Changelog
CHANGELOG
v7.3.2 (2024-04-26)
Fix
fix: properly sort components based on all properties (#599)
reverts #587 - as this one introduced errors fixes #598 fixes #586
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Paul Horton <paul.horton@owasp.org> (``8df488c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593>`_)
v7.3.1 (2024-04-22)
Chore
chore: semantic-release git commit/sign valid email address
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``d437c40` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d437c40caa70071f0fcfe4e3c970370ee32d4aba>`_)
Fix
fix: include all fields of
Componentin__lt__function for #586 (#587)
Fixes #586.
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``d784685` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900>`_)
v7.3.0 (2024-04-19)
Feature
feat: license factory set
acknowledgement(#593)
add a parameter to LicenseFactory.make_*() methods, to set the LicenseAcknowledgement.
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7ca2455` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6>`_)
v7.2.0 (2024-04-19)
Feature
feat: disjunctive license acknowledgement (#591)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``9bf1839` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60>`_)
Unknown
tests: add meaningful names to validation tests (#588)
When packaging cyclonedx-python-lib for a Linux distribution, it’s pretty common that some JSON validation tests fail. 1
Due to the large number of combinations and the fact that these tests are consecutively numbered, it has been tedious to figure out which tests are exactly failing and why. This in turn makes it difficult to decide which tests to disable or report upstream.
Append meaningful names to validation tests so that instead of e.g.:
[…]::TestJsonValidator::test_validate_no_none_001
[…]::TestJsonValidator::test_validate_no_none_002
[…]::TestJsonValidator::test_validate_no_none_003
[…]::TestJsonValidator::test_validate_no_none_004
[…]::TestJsonValidator::test_validate_no_none_005
[…]::TestJsonValidator::test_validate_no_none_006
[…]::TestJsonValidator::test_validate_no_none_007
[…]::TestJsonValidator::test_validate_no_none_008
the tests are named:
[…]::TestJsonValidator::test_validate_no_none_001_valid_component_swid_1_6
[…]::TestJsonValidator::test_validate_no_none_002_valid_machine_learning_considerations_env_1_6
[…]::TestJsonValidator::test_validate_no_none_003_valid_metadata_tool_1_6
[…]::TestJsonValidator::test_validate_no_none_004_valid_patch_1_6
[…]::TestJsonValidator::test_validate_no_none_005_valid_empty_components_1_6
[…]::TestJsonValidator::test_validate_no_none_006_valid_properties_1_6
[…]::TestJsonValidator::test_validate_no_none_007_valid_service_1_6
[…]::TestJsonValidator::test_validate_no_none_008_valid_metadata_author_1_6
Signed-off-by: Claudia <claui@users.noreply.github.com> (``ae3f79c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae3f79cbaeecda94948bff6a64ab797c5ddd934a>`_)
doc: poor merge resolved
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``a498faa` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66>`_)
v7.1.0 (2024-04-10)
Documentation
docs: missing schema support table & update schema support to reflect version 7.0.0 (#584)
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``d230e67` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7>`_)
Feature
feat: support
bom.propertiesfor CycloneDX v1.5+ (#585)
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``1d1c45a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7>`_)
v7.0.0 (2024-04-09)
Breaking
feat!: Support for CycloneDX v1.6
added draft v1.6 schemas and boilerplate for v1.6
Signed-off-by: Paul Horton <paul.horton@owasp.org>
re-generated test snapshots for v1.6
Signed-off-by: Paul Horton <paul.horton@owasp.org>
note
bom.metadata.manufactureas deprecated
Signed-off-by: Paul Horton <paul.horton@owasp.org>
work on
bom.metadatafor v1.6
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Deprecated
.component.author. Added.component.authorsand.component.manufacturer
Signed-off-by: Paul Horton <paul.horton@owasp.org>
work to add
.component.omniborid- but tests deserialisation tests fail due to schema differences (.component.authornot in 1.6)
Signed-off-by: Paul Horton <paul.horton@owasp.org>
work to get deserialization tests passing
Signed-off-by: Paul Horton <paul.horton@owasp.org>
chore(deps): bump
py-serializableto >=1.0.3 to resolve issues with deserialization to XML
Signed-off-by: Paul Horton <paul.horton@owasp.org>
imports tidied
Signed-off-by: Paul Horton <paul.horton@owasp.org>
properly added
.component.swhid
Signed-off-by: Paul Horton <paul.horton@owasp.org>
add
.component.cryptoProperties- with test failures for SchemaVersion < 1.6
Signed-off-by: Paul Horton <paul.horton@owasp.org>
typing and bandit ignores
Signed-off-by: Paul Horton <paul.horton@owasp.org>
coding standards
Signed-off-by: Paul Horton <paul.horton@owasp.org>
test filtering
Signed-off-by: Paul Horton <paul.horton@owasp.org>
coding standards
Signed-off-by: Paul Horton <paul.horton@owasp.org>
additional tests to increase code coverage
Signed-off-by: Paul Horton <paul.horton@owasp.org>
corrected CryptoMode enum
Signed-off-by: Paul Horton <paul.horton@owasp.org>
coding standards
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Added
addresstoorganizationalEntity
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Added
addresstoorganizationalEntity
Signed-off-by: Paul Horton <paul.horton@owasp.org>
raise
UserWarningin.component.versionhas length > 1024
Signed-off-by: Paul Horton <paul.horton@owasp.org>
coding standards and typing
Signed-off-by: Paul Horton <paul.horton@owasp.org>
add
acknowledgementtoLicenseExpression(#582)
Signed-off-by: Paul Horton <paul.horton@owasp.org>
more proper way to filter test cases
Signed-off-by: Paul Horton <paul.horton@owasp.org>
update schema to published versions
Signed-off-by: Paul Horton <paul.horton@owasp.org>
fetch schema 1.6 JSON
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
fetch test data for CDX 1.6
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
reformat
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
reformat
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
refactor
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
style
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
refactor
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``8bbdf46` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da>`_)
Chore
chore(deps-dev): update autopep8 requirement from 2.0.4 to 2.1.0 (#573)
Updates the requirements on autopep8 to permit the latest version.
updated-dependencies:
dependency-name: autopep8 dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``35749c6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/35749c6cd18ebb8911b7cefac8a381d2ee57177a>`_)
chore(deps-dev): update tox requirement from 4.14.1 to 4.14.2 (#574)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``d60f457` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d60f4570621246ce3d68e7f2e7f1aa831fb818f0>`_)
v6.4.4 (2024-03-18)
Chore
chore(deps-dev): update coverage requirement from 7.4.3 to 7.4.4 (#570)
Updates the requirements on coverage to permit the latest version.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``3a2e427` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a2e427ba9967f11c15cd1a47c59a933b699c87b>`_)
chore(deps): bump python-semantic-release/python-semantic-release (#564)
Bumps python-semantic-release/python-semantic-release from 8.5.1 to 9.1.1.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``d20a590` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d20a5902582facab0636e9ff8a261edcaf886a3e>`_)
chore(deps-dev): update tox requirement from 4.13.0 to 4.14.1 (#567)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``2dcc60e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2dcc60e53ec66d642c728596ff25fed4df5659a0>`_)
chore(deps-dev): update bandit requirement from 1.7.7 to 1.7.8 (#566)
Updates the requirements on bandit to permit the latest version.
updated-dependencies:
dependency-name: bandit dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``eb1a252` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb1a2525c09e0dd10f11ff83b451a4db4fb00d9b>`_)
chore(deps-dev): update mypy requirement from 1.8.0 to 1.9.0 (#565)
Updates the requirements on mypy to permit the latest version.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``3ce0f3a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ce0f3a373d9f1b07af50d9b707f766ea446e518>`_)
Fix
fix: wrong extra name for xml validation (#571)
Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> (``10e38e2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124>`_)
v6.4.3 (2024-03-04)
Chore
chore(deps-dev): update ddt requirement from 1.7.1 to 1.7.2 (#563)
Updates the requirements on ddt to permit the latest version.
updated-dependencies:
dependency-name: ddt dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``53cb8a9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/53cb8a9aa2630e992467525ff246a0f6e6759100>`_)
Fix
fix: serialization of
model.component.Diff(#557)
Fixes #556
Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``22fa873` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a>`_)
v6.4.2 (2024-03-01)
Build
build: use poetry v1.8.1 (#560)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``6f81dfa` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3>`_)
Chore
chore(deps-dev): update coverage requirement from 7.4.1 to 7.4.3 (#558)
Updates the requirements on coverage to permit the latest version.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``2b7f261` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b7f261585faa6237e635b18d5ecaf03d81439ba>`_)
chore(deps): bump Gr1N/setup-poetry from 8 to 9 (#555)
Bumps Gr1N/setup-poetry from 8 to 9.
updated-dependencies:
dependency-name: Gr1N/setup-poetry dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``178ce32` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/178ce32c0da822b8f1b4d13b427d6f21ea252b59>`_)
chore(deps-dev): update tox requirement from 4.12.1 to 4.13.0 (#553)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``77fb2ec` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/77fb2ec3593fac577a48894f329a77a7ac6d417c>`_)
chore(deps-dev): update flake8-quotes requirement from 3.3.2 to 3.4.0 (#552)
Updates the requirements on flake8-quotes to permit the latest version.
updated-dependencies:
dependency-name: flake8-quotes dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``cd8e67c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd8e67c15ae09a07f51f15855c1ae05734352f52>`_)
chore(deps-dev): update flake8-bugbear requirement (#549)
Updates the requirements on flake8-bugbear to permit the latest version.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``153d83e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/153d83e5a18a2696d49884319fd156628a19cd7b>`_)
Documentation
docs: update architecture description and examples (#550)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a19fd28` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108>`_)
docs: exclude internal docs from rendering (#545)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7e55dfe` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd>`_)
Unknown
docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``63cff7e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58>`_)
docs (#546)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``b0e5b43` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79>`_)
v6.4.1 (2024-01-30)
Chore
chore(deps-dev): update bandit requirement from 1.7.6 to 1.7.7 (#542)
Updates the requirements on bandit to permit the latest version.
updated-dependencies:
dependency-name: bandit dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``0d159c2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d159c29cab7cd57e2028a302ef24f1947de235d>`_)
chore(deps-dev): update coverage requirement from 7.4.0 to 7.4.1 (#541)
Updates the requirements on coverage to permit the latest version.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``fa82a24` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa82a2413f1aa350d16ad3ac0c5163da97e29e34>`_)
Documentation
docs: ship docs with
sdistbuild (#544)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``52ef01c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f>`_)
docs: refactor example
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c1776b7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17>`_)
Fix
fix:
model.BomRefno longer equal to unset peers (#543)fixes #539
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``1fd7fee` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419>`_)
Unknown
tests: fetched schema 1.5 test data from spec (#536)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``394cc87` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/394cc87b3247b6f57af4073f5548f1c5eada2b9b>`_)
v6.4.0 (2024-01-22)
Chore
chore(deps-dev): update tox requirement from 4.12.0 to 4.12.1 (#533)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``74094d7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/74094d70c15afdd9991f8b731d318f66b686cf62>`_)
chore(deps-dev): update flake8-bugbear requirement (#534)
Updates the requirements on flake8-bugbear to permit the latest version.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``6e6f374` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6e6f374ba282a67c9458b414704a3d86f4b593b4>`_)
chore: doc flake8 config
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``bd4c078` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd4c0781139bc93e28438390650ef1c7484597bb>`_)
chore(deps-dev): update tox requirement from 4.11.4 to 4.12.0 (#530)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``130918a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/130918a78d003255f1d80e6fe2031752c3baa6d1>`_)
Documentation
docs: add OpenSSF Best Practices shield (#532)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``59c4381` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2>`_)
Feature
feat: support
py-serializablev1.0 (#531)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``e1e7277` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df>`_)
v6.3.0 (2024-01-06)
Chore
chore(deps-dev): update flake8 requirement from 6.1.0 to 7.0.0 (#528)
Updates the requirements on flake8 to permit the latest version.
updated-dependencies:
dependency-name: flake8 dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``6b7ed78` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6b7ed786845d21bf079c0a636d9e689ce278644c>`_)
chore(deps-dev): update ddt requirement from 1.7.0 to 1.7.1 (#527)
Updates the requirements on ddt to permit the latest version.
updated-dependencies:
dependency-name: ddt dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9a58e7e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a58e7ee921a077425ee45f23e9cfbb8341d7ef5>`_)
Documentation
docs: add
Documentationurl to project meta
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``1080b73` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5>`_)
docs: add
Documentationurl to project meta
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c4288b3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c>`_)
Feature
feat: enable dependency
py-serializable 0.17(#529)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``9f24220` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1>`_)
v6.2.0 (2023-12-31)
Build
build: allow additional major-version RC branch patterns
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f8af156` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48>`_)
Chore
chore(deps-dev): update coverage requirement from 7.3.3 to 7.4.0 (#524)
Updates the requirements on coverage to permit the latest version.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9bcc223` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bcc223b783306cf2255b3910acf5518d7ea223c>`_)
chore(deps-dev): update mypy requirement from 1.7.1 to 1.8.0 (#521)
Updates the requirements on mypy to permit the latest version.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``720046e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/720046e2f69c64216b5ef847ad5f76a95f450a8f>`_)
Documentation
docs: fix typo
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``2563996` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d>`_)
docs: update intro and description
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f0bd05d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a>`_)
docs: buld docs on ubuntu22.04 python311
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``b3e9ab7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39>`_)
Feature
feat: allow
lxmlrequirement in range of>=4,<6(#523)
Updates the requirements on lxml to permit the latest version.
updated-dependencies:
dependency-name: lxml dependency-type: direct:production …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``7d12b9a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e>`_)
Unknown
docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7dcd166` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa>`_)
v6.1.0 (2023-12-22)
Chore
chore: update maintainers
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``87c72d7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/87c72d7f589faea67c5f90f041531468f8ae480c>`_)
chore(deps): bump python-semantic-release/python-semantic-release (#515)
Bumps python-semantic-release/python-semantic-release from 8.5.0 to 8.5.1.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``0f56ec4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f56ec471268d0b27c5956b93021a982945873a2>`_)
chore(deps-dev): update coverage requirement from 7.3.2 to 7.3.3 (#517)
Updates the requirements on coverage to permit the latest version.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``a57e2f6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a57e2f6ee14d015e58e2175dcbb087d971731f92>`_)
chore(deps-dev): update isort requirement from 5.13.0 to 5.13.2 (#516)
Updates the requirements on isort to permit the latest version.
updated-dependencies:
dependency-name: isort dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``84874a3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/84874a39610b0108335413da23f50b2911c20c78>`_)
Feature
feat: add function to map python
hashlibalgorithms to CycloneDX (#519)
new API: model.HashType.from_hashlib_alg()
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``81f8cf5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631>`_)
v6.0.0 (2023-12-10)
Breaking
feat!: v6.0.0 (#492)
Breaking Changes
Removed symbols that were already marked as deprecated (via #493)
Removed
output.LATEST_SUPPORTED_SCHEMA_VERSION(#491 via #494)Serialization of unsupported enum values might downgrade/migrate/omit them (#490 via #496)
Handling might raise warnings if a data loss occurred due to omitting.
The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered.Serialization of any
model.component.Componentwith unsupportedtyperaisesexception.serialization.SerializationOfUnsupportedComponentTypeException(#490 via #496)Object
model.bom_ref.BomRef's propertyvaluedefaults toNull, was arbitraryUUID(#504 via #505)
This change does not affect serialization. Allbom-refs are guaranteed to have unique values on rendering.
Added
Tests
Misc
Bumped dependency
py-serializable@^0.16, was@^0.15(via #496)
API Changes — the details for migration
Added new sub-package
exception.serialization(via #496)Enum
model.ExternalReferenceTypegot new cases, to reflect features for CycloneDX 1.5 (#404 via #488)Enum
model.component.ComponentTypegot new cases, to reflect features for CycloneDX 1.5 (#404 via #488)Removed
model.component.Component.__init__()'s deprecated optional kwargnamespace(via #493)
Use kwarggroupinstead.Removed
model.component.Component.__init__()'s deprecated optional kwarglicense_str(via #493)
Use kwarglicensesinstead.Removed deprecated method
model.component.Component.get_namespace()(via #493)Removed class
models.dependency.DependencyDependencies(#503 via #506)Removed
model.vulnerability.Vulnerability.__init__()'s deprecated optional kwargsource_name(via #493)
Use kwargsourceinstead.Removed
model.vulnerability.Vulnerability.__init__()'s deprecated optional kwargsource_url(via #493)
Use kwargsourceinstead.Removed
model.vulnerability.Vulnerability.__init__()'s deprecated optional kwargrecommendations(via #493)
Use kwargrecommendationinstead.Removed
model.vulnerability.VulnerabilityRating.__init__()'s deprecated optional kwargscore_base(via #493)
Use kwargscoreinstead.Enum
model.vulnerability.VulnerabilityScoreSourcegot new cases, to reflect features for CycloneDX 1.5 (#404 via #488)Removed
output.LATEST_SUPPORTED_SCHEMA_VERSION(#491 via #494)Removed deprecated function
output.get_instance()(via #493)
Use functionoutput.make_outputter()instead.Added new class
output.json.JsonV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)Added new item to dict
output.json.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)Added new class
output.xml.XmlV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)Added new item to dict
output.xml.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)Enum
schema.SchemaVersiongot new caseV1_5, to reflect CycloneDX 1.5 (#404 via #488)
Signed-off-by: Johannes Feichtner <johannes@web-wack.at> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> Co-authored-by: semantic-release <semantic-release> (``74865f8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490>`_)
Chore
chore(deps): bump python-semantic-release/python-semantic-release (#509)
Bumps python-semantic-release/python-semantic-release from 8.0.8 to 8.5.0.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9ed9ab1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9ed9ab129e5123b061a9cd358d418f026d2e8b7a>`_)
chore(deps-dev): update isort requirement from 5.12.0 to 5.13.0 (#512)
Updates the requirements on isort to permit the latest version.
updated-dependencies:
dependency-name: isort dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``0eba631` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0eba631c628faab454eabba66755d311606c536a>`_)
chore(deps-dev): update bandit requirement from 1.7.5 to 1.7.6 (#510)
Updates the requirements on bandit to permit the latest version.
updated-dependencies:
dependency-name: bandit dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``153b07a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/153b07a28047c408e0dc442330aa1505e74c175e>`_)
chore(deps): bump actions/setup-python from 4 to 5 (#508)
Bumps actions/setup-python from 4 to 5.
updated-dependencies:
dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``4e3e0e0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4e3e0e0e873ff45a4d6605728cb1160cd912e3cf>`_)
chore(deps): update sphinx-rtd-theme requirement (#499)
Updates the requirements on sphinx-rtd-theme to permit the latest version.
updated-dependencies:
dependency-name: sphinx-rtd-theme dependency-type: direct:production …
Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``5d6dd41` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d6dd417e0c13e596dab6c76b610788bbbb96093>`_)
chore(deps-dev): update flake8-bugbear requirement (#500)
Updates the requirements on flake8-bugbear to permit the latest version.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``e9a12b9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a12b93a9866dcb6d9a48396a7c5378d5c5f5e5>`_)
chore(deps): update py-serializable requirement (#501)
Updates the requirements on py-serializable to permit the latest version.
updated-dependencies:
dependency-name: py-serializable dependency-type: direct:production …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``04435ab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/04435abe926b6fa877bd0194733ae87b3bad9610>`_)
chore(deps-dev): update tox requirement from 4.11.3 to 4.11.4 (#502)
Updates the requirements on tox to permit the latest version.
updated-dependencies:
dependency-name: tox dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``8bf0e39` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bf0e39f62c57c8afb6b7c152156e7af1f02bd5d>`_)
v5.2.0 (2023-12-02)
Chore
chore(deps-dev): update mypy requirement from 1.7.0 to 1.7.1 (#487)
Updates the requirements on mypy to permit the latest version.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``78957e6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/78957e6592be2106de7933f5b54a0916194980e3>`_)
chore(deps-dev): update mypy requirement from 1.6.1 to 1.7.0 (#484)
Updates the requirements on mypy to permit the latest version.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``c716ba3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c716ba3751017e2f88367b660dbc11866c2feb1d>`_)
chore(deps-dev): update ddt requirement from 1.6.0 to 1.7.0 (#483)
Updates the requirements on ddt to permit the latest version.
updated-dependencies:
dependency-name: ddt dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``8a1f7b9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1f7b9678e888654a373965b7902428525f7d60>`_)
chore: mograte dev-dependencies to new poetry layout (#482)
see https://python-poetry.org/docs/managing-dependencies/#dependency-groups
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a85585c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a85585cf5e445ba5e67a027b4d1161911df6467d>`_)
chore(deps-dev): update flake8-isort requirement from 6.1.0 to 6.1.1 (#481)
Updates the requirements on flake8-isort to permit the latest version.
updated-dependencies:
dependency-name: flake8-isort dependency-type: direct:development …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``fc74ddd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc74dddc8add79be31d3747ddce9241bce2e4fed>`_)
Documentation
docs: keywaords & funding (#486)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``3189e59` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b>`_)
Feature
feat:
model.XsUrimigrate control characters according to spec (#498)
fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``e490429` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf>`_)
v5.1.1 (2023-11-02)
Fix
fix: update own
externalReferences(#480)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``edb3dde` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc>`_)
v5.1.0 (2023-10-31)
Documentation
docs: advance license docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f61a730` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75>`_)
Feature
feat: guarantee unique
BomRefs in serialization result (#479)
Incorporate output.BomRefDiscriminator on serialization
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a648775` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a>`_)
v5.0.1 (2023-10-24)
Chore
chore(deps): bump python-semantic-release/python-semantic-release (#474)
Bumps python-semantic-release/python-semantic-release from 8.0.8 to 8.3.0.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9c3ffac` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9c3ffac34e89610ccc4f9701444127e1e6f5ee07>`_)
chore: make
pyprojectparsable by dependabot (#477)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c4eaaa5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4eaaa54d98da43d0cdbb19b5f61e06a21f1cc58>`_)
Documentation
docs: revisit project meta (#475)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c3254d0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3>`_)
docs: fix RTFD build (#476)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``b9fcfb4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824>`_)
Unknown
"chore(deps): revert bump python-semantic-release/python-semantic-release (#474)"
This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07.
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``aae7304` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b>`_)
v5.0.0 (2023-10-24)
Breaking
feat!: v5.0.0 (#440)
BREAKING CHANGES
Dropped support for python<3.8 (#436 via #441; enable #433)
Reworked license related models, collections, and factories (#365 via #466)
Behavior
API
Enum
schema.SchemaVersionis no longer string-like (#442 via #447)Enum
schema.OutputVersionis no longer string-like (#442 via #447)Abstract class
output.BaseOutputrequires implementation of new methodoutput_format(#446 via #447)Abstract method
output.BaseOutput.output_as_string()got new optional parameterindent(#437 via #458)Abstract method
output.BaseOutput.output_as_string()accepts arbitrary kwargs (via #458, #462)Removed class
factory.license.LicenseChoiceFactory(via #466)
The old functionality was integrated intofactory.license.LicenseFactory.Method
factory.license.LicenseFactory.make_from_string()'s parametername_or_spdxwas renamed tovalue(via #466)Method
factory.license.LicenseFactory.make_from_string()'s return value can also be aLicenseExpression(#365 via #466)
The behavior imitates the oldfactory.license.LicenseChoiceFactory.make_from_string()Renamed class
module.Licensetomodule.license.DisjunctliveLicense(#365 via #466)Removed class
module.LicenseChoice(#365 via #466)
Use dedicated classesmodule.license.DisjunctliveLicenseandmodule.license.LicenseExpressioninsteadAll occurrences of
models.LicenseChoicewere replaced bymodels.licenses.License(#365 via #466)All occurrences of
SortedSet[LicenseChoice]were specialized tomodels.license.LicenseRepository(#365 via #466)
Fixed
Changed
Added
Support for Python 3.12 (via #460)
JSON- & XML-Validators (#432, #446 via #433, #448)
The functionality might require additional dependencies, that can be installed with the extra "validation".
See the docs in section "Installation" for details.JSON & XML can be generated in a more human-friendly form (#437, #438 via #458)
Type hints, typings & overloads for better integration downstream (via #463)
API
New function
output.make_outputter()(via #469)
This replaces the deprecated functionoutput.get_instance().New sub-package
validation(#432, #446 via #433, #448, #469, #468, #469)New class
exception.MissingOptionalDependencyException(#432 via #433)New class
exception.LicenseExpressionAlongWithOthersException(#453 via #452)New dictionaries
output.{json,xml}.BY_SCHEMA_VERSION(#446 via #447)Existing implementations of class
output.BaseOutputnow have a new methodoutput_format(#446 via #447)Existing implementations of method
output.BaseOutput.output_as_string()got new optional parameterindent(#437 via #458)Existing implementations of method
output.BaseOutput.output_to_file()got new optional parameterindent(#437 via #458)New method
factory.license.LicenseFactory.make_with_expression()(via #466)New class
serialization.LicenseRepositoryHelper(#365 via #466)
Deprecated
Function
output.get_instance()might be removed, useoutput.make_outputter()instead (via #469)
Tests
Misc
Dependencies: bumped
py-serializable@^0.15.0, was@^0.11.1(via #458, #463, #464, #466)Style: streamlined quotes and strings (via #472)
Chore: bumped internal dev- and QA-tools (#436 via #441, #472)
Chore: added more QA tools to prevent common security issues (via #473)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> Signed-off-by: semantic-release <semantic-release> Co-authored-by: semantic-release <semantic-release> (``26b151c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1>`_)
v4.2.3 (2023-10-16)
Chore
chore: Update CONTRIBUTING.md
Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> (``0ebaa21` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0ebaa216d43a1389362dbdb33f9b49f43a21ab66>`_)
Ci
ci: publish coverage report to codacy (#439)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``0012a82` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0012a82382f9f33831a80aa0e26c0cbb7fd8984b>`_)
Fix
fix: SPDX-expression-validation internal crashes are cought and handled (#471)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``5fa66a0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab>`_)
v4.2.2 (2023-09-14)
Chore
chore: dont lock poetry (#431)
fixes #430
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``49b144b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/49b144be519705b03adc510ddcc6b9e4504b7a40>`_)
chore(deps): bump actions/checkout from 3 to 4 (#429)
Bumps actions/checkout from 3 to 4.
updated-dependencies:
dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``a70754d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a70754d602e109538c06e06e59f563953c21ab1b>`_)
Documentation
docs: fix shield in README
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``6a941b1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22>`_)
docs(example): showcase
LicenseChoiceFactory(#428)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c56ec83` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb>`_)
Fix
fix: ship meta files (#434)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``3a1a8a5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38>`_)
v4.2.1 (2023-09-06)
Fix
fix:
LicenseChoiceFactory.make_from_string()prioritize SPDX id over expression (#427)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``e1bdfdd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9>`_)
v4.2.0 (2023-09-06)
Chore
chore(deps): bump python-semantic-release/python-semantic-release (#423)
Bumps python-semantic-release/python-semantic-release from 8.0.7 to 8.0.8.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``13e441d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/13e441d581e2c419b46719148078155d44786e52>`_)
Feature
feat: complete SPDX license expression (#425)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``e06f9fd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a>`_)
v4.1.0 (2023-08-27)
Chore
chore: migrate to python-semantic-release8 (#421)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``14c501c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/14c501c1133c747e1a7dad6df8cad01a03f71a20>`_)
chore: migrate to python-semantic-release8 (#420)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``0e35d88` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e35d88b329bebe05f19748a23a31abf6295c933>`_)
chore: migrate to python-semantic-release8 (#419)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``adf5a36` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/adf5a3668c7c9aa3e0478fd1eabf3b3163fae691>`_)
chore(deps-dev): bump distlib from 0.3.6 to 0.3.7 (#412)
Bumps distlib from 0.3.6 to 0.3.7.
updated-dependencies:
dependency-name: distlib dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``bc9f01d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bc9f01dd90688ef57f755d1b8ca5c5f7739d9d5d>`_)
chore(deps-dev): bump pluggy from 1.0.0 to 1.2.0 (#413)
Bumps pluggy from 1.0.0 to 1.2.0.
updated-dependencies:
dependency-name: pluggy dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``be8af3e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/be8af3e950d3908179e0f194132222bd04310c36>`_)
chore(deps-dev): bump typed-ast from 1.5.4 to 1.5.5 (#411)
Bumps typed-ast from 1.5.4 to 1.5.5.
updated-dependencies:
dependency-name: typed-ast dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``75302b1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/75302b1de9ad9245327fa3b09181c7ff381fefe8>`_)
chore(deps-dev): bump lxml from 4.9.2 to 4.9.3 (#405)
Bumps lxml from 4.9.2 to 4.9.3.
updated-dependencies:
dependency-name: lxml dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``6aa057b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6aa057bb2f0e3804e57b799fd9c3f969fb328fb7>`_)
chore(deps-dev): bump mypy from 1.4.0 to 1.4.1 (#400)
Bumps mypy from 1.4.0 to 1.4.1.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``54d6a1a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/54d6a1a676d0d9715acd0d9275410b95bd9b82cf>`_)
Ci
ci: streamline concurrency for deploy (#406)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``6a7ddfa` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a7ddfa635995f5dbb849ba5141dcb19a70db0ea>`_)
ci: run examples on prod-deps only (#402)
ci: run examples on prod-deps only
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
ci: simplify ci
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``cf40048` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf40048f00d4d9a70306ee414ebf5a1f970c6a70>`_)
ci: run examples (#401)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``058f386` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/058f38609453ec738d9cdaa01cbed1b22066cc77>`_)
Documentation
docs(examples): showcase shorthand dependency management (#403)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``8b32efb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a>`_)
Feature
feat: programmatic access to library's version (#417)
adds cyclonedx.__version__
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``3585ea9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604>`_)
v4.0.1 (2023-06-28)
Chore
chore(deps): bump python-semantic-release/python-semantic-release (#393)
Bumps python-semantic-release/python-semantic-release from 7.33.2 to 7.34.6.
updated-dependencies:
dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``2180d31` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2180d31e21736f535745878d2459ba6603b2b0d3>`_)
chore(deps-dev): bump mypy from 1.3.0 to 1.4.0 (#395)
chore(deps-dev): bump mypy from 1.3.0 to 1.4.0
Bumps mypy from 1.3.0 to 1.4.0.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
style: ignore type confusion
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``ab36db4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ab36db4a77e4a343f8699726c438e5b5233badbe>`_)
chore(deps): bump filelock from 3.10.7 to 3.12.2 (#394)
Bumps filelock from 3.10.7 to 3.12.2.
updated-dependencies:
dependency-name: filelock dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``90b339b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/90b339b34c3afeb11d1044d9dd3fcb3feea47327>`_)
chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 (#390)
Bumps coverage from 7.2.6 to 7.2.7.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``638d472` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/638d472d474f286c3adff6e35b5ea354ef140153>`_)
chore(deps-dev): bump xmldiff from 2.6.1 to 2.6.3 (#388)
Bumps xmldiff from 2.6.1 to 2.6.3.
updated-dependencies:
dependency-name: xmldiff dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``b5fa67c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5fa67c50216029af16d0643d6032e4a8bcde5e4>`_)
chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 (#387)
Bumps coverage from 7.2.5 to 7.2.6.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``c49c320` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c49c3203b3afc41e44355b403c2b495a322e4d8a>`_)
chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 (#385)
Bumps mypy from 1.2.0 to 1.3.0.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``bb6d8bc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6d8bcdec1c10ca143396818d7605cc2f3277a6>`_)
chore(deps-dev): bump xmldiff from 2.5 to 2.6.1 (#375)
Bumps xmldiff from 2.5 to 2.6.1.
updated-dependencies:
dependency-name: xmldiff dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``27b9ec5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/27b9ec57a48bcb0c29499df8e915b956c7b06b50>`_)
chore(deps-dev): bump mypy from 1.1.1 to 1.2.0 (#372)
Bumps mypy from 1.1.1 to 1.2.0.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``5e5a8c2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5e5a8c25979dc0769048d36abba5b1623b797f2e>`_)
chore(deps-dev): bump coverage from 7.2.2 to 7.2.5 (#383)
Bumps coverage from 7.2.2 to 7.2.5.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``b288d94` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b288d9406ff592c1f12be82746ccf7fd527413d7>`_)
chore(deps): update poetry and other dependency versions (#369)
update packageurl type hints
Signed-off-by: gruebel <anton.gruebel@gmail.com>
lower bound packageurl-python dependency
Signed-off-by: gruebel <anton.gruebel@gmail.com>
update deps.lowest.r
Signed-off-by: gruebel <anton.gruebel@gmail.com>
Signed-off-by: gruebel <anton.gruebel@gmail.com> (``aa5b936` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa5b936f17c5a9840a0f436b8d4540439cf4c0a5>`_)
chore: CI/QA/Build meintenance (#358)
build: streamlined ci and builds
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
chore: upgrade lockfile with poetry1.4
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
removed extra brace
Signed-off-by: Paul Horton <paul.horton@owasp.org>
fixed long line
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Paul Horton <paul.horton@owasp.org> (``9779af0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9779af02f5f3cd99fe3e1a088f5547f4991b05b7>`_)
chore: followup of #340 (#360)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``723ae8e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/723ae8e4ddbffc4851c10f64692e7265973ef730>`_)
chore: prevent dev-lowest-lockfile from dependency bumps (#359)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``16870f4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/16870f4119865b549172cc76588ca1aa7ce00357>`_)
chore: manually craft more accurate CHANGELOG for
4.0.0
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``32ce3a2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ce3a2ca018b8afcfcb101cad8fac80c547ddc5>`_)
Ci
ci: cannot use variables in
uses
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``2371a1b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2371a1bdc39c85ee65e43ac8bb22cae1b199385e>`_)
ci: cannot use variables in
uses
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``aa0eab1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa0eab134c85e7501134f8a417c34e430abc7101>`_)
ci: add concurrency rules (#361)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f65d646` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f65d64699a48bd6fe540c7503491ce29b1ce38d1>`_)
Documentation
docs(examples): README (#399)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``1d262ba` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647>`_)
docs: add exaple how to build and serialize (#397)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``65e22bd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa>`_)
Fix
fix: conditional warning if no root dependencies were found (#398)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``c8175bb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb>`_)
Unknown
4.0.1
Automatically generated by python-semantic-release (``4a72f51` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715>`_)
Add missing space in warning message. (#364)
Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> (``dad0d28` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04>`_)
v4.0.0 (2023-03-20)
Breaking
feat: Release 4.0.0 #341)
Highlights of this release include:
Support for De-serialization from JSON and XML to this Pythonic Model
Deprecation of Python 3.6 support
Support for Python 3.11
Support for
BomLinkSupport VEX without needing
Componentin the sameBomSupport for
serviceshavingdependencies
BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed.
Signed-off-by: Paul Horton <paul.horton@owasp.org>
feat: support VEX without Components in the same BOM
BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component
Signed-off-by: Paul Horton <paul.horton@owasp.org>
feat: support VEX without Components in the same BOM
BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component
Signed-off-by: Paul Horton <paul.horton@owasp.org>
feat: allow version of BOM to be defined
feat: allow serial_number of BOM to be prescribed
feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx Signed-off-by: Paul Horton <paul.horton@owasp.org>
chore: fix release workflow
chore: editorconfig
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
feat: support for deserialization from JSON and XML (#290)
BREAKING CHANGE:
feat: drop Python 3.6 support
Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com>
fix: update
serializableto include XML safety changes
Signed-off-by: Paul Horton <paul.horton@owasp.org>
feat: Support for Python 3.11 (#349)
feat: officially test and support Python 3.11
Signed-off-by: Paul Horton <paul.horton@owasp.org>
removed unused imports
Signed-off-by: Paul Horton <paul.horton@owasp.org>
bump
poetryto1.1.12in CI
Signed-off-by: Paul Horton <paul.horton@owasp.org>
fix: remove
tomlas dependency as not used and seems to be breaking Python 3.11 CI
Signed-off-by: Paul Horton <paul.horton@owasp.org>
fix: removed
types-tomlfrom dependencies - not used
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Signed-off-by: Paul Horton <paul.horton@owasp.org>
fix: removed
autopep8in favour offlake8as both have conflicting dependencies now
Signed-off-by: Paul Horton <paul.horton@owasp.org>
chore: bump dev dependencies
fix: removed setuptools as dependency
Signed-off-by: Paul Horton <paul.horton@owasp.org>
tests: compoennt versions optional (#350)
chore: exclude
venv*from QA; add typing to QA
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
tests: component versions are optional
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
doc: doc updates for new deserialization feature
Signed-off-by: Paul Horton <paul.horton@owasp.org>
doc: doc updates for contribution
Signed-off-by: Paul Horton <paul.horton@owasp.org>
Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> (``8fb1b14` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757>`_)
Chore
chore(deps): bump relekang/python-semantic-release from 7.31.2 to 7.33.1 (#345)
Bumps relekang/python-semantic-release from 7.31.2 to 7.33.1.
updated-dependencies:
dependency-name: relekang/python-semantic-release dependency-type: direct:production update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``a011d89` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a011d89ce6cee9e56bcfcc9a9338fa1e559721f7>`_)
chore: package manifest fix link to homepage and documentation (#291)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f2350b4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f2350b4e2b0fb7668ca987e523c53acb6ac6fefb>`_)
Unknown
4.0.0
Automatically generated by python-semantic-release (``40fbfda` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b>`_)
v3.1.5 (2023-01-12)
Chore
chore: do not ship exra LICENSE file (#339)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``b7f1028` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7f1028156de8d1e14a391d84d24aa697814902a>`_)
Fix
fix: mak test's schema paths relative to
cyclonedxpackage (#338)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``1f0c05f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986>`_)
Unknown
3.1.5
Automatically generated by python-semantic-release (``ba603cf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c>`_)
v3.1.4 (2023-01-11)
Chore
chore: add Jan Kowalleck as a maintainer
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7aae26d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7aae26d09c8c0d6976f10d94c2bfbd4cb8f11a0b>`_)
Fix
fix(tests): include tests in
sdistbuilds (#337)feat: include
testsinsdistbuilds for #336delete unexpected
DS_Storefile
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``936ad7d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab>`_)
Test
test: mock
ThisTool.versionfor constisten results (#335)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``57a9e5e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/57a9e5e4f5b1eb785984be9d5a35aac60315232d>`_)
Unknown
3.1.4
Automatically generated by python-semantic-release (``0b19294` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61>`_)
v3.1.3 (2023-01-07)
Fix
fix: serialize dependency graph for nested components (#329)
tests: regression tests for issue #328
fix: for issue #328
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``fb3f835` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927>`_)
Test
test: tidy up test beds (#333)
test: consolidate imports
test: recreate all fixtures
test: docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``ab862e7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ab862e79b72b808693e2ec7f6fe1fa3e99cae011>`_)
Unknown
3.1.3
Automatically generated by python-semantic-release (``11a420c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184>`_)
v3.1.2 (2023-01-06)
Chore
chore(deps): bump Gr1N/setup-poetry from 7 to 8 (#326)
Bumps Gr1N/setup-poetry from 7 to 8.
updated-dependencies:
dependency-name: Gr1N/setup-poetry dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``f3af229` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3af22979978f0c38c4c8f48b4271ee6a6c1e1bd>`_)
chore: editorconfig
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``8c75b1b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c75b1ba63c10929c005ea27ebb6f63afa8b9719>`_)
Ci
ci: fix py36 (#320)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``cf9f790` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf9f790e30f5b430ea1ece8916b54323e1cdb5ee>`_)
Documentation
docs: typo
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``539b57a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2>`_)
docs: fix shields (#324)
caused by https://github.com/badges/shields/issues/8671
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``555dad4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0>`_)
docs: fix typo (#318)
Signed-off-by: Roland Weber <rolweber@de.ibm.com> (``63bfb87` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15>`_)
Fix
fix: prevent errors on metadata handling for some specification versions (#330)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``f08a656` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4>`_)
Style
style: split joined path segments (#331)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``493104c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/493104c1bccc669ee55b89a2c360268d36f3f1b7>`_)
Unknown
3.1.2
Automatically generated by python-semantic-release (``0853d14` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f>`_)
clarify sign-off step (#319)
Signed-off-by: Roland Weber <rolweber@de.ibm.com> (``007fb96` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8>`_)
v3.1.1 (2022-11-28)
Chore
chore: CHANGELOG typos (``6c0c174` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6c0c1742d2ea19dfc0284785cf9597b43ef05979>`_)
chore: update CHANGELOG to explain jump from
2.7.1to3.1.0. (``1b8cd12` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8cd12b03adb03451ed8ee4562161bd82a18972>`_)
Fix
fix: type hint for
get_component_by_purlis incorrect
chore: force automated release Signed-off-by: Paul Horton <paul.horton@owasp.org> (``3f20bf0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621>`_)
Unknown
3.1.1
Automatically generated by python-semantic-release (``503955e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c>`_)
Merge pull request #310 from gruebel/fix-method-type-hint
fix: type hint for get_component_by_purl is incorrect (``06037b9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8>`_)
move tests to model bom file
Signed-off-by: gruebel <anton.gruebel@gmail.com> (``4c8a3ab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96>`_)
fix type hint for get_component_by_purl
Signed-off-by: gruebel <anton.gruebel@gmail.com> (``735c05e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae>`_)
v3.1.0 (2022-09-15)
Chore
chore: fix release workflow (``5863622` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/586362272af3f5fd7a11c1c65502bca31d8813eb>`_)
chore: fix poetry in tox
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7f8c668` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f8c668cf152af554dbc5183f275723cd3d472b2>`_)
Feature
feat: out-factor SPDX compund detection
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``fd4d537` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465>`_)
feat: out-factor SPDX compund detection
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``2b69925` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626>`_)
feat: license factories
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``033bad2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043>`_)
Test
test: license factories
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``baf83f9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/baf83f9aebe4cdf38341c2432bf8a97e74db5105>`_)
Unknown
3.1.0
Automatically generated by python-semantic-release (``e52c174` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595>`_)
Merge pull request #305 from CycloneDX/license-factories
feat: add license factories to more easily support creation of License or LicenseChoice from SPDX license strings #304 (``5ff4494` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9>`_)
tests: refactor tests
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``3644f13` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3644f1357ae6b0e1f84e442cd6d9a045fc26fbce>`_)
tests: rebase/fixup poetry lock
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``26817c0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/26817c0089bfd4083ecfb5ce85039c8d75b84606>`_)
Merge pull request #301 from CycloneDX/fix-poetry-in-tox
chore: fix poetry in tox (``92aea8d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea>`_)
remove v3 from CHANGELOG #286 (#287)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7029721` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca>`_)
3.0.0
Automatically generated by python-semantic-release (``69582ff` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1>`_)
v2.7.1 (2022-08-01)
Chore
chore: manual fix release publication
2.7.1
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``b569548` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b56954840ada89c0ba63b4be16e099cd74cc001d>`_)
chore(deps-dev): bump flake8-isort from 4.1.1 to 4.1.2.post0 (#280)
Bumps flake8-isort from 4.1.1 to 4.1.2.post0.
updated-dependencies:
dependency-name: flake8-isort dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``01cb53b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/01cb53b9a29f0dfa35b57d4ac0ac56f2d8778f0a>`_)
chore: resolve hang issue with running isort as pre-commit hook
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``fb25b70` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb25b70c0a3b5a5855332e1c5371219b97beb181>`_)
chore: re-added
isortto pre-commit hooks ran isort
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``051e543` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/051e5436fc5d317286d0d25c8987cf236d20af08>`_)
Ci
ci: change pinned version of python-semantic-release as preventing automated releases
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``6e12be7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6e12be70fb2a71de60428155b4d0ae82fa43ef2d>`_)
Fix
fix: pinned
mypy <= 0.961due to #278
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``d6955cb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954>`_)
fix: properly support nested
componentsandservices#275
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``6597db7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb>`_)
Unknown
Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275
fix: BOM validation fails when Components or Services are nested #275
fix: updated dependencies #271, #270, #269 and #256 (``68a0cdd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b>`_)
Merge branch 'main' into fix/bom-validation-nested-components-isue-275 (``6caee65` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8>`_)
added tests to cover new
Component.get_all_nested_components()method
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``75a77ed` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971>`_)
Revert "chore: re-added
isortto pre-commit hooks"
This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0.
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``5f7f30e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda>`_)
removed tests where services are part of dependency tree - see #277
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``f26862b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366>`_)
aded XML output tests for Issue #275
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``ebef5f2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6>`_)
updated XML output tests
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``356c37e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55>`_)
addressed JSON output for #275 including test addiitions
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``692c005` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9>`_)
v2.7.0 (2022-07-21)
Chore
chore(deps): bump virtualenv from 20.15.0 to 20.15.1 (#255)
Bumps virtualenv from 20.15.0 to 20.15.1.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``d720a5f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d720a5fed662eaf19657d5a2d3f46a9b386d13de>`_)
chore(deps-dev): bump flake8-bugbear from 22.6.22 to 22.7.1 (#259)
Bumps flake8-bugbear from 22.6.22 to 22.7.1.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``1175f60` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1175f603f863bbcdb3d49dd84c66a25a5826c6ea>`_)
chore(deps-dev): bump jsonschema from 4.6.0 to 4.6.1 (#258)
Bumps jsonschema from 4.6.0 to 4.6.1.
updated-dependencies:
dependency-name: jsonschema dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``ddbfabc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddbfabce2487f21ef204674dc5bd8de70c8fd204>`_)
chore(deps-dev): bump lxml from 4.9.0 to 4.9.1 (#257)
Bumps lxml from 4.9.0 to 4.9.1.
updated-dependencies:
dependency-name: lxml dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``f045b7f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f045b7ffcf318652dd8a13b7fe5c61f3b4d81a7b>`_)
chore(deps): bump virtualenv from 20.14.1 to 20.15.0 (#251)
Bumps virtualenv from 20.14.1 to 20.15.0.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``70270a9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/70270a97b481d976eea82bd3c35bbb5055104234>`_)
chore(deps-dev): bump flake8-bugbear from 22.4.25 to 22.6.22 (#252)
Bumps flake8-bugbear from 22.4.25 to 22.6.22.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``c957226` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c957226543b43631d247f3417621668cc824232a>`_)
Feature
feat: support for CycloneDX schema
1.4.2- addsvulnerability.propertiesto the schema (``32e7929` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d>`_)feat: support for CycloneDX schema version
1.4.2Provides support for
vulnerability.properties
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``db7445c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732>`_)
feat: added updated CycloneDX 1.4.2 schemas
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``7fb27ae` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7>`_)
Unknown
2.7.0
Automatically generated by python-semantic-release (``96d155e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b>`_)
v2.6.0 (2022-06-20)
Chore
chore(deps): bump colorama from 0.4.4 to 0.4.5 (#249)
Bumps colorama from 0.4.4 to 0.4.5.
updated-dependencies:
dependency-name: colorama dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``39637ad` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/39637ade2668003c3bf7c22cf40c72bae324d8c1>`_)
Feature
feat: reduce unnessessarry type casting of
set/SortedSet(#203)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``089d971` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa>`_)
Unknown
2.6.0
Automatically generated by python-semantic-release (``8481e9b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e>`_)
v2.5.2 (2022-06-15)
Chore
chore(deps): bump actions/setup-python from 3 to 4 (#247)
Bumps actions/setup-python from 3 to 4.
updated-dependencies:
dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``ddd0144` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddd01446e5fe201bfb0cebeee3c4afb25f54223b>`_)
Fix
fix: add expected lower-than comparators for
OrganizationalEntityandVulnerabilityCredits(#248)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``0046ee1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e>`_)
Unknown
2.5.2
Automatically generated by python-semantic-release (``fb9a796` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6>`_)
v2.5.1 (2022-06-10)
Chore
chore(deps-dev): bump mypy from 0.960 to 0.961 (#244)
Bumps mypy from 0.960 to 0.961.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``48ea951` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/48ea951c92f0b944e5aae2cd1cfd299b02fb4322>`_)
Fix
fix: add missing
Vulnerabilitycomparator for sorting (#246)
Partial fix for #245.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``c3f3d0d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f>`_)
Unknown
2.5.1
Automatically generated by python-semantic-release (``1ea5b20` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c>`_)
v2.5.0 (2022-06-10)
Build
build: move typing to dev-dependencies
Move types-setuptools and types-toml to dev-dependencies (#226)
Signed-off-by: Adam Johnson <me@adamj.eu> (``0e2376b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4>`_)
Chore
chore(deps-dev): bump jsonschema from 4.5.1 to 4.6.0 (#242)
Bumps jsonschema from 4.5.1 to 4.6.0.
updated-dependencies:
dependency-name: jsonschema dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``32af991` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/32af991c8f69c7f9f2f06b68c014bc7af0498d5d>`_)
chore(deps-dev): bump lxml from 4.8.0 to 4.9.0 (#241)
Bumps lxml from 4.8.0 to 4.9.0.
updated-dependencies:
dependency-name: lxml dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``6d5189e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6d5189e4612126a2fcc72ffe77857ab6fbea25bc>`_)
chore(deps-dev): bump mypy from 0.942 to 0.960 (#230)
Bumps mypy from 0.942 to 0.960.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``88d9d8b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/88d9d8b7ff18f495a0767e3ed9f37783030ca45d>`_)
chore(deps): bump types-setuptools from 57.4.12 to 57.4.17 (#238)
Bumps types-setuptools from 57.4.12 to 57.4.17.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``3d011ab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d011ab8f46a3486e1f0dc2a4bb099f7e68f31dd>`_)
chore(deps): bump types-setuptools from 57.4.12 to 57.4.17 (#237)
Bumps types-setuptools from 57.4.12 to 57.4.17.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``a1d1bae` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1d1bae1e5a1e3fdabba3082b3f1a94e3265312d>`_)
chore(deps): bump typed-ast from 1.5.2 to 1.5.4 (#232)
Bumps typed-ast from 1.5.2 to 1.5.4.
updated-dependencies:
dependency-name: typed-ast dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``866f9ac` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/866f9ac4e4f270fd24b04766aa0082dac6116359>`_)
chore(deps-dev): bump jsonschema from 4.4.0 to 4.5.1 (#221)
Bumps jsonschema from 4.4.0 to 4.5.1.
updated-dependencies:
dependency-name: jsonschema dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``c65ce28` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c65ce284d602b9218464cc8b2cfbcff6b13aa910>`_)
Ci
ci: fix run with lowest compat dependencies (#240)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a4596c8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4596c8023553a15e33b45e84142e4ef27591b6a>`_)
ci: pin GH-action
semantic-releaseto v7.28.1 (#234)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``91e1297` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/91e12971bf90fffb5b440b2acc74a3f8614932bd>`_)
Documentation
docs: fix typo "This is out" -> "This is our"
Fix typo in comments: "This is out" -> "This is our" (#233)
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``ef0278a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641>`_)
Feature
feat: use
SortedSetin model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``8a1c404` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df>`_)
Test
test: tests calculate versions if needed
Don't hardcode component version in test (#229)
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``7b3ce65` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7b3ce65f92ff6009a1e29d4938eac5ea664b2538>`_)
Unknown
2.5.0
Automatically generated by python-semantic-release (``c820423` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28>`_)
Merge pull request #235 from RodneyRichardson/use-sorted-set
feat: use SortedSet in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson (``c43f6d8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792>`_)
Merge branch 'CycloneDX:main' into use-sorted-set (``1b8ac25` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0>`_)
Fix SortedSet type hints for python < 3.8
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``71eeb4a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d>`_)
Fix line length warning.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``e9ee712` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6>`_)
Fix more type hints for python < 3.8
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``f042bce` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3>`_)
Fix SortedSet type hints for python < 3.8
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``2e283ab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678>`_)
Fix type hint on ComparableTuple
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``43ef908` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429>`_)
Sort usings.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``8f86c12` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93>`_)
Fix sonatype-lift warnings
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``f1e92e3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c>`_)
Fix warnings.
Change tuple -> Tuple Fix Diff initialization Add sorting to AttachedText
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``2b47ff6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e>`_)
Reduce sortedcontainers.pyi to only the functions used.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``ef0fbe2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda>`_)
Remove flake8 warnings
Remove unused imports and trailing whitespace. Sort usings in pyi file.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``41d1bee` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba>`_)
Add type hints for SortedSet
Fix use of set/Set.
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``df0f554` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e>`_)
Replace object type hint in lt with Any
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``ec22f68` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe>`_)
Make reorder() return type explicit List (as flagged by sonatype-lift bot)
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``695ee86` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c>`_)
Use SortedSet in model to improve reproducibility
Added __lt__() to all model classes used in SortedSet, with tests
Explicitly declared Enums as (str, Enum) to allow sorting
Added dependency to sortedcollections package
Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> (``368f522` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b>`_)
v2.4.0 (2022-05-17)
Chore
chore(deps): bump virtualenv from 20.14.0 to 20.14.1 (#208)
Bumps virtualenv from 20.14.0 to 20.14.1.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``04f3671` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/04f3671de036b340faf18170603fad32095771cb>`_)
chore(deps-dev): bump tox from 3.24.5 to 3.25.0 (#209)
Bumps tox from 3.24.5 to 3.25.0.
updated-dependencies:
dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``8eee5d3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8eee5d354c3ee640bbc773d315f1c17e1a8334fd>`_)
chore(deps): bump types-toml from 0.10.4 to 0.10.7 (#222)
Bumps types-toml from 0.10.4 to 0.10.7.
updated-dependencies:
dependency-name: types-toml dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``5d19805` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d19805c4e0568d4fc0894ed0b9d7cb3b99e219b>`_)
chore(deps-dev): bump flake8-bugbear from 22.3.23 to 22.4.25 (#220)
Bumps flake8-bugbear from 22.3.23 to 22.4.25.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``de7f4aa` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/de7f4aae0378c6475d65ac9ec2303155d4062591>`_)
Feature
feat(deps): remove unused
typing-extensionsconstraints
PullRequest and details via #224
Signed-off-by: gruebel <anton.gruebel@gmail.com> (``2ce358a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93>`_)
Unknown
2.4.0
Automatically generated by python-semantic-release (``4874354` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738>`_)
revert
types-tomlon lowest setup (``32ece98` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821>`_)
v2.3.0 (2022-04-20)
Feature
feat: add support for Dependency Graph in Model and output serialisation
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``ea34513` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333>`_)
Unknown
2.3.0
Automatically generated by python-semantic-release (``5c1047a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8>`_)
Merge pull request #210 from CycloneDX/feat/support-bom-dependencies
feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) (``938169c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842>`_)
Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast
no cast (``2551545` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994>`_)
no cast
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``dec3b70` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2>`_)
update to use
Setoperators (more Pythonic)
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``f01665e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc>`_)
missing closing
>inBomRef.__repr__
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``2c7c4be` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3>`_)
removed unnecessary condition -
self.get_bom().componentsis always aSet
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``5eb5669` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3>`_)
added additional tests to validate Component in Metadata is properly represented in Dependency Graph
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``b8d526e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99>`_)
adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``c605f2b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac>`_)
updates based on feedback from @jkowalleck
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``04511f3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4>`_)
Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies (``8fb408c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4>`_)
doc: updated docs to reflect support for Dependency Graph
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``a680544` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834>`_)
updated file hash in test
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``56f3d5d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e>`_)
removed unused import
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``61c3338` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561>`_)
doc: updated docs to reflect support for Dependency Graph
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``3df017f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59>`_)
updated file hash in test
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``449cb1e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320>`_)
removed unused import
Signed-off-by: Paul Horton <paul.horton@owasp.org> (``f487c4a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973>`_)
v2.2.0 (2022-04-12)
Chore
chore(deps): bump actions/upload-artifact from 2 to 3 (#204)
Bumps actions/upload-artifact from 2 to 3.
updated-dependencies:
dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``dad8538` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad8538797352e1f2d0bb322b2df007370da19be>`_)
chore(deps): bump types-setuptools from 57.4.11 to 57.4.12 (#205)
Bumps types-setuptools from 57.4.11 to 57.4.12.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``eae598a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eae598adca14eaa7125ab8bc6a2af4b213cdbd5c>`_)
Ci
ci: introduce
timeout-minutesand dropdependabotbranches for CI #206
Signed-off-by: Paul Horton <phorton@sonatype.com> (``e5b426f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e5b426f0287e75f8c9c2b0937cebaab13dc069a5>`_)
Feature
feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: https://github.com/CycloneDX/specification/issues/122
Signed-off-by: Paul Horton <phorton@sonatype.com> (``bd2e756` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3>`_)
feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see:
Signed-off-by: Paul Horton <phorton@sonatype.com> (``bd6a088` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e>`_)
Unknown
2.2.0
Automatically generated by python-semantic-release (``67ecfac` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f>`_)
Merge pull request #207 from CycloneDX/feat/update-schemas
feat: Update CycloneDX Schemas to latest patch versions (``2c55cb5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59>`_)
mark schema files as vendored
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a9c3e77` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232>`_)
Merge pull request #191 from CycloneDX/feat/pre-commit-hooks
[DEV] Add pre-commit hooks (``91ceeb1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5>`_)
v2.1.1 (2022-04-05)
Chore
chore: shield icons in README (``87c490e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/87c490e883f1c68a96233ca6d83e641481fb83a4>`_)
Fix
fix: prevent error if
versionnot set
Signed-off-by: Paul Horton <phorton@sonatype.com> (``b9a84b5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3>`_)
Unknown
2.1.1
Automatically generated by python-semantic-release (``f78d608` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c>`_)
Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193
fix: version being optional in JSON output can raise error (``6f7e09a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154>`_)
v2.1.0 (2022-03-28)
Chore
chore(deps): bump virtualenv from 20.13.4 to 20.14.0 (#200)
Bumps virtualenv from 20.13.4 to 20.14.0.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``6ccb637` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ccb63789fdc49c2b0b7f1349f4a4f168951ed73>`_)
chore(deps-dev): bump mypy from 0.941 to 0.942 (#199)
Bumps mypy from 0.941 to 0.942.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``51dadb9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/51dadb9ded4a49a9ad6e22dd689cbfbbe04547aa>`_)
chore(deps-dev): bump flake8-bugbear from 22.1.11 to 22.3.23 (#201)
Bumps flake8-bugbear from 22.1.11 to 22.3.23.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``4f9f169` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f9f1693950caecdd6b01c25c2b47c7940f703b5>`_)
chore(deps): bump types-setuptools from 57.4.10 to 57.4.11 (#197)
Bumps types-setuptools from 57.4.10 to 57.4.11.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``8f4db6b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f4db6b99b1213949c69605019e468ca9598a8e0>`_)
chore(deps-dev): bump mypy from 0.940 to 0.941 (#195)
Bumps mypy from 0.940 to 0.941.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``8012c29` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8012c299634537340a061e9b1b3ad60071fd7c13>`_)
chore(deps): bump virtualenv from 20.13.3 to 20.13.4 (#196)
Bumps virtualenv from 20.13.3 to 20.13.4.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``f94bb64` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f94bb64f5216eb8de8f032368e3c73f914e0b737>`_)
chore(deps): bump testfixtures from 6.18.4 to 6.18.5 (#187)
Bumps testfixtures from 6.18.4 to 6.18.5.
updated-dependencies:
dependency-name: testfixtures dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``3b92776` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3b92776d75ea0e75f5b41bdfb69b78851e0ffc52>`_)
chore(deps): bump types-setuptools from 57.4.9 to 57.4.10 (#188)
Bumps types-setuptools from 57.4.9 to 57.4.10.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``dcfaf21` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dcfaf21f27fd490277de01eb0eb9b59a522d5353>`_)
chore(deps): bump virtualenv from 20.13.2 to 20.13.3 (#189)
Bumps virtualenv from 20.13.2 to 20.13.3.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``e71e5b3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e71e5b3a46cb6c5c915d9b31eb8e0e815c511a3d>`_)
chore(deps-dev): bump mypy from 0.931 to 0.940 (#192)
Bumps mypy from 0.931 to 0.940.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9fce6bf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9fce6bf853032de9b2eec1f2b20341c8fbe6f639>`_)
chore: added autopep8 to pre-commit and clarified command in CONTRIBUTING for performance
Signed-off-by: Paul Horton <phorton@sonatype.com> (``5dafb1c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5dafb1c88208caccaf82fc5abea41df0d295d5a4>`_)
chore: first pass pre-commit config
Signed-off-by: Paul Horton <phorton@sonatype.com> (``fd6ab7a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd6ab7ab2136c4afd8169fc97e0ee6ecbbef56a7>`_)
chore: added documentation to CONTRIBUTING guidelines
Signed-off-by: Paul Horton <phorton@sonatype.com> (``67cefe1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/67cefe1e5f9eb3bdb1d07c29e1ea351937c15bc0>`_)
chore(deps): bump actions/checkout from 2 to 3 (#184)
Bumps actions/checkout from 2 to 3.
updated-dependencies:
dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``a3ed3c7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3ed3c712a8a85361a59522efc356ab5194b0999>`_)
chore(deps): bump actions/setup-python from 2 to 3 (#183)
Bumps actions/setup-python from 2 to 3.
updated-dependencies:
dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``ee79ffa` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee79ffaaa6155f6890379a847b49a805c1ee7202>`_)
chore: dependabot prefix
chore, not eco-system (``c96cea4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c96cea47f855add5edf2707305ef7b671da7db39>`_)chore: make isort and flake8-isort available
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``b211de5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b211de50b92393e653b9a9f907c66a81b016d870>`_)
chore: poetry(deps): bump pyparsing from 3.0.6 to 3.0.7 (#140)
Bumps pyparsing from 3.0.6 to 3.0.7.
updated-dependencies:
dependency-name: pyparsing dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``1bdb798` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1bdb7987a86af967d5a883626346f217a243bfda>`_)
chore: poetry(deps): bump types-setuptools from 57.4.7 to 57.4.9 (#168)
Bumps types-setuptools from 57.4.7 to 57.4.9.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``48c3f99` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/48c3f997abf2560b648d85b907c001879e063551>`_)
chore: poetry(deps): bump filelock from 3.4.0 to 3.4.1 (#116)
Bumps filelock from 3.4.0 to 3.4.1.
updated-dependencies:
dependency-name: filelock dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``17f1a5f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/17f1a5f8555675913ea09318848dd28ce96d1c3c>`_)
chore: poetry(deps): bump attrs from 21.2.0 to 21.4.0 (#113)
Bumps attrs from 21.2.0 to 21.4.0.
updated-dependencies:
dependency-name: attrs dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``3c39ae5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c39ae5f7435b4e0240e674e47283ac3beb9f2b8>`_)
chore: poetry(deps): bump typed-ast from 1.5.1 to 1.5.2 (#144)
Bumps typed-ast from 1.5.1 to 1.5.2.
updated-dependencies:
dependency-name: typed-ast dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``ac5809e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac5809e93a3a5c54b04c75bd959216a4b21095ff>`_)
chore: poetry(deps): bump packageurl-python from 0.9.6 to 0.9.9 (#177)
Bumps packageurl-python from 0.9.6 to 0.9.9.
updated-dependencies:
dependency-name: packageurl-python dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``4bfba14` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4bfba14bfacca773fd2e949e327f94b794fdef0b>`_)
chore: poetry(deps): bump virtualenv from 20.13.1 to 20.13.2 (#181)
Bumps virtualenv from 20.13.1 to 20.13.2.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``20e3368` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/20e3368f35e28187f41ac0652384ea2104d45e35>`_)
Feature
feat: output errors are verbose
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``bfe8fb1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0>`_)
Fix
fix:
versionbeing optional in JSON output can raise error
Signed-off-by: Paul Horton <phorton@sonatype.com> (``ba0c82f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482>`_)
Style
style: sorted all imports
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``4780a84` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4780a84979d213d6ce6d9527945d532cbd6a8ceb>`_)
Unknown
2.1.0
Automatically generated by python-semantic-release (``c58f8f8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404>`_)
Merge pull request #198 from CycloneDX/verbose_outout_errors
fix: improved output errors - file/directory is now included (``4618c62` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a>`_)
updated to be more pythonic
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a1bbf00` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e>`_)
doc: added CONTRIBUTING to public docs doc: included pre-commit hooks in CONTRIBUTING
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f38215f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd>`_)
Merge pull request #182 from CycloneDX/sort-imports
style: sort imports (``aa37e56` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b>`_)
v2.0.0 (2022-02-21)
Breaking
feat: bump dependencies
BREAKING CHANGE: Adopt PEP-3102
BREAKING CHANGE: Optional Lists are now non-optional Sets
BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version
BREAKING CHANGE: Added BomRef data type
Signed-off-by: Paul Horton <phorton@sonatype.com> (``da3f0ca` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09>`_)
Chore
chore: poetry(deps): bump virtualenv from 20.13.0 to 20.13.1 (#167)
Bumps virtualenv from 20.13.0 to 20.13.1.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``9e80258` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e802582bd9b9bdd0e1e91a0af551d3f2190fb5e>`_)
chore: poetry(deps): bump types-toml from 0.10.3 to 0.10.4 (#166)
Bumps types-toml from 0.10.3 to 0.10.4.
updated-dependencies:
dependency-name: types-toml dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``02449f6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/02449f6102e49f9e2425ab4e5b050f38832e6ba9>`_)
chore: bump dependencies
Signed-off-by: Paul Horton <phorton@sonatype.com> (``6c280e7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6c280e7794466ad9b6f1ce5eb985035bea21eaaa>`_)
Feature
feat: completed work on #155 (#172)
fix: resolved #169 (part of #155) feat: as part of solving #155, #147 has been implemented
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a926b34` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31>`_)
feat: support complete model for
bom.metadata(#162)feat: support complete model for
bom.metadatafix: JSON comparison in unit tests was broken chore: corrected some source license headers
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2938a6c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165>`_)
feat: support for
bom.externalReferencesin JSON and XML #124
Signed-off-by: Paul Horton <phorton@sonatype.com> (``1b733d7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5>`_)
feat: Complete support for
bom.components(#155)fix: implemented correct
__hash__methods in models (#153)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``32c0139` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61>`_)
feat: support services in XML BOMs feat: support nested services in JSON and XML BOMs
Signed-off-by: Paul Horton <phorton@sonatype.com> (``9edf6c9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e>`_)
Fix
fix:
license_urlnot serialised in XML output #179 (#180)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f014d7c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92>`_)
fix:
Component.bom_refis not Optional in our model implementation (in the schema it is) - we generate a UUID ifbom_refis not supplied explicitly
Signed-off-by: Paul Horton <phorton@sonatype.com> (``5c954d1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c>`_)
fix: temporary fix for
__hash__of Component withproperties#153
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a51766d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50>`_)
fix: further fix for #150
Signed-off-by: Paul Horton <phorton@sonatype.com> (``1f55f3e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6>`_)
fix: regression introduced by first fix for #150
Signed-off-by: Paul Horton <phorton@sonatype.com> (``c09e396` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276>`_)
fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150
Signed-off-by: Paul Horton <phorton@sonatype.com> (``70d25c8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1>`_)
fix:
expressionnot supported in Component Licsnes for version 1.0
Signed-off-by: Paul Horton <phorton@sonatype.com> (``15b081b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72>`_)
Test
test: refactor to work on PY < 3.10
Signed-off-by: Paul Horton <phorton@sonatype.com> (``0ce5de6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0ce5de6a223e10161a8b864d0115e95d849d5e87>`_)
test: refactored fixtures for tests which has uncovered #150, #151 and #152
Signed-off-by: Paul Horton <phorton@sonatype.com> (``df43a9b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/df43a9bff4b8360234bf50058ded82e44e2df082>`_)
Unknown
2.0.0
Automatically generated by python-semantic-release (``a4af3dc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8>`_)
Merge pull request #148 from CycloneDX/feat/add-bom-services (``631e400` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca>`_)
Merge branch 'main' into feat/add-bom-services (``9a32351` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a>`_)
doc: added RTD badge to README
Signed-off-by: Paul Horton <phorton@sonatype.com> (``b20d9d1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e>`_)
implemented
__str__forBomRef
Signed-off-by: Paul Horton <phorton@sonatype.com> (``670bde4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227>`_)
Continuation of #170 - missed updating Vulnerability to use
BomRef(#175)BREAKING CHANGE: added new model
BomRefunlocking logic later to ensure uniquness and dependency references
Signed-off-by: Paul Horton <phorton@sonatype.com>
updated Vulnerability to also use new
BomRefmodel
Signed-off-by: Paul Horton <phorton@sonatype.com> (``0d82c01` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0>`_)
BREAKING CHANGE: added new model
BomRefunlocking logic later to ensure uniquness and dependency references (#174)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``d189f2c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d>`_)
BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``020fcf0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c>`_)
BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``9b6ce4b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048>`_)
BREAKING CHANGE: update models to use
Setrather thanList(#160)BREAKING CHANGE: update models to use
SetandIterablerather thanList[..]BREAKING CHANGE: update final models to use@propertywip
Signed-off-by: Paul Horton <phorton@sonatype.com> (``142b8bf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd>`_)
removed unnecessary calls to
hash()in__hash__()methods as pointed out by @jkowalleck
Signed-off-by: Paul Horton <phorton@sonatype.com> (``0f1fd6d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175>`_)
BREAKING CHANGE: adopted PEP-3102 for model classes (#158)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``b3c8d9a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82>`_)
doc: added page to docs to call out which parts of the specification this library supports
Signed-off-by: Paul Horton <phorton@sonatype.com> (``41a4be0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f>`_)
attempt to resolve Lift finding
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2090c08` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601>`_)
removed unused imports
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a35d540` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6>`_)
WIP on
bom.servicesWIP but a lil hand up for @madpah
Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com>
chore: added missing license header
Signed-off-by: Paul Horton <phorton@sonatype.com>
No default values for required fields
Add Services to BOM
Typo fix
aligned classes with standards, commented out Signature work for now, added first tests for Services
Signed-off-by: Paul Horton <phorton@sonatype.com>
addressed standards
Signed-off-by: Paul Horton <phorton@sonatype.com>
1.2.0
Automatically generated by python-semantic-release
Signed-off-by: Paul Horton <phorton@sonatype.com>
feat:
bom-reffor Component and Vulnerability default to a UUID (#142)feat:
bom-reffor Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141
Signed-off-by: Paul Horton <phorton@sonatype.com>
doc: updated documentation to reflect change
Signed-off-by: Paul Horton <phorton@sonatype.com>
patched other tests to support UUID for bom-ref
Signed-off-by: Paul Horton <phorton@sonatype.com>
better syntax
Signed-off-by: Paul Horton <phorton@sonatype.com>
1.3.0
Automatically generated by python-semantic-release
Signed-off-by: Paul Horton <phorton@sonatype.com>
WIP but a lil hand up for @madpah
Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> Signed-off-by: Paul Horton <phorton@sonatype.com>
chore: added missing license header
Signed-off-by: Paul Horton <phorton@sonatype.com>
aligned classes with standards, commented out Signature work for now, added first tests for Services
Signed-off-by: Paul Horton <phorton@sonatype.com>
removed signature from this branch
Signed-off-by: Paul Horton <phorton@sonatype.com>
Add Services to BOM
Typo fix
addressed standards
Signed-off-by: Paul Horton <phorton@sonatype.com>
resolved typing issues from merge
Signed-off-by: Paul Horton <phorton@sonatype.com>
added a bunch more tests for JSON output
Signed-off-by: Paul Horton <phorton@sonatype.com>
Co-authored-by: Paul Horton <phorton@sonatype.com> Co-authored-by: github-actions <action@github.com> (``b45ff18` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be>`_)
v1.3.0 (2022-01-24)
Feature
feat:
bom-reffor Component and Vulnerability default to a UUID (#142)feat:
bom-reffor Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141
Signed-off-by: Paul Horton <phorton@sonatype.com>
doc: updated documentation to reflect change
Signed-off-by: Paul Horton <phorton@sonatype.com>
patched other tests to support UUID for bom-ref
Signed-off-by: Paul Horton <phorton@sonatype.com>
better syntax
Signed-off-by: Paul Horton <phorton@sonatype.com> (``3953bb6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93>`_)
Unknown
1.3.0
Automatically generated by python-semantic-release (``4178181` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22>`_)
v1.2.0 (2022-01-24)
Feature
feat: add CPE to component (#138)
Added CPE to component
Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component.
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Fixing problems with CPE addition
Fixed styling errors
Added reference to CPE Spec
Adding CPE parameter as last parameter to not break arguments
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Again fixes for Style and CPE reference
Missing in the last commit
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Added CPE as argument before deprecated arguments
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Added testing for CPE addition and error fixing
Added output tests for CPE in XML and JSON
Fixes style error in components
Fixes order for CPE output in XML (CPE has to come before PURL)
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Fixed output tests
CPE was still in the wrong position in one of the tests - fixed
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Fixed minor test fixtures issues
cpe was still in wrong position in 1.2 JSON
Indentation fixed in 1.4 JSON
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com>
Fixed missing comma in JSON 1.2 test file
Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> (``269ee15` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f>`_)
Unknown
1.2.0
Automatically generated by python-semantic-release (``97c215c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2>`_)
v1.1.1 (2022-01-19)
Fix
fix: bump dependencies (#136)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``18ec498` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1>`_)
Unknown
1.1.1
Automatically generated by python-semantic-release (``dec63de` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e>`_)
v1.1.0 (2022-01-13)
Feature
feat: add support for
bom.metadata.component(#118)Add support for metadata component
Part of #6
Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com>
Better docs and simpler ifs
Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> (``1ac31f4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d>`_)
Unknown
1.1.0
Automatically generated by python-semantic-release (``d4007bd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456>`_)
v1.0.0 (2022-01-13)
Chore
chore: attempt to produce manual GitHub action to release a RC version
Signed-off-by: Paul Horton <phorton@sonatype.com> (``3058afc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3058afc42fa632be6a0efb9ef509612d8833e07b>`_)
chore: attempt to produce manual GitHub action to release a RC version
Signed-off-by: Paul Horton <phorton@sonatype.com> (``6799e63` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6799e632d2eb1d3cee0042c2350477a74bcdce83>`_)
chore: disable poetry-cache in gh-workflow (#112)
closes #91
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``42f7952` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/42f7952fad512c84fd0a4d08c564af43d8bc5c87>`_)
chore: removed pdoc3 from main dev dependencies as now covered in docs/requirements.txt
Signed-off-by: Paul Horton <phorton@sonatype.com> (``89d8382` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/89d8382dc0e8bedb129ca0bbbd95922ea104f95c>`_)
chore: isolate dependencies for building documentation (#107)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f2403f6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f2403f66c21e55de552b10c473332a1ea72b25bf>`_)
chore: bump
flake8to v4 and addautopep8(#93)chore: bump
flake8to v4 and addautopep8
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
chore: make pep8 known in the contrib docs
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``6553dbf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6553dbfefcf6865b28b72771a9a08f1387dbdf11>`_)
chore: poetry(deps-dev): bump mypy from 0.910 to 0.920 (#103)
Bumps mypy from 0.910 to 0.920.
updated-dependencies:
dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (``fdd20ca` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fdd20ca4be71be78b578f756f46b44d829a76212>`_)
Unknown
Manually generated release (``3509fb6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674>`_)
Support for CycloneDX schema version 1.4 (#108)
BREAKING CHANGE: Support for CycloneDX 1.4. This includes:
Support for
toolshavingexternalReferencesAllowing
versionfor aComponentto be optional in 1.4Support for
releaseNotesperComponentSupport for the core schema implementation of Vulnerabilities (VEX)
Other changes included in this PR:
Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat)
Fixes to ensure schema is adhered to in 1.0
URI's are now used throughout the library through a new
XsUriclass to provide URI validationDocumentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/)
$schemais now included in JSON BOMsConcrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python
Added reference to release of this library on Anaconda
Signed-off-by: Paul Horton <phorton@sonatype.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Co-authored-by: Paul Horton <phorton@sonatype.com>
Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``7fb6da9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib (``d26970b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78>`_)
Update CONTRIBUTING.md (``4448d9b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388>`_)
v0.12.3 (2021-12-15)
Fix
fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``3677d9f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1>`_)
Unknown
0.12.3
Automatically generated by python-semantic-release (``cfc9d38` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03>`_)
v0.12.2 (2021-12-09)
Fix
fix: tightened dependency
packageurl-python(#95)
fixes #94
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``eb4ae5c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c>`_)
Unknown
0.12.2
Automatically generated by python-semantic-release (``54b9f74` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a>`_)
v0.12.1 (2021-12-09)
Chore
chore: reordered deps & updated poetry lock
Merge pull request #90 from CycloneDX/update-poetry-lock (``d8c7ee2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8c7ee2915c23d22bc49c9d562a052783ea7ea87>`_)
chore: updated poetry lock
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``91b97be` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/91b97bedfa0a22598e9f4e8731bcf7293bc7d57d>`_)
Fix
fix: further loosened dependency definitions
see #44
updated some locked dependencies to latest versions
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``8bef6ec` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034>`_)
Unknown
0.12.1
Automatically generated by python-semantic-release (``43fc36e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c>`_)
v0.12.0 (2021-12-09)
Ci
ci: update to run tox for both our favoured versions of dependencies and lowest supported versions
add tox env for minimal required dependencies
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
try to fix
TypedDicttyping
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
fix: typing definitions to be PY 3.6 compatible
Signed-off-by: Paul Horton <phorton@sonatype.com>
fix: typing definitions to be PY 3.6 compatible
Signed-off-by: Paul Horton <phorton@sonatype.com>
straigtened up
sys.version_infoconstraints/code-branches
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
removed unused type ignores
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
try to fix type variants
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
try to fix type variants
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
typing for py3.6
Signed-off-by: Paul Horton <phorton@sonatype.com>
fixed invalid unittest
Signed-off-by: Paul Horton <phorton@sonatype.com>
typing for py3.6
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
mypy silence
warn_unused_ignores
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
mypy in tox for lowest version is pinned
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Co-authored-by: Paul Horton <phorton@sonatype.com> (``07ebedc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/07ebedcbab1554970496780bb8bf167f6fe4ad5c>`_)
Feature
feat: loosed dependency versions to make this library more consumable
feat: lowering minimum dependency versions
Signed-off-by: Paul Horton <phorton@sonatype.com>
feat: lowering minimum dependency versions
Signed-off-by: Paul Horton <phorton@sonatype.com>
feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library
Signed-off-by: Paul Horton <phorton@sonatype.com>
feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library
Signed-off-by: Paul Horton <phorton@sonatype.com>
feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement
Signed-off-by: Paul Horton <phorton@sonatype.com> (``55f10fb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe>`_)
Unknown
0.12.0
Automatically generated by python-semantic-release (``1a907ea` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6>`_)
Merge pull request #88 from CycloneDX/contributing-file
initial CONTRIBUTING file (``20035bb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74>`_)
initial CONTRIBUTING file
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``6ffe14d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f>`_)
CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0
poetry(deps): bump filelock from 3.3.2 to 3.4.0 (``e144aa2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332>`_)
CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4
poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 (``5fcdcb7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c>`_)
poetry(deps): bump filelock from 3.3.2 to 3.4.0
Bumps filelock from 3.3.2 to 3.4.0.
updated-dependencies:
dependency-name: filelock dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``8d4520e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829>`_)
CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29
poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 (``fc6e3ac` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894>`_)
poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4
Bumps types-setuptools from 57.4.2 to 57.4.4.
updated-dependencies:
dependency-name: types-setuptools dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``00dcbb8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa>`_)
CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2
poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 (``28f9676` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c>`_)
poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29
Bumps flake8-bugbear from 21.9.2 to 21.11.29.
updated-dependencies:
dependency-name: flake8-bugbear dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``1eec2e8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca>`_)
CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2
poetry(deps-dev): bump coverage from 6.1.2 to 6.2 (``bdd9365` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c>`_)
CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6
poetry(deps): bump mako from 1.1.5 to 1.1.6 (``33d3ecc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab>`_)
poetry(deps-dev): bump coverage from 6.1.2 to 6.2
Bumps coverage from 6.1.2 to 6.2.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``be1af9b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1>`_)
DOCS: fix README shields & links (``43b1121` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e>`_)
doc: readme maintenance - shields & links (#72)
README: restructure links
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: add lan to fenced code blocks
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: fix some formatting
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: modernized shields
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: harmonize links
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: add language to code fences
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: markdown fixes
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
README: removed py version shield
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``3d0ea2f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a>`_)
poetry(deps): bump mako from 1.1.5 to 1.1.6
Bumps mako from 1.1.5 to 1.1.6.
updated-dependencies:
dependency-name: mako dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``3344b86` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329>`_)
Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2
poetry(deps): bump filelock from 3.3.1 to 3.3.2 (``3f967b3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed>`_)
FIX: update Conda package parsing to handle
buildcontaining underscore (#66)fix: update conda package parsing to handle
buildcontaining underscore
Signed-off-by: Paul Horton <phorton@sonatype.com>
updated some typings
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2c6020a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43>`_)
poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2
Bumps importlib-metadata from 4.8.1 to 4.8.2.
updated-dependencies:
dependency-name: importlib-metadata dependency-type: direct:production update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``003f6b4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f>`_)
poetry(deps): bump filelock from 3.3.1 to 3.3.2
Bumps filelock from 3.3.1 to 3.3.2.
updated-dependencies:
dependency-name: filelock dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``55022b7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40>`_)
Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0
poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 (``b8acf9f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43>`_)
Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6
poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 (``faa8628` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547>`_)
Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2
poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 (``eba56dc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50>`_)
poetry(deps): bump pyparsing from 3.0.5 to 3.0.6
Bumps pyparsing from 3.0.5 to 3.0.6.
updated-dependencies:
dependency-name: pyparsing dependency-type: indirect update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``4f2b2d8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd>`_)
poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2
Bumps coverage from 6.1.1 to 6.1.2.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch …
Signed-off-by: dependabot[bot] <support@github.com> (``1d0f5ea` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc>`_)
v0.11.1 (2021-11-10)
Fix
fix: constructor for
Vulnerabilityto correctly defineratingsas optional
Signed-off-by: William Woodruff <william@trailofbits.com> (``395a0ec` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a>`_)
Unknown
0.11.1
Automatically generated by python-semantic-release (``a80f87a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510>`_)
FEAT: Support Python 3.10 (#64)
fix: tested with Python 3.10
Signed-off-by: Paul Horton <phorton@sonatype.com>
added trove classifier for Python 3.10
Signed-off-by: Paul Horton <phorton@sonatype.com>
fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``385b835` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0>`_)
poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0
Bumps importlib-resources from 5.3.0 to 5.4.0.
updated-dependencies:
dependency-name: importlib-resources dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``a1dd775` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9>`_)
v0.11.0 (2021-11-10)
Feature
feat: Typing & PEP 561
adde file for type checkers according to PEP 561
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
added static code analysis as a dev-test
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
added the "typed" trove
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
added
flake8-annotationsto the tests
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
added type hints
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
further typing updates
Signed-off-by: Paul Horton <phorton@sonatype.com>
further typing additions and test updates
Signed-off-by: Paul Horton <phorton@sonatype.com>
further typing
Signed-off-by: Paul Horton <phorton@sonatype.com>
further typing - added type stubs for toml and setuptools
Signed-off-by: Paul Horton <phorton@sonatype.com>
further typing
Signed-off-by: Paul Horton <phorton@sonatype.com>
typing work
Signed-off-by: Paul Horton <phorton@sonatype.com>
coding standards
Signed-off-by: Paul Horton <phorton@sonatype.com>
fixed tox and mypy running in correct python version
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
supressed mypy for
cyclonedx.utils.conda.parse_conda_json_to_conda_package
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
fixed type hints
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
fixed some typing related flaws
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
added flake8-bugbear for code analysis
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Co-authored-by: Paul Horton <phorton@sonatype.com> (``9144765` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf>`_)
Unknown
0.11.0
Automatically generated by python-semantic-release (``7262783` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea>`_)
Merge pull request #41 from jkowalleck/improv-abstract
fixed some abstract definitions (``f34e2c2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b>`_)
Merge pull request #42 from jkowalleck/improv-pipenv
slacked pipenv parser (``08bc4ab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c>`_)
Merge pull request #43 from jkowalleck/improv-conda-typehints
fixed typehints/docs in _BaseCondaParser (``931016d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63>`_)
Merge pull request #54 from jkowalleck/create-CODEOWNERS
created CODEOWNERS (``7f28bef` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb>`_)
Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0
poetry(deps): bump py from 1.10.0 to 1.11.0 (``f1cda3c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a>`_)
Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5
poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 (``0525439` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b>`_)
Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0
poetry(deps): bump zipp from 3.5.0 to 3.6.0 (``c54c968` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2>`_)
poetry(deps): bump py from 1.10.0 to 1.11.0
Bumps py from 1.10.0 to 1.11.0.
updated-dependencies:
dependency-name: py dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``330711f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4>`_)
Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1
poetry(deps-dev): bump coverage from 5.5 to 6.1.1 (``fa55e5c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019>`_)
poetry(deps): bump pyparsing from 2.4.7 to 3.0.5
Bumps pyparsing from 2.4.7 to 3.0.5.
updated-dependencies:
dependency-name: pyparsing dependency-type: indirect update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> (``3bedaff` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29>`_)
Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0
poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 (``4c3df85` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747>`_)
CI/CT runs on main & master branch (``2d0df7b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df>`_)
poetry(deps-dev): bump coverage from 5.5 to 6.1.1
Bumps coverage from 5.5 to 6.1.1.
updated-dependencies:
dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-major …
Signed-off-by: dependabot[bot] <support@github.com> (``e322d74` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1>`_)
poetry(deps): bump virtualenv from 20.8.1 to 20.10.0
Bumps virtualenv from 20.8.1 to 20.10.0.
updated-dependencies:
dependency-name: virtualenv dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``3927cdc` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c>`_)
created CODEOWNERS
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``e8e499c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e>`_)
fixed typehints/docs in
_BaseCondaParser
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``af6ddfd` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d>`_)
slacked pipenv parser
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``a3572ba` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212>`_)
fixed some abstract definitions
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (``9e67998` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d>`_)
v0.10.2 (2021-10-21)
Fix
fix: correct way to write utf-8 encoded files
Signed-off-by: Paul Horton <phorton@sonatype.com> (``49f9369` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe>`_)
Unknown
0.10.2
Automatically generated by python-semantic-release (``79538e9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678>`_)
v0.10.1 (2021-10-21)
Ci
ci: disable git automatic line ending conversions
Signed-off-by: Paul Horton <phorton@sonatype.com> (``350c097` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/350c097d1dcad367913f65d1026288777e5e4ba4>`_)
ci: update to run on OSX and Windows
Signed-off-by: Paul Horton <phorton@sonatype.com> (``6588c4c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6588c4cc37351ac006eded165284f793f9f98bc2>`_)
Fix
fix: ensure output to file is UTF-8
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a10da20` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39>`_)
fix: ensure output to file is UTF-8
Signed-off-by: Paul Horton <phorton@sonatype.com> (``193bf64` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a>`_)
Unknown
0.10.1
Automatically generated by python-semantic-release (``e6451a3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7>`_)
Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError
FIX: Resolve file encoding issues on Windows (``48329e0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605>`_)
remove memoryview from sha1 file hashing
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a56be0f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a>`_)
added debug to CI to aid understanding of miss matching SHA1 hashes on Windows
Signed-off-by: Paul Horton <phorton@sonatype.com> (``10c6b51` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941>`_)
v0.10.0 (2021-10-20)
Feature
feat: add support for Conda
Signed-off-by: Paul Horton <phorton@sonatype.com> (``bd29c78` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba>`_)
Unknown
0.10.0
Automatically generated by python-semantic-release (``eea3598` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45>`_)
Merge pull request #38 from CycloneDX/feat/conda-support
feat: add support for Conda (``ee5d36d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792>`_)
add support pre Python 3.8
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2d01116` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6>`_)
doc: updated documentation with Conda support (and missed updates for externalReferences)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``57e9dc7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf>`_)
v0.9.1 (2021-10-19)
Fix
fix: missing check for Classifiers in Environment Parser
Signed-off-by: Paul Horton <phorton@sonatype.com> (``b7fa38e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c>`_)
Unknown
0.9.1
Automatically generated by python-semantic-release (``f132c92` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib (``51a1e50` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df>`_)
v0.9.0 (2021-10-19)
Feature
feat: add support for parsing package licenses when using the
EnvironmentParsers
Signed-off-by: Paul Horton <phorton@sonatype.com> (``c414eaf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3>`_)
Unknown
0.9.0
Automatically generated by python-semantic-release (``ad65564` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565>`_)
Merge pull request #36 from CycloneDX/feat/add-license-support
Add support for parsing package licenses from installed packages (``d45f75b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e>`_)
v0.8.3 (2021-10-14)
Fix
fix: coding standards violations
Signed-off-by: Paul Horton <phorton@sonatype.com> (``00cd1ca` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832>`_)
fix: handle
Pipfile.lockdependencies without anindexspecified fix: multiple fixes in variable scoping to prevent accidental data sharing
Signed-off-by: Paul Horton <phorton@sonatype.com> (``26c62fb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f>`_)
Unknown
0.8.3
Automatically generated by python-semantic-release (``91f9a8b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76>`_)
Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure
BUG: Fixe for Pipfile.lock parsing + accidental data sharing issues identified during testing (``4079323` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69>`_)
v0.8.2 (2021-10-14)
Fix
fix: add namespace and subpath support to Component to complete PackageURL Spec support
Signed-off-by: Paul Horton <phorton@sonatype.com> (``780adeb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137>`_)
Unknown
0.8.2
Automatically generated by python-semantic-release (``298318f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a>`_)
Merge pull request #32 from CycloneDX/feat/full-packageurl-support
Add namespace and subpath support to Component (``bb3af91` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525>`_)
v0.8.1 (2021-10-12)
Fix
fix: multiple hashes being created for an externalRefernce which is not as required
Signed-off-by: Paul Horton <phorton@sonatype.com> (``970d192` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795>`_)
Unknown
0.8.1
Automatically generated by python-semantic-release (``70689a2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633>`_)
v0.8.0 (2021-10-12)
Feature
feat: add support for
externalRefernecesforComponentsand associated enhancements to parsers to obtain information where possible/known
Signed-off-by: Paul Horton <phorton@sonatype.com> (``a152852` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214>`_)
Unknown
0.8.0
Automatically generated by python-semantic-release (``7a49f9d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7>`_)
Merge pull request #29 from CycloneDX/feat/component-external-references
FEATURE: Add support for externalReferences against Components (``bdee0ea` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c>`_)
doc: notable improvements to API documentation generation (added search, branding, a little styling)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``e7a5b5a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3>`_)
v0.7.0 (2021-10-11)
Feature
feat: support for pipenv.lock file parsing
Signed-off-by: Paul Horton <phorton@sonatype.com> (``68a2dff` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c>`_)
Unknown
0.7.0
Automatically generated by python-semantic-release (``827bd1c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6>`_)
Merge pull request #27 from CycloneDX/feat/add-pipenv-support
FEATURE: Add Pipfile.lock (pipenv) support (``2c42e2a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8>`_)
doc: updated README.md to include Pipfile.lock parsing
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2c66834` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252>`_)
v0.6.2 (2021-10-11)
Fix
fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances
Signed-off-by: Paul Horton <phorton@sonatype.com> (``e03a25c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0>`_)
Unknown
0.6.2
Automatically generated by python-semantic-release (``e68fbc2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib (``2bf2711` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1>`_)
v0.6.1 (2021-10-11)
Ci
ci: update to deploy to pypi.org upon PR merge
Signed-off-by: Paul Horton <phorton@sonatype.com> (``04e86b5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/04e86b54d71bf801511c728db949d622ae0c6fdc>`_)
Fix
fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance
Signed-off-by: Paul Horton <phorton@sonatype.com> (``5fee85f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740>`_)
Unknown
0.6.1
Automatically generated by python-semantic-release (``c530460` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib (``eb3a46b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64>`_)
v0.6.0 (2021-10-11)
Feature
feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34
Signed-off-by: Paul Horton <phorton@sonatype.com> (``7e0fb3c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f>`_)
feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component
Signed-off-by: Paul Horton <phorton@sonatype.com> (``fde79e0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22>`_)
Unknown
0.6.0
Automatically generated by python-semantic-release (``907cd2d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2>`_)
Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov
Support for representing File as Component (``63a86b0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a>`_)
v0.5.0 (2021-10-11)
Build
build: updated dependencies, moved pdoc3 to a dev dependency
Signed-off-by: Paul Horton <phorton@sonatype.com> (``6a9947d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01>`_)
Feature
feat: add support for tool(s) that generated the SBOM
Signed-off-by: Paul Horton <phorton@sonatype.com> (``7d1e6ef` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94>`_)
Fix
fix: bumped a dependency version
Signed-off-by: Paul Horton <phorton@sonatype.com> (``efc1053` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf>`_)
Unknown
0.5.0
Automatically generated by python-semantic-release (``a655d29` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0>`_)
Merge pull request #20 from CycloneDX/feat/additional-metadata
feat: add support for tool(s) that generated the SBOM (``b33cbf4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777>`_)
fix for Pytho< 3.8 support in tests
Signed-off-by: Paul Horton <phorton@sonatype.com> (``c9b6019` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d>`_)
ensure support for Python < 3.8
Signed-off-by: Paul Horton <phorton@sonatype.com> (``53a82cf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e>`_)
ensure support for Python < 3.8
Signed-off-by: Paul Horton <phorton@sonatype.com> (``2a9e56a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a>`_)
doc: added documentation
Signed-off-by: Paul Horton <phorton@sonatype.com> (``cf13c68` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210>`_)
poetry(deps): bump zipp from 3.5.0 to 3.6.0
Bumps zipp from 3.5.0 to 3.6.0.
updated-dependencies:
dependency-name: zipp dependency-type: indirect update-type: version-update:semver-minor …
Signed-off-by: dependabot[bot] <support@github.com> (``30f2547` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a>`_)
doc: bumped gh-action for publishing docs
Signed-off-by: Paul Horton <phorton@sonatype.com> (``ac70eee` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc>`_)
doc: added documentation to model/bom
Signed-off-by: Paul Horton <phorton@sonatype.com> (``fe98ada` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f>`_)
doc: formatting
Signed-off-by: Paul Horton <phorton@sonatype.com> (``1ad7fb1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6>`_)
doc: added missing docstrings to allow documentation to generate
Signed-off-by: Paul Horton <phorton@sonatype.com> (``ed743d9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd>`_)
Merge pull request #10 from coderpatros/docs
Add initial doc generation and publishing (``7873ad9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091>`_)
v0.4.1 (2021-09-27)
Build
build: dependencies updated
Signed-off-by: Paul Horton <phorton@sonatype.com> (``0411826` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50>`_)
Fix
fix: improved handling for
requirements.txtcontent without pinned or declared versions
Signed-off-by: Paul Horton <phorton@sonatype.com> (``7f318cb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5>`_)
Test
test: additional tests around issue #8 which confirm level of support currently
Signed-off-by: Paul Horton <phorton@sonatype.com> (``bc54bed` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bc54bed79cbeb16dbfcb8c6aaea88d906fd8538a>`_)
test: additional tests added to validate comments in requirements.txt and that hashes within requirements.txt are not currently supported
Signed-off-by: Paul Horton <phorton@sonatype.com> (``3a27d54` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a27d546d56d5c5c27f77af716a5545723794294>`_)
Unknown
0.4.1
Automatically generated by python-semantic-release (``d5b7a2f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69>`_)
Merge pull request #15 from CycloneDX/fix/issue-14-requirements-unpinned-versions
fix: improved handling for requirements.txt content without pinned … (``f248015` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3>`_)
Add initial doc generation and publishing
Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> (``cd1b558` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e>`_)
v0.4.0 (2021-09-16)
Feature
feat: support for localising vectors (i.e. stripping out any scheme prefix)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``b9e9e17` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab>`_)
feat: helper methods for deriving Severity and SourceType
Signed-off-by: Paul Horton <phorton@sonatype.com> (``6a86ec2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388>`_)
Fix
fix: removed print call
Signed-off-by: Paul Horton <phorton@sonatype.com> (``8806553` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974>`_)
fix: relaxed typing of parameter to be compatible with Python < 3.9
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f9c7990` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84>`_)
fix: removed print call
Signed-off-by: Paul Horton <phorton@sonatype.com> (``d272d2e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720>`_)
fix: remove unused commented out code
Signed-off-by: Paul Horton <phorton@sonatype.com> (``ba4f285` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125>`_)
Unknown
0.4.0
Automatically generated by python-semantic-release (``f441413` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db>`_)
v0.3.0 (2021-09-15)
Feature
feat: adding support for extension schema that descriptions vulnerability disclosures
Signed-off-by: Paul Horton <phorton@sonatype.com> (``d496695` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc>`_)
Refactor
refactor: moved Vulnerabilities to be nested inside the Component
Signed-off-by: Paul Horton <phorton@sonatype.com> (``8b4034d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b4034da82a0c5e861161849ddb32c3806adfa0f>`_)
Test
test: added test to confirm no Vulnerabilities are output for Schema Version 1.0 (not supported by schema)
Signed-off-by: Paul Horton <phorton@sonatype.com> (``d5aabcf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5aabcff8d46f635b3b74821d70fc279263c420c>`_)
Unknown
0.3.0
Automatically generated by python-semantic-release (``a5c3dab` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417>`_)
Merge pull request #5 from CycloneDX/feat/support-schema-extension-vulnerability-1.0
FEATURE: add support for Vulnerability Disclosures (``6914272` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165>`_)
doc: updated README to explain support for Vulnerability Disclosures
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f477bf0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b>`_)
v0.2.0 (2021-09-14)
Feature
feat: added helper method to return a PackageURL object representing a Component
Signed-off-by: Paul Horton <phorton@sonatype.com> (``367bef1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5>`_)
Fix
fix: whitespace on empty line removed
Signed-off-by: Paul Horton <phorton@sonatype.com> (``cfc952e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430>`_)
Unknown
0.2.0
Automatically generated by python-semantic-release (``866eda7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e>`_)
Merge pull request #4 from CycloneDX/feat/component-as-packageurl
fix: whitespace on empty line removed (``ddc37f3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib (``6142d2e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34>`_)
v0.1.0 (2021-09-13)
Feature
feat: add poetry support
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f3ac42f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a>`_)
Unknown
0.1.0
Automatically generated by python-semantic-release (``0da668f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a>`_)
Merge pull request #3 from CycloneDX/feat/poetry-lock-support
FEATURE: Adde poetry.lock parser support (``37ba7c6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf>`_)
feat(parser) - added support for parsing dependencies from poetry.lock files.
Signed-off-by: Paul Horton <phorton@sonatype.com> (``15bc553` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530>`_)
fix(parser) parsers were able to share state unexpectedly
Signed-off-by: Paul Horton <phorton@sonatype.com> (``dc59914` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd>`_)
v0.0.11 (2021-09-10)
Fix
fix(test): test was not updated for revised author statement
Signed-off-by: Paul Horton <phorton@sonatype.com> (``d1c9d37` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9>`_)
fix(build): test failure and dependency missing
Fixed failing tests due to dependency on now removed VERSION file Added flake8 officially as a DEV dependency to poetry
Signed-off-by: Paul Horton <phorton@sonatype.com> (``9a2cfe9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d>`_)
fix(build): removed artefacts associtated with non-poetry build
Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX.
Signed-off-by: Paul Horton <phorton@sonatype.com> (``f9119d4` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d>`_)
Unknown
0.0.11
Automatically generated by python-semantic-release (``1c0aa71` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011>`_)
Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip
fix(build): removed artefacts associated with non-poetry build (``b7de7b3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a>`_)
v0.0.10 (2021-09-08)
Fix
fix: add in pypi badge (``6098c36` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481>`_)
Unknown
0.0.10
Automatically generated by python-semantic-release (``245d809` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c>`_)
v0.0.9 (2021-09-08)
Fix
fix: additional info to poetry, remove circleci (``2fcfa5a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df>`_)
Unknown
0.0.9
Automatically generated by python-semantic-release (``e4a90cf` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main (``69aaba5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b>`_)
v0.0.8 (2021-09-08)
Fix
fix: initial release to pypi, tell poetry to include cyclonedx package (``a030177` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6>`_)
Unknown
0.0.8
Automatically generated by python-semantic-release (``fc3f24c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main (``da2d18c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f>`_)
v0.0.7 (2021-09-08)
Fix
fix: release with full name (``4c620ed` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2>`_)
Unknown
0.0.7
Automatically generated by python-semantic-release (``19943e8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1>`_)
v0.0.6 (2021-09-08)
Fix
fix: initial release to pypi (``99687db` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a>`_)
Unknown
0.0.6
Automatically generated by python-semantic-release (``98ad249` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49>`_)
Switch to using action (``cce468a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd>`_)
v0.0.5 (2021-09-08)
Unknown
0.0.5
Automatically generated by python-semantic-release (``9bf4b9a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main (``eeec0bb` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951>`_)
Try this on for size (``aa93310` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c>`_)
v0.0.4 (2021-09-08)
Unknown
0.0.4
Automatically generated by python-semantic-release (``b16d6c5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619>`_)
Use python3 to install (``4c810e1` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49>`_)
v0.0.3 (2021-09-08)
Unknown
0.0.3
Automatically generated by python-semantic-release (``05306ee` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc>`_)
Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main (``f1d120c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de>`_)
Bump up version of poetry (``89db268` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e>`_)
v0.0.2 (2021-09-08)
Unknown
0.0.2
Automatically generated by python-semantic-release (``e15dec6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2>`_)
Remove check for push (``71b1270` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92>`_)
Manual deploy workflow (``9b4ac33` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb>`_)
License headers, OWASP etc… (``559b8d2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85>`_)
Fixed unit tests pinned to a VERISON. (``5d907d5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796>`_)
Bump to version 0.0.2 (``1050839` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9>`_)
Implemented writing SBOM to a file. (``74f4153` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18>`_)
Updated badge in README to include Python 3.6+ support. (``0a5903c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db>`_)
Removed print() statement accidentally left in. (``22965a7` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5>`_)
Merge pull request #1 from sonatype-nexus-community/features/initial-port-of-v1.1-generation-from-jake
Initial port of library code to new library (``2f2634b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa>`_)
Added license headers to all source files. Added classifiers for Python version to setup.py. (``bb6bb24` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e>`_)
Renamed model file to not reference CycloneDX as the models are agnostic on purpose. (``03d03ed` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466>`_)
Forgot to add updated poetry.lock file relfecting Python 3.6+ support (``5d3d491` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f>`_)
Updated project to state support from Python v3.6+ (``619ee1d` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb>`_)
Adding Python 3.6 support for test & CI. (``daa12ba` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091>`_)
Fixing CircleCI config. (``a446f4c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136>`_)
Fixes to GitHub actions. (``d2aa277` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd>`_)
Disabled Py3.6 checks and added flake8. (``8c01da3` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f>`_)
Attempt to fix CI's for multiple Python environments. (``affb6b2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7>`_)
Added support for Python versions 3.7+ (``ae24ba9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de>`_)
Added missing ENV var for GH actions. (``c750ec6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef>`_)
Missed wrapping a coverage command with poetry. (``3c74c82` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8>`_)
Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. (``780e3df` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3>`_)
Fixed typo in Github action. (``3953675` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e>`_)
Correction: Supported Python version in setup.py (``2f4917b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419>`_)
Updated poetry dependencies and configuration. (``75041e5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc>`_)
Initial draft GitHub actions being added. (``e2403e8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb>`_)
Added Poetry supprot. (``e9a67f8` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40>`_)
Addressing issues reported by flake8. (``3ad394c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac>`_)
Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. (``95c5b38` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce>`_)
Updated README to reflect support for author. (``bff5954` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313>`_)
Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). (``e987f35` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1>`_)
Corrected typo in README (``0d2c355` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692>`_)
Updated README to include a summary of the support this library provides across the different schema versions. (``34f421f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a>`_)
Initial support for V1.0 and V1.1 in XML output format. (``37f6b00` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319>`_)
Added 'serialNumber' to SBOMs (JSON and XML). (``50e3c75` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843>`_)
Added a bunch more content to the README to explain how the library can be used. (``bb41dc6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20>`_)
Added metadata initial support to JSON output format. (``8c5590f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d>`_)
Addition of simple 'metadata' element for XML SBOM's. (``f9e9773` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28>`_)
Added initial JSON outputter and associated tests. (``3e1f5ec` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d>`_)
Fix to generate HTML coverage reports and stash in CircleCI builds. (``dd88603` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436>`_)
Added HTML coverage report. (``ce700e5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908>`_)
Missed coverage as a dependency for testing. (``01643d6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72>`_)
Added coverage reporting for tests (``c34b1a6` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549>`_)
Added first tests for XML SBOM generation (v1.3 and v1.2). (``cb4337a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314>`_)
WIP: Starting to generate XML output for BOMs (``35bdfca` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec>`_)
Updated CircleCI config to run tox. Fixed fomratting in tests. (``9a56230` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17>`_)
Rebasing from main. (``822ab8b` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05>`_)
Initial skeleton tests for output genereation. (``a614f3e` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e>`_)
pretty badge (``60e975c` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67>`_)
initial CI for discussion (``7e88cd5` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013>`_)
Added a little more information to the README. (``460c624` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76>`_)
Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. (``cce130f` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b>`_)
Basic structure without any output generation available (very basic Component definition). (``6ac5dc2` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72>`_)
Added tox config with flake8 and py3.9 support. (``1def201` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6>`_)
Initially added skeleton packaging structure and official CycloneDX schemas. (``ac519c9` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509>`_)
Added inital blank README prior to branching for initial work. (``b175f6a` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94>`_)
Added inital blank README prior to branching for initial work. (``e8b5d48` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656>`_)
Initial commit (``62353b0` <https://github.com/CycloneDX/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478>`_)