Skip to content

Releases: CycloneDX/cyclonedx-python-lib

v11.4.0

23 Oct 14:28

Choose a tag to compare

v11.4.0 (2025-10-23)

Features

  • Add support for CycloneDX 1.7 (basics) (#902, f35b9ee)

What's Changed

Full Changelog: v11.3.0...v11.4.0

v11.3.0

22 Oct 11:02

Choose a tag to compare

v11.3.0 (2025-10-22)

Bug Fixes

  • Implement __lt__ for models still missing it (#899, bebda4f)

Features

  • Deserialize single ComponentEvidence.identity (#900, 9425c67)

What's Changed

New Contributors

Full Changelog: v11.2.0...v11.3.0

v11.2.0

15 Oct 13:44

Choose a tag to compare

v11.2.0 (2025-10-15)

Documentation

  • Add Changelog to project urls (d8a24b7)

Features


What's Changed

  • chore(deps-dev): update mypy requirement from 1.17.1 to 1.18.1 by @dependabot[bot] in #889
  • chore(deps-dev): update mypy requirement from 1.18.1 to 1.18.2 by @dependabot[bot] in #890
  • chore(deps-dev): update coverage requirement from 7.10.6 to 7.10.7 by @dependabot[bot] in #891
  • feat: support Python 3.14 by @jkowalleck in #897
  • chore(deps-dev): update isort requirement from 6.0.1 to 6.1.0 by @dependabot[bot] in #894
  • chore(deps-dev): update tox requirement from 4.30.2 to 4.30.3 by @dependabot[bot] in #893
  • chore(deps-dev): update pyupgrade requirement from 3.20.0 to 3.21.0 by @dependabot[bot] in #896
  • chore(deps-dev): update tomli requirement from 2.2.1 to 2.3.0 by @dependabot[bot] in #895

Full Changelog: v11.1.0...v11.2.0

v11.1.0

09 Sep 09:37

Choose a tag to compare

v11.1.0 (2025-09-09)

Documentation

Features

  • Add BomRefs for known models according to CycloneDX 1.5 (#859, 0898cf7)

  • Updating SPDX license list to 3.27.0 (#885, 876a364)


What's Changed

  • chore(deps-dev): update mypy requirement from 1.16.1 to 1.17.0 by @dependabot[bot] in #855
  • docs: update linked XML spec by @jkowalleck in #857
  • docs: update CDX spec links by @jkowalleck in #858
  • docs: update linked CDX spec by @jkowalleck in #860
  • feat: add BomRefs for known models according to CycloneDX 1.5 by @jkowalleck in #859
  • chore(deps-dev): update coverage requirement from 7.9.2 to 7.10.1 by @dependabot[bot] in #865
  • chore(deps-dev): update mypy requirement from 1.17.0 to 1.17.1 by @dependabot[bot] in #868
  • chore(deps-dev): update tox requirement from 4.27.0 to 4.28.4 by @dependabot[bot] in #867
  • chore(deps-dev): update deptry requirement from 0.23.0 to 0.23.1 by @dependabot[bot] in #866
  • chore(deps-dev): update coverage requirement from 7.10.1 to 7.10.2 by @dependabot[bot] in #871
  • chore(deps): bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #873
  • chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #875
  • test: fix slow tests and add timing reports by @jkowalleck in #880
  • chore(deps-dev): update tox requirement from 4.28.4 to 4.29.0 by @dependabot[bot] in #879
  • chore(deps-dev): update coverage requirement from 7.10.2 to 7.10.6 by @dependabot[bot] in #878
  • chore(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in #882
  • chore(deps-dev): update tox requirement from 4.29.0 to 4.30.2 by @dependabot[bot] in #884
  • feat: Updating SPDX license list to 3.27.0 by @jkowalleck in #885

Full Changelog: v11.0.0...v11.1.0

v11.0.0

21 Jul 10:53

Choose a tag to compare

v11.0.0 (2025-07-21)

BREAKING Changes

  • Ignore unknown properties when deserializing (#853, 4842828)

What's Changed

  • feat!: ignore unknown properties when deserializing by @jkowalleck in #853

Full Changelog: v10.5.0...v11.0.0

v10.5.0

20 Jul 15:47

Choose a tag to compare

v10.5.0 (2025-07-20)

Features


What's Changed

Full Changelog: v10.4.1...v10.5.0

v10.4.1

08 Jul 16:28

Choose a tag to compare

v10.4.1 (2025-07-08)

Bug Fixes

  • Add runtime dependnecy typing_extensions>=4.6; python_version<"3.13" (#845, 95b560a)

  • Added runtime dependnecy referencing>=0.28.4" (#846, 4d01e87)


What's Changed

  • fix: add runtime dependnecy typing_extensions>=4.6; python_version<"3.13" by @jkowalleck in #845
  • fix: added runtime dependnecy referencing>=0.28.4" by @jkowalleck in #846

Full Changelog: v10.4.0...v10.4.1

v10.4.0

08 Jul 10:13

Choose a tag to compare

v10.4.0 (2025-07-08)

Bug Fixes

  • Issue DeprecationWarnings for deprecated properties properly (#838, 34a11aa)

  • Removed meaningless pattern checks for CycloneDX 1.2 JSON schema (#843, 6e8083a)

Features


What's Changed

New Contributors

Full Changelog: v10.3.0...v10.4.0

v10.3.0

30 Jun 08:24

Choose a tag to compare

v10.3.0 (2025-06-30)

Documentation

  • Instructions for code style (160810f)

Features

  • Schema based validation may return iterable of all errors (#834, f95576f)

What's Changed

  • chore: update precommit hook by @jkowalleck in #833
  • chore(deps-dev): update flake8 requirement from 7.2.0 to 7.3.0 by @dependabot in #829
  • chore(deps-dev): update tox requirement from 4.26.0 to 4.27.0 by @dependabot in #832
  • chore(deps-dev): update mypy requirement from 1.16.0 to 1.16.1 by @dependabot in #831
  • chore(deps-dev): update bandit requirement from 1.8.3 to 1.8.5 by @dependabot in #830
  • chore(deps-dev): update coverage requirement from 7.8.2 to 7.9.1 by @dependabot in #825
  • feat: schema based validation may return iterable of all errors by @e3krisztian in #834
  • chore(deps): update lxml requirement from >=4,<6 to >=4,<7 by @dependabot in #835

New Contributors

Full Changelog: v10.2.0...v10.3.0

v10.2.0

10 Jun 09:12

Choose a tag to compare

v10.2.0 (2025-06-10)

Bug Fixes

  • vulnerabilityscoresource.get_from_vector() for CVSS_V3_1 and CVSS_V4 (#824, a97ccd4)

Features

  • Add support for component's evidences according to spec (#810, 3395fda)

What's Changed

  • feat: add support for component's evidences according to spec by @OxPirates in #810
  • fix: VulnerabilityScoreSource.get_from_vector() for CVSS_V3_1 and CVSS_V4 by @jkowalleck in #824

New Contributors

Full Changelog: v10.1.0...v10.2.0