v5.0.0 - 2024-11-14¶
This is a big release for a small change set. With this release, the tool becomes compatible with REUSE Specification 3.3, which is a very subtly improved release of the much bigger version 3.2.
Added¶
More file types are recognised:
Cabal (
.cabal
,cabal.project
) (#1089, #1090).envrc
(#1061).flake.lock
(#1061)Ansible Jinja2 (
.j2
) (#1036)Poetry lock file (
poetry.lock
) (#1037)
Added
lint-file
subcommand to enable running lint on specific files. (#1055)Added shell completion via
click
. (#1084)Added Jujutsu VCS support. (#1051)
Added new copyright prefixes
spdx-string
,spdx-string-c
, andspdx-string-symbol
. (#979)Support for Python 3.13. (#1092)
Changed¶
Bumped REUSE Specification version to version 3.3. (#1069)
Switched from
argparse
toclick
for handling the CLI. The CLI should still handle the same, with identical options and arguments, but some stuff changed under the hood. (#1084)Find here a small list of differences:
-h
is no longer shorthand for--help
.--version
now outputs “reuse, version X.Y.Z”, followed by a licensing blurb on different paragraphs.Some options are made explicitly mutually exclusive, such as
annotate
’s--skip-unrecognised
and--style
, anddownload
’s--output
and--all
.Subcommands which take a list of things (files, license) as arguments, such as
annotate
,lint-file
, ordownload
, now also allow zero arguments. This will do nothing, but can be useful in scripting.annotate
andlint-file
now also take directories as arguments. This will do nothing, but can be useful in scripting.
Changes to comment styles:
Allow Python-style comments in Cargo.lock files. (#1060)
.s
files (GNU as) now use the C comment style. (#1034).ld
files (GNU ld) now use the C comment style. (#1034)
REUSE.toml
no longer needs a licensing header. (#1042).gitkeep
is no longer ignored, because this is not defined in the specification. However, if.gitkeep
is a 0-size file, it will remain ignored (because 0-size files are ignored). (#1043)If
REUSE.toml
is ignored by VCS, the linter no longer parses this file. (#1047)SPDX license and exception list updated to v3.25.0.
More
LICENSE
andCOPYING
-like files are ignored. Now, such files suffixed by-anything
are also ignored, typically something likeLICENSE-MIT
. Files with the UK spellingLICENCE
are also ignored. (#1041)
Removed¶
Python 3.8 support removed. (#1080)
Fixed¶
In
REUSE.toml
, fixed the globbing of a single asterisk succeeded by a slash (e.g.directory-*/foo.py
). The glob previously did nothing. (#1078)Increased the minimum requirement of
attrs
to>=21.3
. Older versions do not import correctly. (#1044)Performance greatly improved for projects with large directories ignored by VCS. (#1047)
Performance slightly improved for large projects. (#1047)
The plain output of
lint
has been slightly improved, getting rid of an errant newline. (#1091)reuse annotate --merge-copyrights
now works more reliably with copyright prefixes. This still needs some work, though. (#979)In some scenarios, where a user has multiple
REUSE.toml
files and one of those files could not be parsed, the wrongREUSE.toml
was signalled as being unparseable. This is now fixed. (#1047)Fixed a bug where
REUSE.toml
did not correctly apply its annotations to files which have an accompanying.license
file. (#1058)When running
reuse download SPDX-IDENTIFIER+
, downloadSPDX-IDENTIFIER
instead. This also works forreuse download --all
. (#1098)
v4.0.3 - 2024-07-08¶
Fixed¶
Increased the minimum requirement of
attrs
to>=21.3
. Older versions do not import correctly. (#1044)
v4.0.2 - 2024-07-03¶
Fixed¶
Repaired a bug that would cause a crash when running
annotate --merge-copyrights
on a file that does not yet have a year in the copyright statement. This bug was introduced in v4.0.1. (#1030)
v4.0.1 - 2024-07-03¶
Fixed¶
Make sure that Read the Docs can compile the documentation. This necesitated updating
poetry.lock
. (#1028)
v4.0.0 - 2024-07-03¶
This release of REUSE implements the new
REUSE Specification v3.2. It adds the
REUSE.toml
file format as a replacement for .reuse/dep5
. The new format is
easier to write and parse, is better at disambiguating certain corner cases, and
is more flexible for customisation and future additions.
To convert your existing .reuse/dep5
to REUSE.toml
, you can simply use the
reuse convert-dep5
command.
Alongside the REUSE.toml
feature is a wealth of other improvements.
reuse lint --lines
may be especially interesting for CI workflows, as well as
the fact that the amount of PendingDeprecationWarning
s has been drastically
reduced now that the information aggregation behaviour of .reuse/dep5
is
explicitly defined in the specification.
The tool has also been made easier to use with the addition of man pages. The
man pages can be found online at https://reuse.readthedocs.io/en/stable/man/.
Your distribution’s packager will need to make them accessible via
man reuse(1)
. Unfortunately, man pages cannot be made accessible via Python’s
packaging, although the full documentation (including man pages) is included in
the sdist.
This changeset also contains the changes of v3.1.0a1.
Added¶
Added support for
REUSE.toml
. (#863)Added
reuse convert-dep5
to convert.reuse/dep5
toREUSE.toml
. (#863)Man pages added for all
reuse
commands. Distribution maintainers might wish to distribute the (Sphinx-built) man pages. (#975)More file types are recognised:
Assembler (
.asm
) (#928)GraphQL (
.graphqls
,.gqls
) (#930)CUDA-C++ (
.cu
,.cuh
) (#938)Various .NET files (
.csproj
,.fsproj
,.fsx
,.props
,.sln
,.vbproj
) (#940)Cargo (
Cargo.lock
) (#937)Clang-Tidy (
.clang-tidy
) (#961)Java
.properties
files (#968)Apache HTTP server config
.htaccess
files (#985)npm
.npmrc
files (#985)LaTeX class files (
.cls
) (#971)CSON (
.cson
) (#1002)Hjson (
.hjson
) (#1002)JSON5 (
.json5
) (#1002)JSON with Comments (
.jsonc
) (#1002)Tap (
.taprc
) (#997)Zsh (
.zshrc
) (#997)Perl test (
.t
) (#997)BATS test (
.bats
) (#997)Octave/Matlab (
.m
) (#604)VHDL(
.vhdl
) (#564)Earthly files (
Earthfile
and.earthlyignore
) (#1024)
Added comment styles:
man
for UNIX Man pages (.man
) (#954)
Added
--lines
output option forlint
. (#956)Treat
% !TEX
and% !BIB
as shebangs in TeX and BibTeX files, respectively (#971)Support alternate spelling
--skip-unrecognized
. (#974)In
annotate
, rename--copyright-style
to--copyright-prefix
. The former parameter is still supported. (#973)Support alternate spelling
--skip-unrecognized
(#974)cpp
andcppsingle
style shorthands (see changes). (#941)
Changed¶
Updated SPDX resources to 3.24.0. (#994)
Updated REUSE specification version to 3.2. (#994)
.s
files now use the Python comment style as per GNU Assembler (gas). (#928)Previously, any file that begins with
COPYING
orLICENSE
was ignored. This has been changed. Now, files likeCOPYING_README
are no longer ignored, butCOPYING
andCOPYING.txt
are still ignored (in other words: exact matches, orCOPYING
+ a file extension). Idem ditto forLICENSE
. (#886)Dependencies added:
attrs>=21.1
(#863)tomlkit>=0.8
(#863)
Reorganised the way that
c
,css
, andcsingle
styles work. (#941)c
used to support multi-line comments; it now only supports multi-line/* */
comments. This is identical to the oldcss
style.cpp
has been added, which supports multi-line/* */
comments and single-line//
comments. This is identical to the oldc
style.csingle
has been renamed tocppsingle
, and it supports only single-line//
comments.
Deprecated¶
.reuse/dep5
is marked deprecated.reuse convert-dep5
will help you switch toREUSE.toml
. (#863)
Removed¶
The PendingDeprecationWarning for the aggregation of information between DEP5 and the contents of a file has been removed. This behaviour is now explicitly specified in REUSE Specification v3.2. (#1017, related to #779)
reuse init
removed. (#863)csingle
andcss
style shorthands (see changes). (#941)
Fixed¶
The datetime value for
Created:
was wrongly formatted since 3.0.0. It now returns a correctly formatted ISO 8601 date again. (#952)Repaired the behaviour of
reuse download
where being inside of a LICENSES/ directory should not create a deeper LICENSES/LICENSES/ directory. (#975)Support annotating a file that contains only a shebang. (#965)
Add
CONTRIBUTING.md
to the sdist. (#987)In
reuse spdx
, fixed the output to be more compliant by capitalisingSPDXRef-Document DESCRIBES
appropriately. (#1013)
v3.0.2 - 2024-04-08¶
Fixed¶
annotate
’s ‘--style
now works again when used for a file with an unrecognised extension. (#909)
v3.0.1 - 2024-01-19¶
Fixed¶
.qrc
and.ui
now have the HTML comment style instead of being marked uncommentable. (#896)This reverts behaviour introduced in v3.0.0: the contents of uncommentable files are scanned for REUSE information again. The contents of binary files are not. (#896)
v3.0.0 - 2024-01-17¶
This release contains a lot of small improvements and changes without anything
big per se. Rather, it is made in advance of a release which will contain a
single feature: REUSE.toml, a
replacement for .reuse/dep5
. .reuse/dep5
will still be supported as a
deprecated feature for some time.
That future 3.1 release will have some alpha testing in advance.
Added¶
Implement handling LicenseRef in
download
andinit
. (#697)Declared support for Python 3.12. (#846)
More file types are recognised:
TCL (
.tcl
) (#871)Julia (
.jl
) (#815)Modern Fortran (
.f90
) (#836)Bazel (
.bzl
) (#870)GNU Linker script (
.ld
) (#862)Assembly code (
.s
) (#862)Empty placeholders (
.empty
) (#862)ShellCheck configuration (
.shellcheckrc
) (#862)Pylint in-project configuration (
pylintrc
) (#862)Lisp schemes (
.sld
,.sls
,.sps
) (#875)
Added comment styles:
csingle
for Zig (.zig
) and Hare (.ha
) (#889)
Display recommendations for steps to fix found issues during a lint. (#698)
Add support for Pijul VCS. Pijul support is not added to the Docker image. (#858)
When running
annotate
on a file with an unrecognised file path, the tool currently exits early. To automatically create a .license file for unrecognised files,--fallback-dot-license
has been added. (#823, #851, #853, #859; this took a while to get right.)Ignore
.sl
directory as used by Sapling SCM. (#867)
Changed¶
Alpine Docker image now uses 3.18 as base. (#846)
The Git submodule detection was made less naïve. Where previously it detected a directory with a
.git
file as a submodule, it now uses the git command to detect submodules. This helps detect (quoted from Git man page) “[repositories] that were cloned independently and later added as a submodule or old setups”, which “have the submodule’s git directory inside the submodule instead of embedded into the superproject’s git directory”. (#687)No longer scan binary or uncommentable files for their contents in search of REUSE information. (#825)
--force-dot-license
and--skip-unrecognised
are now mutually exclusive onannotate
. (#852)No longer create and publish
-extra
Docker images. Theopenssh-client
package is now in the main image. (#849)No longer create and publish
dev
Docker images. (#849)The
-debian
Docker image is now based off debian:12-slim. It used to be based on the python:slim image, which used debian:slim under the hood. (#849)
Removed¶
Removed deprecated
--explicit-license
. (#851)Removed deprecated
addheader
. (#851)No longer depend on
sphinx-autodoc-typehints
for documentation. (#772)
Fixed¶
Syntax errors in .reuse/dep5 now have better error handling. (#841)
Reduced python-debian minimum version to 0.1.34. (#808)
Fix issue in
annotate
where--single-line
and--multi-line
would not correctly raise an error with an incompatible comment style. (#853)Fix parsing existing copyright lines when they do not have a year (#861)
Better handling of Lisp comment styles. Now, any number of “;” characters is recognised as the prefix to a Lisp comment, and “;;;” is used when inserting comment headers, as per https://www.gnu.org/software/emacs/manual/html_node/elisp/Comment-Tips.html. (#874)
v2.1.0 - 2023-07-18¶
After the yanked 2.0.0 release, we’re excited to announce our latest major version packed with new features and improvements! We’ve expanded our file type recognition, now including Fennel, CommonJS, Qt .pro, .pri, .qrc, .qss, .ui, Textile, Visual Studio Code workspace, Application Resource Bundle, Svelte components, AES encrypted files, Jakarta Server Page, Clang format, Browserslist config, Prettier config and ignored files, Flutter pubspec.lock, .metadata, Terraform and HCL, Typst and more.
We’ve also added the ability to detect SPDX snippet tags in files and introduced
additional license metadata for the Python package. A new --json
flag has been
added to the lint
command, marking the first step towards better integration
of REUSE output with other tools.
On the changes front, we’ve bumped the SPDX license list to v3.21 and made significant updates to our Sphinx documentation. Please note that Python 3.6 and 3.7 support has been dropped in this release.
We’ve fixed several issues including automatic generation of Sphinx documentation via readthedocs.io and a compatibility issue where reuse could not be installed if gettext is not installed.
This update is all about making your experience better. Enjoy adding copyright and licensing information to your code!
Added¶
Detect SPDX snippet tags in files. (#699)
More file types are recognised:
Fennel (
.fnl
) (#638)CommonJS (
.cjs
) (#632)Qt .pro (
.pro
) (#632)Qt .pri (
.pri
) (#755)Qt .qrc (
.qrc
) (#755)Qt .qss(
.qss
) (#755)Qt .ui (
.ui
) (#755)Textile (
.textile
) (#712)Visual Studio Code workspace (
.code-workspace
) (#747)Application Resource Bundle (
.arb
) (#749)Svelte components (
.svelte
)AES encrypted files (
.aes
) (#758)Jakarte Server Page (
.jsp
) (#757)Clang format (
.clang-format
) (#632)Browserslist config (
.browserslist
)Prettier config (
.prettierrc
) and ignored files (.prettierignore
)Flutter pubspec.lock (
pubspec.lock
) (#751)Flutter .metadata (
.metadata
) (#751)Terraform (
.tf
,tfvars
) and HCL (.hcl
). (#756)Typst (
.typ
)
Added loglevel argument to pytest and skip one test if loglevel is too high (#645).
--add-license-concluded
,--creator-person
, and--creator-organization
added toreuse spdx
. (#623)Additional license metadata for the Python package has been added. The actual SPDX license expression remains the same:
Apache-2.0 AND CC0-1.0 AND CC-BY-SA-4.0 AND GPL-3.0-or-later
. (#733)Added
--contributor
option toannotate
. (#669)Added
--json
flag tolint
command (#654).reuse.ReuseInfo
now hascopy
andunion
methods. (#759)reuse.ReuseInfo
now stores information about the source from which the information was gathered. (#654, #787)Added Ukrainian and Czech translations (#767)
Added
--suppress-deprecation
to hide (verbose) deprecation warnings. (#778)
Changed¶
Bumped SPDX license list to v3.20. (#692)
reuse.SpdxInfo
was renamed toreuse.ReuseInfo
. It is now a (frozen) dataclass instead of a namedtuple. This is only relevant if you’re using reuse as a library in Python. Other functions and methods were similarly renamed. (#669)Sphinx documentation: Switched from RTD theme to Furo. (#673, #716)
Removed dependency on setuptools’
pkg_resources
to determine the installed version of reuse. (#724)Bumped SPDX license list to v3.21. (#763)
Project.reuse_info_of
now returns a list ofReuseInfo
objects instead of a single one. This is because the source information is now stored alongside the REUSE information. (#787)
Deprecated¶
Pending deprecation of aggregation of file sources. Presently, when copyright and licensing information is defined both within e.g. the file itself and in the DEP5 file, then the information is merged or aggregated for the purposes of linting and BOM generation. In the future, this will no longer be the case unless explicitly defined. The exact mechanism for this is not yet concrete, but a
PendingDeprecationWarning
will be shown to the user to make them aware of this. (#778)
Removed¶
Python 3.6 and 3.7 support has been dropped. (#673, #759)
Removed runtime and build time dependency on
setuptools
. (#724)
Fixed¶
Fixed automatic generation of Sphinx documentation via readthedocs.io by adding a
.readthedocs.yaml
configuration file (#648)Fixed a compatibility issue where reuse could not be installed (built) if gettext is not installed. (#691)
Translations are available in Docker images. (#701)
Marked the
/data
directory in Docker containers as safe in Git, preventing errors related to linting Git repositories. (#720)Repaired error when using Galician translations. (#719)
Security¶
v2.0.0 - 2023-06-21 [YANKED]¶
This version was yanked because of an unanticipated workflow that we broke. The
breaking change is the fact that an order of precedence was defined for
copyright and licensing information sources. For instance, if a file contained
the SPDX-License-Identifier
tag, and if that file was also (explicitly or
implicitly) covered by DEP5, then the information from the DEP5 setting would no
longer apply to that file.
While the intention of the breaking change was sound (don’t mix information sources; define a single source of truth), there were legitimate use-cases that were broken as a result of this.
Apologies to everyone whose CI broke. We’ll get this one right before long.
v1.1.2 - 2023-02-09¶
Fixed¶
Note to maintainers: It is now possible/easier to use the
build
module to build this module. Previously, there was a namespace conflict. (#640)
v1.1.1 - 2023-02-05¶
Fixed¶
Don’t include documentation files (e.g.
README.md
) in top-level (i.e.,site-packages/
). (#657)Include documentation directory in sdist. (#657)
v1.1.0 - 2022-12-01¶
Added¶
Added support for Python 3.11. (#603)
More file types are recognised:
Kotlin script (
.kts
)Android Interface Definition Language (
.aidl
)Certificate files (
.pem
)
Added comment styles:
Apache Velocity Template (Extensions:
.vm
,.vtl
) (#554)XQuery comment style (Extensions:
.xq(l|m|y|uery|)
) (#610)
Some special endings are always stripped from copyright and licensing statements (#602):
">
(and variations such as'>
," >
, and"/>
)] ::
Changed¶
Removed
setup.py
and replaced it with a Poetry configuration. Maintainers beware. (#600)Updated PyPI development status to ‘production/stable’ (#381)
The pre-commit hook now passes
lint
as an overridable argument. (#574)addheader
has been renamed toannotate
. The functionality remains the same. (#550)Bumped SPDX license list to v3.19.
Deprecated¶
addheader
has been deprecated. It still works, but is now undocumented. (#550)
Removed¶
setup.py
. (#600)Releases to PyPI are no longer GPG-signed. Support for this is not present in Poetry and not planned. (#600)
Dependency on
requests
removed; usingurllib.request
from the standard library instead. (#600)
Fixed¶
Repair tests related to CVE-2022-39253 changes in upstream Git. New versions of Git no longer allow
git submodule add repository path
where repository is a file. A flag was added to explicitly allow this in the test framework. (#619)Sanitize xargs input in scripts documentation. (#525)
License identifiers in comments with symmetrical ASCII art frames are now properly detected (#560)
Fixed an error where copyright statements contained within a multi-line comment style on a single line could not be parsed (#593).
In PHP files, add header after
<?php
(#543).
v1.0.0 - 2022-05-19¶
A major release! Do not worry, no breaking changes but a development team (@carmenbianca, @floriansnow, @linozen, @mxmehl and @nicorikken) that is confident enough to declare the REUSE helper tool stable, and a bunch of long-awaited features!
Apart from smaller changes under the hood and typical maintenance tasks, the
main additions are new flags to the addheader
subcommand that ease recursive
and automatic operations, the ability to ignore areas of a file that contain
strings that may falsely be detected as copyright or license statements, and the
option to merge copyright lines. The tool now also has better handling of some
edge cases with copyright and license identifiers.
We would like to thank the many contributors to this release, among them @ajinkyapatil8190, @aspiers, @ferdnyc, @Gri-ffin, @hexagonrecursion, @hoijui, @Jakelyst, @Liambeguin, @rex4539, @robinkrahl, @rpavlik, @siiptuo, @thbde and @ventosus.
Added¶
Extend tool documentation with scripts to help using this tool and automating some steps that are not built into the tool itself. (#500)
Recommendations for installation/run methods: package managers and pipx (#457)
Docker images for AArch64 (#478)
Added the ability to ignore parts of a file when running
reuse lint
. Simply addREUSE-IgnoreStart
andREUSE-IgnoreEnd
as comments and all lines between the two will be ignored by the next run ofreuse lint
. (#463)Meson subprojects are now ignored by default. (#496)
More file types are recognised:
sbt build files (
.sbt
)Vimscript files (
.vim
)
Added
--skip-existing
flag toaddheader
in order to skip files that already contain SPDX information. This may be useful for only adding SPDX information to newly created files. (#480)Added
--recursive
flag toaddheader
. (#469)Preserve shebang for more script files:
V-Lang (#432)
Ignore all SPDX files with their typical formats and extensions. (#494)
Add support for merging copyright lines based on copyright statement, transforming multiple lines with a single year into a single line with a range. (#328)
Changed¶
Use
setuptools
instead of the deprecateddistutils
which will be removed with Python 3.12. (#451)addheader --explicit-license
renamed to--force-dot-license
. (#476)Dockerfiles for reuse-tool are now in a separate subdirectory
docker
. (#499)Updated SPDX license list to 3.17. (#513)
The copyright detection mechanism now silently accepts the following strings:
Copyright(c)
andCopyright(C)
. (#440)
Deprecated¶
Deprecated
--explicit-license
in favour of--force-dot-license
.--explicit-license
will remain useable (although undocumented) for the foreseeable future. (#476)
Removed¶
JsxCommentStyle
in favor of usingCCommentStyle
directly (see sectionFixed
). (#406)
Fixed¶
Better support for unary “+” operator in license identifiers. For example, if
Apache-1.0+
appears as a declared license, it should not be identified as missing, bad, or unused ifLICENSES/Apache-1.0.txt
exists. It is, however, identified separately as a used license. (#123)When
addheader
creates a.license
file, that file now has a newline at the end. (#477)Cleaned up internal string manipulation. (#477)
JSX (
.jxs
and.tsx
) actually uses C comment syntax as JSX blocks never stand at the beginning of the file where the licensing info needs to go. (#406)
v0.14.0 - 2021-12-27¶
Happy holidays! This is mainly a maintenance release fixing some subcommands and
adding loads of supported file types and file names. However, you can also enjoy
the supported-licenses
subcommand and the --quiet
flag for linting as well
as better suggestions for license identifiers. Thanks to everyone who
contributed!
Added¶
supported-licenses
command that lists all licenses supported by REUSE (#401)--quiet
switch to thelint
command (#402)Better suggestions for faulty SPDX license identifiers in
download
andinit
(#416)Python 3.10 support declared
More file types are recognised:
Apache FreeMarker Template Language (
.ftl
)AsciiDoc (
.adoc
,.asc
,.asciidoc
)Bibliography (
.csl
)C++ (
.cc
and.hh
)GraphQL (
.graphql
)Handlebars (
.hbs
)Markdown-linter config (
.mdlrc
)MS Office (
.doc
,.xls
,.pptx
and many more)Nimble (
.nim.cfg
,.nimble
)Open Document Format (
.odt
,.ods
,.fodp
and many more)Perl plain old documentation (
.pod
)Portable document format (
.pdf
)Protobuf files (
.proto
)Soy templates (
.soy
)SuperCollider (
.sc
,.scsyndef
)Turtle/RDF (
.ttl
)V-Lang (
.v
,.vsh
)Vue.js (
.vue
)
More file names are recognised:
Doxygen (
Doxyfile
)ESLint (
.eslintignore
and.eslintrc
)Meson options file (
meson_options.txt
)NPM ignore (
.npmignore
)Podman container files (
Containerfile
)SuperCollider (
archive.sctxar
)Yarn package manager (
.yarn.lock
and.yarnrc
)
Changed¶
Updated SPDX license list to 3.15
Fixed¶
Fix Extensible Stylesheet Language (
.xsl
) to use HTML comment syntaxAllow creating .license file for write-protected files (#347) (#418)
Do not break XML files special first line (#378)
Make
download
subcommand work correctly outside of project root and with--root
(#430)
v0.13.0 - 2021-06-11¶
Added¶
addheader
recognises file types that specifically require .license files instead of headers usingUncommentableCommentStyle
. (#189).hgtags
is ignored. (#227)spdx-symbol
added to possible copyright styles. (#350)addheader
ignores case when matching file extensions and names. (#359)Provide
latest-debian
as Docker Hub tag, created byDockerfile-debian
. (#321)More file types are recognised:
Javascript modules (
.mjs
)Jupyter Notebook (
.ipynb
)Scalable Vector Graphics (
.svg
)JSON (
.json
)Comma-separated values (
.csv
)Racket (
.rkt
)Org-mode (
.org
)LaTeX package files (
.sty
)devicetree (
.dts
,.dtsi
)Bitbake (.bb, .bbappend, .bbclass)
XML schemas (
.xsd
)OpenSCAD (
.scad
)
More file names are recognised:
Bash configuration (
.bashrc
)Coverage.py (
.coveragerc
)Jenkins (
Jenkinsfile
)SonarScanner (
sonar-project.properties
)Gradle (
gradle-wrapper.properties
,gradlew
)
Changed¶
Bump
alpine
Docker base image to 3.13. (#369)
Fixed¶
Fixed a regression where unused licenses were not at all detected. (#285)
Declared dependency on
python-debian != 0.1.39
on Windows. This version does not import on Windows. (#310)MANIFEST.in
is now recognised instead of the incorrectManifest.in
byaddheader
. (#306)addheader
now checks whether a file is both readable and writeable instead of only writeable. (#241)addheader
now preserves line endings. (#308)download
does no longer fail when both--output
and--all
are used. (#326)Catch erroneous SPDX expressions. (#331)
Updated SPDX license list to 3.13.
v0.12.1 - 2020-12-17¶
Fixed¶
Bumped versions of requirements. (#288)
v0.12.0 - 2020-12-16¶
This release was delayed due to the absence of the lead developer (Carmen, me, the person writing these release notes). Many thanks to Max Mehl for coordinating the project in my absence. Many thanks also to the contributors who sent in pull requests, in reverse chronological order: Olaf Meeuwissen, Mikko Piuola, Wolfgang Traylor, Paul Spooren, Robert Cohn, ethulhu, pukkamustard, and Diego Elio Pettenò.
Added¶
Separate Docker image with additional executables installed (
fsfe/reuse:latest-extra
) (#238)Allow different styles of copyright lines: SPDX (default), String, String (C), String ©, and © (#248)
Convenience function to update resources (SPDX license list and exceptions) (#268)
More file types are recognised:
ClojureScript (
.cljc
,.cljs
)Fortran (
.F
,.F90
,.f90
,.f95
,.f03
,.f
,.for
)Makefile (
.mk
)PlantUML (
.iuml
,.plantuml
,.pu
,.puml
)R (
.R
,.Renviron
,.Rprofile
)ReStructured Text (
.rst
)RMarkdown (
.Rmd
)Scheme (
.scm
)TypeScript (
.ts
)TypeScript JSX (
.tsx
)Windows Batch (
.bat
)
More file names are recognised:
.dockerignore
Gemfile
go.mod
meson.build
Rakefile
Changed¶
Use UTF-8 explicitly when reading files (#242)
Fixed¶
Updated license list to 3.11.
v0.11.1 - 2020-06-08¶
Fixed¶
Similar to CAL-1.0 and CAL-1.0-Combined-Work-Exception, SHL-2.1 is now ignored because it contains an SPDX tag within itself.
v0.11.0 - 2020-05-25¶
Added¶
Added
--skip-unrecognised
flag toaddheader
in order to skip files with unrecognised comment styles instead of aborting without processing any file.
Changed¶
Always write the output files encoded in UTF-8, explicitly. This is already the default on most Unix systems, but it was not on Windows.
All symlinks and 0-sized files in projects are now ignored.
Fixed¶
The licenses CAL-1.0 and CAL-1.0-Combined-Work-Exception contain an SPDX tag within themselves. Files that are named after these licenses are now ignored.
Fixed a bug where
addheader
wouldn’t properly apply the template on.license
files if the.license
file was non-empty, but did not contain valid SPDX tags.
v0.10.1 - 2020-05-14¶
Fixed¶
Updated license list to 3.8-106-g4cfec76.
v0.10.0 - 2020-04-24¶
Added¶
Add support for autoconf comment style (listed as m4).
More file types are recognised:
Cython (
.pyx
,.pxd
)Sass and SCSS (
.sass
,.scss
)XSL (
.xsl
)Mailmap (
.mailmap
)
Added
--single-line
and--multi-line
flags toaddheader
. These flags force a certain comment style.
Changed¶
The Docker image has an entrypoint now. In effect, this means running:
docker run -v $(pwd):/data fsfe/reuse lint
instead ofdocker run -v $(pwd):/data fsfe/reuse reuse lint
.
v0.9.0 - 2020-04-21¶
Added¶
Added support for Mercurial 4.3+.
A pre-commit hook has been added.
When an incorrect SPDX identifier is forwarded to
download
orinit
, the tool now suggests what you might have meant.
Changed¶
Under the hood, a lot of code that has to do with Git and Mercurial was moved into its own module.
The Docker image has been changed such that it now automagically runs
reuse lint
on the/data
directory unless something else is specified by the user.
Fixed¶
Fixed a bug with
addheader --explicit-license
that would result infile.license.license
iffile.license
already existed.Fixed a Windows-only bug to do with calling subprocesses.
Fixed a rare bug that would trigger when a directory is both ignored and contains a
.git
file.
v0.8.1 - 2020-02-22¶
Added¶
Support Jinja (Jinja2) comment style.
Support all multi-line comment endings when parsing for SPDX information.
Fixed¶
Improvements to German translation by Thomas Doczkal.
No longer remove newlines at the end of files when using
addheader
.There can now be a tab as whitespace after
SPDX-License-Identifier
andSPDX-FileCopyrightText
.
v0.8.0 - 2020-01-20¶
Added¶
Implemented
--root
argument to specify the root of the project without heuristics.The linter will complain about licenses without file extensions.
Deprecated licenses are now recognised.
lint
will complain about deprecated licenses.ProjectReport generation (
lint
,spdx
) now uses Python multiprocessing, more commonly called multi-threading outside of Python. This has a significant speedup of approximately 300% in testing. Because of overhead, performance increase is not exactly linear.For setups where multiprocessing is unsupported or unwanted,
--no-multiprocessing
is added as flag.addheader
now recognises many more extensions. Too many to list here.addheader
now also recognises full filenames such asMakefile
and.gitignore
.Added BibTex comment style.
Updated translations:
Dutch (André Ockers, Carmen Bianca Bakker)
French (OliBug, Vincent Lequertier)
Galician (pd)
German (Max Mehl)
Esperanto (Carmen Bianca Bakker)
Portuguese (José Vieira)
Spanish (Roberto Bauglir)
Turkish (T. E. Kalayci)
Changed¶
The linter output has been very slightly re-ordered to be more internally consistent.
reuse --version
now prints a version with a Git hash on development versions. Towards that end, the tool now depends onsetuptools-scm
during setup. It is not a runtime dependency.
Removed¶
lint
no longer accepts path arguments. Where previously one could doreuse lint SUBDIRECTORY
, this is no longer possible. When linting, you must always lint the entire project. To change the project’s root, use--root
.FileReportInfo
has been removed.FileReport
is used instead.
Fixed¶
A license that does not have a file extension, but whose full name is a valid SPDX License Identifier, is now correctly identified as such. The linter will complain about them, however.
If the linter detects a license as being a bad license, that license can now also be detected as being missing.
Performance of
project.all_files()
has been improved by quite a lot.Files with CRLF line endings are now better supported.
v0.7.0 - 2019-11-28¶
Changed¶
The program’s package name on PyPI has been changed from
fsfe-reuse
toreuse
.fsfe-reuse==1.0.0
has been created as an alias that depends onreuse
.fsfe-reuse
will not receive any more updates, but will still host the old versions.For users of
fsfe-reuse
, this means:If you depend on
fsfe-reuse
orfsfe-reuse>=0.X.Y
in your requirements.txt, you will get the latest version ofreuse
when you installfsfe-reuse
. You may like to change the name toreuse
explicitly, but this is not strictly necessary.If you depend on
fsfe-reuse==0.X.Y
, then you will keep getting that version. When you bump the version you depend on, you will need to change the name toreuse
.If you depend on
fsfe-reuse>=0.X.Y<1.0.0
, then 0.6.0 will be the latest version you receive. In order to get a later version, you will need to change the name toreuse
.
v0.6.0 - 2019-11-19¶
Added¶
--include-submodules
is added to also include submodules when linting et cetera.addheader
now also recognises the following extensions:.kt
.xml
.yaml
.yml
Changed¶
Made the workaround for
MachineReadableFormatError
introduced in 0.5.2 more generic.Improved shebang detection in
addheader
.For
addheader
, the SPDX comment block now need not be the first thing in the file. It will find the SPDX comment block and deal with it in-place.Git submodules are now ignored by default.
addheader --explicit-license
now no longer breaks on unsupported filetypes.
v0.5.2 - 2019-10-27¶
Added¶
python3 -m reuse
now works.
Changed¶
Updated license list to 3.6-2-g2a14810.
Fixed¶
Performance of
reuse lint
improved by at least a factor of 2. It no longer does any checksums on files behind the scenes.Also handle
MachineReadableFormatError
when parsing DEP5 files. Tries to import that error. If the import is unsuccessful, it is handled.
v0.5.1 - 2019-10-24 [YANKED]¶
This release was replaced by 0.5.2 due to importing
MachineReadableFormatError
, which is not a backwards-compatible change.
v0.5.0 - 2019-08-29¶
Added¶
TeX and ML comment styles added.
Added
--year
and--exclude-year
toreuse addheader
.Added
--template
toreuse addheader
.Added
--explicit-license
toreuse addheader
.binaryornot
added as new dependency.Greatly improved the usage documentation.
Changed¶
reuse addheader
now automatically adds the current year to the copyright notice.reuse addheader
preserves the original header below the new header if it did not contain any SPDX information.reuse addheader
now correctly handles.license
files.Bad licenses are no longer resolved to LicenseRef-Unknown
. They are instead resolved to the stem of the path. This reduces the magic in the code base. .gitkeep
files are now ignored by the tool.Changed Lisp’s comment character from ‘;;’ to ‘;’.
v0.4.1 - 2019-08-07¶
Added¶
--all
argument help toreuse download
, which downloads all detected missing licenses.
Fixed¶
When using
reuse addheader
on a file that contains a shebang, the shebang is preserved.Copyright lines in
reuse spdx
are now sorted.Some publicly visible TODOs were patched away.
v0.4.0 - 2019-08-07¶
This release is a major overhaul and refactoring of the tool. Its primary focus is improved usability and speed, as well as adhering to version 3.0 of the REUSE Specification.
Added¶
reuse addheader
has been added as a way to automatically add copyright statements and license identifiers to the headers of files. It is currently not complete.reuse init
has been added as a way to initialise a REUSE project. Its functionality is currently scarce, but should improve in the future.
Changed¶
reuse lint
now provides a helpful summary instead of merely spitting out non-compliant files.reuse compile
is nowreuse spdx
.In addition to
Copyright
and©
, copyright lines can be marked with the tagSPDX-FileCopyrightText:
. This is the new recommended default.Project no longer depends on pygit2.
The list of SPDX licenses has been updated.
Valid-License-Identifier
is no longer used, and licenses and exceptions can now only live inside of the LICENSES/ directory.
Removed¶
Removed
--ignore-debian
.Removed
--spdx-mandatory
,--copyright-mandatory
,--ignore-missing
arguments fromreuse lint
.Remove
reuse license
.GPL-3.0 and GPL-3.0+ (and all other similar GPL licenses) are no longer detected as SPDX identifiers. Use GPL-3.0-only and GPL-3.0-or-later instead.
Fixed¶
Scanning a Git directory is a lot faster now.
Scanning binary files is a lot faster now.
v0.3.4 - 2019-04-15¶
This release should be a short-lived one. A new (slightly backwards-incompatible) version is in the works.
Added¶
Copyrights can now start with
©
in addition toCopyright
. The former is now recommended, but they are functionally similar.
Changed¶
The source code of reuse is now formatted with black.
The repository has been moved from https://git.fsfe.org/reuse/reuse to https://gitlab.com/reuse/reuse.
v0.3.3 - 2018-07-15¶
Fixed¶
Any files with the suffix
.spdx
are no longer considered licenses.
v0.3.2 - 2018-07-15¶
Fixed¶
The documentation now builds under Python 3.7.
v0.3.1 - 2018-07-14¶
Fixed¶
When using reuse from a child directory using pygit2, correctly find the root.
v0.3.0 - 2018-05-16¶
Changed¶
The output of
reuse compile
is now deterministic. The files, copyright lines and SPDX expressions are sorted alphabetically.
Fixed¶
When a GPL license could not be found, the correct
-only
or-or-later
extension is now used in the warning message, rather than a bareGPL-3.0
.If you have a license listed as
SPDX-Valid-License: GPL-3.0-or-later
, this now correctly matches corresponding SPDX identifiers. Still it is recommended to useSPDX-Valid-License: GPL-3.0
instead.
v0.2.0 - 2018-04-17¶
Added¶
Internationalisation support added. Initial support for:
English.
Dutch.
Esperanto.
Spanish.
Fixed¶
The license list of SPDX 3.0 has deprecated
GPL-3.0
andGPL-3.0+
et al in favour ofGPL-3.0-only
andGPL-3.0-or-later
. The program has been amended to accommodate sufficiently for those licenses.
Changed¶
Project.reuse_info_of
now extracts, combines and returns information both from the file itself and from debian/copyright.ReuseInfo
now holds sets instead of lists.As a result of this,
ReuseInfo
will not hold duplicates of copyright lines or SPDX expressions.
click removed as dependency. Good old argparse from the library is used instead.
v0.1.1 - 2017-12-14¶
Changed¶
The
reuse --help
text has been tidied up a little bit.
Fixed¶
Release date in change log fixed.
The PyPI homepage now gets reStructuredText instead of Markdown.
v0.1.0 - 2017-12-14¶
Added¶
Successfully parse old-style C and HTML comments now.
Added
reuse compile
, which creates an SPDX bill of materials.Added
--ignore-missing
toreuse lint
.Allow to specify multiple paths to
reuse lint
.chardet
added as dependency.pygit2
added as soft dependency. reuse remains usable without it, but the performance withpygit2
is significantly better. Becausepygit2
has a non-Python dependency (libgit2
), it must be installed independently by the user. In the future, when reuse is packaged natively, this will not be an issue.
Changed¶
Updated to version 2.0 of the REUSE recommendations. The most important change is that
License-Filename
is no longer used. Instead, the filename is deducted fromSPDX-License-Identifier
. This change is NOT backwards compatible.The conditions for linting have changed. A file is now non-compliant when:
The license associated with the file could not be found.
There is no SPDX expression associated with the file.
There is no copyright notice associated with the file.
Only read the first 4 KiB (by default) from code files rather than the entire file when searching for SPDX tags. This speeds up the tool a bit.
Project.reuse_info_of
no longer raises an exception. Instead, it returns an emptyReuseInfo
object when no reuse information is found.Logging is a lot prettier now. Only output entries from the
reuse
module.
Fixed¶
reuse --ignore-debian compile
now works as expected.The tool no longer breaks when reading a file that has a non-UTF-8 encoding. Instead,
chardet
is used to detect the encoding before reading the file. If a file still has errors during decoding, those errors are silently ignored and replaced.
v0.0.4 - 2017-11-06¶
Fixed¶
Removed dependency on
os.PathLike
so that Python 3.5 is actually supported
v0.0.3 - 2017-11-06¶
Fixed¶
Fixed the link to PyPI in the README.
v0.0.2 - 2017-11-03¶
This is a very early development release aimed at distributing the program as soon as possible. Because this is the first release, the changelog is a little empty beyond “created the program”.
The program can do roughly the following:
Detect the license of a given file through one of three methods (in order of precedence):
Information embedded in the .license file.
Information embedded in its header.
Information from the global debian/copyright file.
Find and report all files in a project tree of which the license could not be found.
Ignore files ignored by Git.
Do some logging into STDERR.