09 Apr 15:18

github-actions

27833f7

v7.0.0-alpha.1 Pre-release

Pre-release

v7.0.0-alpha.1 (2024-04-09)

Chore

chore(deps): bump py-serializable to >=1.0.3 to resolve issues with deserialization to XML

Signed-off-by: Paul Horton <[email protected]> (0398051)

chore(deps-dev): update autopep8 requirement from 2.0.4 to 2.1.0 (#573)

Updates the requirements on autopep8 to permit the latest version.

updated-dependencies:

dependency-name: autopep8
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (35749c6)

chore(deps-dev): update tox requirement from 4.14.1 to 4.14.2 (#574)

Updates the requirements on tox to permit the latest version.

updated-dependencies:

dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (d60f457)

Unknown

docs

Signed-off-by: Jan Kowalleck <[email protected]> (42c6f25)

refactor

Signed-off-by: Jan Kowalleck <[email protected]> (b4a133a)

style

Signed-off-by: Jan Kowalleck <[email protected]> (0843234)

refactor

Signed-off-by: Jan Kowalleck <[email protected]> (62c1d9a)

reformat

Signed-off-by: Jan Kowalleck <[email protected]> (e10ffee)

reformat

Signed-off-by: Jan Kowalleck <[email protected]> (e0184cc)

fetch test data for CDX 1.6

Signed-off-by: Jan Kowalleck <[email protected]> (618a292)

fetch schema 1.6 JSON

Signed-off-by: Jan Kowalleck <[email protected]> (289e81a)

update schema to published versions

Signed-off-by: Paul Horton <[email protected]> (0449de2)

more proper way to filter test cases

Signed-off-by: Paul Horton <[email protected]> (0a2ca2c)

add acknowledgement to LicenseExpression (#582)

Signed-off-by: Paul Horton <[email protected]> (ddd7847)

coding standards and typing

Signed-off-by: Paul Horton <[email protected]> (5c97c2d)

raise UserWarning in .component.version has length > 1024

Signed-off-by: Paul Horton <[email protected]> (abebd4f)

Added address to organizationalEntity

Signed-off-by: Paul Horton <[email protected]> (1327558)

Added address to organizationalEntity

Signed-off-by: Paul Horton <[email protected]> (318d723)

coding standards

Signed-off-by: Paul Horton <[email protected]> (d294620)

corrected CryptoMode enum

Signed-off-by: Paul Horton <[email protected]> (71e4bc6)

additional tests to increase code coverage

Signed-off-by: Paul Horton <[email protected]> (f504daa)

coding standards

Signed-off-by: Paul Horton <[email protected]> (a3e09d1)

test filtering

Signed-off-by: Paul Horton <[email protected]> (14f699f)

coding standards

Signed-off-by: Paul Horton <[email protected]> (b23df1f)

typing and bandit ignores

Signed-off-by: Paul Horton <[email protected]> (96a6dc9)

add .component.cryptoProperties - with test failures for SchemaVersion < 1.6

Signed-off-by: Paul Horton <[email protected]> (1e71dc3)

properly added .component.swhid

Signed-off-by: Paul Horton <[email protected]> (ee80ea3)

imports tidied

Signed-off-by: Paul Horton <[email protected]> (875a338)

work to get deserialization tests passing

Signed-off-by: Paul Horton <[email protected]> (fdece59)

work to add .component.omniborid - but tests deserialisation tests fail due to schema differences (.component.author not in 1.6)

Signed-off-by: Paul Horton <[email protected]> (af7b92b)

Deprecated .component.author. Added .component.authors and .component.manufacturer

Signed-off-by: Paul Horton <[email protected]> (6227c08)

work on bom.metadata for v1.6

Signed-off-by: Paul Horton <[email protected]> (6192ed8)

note bom.metadata.manufacture as deprecated

Signed-off-by: Paul Horton <[email protected]> (240dfaa)

re-generated test snapshots for v1.6

Signed-off-by: Paul Horton <[email protected]> (8132c3e)

added draft v1.6 schemas and boilerplate for v1.6

Signed-off-by: Paul Horton <[email protected]> (41ca1e0)

Assets 4

18 Mar 18:13

github-actions

v6.4.4

4965bf9

v6.4.4

v6.4.4 (2024-03-18)

Chore

chore(deps-dev): update coverage requirement from 7.4.3 to 7.4.4 (#570)

Updates the requirements on coverage to permit the latest version.

updated-dependencies:

dependency-name: coverage
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (3a2e427)

chore(deps): bump python-semantic-release/python-semantic-release (#564)

Bumps python-semantic-release/python-semantic-release from 8.5.1 to 9.1.1.

updated-dependencies:

dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (d20a590)

chore(deps-dev): update tox requirement from 4.13.0 to 4.14.1 (#567)

Updates the requirements on tox to permit the latest version.

updated-dependencies:

dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (2dcc60e)

chore(deps-dev): update bandit requirement from 1.7.7 to 1.7.8 (#566)

Updates the requirements on bandit to permit the latest version.

updated-dependencies:

dependency-name: bandit
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (eb1a252)

chore(deps-dev): update mypy requirement from 1.8.0 to 1.9.0 (#565)

Updates the requirements on mypy to permit the latest version.

updated-dependencies:

dependency-name: mypy
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (3ce0f3a)

Fix

fix: wrong extra name for xml validation (#571)

Signed-off-by: Christoph Reiter <[email protected]> (10e38e2)

What's Changed

chore(deps-dev): update mypy requirement from 1.8.0 to 1.9.0 by @dependabot in #565
chore(deps-dev): update bandit requirement from 1.7.7 to 1.7.8 by @dependabot in #566
chore(deps-dev): update tox requirement from 4.13.0 to 4.14.1 by @dependabot in #567
chore(deps): bump python-semantic-release/python-semantic-release from 8.5.1 to 9.1.1 by @dependabot in #564
chore(deps-dev): update coverage requirement from 7.4.3 to 7.4.4 by @dependabot in #570
fix: wrong extra name for xml validation by @lazka in #571

New Contributors

@lazka made their first contribution in #571

Full Changelog: v6.4.3...v6.4.4

Contributors

lazka and dependabot

Assets 4

04 Mar 12:11

github-actions

v6.4.3

e8bd5aa

v6.4.3

v6.4.3 (2024-03-04)

Chore

chore(deps-dev): update ddt requirement from 1.7.1 to 1.7.2 (#563)

Updates the requirements on ddt to permit the latest version.

updated-dependencies:

dependency-name: ddt
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (53cb8a9)

Fix

fix: serialization of model.component.Diff (#557)

Fixes #556

Signed-off-by: rcross-lc <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]>
Co-authored-by: Jan Kowalleck <[email protected]> (22fa873)

What's Changed

chore(deps-dev): update ddt requirement from 1.7.1 to 1.7.2 by @dependabot in #563
fix: serialization of model.component.Diff by @rcross-lc in #557

New Contributors

@rcross-lc made their first contribution in #557

Full Changelog: v6.4.2...v6.4.3

Contributors

dependabot and rcross-lc

Assets 4

01 Mar 08:10

github-actions

v6.4.2

209c357

v6.4.2

v6.4.2 (2024-03-01)

Maintenance release.

Build

build: use poetry v1.8.1 (#560)

Signed-off-by: Jan Kowalleck <[email protected]> (6f81dfa)

Chore

chore(deps-dev): update coverage requirement from 7.4.1 to 7.4.3 (#558)

Updates the requirements on coverage to permit the latest version.

updated-dependencies:

dependency-name: coverage
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (2b7f261)

chore(deps): bump Gr1N/setup-poetry from 8 to 9 (#555)

Bumps Gr1N/setup-poetry from 8 to 9.

updated-dependencies:

dependency-name: Gr1N/setup-poetry
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (178ce32)

chore(deps-dev): update tox requirement from 4.12.1 to 4.13.0 (#553)

Updates the requirements on tox to permit the latest version.

updated-dependencies:

dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (77fb2ec)

chore(deps-dev): update flake8-quotes requirement from 3.3.2 to 3.4.0 (#552)

Updates the requirements on flake8-quotes to permit the latest version.

Commits

updated-dependencies:

dependency-name: flake8-quotes
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (cd8e67c)

chore(deps-dev): update flake8-bugbear requirement (#549)

Updates the requirements on flake8-bugbear to permit the latest version.

updated-dependencies:

dependency-name: flake8-bugbear
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (153d83e)

Documentation

docs: update architecture description and examples (#550)

Signed-off-by: Jan Kowalleck <[email protected]> (a19fd28)

docs: exclude internal docs from rendering (#545)

Signed-off-by: Jan Kowalleck <[email protected]> (7e55dfe)

Unknown

docs

Signed-off-by: Jan Kowalleck <[email protected]> (63cff7e)

docs (#546)

Signed-off-by: Jan Kowalleck <[email protected]> (b0e5b43)

Assets 4

30 Jan 10:38

github-actions

v6.4.1

b3dd930

v6.4.1

v6.4.1 (2024-01-30)

Chore

chore(deps-dev): update bandit requirement from 1.7.6 to 1.7.7 (#542)

Updates the requirements on bandit to permit the latest version.

updated-dependencies:

dependency-name: bandit
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (0d159c2)

chore(deps-dev): update coverage requirement from 7.4.0 to 7.4.1 (#541)

Updates the requirements on coverage to permit the latest version.

updated-dependencies:

dependency-name: coverage
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (fa82a24)

Documentation

docs: ship docs with sdist build (#544)

Signed-off-by: Jan Kowalleck <[email protected]> (52ef01c)

docs: refactor example

Signed-off-by: Jan Kowalleck <[email protected]> (c1776b7)

Fix

fix: model.BomRef no longer equal to unset peers (#543)

fixes #539

Signed-off-by: Jan Kowalleck <[email protected]> (1fd7fee)

Unknown

tests: fetched schema 1.5 test data from spec (#536)

Signed-off-by: Jan Kowalleck <[email protected]> (394cc87)

What's Changed

tests: fetched schema 1.5 test data from spec by @jkowalleck in #536
chore(deps-dev): update coverage requirement from 7.4.0 to 7.4.1 by @dependabot in #541
chore(deps-dev): update bandit requirement from 1.7.6 to 1.7.7 by @dependabot in #542
docs: ship docs with sdist build by @jkowalleck in #544
fix: model.BomRef no longer equal to unset peers by @jkowalleck in #543

Full Changelog: v6.4.0...v6.4.1

Contributors

jkowalleck and dependabot

Assets 4

22 Jan 12:35

github-actions

v6.4.0

8f81322

v6.4.0

v6.4.0 (2024-01-22)

Chore

chore(deps-dev): update tox requirement from 4.12.0 to 4.12.1 (#533)

Updates the requirements on tox to permit the latest version.

updated-dependencies:

dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (74094d7)

chore(deps-dev): update flake8-bugbear requirement (#534)

Updates the requirements on flake8-bugbear to permit the latest version.

updated-dependencies:

dependency-name: flake8-bugbear
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (6e6f374)

chore: doc flake8 config

Signed-off-by: Jan Kowalleck <[email protected]> (bd4c078)

chore(deps-dev): update tox requirement from 4.11.4 to 4.12.0 (#530)

Updates the requirements on tox to permit the latest version.

updated-dependencies:

dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (130918a)

Documentation

docs: add OpenSSF Best Practices shield (#532)

Signed-off-by: Jan Kowalleck <[email protected]> (59c4381)

Feature

feat: support py-serializable v1.0 (#531)

Signed-off-by: Jan Kowalleck <[email protected]> (e1e7277)

Assets 4

06 Jan 23:14

github-actions

v6.3.0

59c8f17

v6.3.0

v6.3.0 (2024-01-06)

Chore

chore(deps-dev): update flake8 requirement from 6.1.0 to 7.0.0 (#528)

Updates the requirements on flake8 to permit the latest version.

Commits

updated-dependencies:

dependency-name: flake8
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (6b7ed78)

chore(deps-dev): update ddt requirement from 1.7.0 to 1.7.1 (#527)

Updates the requirements on ddt to permit the latest version.

updated-dependencies:

dependency-name: ddt
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (9a58e7e)

Documentation

docs: add Documentation url to project meta

Signed-off-by: Jan Kowalleck <[email protected]> (1080b73)

docs: add Documentation url to project meta

Signed-off-by: Jan Kowalleck <[email protected]> (c4288b3)

Feature

feat: enable dependency py-serializable 0.17 (#529)

Signed-off-by: Jan Kowalleck <[email protected]> (9f24220)

What's Changed

chore(deps-dev): update ddt requirement from 1.7.0 to 1.7.1 by @dependabot in #527
chore(deps-dev): update flake8 requirement from 6.1.0 to 7.0.0 by @dependabot in #528
feat: enable dependency py-serializable 0.17 by @jkowalleck in #529

Full Changelog: v6.2.0...v6.3.0

Contributors

jkowalleck and dependabot

Assets 4

31 Dec 11:37

github-actions

v6.2.0

f91245e

v6.2.0

v6.2.0 (2023-12-31)

Build

build: allow additional major-version RC branch patterns

Signed-off-by: Jan Kowalleck <[email protected]> (f8af156)

Chore

chore(deps-dev): update coverage requirement from 7.3.3 to 7.4.0 (#524)

Updates the requirements on coverage to permit the latest version.

updated-dependencies:

dependency-name: coverage
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (9bcc223)

chore(deps-dev): update mypy requirement from 1.7.1 to 1.8.0 (#521)

Updates the requirements on mypy to permit the latest version.

updated-dependencies:

dependency-name: mypy
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (720046e)

Documentation

docs: fix typo

Signed-off-by: Jan Kowalleck <[email protected]> (2563996)

docs: update intro and description

Signed-off-by: Jan Kowalleck <[email protected]> (f0bd05d)

docs: buld docs on ubuntu22.04 python311

Signed-off-by: Jan Kowalleck <[email protected]> (b3e9ab7)

Feature

feat: allow lxml requirement in range of >=4,<6 (#523)

Updates the requirements on lxml to permit the latest version.

updated-dependencies:

dependency-name: lxml
dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (7d12b9a)

Unknown

docs

Signed-off-by: Jan Kowalleck <[email protected]> (7dcd166)

What's Changed

chore(deps-dev): update mypy requirement from 1.7.1 to 1.8.0 by @dependabot in #521
chore(deps-dev): update coverage requirement from 7.3.3 to 7.4.0 by @dependabot in #524
chore(deps): update lxml requirement from ^4 to >=4,<6 by @dependabot in #523

Full Changelog: v6.1.0...v6.2.0

Contributors

dependabot

Assets 4

22 Dec 01:47

github-actions

v6.1.0

c361dae

v6.1.0

v6.1.0 (2023-12-22)

Chore

chore: update maintainers

Signed-off-by: Jan Kowalleck <[email protected]> (87c72d7)

chore(deps): bump python-semantic-release/python-semantic-release (#515)

Bumps python-semantic-release/python-semantic-release from 8.5.0 to 8.5.1.

updated-dependencies:

dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (0f56ec4)

chore(deps-dev): update coverage requirement from 7.3.2 to 7.3.3 (#517)

Updates the requirements on coverage to permit the latest version.

updated-dependencies:

dependency-name: coverage
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (a57e2f6)

chore(deps-dev): update isort requirement from 5.13.0 to 5.13.2 (#516)

Updates the requirements on isort to permit the latest version.

updated-dependencies:

dependency-name: isort
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (84874a3)

Feature

feat: add function to map python hashlib algorithms to CycloneDX (#519)

new API: model.HashType.from_hashlib_alg()

Signed-off-by: Jan Kowalleck <[email protected]> (81f8cf5)

What's Changed

chore(deps-dev): update isort requirement from 5.13.0 to 5.13.2 by @dependabot in #516
chore(deps-dev): update coverage requirement from 7.3.2 to 7.3.3 by @dependabot in #517
chore(deps): bump python-semantic-release/python-semantic-release from 8.5.0 to 8.5.1 by @dependabot in #515
feat: add function to map python hashlib algorithms to CycloneDX by @jkowalleck in #519

Full Changelog: v6.0.0...v6.1.0

Contributors

jkowalleck and dependabot

Assets 4

10 Dec 19:04

github-actions

v6.0.0

8800b68

v6.0.0

v6.0.0 (2023-12-10)

Breaking

feat!: v6.0.0 (#492)

Breaking Changes

Removed symbols that were already marked as deprecated (via #493)
Removed symbols in parser.* (#489 via #495)
Removed output.LATEST_SUPPORTED_SCHEMA_VERSION (#491 via #494)
Serialization of unsupported enum values might downgrade/migrate/omit them (#490 via #496)
Handling might raise warnings if a data loss occurred due to omitting.
The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered.
Serialization of any model.component.Component with unsupported type raises exception.serialization.SerializationOfUnsupportedComponentTypeException (#490 via #496)
Object model.bom_ref.BomRef's property value defaults to Null, was arbitrary UUID (#504 via #505)
This change does not affect serialization. All bom-refs are guaranteed to have unique values on rendering.
Removed helpers from public API (#503 via #506)

Added

Basic support for CycloneDX 1.5 (#404 via #488) -- Thanks to @Churro
- No data models were enhanced nor added, yet.
  Pull requests to add functionality are welcome.
- Existing enumerable got new cases, to reflect features of CycloneDX 1.5 (#404 via #488)
- Outputters were enabled to render CycloneDX 1.5 (#404 via #488)

Tests

Created (regression/unit/integration/functional) tests for CycloneDX 1.5 (#404 via #488)
Created (regression/functional) tests for Enums' handling and completeness (#490 via #496)

Misc

Bumped dependency py-serializable@^0.16, was @^0.15 (via #496)

API Changes — the details for migration

Added new sub-package exception.serialization (via #496)
Removed class models.ComparableTuple (#503 via #506)
Enum model.ExternalReferenceType got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
Removed function models.get_now_utc (#503 via #506)
Removed function models.sha1sum (#503 via #506)
Enum model.component.ComponentType got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
Removed model.component.Component.__init__()'s deprecated optional kwarg namespace (via #493)
Use kwarg group instead.
Removed model.component.Component.__init__()'s deprecated optional kwarg license_str (via #493)
Use kwarg licenses instead.
Removed deprecated method model.component.Component.get_namespace() (via #493)
Removed class models.dependency.DependencyDependencies (#503 via #506)
Removed model.vulnerability.Vulnerability.__init__()'s deprecated optional kwarg source_name (via #493)
Use kwarg source instead.
Removed model.vulnerability.Vulnerability.__init__()'s deprecated optional kwarg source_url (via #493)
Use kwarg source instead.
Removed model.vulnerability.Vulnerability.__init__()'s deprecated optional kwarg recommendations (via #493)
Use kwarg recommendation instead.
Removed model.vulnerability.VulnerabilityRating.__init__()'s deprecated optional kwarg score_base (via #493)
Use kwarg score instead.
Enum model.vulnerability.VulnerabilityScoreSource got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
Removed output.LATEST_SUPPORTED_SCHEMA_VERSION (#491 via #494)
Removed deprecated function output.get_instance() (via #493)
Use function output.make_outputter() instead.
Added new class output.json.JsonV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)
Added new item to dict output.json.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)
Added new class output.xml.XmlV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)
Added new item to dict output.xml.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)
Removed class parser.ParserWarning (#489 via #495)
Removed class parser.BaseParser (#489 via #495)
Enum schema.SchemaVersion got new case V1_5, to reflect CycloneDX 1.5 (#404 via #488)

Signed-off-by: Johannes Feichtner <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]>
Signed-off-by: semantic-release <semantic-release>
Co-authored-by: Johannes Feichtner <[email protected]>
Co-authored-by: semantic-release <semantic-release> (74865f8)

Chore

chore(deps): bump python-semantic-release/python-semantic-release (#509)

Bumps python-semantic-release/python-semantic-release from 8.0.8 to 8.5.0.

updated-dependencies:

dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (9ed9ab1)

chore(deps-dev): update isort requirement from 5.12.0 to 5.13.0 (#512)

Updates the requirements on isort to permit the latest version.

updated-dependencies:

dependency-name: isort
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (0eba631)

chore(deps-dev): update bandit requirement from 1.7.5 to 1.7.6 (#510)

Updates the requirements on bandit to permit the latest version.

updated-dependencies:

dependency-name: bandit
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (153b07a)

chore(deps): bump actions/setup-python from 4 to 5 (#508)

Bumps actions/setup-python from 4 to 5.

updated-dependencies:

dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (4e3e0e0)

chore(deps): update sphinx-rtd-theme requirement (#499)

Updates the requirements on sphinx-rtd-theme to permit the latest version.

updated-dependencies:

dependency-name: sphinx-rtd-theme
dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (5d6dd41)

chore(deps-dev): update flake8-bugbear requirement (#500)

Updates the requirements on flake8-bugbear to permit the latest version.

updated-dependencies:

dependency-name: flake8-bugbear
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by:...

Contributors

Churro, jkowalleck, and dependabot

Assets 4

Uh oh!

Uh oh!

Releases: CycloneDX/cyclonedx-python-lib

v7.0.0-alpha.1

v7.0.0-alpha.1 (2024-04-09)

Chore

Unknown

Uh oh!

v6.4.4

v6.4.4 (2024-03-18)

Chore

Fix

What's Changed

New Contributors

Contributors

Uh oh!

v6.4.3

v6.4.3 (2024-03-04)

Chore

Fix

What's Changed

New Contributors

Contributors

Uh oh!

v6.4.2

v6.4.2 (2024-03-01)

Build

Chore

Documentation

Unknown

Uh oh!

v6.4.1

v6.4.1 (2024-01-30)

Chore

Documentation

Fix

Unknown

What's Changed

Contributors

Uh oh!

v6.4.0

v6.4.0 (2024-01-22)

Chore

Documentation

Feature

Uh oh!

v6.3.0

v6.3.0 (2024-01-06)

Chore

Documentation

Feature

What's Changed

Contributors

Uh oh!

v6.2.0

v6.2.0 (2023-12-31)

Build

Chore

Documentation

Feature

Unknown

What's Changed

Contributors

Uh oh!

v6.1.0

v6.1.0 (2023-12-22)

Chore

Feature

What's Changed

Contributors

Uh oh!

v6.0.0

v6.0.0 (2023-12-10)

Breaking

Breaking Changes

Added

Tests

Misc

API Changes — the details for migration

Chore