From 15d9c198404d4c55cf2e9039283a31ff973e8a1b Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Sun, 13 Oct 2024 09:12:26 -0400 Subject: [PATCH 01/37] feat: add cpe format validation - Implemented regex-based validation for CPE format in the model. - Added tests to verify handling of invalid CPE strings. Signed-off-by: Saquib Saifee --- cyclonedx/model/component.py | 12 ++++++++++++ tests/test_model_component.py | 11 +++++++++++ 2 files changed, 23 insertions(+) diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index 89e7020d..984e1db9 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -63,6 +63,16 @@ from .license import License, LicenseRepository from .release_note import ReleaseNotes +CPE_REGEX = re.compile( + r'([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%]*){0,6})|' + r'(cpe:2\.3:[aho*-](:(((\?*|\*?)([a-zA-Z0-9\-._]|' + r'(\\[\\\*\?!\"#\$%&\'\(\)\+,/:;<=>@\[\]\^`\{\|\}~]))+(\?*|\*?))|' + r'[\*\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|' + r'[\*\-]))(:(((\?*|\*?)([a-zA-Z0-9\-._]|' + r'(\\[\\\*\?!\"#\$%&\'\(\)\+,/:;<=>@\[\]\^`\{\|\}~]))+(\?*|' + r'\*?))|[\*\-])){4})' +) + @serializable.serializable_class class Commit: @@ -1457,6 +1467,8 @@ def cpe(self) -> Optional[str]: @cpe.setter def cpe(self, cpe: Optional[str]) -> None: + if cpe and not CPE_REGEX.fullmatch(cpe): + raise ValueError(f'Invalid CPE format: {cpe}') self._cpe = cpe @property diff --git a/tests/test_model_component.py b/tests/test_model_component.py index c25fdc91..e8d19937 100644 --- a/tests/test_model_component.py +++ b/tests/test_model_component.py @@ -123,6 +123,7 @@ def test_empty_basic_component(self) -> None: self.assertSetEqual(c.external_references, set()) self.assertFalse(c.properties) self.assertIsNone(c.release_notes) + self.assertIsNone(c.cpe) self.assertEqual(len(c.components), 0) self.assertEqual(len(c.get_all_nested_components(include_self=True)), 1) @@ -283,6 +284,16 @@ def test_nested_components_2(self) -> None: self.assertEqual(3, len(comp_b.get_all_nested_components(include_self=True))) self.assertEqual(2, len(comp_b.get_all_nested_components(include_self=False))) + def test_cpe_validation_valid(self) -> None: + cpe = 'cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*' + c = Component(name='test-component', cpe=cpe) + self.assertEqual(c.cpe, cpe) + + def test_cpe_validation_invalid_format(self) -> None: + invalid_cpe = 'invalid-cpe-string' + with self.assertRaises(ValueError): + Component(name='test-component', cpe=invalid_cpe) + class TestModelComponentEvidence(TestCase): From fbf02c257e4886adb66db18b726c4b6cedab3e53 Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Sun, 13 Oct 2024 11:53:10 -0400 Subject: [PATCH 02/37] chore: update the cpe value Signed-off-by: Saquib Saifee --- tests/test_model_component.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_model_component.py b/tests/test_model_component.py index e8d19937..3eb2d773 100644 --- a/tests/test_model_component.py +++ b/tests/test_model_component.py @@ -285,7 +285,7 @@ def test_nested_components_2(self) -> None: self.assertEqual(2, len(comp_b.get_all_nested_components(include_self=False))) def test_cpe_validation_valid(self) -> None: - cpe = 'cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*' + cpe = 'cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*' c = Component(name='test-component', cpe=cpe) self.assertEqual(c.cpe, cpe) From c74218ba0f969cdbe20c5988ef37b358c9c0e011 Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Mon, 14 Oct 2024 18:33:19 -0400 Subject: [PATCH 03/37] feat: add CPE format validation in property setter Signed-off-by: Saquib Saifee --- cyclonedx/model/component.py | 7 ++++++- pyproject.toml | 1 + tests/test_model_component.py | 10 ++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index 89e7020d..578f56df 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -23,6 +23,7 @@ # See https://github.com/package-url/packageurl-python/issues/65 import serializable +from cpe import CPE # type:ignore from packageurl import PackageURL from sortedcontainers import SortedSet @@ -1457,7 +1458,11 @@ def cpe(self) -> Optional[str]: @cpe.setter def cpe(self, cpe: Optional[str]) -> None: - self._cpe = cpe + if cpe: + try: + CPE(cpe) + except NotImplementedError: + raise ValueError(f'Invalid CPE format: {cpe}') @property @serializable.type_mapping(PackageUrlSH) diff --git a/pyproject.toml b/pyproject.toml index b2919a4c..4636a10f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -74,6 +74,7 @@ sortedcontainers = "^2.4.0" license-expression = "^30" jsonschema = { version = "^4.18", extras=['format'], optional=true } lxml = { version=">=4,<6", optional=true } +cpe = "^1.3.1" [tool.poetry.extras] validation = ["jsonschema", "lxml"] diff --git a/tests/test_model_component.py b/tests/test_model_component.py index c25fdc91..15b7f842 100644 --- a/tests/test_model_component.py +++ b/tests/test_model_component.py @@ -283,6 +283,16 @@ def test_nested_components_2(self) -> None: self.assertEqual(3, len(comp_b.get_all_nested_components(include_self=True))) self.assertEqual(2, len(comp_b.get_all_nested_components(include_self=False))) + def test_cpe_validation_valid_format(self) -> None: + cpe = 'cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*' + c = Component(name='test-component', cpe=cpe) + self.assertEqual(c.cpe, cpe) + + def test_cpe_validation_invalid_format(self) -> None: + invalid_cpe = 'invalid-cpe-string' + with self.assertRaises(ValueError): + Component(name='test-component', cpe=invalid_cpe) + class TestModelComponentEvidence(TestCase): From 92b4d78a7ddac76545c1f423ba2d06ac3a8e65c6 Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Mon, 14 Oct 2024 18:36:24 -0400 Subject: [PATCH 04/37] chore: fix the typo Signed-off-by: Saquib Saifee --- cyclonedx/model/component.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index 578f56df..f7acafa7 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -1463,6 +1463,7 @@ def cpe(self, cpe: Optional[str]) -> None: CPE(cpe) except NotImplementedError: raise ValueError(f'Invalid CPE format: {cpe}') + self._cpe = cpe @property @serializable.type_mapping(PackageUrlSH) From 39f1ea163859b203d23f66920a1e358e0a0d434b Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Tue, 15 Oct 2024 21:00:14 -0400 Subject: [PATCH 05/37] Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib --- CHANGELOG.md | 55 +++ CONTRIBUTING.md | 2 + cyclonedx/__init__.py | 2 +- cyclonedx/builder/__init__.py | 20 + cyclonedx/builder/this.py | 83 ++++ cyclonedx/model/__init__.py | 174 --------- cyclonedx/model/bom.py | 24 +- cyclonedx/model/component.py | 8 +- cyclonedx/model/license.py | 2 +- cyclonedx/model/tool.py | 367 ++++++++++++++++++ cyclonedx/model/vulnerability.py | 23 +- docs/conf.py | 2 +- docs/index.rst | 1 + docs/outputting.rst | 28 +- docs/upgrading.rst | 61 +++ examples/complex_serialize.py | 7 + pyproject.toml | 6 +- tests/__init__.py | 18 +- tests/_data/models.py | 164 +++++++- .../enum_ComponentScope-1.2.json.bin | 9 +- .../snapshots/enum_ComponentScope-1.2.xml.bin | 7 - .../enum_ComponentScope-1.3.json.bin | 9 +- .../snapshots/enum_ComponentScope-1.3.xml.bin | 7 - .../enum_ComponentScope-1.4.json.bin | 43 +- .../snapshots/enum_ComponentScope-1.4.xml.bin | 33 -- .../enum_ComponentScope-1.5.json.bin | 43 +- .../snapshots/enum_ComponentScope-1.5.xml.bin | 33 -- .../enum_ComponentScope-1.6.json.bin | 43 +- .../snapshots/enum_ComponentScope-1.6.xml.bin | 33 -- .../snapshots/enum_ComponentType-1.2.json.bin | 9 +- .../snapshots/enum_ComponentType-1.2.xml.bin | 7 - .../snapshots/enum_ComponentType-1.3.json.bin | 9 +- .../snapshots/enum_ComponentType-1.3.xml.bin | 7 - .../snapshots/enum_ComponentType-1.4.json.bin | 43 +- .../snapshots/enum_ComponentType-1.4.xml.bin | 33 -- .../snapshots/enum_ComponentType-1.5.json.bin | 43 +- .../snapshots/enum_ComponentType-1.5.xml.bin | 33 -- .../snapshots/enum_ComponentType-1.6.json.bin | 43 +- .../snapshots/enum_ComponentType-1.6.xml.bin | 33 -- .../snapshots/enum_DataFlow-1.2.json.bin | 9 +- .../_data/snapshots/enum_DataFlow-1.2.xml.bin | 7 - .../snapshots/enum_DataFlow-1.3.json.bin | 9 +- .../_data/snapshots/enum_DataFlow-1.3.xml.bin | 7 - .../snapshots/enum_DataFlow-1.4.json.bin | 43 +- .../_data/snapshots/enum_DataFlow-1.4.xml.bin | 33 -- .../snapshots/enum_DataFlow-1.5.json.bin | 43 +- .../_data/snapshots/enum_DataFlow-1.5.xml.bin | 33 -- .../snapshots/enum_DataFlow-1.6.json.bin | 43 +- .../_data/snapshots/enum_DataFlow-1.6.xml.bin | 33 -- .../snapshots/enum_Encoding-1.2.json.bin | 9 +- .../_data/snapshots/enum_Encoding-1.2.xml.bin | 7 - .../snapshots/enum_Encoding-1.3.json.bin | 9 +- .../_data/snapshots/enum_Encoding-1.3.xml.bin | 7 - .../snapshots/enum_Encoding-1.4.json.bin | 43 +- .../_data/snapshots/enum_Encoding-1.4.xml.bin | 33 -- .../snapshots/enum_Encoding-1.5.json.bin | 43 +- .../_data/snapshots/enum_Encoding-1.5.xml.bin | 33 -- .../snapshots/enum_Encoding-1.6.json.bin | 43 +- .../_data/snapshots/enum_Encoding-1.6.xml.bin | 33 -- .../enum_ExternalReferenceType-1.2.json.bin | 9 +- .../enum_ExternalReferenceType-1.2.xml.bin | 7 - .../enum_ExternalReferenceType-1.3.json.bin | 9 +- .../enum_ExternalReferenceType-1.3.xml.bin | 7 - .../enum_ExternalReferenceType-1.4.json.bin | 43 +- .../enum_ExternalReferenceType-1.4.xml.bin | 33 -- .../enum_ExternalReferenceType-1.5.json.bin | 43 +- .../enum_ExternalReferenceType-1.5.xml.bin | 33 -- .../enum_ExternalReferenceType-1.6.json.bin | 43 +- .../enum_ExternalReferenceType-1.6.xml.bin | 33 -- .../snapshots/enum_HashAlgorithm-1.2.json.bin | 9 +- .../snapshots/enum_HashAlgorithm-1.2.xml.bin | 7 - .../snapshots/enum_HashAlgorithm-1.3.json.bin | 9 +- .../snapshots/enum_HashAlgorithm-1.3.xml.bin | 7 - .../snapshots/enum_HashAlgorithm-1.4.json.bin | 43 +- .../snapshots/enum_HashAlgorithm-1.4.xml.bin | 33 -- .../snapshots/enum_HashAlgorithm-1.5.json.bin | 43 +- .../snapshots/enum_HashAlgorithm-1.5.xml.bin | 33 -- .../snapshots/enum_HashAlgorithm-1.6.json.bin | 43 +- .../snapshots/enum_HashAlgorithm-1.6.xml.bin | 33 -- ..._ImpactAnalysisAffectedStatus-1.2.json.bin | 9 +- ...m_ImpactAnalysisAffectedStatus-1.2.xml.bin | 7 - ..._ImpactAnalysisAffectedStatus-1.3.json.bin | 9 +- ...m_ImpactAnalysisAffectedStatus-1.3.xml.bin | 7 - ..._ImpactAnalysisAffectedStatus-1.4.json.bin | 43 +- ...m_ImpactAnalysisAffectedStatus-1.4.xml.bin | 33 -- ..._ImpactAnalysisAffectedStatus-1.5.json.bin | 43 +- ...m_ImpactAnalysisAffectedStatus-1.5.xml.bin | 33 -- ..._ImpactAnalysisAffectedStatus-1.6.json.bin | 43 +- ...m_ImpactAnalysisAffectedStatus-1.6.xml.bin | 33 -- ...m_ImpactAnalysisJustification-1.2.json.bin | 9 +- ...um_ImpactAnalysisJustification-1.2.xml.bin | 7 - ...m_ImpactAnalysisJustification-1.3.json.bin | 9 +- ...um_ImpactAnalysisJustification-1.3.xml.bin | 7 - ...m_ImpactAnalysisJustification-1.4.json.bin | 43 +- ...um_ImpactAnalysisJustification-1.4.xml.bin | 33 -- ...m_ImpactAnalysisJustification-1.5.json.bin | 43 +- ...um_ImpactAnalysisJustification-1.5.xml.bin | 33 -- ...m_ImpactAnalysisJustification-1.6.json.bin | 43 +- ...um_ImpactAnalysisJustification-1.6.xml.bin | 33 -- .../enum_ImpactAnalysisResponse-1.2.json.bin | 9 +- .../enum_ImpactAnalysisResponse-1.2.xml.bin | 7 - .../enum_ImpactAnalysisResponse-1.3.json.bin | 9 +- .../enum_ImpactAnalysisResponse-1.3.xml.bin | 7 - .../enum_ImpactAnalysisResponse-1.4.json.bin | 43 +- .../enum_ImpactAnalysisResponse-1.4.xml.bin | 33 -- .../enum_ImpactAnalysisResponse-1.5.json.bin | 43 +- .../enum_ImpactAnalysisResponse-1.5.xml.bin | 33 -- .../enum_ImpactAnalysisResponse-1.6.json.bin | 43 +- .../enum_ImpactAnalysisResponse-1.6.xml.bin | 33 -- .../enum_ImpactAnalysisState-1.2.json.bin | 9 +- .../enum_ImpactAnalysisState-1.2.xml.bin | 7 - .../enum_ImpactAnalysisState-1.3.json.bin | 9 +- .../enum_ImpactAnalysisState-1.3.xml.bin | 7 - .../enum_ImpactAnalysisState-1.4.json.bin | 43 +- .../enum_ImpactAnalysisState-1.4.xml.bin | 33 -- .../enum_ImpactAnalysisState-1.5.json.bin | 43 +- .../enum_ImpactAnalysisState-1.5.xml.bin | 33 -- .../enum_ImpactAnalysisState-1.6.json.bin | 43 +- .../enum_ImpactAnalysisState-1.6.xml.bin | 33 -- .../enum_IssueClassification-1.2.json.bin | 9 +- .../enum_IssueClassification-1.2.xml.bin | 7 - .../enum_IssueClassification-1.3.json.bin | 9 +- .../enum_IssueClassification-1.3.xml.bin | 7 - .../enum_IssueClassification-1.4.json.bin | 43 +- .../enum_IssueClassification-1.4.xml.bin | 33 -- .../enum_IssueClassification-1.5.json.bin | 43 +- .../enum_IssueClassification-1.5.xml.bin | 33 -- .../enum_IssueClassification-1.6.json.bin | 43 +- .../enum_IssueClassification-1.6.xml.bin | 33 -- .../enum_PatchClassification-1.2.json.bin | 9 +- .../enum_PatchClassification-1.2.xml.bin | 7 - .../enum_PatchClassification-1.3.json.bin | 9 +- .../enum_PatchClassification-1.3.xml.bin | 7 - .../enum_PatchClassification-1.4.json.bin | 43 +- .../enum_PatchClassification-1.4.xml.bin | 33 -- .../enum_PatchClassification-1.5.json.bin | 43 +- .../enum_PatchClassification-1.5.xml.bin | 33 -- .../enum_PatchClassification-1.6.json.bin | 43 +- .../enum_PatchClassification-1.6.xml.bin | 33 -- ...enum_VulnerabilityScoreSource-1.2.json.bin | 9 +- .../enum_VulnerabilityScoreSource-1.2.xml.bin | 7 - ...enum_VulnerabilityScoreSource-1.3.json.bin | 9 +- .../enum_VulnerabilityScoreSource-1.3.xml.bin | 7 - ...enum_VulnerabilityScoreSource-1.4.json.bin | 43 +- .../enum_VulnerabilityScoreSource-1.4.xml.bin | 33 -- ...enum_VulnerabilityScoreSource-1.5.json.bin | 43 +- .../enum_VulnerabilityScoreSource-1.5.xml.bin | 33 -- ...enum_VulnerabilityScoreSource-1.6.json.bin | 43 +- .../enum_VulnerabilityScoreSource-1.6.xml.bin | 33 -- .../enum_VulnerabilitySeverity-1.2.json.bin | 9 +- .../enum_VulnerabilitySeverity-1.2.xml.bin | 7 - .../enum_VulnerabilitySeverity-1.3.json.bin | 9 +- .../enum_VulnerabilitySeverity-1.3.xml.bin | 7 - .../enum_VulnerabilitySeverity-1.4.json.bin | 43 +- .../enum_VulnerabilitySeverity-1.4.xml.bin | 33 -- .../enum_VulnerabilitySeverity-1.5.json.bin | 43 +- .../enum_VulnerabilitySeverity-1.5.xml.bin | 33 -- .../enum_VulnerabilitySeverity-1.6.json.bin | 43 +- .../enum_VulnerabilitySeverity-1.6.xml.bin | 33 -- ..._bom_for_issue_275_components-1.2.json.bin | 9 +- ...t_bom_for_issue_275_components-1.2.xml.bin | 7 - ..._bom_for_issue_275_components-1.3.json.bin | 9 +- ...t_bom_for_issue_275_components-1.3.xml.bin | 7 - ..._bom_for_issue_275_components-1.4.json.bin | 43 +- ...t_bom_for_issue_275_components-1.4.xml.bin | 33 -- ..._bom_for_issue_275_components-1.5.json.bin | 43 +- ...t_bom_for_issue_275_components-1.5.xml.bin | 33 -- ..._bom_for_issue_275_components-1.6.json.bin | 43 +- ...t_bom_for_issue_275_components-1.6.xml.bin | 33 -- ..._bom_for_issue_328_components-1.2.json.bin | 9 +- ...t_bom_for_issue_328_components-1.2.xml.bin | 7 - ..._bom_for_issue_328_components-1.3.json.bin | 9 +- ...t_bom_for_issue_328_components-1.3.xml.bin | 7 - ..._bom_for_issue_328_components-1.4.json.bin | 43 +- ...t_bom_for_issue_328_components-1.4.xml.bin | 33 -- ..._bom_for_issue_328_components-1.5.json.bin | 43 +- ...t_bom_for_issue_328_components-1.5.xml.bin | 33 -- ..._bom_for_issue_328_components-1.6.json.bin | 43 +- ...t_bom_for_issue_328_components-1.6.xml.bin | 33 -- .../get_bom_for_issue_497_urls-1.2.json.bin | 9 +- .../get_bom_for_issue_497_urls-1.2.xml.bin | 7 - .../get_bom_for_issue_497_urls-1.3.json.bin | 9 +- .../get_bom_for_issue_497_urls-1.3.xml.bin | 7 - .../get_bom_for_issue_497_urls-1.4.json.bin | 43 +- .../get_bom_for_issue_497_urls-1.4.xml.bin | 33 -- .../get_bom_for_issue_497_urls-1.5.json.bin | 43 +- .../get_bom_for_issue_497_urls-1.5.xml.bin | 33 -- .../get_bom_for_issue_497_urls-1.6.json.bin | 43 +- .../get_bom_for_issue_497_urls-1.6.xml.bin | 33 -- ...mponents_with_purl_qualifiers-1.2.json.bin | 9 +- ...omponents_with_purl_qualifiers-1.2.xml.bin | 7 - ...mponents_with_purl_qualifiers-1.3.json.bin | 9 +- ...omponents_with_purl_qualifiers-1.3.xml.bin | 7 - ...mponents_with_purl_qualifiers-1.4.json.bin | 43 +- ...omponents_with_purl_qualifiers-1.4.xml.bin | 33 -- ...mponents_with_purl_qualifiers-1.5.json.bin | 43 +- ...omponents_with_purl_qualifiers-1.5.xml.bin | 33 -- ...mponents_with_purl_qualifiers-1.6.json.bin | 43 +- ...omponents_with_purl_qualifiers-1.6.xml.bin | 33 -- ..._for_issue_630_empty_property-1.2.json.bin | 9 +- ...m_for_issue_630_empty_property-1.2.xml.bin | 7 - ..._for_issue_630_empty_property-1.3.json.bin | 9 +- ...m_for_issue_630_empty_property-1.3.xml.bin | 7 - ..._for_issue_630_empty_property-1.4.json.bin | 43 +- ...m_for_issue_630_empty_property-1.4.xml.bin | 33 -- ..._for_issue_630_empty_property-1.5.json.bin | 43 +- ...m_for_issue_630_empty_property-1.5.xml.bin | 33 -- ..._for_issue_630_empty_property-1.6.json.bin | 43 +- ...m_for_issue_630_empty_property-1.6.xml.bin | 33 -- ...et_bom_just_complete_metadata-1.2.json.bin | 9 +- ...get_bom_just_complete_metadata-1.2.xml.bin | 7 - ...et_bom_just_complete_metadata-1.3.json.bin | 9 +- ...get_bom_just_complete_metadata-1.3.xml.bin | 7 - ...et_bom_just_complete_metadata-1.4.json.bin | 43 +- ...get_bom_just_complete_metadata-1.4.xml.bin | 33 -- ...et_bom_just_complete_metadata-1.5.json.bin | 43 +- ...get_bom_just_complete_metadata-1.5.xml.bin | 33 -- ...et_bom_just_complete_metadata-1.6.json.bin | 43 +- ...get_bom_just_complete_metadata-1.6.xml.bin | 33 -- ...om_v1_6_with_crypto_algorithm-1.6.json.bin | 43 +- ...bom_v1_6_with_crypto_algorithm-1.6.xml.bin | 33 -- ..._v1_6_with_crypto_certificate-1.6.json.bin | 43 +- ...m_v1_6_with_crypto_certificate-1.6.xml.bin | 33 -- ...bom_v1_6_with_crypto_protocol-1.6.json.bin | 43 +- ..._bom_v1_6_with_crypto_protocol-1.6.xml.bin | 33 -- ..._with_crypto_related_material-1.6.json.bin | 43 +- ...6_with_crypto_related_material-1.6.xml.bin | 33 -- ...th_component_setuptools_basic-1.2.json.bin | 9 +- ...ith_component_setuptools_basic-1.2.xml.bin | 7 - ...th_component_setuptools_basic-1.3.json.bin | 9 +- ...ith_component_setuptools_basic-1.3.xml.bin | 7 - ...th_component_setuptools_basic-1.4.json.bin | 43 +- ...ith_component_setuptools_basic-1.4.xml.bin | 33 -- ...th_component_setuptools_basic-1.5.json.bin | 43 +- ...ith_component_setuptools_basic-1.5.xml.bin | 33 -- ...th_component_setuptools_basic-1.6.json.bin | 43 +- ...ith_component_setuptools_basic-1.6.xml.bin | 33 -- ...component_setuptools_complete-1.2.json.bin | 9 +- ..._component_setuptools_complete-1.2.xml.bin | 7 - ...component_setuptools_complete-1.3.json.bin | 9 +- ..._component_setuptools_complete-1.3.xml.bin | 7 - ...component_setuptools_complete-1.4.json.bin | 43 +- ..._component_setuptools_complete-1.4.xml.bin | 33 -- ...component_setuptools_complete-1.5.json.bin | 43 +- ..._component_setuptools_complete-1.5.xml.bin | 33 -- ...component_setuptools_complete-1.6.json.bin | 43 +- ..._component_setuptools_complete-1.6.xml.bin | 33 -- ...tuptools_no_component_version-1.2.json.bin | 9 +- ...etuptools_no_component_version-1.2.xml.bin | 7 - ...tuptools_no_component_version-1.3.json.bin | 9 +- ...etuptools_no_component_version-1.3.xml.bin | 7 - ...tuptools_no_component_version-1.4.json.bin | 43 +- ...etuptools_no_component_version-1.4.xml.bin | 33 -- ...tuptools_no_component_version-1.5.json.bin | 43 +- ...etuptools_no_component_version-1.5.xml.bin | 33 -- ...tuptools_no_component_version-1.6.json.bin | 43 +- ...etuptools_no_component_version-1.6.xml.bin | 33 -- ...component_setuptools_with_cpe-1.2.json.bin | 9 +- ..._component_setuptools_with_cpe-1.2.xml.bin | 7 - ...component_setuptools_with_cpe-1.3.json.bin | 9 +- ..._component_setuptools_with_cpe-1.3.xml.bin | 7 - ...component_setuptools_with_cpe-1.4.json.bin | 43 +- ..._component_setuptools_with_cpe-1.4.xml.bin | 33 -- ...component_setuptools_with_cpe-1.5.json.bin | 43 +- ..._component_setuptools_with_cpe-1.5.xml.bin | 33 -- ...component_setuptools_with_cpe-1.6.json.bin | 43 +- ..._component_setuptools_with_cpe-1.6.xml.bin | 33 -- ...setuptools_with_release_notes-1.2.json.bin | 9 +- ..._setuptools_with_release_notes-1.2.xml.bin | 7 - ...setuptools_with_release_notes-1.3.json.bin | 9 +- ..._setuptools_with_release_notes-1.3.xml.bin | 7 - ...setuptools_with_release_notes-1.4.json.bin | 43 +- ..._setuptools_with_release_notes-1.4.xml.bin | 33 -- ...setuptools_with_release_notes-1.5.json.bin | 43 +- ..._setuptools_with_release_notes-1.5.xml.bin | 33 -- ...setuptools_with_release_notes-1.6.json.bin | 43 +- ..._setuptools_with_release_notes-1.6.xml.bin | 33 -- ...nt_setuptools_with_v16_fields-1.2.json.bin | 9 +- ...ent_setuptools_with_v16_fields-1.2.xml.bin | 7 - ...nt_setuptools_with_v16_fields-1.3.json.bin | 9 +- ...ent_setuptools_with_v16_fields-1.3.xml.bin | 7 - ...nt_setuptools_with_v16_fields-1.4.json.bin | 43 +- ...ent_setuptools_with_v16_fields-1.4.xml.bin | 33 -- ...nt_setuptools_with_v16_fields-1.5.json.bin | 43 +- ...ent_setuptools_with_v16_fields-1.5.xml.bin | 33 -- ...nt_setuptools_with_v16_fields-1.6.json.bin | 43 +- ...ent_setuptools_with_v16_fields-1.6.xml.bin | 33 -- ...setuptools_with_vulnerability-1.2.json.bin | 9 +- ..._setuptools_with_vulnerability-1.2.xml.bin | 7 - ...setuptools_with_vulnerability-1.3.json.bin | 9 +- ..._setuptools_with_vulnerability-1.3.xml.bin | 7 - ...setuptools_with_vulnerability-1.4.json.bin | 43 +- ..._setuptools_with_vulnerability-1.4.xml.bin | 33 -- ...setuptools_with_vulnerability-1.5.json.bin | 43 +- ..._setuptools_with_vulnerability-1.5.xml.bin | 33 -- ...setuptools_with_vulnerability-1.6.json.bin | 43 +- ..._setuptools_with_vulnerability-1.6.xml.bin | 33 -- ...get_bom_with_component_toml_1-1.2.json.bin | 9 +- .../get_bom_with_component_toml_1-1.2.xml.bin | 7 - ...get_bom_with_component_toml_1-1.3.json.bin | 9 +- .../get_bom_with_component_toml_1-1.3.xml.bin | 7 - ...get_bom_with_component_toml_1-1.4.json.bin | 43 +- .../get_bom_with_component_toml_1-1.4.xml.bin | 33 -- ...get_bom_with_component_toml_1-1.5.json.bin | 43 +- .../get_bom_with_component_toml_1-1.5.xml.bin | 33 -- ...get_bom_with_component_toml_1-1.6.json.bin | 43 +- .../get_bom_with_component_toml_1-1.6.xml.bin | 33 -- ...bom_with_dependencies_hanging-1.2.json.bin | 9 +- ..._bom_with_dependencies_hanging-1.2.xml.bin | 7 - ...bom_with_dependencies_hanging-1.3.json.bin | 9 +- ..._bom_with_dependencies_hanging-1.3.xml.bin | 7 - ...bom_with_dependencies_hanging-1.4.json.bin | 43 +- ..._bom_with_dependencies_hanging-1.4.xml.bin | 33 -- ...bom_with_dependencies_hanging-1.5.json.bin | 43 +- ..._bom_with_dependencies_hanging-1.5.xml.bin | 33 -- ...bom_with_dependencies_hanging-1.6.json.bin | 43 +- ..._bom_with_dependencies_hanging-1.6.xml.bin | 33 -- ...t_bom_with_dependencies_valid-1.2.json.bin | 9 +- ...et_bom_with_dependencies_valid-1.2.xml.bin | 7 - ...t_bom_with_dependencies_valid-1.3.json.bin | 9 +- ...et_bom_with_dependencies_valid-1.3.xml.bin | 7 - ...t_bom_with_dependencies_valid-1.4.json.bin | 43 +- ...et_bom_with_dependencies_valid-1.4.xml.bin | 33 -- ...t_bom_with_dependencies_valid-1.5.json.bin | 43 +- ...et_bom_with_dependencies_valid-1.5.xml.bin | 33 -- ...t_bom_with_dependencies_valid-1.6.json.bin | 43 +- ...et_bom_with_dependencies_valid-1.6.xml.bin | 33 -- ..._bom_with_external_references-1.2.json.bin | 9 +- ...t_bom_with_external_references-1.2.xml.bin | 7 - ..._bom_with_external_references-1.3.json.bin | 9 +- ...t_bom_with_external_references-1.3.xml.bin | 7 - ..._bom_with_external_references-1.4.json.bin | 43 +- ...t_bom_with_external_references-1.4.xml.bin | 33 -- ..._bom_with_external_references-1.5.json.bin | 43 +- ...t_bom_with_external_references-1.5.xml.bin | 33 -- ..._bom_with_external_references-1.6.json.bin | 43 +- ...t_bom_with_external_references-1.6.xml.bin | 33 -- .../get_bom_with_licenses-1.2.json.bin | 9 +- .../get_bom_with_licenses-1.2.xml.bin | 7 - .../get_bom_with_licenses-1.3.json.bin | 9 +- .../get_bom_with_licenses-1.3.xml.bin | 7 - .../get_bom_with_licenses-1.4.json.bin | 43 +- .../get_bom_with_licenses-1.4.xml.bin | 33 -- .../get_bom_with_licenses-1.5.json.bin | 43 +- .../get_bom_with_licenses-1.5.xml.bin | 33 -- .../get_bom_with_licenses-1.6.json.bin | 43 +- .../get_bom_with_licenses-1.6.xml.bin | 33 -- ...ta_component_and_dependencies-1.2.json.bin | 9 +- ...ata_component_and_dependencies-1.2.xml.bin | 7 - ...ta_component_and_dependencies-1.3.json.bin | 9 +- ...ata_component_and_dependencies-1.3.xml.bin | 7 - ...ta_component_and_dependencies-1.4.json.bin | 43 +- ...ata_component_and_dependencies-1.4.xml.bin | 33 -- ...ta_component_and_dependencies-1.5.json.bin | 43 +- ...ata_component_and_dependencies-1.5.xml.bin | 33 -- ...ta_component_and_dependencies-1.6.json.bin | 43 +- ...ata_component_and_dependencies-1.6.xml.bin | 33 -- ...et_bom_with_multiple_licenses-1.2.json.bin | 9 +- ...get_bom_with_multiple_licenses-1.2.xml.bin | 7 - ...et_bom_with_multiple_licenses-1.3.json.bin | 9 +- ...get_bom_with_multiple_licenses-1.3.xml.bin | 7 - ...et_bom_with_multiple_licenses-1.4.json.bin | 43 +- ...get_bom_with_multiple_licenses-1.4.xml.bin | 33 -- ...et_bom_with_multiple_licenses-1.5.json.bin | 43 +- ...get_bom_with_multiple_licenses-1.5.xml.bin | 33 -- ...et_bom_with_multiple_licenses-1.6.json.bin | 43 +- ...get_bom_with_multiple_licenses-1.6.xml.bin | 33 -- .../get_bom_with_nested_services-1.2.json.bin | 9 +- .../get_bom_with_nested_services-1.2.xml.bin | 7 - .../get_bom_with_nested_services-1.3.json.bin | 9 +- .../get_bom_with_nested_services-1.3.xml.bin | 7 - .../get_bom_with_nested_services-1.4.json.bin | 43 +- .../get_bom_with_nested_services-1.4.xml.bin | 33 -- .../get_bom_with_nested_services-1.5.json.bin | 43 +- .../get_bom_with_nested_services-1.5.xml.bin | 33 -- .../get_bom_with_nested_services-1.6.json.bin | 43 +- .../get_bom_with_nested_services-1.6.xml.bin | 33 -- ...get_bom_with_services_complex-1.2.json.bin | 9 +- .../get_bom_with_services_complex-1.2.xml.bin | 7 - ...get_bom_with_services_complex-1.3.json.bin | 9 +- .../get_bom_with_services_complex-1.3.xml.bin | 7 - ...get_bom_with_services_complex-1.4.json.bin | 43 +- .../get_bom_with_services_complex-1.4.xml.bin | 33 -- ...get_bom_with_services_complex-1.5.json.bin | 43 +- .../get_bom_with_services_complex-1.5.xml.bin | 33 -- ...get_bom_with_services_complex-1.6.json.bin | 43 +- .../get_bom_with_services_complex-1.6.xml.bin | 33 -- .../get_bom_with_services_simple-1.2.json.bin | 9 +- .../get_bom_with_services_simple-1.2.xml.bin | 7 - .../get_bom_with_services_simple-1.3.json.bin | 9 +- .../get_bom_with_services_simple-1.3.xml.bin | 7 - .../get_bom_with_services_simple-1.4.json.bin | 43 +- .../get_bom_with_services_simple-1.4.xml.bin | 33 -- .../get_bom_with_services_simple-1.5.json.bin | 43 +- .../get_bom_with_services_simple-1.5.xml.bin | 33 -- .../get_bom_with_services_simple-1.6.json.bin | 43 +- .../get_bom_with_services_simple-1.6.xml.bin | 33 -- .../snapshots/get_bom_with_tools-1.0.xml.bin | 4 + .../snapshots/get_bom_with_tools-1.1.xml.bin | 4 + .../snapshots/get_bom_with_tools-1.2.json.bin | 31 ++ .../snapshots/get_bom_with_tools-1.2.xml.bin | 24 ++ .../snapshots/get_bom_with_tools-1.3.json.bin | 31 ++ .../snapshots/get_bom_with_tools-1.3.xml.bin | 24 ++ .../snapshots/get_bom_with_tools-1.4.json.bin | 78 ++++ .../snapshots/get_bom_with_tools-1.4.xml.bin | 59 +++ .../snapshots/get_bom_with_tools-1.5.json.bin | 88 +++++ .../snapshots/get_bom_with_tools-1.5.xml.bin | 63 +++ ...on.bin => get_bom_with_tools-1.6.json.bin} | 94 ++--- .../snapshots/get_bom_with_tools-1.6.xml.bin | 63 +++ ...ted_tools_irreversible_migrate-1.0.xml.bin | 4 + ...ted_tools_irreversible_migrate-1.1.xml.bin | 4 + ...ed_tools_irreversible_migrate-1.2.json.bin | 31 ++ ...ted_tools_irreversible_migrate-1.2.xml.bin | 27 ++ ...ed_tools_irreversible_migrate-1.3.json.bin | 31 ++ ...ted_tools_irreversible_migrate-1.3.xml.bin | 27 ++ ...ed_tools_irreversible_migrate-1.4.json.bin | 65 ++++ ...ted_tools_irreversible_migrate-1.4.xml.bin | 53 +++ ...ed_tools_irreversible_migrate-1.5.json.bin | 75 ++++ ...ted_tools_irreversible_migrate-1.5.xml.bin | 57 +++ ...d_tools_irreversible_migrate-1.6.json.bin} | 81 ++-- ...ted_tools_irreversible_migrate-1.6.xml.bin | 57 +++ ...and_tools_irreversible_migrate-1.0.xml.bin | 4 + ...and_tools_irreversible_migrate-1.1.xml.bin | 4 + ...nd_tools_irreversible_migrate-1.2.json.bin | 51 +++ ...and_tools_irreversible_migrate-1.2.xml.bin | 41 ++ ...nd_tools_irreversible_migrate-1.3.json.bin | 51 +++ ...and_tools_irreversible_migrate-1.3.xml.bin | 41 ++ ...nd_tools_irreversible_migrate-1.4.json.bin | 124 ++++++ ...and_tools_irreversible_migrate-1.4.xml.bin | 94 +++++ ...nd_tools_irreversible_migrate-1.5.json.bin | 134 +++++++ ...and_tools_irreversible_migrate-1.5.xml.bin | 98 +++++ ...nd_tools_irreversible_migrate-1.6.json.bin | 134 +++++++ ...and_tools_irreversible_migrate-1.6.xml.bin | 98 +++++ ..._component_and_service_migrate-1.0.xml.bin | 4 + ..._component_and_service_migrate-1.1.xml.bin | 4 + ...component_and_service_migrate-1.2.json.bin | 37 ++ ..._component_and_service_migrate-1.2.xml.bin | 30 ++ ...component_and_service_migrate-1.3.json.bin | 37 ++ ..._component_and_service_migrate-1.3.xml.bin | 30 ++ ...component_and_service_migrate-1.4.json.bin | 97 +++++ ..._component_and_service_migrate-1.4.xml.bin | 74 ++++ ...component_and_service_migrate-1.5.json.bin | 126 ++++++ ..._component_and_service_migrate-1.5.xml.bin | 88 +++++ ...component_and_service_migrate-1.6.json.bin | 127 ++++++ ..._component_and_service_migrate-1.6.xml.bin | 88 +++++ ...h_tools_with_component_migrate-1.0.xml.bin | 4 + ...h_tools_with_component_migrate-1.1.xml.bin | 4 + ..._tools_with_component_migrate-1.2.json.bin | 30 ++ ...h_tools_with_component_migrate-1.2.xml.bin | 23 ++ ..._tools_with_component_migrate-1.3.json.bin | 30 ++ ...h_tools_with_component_migrate-1.3.xml.bin | 23 ++ ..._tools_with_component_migrate-1.4.json.bin | 77 ++++ ...h_tools_with_component_migrate-1.4.xml.bin | 58 +++ ..._tools_with_component_migrate-1.5.json.bin | 102 +++++ ...h_tools_with_component_migrate-1.5.xml.bin | 70 ++++ ..._tools_with_component_migrate-1.6.json.bin | 103 +++++ ...h_tools_with_component_migrate-1.6.xml.bin | 70 ++++ ...ith_tools_with_service_migrate-1.0.xml.bin | 4 + ...ith_tools_with_service_migrate-1.1.xml.bin | 4 + ...th_tools_with_service_migrate-1.2.json.bin | 19 + ...ith_tools_with_service_migrate-1.2.xml.bin | 15 + ...th_tools_with_service_migrate-1.3.json.bin | 19 + ...ith_tools_with_service_migrate-1.3.xml.bin | 15 + ...th_tools_with_service_migrate-1.4.json.bin | 32 ++ ...ith_tools_with_service_migrate-1.4.xml.bin | 24 ++ ...th_tools_with_service_migrate-1.5.json.bin | 46 +++ ...ith_tools_with_service_migrate-1.5.xml.bin | 30 ++ ...th_tools_with_service_migrate-1.6.json.bin | 46 +++ ...ith_tools_with_service_migrate-1.6.xml.bin | 30 ++ tests/test_builder_this.py | 84 ++++ tests/test_deserialize_json.py | 11 +- tests/test_deserialize_xml.py | 12 +- tests/test_enums.py | 15 - tests/test_model.py | 20 - tests/test_model_bom.py | 31 +- tests/test_model_component.py | 2 +- tests/test_model_tool.py | 58 +++ tests/test_model_tool_repository.py | 81 ++++ tests/test_output_json.py | 2 +- tests/test_output_xml.py | 2 +- tests/test_real_world_examples.py | 2 +- tests/test_validation_json.py | 33 +- tests/test_validation_xml.py | 24 +- 483 files changed, 4767 insertions(+), 10150 deletions(-) create mode 100644 cyclonedx/builder/__init__.py create mode 100644 cyclonedx/builder/this.py create mode 100644 cyclonedx/model/tool.py create mode 100644 docs/upgrading.rst create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.5.xml.bin rename tests/_data/snapshots/{get_bom_v1_6_with_crypto-1.6.json.bin => get_bom_with_tools-1.6.json.bin} (53%) create mode 100644 tests/_data/snapshots/get_bom_with_tools-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.xml.bin rename tests/_data/snapshots/{get_bom_with_crypto-1.6.json.bin => get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.json.bin} (53%) create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.xml.bin create mode 100644 tests/test_builder_this.py create mode 100644 tests/test_model_tool.py create mode 100644 tests/test_model_tool_repository.py diff --git a/CHANGELOG.md b/CHANGELOG.md index 4c881710..f9df9672 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,61 @@ +## v8.0.0 (2024-10-14) + +### Breaking + +* feat!: v8.0.0 (#665) + +### BREAKING Changes + +* Removed `cyclonedx.mode.ThisTool`, utilize `cyclonedx.builder.this.this_tool()` instead. +* Moved `cyclonedx.model.Tool` to `cyclonedx.model.tool.Tool`. +* Property `cyclonedx.mode.bom.BomMetaData.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. + The getter will act accordingly; the setter might act in a backwards-compatible way. +* Property `cyclonedx.mode.vulnerability.Vulnerability.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. + The getter will act accordingly; the setter might act in a backwards-compatible way. +* Constructor `cyclonedx.model.license.LicenseExpression()` accepts optional argument `acknowledgement` only as key-word argument, no longer as positional argument. + + +### Changes + +* Constructor of `cyclonedx.model.bom.BomMetaData` also accepts an instance of `cyclonedx.model.tool.ToolRepository` for argument `tools`. +* Constructor of `cyclonedx.model.bom.BomMetaData` no longer adds this very library as a tool. + Downstream users SHOULD add it manually, like `my-bom.metadata.tools.components.add(cyclonedx.builder.this.this_component())`. + +### Fixes + +* Deserialization of CycloneDX that do not include tools in the metadata are no longer unexpectedly modified/altered. + +### Added + +Enabled Metadata Tools representation and serialization in accordance with CycloneDX 1.5 + +* New class `cyclonedx.model.tool.ToolRepository`. +* New function `cyclonedx.builder.this.this_component()` -- representation of this very python library as a `Component`. +* New function `cyclonedx.builder.this.this_tool()` -- representation of this very python library as a `Tool`. +* New function `cyclonedx.model.tool.Tool.from_component()`. + +### Dependencies + +* Raised runtime dependency `py-serializable>=1.1.1,<2`, was `>=1.1.0,<2`. + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Joshua Kugler <tek30584@adobe.com> +Signed-off-by: semantic-release <semantic-release@bot.local> +Co-authored-by: Joshua Kugler <joshua@azariah.com> +Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) + +### Documentation + +* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) + + ## v7.6.2 (2024-10-07) ### Documentation diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8b8a5a2a..e12a020b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -52,6 +52,8 @@ Run all tests in dedicated environments, via: poetry run tox run ``` +See also: [python test snapshots docs](tests/_data/snapshots/README.md) + ## Sign off your commits Please sign off your commits, to show that you agree to publish your changes under the current terms and licenses of the project diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 4de1d8a2..23b3f638 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "7.6.2" # noqa:Q000 +__version__ = "8.0.0" # noqa:Q000 diff --git a/cyclonedx/builder/__init__.py b/cyclonedx/builder/__init__.py new file mode 100644 index 00000000..ec68e667 --- /dev/null +++ b/cyclonedx/builder/__init__.py @@ -0,0 +1,20 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +""" +Builders used in this library. +""" diff --git a/cyclonedx/builder/this.py b/cyclonedx/builder/this.py new file mode 100644 index 00000000..8f81a8ff --- /dev/null +++ b/cyclonedx/builder/this.py @@ -0,0 +1,83 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +"""Representation of this very python library.""" + +__all__ = ['this_component', 'this_tool', ] + +from .. import __version__ as __ThisVersion # noqa: N812 +from ..model import ExternalReference, ExternalReferenceType, XsUri +from ..model.component import Component, ComponentType +from ..model.license import DisjunctiveLicense, LicenseAcknowledgement +from ..model.tool import Tool + +# !!! keep this file in sync with `pyproject.toml` + + +def this_component() -> Component: + """Representation of this very python library as a :class:`Component`.""" + return Component( + type=ComponentType.LIBRARY, + group='CycloneDX', + name='cyclonedx-python-lib', + version=__ThisVersion or 'UNKNOWN', + description='Python library for CycloneDX', + licenses=(DisjunctiveLicense(id='Apache-2.0', + acknowledgement=LicenseAcknowledgement.DECLARED),), + external_references=( + # let's assume this is not a fork + ExternalReference( + type=ExternalReferenceType.WEBSITE, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/#readme') + ), + ExternalReference( + type=ExternalReferenceType.DOCUMENTATION, + url=XsUri('https://cyclonedx-python-library.readthedocs.io/') + ), + ExternalReference( + type=ExternalReferenceType.VCS, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib') + ), + ExternalReference( + type=ExternalReferenceType.BUILD_SYSTEM, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/actions') + ), + ExternalReference( + type=ExternalReferenceType.ISSUE_TRACKER, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/issues') + ), + ExternalReference( + type=ExternalReferenceType.LICENSE, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE') + ), + ExternalReference( + type=ExternalReferenceType.RELEASE_NOTES, + url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md') + ), + # we cannot assert where the lib was fetched from, but we can give a hint + ExternalReference( + type=ExternalReferenceType.DISTRIBUTION, + url=XsUri('https://pypi.org/project/cyclonedx-python-lib/') + ), + ), + # to be extended... + ) + + +def this_tool() -> Tool: + """Representation of this very python library as a :class:`Tool`.""" + return Tool.from_component(this_component()) diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py index 213fdcf2..3ac988db 100644 --- a/cyclonedx/model/__init__.py +++ b/cyclonedx/model/__init__.py @@ -34,7 +34,6 @@ import serializable from sortedcontainers import SortedSet -from .. import __version__ as __ThisToolVersion # noqa: N812 from .._internal.compare import ComparableTuple as _ComparableTuple from ..exception.model import ( InvalidLocaleTypeException, @@ -1129,139 +1128,6 @@ def __repr__(self) -> str: return f'' -@serializable.serializable_class -class Tool: - """ - This is our internal representation of the `toolType` complex type within the CycloneDX standard. - - Tool(s) are the things used in the creation of the CycloneDX document. - - Tool might be deprecated since CycloneDX 1.5, but it is not deprecated in this library. - In fact, this library will try to provide a compatibility layer if needed. - - .. note:: - See the CycloneDX Schema for toolType: https://cyclonedx.org/docs/1.3/#type_toolType - """ - - def __init__( - self, *, - vendor: Optional[str] = None, - name: Optional[str] = None, - version: Optional[str] = None, - hashes: Optional[Iterable[HashType]] = None, - external_references: Optional[Iterable[ExternalReference]] = None, - ) -> None: - self.vendor = vendor - self.name = name - self.version = version - self.hashes = hashes or [] # type:ignore[assignment] - self.external_references = external_references or [] # type:ignore[assignment] - - @property - @serializable.xml_sequence(1) - @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) - def vendor(self) -> Optional[str]: - """ - The name of the vendor who created the tool. - - Returns: - `str` if set else `None` - """ - return self._vendor - - @vendor.setter - def vendor(self, vendor: Optional[str]) -> None: - self._vendor = vendor - - @property - @serializable.xml_sequence(2) - @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) - def name(self) -> Optional[str]: - """ - The name of the tool. - - Returns: - `str` if set else `None` - """ - return self._name - - @name.setter - def name(self, name: Optional[str]) -> None: - self._name = name - - @property - @serializable.xml_sequence(3) - @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) - def version(self) -> Optional[str]: - """ - The version of the tool. - - Returns: - `str` if set else `None` - """ - return self._version - - @version.setter - def version(self, version: Optional[str]) -> None: - self._version = version - - @property - @serializable.type_mapping(_HashTypeRepositorySerializationHelper) - @serializable.xml_sequence(4) - def hashes(self) -> 'SortedSet[HashType]': - """ - The hashes of the tool (if applicable). - - Returns: - Set of `HashType` - """ - return self._hashes - - @hashes.setter - def hashes(self, hashes: Iterable[HashType]) -> None: - self._hashes = SortedSet(hashes) - - @property - @serializable.view(SchemaVersion1Dot4) - @serializable.view(SchemaVersion1Dot5) - @serializable.view(SchemaVersion1Dot6) - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'reference') - @serializable.xml_sequence(5) - def external_references(self) -> 'SortedSet[ExternalReference]': - """ - External References provides a way to document systems, sites, and information that may be relevant but which - are not included with the BOM. - - Returns: - Set of `ExternalReference` - """ - return self._external_references - - @external_references.setter - def external_references(self, external_references: Iterable[ExternalReference]) -> None: - self._external_references = SortedSet(external_references) - - def __eq__(self, other: object) -> bool: - if isinstance(other, Tool): - return hash(other) == hash(self) - return False - - def __lt__(self, other: Any) -> bool: - if isinstance(other, Tool): - return _ComparableTuple(( - self.vendor, self.name, self.version - )) < _ComparableTuple(( - other.vendor, other.name, other.version - )) - return NotImplemented - - def __hash__(self) -> int: - return hash((self.vendor, self.name, self.version, tuple(self.hashes), tuple(self.external_references))) - - def __repr__(self) -> str: - return f'' - - @serializable.serializable_class class IdentifiableAction: """ @@ -1397,43 +1263,3 @@ def __hash__(self) -> int: def __repr__(self) -> str: return f'' - - -ThisTool = Tool( - vendor='CycloneDX', - name='cyclonedx-python-lib', - version=__ThisToolVersion or 'UNKNOWN', - external_references=[ - ExternalReference( - type=ExternalReferenceType.BUILD_SYSTEM, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/actions') - ), - ExternalReference( - type=ExternalReferenceType.DISTRIBUTION, - url=XsUri('https://pypi.org/project/cyclonedx-python-lib/') - ), - ExternalReference( - type=ExternalReferenceType.DOCUMENTATION, - url=XsUri('https://cyclonedx-python-library.readthedocs.io/') - ), - ExternalReference( - type=ExternalReferenceType.ISSUE_TRACKER, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/issues') - ), - ExternalReference( - type=ExternalReferenceType.LICENSE, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE') - ), - ExternalReference( - type=ExternalReferenceType.RELEASE_NOTES, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md') - ), - ExternalReference( - type=ExternalReferenceType.VCS, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib') - ), - ExternalReference( - type=ExternalReferenceType.WEBSITE, - url=XsUri('https://github.com/CycloneDX/cyclonedx-python-lib/#readme') - ) - ]) diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py index 0d423de8..7bd09740 100644 --- a/cyclonedx/model/bom.py +++ b/cyclonedx/model/bom.py @@ -37,13 +37,14 @@ SchemaVersion1Dot6, ) from ..serialization import LicenseRepositoryHelper, UrnUuidHelper -from . import ExternalReference, Property, ThisTool, Tool +from . import ExternalReference, Property from .bom_ref import BomRef from .component import Component from .contact import OrganizationalContact, OrganizationalEntity from .dependency import Dependable, Dependency from .license import License, LicenseExpression, LicenseRepository from .service import Service +from .tool import Tool, ToolRepository, _ToolRepositoryHelper from .vulnerability import Vulnerability if TYPE_CHECKING: # pragma: no cover @@ -61,7 +62,7 @@ class BomMetaData: def __init__( self, *, - tools: Optional[Iterable[Tool]] = None, + tools: Optional[Union[Iterable[Tool], ToolRepository]] = None, authors: Optional[Iterable[OrganizationalContact]] = None, component: Optional[Component] = None, supplier: Optional[OrganizationalEntity] = None, @@ -88,9 +89,6 @@ def __init__( 'Please use `bom.metadata.component.manufacturer` instead.', DeprecationWarning) - if not tools: - self.tools.add(ThisTool) - @property @serializable.type_mapping(serializable.helpers.XsdDateTime) @serializable.xml_sequence(1) @@ -119,22 +117,22 @@ def timestamp(self, timestamp: datetime) -> None: # ... # TODO since CDX1.5 @property - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'tool') + @serializable.type_mapping(_ToolRepositoryHelper) @serializable.xml_sequence(3) - def tools(self) -> 'SortedSet[Tool]': + def tools(self) -> ToolRepository: """ Tools used to create this BOM. Returns: - `Set` of `Tool` objects. + :class:`ToolRepository` object. """ - # TODO since CDX1.5 also supports `Component` and `Services`, not only `Tool` return self._tools @tools.setter - def tools(self, tools: Iterable[Tool]) -> None: - # TODO since CDX1.5 also supports `Component` and `Services`, not only `Tool` - self._tools = SortedSet(tools) + def tools(self, tools: Union[Iterable[Tool], ToolRepository]) -> None: + self._tools = tools \ + if isinstance(tools, ToolRepository) \ + else ToolRepository(tools=tools) @property @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'author') @@ -292,7 +290,7 @@ def __eq__(self, other: object) -> bool: def __hash__(self) -> int: return hash(( tuple(self.authors), self.component, tuple(self.licenses), self.manufacture, tuple(self.properties), - self.supplier, self.timestamp, tuple(self.tools), self.manufacturer, + self.supplier, self.timestamp, self.tools, self.manufacturer, )) def __repr__(self) -> str: diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index 984e1db9..046daba9 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -23,6 +23,7 @@ # See https://github.com/package-url/packageurl-python/issues/65 import serializable +from cpe import CPE # type:ignore from packageurl import PackageURL from sortedcontainers import SortedSet @@ -1467,8 +1468,11 @@ def cpe(self) -> Optional[str]: @cpe.setter def cpe(self, cpe: Optional[str]) -> None: - if cpe and not CPE_REGEX.fullmatch(cpe): - raise ValueError(f'Invalid CPE format: {cpe}') + if cpe: + try: + CPE(cpe) + except NotImplementedError: + raise ValueError(f'Invalid CPE format: {cpe}') self._cpe = cpe @property diff --git a/cyclonedx/model/license.py b/cyclonedx/model/license.py index 58651370..fa4f2d33 100644 --- a/cyclonedx/model/license.py +++ b/cyclonedx/model/license.py @@ -250,7 +250,7 @@ class LicenseExpression: """ def __init__( - self, value: str, # *, # all optional args are intended to be keyword-args + self, value: str, *, acknowledgement: Optional[LicenseAcknowledgement] = None, ) -> None: self._value = value diff --git a/cyclonedx/model/tool.py b/cyclonedx/model/tool.py new file mode 100644 index 00000000..4b056519 --- /dev/null +++ b/cyclonedx/model/tool.py @@ -0,0 +1,367 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from itertools import chain +from typing import TYPE_CHECKING, Any, Dict, Iterable, List, Optional, Type, Union +from warnings import warn +from xml.etree.ElementTree import Element # nosec B405 + +import serializable +from serializable.helpers import BaseHelper +from sortedcontainers import SortedSet + +from .._internal.compare import ComparableTuple as _ComparableTuple +from ..schema import SchemaVersion +from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6 +from . import ExternalReference, HashType, _HashTypeRepositorySerializationHelper +from .component import Component +from .service import Service + +if TYPE_CHECKING: # pragma: no cover + from serializable import ObjectMetadataLibrary, ViewType + + +@serializable.serializable_class +class Tool: + """ + This is our internal representation of the `toolType` complex type within the CycloneDX standard. + + Tool(s) are the things used in the creation of the CycloneDX document. + + Tool might be deprecated since CycloneDX 1.5, but it is not deprecated in this library. + In fact, this library will try to provide a compatibility layer if needed. + + .. note:: + See the CycloneDX Schema for toolType: https://cyclonedx.org/docs/1.3/#type_toolType + """ + + def __init__( + self, *, + vendor: Optional[str] = None, + name: Optional[str] = None, + version: Optional[str] = None, + hashes: Optional[Iterable[HashType]] = None, + external_references: Optional[Iterable[ExternalReference]] = None, + ) -> None: + self.vendor = vendor + self.name = name + self.version = version + self.hashes = hashes or () # type:ignore[assignment] + self.external_references = external_references or () # type:ignore[assignment] + + @property + @serializable.xml_sequence(1) + @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) + def vendor(self) -> Optional[str]: + """ + The name of the vendor who created the tool. + + Returns: + `str` if set else `None` + """ + return self._vendor + + @vendor.setter + def vendor(self, vendor: Optional[str]) -> None: + self._vendor = vendor + + @property + @serializable.xml_sequence(2) + @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) + def name(self) -> Optional[str]: + """ + The name of the tool. + + Returns: + `str` if set else `None` + """ + return self._name + + @name.setter + def name(self, name: Optional[str]) -> None: + self._name = name + + @property + @serializable.xml_sequence(3) + @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) + def version(self) -> Optional[str]: + """ + The version of the tool. + + Returns: + `str` if set else `None` + """ + return self._version + + @version.setter + def version(self, version: Optional[str]) -> None: + self._version = version + + @property + @serializable.type_mapping(_HashTypeRepositorySerializationHelper) + @serializable.xml_sequence(4) + def hashes(self) -> 'SortedSet[HashType]': + """ + The hashes of the tool (if applicable). + + Returns: + Set of `HashType` + """ + return self._hashes + + @hashes.setter + def hashes(self, hashes: Iterable[HashType]) -> None: + self._hashes = SortedSet(hashes) + + @property + @serializable.view(SchemaVersion1Dot4) + @serializable.view(SchemaVersion1Dot5) + @serializable.view(SchemaVersion1Dot6) + @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'reference') + @serializable.xml_sequence(5) + def external_references(self) -> 'SortedSet[ExternalReference]': + """ + External References provides a way to document systems, sites, and information that may be relevant but which + are not included with the BOM. + + Returns: + Set of `ExternalReference` + """ + return self._external_references + + @external_references.setter + def external_references(self, external_references: Iterable[ExternalReference]) -> None: + self._external_references = SortedSet(external_references) + + def __eq__(self, other: object) -> bool: + if isinstance(other, Tool): + return hash(other) == hash(self) + return False + + def __lt__(self, other: Any) -> bool: + if isinstance(other, Tool): + return _ComparableTuple(( + self.vendor, self.name, self.version + )) < _ComparableTuple(( + other.vendor, other.name, other.version + )) + return NotImplemented + + def __hash__(self) -> int: + return hash((self.vendor, self.name, self.version, tuple(self.hashes), tuple(self.external_references))) + + def __repr__(self) -> str: + return f'' + + @classmethod + def from_component(cls: Type['Tool'], component: 'Component') -> 'Tool': + return cls( + vendor=component.group, + name=component.name, + version=component.version, + hashes=component.hashes, + external_references=component.external_references, + ) + + @classmethod + def from_service(cls: Type['Tool'], service: 'Service') -> 'Tool': + return cls( + vendor=service.group, + name=service.name, + version=service.version, + external_references=service.external_references, + ) + + +class ToolRepository: + """ + The repository of tool formats + """ + + def __init__( + self, *, + components: Optional[Iterable[Component]] = None, + services: Optional[Iterable[Service]] = None, + # Deprecated since v1.5 + tools: Optional[Iterable[Tool]] = None + ) -> None: + if tools: + warn('`@.tools` is deprecated from CycloneDX v1.5 onwards. ' + 'Please use `@.components` and `@.services` instead.', + DeprecationWarning) + self.components = components or () # type:ignore[assignment] + self.services = services or () # type:ignore[assignment] + self.tools = tools or () # type:ignore[assignment] + + @property + def components(self) -> 'SortedSet[Component]': + """ + Returns: + A SortedSet of Components + """ + return self._components + + @components.setter + def components(self, components: Iterable[Component]) -> None: + self._components = SortedSet(components) + + @property + def services(self) -> 'SortedSet[Service]': + """ + Returns: + A SortedSet of Services + """ + return self._services + + @services.setter + def services(self, services: Iterable[Service]) -> None: + self._services = SortedSet(services) + + @property + def tools(self) -> 'SortedSet[Tool]': + return self._tools + + @tools.setter + def tools(self, tools: Iterable[Tool]) -> None: + self._tools = SortedSet(tools) + + def __len__(self) -> int: + return len(self._tools) \ + + len(self._components) \ + + len(self._services) + + def __bool__(self) -> bool: + return len(self._tools) > 0 \ + or len(self._components) > 0 \ + or len(self._services) > 0 + + def __eq__(self, other: object) -> bool: + if not isinstance(other, ToolRepository): + return False + + return self._tools == other._tools \ + and self._components == other._components \ + and self._services == other._services + + def __hash__(self) -> int: + return hash((tuple(self._tools), tuple(self._components), tuple(self._services))) + + +class _ToolRepositoryHelper(BaseHelper): + + @staticmethod + def __all_as_tools(o: ToolRepository) -> 'SortedSet[Tool]': + # use a set here, so the collection gets deduplicated. + # use SortedSet set here, so the order stays reproducible. + return SortedSet(chain( + o.tools, + map(Tool.from_component, o.components), + map(Tool.from_service, o.services), + )) + + @staticmethod + def __supports_components_and_services(view: Any) -> bool: + try: + return view is not None and view().schema_version_enum >= SchemaVersion.V1_5 + except Exception: # pragma: no cover + return False + + @classmethod + def json_normalize(cls, o: ToolRepository, *, + view: Optional[Type['ViewType']], + **__: Any) -> Any: + if len(o.tools) > 0 or not cls.__supports_components_and_services(view): + ts = cls.__all_as_tools(o) + return tuple(ts) if ts else None + elem: Dict[str, Any] = {} + if o.components: + elem['components'] = tuple(o.components) + if o.services: + elem['services'] = tuple(o.services) + return elem or None + + @classmethod + def json_denormalize(cls, o: Union[List[Dict[str, Any]], Dict[str, Any]], + **__: Any) -> ToolRepository: + tools = None + components = None + services = None + if isinstance(o, Dict): + components = map(lambda c: Component.from_json( # type:ignore[attr-defined] + c), o.get('components', ())) + services = map(lambda s: Service.from_json( # type:ignore[attr-defined] + s), o.get('services', ())) + elif isinstance(o, Iterable): + tools = map(lambda t: Tool.from_json( # type:ignore[attr-defined] + t), o) + return ToolRepository(components=components, services=services, tools=tools) + + @classmethod + def xml_normalize(cls, o: ToolRepository, *, + element_name: str, + view: Optional[Type['ViewType']], + xmlns: Optional[str], + **__: Any) -> Optional[Element]: + elem = Element(element_name) + if len(o.tools) > 0 or not cls.__supports_components_and_services(view): + elem.extend( + ti.as_xml( # type:ignore[attr-defined] + view_=view, as_string=False, element_name='tool', xmlns=xmlns) + for ti in cls.__all_as_tools(o) + ) + else: + if o.components: + elem_c = Element(f'{{{xmlns}}}components' if xmlns else 'components') + elem_c.extend( + ci.as_xml( # type:ignore[attr-defined] + view_=view, as_string=False, element_name='component', xmlns=xmlns) + for ci in o.components) + elem.append(elem_c) + if o.services: + elem_s = Element(f'{{{xmlns}}}services' if xmlns else 'services') + elem_s.extend( + si.as_xml( # type:ignore[attr-defined] + view_=view, as_string=False, element_name='service', xmlns=xmlns) + for si in o.services) + elem.append(elem_s) + return elem \ + if len(elem) > 0 \ + else None + + @classmethod + def xml_denormalize(cls, o: Element, *, + default_ns: Optional[str], + prop_info: 'ObjectMetadataLibrary.SerializableProperty', + ctx: Type[Any], + **kwargs: Any) -> ToolRepository: + ns_map = {'bom': default_ns or ''} + # Do not iterate over `o` and do not check for expected `.tag` of items. + # This check could have been done by schema validators before even deserializing. + tools = None + components = None + services = None + ts = o.findall('bom:tool', ns_map) + if len(ts) > 0: + tools = map(lambda t: Tool.from_xml( # type:ignore[attr-defined] + t, default_ns), ts) + else: + components = map(lambda c: Component.from_xml( # type:ignore[attr-defined] + c, default_ns), o.iterfind('./bom:components/bom:component', ns_map)) + services = map(lambda s: Service.from_xml( # type:ignore[attr-defined] + s, default_ns), o.iterfind('./bom:services/bom:service', ns_map)) + return ToolRepository(components=components, services=services, tools=tools) diff --git a/cyclonedx/model/vulnerability.py b/cyclonedx/model/vulnerability.py index 13bb7b82..1a64cdf6 100644 --- a/cyclonedx/model/vulnerability.py +++ b/cyclonedx/model/vulnerability.py @@ -42,7 +42,7 @@ from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6 from ..serialization import BomRefHelper -from . import Property, Tool, XsUri +from . import Property, XsUri from .bom_ref import BomRef from .contact import OrganizationalContact, OrganizationalEntity from .impact_analysis import ( @@ -51,6 +51,7 @@ ImpactAnalysisResponse, ImpactAnalysisState, ) +from .tool import Tool, ToolRepository, _ToolRepositoryHelper @serializable.serializable_class @@ -953,13 +954,13 @@ def __init__( published: Optional[datetime] = None, updated: Optional[datetime] = None, credits: Optional[VulnerabilityCredits] = None, - tools: Optional[Iterable[Tool]] = None, + tools: Optional[Union[Iterable[Tool], ToolRepository]] = None, analysis: Optional[VulnerabilityAnalysis] = None, affects: Optional[Iterable[BomTarget]] = None, properties: Optional[Iterable[Property]] = None, ) -> None: if isinstance(bom_ref, BomRef): - self._bom_ref = bom_ref + self._bom_ref: BomRef = bom_ref else: self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else None) self.id = id @@ -1246,20 +1247,22 @@ def credits(self, credits: Optional[VulnerabilityCredits]) -> None: self._credits = credits @property - @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'tool') + @serializable.type_mapping(_ToolRepositoryHelper) @serializable.xml_sequence(17) - def tools(self) -> 'SortedSet[Tool]': + def tools(self) -> ToolRepository: """ - The tool(s) used to identify, confirm, or score the vulnerability. + Tools used to create this BOM. Returns: - Set of `Tool` + :class:`ToolRepository` object. """ return self._tools @tools.setter - def tools(self, tools: Iterable[Tool]) -> None: - self._tools = SortedSet(tools) + def tools(self, tools: Union[Iterable[Tool], ToolRepository]) -> None: + self._tools = tools \ + if isinstance(tools, ToolRepository) \ + else ToolRepository(tools=tools) @property @serializable.xml_sequence(18) @@ -1327,7 +1330,7 @@ def __hash__(self) -> int: return hash(( self.id, self.source, tuple(self.references), tuple(self.ratings), tuple(self.cwes), self.description, self.detail, self.recommendation, self.workaround, tuple(self.advisories), self.created, self.published, - self.updated, self.credits, tuple(self.tools), self.analysis, tuple(self.affects), tuple(self.properties) + self.updated, self.credits, self.tools, self.analysis, tuple(self.affects), tuple(self.properties) )) def __repr__(self) -> str: diff --git a/docs/conf.py b/docs/conf.py index 42ad5165..326c61be 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -20,7 +20,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '7.6.2' +release = '8.0.0' # -- General configuration --------------------------------------------------- diff --git a/docs/index.rst b/docs/index.rst index 84bd1126..787ce717 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -47,3 +47,4 @@ If you're looking for a CycloneDX tool to run to generate (SBOM) software bill-o contributing support changelog + upgrading diff --git a/docs/outputting.rst b/docs/outputting.rst index 50e800d1..26bd3c9a 100644 --- a/docs/outputting.rst +++ b/docs/outputting.rst @@ -44,9 +44,18 @@ as a ``str``. .. code-block:: python - from cyclonedx.output import get_instance, BaseOutput, OutputFormat + from cyclonedx.output import make_outputter, BaseOutput, OutputFormat, SchemaVersion - outputter: BaseOutput = get_instance(bom=bom, output_format=OutputFormat.JSON) + outputter: BaseOutput = make_outputter(bom=bom, output_format=OutputFormat.JSON, schema_version=SchemaVersion.V1_6) + bom_json: str = outputter.output_as_string() + +Alternatively, if the output format and schema version are constants, you can use the predefined format+schema combined outputs: + +.. code-block:: python + + from cyclonedx.output.json import JsonV1Dot6 + + outputter = JsonV1Dot6(bom=bom) bom_json: str = outputter.output_as_string() @@ -58,7 +67,16 @@ written to the supplied filename. .. code-block:: python - from cyclonedx.output import get_instance, BaseOutput, SchemaVersion + from cyclonedx.output import make_outputter, BaseOutput, OutputFormat, SchemaVersion + + outputter: BaseOutput = make_outputter(bom=bom, output_format=OutputFormat.XML, schema_version=SchemaVersion.V1_2) + outputter.output_to_file(filename='/tmp/sbom-v1.2.xml') + +Alternatively, if the output format and schema version are constants, you can use the predefined format+schema combined outputs: + +.. code-block:: python + + from cyclonedx.output.xml import XmlV1Dot2 - outputter: BaseOutput = get_instance(bom=bom, schema_version=SchemaVersion.V1_2) - outputter.output_to_file(filename='/tmp/sbom-v1.2.xml') \ No newline at end of file + outputter = XmlV1Dot2(bom=bom) + outputter.output_to_file(filename='/tmp/sbom-v1.2.xml') diff --git a/docs/upgrading.rst b/docs/upgrading.rst new file mode 100644 index 00000000..ac5f2b58 --- /dev/null +++ b/docs/upgrading.rst @@ -0,0 +1,61 @@ +Upgrading to v8 +=============== + +Version 8 is not backwards compatible. Some behaviours and integrations changed. +This document covers all breaking changes and should give guidance how to migrate from previous versions. + +This document is not a full :doc:`change log `, but a migration path. + +Add this library to Metadata Tools +---------------------------------- + +This library no longer adds itself to the metadata. + +Downstream users SHOULD add the following to their BOM build processes, to keep track of the used library. + +.. code-block:: python + + from cyclonedx.builder.this import this_component as cdx_lib_component + from cyclonedx.model.bom import Bom + + bom = Bom() + bom.metadata.tools.components.add(cdx_lib_component()) + +Import model Tool +----------------- + +Class `cyclonedx.model.Tool` was moved to :class:`cyclonedx.model.tool.Tool`. +Therefore, the imports need to be migrated. + +Old: ``from cyclonedx.model import Tool`` + +New: ``from cyclonedx.model.tool import Tool`` + +Alter Metadata Tools +-------------------- + +Property :attr:`cyclonedx.model.bom.BomMetaData.tools` is an instance of :class:`cyclonedx.model.tool.ToolRepository`, now. +Therefore, the process of adding new tools needs to be migrated. + +Old: ``my_bom.metadata.tools.add(my_tool)`` + +New: ``my_bom.metadata.tools.tools.add(my_tool)`` + +Alter Vulnerability Tools +------------------------- + +Property :attr:`cyclonedx.model.vulnerability.Vulnerability.tools` is an instance of :class:`cyclonedx.model.tool.ToolRepository`, now. +Therefore, the process of adding new tools needs to be migrated. + +Old: ``my_vulnerability.tools.add(my_tool)`` + +New: ``my_vulnerability.tools.tools.add(my_tool)`` + +Set LicenseExpression Acknowledgement +------------------------------------- + +:class:`cyclonedx.model.license.LicenseExpression()` no longer accepts optional arguments in a positional way, but in a key-word way. + +Old: ``LicenseExpression(my_exp, my_acknowledgement)`` + +New: ``LicenseExpression(my_exp, acknowledgement=my_acknowledgement)`` diff --git a/examples/complex_serialize.py b/examples/complex_serialize.py index 477e7ee5..e69d186d 100644 --- a/examples/complex_serialize.py +++ b/examples/complex_serialize.py @@ -20,6 +20,7 @@ from packageurl import PackageURL +from cyclonedx.builder.this import this_component as cdx_lib_component from cyclonedx.exception import MissingOptionalDependencyException from cyclonedx.factory.license import LicenseFactory from cyclonedx.model import XsUri @@ -43,6 +44,12 @@ # region build the BOM bom = Bom() +bom.metadata.tools.components.add(cdx_lib_component()) +bom.metadata.tools.components.add(Component( + name='my-own-SBOM-generator', + type=ComponentType.APPLICATION, +)) + bom.metadata.component = root_component = Component( name='myApp', type=ComponentType.APPLICATION, diff --git a/pyproject.toml b/pyproject.toml index 30bbafa9..4636a10f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "7.6.2" +version = "8.0.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", @@ -69,11 +69,12 @@ keywords = [ [tool.poetry.dependencies] python = "^3.8" packageurl-python = ">=0.11, <2" -py-serializable = "^1.1.0" +py-serializable = "^1.1.1" sortedcontainers = "^2.4.0" license-expression = "^30" jsonschema = { version = "^4.18", extras=['format'], optional=true } lxml = { version=">=4,<6", optional=true } +cpe = "^1.3.1" [tool.poetry.extras] validation = ["jsonschema", "lxml"] @@ -94,6 +95,7 @@ pep8-naming = "0.14.1" isort = "5.13.2" autopep8 = "2.3.1" mypy = "1.11.2" +tomli = { version = "2.0.1", python = "<3.11" } tox = "4.21.2" xmldiff = "2.7.0" bandit = "1.7.10" diff --git a/tests/__init__.py b/tests/__init__.py index 48760b1a..93111a22 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -14,10 +14,11 @@ # # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. + import re +import sys from os import getenv, path -from os.path import basename, join, splitext -from typing import TYPE_CHECKING, Any, Generator, Iterable, List, Optional, Tuple, TypeVar, Union +from typing import TYPE_CHECKING, Any, Dict, Generator, Iterable, List, Optional, Tuple, TypeVar, Union from unittest import TestCase from uuid import UUID @@ -47,7 +48,7 @@ class SnapshotMixin: @staticmethod def getSnapshotFile(snapshot_name: str) -> str: # noqa: N802 - return join(SNAPSHOTS_DIRECTORY, f'{snapshot_name}.bin') + return path.join(SNAPSHOTS_DIRECTORY, f'{snapshot_name}.bin') @classmethod def writeSnapshot(cls, snapshot_name: str, data: str) -> None: # noqa: N802 @@ -189,4 +190,13 @@ class DpTuple(Tuple[SchemaVersion, str]): @property def __name__(self) -> str: schema_version, test_data_file = self - return f'{schema_version.to_version()}-{splitext(basename(test_data_file))[0]}' + return f'{schema_version.to_version()}-{path.splitext(path.basename(test_data_file))[0]}' + + +def load_pyproject() -> Dict[str, Any]: + if sys.version_info >= (3, 11): + from tomllib import load as toml_load + else: + from tomli import load as toml_load + with open(path.join(path.dirname(__file__), '..', 'pyproject.toml'), 'rb') as f: + return toml_load(f) diff --git a/tests/_data/models.py b/tests/_data/models.py index c0c092f1..72504e83 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -26,6 +26,7 @@ # See https://github.com/package-url/packageurl-python/issues/65 from packageurl import PackageURL +from cyclonedx.builder.this import this_component, this_tool from cyclonedx.model import ( AttachedText, Copyright, @@ -38,7 +39,6 @@ Note, NoteText, Property, - Tool, XsUri, ) from cyclonedx.model.bom import Bom, BomMetaData @@ -89,6 +89,7 @@ from cyclonedx.model.license import DisjunctiveLicense, License, LicenseAcknowledgement, LicenseExpression from cyclonedx.model.release_note import ReleaseNotes from cyclonedx.model.service import Service +from cyclonedx.model.tool import Tool, ToolRepository from cyclonedx.model.vulnerability import ( BomTarget, BomTargetVersionRange, @@ -494,9 +495,9 @@ def get_bom_with_component_setuptools_with_vulnerability() -> Bom: ], individuals=[get_org_contact_2()] ), - tools=[ - Tool(vendor='CycloneDX', name='cyclonedx-python-lib') - ], + tools=ToolRepository(tools=( + Tool(vendor='CycloneDX', name='cyclonedx-python-lib'), + )), analysis=VulnerabilityAnalysis( state=ImpactAnalysisState.EXPLOITABLE, justification=ImpactAnalysisJustification.REQUIRES_ENVIRONMENT, responses=[ImpactAnalysisResponse.CAN_NOT_FIX], detail='Some extra detail' @@ -1047,6 +1048,155 @@ def get_bom_with_multiple_licenses() -> Bom: ) +def get_bom_with_tools() -> Bom: + return _make_bom( + metadata=BomMetaData( + tools=( + this_tool(), + Tool(name='test-tool-b'), + Tool(vendor='example', + name='test-tool-a', + version='1.33.7', + hashes=[HashType.from_composite_str( + 'sha256:adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6')], + external_references=[get_external_reference_1()], + ), + ) + ) + ) + + +def get_bom_with_tools_with_component_migrate() -> Bom: + return _make_bom( + metadata=BomMetaData( + tools=ToolRepository( + components=( + this_component(), + Component(name='test-component', bom_ref='test-component'), + Component(type=ComponentType.APPLICATION, + bom_ref='other-component', + group='acme', + name='other-component', + hashes=[HashType.from_composite_str( + 'sha256:49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca')], + external_references=[get_external_reference_1()], + ), + ) + ) + ) + ) + + +def get_bom_with_tools_with_service_migrate() -> Bom: + return _make_bom( + metadata=BomMetaData( + tools=ToolRepository( + services=( + Service(name='test-service', bom_ref='test-service'), + Service(group='acme', + name='other-service', + bom_ref='other-service', + external_references=[get_external_reference_1()], + ), + ) + ) + ) + ) + + +def get_bom_with_tools_with_component_and_service_migrate() -> Bom: + return _make_bom( + metadata=BomMetaData( + tools=ToolRepository( + components=( + this_component(), + Component(name='test-component', bom_ref='test-component'), + Component(type=ComponentType.APPLICATION, + bom_ref='other-component', + group='acme', + name='other-component', + hashes=[HashType.from_composite_str( + 'sha256:49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca')], + external_references=[get_external_reference_1()], + ), + ), + services=( + Service(name='test-service', bom_ref='test-service'), + Service(group='acme', + name='other-service', + bom_ref='other-service', + external_references=[get_external_reference_1()], + ), + ) + ) + ) + ) + + +def get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate() -> Bom: + tools = ToolRepository() + tcomp = tools.components + tserv = tools.services + ttools = tools.tools + tcomp.update(( + this_component(), + Component(name='test-component', bom_ref='test-component'), + Component(type=ComponentType.APPLICATION, + bom_ref='other-component', + group='acme', + name='other-component', + hashes=[HashType.from_composite_str( + 'sha256:49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca')], + external_references=[get_external_reference_1()], + ), + )) + tserv.update(( + Service(name='test-service', bom_ref='test-service'), + Service(group='acme', + name='other-service', + bom_ref='other-service', + external_references=[get_external_reference_1()], + ), + )) + ttools.update(( + this_tool(), + Tool(name='test-tool-b'), + Tool(vendor='example', + name='test-tool-a', + version='1.33.7', + hashes=[HashType.from_composite_str( + 'sha256:adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6')], + external_references=[get_external_reference_1()], + ), + )) + return _make_bom(metadata=BomMetaData(tools=tools)) + + +def get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate() -> Bom: + """on serialization, it is expected that only tools are emitted, and that they are deduplicated""" + tools = ToolRepository() + tcomp = tools.components + tserv = tools.services + ttools = tools.tools + tcomp.update(( + this_component(), + Component(name='test-component'), + Component(type=ComponentType.APPLICATION, + group='acme', + name='other-component'), + )) + tserv.update(( + Service(name='test-service'), + Service(group='acme', + name='other-service'), + )) + ttools.clear() + # duplicate components and services as tools + ttools.update(map(Tool.from_component, tcomp)) + ttools.update(map(Tool.from_service, tserv)) + return _make_bom(metadata=BomMetaData(tools=tools)) + + def get_bom_for_issue_497_urls() -> Bom: """regression test for issue #497 see https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 @@ -1122,6 +1272,7 @@ def get_bom_for_issue_630_empty_property() -> Bom: ) }) + # --- @@ -1135,6 +1286,11 @@ def get_bom_for_issue_630_empty_property() -> Bom: if n.startswith('get_bom_') and not n.endswith('_invalid') and not n.endswith('_migrate') ) +all_get_bom_funct_valid_reversible_migrate = tuple( + (n, f) for n, f in getmembers(sys.modules[__name__], isfunction) + if n.startswith('get_bom_') and n.endswith('_migrate') and not n.endswith('_irreversible_migrate') +) + all_get_bom_funct_invalid = tuple( (n, f) for n, f in getmembers(sys.modules[__name__], isfunction) if n.startswith('get_bom_') and n.endswith('_invalid') diff --git a/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin index e81616a8..08129f20 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.2.json.bin @@ -34,14 +34,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin index 746d6865..2bc68215 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin index 0a89875c..9c30c6cb 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.3.json.bin @@ -34,14 +34,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin index d5b28fe8..f10fbd5a 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin index c2bfdb04..a46930ff 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.4.json.bin @@ -31,48 +31,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin index b9621f48..2d6382e7 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin index 056c088a..08c95fbe 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.5.json.bin @@ -31,48 +31,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin index 7932de76..49a4b47a 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ComponentScope-1.6.json.bin b/tests/_data/snapshots/enum_ComponentScope-1.6.json.bin index 348cec53..9c5999f4 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.6.json.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.6.json.bin @@ -31,48 +31,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ComponentScope-1.6.xml.bin b/tests/_data/snapshots/enum_ComponentScope-1.6.xml.bin index 173aab7a..16002be6 100644 --- a/tests/_data/snapshots/enum_ComponentScope-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ComponentScope-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ComponentType-1.2.json.bin b/tests/_data/snapshots/enum_ComponentType-1.2.json.bin index 502ff22d..4af3254a 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.2.json.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.2.json.bin @@ -76,14 +76,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin index 9fdafcd1..231b3969 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ComponentType-1.3.json.bin b/tests/_data/snapshots/enum_ComponentType-1.3.json.bin index db9f274d..aaf85dfb 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.3.json.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.3.json.bin @@ -76,14 +76,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin index 2fff94ea..849052aa 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ComponentType-1.4.json.bin b/tests/_data/snapshots/enum_ComponentType-1.4.json.bin index e3049751..43746889 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.4.json.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.4.json.bin @@ -68,48 +68,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin index 751ba6a7..ecf2566d 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ComponentType-1.5.json.bin b/tests/_data/snapshots/enum_ComponentType-1.5.json.bin index 7a2b9196..c9380e54 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.5.json.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.5.json.bin @@ -100,48 +100,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin index 4340d7b9..7eece9d3 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ComponentType-1.6.json.bin b/tests/_data/snapshots/enum_ComponentType-1.6.json.bin index e9aa8150..14beba08 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.6.json.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.6.json.bin @@ -108,48 +108,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ComponentType-1.6.xml.bin b/tests/_data/snapshots/enum_ComponentType-1.6.xml.bin index 63c01ad0..84936bca 100644 --- a/tests/_data/snapshots/enum_ComponentType-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ComponentType-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_DataFlow-1.2.json.bin b/tests/_data/snapshots/enum_DataFlow-1.2.json.bin index cc0b7a87..cfd8d34e 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.2.json.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.2.json.bin @@ -5,14 +5,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin index 8d57f63a..28afa085 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_DataFlow-1.3.json.bin b/tests/_data/snapshots/enum_DataFlow-1.3.json.bin index a4ee0e50..ec868cdf 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.3.json.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.3.json.bin @@ -5,14 +5,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin index 434f3c81..92559dc7 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_DataFlow-1.4.json.bin b/tests/_data/snapshots/enum_DataFlow-1.4.json.bin index b2a3d94a..e90aec28 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.4.json.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.4.json.bin @@ -5,48 +5,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin index ebc96f50..07d3b99b 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_DataFlow-1.5.json.bin b/tests/_data/snapshots/enum_DataFlow-1.5.json.bin index e5127933..7ee12db9 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.5.json.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.5.json.bin @@ -5,48 +5,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin index 690af434..d7fb1d16 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_DataFlow-1.6.json.bin b/tests/_data/snapshots/enum_DataFlow-1.6.json.bin index 35932cd8..063107b3 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.6.json.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.6.json.bin @@ -5,48 +5,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_DataFlow-1.6.xml.bin b/tests/_data/snapshots/enum_DataFlow-1.6.xml.bin index 2a10ba25..f7fad953 100644 --- a/tests/_data/snapshots/enum_DataFlow-1.6.xml.bin +++ b/tests/_data/snapshots/enum_DataFlow-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_Encoding-1.2.json.bin b/tests/_data/snapshots/enum_Encoding-1.2.json.bin index 1bd83f88..224d106a 100644 --- a/tests/_data/snapshots/enum_Encoding-1.2.json.bin +++ b/tests/_data/snapshots/enum_Encoding-1.2.json.bin @@ -25,14 +25,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_Encoding-1.2.xml.bin b/tests/_data/snapshots/enum_Encoding-1.2.xml.bin index b0744af6..bf3307a6 100644 --- a/tests/_data/snapshots/enum_Encoding-1.2.xml.bin +++ b/tests/_data/snapshots/enum_Encoding-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_Encoding-1.3.json.bin b/tests/_data/snapshots/enum_Encoding-1.3.json.bin index 2ff182dc..f5c1794a 100644 --- a/tests/_data/snapshots/enum_Encoding-1.3.json.bin +++ b/tests/_data/snapshots/enum_Encoding-1.3.json.bin @@ -25,14 +25,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_Encoding-1.3.xml.bin b/tests/_data/snapshots/enum_Encoding-1.3.xml.bin index cc349445..9c0f1a14 100644 --- a/tests/_data/snapshots/enum_Encoding-1.3.xml.bin +++ b/tests/_data/snapshots/enum_Encoding-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_Encoding-1.4.json.bin b/tests/_data/snapshots/enum_Encoding-1.4.json.bin index 7d33faac..02a99e10 100644 --- a/tests/_data/snapshots/enum_Encoding-1.4.json.bin +++ b/tests/_data/snapshots/enum_Encoding-1.4.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_Encoding-1.4.xml.bin b/tests/_data/snapshots/enum_Encoding-1.4.xml.bin index 6fc9579d..d234c520 100644 --- a/tests/_data/snapshots/enum_Encoding-1.4.xml.bin +++ b/tests/_data/snapshots/enum_Encoding-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_Encoding-1.5.json.bin b/tests/_data/snapshots/enum_Encoding-1.5.json.bin index a1acc445..6ca365ee 100644 --- a/tests/_data/snapshots/enum_Encoding-1.5.json.bin +++ b/tests/_data/snapshots/enum_Encoding-1.5.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_Encoding-1.5.xml.bin b/tests/_data/snapshots/enum_Encoding-1.5.xml.bin index 6dbc122c..6f25b2f8 100644 --- a/tests/_data/snapshots/enum_Encoding-1.5.xml.bin +++ b/tests/_data/snapshots/enum_Encoding-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_Encoding-1.6.json.bin b/tests/_data/snapshots/enum_Encoding-1.6.json.bin index b4f02e19..f3d470e0 100644 --- a/tests/_data/snapshots/enum_Encoding-1.6.json.bin +++ b/tests/_data/snapshots/enum_Encoding-1.6.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_Encoding-1.6.xml.bin b/tests/_data/snapshots/enum_Encoding-1.6.xml.bin index e1731428..c2b00d13 100644 --- a/tests/_data/snapshots/enum_Encoding-1.6.xml.bin +++ b/tests/_data/snapshots/enum_Encoding-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin index 6b3751c2..014101d3 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.json.bin @@ -187,14 +187,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin index 3e83e45d..3f27e8d8 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin index 0d0ef289..d26e39a6 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.json.bin @@ -187,14 +187,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin index 7fa51b54..40689b7c 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin index 0b874ded..6932a1e7 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.json.bin @@ -186,48 +186,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin index 57b14972..d7a331a4 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin index 81fd9040..7fd1047c 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.json.bin @@ -186,48 +186,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin index e4d7319f..ed7b3604 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.6.json.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.6.json.bin index 42eb7ff0..8ea655e7 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.6.json.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.6.json.bin @@ -186,48 +186,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ExternalReferenceType-1.6.xml.bin b/tests/_data/snapshots/enum_ExternalReferenceType-1.6.xml.bin index fdfb8faf..6c3069f3 100644 --- a/tests/_data/snapshots/enum_ExternalReferenceType-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ExternalReferenceType-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin index 676688fc..feac89ff 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.2.json.bin @@ -63,14 +63,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin index 598aa3bd..03ea0302 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin index feef702e..b9fea7a8 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.3.json.bin @@ -63,14 +63,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin index df81eb25..420b91c8 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin index 3f6e1978..46381c54 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.4.json.bin @@ -62,48 +62,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin index 19975680..8c8a6e3b 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin index d41c835e..979aec04 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.5.json.bin @@ -62,48 +62,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin index 24190ff6..3c3cd265 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.6.json.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.6.json.bin index eecd5c97..fa982e91 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.6.json.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.6.json.bin @@ -62,48 +62,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_HashAlgorithm-1.6.xml.bin b/tests/_data/snapshots/enum_HashAlgorithm-1.6.xml.bin index 3764bc6e..e50c5049 100644 --- a/tests/_data/snapshots/enum_HashAlgorithm-1.6.xml.bin +++ b/tests/_data/snapshots/enum_HashAlgorithm-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin index 2c46385d..15ee9ab5 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin index d77127c3..4468db61 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin index ded7909a..12f0d76b 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin index 7bd9da31..6a271347 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.json.bin index 9344693a..6f041fda 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.xml.bin index 17391b4b..f963edd3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisAffectedStatus-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin index 01ad7978..26c7fb75 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin index ff782f19..a761fe00 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin index 0e572da1..45504f64 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin index 8d627f7c..562ce1a8 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.json.bin index d337334a..8aac7418 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.xml.bin index 89122cf5..2ef1f3b4 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisJustification-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin index 2eb942a0..ebc02088 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin index 4c23116c..fecbfd53 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin index 8e6b3c97..d931b3be 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin index 3a18b561..b1e639fa 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.json.bin index 501be21d..0ebcf7bc 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.xml.bin index 64e134ad..194e1fa2 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisResponse-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin index a29f5164..56acc0b3 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin index 8381c7c3..9342e974 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin index c5bacd23..33171e55 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin index 3fb0930f..8577d31f 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.json.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.json.bin index 24bc78df..b1ee30d7 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.json.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.xml.bin b/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.xml.bin index 6f3e92a5..1800c469 100644 --- a/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.xml.bin +++ b/tests/_data/snapshots/enum_ImpactAnalysisState-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin index 68199f61..255c5dc1 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.2.json.bin @@ -34,14 +34,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin index 60c4b014..1ec44335 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin index f395fcc3..3c869f0c 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.3.json.bin @@ -34,14 +34,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin index 2ad56112..c232cf9a 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin index 6ef1294b..ee938e8f 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.4.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin index 51e549ff..1092bb0f 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin index ae28fa1c..72d132b0 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.5.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin index fc1aaf0b..973446b4 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_IssueClassification-1.6.json.bin b/tests/_data/snapshots/enum_IssueClassification-1.6.json.bin index 58bd90af..5065703c 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.6.json.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.6.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_IssueClassification-1.6.xml.bin b/tests/_data/snapshots/enum_IssueClassification-1.6.xml.bin index 76eb838c..e32cecf5 100644 --- a/tests/_data/snapshots/enum_IssueClassification-1.6.xml.bin +++ b/tests/_data/snapshots/enum_IssueClassification-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin index c53033f9..8df13dfc 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.2.json.bin @@ -29,14 +29,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin index c8d05cef..7fb48ba9 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin index ac18529a..bfc7ef49 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.3.json.bin @@ -29,14 +29,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin index adcc029a..4b3f595a 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin index 9a4ab330..f451305b 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.4.json.bin @@ -28,48 +28,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin index 43f6406d..7777bf43 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin index c8516b80..575e38a5 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.5.json.bin @@ -28,48 +28,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin index 167bb471..24d98f09 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_PatchClassification-1.6.json.bin b/tests/_data/snapshots/enum_PatchClassification-1.6.json.bin index 3266ccce..9db7f4cb 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.6.json.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.6.json.bin @@ -28,48 +28,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_PatchClassification-1.6.xml.bin b/tests/_data/snapshots/enum_PatchClassification-1.6.xml.bin index 2d9298b4..dcd75a03 100644 --- a/tests/_data/snapshots/enum_PatchClassification-1.6.xml.bin +++ b/tests/_data/snapshots/enum_PatchClassification-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin index e2662069..caf42668 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin index f3854c0d..81c65a56 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin index c9140433..2cebe4e2 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin index 063ff38f..e8200fdd 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.json.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.json.bin index 9e6d0afa..8156593a 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.xml.bin b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.xml.bin index c3b3e0da..568057a8 100644 --- a/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilityScoreSource-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin index 1165e037..8f473bd3 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin index bc36ede0..df1938ec 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.2.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin index bc1a579f..02943890 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.json.bin @@ -1,13 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin index 1ebd391f..8341ff60 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.3.xml.bin @@ -2,12 +2,5 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin index cb84c64f..bbf74ceb 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin index 7b169e4a..df515f77 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin index a2f56899..d71a4f54 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin index da88fc9b..674a90e8 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.json.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.json.bin index 50036d7f..90731def 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.json.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.json.bin @@ -1,47 +1,6 @@ { "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.xml.bin b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.xml.bin index 40270e21..07848760 100644 --- a/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.xml.bin +++ b/tests/_data/snapshots/enum_VulnerabilitySeverity-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - val1 diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.json.bin index b4eef0f9..ae67e618 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.json.bin @@ -49,14 +49,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.xml.bin index e9568f56..af1fa138 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app 1.0.0 diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.json.bin index b57b1676..d37153a6 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.json.bin @@ -49,14 +49,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.xml.bin index c77704fc..14a09933 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app 1.0.0 diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.json.bin index 2e033b40..db8ec07e 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.json.bin @@ -49,48 +49,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.xml.bin index 429f1f41..f93fb091 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app 1.0.0 diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.json.bin index 3fed7c54..b65167aa 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.json.bin @@ -49,48 +49,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.xml.bin index d271c76c..c94ee6b5 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app 1.0.0 diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.json.bin index a9c00dd4..8c1632de 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.json.bin @@ -49,48 +49,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.xml.bin index 887cb11b..a2487390 100644 --- a/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_275_components-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app 1.0.0 diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.json.bin index 80f814fa..b44dc687 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.json.bin @@ -53,14 +53,7 @@ "type": "application", "version": "1" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.xml.bin index 4e712c8c..dcc24077 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - my-project 1 diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.json.bin index a4dce742..16985452 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.json.bin @@ -53,14 +53,7 @@ "type": "application", "version": "1" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.xml.bin index 022354c0..c6e67375 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - my-project 1 diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.json.bin index db77079b..7aa0517f 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.json.bin @@ -53,48 +53,7 @@ "type": "application", "version": "1" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.xml.bin index 31611c10..f54eea8a 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - my-project 1 diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.json.bin index be8fe01e..f0b8e5a7 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.json.bin @@ -53,48 +53,7 @@ "type": "application", "version": "1" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.xml.bin index b2892f99..4d741a7d 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - my-project 1 diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.json.bin index e06c31c6..4e9a3b24 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.json.bin @@ -53,48 +53,7 @@ "type": "application", "version": "1" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.xml.bin index 2422cea8..07f8c3ab 100644 --- a/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_328_components-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - my-project 1 diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin index db13f23c..aa874e99 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin @@ -30,14 +30,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin index d2da5f03..edf73273 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin index 23430184..625c6a9e 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin @@ -30,14 +30,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin index e80d642e..e6af9f05 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin index b9da7b14..09ad3d10 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin @@ -29,48 +29,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin index 76017afb..264d4286 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin index d4b48413..aa21468f 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin @@ -29,48 +29,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin index 1df947ba..62049bdc 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin index 9d39da84..b07192c6 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin @@ -29,48 +29,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin index ecb4c429..b780c8cf 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.json.bin index d0fcfe3d..651e8e36 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.json.bin @@ -24,14 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.xml.bin index ae85b0cc..cf695a4d 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.json.bin index 7aadd6b2..6ebec9dd 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.json.bin @@ -24,14 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.xml.bin index bc8ee2cd..9b5b5f7a 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.json.bin index 2f7738c9..f1eeb9dc 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.xml.bin index 88d997a9..cb9ea370 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.json.bin index 17df653b..206aaec4 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.xml.bin index 88baa037..2944adfc 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.json.bin index 80b12b99..77097c87 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.json.bin @@ -24,48 +24,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.xml.bin index 692f3ee6..92263f13 100644 --- a/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_598_multiple_components_with_purl_qualifiers-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.json.bin index b8d4f344..23e771fb 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.json.bin @@ -13,14 +13,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.xml.bin index bd89eb0d..52a808fd 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.json.bin index 30a280a1..7aad7dac 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.json.bin @@ -18,14 +18,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.xml.bin index 2f495c5b..c840840b 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.json.bin index c5f88750..d60f3f65 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.json.bin @@ -18,48 +18,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.xml.bin index b675ebbb..94b4e694 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.json.bin index f6c4fdec..f538e2af 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.json.bin @@ -18,48 +18,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.xml.bin index 30d7ec0b..54be5404 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.json.bin index bd9a5944..46cca52f 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.json.bin @@ -18,48 +18,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.xml.bin index bea1da02..345708a3 100644 --- a/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_630_empty_property-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.json.bin index 61fa9505..a2b15378 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.json.bin @@ -267,14 +267,7 @@ "https://cyclonedx.org/" ] }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.xml.bin index 7ab99f68..49407958 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - A N Other diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.json.bin index 68592b69..82f11977 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.json.bin @@ -334,14 +334,7 @@ "https://cyclonedx.org/" ] }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.xml.bin index 67b09fc1..4b23f5a9 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - A N Other diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.json.bin index f57e79cf..adc2bc76 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.json.bin @@ -391,48 +391,7 @@ "https://cyclonedx.org/" ] }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.xml.bin index 402fe22b..e9cef55b 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - A N Other diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin index 8fdcbc66..d2c06c75 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin @@ -391,48 +391,7 @@ "https://cyclonedx.org/" ] }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin index a9ac8fcf..928f05ed 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - A N Other diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin index 0d854562..fa530802 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin @@ -435,48 +435,7 @@ "https://cyclonedx.org/" ] }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin index 56618e7e..fcc591fd 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - A N Other diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.json.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.json.bin index 712a1aa0..baf6f457 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.json.bin @@ -40,48 +40,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.xml.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.xml.bin index d0a5b749..43214f2c 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_algorithm-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.json.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.json.bin index ff2fefef..bb1fdf24 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.json.bin @@ -28,48 +28,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.xml.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.xml.bin index 846567cb..77762892 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_certificate-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.json.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.json.bin index 812e4e2e..ccf5bc61 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.json.bin @@ -57,48 +57,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.xml.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.xml.bin index 6025d3b3..96a5db6e 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_protocol-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.json.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.json.bin index 0358af5a..07cee9c2 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.json.bin @@ -35,48 +35,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.xml.bin b/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.xml.bin index e3da9531..dca04e89 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_v1_6_with_crypto_related_material-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.json.bin index 2f146446..b96615db 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.xml.bin index cb29e5ba..bb959713 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.json.bin index a075deb2..3437dbb7 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.xml.bin index 76ce40a0..49ba0ae3 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.json.bin index e24af516..dcce930d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.xml.bin index 69a1e7c0..86cbdb05 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.json.bin index d5daf9b3..907820fb 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.xml.bin index 547eacda..4d9bbf6d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.json.bin index ea2735d1..801b3e18 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.xml.bin index fea7e2ec..6de92d82 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_basic-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.json.bin index e1bef464..66425d45 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.json.bin @@ -227,14 +227,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.xml.bin index 72167cd3..523183bd 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.json.bin index 24bd942b..0a6e9da2 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.json.bin @@ -271,14 +271,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.xml.bin index b7aaea4a..d43730db 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.json.bin index 8c30490f..59b7580b 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.json.bin @@ -328,48 +328,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.xml.bin index 0318ec2f..93ac29b4 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.json.bin index a4edc202..3f9b5e77 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.json.bin @@ -328,48 +328,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.xml.bin index c786be39..8a04634c 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.json.bin index 44e35f92..edd7c212 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.json.bin @@ -334,48 +334,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.xml.bin index a53231ce..2d5c0d92 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_complete-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.json.bin index 556f871e..a6d3ed70 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.xml.bin index 39e16bf4..526d38c8 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.json.bin index 0d3f3547..80849832 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.xml.bin index b1198c98..22ba57dc 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.json.bin index 13d79bc1..abaee83a 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.json.bin @@ -21,48 +21,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.xml.bin index 707f0f31..a906a61c 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.json.bin index 1250e296..d071aec9 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.json.bin @@ -21,48 +21,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.xml.bin index 01851806..3c66a841 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.json.bin index 80a74ce8..cf65f782 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.json.bin @@ -21,48 +21,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.xml.bin index 70a34c40..dc1bc798 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_no_component_version-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.json.bin index f9282117..e3aa3849 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.json.bin @@ -23,14 +23,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.xml.bin index f8b4fd27..8cefded0 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.json.bin index 8ad7c766..37a7601d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.json.bin @@ -23,14 +23,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.xml.bin index 457d800b..70870fd8 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.json.bin index 8a16010f..7864fb78 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.json.bin @@ -23,48 +23,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.xml.bin index 70bd488d..1f9da91d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.json.bin index 8381f9f1..2a276928 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.json.bin @@ -23,48 +23,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.xml.bin index 68a0c03d..2cfec03f 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.json.bin index a45ce579..d6ab5aa9 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.json.bin @@ -23,48 +23,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.xml.bin index 9c499c56..776785bb 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_cpe-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.json.bin index 2f146446..b96615db 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.xml.bin index cb29e5ba..bb959713 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.json.bin index a075deb2..3437dbb7 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.xml.bin index 76ce40a0..49ba0ae3 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.json.bin index a8b35ec4..a7197285 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.json.bin @@ -81,48 +81,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.xml.bin index cb263afb..e6dc1ff6 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.json.bin index 9e02ddb5..ae0d6c19 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.json.bin @@ -81,48 +81,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.xml.bin index 60fec7ea..6983758e 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.json.bin index f9aedace..a6411ed9 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.json.bin @@ -81,48 +81,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.xml.bin index 051bac9f..df54f9c6 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_release_notes-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.json.bin index 2f146446..b96615db 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.xml.bin index cb29e5ba..bb959713 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.json.bin index a075deb2..3437dbb7 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.xml.bin index 76ce40a0..49ba0ae3 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.json.bin index e24af516..dcce930d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.xml.bin index 69a1e7c0..86cbdb05 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.json.bin index d5daf9b3..907820fb 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.xml.bin index 547eacda..4d9bbf6d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.json.bin index 441ca484..c1abec2c 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.json.bin @@ -66,48 +66,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.xml.bin index 7fa2c86b..e10d5af9 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_v16_fields-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.json.bin index 2f146446..b96615db 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.xml.bin index cb29e5ba..bb959713 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.json.bin index a075deb2..3437dbb7 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.json.bin @@ -22,14 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.xml.bin index 76ce40a0..49ba0ae3 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.json.bin index 1b70e6e3..b020f6c8 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.xml.bin index f7e73493..554039f1 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.json.bin index 8338aa83..acfdf772 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.xml.bin index 37155640..719e696d 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.json.bin index 9b91199c..0931367c 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.json.bin @@ -22,48 +22,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.xml.bin index ede2278b..9d46b7c0 100644 --- a/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_setuptools_with_vulnerability-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.json.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.json.bin index 8e170b99..a362876f 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.json.bin @@ -27,14 +27,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.xml.bin index ef97c383..12d7e32f 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.json.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.json.bin index aefb94a1..f8a990bf 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.json.bin @@ -33,14 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.xml.bin index a9417823..1d15dde2 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.json.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.json.bin index 08d82364..949596a5 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.xml.bin index d1c343c2..4c67af37 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.json.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.json.bin index 340772aa..1771c765 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.xml.bin index d633bdf4..154f20fc 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.json.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.json.bin index 4a49b413..f4fc5c11 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.json.bin @@ -33,48 +33,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.xml.bin index 4aa9e789..23a587b2 100644 --- a/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_component_toml_1-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.json.bin index 6dc68f3d..f968a483 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.json.bin @@ -57,14 +57,7 @@ "type": "application", "version": "" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 23, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.xml.bin index 39df1a3b..b85b5dd2 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - rootComponent diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.json.bin index 20919e4f..190f444c 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.json.bin @@ -63,14 +63,7 @@ "type": "application", "version": "" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 23, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.xml.bin index cb19113f..504eb196 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - rootComponent diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.json.bin index d43577a1..e0cde06a 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.json.bin @@ -62,48 +62,7 @@ "name": "rootComponent", "type": "application" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 23, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.xml.bin index b354a27a..a5860bce 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - rootComponent diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.json.bin index 502827d9..3d8b8f31 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.json.bin @@ -62,48 +62,7 @@ "name": "rootComponent", "type": "application" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.xml.bin index b27f09d6..8d72d8b6 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - rootComponent diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.json.bin index c59624ab..5e2a7641 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.json.bin @@ -62,48 +62,7 @@ "name": "rootComponent", "type": "application" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.xml.bin index 7b29a08a..2ae2aa9d 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_hanging-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - rootComponent diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.json.bin index 44bde82b..1782df19 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.json.bin @@ -48,14 +48,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.xml.bin index 45734322..b3cd329b 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.json.bin index 945582d8..92977fde 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.json.bin @@ -54,14 +54,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.xml.bin index 0ac9a56b..ba7c59ac 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.json.bin index 5faf6bc4..2d2e250f 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.json.bin @@ -54,48 +54,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.xml.bin index 5d9339d9..92e6747a 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.json.bin index 0c3a6b38..89bd86c2 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.json.bin @@ -54,48 +54,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.xml.bin index 8fed61b7..6ddad73d 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.json.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.json.bin index 45d62795..7717cb17 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.json.bin @@ -54,48 +54,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.xml.bin index 910d8a19..ad60777c 100644 --- a/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_dependencies_valid-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.2.json.bin b/tests/_data/snapshots/get_bom_with_external_references-1.2.json.bin index 0808ac13..b108f640 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.2.json.bin @@ -11,14 +11,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_external_references-1.2.xml.bin index 052f94d0..44a8e0a5 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.3.json.bin b/tests/_data/snapshots/get_bom_with_external_references-1.3.json.bin index 4f455662..19fcd07f 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.3.json.bin @@ -17,14 +17,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_external_references-1.3.xml.bin index b82483a0..0ae18fba 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.4.json.bin b/tests/_data/snapshots/get_bom_with_external_references-1.4.json.bin index da029b47..e90c3ea2 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.4.json.bin @@ -17,48 +17,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_external_references-1.4.xml.bin index 559dac4c..f64b1c7a 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.5.json.bin b/tests/_data/snapshots/get_bom_with_external_references-1.5.json.bin index efd728cc..55238588 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.5.json.bin @@ -17,48 +17,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_external_references-1.5.xml.bin index 7d3acd73..411ab39a 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.6.json.bin b/tests/_data/snapshots/get_bom_with_external_references-1.6.json.bin index f8a2f5b0..82c9bc40 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.6.json.bin @@ -17,48 +17,7 @@ } ], "metadata": { - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_external_references-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_external_references-1.6.xml.bin index f0e24adf..7dee398e 100644 --- a/tests/_data/snapshots/get_bom_with_external_references-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_external_references-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.2.json.bin b/tests/_data/snapshots/get_bom_with_licenses-1.2.json.bin index 4357e2c7..c88a0812 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.2.json.bin @@ -89,14 +89,7 @@ "type": "application", "version": "" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_licenses-1.2.xml.bin index c7c0cf34..996e5716 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.3.json.bin b/tests/_data/snapshots/get_bom_with_licenses-1.3.json.bin index 27cc51b0..a5407c58 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.3.json.bin @@ -96,14 +96,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_licenses-1.3.xml.bin index ab9b46ea..1b53ee51 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.4.json.bin b/tests/_data/snapshots/get_bom_with_licenses-1.4.json.bin index d53cea7f..a082d8a3 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.4.json.bin @@ -92,48 +92,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_licenses-1.4.xml.bin index f3c4b827..6d81479e 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.5.json.bin b/tests/_data/snapshots/get_bom_with_licenses-1.5.json.bin index 519a39a1..a8b28b10 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.5.json.bin @@ -92,48 +92,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_licenses-1.5.xml.bin index c7f82448..fc2bedfd 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.6.json.bin b/tests/_data/snapshots/get_bom_with_licenses-1.6.json.bin index ce61d9f5..4e6ef33f 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.6.json.bin @@ -94,48 +94,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_licenses-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_licenses-1.6.xml.bin index 26dbad0d..49b31f46 100644 --- a/tests/_data/snapshots/get_bom_with_licenses-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_licenses-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.json.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.json.bin index 8e1ad38b..e74a252d 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.json.bin @@ -48,14 +48,7 @@ "type": "library", "version": "50.3.2" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.xml.bin index 9f181dd3..0e8acf56 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - Test Author setuptools diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.json.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.json.bin index 44d8a573..243e776d 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.json.bin @@ -54,14 +54,7 @@ "type": "library", "version": "50.3.2" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.xml.bin index 6a0e37c3..92321491 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - Test Author setuptools diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.json.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.json.bin index 5d3fe4a4..0c91fe36 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.json.bin @@ -54,48 +54,7 @@ "type": "library", "version": "50.3.2" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.xml.bin index 1826d7f3..2d8b15f8 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - Test Author setuptools diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.json.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.json.bin index 66edb924..a72442f9 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.json.bin @@ -54,48 +54,7 @@ "type": "library", "version": "50.3.2" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.xml.bin index 358958e9..4ad5abd7 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - Test Author setuptools diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.json.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.json.bin index accf4887..9aba4626 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.json.bin @@ -54,48 +54,7 @@ "type": "library", "version": "50.3.2" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.xml.bin index 7b73d353..26e9a101 100644 --- a/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_metadata_component_and_dependencies-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - Test Author setuptools diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.json.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.json.bin index 19aadbf1..3a40a57c 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.json.bin @@ -49,14 +49,7 @@ "type": "application", "version": "" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.xml.bin index df26741d..39f4e66b 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.json.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.json.bin index 1a6eba50..469d49f3 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.json.bin @@ -61,14 +61,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.xml.bin index 1bb3e0ab..a4a52cfd 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - app diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.json.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.json.bin index f8beb9f4..21df9fed 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.json.bin @@ -59,48 +59,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.xml.bin index 7c0f8f2b..ee81caf9 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.json.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.json.bin index 33849b38..134e1f9a 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.json.bin @@ -59,48 +59,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.xml.bin index 8fedd3e7..8ece9896 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.json.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.json.bin index d590951c..1d8ab129 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.json.bin @@ -59,48 +59,7 @@ } } ], - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.xml.bin index 8b1c9c9b..84091db5 100644 --- a/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_multiple_licenses-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - app diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.2.json.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.2.json.bin index 29fbb5fa..8a17945d 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.2.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.2.xml.bin index 68bed448..a4612acd 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.3.json.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.3.json.bin index 578ada50..5e480c8c 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.3.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.3.xml.bin index a9536b6a..9b260cd6 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.4.json.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.4.json.bin index f9ca9db0..13797a13 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.4.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.4.xml.bin index 94c873c9..e3e327ac 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.5.json.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.5.json.bin index e286d6fe..11b52897 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.5.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.5.xml.bin index 5b1865d2..570fba7f 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.6.json.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.6.json.bin index ea5e7d27..e1469324 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.6.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_nested_services-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_nested_services-1.6.xml.bin index 030d9d47..24ce8e39 100644 --- a/tests/_data/snapshots/get_bom_with_nested_services-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_nested_services-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.2.json.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.2.json.bin index 7f4621c8..50a81b63 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.2.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.2.xml.bin index 00d2a617..de5d73bf 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.3.json.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.3.json.bin index 01ab92d3..c677d7b6 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.3.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.3.xml.bin index d6df0b4b..5ea783f0 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.4.json.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.4.json.bin index cc761a4c..02bd8ecf 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.4.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.4.xml.bin index 31b95370..762dff5a 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.5.json.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.5.json.bin index 71c4d2d1..7672db57 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.5.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.5.xml.bin index 539e964f..7fb7fc50 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.6.json.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.6.json.bin index 13e17526..45b78218 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.6.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_services_complex-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_services_complex-1.6.xml.bin index b541b17f..7a054cfa 100644 --- a/tests/_data/snapshots/get_bom_with_services_complex-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_complex-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.2.json.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.2.json.bin index e7562ceb..7a7ff2b9 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.2.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.2.xml.bin index 60db211e..e5233acf 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.2.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.3.json.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.3.json.bin index 4c2ea8b2..cbd63251 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.3.json.bin @@ -17,14 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.3.xml.bin index 08fcc576..7904f82f 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.3.xml.bin @@ -2,13 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.4.json.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.4.json.bin index 71758695..9834ec21 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.4.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "services": [ diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.4.xml.bin index f96e529b..b85a5a8e 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.4.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.5.json.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.5.json.bin index 7ca30ec6..7152a3c5 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.5.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.5.xml.bin index 608a8dbf..040f39ab 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.5.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.6.json.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.6.json.bin index 1b421189..28414296 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.6.json.bin @@ -17,48 +17,7 @@ "type": "library", "version": "1.0.0" }, - "timestamp": "2023-01-07T13:44:32.312678+00:00", - "tools": [ - { - "externalReferences": [ - { - "type": "build-system", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" - }, - { - "type": "distribution", - "url": "https://pypi.org/project/cyclonedx-python-lib/" - }, - { - "type": "documentation", - "url": "https://cyclonedx-python-library.readthedocs.io/" - }, - { - "type": "issue-tracker", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" - }, - { - "type": "license", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" - }, - { - "type": "release-notes", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" - }, - { - "type": "vcs", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib" - }, - { - "type": "website", - "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" - } - ], - "name": "cyclonedx-python-lib", - "vendor": "CycloneDX", - "version": "TESTING" - } - ] + "timestamp": "2023-01-07T13:44:32.312678+00:00" }, "properties": [ { diff --git a/tests/_data/snapshots/get_bom_with_services_simple-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_services_simple-1.6.xml.bin index a46b2d21..94f67e28 100644 --- a/tests/_data/snapshots/get_bom_with_services_simple-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_with_services_simple-1.6.xml.bin @@ -2,39 +2,6 @@ 2023-01-07T13:44:32.312678+00:00 - - - CycloneDX - cyclonedx-python-lib - TESTING - - - https://github.com/CycloneDX/cyclonedx-python-lib/actions - - - https://pypi.org/project/cyclonedx-python-lib/ - - - https://cyclonedx-python-library.readthedocs.io/ - - - https://github.com/CycloneDX/cyclonedx-python-lib/issues - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE - - - https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md - - - https://github.com/CycloneDX/cyclonedx-python-lib - - - https://github.com/CycloneDX/cyclonedx-python-lib/#readme - - - - cyclonedx-python-lib 1.0.0 diff --git a/tests/_data/snapshots/get_bom_with_tools-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools-1.2.json.bin new file mode 100644 index 00000000..ca38e5f0 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.2.json.bin @@ -0,0 +1,31 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.2.xml.bin new file mode 100644 index 00000000..32920edd --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.2.xml.bin @@ -0,0 +1,24 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools-1.3.json.bin new file mode 100644 index 00000000..1eb342c2 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.3.json.bin @@ -0,0 +1,31 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.3.xml.bin new file mode 100644 index 00000000..aee9da63 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.3.xml.bin @@ -0,0 +1,24 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools-1.4.json.bin new file mode 100644 index 00000000..3a26a1c6 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.4.json.bin @@ -0,0 +1,78 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.4.xml.bin new file mode 100644 index 00000000..aae5b797 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.4.xml.bin @@ -0,0 +1,59 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools-1.5.json.bin new file mode 100644 index 00000000..173988c2 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.5.json.bin @@ -0,0 +1,88 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-tool-b" + } + ] + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.5.xml.bin new file mode 100644 index 00000000..4800c7ba --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.5.xml.bin @@ -0,0 +1,63 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-tool-b + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_v1_6_with_crypto-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools-1.6.json.bin similarity index 53% rename from tests/_data/snapshots/get_bom_v1_6_with_crypto-1.6.json.bin rename to tests/_data/snapshots/get_bom_with_tools-1.6.json.bin index 46c4d952..5eb714cb 100644 --- a/tests/_data/snapshots/get_bom_v1_6_with_crypto-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_tools-1.6.json.bin @@ -1,61 +1,4 @@ { - "components": [ - { - "bom-ref": "26b1ce0f-bec6-4bfe-9db1-03b75a4ed1ec", - "cryptoProperties": { - "assetType": "protocol", - "oid": "an-oid-here", - "protocolProperties": { - "cipherSuites": [ - { - "identifiers": [ - "TLS_AES_128_CCM_8_SHA256" - ], - "name": "TLS_AES_128_CCM_8_SHA256" - }, - { - "identifiers": [ - "TLS_AES_128_CCM_SHA256" - ], - "name": "TLS_AES_128_CCM_SHA256" - }, - { - "identifiers": [ - "TLS_AES_128_GCM_SHA256" - ], - "name": "TLS_AES_128_GCM_SHA256" - }, - { - "identifiers": [ - "TLS_AES_256_GCM_SHA384" - ], - "name": "TLS_AES_256_GCM_SHA384" - }, - { - "identifiers": [ - "TLS_CHACHA20_POLY1305_SHA256" - ], - "name": "TLS_CHACHA20_POLY1305_SHA256" - } - ], - "type": "tls", - "version": "1.3" - } - }, - "name": "TLS", - "tags": [ - "protocl", - "tls" - ], - "type": "cryptographic-asset", - "version": "v1.3" - } - ], - "dependencies": [ - { - "ref": "26b1ce0f-bec6-4bfe-9db1-03b75a4ed1ec" - } - ], "metadata": { "timestamp": "2023-01-07T13:44:32.312678+00:00", "tools": [ @@ -97,9 +40,46 @@ "name": "cyclonedx-python-lib", "vendor": "CycloneDX", "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-tool-b" } ] }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", diff --git a/tests/_data/snapshots/get_bom_with_tools-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools-1.6.xml.bin new file mode 100644 index 00000000..fc5013d8 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools-1.6.xml.bin @@ -0,0 +1,63 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-tool-b + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.json.bin new file mode 100644 index 00000000..0ca50ca7 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.json.bin @@ -0,0 +1,31 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.xml.bin new file mode 100644 index 00000000..e726653d --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.2.xml.bin @@ -0,0 +1,27 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + + acme + other-service + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.json.bin new file mode 100644 index 00000000..25fd5c20 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.json.bin @@ -0,0 +1,31 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.xml.bin new file mode 100644 index 00000000..0dfe7330 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.3.xml.bin @@ -0,0 +1,27 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + + acme + other-service + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.json.bin new file mode 100644 index 00000000..16407cc3 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.json.bin @@ -0,0 +1,65 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.xml.bin new file mode 100644 index 00000000..f5504a7a --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.4.xml.bin @@ -0,0 +1,53 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + + acme + other-service + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.json.bin new file mode 100644 index 00000000..d66bbf23 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.json.bin @@ -0,0 +1,75 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.xml.bin new file mode 100644 index 00000000..40ae59a7 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.5.xml.bin @@ -0,0 +1,57 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + + acme + other-service + + + test-component + + + test-service + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_crypto-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.json.bin similarity index 53% rename from tests/_data/snapshots/get_bom_with_crypto-1.6.json.bin rename to tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.json.bin index 46c4d952..0cf661c0 100644 --- a/tests/_data/snapshots/get_bom_with_crypto-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.json.bin @@ -1,61 +1,4 @@ { - "components": [ - { - "bom-ref": "26b1ce0f-bec6-4bfe-9db1-03b75a4ed1ec", - "cryptoProperties": { - "assetType": "protocol", - "oid": "an-oid-here", - "protocolProperties": { - "cipherSuites": [ - { - "identifiers": [ - "TLS_AES_128_CCM_8_SHA256" - ], - "name": "TLS_AES_128_CCM_8_SHA256" - }, - { - "identifiers": [ - "TLS_AES_128_CCM_SHA256" - ], - "name": "TLS_AES_128_CCM_SHA256" - }, - { - "identifiers": [ - "TLS_AES_128_GCM_SHA256" - ], - "name": "TLS_AES_128_GCM_SHA256" - }, - { - "identifiers": [ - "TLS_AES_256_GCM_SHA384" - ], - "name": "TLS_AES_256_GCM_SHA384" - }, - { - "identifiers": [ - "TLS_CHACHA20_POLY1305_SHA256" - ], - "name": "TLS_CHACHA20_POLY1305_SHA256" - } - ], - "type": "tls", - "version": "1.3" - } - }, - "name": "TLS", - "tags": [ - "protocl", - "tls" - ], - "type": "cryptographic-asset", - "version": "v1.3" - } - ], - "dependencies": [ - { - "ref": "26b1ce0f-bec6-4bfe-9db1-03b75a4ed1ec" - } - ], "metadata": { "timestamp": "2023-01-07T13:44:32.312678+00:00", "tools": [ @@ -97,9 +40,33 @@ "name": "cyclonedx-python-lib", "vendor": "CycloneDX", "version": "TESTING" + }, + { + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" } ] }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", "version": 1, "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.xml.bin new file mode 100644 index 00000000..89d558fb --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_duplicated_tools_irreversible_migrate-1.6.xml.bin @@ -0,0 +1,57 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + + acme + other-service + + + test-component + + + test-service + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.json.bin new file mode 100644 index 00000000..ca5d7d52 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.json.bin @@ -0,0 +1,51 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.xml.bin new file mode 100644 index 00000000..42294a3c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.2.xml.bin @@ -0,0 +1,41 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + acme + other-service + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + test-component + + + test-service + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.json.bin new file mode 100644 index 00000000..eefffde7 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.json.bin @@ -0,0 +1,51 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.xml.bin new file mode 100644 index 00000000..b734059f --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.3.xml.bin @@ -0,0 +1,41 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + acme + other-service + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + test-component + + + test-service + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.json.bin new file mode 100644 index 00000000..4d6c2c33 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.json.bin @@ -0,0 +1,124 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "name": "other-service", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + }, + { + "name": "test-tool-b" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.xml.bin new file mode 100644 index 00000000..55e694f9 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.4.xml.bin @@ -0,0 +1,94 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-component + + + test-service + + + test-tool-b + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.json.bin new file mode 100644 index 00000000..f0ab4915 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.json.bin @@ -0,0 +1,134 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "name": "other-service", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + }, + { + "name": "test-tool-b" + } + ] + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.xml.bin new file mode 100644 index 00000000..e0cee50f --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.5.xml.bin @@ -0,0 +1,98 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-component + + + test-service + + + test-tool-b + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.json.bin new file mode 100644 index 00000000..d16d0598 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.json.bin @@ -0,0 +1,134 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "name": "other-service", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6" + } + ], + "name": "test-tool-a", + "vendor": "example", + "version": "1.33.7" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + }, + { + "name": "test-tool-b" + } + ] + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.xml.bin new file mode 100644 index 00000000..5b560874 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_and_tools_irreversible_migrate-1.6.xml.bin @@ -0,0 +1,98 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + example + test-tool-a + 1.33.7 + + adbbbe72c8f023b4a2d96a3978f69d94873ab2fef424e0298287c3368519c1a6 + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-component + + + test-service + + + test-tool-b + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.json.bin new file mode 100644 index 00000000..ea32ff1c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.json.bin @@ -0,0 +1,37 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.xml.bin new file mode 100644 index 00000000..ec74cfb1 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.2.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + acme + other-service + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.json.bin new file mode 100644 index 00000000..fbeec8f3 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.json.bin @@ -0,0 +1,37 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.xml.bin new file mode 100644 index 00000000..514e1f50 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.3.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + acme + other-service + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.json.bin new file mode 100644 index 00000000..c45daad3 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.json.bin @@ -0,0 +1,97 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-component" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.xml.bin new file mode 100644 index 00000000..53304d72 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.4.xml.bin @@ -0,0 +1,74 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-component + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.json.bin new file mode 100644 index 00000000..f040c90a --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.json.bin @@ -0,0 +1,126 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "components": [ + { + "bom-ref": "other-component", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "type": "application" + }, + { + "description": "Python library for CycloneDX", + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "group": "CycloneDX", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "name": "cyclonedx-python-lib", + "type": "library", + "version": "TESTING" + }, + { + "bom-ref": "test-component", + "name": "test-component", + "type": "library" + } + ], + "services": [ + { + "bom-ref": "other-service", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "name": "other-service" + }, + { + "bom-ref": "test-service", + "name": "test-service" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.xml.bin new file mode 100644 index 00000000..4a7bcd8c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.5.xml.bin @@ -0,0 +1,88 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + CycloneDX + cyclonedx-python-lib + TESTING + Python library for CycloneDX + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + test-component + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-service + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.json.bin new file mode 100644 index 00000000..eb1ff770 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.json.bin @@ -0,0 +1,127 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "components": [ + { + "bom-ref": "other-component", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "type": "application" + }, + { + "description": "Python library for CycloneDX", + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "group": "CycloneDX", + "licenses": [ + { + "license": { + "acknowledgement": "declared", + "id": "Apache-2.0" + } + } + ], + "name": "cyclonedx-python-lib", + "type": "library", + "version": "TESTING" + }, + { + "bom-ref": "test-component", + "name": "test-component", + "type": "library" + } + ], + "services": [ + { + "bom-ref": "other-service", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "name": "other-service" + }, + { + "bom-ref": "test-service", + "name": "test-service" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.xml.bin new file mode 100644 index 00000000..84aced32 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_and_service_migrate-1.6.xml.bin @@ -0,0 +1,88 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + CycloneDX + cyclonedx-python-lib + TESTING + Python library for CycloneDX + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + test-component + + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-service + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.json.bin new file mode 100644 index 00000000..b0ee39ea --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.json.bin @@ -0,0 +1,30 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "test-component" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.xml.bin new file mode 100644 index 00000000..5614334a --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.2.xml.bin @@ -0,0 +1,23 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + test-component + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.json.bin new file mode 100644 index 00000000..6d5ee915 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.json.bin @@ -0,0 +1,30 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "test-component" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.xml.bin new file mode 100644 index 00000000..469b6dfc --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.3.xml.bin @@ -0,0 +1,23 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + test-component + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.json.bin new file mode 100644 index 00000000..a56d92b9 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.json.bin @@ -0,0 +1,77 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "TESTING" + }, + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "vendor": "acme" + }, + { + "name": "test-component" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.xml.bin new file mode 100644 index 00000000..d64c901e --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.4.xml.bin @@ -0,0 +1,58 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + CycloneDX + cyclonedx-python-lib + TESTING + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-component + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.json.bin new file mode 100644 index 00000000..f89e6e2c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.json.bin @@ -0,0 +1,102 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "components": [ + { + "bom-ref": "other-component", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "type": "application" + }, + { + "description": "Python library for CycloneDX", + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "group": "CycloneDX", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "name": "cyclonedx-python-lib", + "type": "library", + "version": "TESTING" + }, + { + "bom-ref": "test-component", + "name": "test-component", + "type": "library" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.xml.bin new file mode 100644 index 00000000..aa284908 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.5.xml.bin @@ -0,0 +1,70 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + CycloneDX + cyclonedx-python-lib + TESTING + Python library for CycloneDX + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + test-component + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.json.bin new file mode 100644 index 00000000..dea1d9d9 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.json.bin @@ -0,0 +1,103 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "components": [ + { + "bom-ref": "other-component", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "hashes": [ + { + "alg": "SHA-256", + "content": "49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca" + } + ], + "name": "other-component", + "type": "application" + }, + { + "description": "Python library for CycloneDX", + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "group": "CycloneDX", + "licenses": [ + { + "license": { + "acknowledgement": "declared", + "id": "Apache-2.0" + } + } + ], + "name": "cyclonedx-python-lib", + "type": "library", + "version": "TESTING" + }, + { + "bom-ref": "test-component", + "name": "test-component", + "type": "library" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.xml.bin new file mode 100644 index 00000000..2f8ceecf --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_component_migrate-1.6.xml.bin @@ -0,0 +1,70 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-component + + 49b420bd8d8182542a76d4422e0c7890dcc88a3d8ddad04da06366d8c40ac8ca + + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + CycloneDX + cyclonedx-python-lib + TESTING + Python library for CycloneDX + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-python-lib/actions + + + https://pypi.org/project/cyclonedx-python-lib/ + + + https://cyclonedx-python-library.readthedocs.io/ + + + https://github.com/CycloneDX/cyclonedx-python-lib/issues + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE + + + https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md + + + https://github.com/CycloneDX/cyclonedx-python-lib + + + https://github.com/CycloneDX/cyclonedx-python-lib/#readme + + + + + test-component + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.json.bin new file mode 100644 index 00000000..02094998 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.json.bin @@ -0,0 +1,19 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.xml.bin new file mode 100644 index 00000000..266aa5b6 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.2.xml.bin @@ -0,0 +1,15 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + acme + other-service + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.json.bin new file mode 100644 index 00000000..62a2e4c3 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.json.bin @@ -0,0 +1,19 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.xml.bin new file mode 100644 index 00000000..97729c4e --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.3.xml.bin @@ -0,0 +1,15 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + acme + other-service + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.json.bin new file mode 100644 index 00000000..bcf21a66 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.json.bin @@ -0,0 +1,32 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": [ + { + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "name": "other-service", + "vendor": "acme" + }, + { + "name": "test-service" + } + ] + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.xml.bin new file mode 100644 index 00000000..af666d2c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.4.xml.bin @@ -0,0 +1,24 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-service + + + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.json.bin new file mode 100644 index 00000000..c5e9c6e8 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.json.bin @@ -0,0 +1,46 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "services": [ + { + "bom-ref": "other-service", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "name": "other-service" + }, + { + "bom-ref": "test-service", + "name": "test-service" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.xml.bin new file mode 100644 index 00000000..3a8ba335 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.5.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-service + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.json.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.json.bin new file mode 100644 index 00000000..a9293a54 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.json.bin @@ -0,0 +1,46 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00", + "tools": { + "services": [ + { + "bom-ref": "other-service", + "externalReferences": [ + { + "comment": "No comment", + "hashes": [ + { + "alg": "SHA-256", + "content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b" + } + ], + "type": "distribution", + "url": "https://cyclonedx.org" + } + ], + "group": "acme", + "name": "other-service" + }, + { + "bom-ref": "test-service", + "name": "test-service" + } + ] + } + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.xml.bin new file mode 100644 index 00000000..e33e4dc1 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_tools_with_service_migrate-1.6.xml.bin @@ -0,0 +1,30 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + + acme + other-service + + + https://cyclonedx.org + No comment + + 806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b + + + + + + test-service + + + + + + val1 + val2 + + diff --git a/tests/test_builder_this.py b/tests/test_builder_this.py new file mode 100644 index 00000000..2e56b317 --- /dev/null +++ b/tests/test_builder_this.py @@ -0,0 +1,84 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +from typing import Any, Dict, Iterable, Tuple, Union +from unittest import TestCase + +from cyclonedx.builder.this import this_component, this_tool +from cyclonedx.model import ExternalReference, ExternalReferenceType +from cyclonedx.model.component import ComponentType +from cyclonedx.model.license import License, LicenseAcknowledgement +from tests import load_pyproject + + +class ExtRefsTestMixin: + + @staticmethod + def __first_ers_uri(t: ExternalReferenceType, ers: Iterable[ExternalReference]) -> str: + return next(filter(lambda r: r.type is t, ers)).url.uri + + def assertExtRefs( # noqa:N802 + self: Union[TestCase, 'ExtRefsTestMixin'], + p: Dict[str, Any], ers: Iterable[ExternalReference] + ) -> None: + self.assertEqual(p['tool']['poetry']['homepage'], self.__first_ers_uri( + ExternalReferenceType.WEBSITE, ers)) + self.assertEqual(p['tool']['poetry']['repository'], self.__first_ers_uri( + ExternalReferenceType.VCS, ers)) + self.assertEqual(p['tool']['poetry']['documentation'], self.__first_ers_uri( + ExternalReferenceType.DOCUMENTATION, ers)) + self.assertEqual(p['tool']['poetry']['urls']['Bug Tracker'], self.__first_ers_uri( + ExternalReferenceType.ISSUE_TRACKER, ers)) + + +class TestThisComponent(TestCase, ExtRefsTestMixin): + def test_basics(self) -> None: + p = load_pyproject() + c = this_component() + self.assertIs(ComponentType.LIBRARY, c.type) + self.assertEqual('CycloneDX', c.group) + self.assertEqual(p['tool']['poetry']['name'], c.name) + self.assertEqual(p['tool']['poetry']['version'], c.version) + self.assertEqual(p['tool']['poetry']['description'], c.description) + + def test_license(self) -> None: + p = load_pyproject() + ls: Tuple[License, ...] = tuple(this_component().licenses) + self.assertEqual(1, len(ls)) + l = ls[0] # noqa:E741 + self.assertIs(LicenseAcknowledgement.DECLARED, l.acknowledgement) + # this uses the fact that poetry expect license declarations as valid SPDX-license-id + self.assertEqual(p['tool']['poetry']['license'], l.id) + + def test_extrefs(self) -> None: + p = load_pyproject() + ers: Tuple[ExternalReference, ...] = tuple(this_component().external_references) + self.assertExtRefs(p, ers) + + +class TestThisTool(TestCase, ExtRefsTestMixin): + def test_basics(self) -> None: + p = load_pyproject() + t = this_tool() + self.assertEqual('CycloneDX', t.vendor) + self.assertEqual(p['tool']['poetry']['name'], t.name) + self.assertEqual(p['tool']['poetry']['version'], t.version) + + def test_extrefs(self) -> None: + p = load_pyproject() + ers: Tuple[ExternalReference, ...] = tuple(this_tool().external_references) + self.assertExtRefs(p, ers) diff --git a/tests/test_deserialize_json.py b/tests/test_deserialize_json.py index 380ba5b6..38a70e44 100644 --- a/tests/test_deserialize_json.py +++ b/tests/test_deserialize_json.py @@ -28,14 +28,19 @@ from cyclonedx.model.license import DisjunctiveLicense, LicenseExpression, LicenseRepository from cyclonedx.schema import OutputFormat, SchemaVersion from tests import OWN_DATA_DIRECTORY, DeepCompareMixin, SnapshotMixin, mksname -from tests._data.models import all_get_bom_funct_valid_immut, all_get_bom_funct_with_incomplete_deps +from tests._data.models import ( + all_get_bom_funct_valid_immut, + all_get_bom_funct_valid_reversible_migrate, + all_get_bom_funct_with_incomplete_deps, +) @ddt class TestDeserializeJson(TestCase, SnapshotMixin, DeepCompareMixin): - @named_data(*all_get_bom_funct_valid_immut) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @named_data(*all_get_bom_funct_valid_immut, + *all_get_bom_funct_valid_reversible_migrate) + @patch('cyclonedx.builder.this.__ThisVersion', 'TESTING') def test_prepared(self, get_bom: Callable[[], Bom], *_: Any, **__: Any) -> None: # only latest schema will have all data populated in serialized form snapshot_name = mksname(get_bom, SchemaVersion.V1_6, OutputFormat.JSON) diff --git a/tests/test_deserialize_xml.py b/tests/test_deserialize_xml.py index ab5a990a..26cc34ec 100644 --- a/tests/test_deserialize_xml.py +++ b/tests/test_deserialize_xml.py @@ -15,7 +15,6 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) OWASP Foundation. All Rights Reserved. - from typing import Any, Callable from unittest import TestCase from unittest.mock import patch @@ -25,14 +24,19 @@ from cyclonedx.model.bom import Bom from cyclonedx.schema import OutputFormat, SchemaVersion from tests import DeepCompareMixin, SnapshotMixin, mksname -from tests._data.models import all_get_bom_funct_valid_immut, all_get_bom_funct_with_incomplete_deps +from tests._data.models import ( + all_get_bom_funct_valid_immut, + all_get_bom_funct_valid_reversible_migrate, + all_get_bom_funct_with_incomplete_deps, +) @ddt class TestDeserializeXml(TestCase, SnapshotMixin, DeepCompareMixin): - @named_data(*all_get_bom_funct_valid_immut) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @named_data(*all_get_bom_funct_valid_immut, + *all_get_bom_funct_valid_reversible_migrate) + @patch('cyclonedx.builder.this.__ThisVersion', 'TESTING') def test_prepared(self, get_bom: Callable[[], Bom], *_: Any, **__: Any) -> None: # only latest schema will have all data populated in serialized form snapshot_name = mksname(get_bom, SchemaVersion.V1_6, OutputFormat.XML) diff --git a/tests/test_enums.py b/tests/test_enums.py index c963c499..294c58f2 100644 --- a/tests/test_enums.py +++ b/tests/test_enums.py @@ -21,7 +21,6 @@ from json import load as json_load from typing import Any, Generator, Iterable, Tuple, Type from unittest import TestCase -from unittest.mock import patch from warnings import warn from xml.etree.ElementTree import parse as xml_parse # nosec B405 @@ -165,7 +164,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(DataFlow, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(services=[Service(name='dummy', bom_ref='dummy', data=( DataClassification(flow=df, classification=df.name) @@ -185,7 +183,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(Encoding, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=[Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', licenses=( DisjunctiveLicense(name=f'att.encoding: {encoding.name}', text=AttachedText( @@ -206,7 +203,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ExternalReferenceType, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=[ Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', external_references=( @@ -228,7 +224,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(HashAlgorithm, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=[Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', hashes=( HashType(alg=alg, content='ae2b1fca515949e5d54fb22b8ed95575') @@ -248,7 +243,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ComponentScope, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=( Component(bom_ref=f'scoped-{scope.name}', name=f'dummy-{scope.name}', @@ -287,7 +281,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ComponentType, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: if OutputFormat.XML is of: schema_cases = set(dp_cases_from_xml_schema(SCHEMA_XML[sv], _DP_ComponentType.XML_SCHEMA_XPATH)) @@ -324,7 +317,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(PatchClassification, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=[ Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', pedigree=Pedigree(patches=( @@ -346,7 +338,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ImpactAnalysisAffectedStatus, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=[Vulnerability( bom_ref='dummy', id='dummy', affects=[BomTarget(ref='urn:cdx:bom23/1#comp42', versions=( @@ -368,7 +359,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ImpactAnalysisJustification, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=( Vulnerability( @@ -391,7 +381,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ImpactAnalysisResponse, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=[Vulnerability( bom_ref='dummy', id='dummy', @@ -413,7 +402,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(ImpactAnalysisState, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=( Vulnerability( @@ -435,7 +423,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(IssueClassification, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(components=[ Component(name='dummy', type=ComponentType.LIBRARY, bom_ref='dummy', pedigree=Pedigree(patches=[ @@ -459,7 +446,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(VulnerabilityScoreSource, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=[Vulnerability(bom_ref='dummy', id='dummy', ratings=( VulnerabilityRating(method=vss) @@ -479,7 +465,6 @@ def test_knows_value(self, value: str) -> None: super()._test_knows_value(VulnerabilitySeverity, value) @named_data(*NAMED_OF_SV) - @patch('cyclonedx.model.ThisTool._version', 'TESTING') def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: bom = _make_bom(vulnerabilities=[Vulnerability(bom_ref='dummy', id='dummy', ratings=( VulnerabilityRating(severity=vs) diff --git a/tests/test_model.py b/tests/test_model.py index 50f0c893..c101d8e0 100644 --- a/tests/test_model.py +++ b/tests/test_model.py @@ -40,7 +40,6 @@ Note, NoteText, Property, - Tool, XsUri, ) from cyclonedx.model.contact import OrganizationalContact @@ -563,22 +562,3 @@ def test_sort(self) -> None: sorted_props = sorted(props) expected_props = reorder(props, expected_order) self.assertListEqual(sorted_props, expected_props) - - -class TestModelTool(TestCase): - - def test_sort(self) -> None: - # expected sort order: (vendor, name, version) - expected_order = [0, 1, 2, 3, 4, 5, 6] - tools = [ - Tool(vendor='a', name='a', version='1.0.0'), - Tool(vendor='a', name='a', version='2.0.0'), - Tool(vendor='a', name='b', version='1.0.0'), - Tool(vendor='a', name='b'), - Tool(vendor='b', name='a'), - Tool(vendor='b', name='b', version='1.0.0'), - Tool(name='b'), - ] - sorted_tools = sorted(tools) - expected_tools = reorder(tools, expected_order) - self.assertListEqual(sorted_tools, expected_tools) diff --git a/tests/test_model_bom.py b/tests/test_model_bom.py index 60e22c69..2cd36e5e 100644 --- a/tests/test_model_bom.py +++ b/tests/test_model_bom.py @@ -23,12 +23,13 @@ from ddt import ddt, named_data from cyclonedx.exception.model import LicenseExpressionAlongWithOthersException -from cyclonedx.model import Property, ThisTool, Tool +from cyclonedx.model import Property from cyclonedx.model.bom import Bom, BomMetaData from cyclonedx.model.bom_ref import BomRef from cyclonedx.model.component import Component, ComponentType from cyclonedx.model.contact import OrganizationalContact, OrganizationalEntity from cyclonedx.model.license import DisjunctiveLicense +from cyclonedx.model.tool import Tool from tests._data.models import ( get_bom_component_licenses_invalid, get_bom_component_nested_licenses_invalid, @@ -48,14 +49,13 @@ class TestBomMetaData(TestCase): def test_empty_bom_metadata(self) -> None: metadata = BomMetaData() self.assertIsNotNone(metadata.timestamp) - self.assertIsNotNone(metadata.authors) + self.assertEqual(0, len(metadata.authors)) self.assertIsNone(metadata.component) self.assertIsNone(metadata.manufacture) self.assertIsNone(metadata.supplier) - self.assertIsNotNone(metadata.licenses) - self.assertIsNotNone(metadata.properties) - self.assertIsNotNone(metadata.tools) - self.assertTrue(ThisTool in metadata.tools) + self.assertEqual(0, len(metadata.licenses)) + self.assertEqual(0, len(metadata.properties)) + self.assertEqual(0, len(metadata.tools)) def test_basic_bom_metadata(self) -> None: tools = [ @@ -94,26 +94,23 @@ def test_basic_bom_metadata(self) -> None: self.assertTrue(properties[0] in metadata.properties) self.assertTrue(properties[1] in metadata.properties) self.assertIsNotNone(metadata.tools) - self.assertTrue(ThisTool not in metadata.tools) - self.assertTrue(tools[0] in metadata.tools) - self.assertTrue(tools[1] in metadata.tools) + self.assertEqual(2, len(metadata.tools.tools)) + self.assertTrue(tools[0] in metadata.tools.tools) + self.assertTrue(tools[1] in metadata.tools.tools) @ddt class TestBom(TestCase): - def test_bom_metadata_tool_this_tool(self) -> None: - self.assertEqual(ThisTool.vendor, 'CycloneDX') - self.assertEqual(ThisTool.name, 'cyclonedx-python-lib') - self.assertNotEqual(ThisTool.version, 'UNKNOWN') - def test_bom_metadata_tool_multiple_tools(self) -> None: bom = Bom() - self.assertEqual(len(bom.metadata.tools), 1) - bom.metadata.tools.add( + self.assertEqual(len(bom.metadata.tools), 0) + bom.metadata.tools.tools.add( Tool(vendor='TestVendor', name='TestTool', version='0.0.0') ) - self.assertEqual(bom.version, 1) + bom.metadata.tools.tools.add( + Tool(vendor='TestVendor', name='TestTool-2', version='1.33.7') + ) self.assertEqual(len(bom.metadata.tools), 2) def test_metadata_component(self) -> None: diff --git a/tests/test_model_component.py b/tests/test_model_component.py index 3eb2d773..06d9d32d 100644 --- a/tests/test_model_component.py +++ b/tests/test_model_component.py @@ -284,7 +284,7 @@ def test_nested_components_2(self) -> None: self.assertEqual(3, len(comp_b.get_all_nested_components(include_self=True))) self.assertEqual(2, len(comp_b.get_all_nested_components(include_self=False))) - def test_cpe_validation_valid(self) -> None: + def test_cpe_validation_valid_format(self) -> None: cpe = 'cpe:2.3:a:python:setuptools:50.3.2:*:*:*:*:*:*:*' c = Component(name='test-component', cpe=cpe) self.assertEqual(c.cpe, cpe) diff --git a/tests/test_model_tool.py b/tests/test_model_tool.py new file mode 100644 index 00000000..b541e64a --- /dev/null +++ b/tests/test_model_tool.py @@ -0,0 +1,58 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from unittest import TestCase + +from cyclonedx.model.tool import Tool +from tests import reorder + + +class TestModelTool(TestCase): + + def test_sort(self) -> None: + # expected sort order: (vendor, name, version) + expected_order = [0, 1, 2, 3, 4, 5, 6] + tools = [ + Tool(vendor='a', name='a', version='1.0.0'), + Tool(vendor='a', name='a', version='2.0.0'), + Tool(vendor='a', name='b', version='1.0.0'), + Tool(vendor='a', name='b'), + Tool(vendor='b', name='a'), + Tool(vendor='b', name='b', version='1.0.0'), + Tool(name='b'), + ] + sorted_tools = sorted(tools) + expected_tools = reorder(tools, expected_order) + self.assertListEqual(sorted_tools, expected_tools) + + def test_non_equal_tool_and_invalid(self) -> None: + t = Tool(vendor='VendorA') + self.assertFalse(t == 'INVALID') + + def test_invalid_tool_compare(self) -> None: + t = Tool(vendor='VendorA') + with self.assertRaises(TypeError): + r = t < 'INVALID' # pylint: disable=unused-variable # noqa: disable=E841 + + def test_tool_repr(self) -> None: + t = Tool(name='test-tool', version='1.2.3', vendor='test-vendor') + self.assertEqual(repr(t), '') + + def test_tool_equals(self) -> None: + t = Tool() + self.assertEqual(t, t) diff --git a/tests/test_model_tool_repository.py b/tests/test_model_tool_repository.py new file mode 100644 index 00000000..fe54c8e6 --- /dev/null +++ b/tests/test_model_tool_repository.py @@ -0,0 +1,81 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from unittest import TestCase + +from cyclonedx.model.component import Component +from cyclonedx.model.service import Service +from cyclonedx.model.tool import Tool, ToolRepository + + +class TestModelToolRepository(TestCase): + + def test_init(self) -> ToolRepository: + c = Component(name='test-component') + s = Service(name='test-service') + t = Tool(name='test-tool') + tr = ToolRepository( + components=(c,), + services=(s,), + tools=(t,) + ) + self.assertIs(c, tuple(tr.components)[0]) + self.assertIs(s, tuple(tr.services)[0]) + self.assertIs(t, tuple(tr.tools)[0]) + return tr + + def test_filled(self) -> None: + tr = self.test_init() + self.assertEqual(3, len(tr)) + self.assertTrue(tr) + + def test_empty(self) -> None: + tr = ToolRepository() + self.assertEqual(0, len(tr)) + self.assertFalse(tr) + + def test_unequal_different_type(self) -> None: + tr = ToolRepository() + self.assertFalse(tr == 'other') + + def test_equal_self(self) -> None: + tr = ToolRepository() + tr.tools.add(Tool(name='my-tool')) + self.assertTrue(tr == tr) + + def test_unequal(self) -> None: + tr1 = ToolRepository() + tr1.components.add(Component(name='my-component')) + tr1.services.add(Service(name='my-service')) + tr1.tools.add(Tool(name='my-tool')) + tr2 = ToolRepository() + self.assertFalse(tr1 == tr2) + + def test_equal(self) -> None: + c = Component(name='my-component') + s = Service(name='my-service') + t = Tool(name='my-tool') + tr1 = ToolRepository() + tr1.components.add(c) + tr1.services.add(s) + tr1.tools.add(t) + tr2 = ToolRepository() + tr2.components.add(c) + tr2.services.add(s) + tr2.tools.add(t) + self.assertTrue(tr1 == tr2) diff --git a/tests/test_output_json.py b/tests/test_output_json.py index 4bcbe2a2..304a8fa1 100644 --- a/tests/test_output_json.py +++ b/tests/test_output_json.py @@ -61,7 +61,7 @@ def test_unsupported_schema_raises(self, sv: SchemaVersion) -> None: and is_valid_for_schema_version(gb, sv) )) @unpack - @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.builder.this.__ThisVersion', 'TESTING') def test_valid(self, get_bom: Callable[[], Bom], sv: SchemaVersion, *_: Any, **__: Any) -> None: snapshot_name = mksname(get_bom, sv, OutputFormat.JSON) bom = get_bom() diff --git a/tests/test_output_xml.py b/tests/test_output_xml.py index ea69b901..e7ed5b88 100644 --- a/tests/test_output_xml.py +++ b/tests/test_output_xml.py @@ -48,7 +48,7 @@ class TestOutputXml(TestCase, SnapshotMixin): if is_valid_for_schema_version(gb, sv) )) @unpack - @patch('cyclonedx.model.ThisTool._version', 'TESTING') + @patch('cyclonedx.builder.this.__ThisVersion', 'TESTING') def test_valid(self, get_bom: Callable[[], Bom], sv: SchemaVersion, *_: Any, **__: Any) -> None: snapshot_name = mksname(get_bom, sv, OutputFormat.XML) if snapshot_name is None: diff --git a/tests/test_real_world_examples.py b/tests/test_real_world_examples.py index 757d33eb..1df29fca 100644 --- a/tests/test_real_world_examples.py +++ b/tests/test_real_world_examples.py @@ -25,7 +25,7 @@ from tests import OWN_DATA_DIRECTORY -@patch('cyclonedx.model.ThisTool._version', 'TESTING') +@patch('cyclonedx.builder.this.__ThisVersion', 'TESTING') @patch('cyclonedx.model.bom._get_now_utc', return_value=datetime.fromisoformat('2023-01-07 13:44:32.312678+00:00')) class TestDeserializeRealWorldExamples(unittest.TestCase): diff --git a/tests/test_validation_json.py b/tests/test_validation_json.py index 1c9c4016..d4283d61 100644 --- a/tests/test_validation_json.py +++ b/tests/test_validation_json.py @@ -31,17 +31,20 @@ UNSUPPORTED_SCHEMA_VERSIONS = {SchemaVersion.V1_0, SchemaVersion.V1_1, } -def _dp_sv_tf(prefix: str) -> Generator: +def _dp_sv_tf(valid: bool) -> Generator: + prefix = 'valid-' if valid else 'invalid-' return ( - DpTuple((sv, tf)) for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS - for tf in iglob(join(SCHEMA_TESTDATA_DIRECTORY, sv.to_version(), f'{prefix}-*.json')) + DpTuple((sv, tf)) + for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS + for tf in iglob(join(SCHEMA_TESTDATA_DIRECTORY, sv.to_version(), f'{prefix}*.json')) ) -def _dp_sv_own() -> Generator: +def _dp_sv_own(valid: bool) -> Generator: return ( - DpTuple((sv, tf)) for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS - for tf in iglob(join(OWN_DATA_DIRECTORY, 'json', sv.to_version(), '*.json')) + DpTuple((sv, tf)) + for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS + for tf in iglob(join(OWN_DATA_DIRECTORY, 'json', sv.to_version(), '*.json')) if ('invalid-' in tf) != valid ) @@ -60,8 +63,8 @@ def test_throws_with_unsupported_schema_version(self, schema_version: SchemaVers JsonValidator(schema_version) @idata(chain( - _dp_sv_tf('valid'), - _dp_sv_own() + _dp_sv_tf(True), + _dp_sv_own(True) )) @unpack def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: str) -> None: @@ -74,7 +77,10 @@ def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: s self.skipTest('MissingOptionalDependencyException') self.assertIsNone(validation_error) - @idata(_dp_sv_tf('invalid')) + @idata(chain( + _dp_sv_tf(False), + _dp_sv_own(False) + )) @unpack def test_validate_expected_error(self, schema_version: SchemaVersion, test_data_file: str) -> None: validator = JsonValidator(schema_version) @@ -97,8 +103,8 @@ def test_throws_with_unsupported_schema_version(self, schema_version: SchemaVers JsonStrictValidator(schema_version) @idata(chain( - _dp_sv_tf('valid'), - _dp_sv_own() + _dp_sv_tf(True), + _dp_sv_own(True) )) @unpack def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: str) -> None: @@ -111,7 +117,10 @@ def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: s self.skipTest('MissingOptionalDependencyException') self.assertIsNone(validation_error) - @idata(_dp_sv_tf('invalid')) + @idata(chain( + _dp_sv_tf(False), + _dp_sv_own(False) + )) @unpack def test_validate_expected_error(self, schema_version: SchemaVersion, test_data_file: str) -> None: validator = JsonStrictValidator(schema_version) diff --git a/tests/test_validation_xml.py b/tests/test_validation_xml.py index 1e40f735..8ec04d71 100644 --- a/tests/test_validation_xml.py +++ b/tests/test_validation_xml.py @@ -31,17 +31,20 @@ UNSUPPORTED_SCHEMA_VERSIONS = set() -def _dp_sv_tf(prefix: str) -> Generator: +def _dp_sv_tf(valid: bool) -> Generator: + prefix = 'valid-' if valid else 'invalid-' return ( - DpTuple((sv, tf)) for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS - for tf in iglob(join(SCHEMA_TESTDATA_DIRECTORY, sv.to_version(), f'{prefix}-*.xml')) + DpTuple((sv, tf)) + for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS + for tf in iglob(join(SCHEMA_TESTDATA_DIRECTORY, sv.to_version(), f'{prefix}*.xml')) ) -def _dp_sv_own() -> Generator: +def _dp_sv_own(valid: bool) -> Generator: return ( - DpTuple((sv, tf)) for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS - for tf in iglob(join(OWN_DATA_DIRECTORY, 'xml', sv.to_version(), '*.xml')) + DpTuple((sv, tf)) + for sv in SchemaVersion if sv not in UNSUPPORTED_SCHEMA_VERSIONS + for tf in iglob(join(OWN_DATA_DIRECTORY, 'xml', sv.to_version(), '*.xml')) if ('invalid-' in tf) != valid ) @@ -60,8 +63,8 @@ def test_throws_with_unsupported_schema_version(self, schema_version: SchemaVers XmlValidator(schema_version) @idata(chain( - _dp_sv_tf('valid'), - _dp_sv_own() + _dp_sv_tf(True), + _dp_sv_own(True) )) @unpack def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: str) -> None: @@ -74,7 +77,10 @@ def test_validate_no_none(self, schema_version: SchemaVersion, test_data_file: s self.skipTest('MissingOptionalDependencyException') self.assertIsNone(validation_error) - @idata(_dp_sv_tf('invalid')) + @idata(chain( + _dp_sv_tf(False), + _dp_sv_own(False) + )) @unpack def test_validate_expected_error(self, schema_version: SchemaVersion, test_data_file: str) -> None: validator = XmlValidator(schema_version) From aea3b047bc86a4256e8437bdba931578859700df Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Tue, 15 Oct 2024 21:01:44 -0400 Subject: [PATCH 06/37] feat: add cpe format validation Signed-off-by: Saquib Saifee --- cyclonedx/model/component.py | 10 ---------- tests/test_model_component.py | 1 - 2 files changed, 11 deletions(-) diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index 046daba9..f7acafa7 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -64,16 +64,6 @@ from .license import License, LicenseRepository from .release_note import ReleaseNotes -CPE_REGEX = re.compile( - r'([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%]*){0,6})|' - r'(cpe:2\.3:[aho*-](:(((\?*|\*?)([a-zA-Z0-9\-._]|' - r'(\\[\\\*\?!\"#\$%&\'\(\)\+,/:;<=>@\[\]\^`\{\|\}~]))+(\?*|\*?))|' - r'[\*\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|' - r'[\*\-]))(:(((\?*|\*?)([a-zA-Z0-9\-._]|' - r'(\\[\\\*\?!\"#\$%&\'\(\)\+,/:;<=>@\[\]\^`\{\|\}~]))+(\?*|' - r'\*?))|[\*\-])){4})' -) - @serializable.serializable_class class Commit: diff --git a/tests/test_model_component.py b/tests/test_model_component.py index 06d9d32d..15b7f842 100644 --- a/tests/test_model_component.py +++ b/tests/test_model_component.py @@ -123,7 +123,6 @@ def test_empty_basic_component(self) -> None: self.assertSetEqual(c.external_references, set()) self.assertFalse(c.properties) self.assertIsNone(c.release_notes) - self.assertIsNone(c.cpe) self.assertEqual(len(c.components), 0) self.assertEqual(len(c.get_all_nested_components(include_self=True)), 1) From ce3fe7f30bbfd74d00da69ca12c183d75d52e0ed Mon Sep 17 00:00:00 2001 From: semantic-release Date: Sat, 26 Oct 2024 23:52:59 +0000 Subject: [PATCH 07/37] chore(release): 1.0.0 Automatically generated by python-semantic-release Signed-off-by: semantic-release --- CHANGELOG.md | 3463 +++++++++++++++++------------------------ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 1423 insertions(+), 2046 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0423d5d4..f3b66957 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,68 +2,7 @@ -## v8.3.0 (2024-10-26) - -### Documentation - -* docs: revisit examples readme (#725) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) - -### Feature - -* feat: add basic support for Definitions (#701) - - - ---------- - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) - - -## v8.2.1 (2024-10-24) - -### Fix - -* fix: encode quotation mark in URL (#724) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) - - -## v8.2.0 (2024-10-22) - -### Feature - -* feat: Add Python 3.13 support (#718) - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) - - -## v8.1.0 (2024-10-21) - -### Documentation - -* docs: fix code examples regarding outputting (#709) - - - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) - -### Feature - -* feat: add support for Lifecycles in BOM metadata (#698) - - - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) - - -## v8.0.0 (2024-10-14) +## v1.0.0 (2024-10-26) ### Breaking @@ -109,241 +48,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Joshua Kugler <tek30584@adobe.com> Signed-off-by: semantic-release <semantic-release@bot.local> Co-authored-by: Joshua Kugler <joshua@azariah.com> -Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) - -### Documentation - -* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) - - -## v7.6.2 (2024-10-07) - -### Documentation - -* docs: fix some doc strings - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) - -### Fix - -* fix: behavior of and typing for crypto setters with optional values (#694) - -fixes #690 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) - - -## v7.6.1 (2024-09-18) - -### Fix - -* fix: file copyright headers (#676) - -utilizes flake8 plugin -<https://pypi.org/project/flake8-copyright-validator/> to assert the -correct headers - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) - - -## v7.6.0 (2024-08-14) - -### Feature - -* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) - -The code mistreated hashes for Blake2b and SHA3. -Code for explicitly handling SHA1 & BLAKE3 was added, as those have no -variants defined in the CycloneDX specification. - -fixes #652 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) - - -## v7.5.1 (2024-07-08) - -### Fix - -* fix: XML serialize `normalizedString` and `token` properly (#646) - -fixes #638 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) - - -## v7.5.0 (2024-07-04) - -### Feature - -* feat: add workaround property for v1.5 and v1.6 (#642) - -Property `workaround` was missing from the vulnerability model. It was -added in spec v1.5 and was marked as TODO before. - -This is my first contribution on this project so if I done something -wrong, just say me :smiley: - -Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> -Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> -Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) - - -## v7.4.1 (2024-06-12) - -### Documentation - -* docs: exclude dep bumps from changelog (#627) - -fixes #616 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) - -### Fix - -* fix: `cyclonedx.model.Property.value` value is optional (#631) - -`cyclonedx.model.Property.value` value is optional, in accordance with -the spec. - -fixes #630 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) - - -## v7.4.0 (2024-05-23) - -### Documentation - -* docs: OSSP best practice percentage - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) - -### Feature - -* feat: updated SPDX license list to `v3.24.0` (#622) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) - - -## v7.3.4 (2024-05-06) - -### Fix - -* fix: allow suppliers with empty-string names (#611) - -fixes #600 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) - - -## v7.3.3 (2024-05-06) - -### Fix - -* fix: json validation allow arbitrary `$schema` value (#613) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) - - -## v7.3.2 (2024-04-26) - -### Fix - -* fix: properly sort components based on all properties (#599) - -reverts #587 - as this one introduced errors -fixes #598 -fixes #586 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) - - -## v7.3.1 (2024-04-22) - -### Fix - -* fix: include all fields of `Component` in `__lt__` function for #586 (#587) - -Fixes #586. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) - - -## v7.3.0 (2024-04-19) - -### Feature - -* feat: license factory set `acknowledgement` (#593) - -add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) - - -## v7.2.0 (2024-04-19) - -### Feature - -* feat: disjunctive license acknowledgement (#591) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) - -### Unknown - -* doc: poor merge resolved - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) - - -## v7.1.0 (2024-04-10) - -### Documentation - -* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) - -### Feature - -* feat: support `bom.properties` for CycloneDX v1.5+ (#585) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) - - -## v7.0.0 (2024-04-09) - -### Breaking +Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) * feat!: Support for CycloneDX v1.6 @@ -484,187 +189,9 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) - - -## v6.4.4 (2024-03-18) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) -### Fix - -* fix: wrong extra name for xml validation (#571) - - - -Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) - - -## v6.4.3 (2024-03-04) - -### Fix - -* fix: serialization of `model.component.Diff` (#557) - -Fixes #556 - ---------- - -Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) - - -## v6.4.2 (2024-03-01) - -### Build - -* build: use poetry v1.8.1 (#560) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) - -### Documentation - -* docs: update architecture description and examples (#550) - - - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) - -* docs: exclude internal docs from rendering (#545) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) - -### Unknown - -* docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) - -* docs (#546) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) - - -## v6.4.1 (2024-01-30) - -### Documentation - -* docs: ship docs with `sdist` build (#544) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) - -* docs: refactor example - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -### Fix - -* fix: `model.BomRef` no longer equal to unset peers (#543) - - fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) - - -## v6.4.0 (2024-01-22) - -### Documentation - -* docs: add OpenSSF Best Practices shield (#532) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) - -### Feature - -* feat: support `py-serializable` v1.0 (#531) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) - - -## v6.3.0 (2024-01-06) - -### Documentation - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) - -### Feature - -* feat: enable dependency `py-serializable 0.17` (#529) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) - - -## v6.2.0 (2023-12-31) - -### Build - -* build: allow additional major-version RC branch patterns - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) - -### Documentation - -* docs: fix typo - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) - -* docs: update intro and description - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) - -* docs: buld docs on ubuntu22.04 python311 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) - -### Feature - -* feat: allow `lxml` requirement in range of `>=4,<6` (#523) - -Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. -- [Release notes](https://github.com/lxml/lxml/releases) -- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) -- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) - ---- -updated-dependencies: -- dependency-name: lxml - dependency-type: direct:production -... - -Signed-off-by: dependabot[bot] <support@github.com> -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) - -### Unknown - -* docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) - - -## v6.1.0 (2023-12-22) - -### Feature - -* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) - -new API: `model.HashType.from_hashlib_alg()` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) - - -## v6.0.0 (2023-12-10) - -### Breaking - -* feat!: v6.0.0 (#492) +* feat!: v6.0.0 (#492) ### Breaking Changes @@ -754,78 +281,7 @@ Signed-off-by: Johannes Feichtner <johannes@web-wack.at> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) - - -## v5.2.0 (2023-12-02) - -### Documentation - -* docs: keywaords & funding (#486) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) - -### Feature - -* feat: `model.XsUri` migrate control characters according to spec (#498) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) - - -## v5.1.1 (2023-11-02) - -### Fix - -* fix: update own `externalReferences` (#480) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) - - -## v5.1.0 (2023-10-31) - -### Documentation - -* docs: advance license docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) - -### Feature - -* feat: guarantee unique `BomRef`s in serialization result (#479) - -Incorporate `output.BomRefDiscriminator` on serialization - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) - - -## v5.0.1 (2023-10-24) - -### Documentation - -* docs: revisit project meta (#475) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) - -* docs: fix RTFD build (#476) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) - -### Unknown - -* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" - -This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) - - -## v5.0.0 (2023-10-24) - -### Breaking +Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) * feat!: v5.0.0 (#440) @@ -945,119 +401,17 @@ Misc Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> Signed-off-by: semantic-release <semantic-release> -Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) - - -## v4.2.3 (2023-10-16) - -### Fix - -* fix: SPDX-expression-validation internal crashes are cought and handled (#471) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) - - -## v4.2.2 (2023-09-14) - -### Documentation - -* docs: fix shield in README - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) - -* docs(example): showcase `LicenseChoiceFactory` (#428) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) - -### Fix - -* fix: ship meta files (#434) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) - +Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) -## v4.2.1 (2023-09-06) - -### Fix - -* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) - - -## v4.2.0 (2023-09-06) - -### Feature - -* feat: complete SPDX license expression (#425) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) - - -## v4.1.0 (2023-08-27) - -### Documentation - -* docs(examples): showcase shorthand dependency management (#403) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) - -### Feature - -* feat: programmatic access to library's version (#417) +* feat: Release 4.0.0 #341) -adds `cyclonedx.__version__` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) - - -## v4.0.1 (2023-06-28) - -### Documentation - -* docs(examples): README (#399) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) - -* docs: add exaple how to build and serialize (#397) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) - -### Fix - -* fix: conditional warning if no root dependencies were found (#398) - - - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) - -### Unknown - -* 4.0.1 - -Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) - -* Add missing space in warning message. (#364) - - - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) - - -## v4.0.0 (2023-03-20) - -### Breaking - -* feat: Release 4.0.0 #341) - -Highlights of this release include: -* Support for De-serialization from JSON and XML to this Pythonic Model -* Deprecation of Python 3.6 support -* Support for Python 3.11 -* Support for `BomLink` -* Support VEX without needing `Component` in the same `Bom` -* Support for `services` having `dependencies` +Highlights of this release include: +* Support for De-serialization from JSON and XML to this Pythonic Model +* Deprecation of Python 3.6 support +* Support for Python 3.11 +* Support for `BomLink` +* Support VEX without needing `Component` in the same `Bom` +* Support for `services` having `dependencies` BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. @@ -1167,1869 +521,2070 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) - -### Unknown - -* 4.0.0 - -Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) +Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) +* feat: bump dependencies -## v3.1.5 (2023-01-12) +BREAKING CHANGE: Adopt PEP-3102 -### Fix +BREAKING CHANGE: Optional Lists are now non-optional Sets -* fix: mak test's schema paths relative to `cyclonedx` package (#338) +BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) +BREAKING CHANGE: Added `BomRef` data type -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) -* 3.1.5 +### Build -Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) +* build: use poetry v1.8.1 (#560) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) -## v3.1.4 (2023-01-11) +* build: allow additional major-version RC branch patterns -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) -* fix(tests): include tests in `sdist` builds (#337) +* build: move typing to dev-dependencies -* feat: include `tests` in `sdist` builds for #336 -* delete unexpected `DS_Store` file +Move `types-setuptools` and `types-toml` to dev-dependencies (#226) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) +Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) -### Unknown +* build: updated dependencies, moved pdoc3 to a dev dependency -* 3.1.4 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) + +* build: dependencies updated -Automatically generated by python-semantic-release ([`0b19294`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) +### Documentation -## v3.1.3 (2023-01-07) +* docs: revisit examples readme (#725) -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) -* fix: serialize dependency graph for nested components (#329) +* docs: fix code examples regarding outputting (#709) -* tests: regression tests for issue #328 -* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) -### Unknown +* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) -* 3.1.3 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) -Automatically generated by python-semantic-release ([`11a420c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) +* docs: fix some doc strings +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) -## v3.1.2 (2023-01-06) +* docs: exclude dep bumps from changelog (#627) -### Documentation +fixes #616 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) -* docs: typo +* docs: OSSP best practice percentage -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) -* docs: fix shields (#324) +* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) -caused by https://github.com/badges/shields/issues/8671 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) -* docs: fix typo (#318) +* docs: update architecture description and examples (#550) -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) - -### Fix + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) -* fix: prevent errors on metadata handling for some specification versions (#330) +* docs: exclude internal docs from rendering (#545) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) -### Unknown +* docs: ship docs with `sdist` build (#544) -* 3.1.2 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) -Automatically generated by python-semantic-release ([`0853d14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) +* docs: refactor example -* clarify sign-off step (#319) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) +* docs: add OpenSSF Best Practices shield (#532) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) -## v3.1.1 (2022-11-28) +* docs: add `Documentation` url to project meta -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) -* fix: type hint for `get_component_by_purl` is incorrect +* docs: add `Documentation` url to project meta -chore: force automated release -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) -### Unknown +* docs: fix typo -* 3.1.1 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) -Automatically generated by python-semantic-release ([`503955e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) +* docs: update intro and description -* Merge pull request #310 from gruebel/fix-method-type-hint +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) -fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) +* docs: buld docs on ubuntu22.04 python311 -* move tests to model bom file +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) +* docs: keywaords & funding (#486) -* fix type hint for get_component_by_purl +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) +* docs: advance license docs +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) -## v3.1.0 (2022-09-15) +* docs: revisit project meta (#475) -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) -* feat: out-factor SPDX compund detection +* docs: fix RTFD build (#476) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) -* feat: out-factor SPDX compund detection +* docs: fix shield in README -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) -* feat: license factories +* docs(example): showcase `LicenseChoiceFactory` (#428) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) -### Unknown +* docs(examples): showcase shorthand dependency management (#403) -* 3.1.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) -Automatically generated by python-semantic-release ([`e52c174`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) +* docs(examples): README (#399) -* Merge pull request #305 from CycloneDX/license-factories +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) -feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) +* docs: add exaple how to build and serialize (#397) -* Merge pull request #301 from CycloneDX/fix-poetry-in-tox +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) -chore: fix poetry in tox ([`92aea8d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) +* docs: typo -* remove v3 from CHANGELOG #286 (#287) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) +* docs: fix shields (#324) -* 3.0.0 +caused by https://github.com/badges/shields/issues/8671 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) -Automatically generated by python-semantic-release ([`69582ff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) +* docs: fix typo (#318) + +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) -## v2.7.1 (2022-08-01) +* docs: fix typo "This is out" -> "This is our" -### Fix +Fix typo in comments: "This is out" -> "This is our" (#233) + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) -* fix: pinned `mypy <= 0.961` due to #278 +### Feature -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) +* feat: add basic support for Definitions (#701) -* fix: properly support nested `components` and `services` #275 + + +--------- + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) +* feat: Add Python 3.13 support (#718) -### Unknown +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) -* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 +* feat: add support for Lifecycles in BOM metadata (#698) -fix: BOM validation fails when Components or Services are nested #275 -fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) -* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) +* feat: add cpe format validation -* added tests to cover new `Component.get_all_nested_components()` method +Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`aea3b04`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aea3b047bc86a4256e8437bdba931578859700df)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +* feat: add CPE format validation in property setter -* Revert "chore: re-added `isort` to pre-commit hooks" +Signed-off-by: Saquib Saifee <saquibsaifee@ibm.com> ([`c74218b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c74218ba0f969cdbe20c5988ef37b358c9c0e011)) -This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. +* feat: add cpe format validation -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) +- Implemented regex-based validation for CPE format in the model. +- Added tests to verify handling of invalid CPE strings. -* removed tests where services are part of dependency tree - see #277 +Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`15d9c19`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15d9c198404d4c55cf2e9039283a31ff973e8a1b)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) +* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) -* aded XML output tests for Issue #275 +The code mistreated hashes for Blake2b and SHA3. +Code for explicitly handling SHA1 & BLAKE3 was added, as those have no +variants defined in the CycloneDX specification. + +fixes #652 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) +* feat: add workaround property for v1.5 and v1.6 (#642) -* updated XML output tests +Property `workaround` was missing from the vulnerability model. It was +added in spec v1.5 and was marked as TODO before. + +This is my first contribution on this project so if I done something +wrong, just say me :smiley: + +Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> +Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> +Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) +* feat: updated SPDX license list to `v3.24.0` (#622) -* addressed JSON output for #275 including test addiitions +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) +* feat: license factory set `acknowledgement` (#593) +add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) -## v2.7.0 (2022-07-21) +* feat: disjunctive license acknowledgement (#591) -### Feature + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) -* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) +* feat: support `bom.properties` for CycloneDX v1.5+ (#585) -* feat: support for CycloneDX schema version `1.4.2` -- Provides support for `vulnerability.properties` +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) +* feat: support `py-serializable` v1.0 (#531) -* feat: added updated CycloneDX 1.4.2 schemas +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) +* feat: enable dependency `py-serializable 0.17` (#529) -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) -* 2.7.0 +* feat: allow `lxml` requirement in range of `>=4,<6` (#523) -Automatically generated by python-semantic-release ([`96d155e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) +Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. +- [Release notes](https://github.com/lxml/lxml/releases) +- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) +- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) + +--- +updated-dependencies: +- dependency-name: lxml + dependency-type: direct:production +... + +Signed-off-by: dependabot[bot] <support@github.com> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) +* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) -## v2.6.0 (2022-06-20) +new API: `model.HashType.from_hashlib_alg()` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) -### Feature +* feat: `model.XsUri` migrate control characters according to spec (#498) -* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) +* feat: guarantee unique `BomRef`s in serialization result (#479) -### Unknown +Incorporate `output.BomRefDiscriminator` on serialization + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) -* 2.6.0 +* feat: complete SPDX license expression (#425) -Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) +* feat: programmatic access to library's version (#417) -## v2.5.2 (2022-06-15) +adds `cyclonedx.__version__` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) -### Fix +* feat: out-factor SPDX compund detection -* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) +* feat: out-factor SPDX compund detection -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) -* 2.5.2 - -Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) - - -## v2.5.1 (2022-06-10) - -### Fix - -* fix: add missing `Vulnerability` comparator for sorting (#246) +* feat: license factories -Partial fix for #245. - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) -### Unknown +* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) -* 2.5.1 +* feat: support for CycloneDX schema version `1.4.2` +- Provides support for `vulnerability.properties` -Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) +* feat: added updated CycloneDX 1.4.2 schemas -## v2.5.0 (2022-06-10) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) -### Build +* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) -* build: move typing to dev-dependencies +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) -Move `types-setuptools` and `types-toml` to dev-dependencies (#226) - -Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) +* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson -### Documentation +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) -* docs: fix typo "This is out" -> "This is our" +* feat(deps): remove unused `typing-extensions` constraints -Fix typo in comments: "This is out" -> "This is our" (#233) +PullRequest and details via #224 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) -### Feature - -* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) +* feat: add support for Dependency Graph in Model and output serialisation -### Unknown +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) -* 2.5.0 - -Automatically generated by python-semantic-release ([`c820423`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) +* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: +https://github.com/CycloneDX/specification/issues/122 -* Merge pull request #235 from RodneyRichardson/use-sorted-set +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) -feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) +* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: +- https://github.com/CycloneDX/specification/issues/123 +- https://github.com/CycloneDX/specification/issues/84 +- https://github.com/CycloneDX/specification/issues/125 -* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) -* Fix SortedSet type hints for python < 3.8 +* feat: output errors are verbose -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) -* Fix line length warning. +* feat: completed work on #155 (#172) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) +fix: resolved #169 (part of #155) +feat: as part of solving #155, #147 has been implemented + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) -* Fix more type hints for python < 3.8 +* feat: support complete model for `bom.metadata` (#162) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) +* feat: support complete model for `bom.metadata` +fix: JSON comparison in unit tests was broken +chore: corrected some source license headers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) -* Fix SortedSet type hints for python < 3.8 +* feat: support for `bom.externalReferences` in JSON and XML #124 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) -* Fix type hint on ComparableTuple +* feat: Complete support for `bom.components` (#155) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) +* fix: implemented correct `__hash__` methods in models (#153) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) -* Sort usings. +* feat: support services in XML BOMs +feat: support nested services in JSON and XML BOMs -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) -* Fix sonatype-lift warnings +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) -* Fix warnings. +* feat: add CPE to component (#138) -Change tuple -> Tuple -Fix Diff initialization -Add sorting to AttachedText +* Added CPE to component + +Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixing problems with CPE addition + +- Fixed styling errors +- Added reference to CPE Spec +- Adding CPE parameter as last parameter to not break arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Again fixes for Style and CPE reference + +Missing in the last commit + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added CPE as argument before deprecated arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added testing for CPE addition and error fixing + +- Added output tests for CPE in XML and JSON +- Fixes style error in components +- Fixes order for CPE output in XML (CPE has to come before PURL) + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed output tests + +CPE was still in the wrong position in one of the tests - fixed + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed minor test fixtures issues + +- cpe was still in wrong position in 1.2 JSON +- Indentation fixed in 1.4 JSON + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed missing comma in JSON 1.2 test file + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) +* feat: add support for `bom.metadata.component` (#118) -* Reduce sortedcontainers.pyi to only the functions used. +* Add support for metadata component + +Part of #6 + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> + +* Better docs and simpler ifs + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) +* feat: loosed dependency versions to make this library more consumable -* Remove flake8 warnings +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) -Remove unused imports and trailing whitespace. -Sort usings in pyi file. +* feat: Typing & PEP 561 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) +* adde file for type checkers according to PEP 561 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added static code analysis as a dev-test + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added the "typed" trove + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added `flake8-annotations` to the tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* further typing updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing additions and test updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing - added type stubs for toml and setuptools + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* typing work + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* coding standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fixed tox and mypy running in correct python version + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed some typing related flaws + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added flake8-bugbear for code analysis + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) -* Add type hints for SortedSet +* feat: add support for Conda -Fix use of set/Set. +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) +* feat: add support for parsing package licenses when using the `Environment` Parsers -* Replace object type hint in __lt__ with Any +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) +* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known -* Make reorder() return type explicit List (as flagged by sonatype-lift bot) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) +* feat: support for pipenv.lock file parsing -* Use SortedSet in model to improve reproducibility +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) -Added `__lt__()` to all model classes used in SortedSet, with tests -Explicitly declared Enums as (str, Enum) to allow sorting -Added dependency to sortedcollections package +* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) +* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component -## v2.4.0 (2022-05-17) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) -### Feature +* feat: add support for tool(s) that generated the SBOM -* feat(deps): remove unused `typing-extensions` constraints +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) -PullRequest and details via #224 - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) +* feat: support for localising vectors (i.e. stripping out any scheme prefix) -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) -* 2.4.0 +* feat: helper methods for deriving Severity and SourceType -Automatically generated by python-semantic-release ([`4874354`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) -* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) +* feat: adding support for extension schema that descriptions vulnerability disclosures +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) -## v2.3.0 (2022-04-20) +* feat: added helper method to return a PackageURL object representing a Component -### Feature +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) -* feat: add support for Dependency Graph in Model and output serialisation +* feat: add poetry support -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) -### Unknown +### Fix -* 2.3.0 +* fix: encode quotation mark in URL (#724) -Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) -* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies +* fix: behavior of and typing for crypto setters with optional values (#694) -feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) +fixes #690 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) -* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast +* fix: file copyright headers (#676) -no cast ([`2551545`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) +utilizes flake8 plugin +<https://pypi.org/project/flake8-copyright-validator/> to assert the +correct headers + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) -* no cast +* fix: XML serialize `normalizedString` and `token` properly (#646) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) +fixes #638 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) -* update to use `Set` operators (more Pythonic) +* fix: `cyclonedx.model.Property.value` value is optional (#631) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) +`cyclonedx.model.Property.value` value is optional, in accordance with +the spec. + +fixes #630 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) -* missing closing `>` in `BomRef.__repr__` +* fix: allow suppliers with empty-string names (#611) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) +fixes #600 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) -* removed unnecessary condition - `self.get_bom().components` is always a `Set` +* fix: json validation allow arbitrary `$schema` value (#613) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) -* added additional tests to validate Component in Metadata is properly represented in Dependency Graph +* fix: properly sort components based on all properties (#599) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) +reverts #587 - as this one introduced errors +fixes #598 +fixes #586 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) -* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy +* fix: include all fields of `Component` in `__lt__` function for #586 (#587) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) +Fixes #586. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) -* updates based on feedback from @jkowalleck +* fix: wrong extra name for xml validation (#571) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) + + +Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) -* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) +* fix: serialization of `model.component.Diff` (#557) -* doc: updated docs to reflect support for Dependency Graph +Fixes #556 + +--------- + +Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) +* fix: `model.BomRef` no longer equal to unset peers (#543) -* updated file hash in test + fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) +* fix: update own `externalReferences` (#480) -* removed unused import +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) +* fix: SPDX-expression-validation internal crashes are cought and handled (#471) -* doc: updated docs to reflect support for Dependency Graph +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) +* fix: ship meta files (#434) -* updated file hash in test +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) +* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) -* removed unused import +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) +* fix: conditional warning if no root dependencies were found (#398) + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) -## v2.2.0 (2022-04-12) +* fix: mak test's schema paths relative to `cyclonedx` package (#338) -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) -* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: -https://github.com/CycloneDX/specification/issues/122 +* fix(tests): include tests in `sdist` builds (#337) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) +* feat: include `tests` in `sdist` builds for #336 +* delete unexpected `DS_Store` file + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) -* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: -- https://github.com/CycloneDX/specification/issues/123 -- https://github.com/CycloneDX/specification/issues/84 -- https://github.com/CycloneDX/specification/issues/125 +* fix: serialize dependency graph for nested components (#329) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) +* tests: regression tests for issue #328 +* fix: for issue #328 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) -### Unknown +* fix: prevent errors on metadata handling for some specification versions (#330) -* 2.2.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) -Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) +* fix: type hint for `get_component_by_purl` is incorrect -* Merge pull request #207 from CycloneDX/feat/update-schemas +chore: force automated release +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) -feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) +* fix: pinned `mypy <= 0.961` due to #278 -* mark schema files as vendored +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) +* fix: properly support nested `components` and `services` #275 -* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) -[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) +* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) -## v2.1.1 (2022-04-05) +* fix: add missing `Vulnerability` comparator for sorting (#246) -### Fix +Partial fix for #245. + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) * fix: prevent error if `version` not set -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) - -### Unknown - -* 2.1.1 - -Automatically generated by python-semantic-release ([`f78d608`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) - -* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 - -fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) +* fix: `version` being optional in JSON output can raise error -## v2.1.0 (2022-03-28) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) -### Feature +* fix: `license_url` not serialised in XML output #179 (#180) -* feat: output errors are verbose +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) +* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) -* fix: `version` being optional in JSON output can raise error +* fix: temporary fix for `__hash__` of Component with `properties` #153 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) -### Unknown +* fix: further fix for #150 -* 2.1.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) -Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) +* fix: regression introduced by first fix for #150 -* Merge pull request #198 from CycloneDX/verbose_outout_errors +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) -fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) +* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 -* updated to be more pythonic +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) +* fix: `expression` not supported in Component Licsnes for version 1.0 -* doc: added CONTRIBUTING to public docs -doc: included pre-commit hooks in CONTRIBUTING +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) +* fix: bump dependencies (#136) -* Merge pull request #182 from CycloneDX/sort-imports +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) -style: sort imports ([`aa37e56`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) +* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -## v2.0.0 (2022-02-21) +* fix: tightened dependency `packageurl-python` (#95) -### Breaking +fixes #94 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) -* feat: bump dependencies +* fix: further loosened dependency definitions -BREAKING CHANGE: Adopt PEP-3102 +see #44 + +updated some locked dependencies to latest versions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) -BREAKING CHANGE: Optional Lists are now non-optional Sets +* fix: constructor for `Vulnerability` to correctly define `ratings` as optional -BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version +Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) -BREAKING CHANGE: Added `BomRef` data type +* fix: correct way to write utf-8 encoded files -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) -### Feature +* fix: ensure output to file is UTF-8 -* feat: completed work on #155 (#172) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) -fix: resolved #169 (part of #155) -feat: as part of solving #155, #147 has been implemented - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) +* fix: ensure output to file is UTF-8 -* feat: support complete model for `bom.metadata` (#162) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) -* feat: support complete model for `bom.metadata` -fix: JSON comparison in unit tests was broken -chore: corrected some source license headers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) +* fix: missing check for Classifiers in Environment Parser -* feat: support for `bom.externalReferences` in JSON and XML #124 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) +* fix: coding standards violations -* feat: Complete support for `bom.components` (#155) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) -* fix: implemented correct `__hash__` methods in models (#153) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) +* fix: handle `Pipfile.lock` dependencies without an `index` specified +fix: multiple fixes in variable scoping to prevent accidental data sharing -* feat: support services in XML BOMs -feat: support nested services in JSON and XML BOMs +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) +* fix: add namespace and subpath support to Component to complete PackageURL Spec support -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) -* fix: `license_url` not serialised in XML output #179 (#180) +* fix: multiple hashes being created for an externalRefernce which is not as required -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) -* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly +* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -* fix: temporary fix for `__hash__` of Component with `properties` #153 +* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) -* fix: further fix for #150 +* fix: bumped a dependency version -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) -* fix: regression introduced by first fix for #150 +* fix: improved handling for `requirements.txt` content without pinned or declared versions -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) -* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 +* fix: removed print call -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) -* fix: `expression` not supported in Component Licsnes for version 1.0 +* fix: relaxed typing of parameter to be compatible with Python < 3.9 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) -### Unknown +* fix: removed print call -* 2.0.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) -Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) +* fix: remove unused commented out code -* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) -* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) +* fix: whitespace on empty line removed -* doc: added RTD badge to README +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) +* fix(test): test was not updated for revised author statement -* implemented `__str__` for `BomRef` +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) +* fix(build): test failure and dependency missing -* Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) +Fixed failing tests due to dependency on now removed VERSION file +Added flake8 officially as a DEV dependency to poetry -* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated Vulnerability to also use new `BomRef` model - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) -* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) +* fix(build): removed artefacts associtated with non-poetry build -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) +Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. -* BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) +* fix: add in pypi badge ([`6098c36`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) -* BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) +* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) +* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) -* BREAKING CHANGE: update models to use `Set` rather than `List` (#160) +* fix: release with full name ([`4c620ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) -* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` -BREAKING CHANGE: update final models to use `@property` -wip - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) +* fix: initial release to pypi ([`99687db`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) -* removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) +* Merge branch 'CycloneDX:main' into main ([`8c4082e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c4082e96eb3af94740b03bcd70c62e8c133c5c0)) -* BREAKING CHANGE: adopted PEP-3102 for model classes (#158) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4197b8f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4197b8ff2fb774d6b2a4bf522536644b7556ce8a)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`39f1ea1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/39f1ea163859b203d23f66920a1e358e0a0d434b)) -* doc: added page to docs to call out which parts of the specification this library supports +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`8d6c632`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d6c632829bc59ee71de76bb9b06481cd71b3ebc)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4c9bf32`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c9bf32cb213ef32499d0e15f6a3c30a7c648477)) -* attempt to resolve Lift finding +* Merge branch 'CycloneDX:main' into main ([`2cd8250`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2cd825006d2e1dd4164388baf1124ba0063e0d88)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) +* Merge branch 'CycloneDX:main' into main ([`be4fd4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be4fd4b0fa7e274689e6dadbcd0a3c2764ca88d1)) -* removed unused imports +* Merge pull request #3 from CycloneDX/main -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) +sync ([`a0bfc3d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a0bfc3dc2114d0ff66a8c5911299da9d83b31034)) -* WIP on `bom.services` +* doc: poor merge resolved -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* No default values for required fields - -* Add Services to BOM - -* Typo fix - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.2.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.3.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* removed signature from this branch - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* Add Services to BOM - -* Typo fix - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* resolved typing issues from merge - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* added a bunch more tests for JSON output - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) +* docs -## v1.3.0 (2022-01-24) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) -### Feature +* docs (#546) -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) +* docs -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) -* 1.3.0 +* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" -Automatically generated by python-semantic-release ([`4178181`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) +This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) -## v1.2.0 (2022-01-24) +* 4.0.1 -### Feature +Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) -* feat: add CPE to component (#138) +* Add missing space in warning message. (#364) -* Added CPE to component - -Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixing problems with CPE addition - -- Fixed styling errors -- Added reference to CPE Spec -- Adding CPE parameter as last parameter to not break arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> -* Again fixes for Style and CPE reference - -Missing in the last commit - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added CPE as argument before deprecated arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added testing for CPE addition and error fixing - -- Added output tests for CPE in XML and JSON -- Fixes style error in components -- Fixes order for CPE output in XML (CPE has to come before PURL) - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed output tests - -CPE was still in the wrong position in one of the tests - fixed - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed minor test fixtures issues - -- cpe was still in wrong position in 1.2 JSON -- Indentation fixed in 1.4 JSON -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed missing comma in JSON 1.2 test file +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) + +* 4.0.0 + +Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) + +* 3.1.5 + +Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) + +* 3.1.4 + +Automatically generated by python-semantic-release ([`0b19294`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) + +* 3.1.3 + +Automatically generated by python-semantic-release ([`11a420c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) + +* 3.1.2 + +Automatically generated by python-semantic-release ([`0853d14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) + +* clarify sign-off step (#319) + -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) -### Unknown +* 3.1.1 -* 1.2.0 +Automatically generated by python-semantic-release ([`503955e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) -Automatically generated by python-semantic-release ([`97c215c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) +* Merge pull request #310 from gruebel/fix-method-type-hint +fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) -## v1.1.1 (2022-01-19) +* move tests to model bom file -### Fix +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) -* fix: bump dependencies (#136) +* fix type hint for get_component_by_purl -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) -### Unknown +* 3.1.0 -* 1.1.1 +Automatically generated by python-semantic-release ([`e52c174`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) -Automatically generated by python-semantic-release ([`dec63de`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) +* Merge pull request #305 from CycloneDX/license-factories +feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) -## v1.1.0 (2022-01-13) +* Merge pull request #301 from CycloneDX/fix-poetry-in-tox -### Feature +chore: fix poetry in tox ([`92aea8d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) -* feat: add support for `bom.metadata.component` (#118) +* remove v3 from CHANGELOG #286 (#287) -* Add support for metadata component - -Part of #6 - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> - -* Better docs and simpler ifs +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) + +* 3.0.0 + +Automatically generated by python-semantic-release ([`69582ff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) + +* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 + +fix: BOM validation fails when Components or Services are nested #275 -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) +fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) -### Unknown +* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) -* 1.1.0 +* added tests to cover new `Component.get_all_nested_components()` method -Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +* Revert "chore: re-added `isort` to pre-commit hooks" -## v1.0.0 (2022-01-13) +This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -### Unknown +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) -* Manually generated release ([`3509fb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) +* removed tests where services are part of dependency tree - see #277 -* Support for CycloneDX schema version 1.4 (#108) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) -BREAKING CHANGE: Support for CycloneDX 1.4. This includes: -- Support for `tools` having `externalReferences` -- Allowing `version` for a `Component` to be optional in 1.4 -- Support for `releaseNotes` per `Component` -- Support for the core schema implementation of Vulnerabilities (VEX) - -Other changes included in this PR: -- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) -- Fixes to ensure schema is adhered to in 1.0 -- URI's are now used throughout the library through a new `XsUri` class to provide URI validation -- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) -- `$schema` is now included in JSON BOMs -- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python -- Added reference to release of this library on Anaconda - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> - -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) +* aded XML output tests for Issue #275 -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) -* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) +* updated XML output tests +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) -## v0.12.3 (2021-12-15) +* addressed JSON output for #275 including test addiitions -### Fix +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) -* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +* 2.7.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) +Automatically generated by python-semantic-release ([`96d155e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) -### Unknown +* 2.6.0 -* 0.12.3 +Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) -Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) +* 2.5.2 +Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) -## v0.12.2 (2021-12-09) +* 2.5.1 -### Fix +Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) -* fix: tightened dependency `packageurl-python` (#95) +* 2.5.0 -fixes #94 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) +Automatically generated by python-semantic-release ([`c820423`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) -### Unknown +* Merge pull request #235 from RodneyRichardson/use-sorted-set -* 0.12.2 +feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) -Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) +* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +* Fix SortedSet type hints for python < 3.8 -## v0.12.1 (2021-12-09) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) -### Fix +* Fix line length warning. -* fix: further loosened dependency definitions +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) -see #44 - -updated some locked dependencies to latest versions - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) +* Fix more type hints for python < 3.8 -### Unknown +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) -* 0.12.1 +* Fix SortedSet type hints for python < 3.8 -Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +* Fix type hint on ComparableTuple -## v0.12.0 (2021-12-09) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) -### Feature +* Sort usings. -* feat: loosed dependency versions to make this library more consumable +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) +* Fix sonatype-lift warnings -### Unknown +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) -* 0.12.0 +* Fix warnings. -Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) +Change tuple -> Tuple +Fix Diff initialization +Add sorting to AttachedText -* Merge pull request #88 from CycloneDX/contributing-file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) -initial CONTRIBUTING file ([`20035bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) +* Reduce sortedcontainers.pyi to only the functions used. -* initial CONTRIBUTING file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) +* Remove flake8 warnings -* CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 +Remove unused imports and trailing whitespace. +Sort usings in pyi file. -poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) -* CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 +* Add type hints for SortedSet -poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) +Fix use of set/Set. -* poetry(deps): bump filelock from 3.3.2 to 3.4.0 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) -Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.2 to 3.4.0. -- [Release notes](https://github.com/tox-dev/py-filelock/releases) -- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.2...3.4.0) +* Replace object type hint in __lt__ with Any ---- -updated-dependencies: -- dependency-name: filelock - dependency-type: indirect - update-type: version-update:semver-minor -... +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) + +* Make reorder() return type explicit List (as flagged by sonatype-lift bot) -Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) -* CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 +* Use SortedSet in model to improve reproducibility -poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) +Added `__lt__()` to all model classes used in SortedSet, with tests +Explicitly declared Enums as (str, Enum) to allow sorting +Added dependency to sortedcollections package -* poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) -Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.2 to 57.4.4. -- [Release notes](https://github.com/python/typeshed/releases) -- [Commits](https://github.com/python/typeshed/commits) +* 2.4.0 ---- -updated-dependencies: -- dependency-name: types-setuptools - dependency-type: direct:production - update-type: version-update:semver-patch -... +Automatically generated by python-semantic-release ([`4874354`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) -Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) +* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) -* CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +* 2.3.0 -poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) -* poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 +* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.9.2 to 21.11.29. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.9.2...21.11.29) +feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... +* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast -Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) +no cast ([`2551545`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) -* CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 +* no cast -poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) -* CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 +* update to use `Set` operators (more Pythonic) -poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) -* poetry(deps-dev): bump coverage from 6.1.2 to 6.2 +* missing closing `>` in `BomRef.__repr__` -Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.2...6.2) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-minor -... +* removed unnecessary condition - `self.get_bom().components` is always a `Set` -Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) -* DOCS: fix README shields & links ([`43b1121`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) +* added additional tests to validate Component in Metadata is properly represented in Dependency Graph -* doc: readme maintenance - shields & links (#72) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) -* README: restructure links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add lan to fenced code blocks - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: fix some formatting - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: modernized shields - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: harmonize links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add language to code fences - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: markdown fixes - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: removed py version shield - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) +* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy -* poetry(deps): bump mako from 1.1.5 to 1.1.6 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) -Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.5 to 1.1.6. -- [Release notes](https://github.com/sqlalchemy/mako/releases) -- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) -- [Commits](https://github.com/sqlalchemy/mako/commits) +* updates based on feedback from @jkowalleck + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) + +* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) + +* doc: updated docs to reflect support for Dependency Graph + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) + +* updated file hash in test + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) + +* removed unused import ---- -updated-dependencies: -- dependency-name: mako - dependency-type: indirect - update-type: version-update:semver-patch -... +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) -Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) +* doc: updated docs to reflect support for Dependency Graph -* Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) -poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) +* updated file hash in test -* FIX: update Conda package parsing to handle `build` containing underscore (#66) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) -* fix: update conda package parsing to handle `build` containing underscore - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated some typings - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) +* removed unused import -* poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) -Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 4.8.2. -- [Release notes](https://github.com/python/importlib_metadata/releases) -- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) -- [Commits](https://github.com/python/importlib_metadata/compare/v4.8.1...v4.8.2) +* 2.2.0 ---- -updated-dependencies: -- dependency-name: importlib-metadata - dependency-type: direct:production - update-type: version-update:semver-patch -... +Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) -Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) +* Merge pull request #207 from CycloneDX/feat/update-schemas -* poetry(deps): bump filelock from 3.3.1 to 3.3.2 +feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) -Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.1 to 3.3.2. -- [Release notes](https://github.com/tox-dev/py-filelock/releases) -- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.1...3.3.2) +* mark schema files as vendored ---- -updated-dependencies: -- dependency-name: filelock - dependency-type: indirect - update-type: version-update:semver-patch -... +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) -Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) +* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks -* Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 +[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) -poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) +* 2.1.1 -* Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 +Automatically generated by python-semantic-release ([`f78d608`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) -poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) +* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 -* Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 +fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) -poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) +* 2.1.0 -* poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 +Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.0.5 to 3.0.6. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_3.0.5...pyparsing_3.0.6) +* Merge pull request #198 from CycloneDX/verbose_outout_errors ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-patch -... +fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) -Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) +* updated to be more pythonic -* poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) -Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.1 to 6.1.2. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.1...6.1.2) +* doc: added CONTRIBUTING to public docs +doc: included pre-commit hooks in CONTRIBUTING ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-patch -... +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) -Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) +* Merge pull request #182 from CycloneDX/sort-imports +style: sort imports ([`aa37e56`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) -## v0.11.1 (2021-11-10) +* 2.0.0 -### Fix +Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) -* fix: constructor for `Vulnerability` to correctly define `ratings` as optional +* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) -Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) +* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) -### Unknown +* doc: added RTD badge to README -* 0.11.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) + +* implemented `__str__` for `BomRef` -Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) -* FEAT: Support Python 3.10 (#64) +* Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) -* fix: tested with Python 3.10 +* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references Signed-off-by: Paul Horton <phorton@sonatype.com> -* added trove classifier for Python 3.10 - -Signed-off-by: Paul Horton <phorton@sonatype.com> +* updated Vulnerability to also use new `BomRef` model -* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) + +* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) + +* BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) + +* BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) + +* BREAKING CHANGE: update models to use `Set` rather than `List` (#160) + +* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` +BREAKING CHANGE: update final models to use `@property` +wip -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) -* poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 +* removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck -Bumps [importlib-resources](https://github.com/python/importlib_resources) from 5.3.0 to 5.4.0. -- [Release notes](https://github.com/python/importlib_resources/releases) -- [Changelog](https://github.com/python/importlib_resources/blob/main/CHANGES.rst) -- [Commits](https://github.com/python/importlib_resources/compare/v5.3.0...v5.4.0) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) ---- -updated-dependencies: -- dependency-name: importlib-resources - dependency-type: indirect - update-type: version-update:semver-minor -... +* BREAKING CHANGE: adopted PEP-3102 for model classes (#158) -Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +* doc: added page to docs to call out which parts of the specification this library supports -## v0.11.0 (2021-11-10) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) -### Feature +* attempt to resolve Lift finding -* feat: Typing & PEP 561 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) -* adde file for type checkers according to PEP 561 +* removed unused imports + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) + +* WIP on `bom.services` + +* WIP but a lil hand up for @madpah -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> -* added static code analysis as a dev-test +* chore: added missing license header -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* added the "typed" trove +* No default values for required fields -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* Add Services to BOM -* added `flake8-annotations` to the tests +* Typo fix -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* aligned classes with standards, commented out Signature work for now, added first tests for Services -* added type hints +Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* addressed standards -* further typing updates +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* 1.2.0 + +Automatically generated by python-semantic-release Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing additions and test updates +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) + +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing +* doc: updated documentation to reflect change Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing - added type stubs for toml and setuptools +* patched other tests to support UUID for bom-ref Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing +* better syntax Signed-off-by: Paul Horton <phorton@sonatype.com> -* typing work +* 1.3.0 + +Automatically generated by python-semantic-release Signed-off-by: Paul Horton <phorton@sonatype.com> -* coding standards +* WIP but a lil hand up for @madpah +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed tox and mypy running in correct python version +* chore: added missing license header -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` +* aligned classes with standards, commented out Signature work for now, added first tests for Services -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed type hints +* removed signature from this branch -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed some typing related flaws +* Add Services to BOM -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* Typo fix -* added flake8-bugbear for code analysis +* addressed standards -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) - -### Unknown - -* 0.11.0 - -Automatically generated by python-semantic-release ([`7262783`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) - -* Merge pull request #41 from jkowalleck/improv-abstract - -fixed some abstract definitions ([`f34e2c2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) - -* Merge pull request #42 from jkowalleck/improv-pipenv - -slacked pipenv parser ([`08bc4ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) +* resolved typing issues from merge + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added a bunch more tests for JSON output + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> +Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) -* Merge pull request #43 from jkowalleck/improv-conda-typehints +* 1.3.0 -fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) +Automatically generated by python-semantic-release ([`4178181`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) -* Merge pull request #54 from jkowalleck/create-CODEOWNERS +* 1.2.0 -created CODEOWNERS ([`7f28bef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) +Automatically generated by python-semantic-release ([`97c215c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) -* Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 +* 1.1.1 -poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) +Automatically generated by python-semantic-release ([`dec63de`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) -* Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 +* 1.1.0 -poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) +Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) -* Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 +* Manually generated release ([`3509fb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) -poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) +* Support for CycloneDX schema version 1.4 (#108) -* poetry(deps): bump py from 1.10.0 to 1.11.0 +BREAKING CHANGE: Support for CycloneDX 1.4. This includes: +- Support for `tools` having `externalReferences` +- Allowing `version` for a `Component` to be optional in 1.4 +- Support for `releaseNotes` per `Component` +- Support for the core schema implementation of Vulnerabilities (VEX) + +Other changes included in this PR: +- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) +- Fixes to ensure schema is adhered to in 1.0 +- URI's are now used throughout the library through a new `XsUri` class to provide URI validation +- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) +- `$schema` is now included in JSON BOMs +- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python +- Added reference to release of this library on Anaconda + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> + +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) -Bumps [py](https://github.com/pytest-dev/py) from 1.10.0 to 1.11.0. -- [Release notes](https://github.com/pytest-dev/py/releases) -- [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) -- [Commits](https://github.com/pytest-dev/py/compare/1.10.0...1.11.0) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) ---- -updated-dependencies: -- dependency-name: py - dependency-type: indirect - update-type: version-update:semver-minor -... +* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) -Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) +* 0.12.3 -* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 +Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) -poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) +* 0.12.2 -* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 +Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) +* 0.12.1 ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-major -... +Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) -Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) +* 0.12.0 -* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 +Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) -poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +* Merge pull request #88 from CycloneDX/contributing-file -* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) +initial CONTRIBUTING file ([`20035bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) -* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 +* initial CONTRIBUTING file -Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-major -... +* CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 -Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) +poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) -* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 +* CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. -- [Release notes](https://github.com/pypa/virtualenv/releases) -- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) -- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) +poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) + +* poetry(deps): bump filelock from 3.3.2 to 3.4.0 + +Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.2 to 3.4.0. +- [Release notes](https://github.com/tox-dev/py-filelock/releases) +- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.2...3.4.0) --- updated-dependencies: -- dependency-name: virtualenv +- dependency-name: filelock dependency-type: indirect update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) +Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) -* created CODEOWNERS +* CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) +poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) -* fixed typehints/docs in `_BaseCondaParser` +* poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) +Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.2 to 57.4.4. +- [Release notes](https://github.com/python/typeshed/releases) +- [Commits](https://github.com/python/typeshed/commits) -* slacked pipenv parser +--- +updated-dependencies: +- dependency-name: types-setuptools + dependency-type: direct:production + update-type: version-update:semver-patch +... -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) +Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) -* fixed some abstract definitions +* CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) +poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +* poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -## v0.10.2 (2021-10-21) +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.9.2 to 21.11.29. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.9.2...21.11.29) -### Fix +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... -* fix: correct way to write utf-8 encoded files +Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) +* CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -### Unknown +poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) -* 0.10.2 +* CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 -Automatically generated by python-semantic-release ([`79538e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) +poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +* poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -## v0.10.1 (2021-10-21) +Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.2...6.2) -### Fix +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-minor +... -* fix: ensure output to file is UTF-8 +Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) +* DOCS: fix README shields & links ([`43b1121`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) -* fix: ensure output to file is UTF-8 +* doc: readme maintenance - shields & links (#72) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) +* README: restructure links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add lan to fenced code blocks + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: fix some formatting + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: modernized shields + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: harmonize links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add language to code fences + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: markdown fixes + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: removed py version shield + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) -### Unknown +* poetry(deps): bump mako from 1.1.5 to 1.1.6 -* 0.10.1 +Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.5 to 1.1.6. +- [Release notes](https://github.com/sqlalchemy/mako/releases) +- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) +- [Commits](https://github.com/sqlalchemy/mako/commits) -Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) +--- +updated-dependencies: +- dependency-name: mako + dependency-type: indirect + update-type: version-update:semver-patch +... -* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError +Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) -FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) +* Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 -* remove memoryview from sha1 file hashing +poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) +* FIX: update Conda package parsing to handle `build` containing underscore (#66) -* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows +* fix: update conda package parsing to handle `build` containing underscore + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* updated some typings + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) +* poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 4.8.2. +- [Release notes](https://github.com/python/importlib_metadata/releases) +- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) +- [Commits](https://github.com/python/importlib_metadata/compare/v4.8.1...v4.8.2) -## v0.10.0 (2021-10-20) +--- +updated-dependencies: +- dependency-name: importlib-metadata + dependency-type: direct:production + update-type: version-update:semver-patch +... -### Feature +Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) -* feat: add support for Conda +* poetry(deps): bump filelock from 3.3.1 to 3.3.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) +Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.1 to 3.3.2. +- [Release notes](https://github.com/tox-dev/py-filelock/releases) +- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.1...3.3.2) -### Unknown +--- +updated-dependencies: +- dependency-name: filelock + dependency-type: indirect + update-type: version-update:semver-patch +... -* 0.10.0 +Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) -Automatically generated by python-semantic-release ([`eea3598`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) +* Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 -* Merge pull request #38 from CycloneDX/feat/conda-support +poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) -feat: add support for Conda ([`ee5d36d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) +* Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 -* add support pre Python 3.8 +poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) +* Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 -* doc: updated documentation with Conda support (and missed updates for externalReferences) +poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) +* poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.0.5 to 3.0.6. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_3.0.5...pyparsing_3.0.6) -## v0.9.1 (2021-10-19) +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-patch +... -### Fix +Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) -* fix: missing check for Classifiers in Environment Parser +* poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) +Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.1 to 6.1.2. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.1...6.1.2) -### Unknown +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-patch +... -* 0.9.1 +Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) -Automatically generated by python-semantic-release ([`f132c92`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) +* 0.11.1 -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) +Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +* FEAT: Support Python 3.10 (#64) -## v0.9.0 (2021-10-19) +* fix: tested with Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added trove classifier for Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) -### Feature +* poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 -* feat: add support for parsing package licenses when using the `Environment` Parsers +Bumps [importlib-resources](https://github.com/python/importlib_resources) from 5.3.0 to 5.4.0. +- [Release notes](https://github.com/python/importlib_resources/releases) +- [Changelog](https://github.com/python/importlib_resources/blob/main/CHANGES.rst) +- [Commits](https://github.com/python/importlib_resources/compare/v5.3.0...v5.4.0) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) +--- +updated-dependencies: +- dependency-name: importlib-resources + dependency-type: indirect + update-type: version-update:semver-minor +... -### Unknown +Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) -* 0.9.0 +* 0.11.0 -Automatically generated by python-semantic-release ([`ad65564`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) +Automatically generated by python-semantic-release ([`7262783`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) -* Merge pull request #36 from CycloneDX/feat/add-license-support +* Merge pull request #41 from jkowalleck/improv-abstract + +fixed some abstract definitions ([`f34e2c2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) -Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) +* Merge pull request #42 from jkowalleck/improv-pipenv +slacked pipenv parser ([`08bc4ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) -## v0.8.3 (2021-10-14) +* Merge pull request #43 from jkowalleck/improv-conda-typehints -### Fix +fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) -* fix: coding standards violations +* Merge pull request #54 from jkowalleck/create-CODEOWNERS -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) +created CODEOWNERS ([`7f28bef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) -* fix: handle `Pipfile.lock` dependencies without an `index` specified -fix: multiple fixes in variable scoping to prevent accidental data sharing +* Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) +poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) -### Unknown +* Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 -* 0.8.3 +poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) + +* Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 -Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) +poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) -* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure +* poetry(deps): bump py from 1.10.0 to 1.11.0 -BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) +Bumps [py](https://github.com/pytest-dev/py) from 1.10.0 to 1.11.0. +- [Release notes](https://github.com/pytest-dev/py/releases) +- [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) +- [Commits](https://github.com/pytest-dev/py/compare/1.10.0...1.11.0) +--- +updated-dependencies: +- dependency-name: py + dependency-type: indirect + update-type: version-update:semver-minor +... -## v0.8.2 (2021-10-14) +Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) -### Fix +* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 -* fix: add namespace and subpath support to Component to complete PackageURL Spec support +poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) +* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 -### Unknown +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) -* 0.8.2 +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-major +... -Automatically generated by python-semantic-release ([`298318f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) -* Merge pull request #32 from CycloneDX/feat/full-packageurl-support +* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 -Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) -## v0.8.1 (2021-10-12) +* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 -### Fix +Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) -* fix: multiple hashes being created for an externalRefernce which is not as required +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-major +... -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) +Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) -### Unknown +* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 -* 0.8.1 +Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. +- [Release notes](https://github.com/pypa/virtualenv/releases) +- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) +- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) -Automatically generated by python-semantic-release ([`70689a2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) +--- +updated-dependencies: +- dependency-name: virtualenv + dependency-type: indirect + update-type: version-update:semver-minor +... +Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) -## v0.8.0 (2021-10-12) +* created CODEOWNERS -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) -* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known +* fixed typehints/docs in `_BaseCondaParser` -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) -### Unknown +* slacked pipenv parser -* 0.8.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) -Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) +* fixed some abstract definitions -* Merge pull request #29 from CycloneDX/feat/component-external-references +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) -FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) +* 0.10.2 -* doc: notable improvements to API documentation generation (added search, branding, a little styling) +Automatically generated by python-semantic-release ([`79538e9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) +* 0.10.1 +Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) -## v0.7.0 (2021-10-11) +* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError -### Feature +FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) -* feat: support for pipenv.lock file parsing +* remove memoryview from sha1 file hashing -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) -### Unknown +* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows -* 0.7.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) -Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) +* 0.10.0 -* Merge pull request #27 from CycloneDX/feat/add-pipenv-support +Automatically generated by python-semantic-release ([`eea3598`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) -FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +* Merge pull request #38 from CycloneDX/feat/conda-support -* doc: updated README.md to include Pipfile.lock parsing +feat: add support for Conda ([`ee5d36d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) +* add support pre Python 3.8 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) -## v0.6.2 (2021-10-11) +* doc: updated documentation with Conda support (and missed updates for externalReferences) -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) -* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances +* 0.9.1 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) +Automatically generated by python-semantic-release ([`f132c92`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) -* 0.6.2 +* 0.9.0 -Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) +Automatically generated by python-semantic-release ([`ad65564`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) +* Merge pull request #36 from CycloneDX/feat/add-license-support +Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) -## v0.6.1 (2021-10-11) +* 0.8.3 -### Fix +Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) -* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance +* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) +BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -### Unknown +* 0.8.2 -* 0.6.1 +Automatically generated by python-semantic-release ([`298318f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) -Automatically generated by python-semantic-release ([`c530460`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) +* Merge pull request #32 from CycloneDX/feat/full-packageurl-support -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) +Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +* 0.8.1 -## v0.6.0 (2021-10-11) +Automatically generated by python-semantic-release ([`70689a2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) -### Feature +* 0.8.0 -* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 +Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) +* Merge pull request #29 from CycloneDX/feat/component-external-references -* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component +FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) +* doc: notable improvements to API documentation generation (added search, branding, a little styling) -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) -* 0.6.0 +* 0.7.0 -Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) +Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) -* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov +* Merge pull request #27 from CycloneDX/feat/add-pipenv-support -Support for representing File as Component ([`63a86b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) +FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +* doc: updated README.md to include Pipfile.lock parsing -## v0.5.0 (2021-10-11) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) -### Build +* 0.6.2 -* build: updated dependencies, moved pdoc3 to a dev dependency +Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -### Feature +* 0.6.1 -* feat: add support for tool(s) that generated the SBOM +Automatically generated by python-semantic-release ([`c530460`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) -### Fix +* 0.6.0 -* fix: bumped a dependency version +Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) +* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov -### Unknown +Support for representing File as Component ([`63a86b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) * 0.5.0 -Automatically generated by python-semantic-release ([`a655d29`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) +Automatically generated by python-semantic-release ([`a655d29`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) * Merge pull request #20 from CycloneDX/feat/additional-metadata -feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) +feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) * fix for Pytho< 3.8 support in tests -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) * doc: added documentation -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) * poetry(deps): bump zipp from 3.5.0 to 3.6.0 @@ -3045,434 +2600,256 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) * doc: bumped gh-action for publishing docs -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) * doc: added documentation to model/bom -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) * doc: formatting -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) * doc: added missing docstrings to allow documentation to generate -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) * Merge pull request #10 from coderpatros/docs -Add initial doc generation and publishing ([`7873ad9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) - - -## v0.4.1 (2021-09-27) - -### Build - -* build: dependencies updated - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) - -### Fix - -* fix: improved handling for `requirements.txt` content without pinned or declared versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) - -### Unknown +Add initial doc generation and publishing ([`7873ad9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) * 0.4.1 -Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) +Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) * Merge pull request #15 from CycloneDX/fix/issue-14-requirements-unpinned-versions -fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) +fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) * Add initial doc generation and publishing -Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) - - -## v0.4.0 (2021-09-16) - -### Feature - -* feat: support for localising vectors (i.e. stripping out any scheme prefix) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) - -* feat: helper methods for deriving Severity and SourceType - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) - -### Fix - -* fix: removed print call - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) - -* fix: relaxed typing of parameter to be compatible with Python < 3.9 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) - -* fix: removed print call - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) - -* fix: remove unused commented out code - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) - -### Unknown +Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) * 0.4.0 -Automatically generated by python-semantic-release ([`f441413`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) - - -## v0.3.0 (2021-09-15) - -### Feature - -* feat: adding support for extension schema that descriptions vulnerability disclosures - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) - -### Unknown +Automatically generated by python-semantic-release ([`f441413`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) * 0.3.0 -Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) +Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) * Merge pull request #5 from CycloneDX/feat/support-schema-extension-vulnerability-1.0 -FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) +FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) * doc: updated README to explain support for Vulnerability Disclosures -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) - - -## v0.2.0 (2021-09-14) - -### Feature - -* feat: added helper method to return a PackageURL object representing a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) - -### Fix - -* fix: whitespace on empty line removed - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) - -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) * 0.2.0 -Automatically generated by python-semantic-release ([`866eda7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) +Automatically generated by python-semantic-release ([`866eda7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) * Merge pull request #4 from CycloneDX/feat/component-as-packageurl -fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) +fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) - - -## v0.1.0 (2021-09-13) - -### Feature - -* feat: add poetry support - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) - -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) * 0.1.0 -Automatically generated by python-semantic-release ([`0da668f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) +Automatically generated by python-semantic-release ([`0da668f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) * Merge pull request #3 from CycloneDX/feat/poetry-lock-support -FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) +FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) * feat(parser) - added support for parsing dependencies from poetry.lock files. -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) * fix(parser) parsers were able to share state unexpectedly -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) - - -## v0.0.11 (2021-09-10) - -### Fix - -* fix(test): test was not updated for revised author statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) - -* fix(build): test failure and dependency missing - -Fixed failing tests due to dependency on now removed VERSION file -Added flake8 officially as a DEV dependency to poetry - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) - -* fix(build): removed artefacts associtated with non-poetry build - -Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) - -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) * 0.0.11 -Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) +Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) * Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip -fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) - - -## v0.0.10 (2021-09-08) - -### Fix - -* fix: add in pypi badge ([`6098c36`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) - -### Unknown +fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) * 0.0.10 -Automatically generated by python-semantic-release ([`245d809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) - - -## v0.0.9 (2021-09-08) - -### Fix - -* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) - -### Unknown +Automatically generated by python-semantic-release ([`245d809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) * 0.0.9 -Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) - -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) - - -## v0.0.8 (2021-09-08) - -### Fix - -* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) +Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) * 0.0.8 -Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) - -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) - - -## v0.0.7 (2021-09-08) - -### Fix - -* fix: release with full name ([`4c620ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) +Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) * 0.0.7 -Automatically generated by python-semantic-release ([`19943e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) - - -## v0.0.6 (2021-09-08) - -### Fix - -* fix: initial release to pypi ([`99687db`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) - -### Unknown +Automatically generated by python-semantic-release ([`19943e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) * 0.0.6 -Automatically generated by python-semantic-release ([`98ad249`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) +Automatically generated by python-semantic-release ([`98ad249`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) -* Switch to using action ([`cce468a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) - - -## v0.0.5 (2021-09-08) - -### Unknown +* Switch to using action ([`cce468a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) * 0.0.5 -Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) +Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) -* Try this on for size ([`aa93310`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) - - -## v0.0.4 (2021-09-08) - -### Unknown +* Try this on for size ([`aa93310`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) * 0.0.4 -Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) +Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) -* Use python3 to install ([`4c810e1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) - - -## v0.0.3 (2021-09-08) - -### Unknown +* Use python3 to install ([`4c810e1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) * 0.0.3 -Automatically generated by python-semantic-release ([`05306ee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) +Automatically generated by python-semantic-release ([`05306ee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) -* Bump up version of poetry ([`89db268`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) - - -## v0.0.2 (2021-09-08) - -### Unknown +* Bump up version of poetry ([`89db268`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) * 0.0.2 -Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) +Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) -* Remove check for push ([`71b1270`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) +* Remove check for push ([`71b1270`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) -* Manual deploy workflow ([`9b4ac33`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) +* Manual deploy workflow ([`9b4ac33`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) -* License headers, OWASP etc... ([`559b8d2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) +* License headers, OWASP etc... ([`559b8d2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) -* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) +* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) -* Bump to version 0.0.2 ([`1050839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) +* Bump to version 0.0.2 ([`1050839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) -* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) +* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) -* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) +* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) -* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) +* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) * Merge pull request #1 from sonatype-nexus-community/features/initial-port-of-v1.1-generation-from-jake -Initial port of library code to new library ([`2f2634b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) +Initial port of library code to new library ([`2f2634b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) -* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) +* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) -* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) +* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) -* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) +* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) -* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) +* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) -* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) +* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) -* Fixing CircleCI config. ([`a446f4c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) +* Fixing CircleCI config. ([`a446f4c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) -* Fixes to GitHub actions. ([`d2aa277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) +* Fixes to GitHub actions. ([`d2aa277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) -* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) +* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) -* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) +* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) -* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) +* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) -* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) +* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) -* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) +* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) -* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) +* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) -* Fixed typo in Github action. ([`3953675`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) +* Fixed typo in Github action. ([`3953675`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) -* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) +* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) -* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) +* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) -* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) +* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) -* Added Poetry supprot. ([`e9a67f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) +* Added Poetry supprot. ([`e9a67f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) -* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) +* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) -* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) +* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) -* Updated README to reflect support for author. ([`bff5954`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) +* Updated README to reflect support for author. ([`bff5954`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) -* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) +* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) -* Corrected typo in README ([`0d2c355`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) +* Corrected typo in README ([`0d2c355`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) -* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) +* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) -* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) +* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) -* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) +* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) -* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) +* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) -* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) +* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) -* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) +* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) -* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) +* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) -* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) +* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) -* Added HTML coverage report. ([`ce700e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) +* Added HTML coverage report. ([`ce700e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) -* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) +* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) -* Added coverage reporting for tests ([`c34b1a6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) +* Added coverage reporting for tests ([`c34b1a6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) -* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) +* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) -* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) +* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) -* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) +* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) -* Rebasing from main. ([`822ab8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) +* Rebasing from main. ([`822ab8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) -* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) +* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) -* pretty badge ([`60e975c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) +* pretty badge ([`60e975c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) -* initial CI for discussion ([`7e88cd5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) +* initial CI for discussion ([`7e88cd5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) -* Added a little more information to the README. ([`460c624`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) +* Added a little more information to the README. ([`460c624`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) -* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) +* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) -* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) +* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) -* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) +* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) -* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) +* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) -* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) +* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) -* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) +* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) -* Initial commit ([`62353b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) +* Initial commit ([`62353b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index daefd93d..1809a0e2 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.3.0" # noqa:Q000 +__version__ = "1.0.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 5890b293..27ff176a 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.3.0' +release = '1.0.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 82f08931..29c6c561 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.3.0" +version = "1.0.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From 366beb63e00be4bf6b1df5ef364560541a5ee6bd Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Sun, 27 Oct 2024 15:14:42 -0400 Subject: [PATCH 08/37] Revert "chore(release): 1.0.0" This reverts commit ce3fe7f30bbfd74d00da69ca12c183d75d52e0ed. --- CHANGELOG.md | 3285 ++++++++++++++++++++++++----------------- cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 1957 insertions(+), 1334 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f3b66957..0423d5d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,68 @@ -## v1.0.0 (2024-10-26) +## v8.3.0 (2024-10-26) + +### Documentation + +* docs: revisit examples readme (#725) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) + +### Feature + +* feat: add basic support for Definitions (#701) + + + +--------- + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) + + +## v8.2.1 (2024-10-24) + +### Fix + +* fix: encode quotation mark in URL (#724) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) + + +## v8.2.0 (2024-10-22) + +### Feature + +* feat: Add Python 3.13 support (#718) + +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) + + +## v8.1.0 (2024-10-21) + +### Documentation + +* docs: fix code examples regarding outputting (#709) + + + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) + +### Feature + +* feat: add support for Lifecycles in BOM metadata (#698) + + + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) + + +## v8.0.0 (2024-10-14) ### Breaking @@ -48,7 +109,241 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Joshua Kugler <tek30584@adobe.com> Signed-off-by: semantic-release <semantic-release@bot.local> Co-authored-by: Joshua Kugler <joshua@azariah.com> -Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) +Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) + +### Documentation + +* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) + + +## v7.6.2 (2024-10-07) + +### Documentation + +* docs: fix some doc strings + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) + +### Fix + +* fix: behavior of and typing for crypto setters with optional values (#694) + +fixes #690 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) + + +## v7.6.1 (2024-09-18) + +### Fix + +* fix: file copyright headers (#676) + +utilizes flake8 plugin +<https://pypi.org/project/flake8-copyright-validator/> to assert the +correct headers + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) + + +## v7.6.0 (2024-08-14) + +### Feature + +* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) + +The code mistreated hashes for Blake2b and SHA3. +Code for explicitly handling SHA1 & BLAKE3 was added, as those have no +variants defined in the CycloneDX specification. + +fixes #652 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) + + +## v7.5.1 (2024-07-08) + +### Fix + +* fix: XML serialize `normalizedString` and `token` properly (#646) + +fixes #638 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) + + +## v7.5.0 (2024-07-04) + +### Feature + +* feat: add workaround property for v1.5 and v1.6 (#642) + +Property `workaround` was missing from the vulnerability model. It was +added in spec v1.5 and was marked as TODO before. + +This is my first contribution on this project so if I done something +wrong, just say me :smiley: + +Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> +Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> +Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) + + +## v7.4.1 (2024-06-12) + +### Documentation + +* docs: exclude dep bumps from changelog (#627) + +fixes #616 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) + +### Fix + +* fix: `cyclonedx.model.Property.value` value is optional (#631) + +`cyclonedx.model.Property.value` value is optional, in accordance with +the spec. + +fixes #630 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) + + +## v7.4.0 (2024-05-23) + +### Documentation + +* docs: OSSP best practice percentage + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) + +### Feature + +* feat: updated SPDX license list to `v3.24.0` (#622) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) + + +## v7.3.4 (2024-05-06) + +### Fix + +* fix: allow suppliers with empty-string names (#611) + +fixes #600 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) + + +## v7.3.3 (2024-05-06) + +### Fix + +* fix: json validation allow arbitrary `$schema` value (#613) + +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) + + +## v7.3.2 (2024-04-26) + +### Fix + +* fix: properly sort components based on all properties (#599) + +reverts #587 - as this one introduced errors +fixes #598 +fixes #586 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) + + +## v7.3.1 (2024-04-22) + +### Fix + +* fix: include all fields of `Component` in `__lt__` function for #586 (#587) + +Fixes #586. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) + + +## v7.3.0 (2024-04-19) + +### Feature + +* feat: license factory set `acknowledgement` (#593) + +add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) + + +## v7.2.0 (2024-04-19) + +### Feature + +* feat: disjunctive license acknowledgement (#591) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) + +### Unknown + +* doc: poor merge resolved + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) + + +## v7.1.0 (2024-04-10) + +### Documentation + +* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) + +### Feature + +* feat: support `bom.properties` for CycloneDX v1.5+ (#585) + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) + + +## v7.0.0 (2024-04-09) + +### Breaking * feat!: Support for CycloneDX v1.6 @@ -189,15 +484,193 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) -* feat!: v6.0.0 (#492) -### Breaking Changes - -* Removed symbols that were already marked as deprecated (via [#493]) -* Removed symbols in `parser.*` ([#489] via [#495]) -* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) +## v6.4.4 (2024-03-18) + +### Fix + +* fix: wrong extra name for xml validation (#571) + + + +Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) + + +## v6.4.3 (2024-03-04) + +### Fix + +* fix: serialization of `model.component.Diff` (#557) + +Fixes #556 + +--------- + +Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) + + +## v6.4.2 (2024-03-01) + +### Build + +* build: use poetry v1.8.1 (#560) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) + +### Documentation + +* docs: update architecture description and examples (#550) + + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) + +* docs: exclude internal docs from rendering (#545) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) + +### Unknown + +* docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) + +* docs (#546) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) + + +## v6.4.1 (2024-01-30) + +### Documentation + +* docs: ship docs with `sdist` build (#544) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) + +* docs: refactor example + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) + +### Fix + +* fix: `model.BomRef` no longer equal to unset peers (#543) + + fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) + + +## v6.4.0 (2024-01-22) + +### Documentation + +* docs: add OpenSSF Best Practices shield (#532) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) + +### Feature + +* feat: support `py-serializable` v1.0 (#531) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) + + +## v6.3.0 (2024-01-06) + +### Documentation + +* docs: add `Documentation` url to project meta + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) + +* docs: add `Documentation` url to project meta + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) + +### Feature + +* feat: enable dependency `py-serializable 0.17` (#529) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) + + +## v6.2.0 (2023-12-31) + +### Build + +* build: allow additional major-version RC branch patterns + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) + +### Documentation + +* docs: fix typo + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) + +* docs: update intro and description + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) + +* docs: buld docs on ubuntu22.04 python311 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) + +### Feature + +* feat: allow `lxml` requirement in range of `>=4,<6` (#523) + +Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. +- [Release notes](https://github.com/lxml/lxml/releases) +- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) +- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) + +--- +updated-dependencies: +- dependency-name: lxml + dependency-type: direct:production +... + +Signed-off-by: dependabot[bot] <support@github.com> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) + +### Unknown + +* docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) + + +## v6.1.0 (2023-12-22) + +### Feature + +* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) + +new API: `model.HashType.from_hashlib_alg()` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) + + +## v6.0.0 (2023-12-10) + +### Breaking + +* feat!: v6.0.0 (#492) + +### Breaking Changes + +* Removed symbols that were already marked as deprecated (via [#493]) +* Removed symbols in `parser.*` ([#489] via [#495]) +* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) * Serialization of unsupported enum values might downgrade/migrate/omit them ([#490] via [#496]) Handling might raise warnings if a data loss occurred due to omitting. The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered. @@ -281,7 +754,78 @@ Signed-off-by: Johannes Feichtner <johannes@web-wack.at> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) +Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) + + +## v5.2.0 (2023-12-02) + +### Documentation + +* docs: keywaords & funding (#486) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) + +### Feature + +* feat: `model.XsUri` migrate control characters according to spec (#498) + +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) + + +## v5.1.1 (2023-11-02) + +### Fix + +* fix: update own `externalReferences` (#480) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) + + +## v5.1.0 (2023-10-31) + +### Documentation + +* docs: advance license docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) + +### Feature + +* feat: guarantee unique `BomRef`s in serialization result (#479) + +Incorporate `output.BomRefDiscriminator` on serialization + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) + + +## v5.0.1 (2023-10-24) + +### Documentation + +* docs: revisit project meta (#475) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) + +* docs: fix RTFD build (#476) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) + +### Unknown + +* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" + +This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) + + +## v5.0.0 (2023-10-24) + +### Breaking * feat!: v5.0.0 (#440) @@ -401,54 +945,156 @@ Misc Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> Signed-off-by: semantic-release <semantic-release> -Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) +Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) -* feat: Release 4.0.0 #341) -Highlights of this release include: -* Support for De-serialization from JSON and XML to this Pythonic Model -* Deprecation of Python 3.6 support -* Support for Python 3.11 -* Support for `BomLink` -* Support VEX without needing `Component` in the same `Bom` -* Support for `services` having `dependencies` - -BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -feat: allow `version` of BOM to be defined - -feat: allow `serial_number` of BOM to be prescribed - -feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: fix release workflow - -* chore: editorconfig - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* feat: support for deserialization from JSON and XML (#290) - -BREAKING CHANGE: - -* feat: drop Python 3.6 support - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> +## v4.2.3 (2023-10-16) + +### Fix + +* fix: SPDX-expression-validation internal crashes are cought and handled (#471) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) + + +## v4.2.2 (2023-09-14) + +### Documentation + +* docs: fix shield in README + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) + +* docs(example): showcase `LicenseChoiceFactory` (#428) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) + +### Fix + +* fix: ship meta files (#434) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) + + +## v4.2.1 (2023-09-06) + +### Fix + +* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) + + +## v4.2.0 (2023-09-06) + +### Feature + +* feat: complete SPDX license expression (#425) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) + + +## v4.1.0 (2023-08-27) + +### Documentation + +* docs(examples): showcase shorthand dependency management (#403) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) + +### Feature + +* feat: programmatic access to library's version (#417) + +adds `cyclonedx.__version__` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) + + +## v4.0.1 (2023-06-28) + +### Documentation + +* docs(examples): README (#399) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) + +* docs: add exaple how to build and serialize (#397) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) + +### Fix + +* fix: conditional warning if no root dependencies were found (#398) + + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) + +### Unknown + +* 4.0.1 + +Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) + +* Add missing space in warning message. (#364) + + + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) + + +## v4.0.0 (2023-03-20) + +### Breaking + +* feat: Release 4.0.0 #341) + +Highlights of this release include: +* Support for De-serialization from JSON and XML to this Pythonic Model +* Deprecation of Python 3.6 support +* Support for Python 3.11 +* Support for `BomLink` +* Support VEX without needing `Component` in the same `Bom` +* Support for `services` having `dependencies` + +BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +feat: allow `version` of BOM to be defined + +feat: allow `serial_number` of BOM to be prescribed + +feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: fix release workflow + +* chore: editorconfig + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* feat: support for deserialization from JSON and XML (#290) + +BREAKING CHANGE: + +* feat: drop Python 3.6 support + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> @@ -521,1337 +1167,681 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) - -* feat: bump dependencies - -BREAKING CHANGE: Adopt PEP-3102 - -BREAKING CHANGE: Optional Lists are now non-optional Sets - -BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version - -BREAKING CHANGE: Added `BomRef` data type - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) - -### Build - -* build: use poetry v1.8.1 (#560) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) - -* build: allow additional major-version RC branch patterns - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) - -* build: move typing to dev-dependencies - -Move `types-setuptools` and `types-toml` to dev-dependencies (#226) - -Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) - -* build: updated dependencies, moved pdoc3 to a dev dependency +Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) +### Unknown -* build: dependencies updated +* 4.0.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) +Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) -### Documentation -* docs: revisit examples readme (#725) +## v3.1.5 (2023-01-12) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) +### Fix -* docs: fix code examples regarding outputting (#709) +* fix: mak test's schema paths relative to `cyclonedx` package (#338) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) - -* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) - -* docs: fix some doc strings +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) - -* docs: exclude dep bumps from changelog (#627) +### Unknown -fixes #616 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) +* 3.1.5 -* docs: OSSP best practice percentage +Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) -* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) +## v3.1.4 (2023-01-11) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) +### Fix -* docs: update architecture description and examples (#550) +* fix(tests): include tests in `sdist` builds (#337) +* feat: include `tests` in `sdist` builds for #336 +* delete unexpected `DS_Store` file - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) - -* docs: exclude internal docs from rendering (#545) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) - -* docs: ship docs with `sdist` build (#544) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) - -* docs: refactor example +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -* docs: add OpenSSF Best Practices shield (#532) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) - -* docs: fix typo - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) - -* docs: update intro and description - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) - -* docs: buld docs on ubuntu22.04 python311 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) - -* docs: keywaords & funding (#486) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) - -* docs: advance license docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) - -* docs: revisit project meta (#475) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) - -* docs: fix RTFD build (#476) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) - -* docs: fix shield in README - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) - -* docs(example): showcase `LicenseChoiceFactory` (#428) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) - -* docs(examples): showcase shorthand dependency management (#403) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) - -* docs(examples): README (#399) +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) +* 3.1.4 -* docs: add exaple how to build and serialize (#397) +Automatically generated by python-semantic-release ([`0b19294`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) -* docs: typo +## v3.1.3 (2023-01-07) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) +### Fix -* docs: fix shields (#324) +* fix: serialize dependency graph for nested components (#329) -caused by https://github.com/badges/shields/issues/8671 +* tests: regression tests for issue #328 +* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) - -* docs: fix typo (#318) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) +### Unknown -* docs: fix typo "This is out" -> "This is our" +* 3.1.3 -Fix typo in comments: "This is out" -> "This is our" (#233) - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) +Automatically generated by python-semantic-release ([`11a420c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) -### Feature -* feat: add basic support for Definitions (#701) +## v3.1.2 (2023-01-06) - - ---------- - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) - -* feat: Add Python 3.13 support (#718) - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) - -* feat: add support for Lifecycles in BOM metadata (#698) - - - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) - -* feat: add cpe format validation - -Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`aea3b04`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aea3b047bc86a4256e8437bdba931578859700df)) - -* feat: add CPE format validation in property setter - -Signed-off-by: Saquib Saifee <saquibsaifee@ibm.com> ([`c74218b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c74218ba0f969cdbe20c5988ef37b358c9c0e011)) - -* feat: add cpe format validation - -- Implemented regex-based validation for CPE format in the model. -- Added tests to verify handling of invalid CPE strings. - -Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`15d9c19`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15d9c198404d4c55cf2e9039283a31ff973e8a1b)) - -* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) - -The code mistreated hashes for Blake2b and SHA3. -Code for explicitly handling SHA1 & BLAKE3 was added, as those have no -variants defined in the CycloneDX specification. - -fixes #652 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) - -* feat: add workaround property for v1.5 and v1.6 (#642) - -Property `workaround` was missing from the vulnerability model. It was -added in spec v1.5 and was marked as TODO before. - -This is my first contribution on this project so if I done something -wrong, just say me :smiley: - -Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> -Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> -Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) - -* feat: updated SPDX license list to `v3.24.0` (#622) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) - -* feat: license factory set `acknowledgement` (#593) - -add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) - -* feat: disjunctive license acknowledgement (#591) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) - -* feat: support `bom.properties` for CycloneDX v1.5+ (#585) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) - -* feat: support `py-serializable` v1.0 (#531) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) - -* feat: enable dependency `py-serializable 0.17` (#529) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) - -* feat: allow `lxml` requirement in range of `>=4,<6` (#523) - -Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. -- [Release notes](https://github.com/lxml/lxml/releases) -- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) -- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) - ---- -updated-dependencies: -- dependency-name: lxml - dependency-type: direct:production -... - -Signed-off-by: dependabot[bot] <support@github.com> -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) - -* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) - -new API: `model.HashType.from_hashlib_alg()` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) - -* feat: `model.XsUri` migrate control characters according to spec (#498) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) - -* feat: guarantee unique `BomRef`s in serialization result (#479) - -Incorporate `output.BomRefDiscriminator` on serialization - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) - -* feat: complete SPDX license expression (#425) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) - -* feat: programmatic access to library's version (#417) - -adds `cyclonedx.__version__` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) - -* feat: out-factor SPDX compund detection - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) - -* feat: out-factor SPDX compund detection - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) - -* feat: license factories - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) - -* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) - -* feat: support for CycloneDX schema version `1.4.2` -- Provides support for `vulnerability.properties` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) - -* feat: added updated CycloneDX 1.4.2 schemas - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) - -* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) - -* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) - -* feat(deps): remove unused `typing-extensions` constraints - -PullRequest and details via #224 - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) - -* feat: add support for Dependency Graph in Model and output serialisation - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) - -* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: -https://github.com/CycloneDX/specification/issues/122 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) - -* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: -- https://github.com/CycloneDX/specification/issues/123 -- https://github.com/CycloneDX/specification/issues/84 -- https://github.com/CycloneDX/specification/issues/125 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) - -* feat: output errors are verbose - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) - -* feat: completed work on #155 (#172) - -fix: resolved #169 (part of #155) -feat: as part of solving #155, #147 has been implemented - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) - -* feat: support complete model for `bom.metadata` (#162) - -* feat: support complete model for `bom.metadata` -fix: JSON comparison in unit tests was broken -chore: corrected some source license headers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) - -* feat: support for `bom.externalReferences` in JSON and XML #124 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) - -* feat: Complete support for `bom.components` (#155) - -* fix: implemented correct `__hash__` methods in models (#153) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) - -* feat: support services in XML BOMs -feat: support nested services in JSON and XML BOMs - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) - -* feat: add CPE to component (#138) - -* Added CPE to component - -Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixing problems with CPE addition - -- Fixed styling errors -- Added reference to CPE Spec -- Adding CPE parameter as last parameter to not break arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Again fixes for Style and CPE reference - -Missing in the last commit - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added CPE as argument before deprecated arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added testing for CPE addition and error fixing - -- Added output tests for CPE in XML and JSON -- Fixes style error in components -- Fixes order for CPE output in XML (CPE has to come before PURL) - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed output tests - -CPE was still in the wrong position in one of the tests - fixed - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed minor test fixtures issues - -- cpe was still in wrong position in 1.2 JSON -- Indentation fixed in 1.4 JSON - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed missing comma in JSON 1.2 test file - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) - -* feat: add support for `bom.metadata.component` (#118) - -* Add support for metadata component - -Part of #6 - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> - -* Better docs and simpler ifs - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) - -* feat: loosed dependency versions to make this library more consumable - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) - -* feat: Typing & PEP 561 - -* adde file for type checkers according to PEP 561 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added static code analysis as a dev-test - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added the "typed" trove - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added `flake8-annotations` to the tests - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* further typing updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing additions and test updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - added type stubs for toml and setuptools - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* typing work - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* coding standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* fixed tox and mypy running in correct python version - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed some typing related flaws - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added flake8-bugbear for code analysis - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) - -* feat: add support for Conda - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) - -* feat: add support for parsing package licenses when using the `Environment` Parsers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) - -* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) - -* feat: support for pipenv.lock file parsing - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) - -* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) - -* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) - -* feat: add support for tool(s) that generated the SBOM - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) - -* feat: support for localising vectors (i.e. stripping out any scheme prefix) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) - -* feat: helper methods for deriving Severity and SourceType - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) - -* feat: adding support for extension schema that descriptions vulnerability disclosures - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) - -* feat: added helper method to return a PackageURL object representing a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) - -* feat: add poetry support - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) - -### Fix - -* fix: encode quotation mark in URL (#724) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) - -* fix: behavior of and typing for crypto setters with optional values (#694) - -fixes #690 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) - -* fix: file copyright headers (#676) - -utilizes flake8 plugin -<https://pypi.org/project/flake8-copyright-validator/> to assert the -correct headers - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) - -* fix: XML serialize `normalizedString` and `token` properly (#646) - -fixes #638 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) - -* fix: `cyclonedx.model.Property.value` value is optional (#631) - -`cyclonedx.model.Property.value` value is optional, in accordance with -the spec. - -fixes #630 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) - -* fix: allow suppliers with empty-string names (#611) - -fixes #600 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) - -* fix: json validation allow arbitrary `$schema` value (#613) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) - -* fix: properly sort components based on all properties (#599) - -reverts #587 - as this one introduced errors -fixes #598 -fixes #586 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) - -* fix: include all fields of `Component` in `__lt__` function for #586 (#587) - -Fixes #586. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) - -* fix: wrong extra name for xml validation (#571) - - - -Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) - -* fix: serialization of `model.component.Diff` (#557) - -Fixes #556 - ---------- - -Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) - -* fix: `model.BomRef` no longer equal to unset peers (#543) - - fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) - -* fix: update own `externalReferences` (#480) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) - -* fix: SPDX-expression-validation internal crashes are cought and handled (#471) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) - -* fix: ship meta files (#434) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) +### Documentation -* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) +* docs: typo -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) -* fix: conditional warning if no root dependencies were found (#398) +* docs: fix shields (#324) +caused by https://github.com/badges/shields/issues/8671 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) + +* docs: fix typo (#318) + -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) -* fix: mak test's schema paths relative to `cyclonedx` package (#338) +### Fix + +* fix: prevent errors on metadata handling for some specification versions (#330) Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) -* fix(tests): include tests in `sdist` builds (#337) +### Unknown -* feat: include `tests` in `sdist` builds for #336 -* delete unexpected `DS_Store` file - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) +* 3.1.2 -* fix: serialize dependency graph for nested components (#329) +Automatically generated by python-semantic-release ([`0853d14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) + +* clarify sign-off step (#319) -* tests: regression tests for issue #328 -* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) -* fix: prevent errors on metadata handling for some specification versions (#330) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) +## v3.1.1 (2022-11-28) + +### Fix * fix: type hint for `get_component_by_purl` is incorrect chore: force automated release -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) -* fix: pinned `mypy <= 0.961` due to #278 +### Unknown -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) +* 3.1.1 -* fix: properly support nested `components` and `services` #275 +Automatically generated by python-semantic-release ([`503955e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) +* Merge pull request #310 from gruebel/fix-method-type-hint -* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) +* move tests to model bom file -* fix: add missing `Vulnerability` comparator for sorting (#246) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) -Partial fix for #245. - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) +* fix type hint for get_component_by_purl -* fix: prevent error if `version` not set +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) -* fix: `version` being optional in JSON output can raise error +## v3.1.0 (2022-09-15) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) +### Feature -* fix: `license_url` not serialised in XML output #179 (#180) +* feat: out-factor SPDX compund detection -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) -* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly +* feat: out-factor SPDX compund detection -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) -* fix: temporary fix for `__hash__` of Component with `properties` #153 +* feat: license factories -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) -* fix: further fix for #150 +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) +* 3.1.0 -* fix: regression introduced by first fix for #150 +Automatically generated by python-semantic-release ([`e52c174`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) +* Merge pull request #305 from CycloneDX/license-factories -* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 +feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) +* Merge pull request #301 from CycloneDX/fix-poetry-in-tox -* fix: `expression` not supported in Component Licsnes for version 1.0 +chore: fix poetry in tox ([`92aea8d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) +* remove v3 from CHANGELOG #286 (#287) -* fix: bump dependencies (#136) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) +* 3.0.0 -* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +Automatically generated by python-semantic-release ([`69582ff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -* fix: tightened dependency `packageurl-python` (#95) +## v2.7.1 (2022-08-01) -fixes #94 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) +### Fix -* fix: further loosened dependency definitions +* fix: pinned `mypy <= 0.961` due to #278 -see #44 - -updated some locked dependencies to latest versions - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) -* fix: constructor for `Vulnerability` to correctly define `ratings` as optional +* fix: properly support nested `components` and `services` #275 -Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) -* fix: correct way to write utf-8 encoded files +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) +* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 -* fix: ensure output to file is UTF-8 +fix: BOM validation fails when Components or Services are nested #275 + +fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) +* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) -* fix: ensure output to file is UTF-8 +* added tests to cover new `Component.get_all_nested_components()` method -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) -* fix: missing check for Classifiers in Environment Parser +* Revert "chore: re-added `isort` to pre-commit hooks" -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) +This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -* fix: coding standards violations +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) +* removed tests where services are part of dependency tree - see #277 -* fix: handle `Pipfile.lock` dependencies without an `index` specified -fix: multiple fixes in variable scoping to prevent accidental data sharing +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) +* aded XML output tests for Issue #275 -* fix: add namespace and subpath support to Component to complete PackageURL Spec support +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) +* updated XML output tests -* fix: multiple hashes being created for an externalRefernce which is not as required +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) +* addressed JSON output for #275 including test addiitions -* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance +## v2.7.0 (2022-07-21) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) +### Feature -* fix: bumped a dependency version +* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) +* feat: support for CycloneDX schema version `1.4.2` +- Provides support for `vulnerability.properties` -* fix: improved handling for `requirements.txt` content without pinned or declared versions +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) +* feat: added updated CycloneDX 1.4.2 schemas -* fix: removed print call +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) +### Unknown -* fix: relaxed typing of parameter to be compatible with Python < 3.9 +* 2.7.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) +Automatically generated by python-semantic-release ([`96d155e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) -* fix: removed print call -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) +## v2.6.0 (2022-06-20) -* fix: remove unused commented out code +### Feature -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) +* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) -* fix: whitespace on empty line removed +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) +### Unknown -* fix(test): test was not updated for revised author statement +* 2.6.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) +Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) -* fix(build): test failure and dependency missing -Fixed failing tests due to dependency on now removed VERSION file -Added flake8 officially as a DEV dependency to poetry +## v2.5.2 (2022-06-15) + +### Fix -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) +* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) -* fix(build): removed artefacts associtated with non-poetry build +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) -Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. +### Unknown + +* 2.5.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) +Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) -* fix: add in pypi badge ([`6098c36`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) -* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) +## v2.5.1 (2022-06-10) -* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) +### Fix -* fix: release with full name ([`4c620ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) +* fix: add missing `Vulnerability` comparator for sorting (#246) -* fix: initial release to pypi ([`99687db`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) +Partial fix for #245. + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) ### Unknown -* Merge branch 'CycloneDX:main' into main ([`8c4082e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c4082e96eb3af94740b03bcd70c62e8c133c5c0)) +* 2.5.1 -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4197b8f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4197b8ff2fb774d6b2a4bf522536644b7556ce8a)) +Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`39f1ea1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/39f1ea163859b203d23f66920a1e358e0a0d434b)) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`8d6c632`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d6c632829bc59ee71de76bb9b06481cd71b3ebc)) +## v2.5.0 (2022-06-10) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4c9bf32`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c9bf32cb213ef32499d0e15f6a3c30a7c648477)) +### Build -* Merge branch 'CycloneDX:main' into main ([`2cd8250`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2cd825006d2e1dd4164388baf1124ba0063e0d88)) +* build: move typing to dev-dependencies -* Merge branch 'CycloneDX:main' into main ([`be4fd4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be4fd4b0fa7e274689e6dadbcd0a3c2764ca88d1)) +Move `types-setuptools` and `types-toml` to dev-dependencies (#226) + +Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) -* Merge pull request #3 from CycloneDX/main +### Documentation -sync ([`a0bfc3d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a0bfc3dc2114d0ff66a8c5911299da9d83b31034)) +* docs: fix typo "This is out" -> "This is our" -* doc: poor merge resolved +Fix typo in comments: "This is out" -> "This is our" (#233) + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) +### Feature -* docs +* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) -* docs (#546) +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) +* 2.5.0 -* docs +Automatically generated by python-semantic-release ([`c820423`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) +* Merge pull request #235 from RodneyRichardson/use-sorted-set -* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" +feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) -This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. +* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) +* Fix SortedSet type hints for python < 3.8 -* 4.0.1 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) -Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) +* Fix line length warning. -* Add missing space in warning message. (#364) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) - - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) +* Fix more type hints for python < 3.8 -* 4.0.0 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) -Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) +* Fix SortedSet type hints for python < 3.8 -* 3.1.5 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) -Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) +* Fix type hint on ComparableTuple -* 3.1.4 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) -Automatically generated by python-semantic-release ([`0b19294`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) +* Sort usings. -* 3.1.3 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) -Automatically generated by python-semantic-release ([`11a420c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) +* Fix sonatype-lift warnings -* 3.1.2 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) -Automatically generated by python-semantic-release ([`0853d14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) +* Fix warnings. -* clarify sign-off step (#319) +Change tuple -> Tuple +Fix Diff initialization +Add sorting to AttachedText - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) -* 3.1.1 +* Reduce sortedcontainers.pyi to only the functions used. -Automatically generated by python-semantic-release ([`503955e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) -* Merge pull request #310 from gruebel/fix-method-type-hint +* Remove flake8 warnings -fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) +Remove unused imports and trailing whitespace. +Sort usings in pyi file. -* move tests to model bom file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) +* Add type hints for SortedSet -* fix type hint for get_component_by_purl +Fix use of set/Set. -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) -* 3.1.0 +* Replace object type hint in __lt__ with Any -Automatically generated by python-semantic-release ([`e52c174`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) -* Merge pull request #305 from CycloneDX/license-factories +* Make reorder() return type explicit List (as flagged by sonatype-lift bot) -feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) -* Merge pull request #301 from CycloneDX/fix-poetry-in-tox +* Use SortedSet in model to improve reproducibility -chore: fix poetry in tox ([`92aea8d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) +Added `__lt__()` to all model classes used in SortedSet, with tests +Explicitly declared Enums as (str, Enum) to allow sorting +Added dependency to sortedcollections package -* remove v3 from CHANGELOG #286 (#287) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) -* 3.0.0 +## v2.4.0 (2022-05-17) -Automatically generated by python-semantic-release ([`69582ff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) +### Feature -* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 +* feat(deps): remove unused `typing-extensions` constraints -fix: BOM validation fails when Components or Services are nested #275 +PullRequest and details via #224 -fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) -* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) +### Unknown -* added tests to cover new `Component.get_all_nested_components()` method +* 2.4.0 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +Automatically generated by python-semantic-release ([`4874354`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) -* Revert "chore: re-added `isort` to pre-commit hooks" +* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) -This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) +## v2.3.0 (2022-04-20) -* removed tests where services are part of dependency tree - see #277 +### Feature -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) +* feat: add support for Dependency Graph in Model and output serialisation -* aded XML output tests for Issue #275 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) +### Unknown -* updated XML output tests +* 2.3.0 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) +Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) -* addressed JSON output for #275 including test addiitions +* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) +feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) -* 2.7.0 +* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast -Automatically generated by python-semantic-release ([`96d155e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) +no cast ([`2551545`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) -* 2.6.0 +* no cast -Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) -* 2.5.2 +* update to use `Set` operators (more Pythonic) -Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) -* 2.5.1 +* missing closing `>` in `BomRef.__repr__` -Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) -* 2.5.0 +* removed unnecessary condition - `self.get_bom().components` is always a `Set` -Automatically generated by python-semantic-release ([`c820423`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) -* Merge pull request #235 from RodneyRichardson/use-sorted-set +* added additional tests to validate Component in Metadata is properly represented in Dependency Graph -feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) -* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy -* Fix SortedSet type hints for python < 3.8 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) +* updates based on feedback from @jkowalleck -* Fix line length warning. +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) +* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) -* Fix more type hints for python < 3.8 +* doc: updated docs to reflect support for Dependency Graph -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) -* Fix SortedSet type hints for python < 3.8 +* updated file hash in test -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) -* Fix type hint on ComparableTuple +* removed unused import -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) -* Sort usings. +* doc: updated docs to reflect support for Dependency Graph -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) -* Fix sonatype-lift warnings +* updated file hash in test -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) -* Fix warnings. +* removed unused import -Change tuple -> Tuple -Fix Diff initialization -Add sorting to AttachedText +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) + + +## v2.2.0 (2022-04-12) + +### Feature + +* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: +https://github.com/CycloneDX/specification/issues/122 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) + +* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: +- https://github.com/CycloneDX/specification/issues/123 +- https://github.com/CycloneDX/specification/issues/84 +- https://github.com/CycloneDX/specification/issues/125 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) + +### Unknown -* Reduce sortedcontainers.pyi to only the functions used. +* 2.2.0 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) +Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) -* Remove flake8 warnings +* Merge pull request #207 from CycloneDX/feat/update-schemas -Remove unused imports and trailing whitespace. -Sort usings in pyi file. +feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) +* mark schema files as vendored -* Add type hints for SortedSet +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) -Fix use of set/Set. +* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) +[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) -* Replace object type hint in __lt__ with Any -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) +## v2.1.1 (2022-04-05) -* Make reorder() return type explicit List (as flagged by sonatype-lift bot) +### Fix -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) +* fix: prevent error if `version` not set -* Use SortedSet in model to improve reproducibility +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) -Added `__lt__()` to all model classes used in SortedSet, with tests -Explicitly declared Enums as (str, Enum) to allow sorting -Added dependency to sortedcollections package +### Unknown -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) +* 2.1.1 -* 2.4.0 +Automatically generated by python-semantic-release ([`f78d608`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) -Automatically generated by python-semantic-release ([`4874354`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) +* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 -* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) +fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) -* 2.3.0 -Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) +## v2.1.0 (2022-03-28) -* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies +### Feature -feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) +* feat: output errors are verbose -* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) -no cast ([`2551545`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) +### Fix -* no cast +* fix: `version` being optional in JSON output can raise error -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) -* update to use `Set` operators (more Pythonic) +### Unknown -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) +* 2.1.0 -* missing closing `>` in `BomRef.__repr__` +Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) +* Merge pull request #198 from CycloneDX/verbose_outout_errors -* removed unnecessary condition - `self.get_bom().components` is always a `Set` +fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) +* updated to be more pythonic -* added additional tests to validate Component in Metadata is properly represented in Dependency Graph +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) +* doc: added CONTRIBUTING to public docs +doc: included pre-commit hooks in CONTRIBUTING -* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) +* Merge pull request #182 from CycloneDX/sort-imports -* updates based on feedback from @jkowalleck +style: sort imports ([`aa37e56`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) -* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) +## v2.0.0 (2022-02-21) -* doc: updated docs to reflect support for Dependency Graph +### Breaking -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) +* feat: bump dependencies -* updated file hash in test +BREAKING CHANGE: Adopt PEP-3102 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) +BREAKING CHANGE: Optional Lists are now non-optional Sets -* removed unused import +BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) +BREAKING CHANGE: Added `BomRef` data type -* doc: updated docs to reflect support for Dependency Graph +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) +### Feature -* updated file hash in test +* feat: completed work on #155 (#172) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) +fix: resolved #169 (part of #155) +feat: as part of solving #155, #147 has been implemented + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) -* removed unused import +* feat: support complete model for `bom.metadata` (#162) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) +* feat: support complete model for `bom.metadata` +fix: JSON comparison in unit tests was broken +chore: corrected some source license headers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) -* 2.2.0 +* feat: support for `bom.externalReferences` in JSON and XML #124 -Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) -* Merge pull request #207 from CycloneDX/feat/update-schemas +* feat: Complete support for `bom.components` (#155) -feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) +* fix: implemented correct `__hash__` methods in models (#153) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) -* mark schema files as vendored +* feat: support services in XML BOMs +feat: support nested services in JSON and XML BOMs -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) -* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks +### Fix -[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) +* fix: `license_url` not serialised in XML output #179 (#180) -* 2.1.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) -Automatically generated by python-semantic-release ([`f78d608`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) +* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly -* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) -fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) +* fix: temporary fix for `__hash__` of Component with `properties` #153 -* 2.1.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) -Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) +* fix: further fix for #150 -* Merge pull request #198 from CycloneDX/verbose_outout_errors +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) -fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) +* fix: regression introduced by first fix for #150 -* updated to be more pythonic +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) +* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 -* doc: added CONTRIBUTING to public docs -doc: included pre-commit hooks in CONTRIBUTING +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) +* fix: `expression` not supported in Component Licsnes for version 1.0 -* Merge pull request #182 from CycloneDX/sort-imports +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) -style: sort imports ([`aa37e56`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) +### Unknown * 2.0.0 -Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) +Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) -* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) +* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) -* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) +* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) * doc: added RTD badge to README -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) * implemented `__str__` for `BomRef` -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) * Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) @@ -1861,19 +1851,19 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * updated Vulnerability to also use new `BomRef` model -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) * BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) * BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) * BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) * BREAKING CHANGE: update models to use `Set` rather than `List` (#160) @@ -1881,27 +1871,27 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://git BREAKING CHANGE: update final models to use `@property` wip -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) * removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) * BREAKING CHANGE: adopted PEP-3102 for model classes (#158) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) * doc: added page to docs to call out which parts of the specification this library supports -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) * attempt to resolve Lift finding -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) * removed unused imports -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) * WIP on `bom.services` @@ -1991,25 +1981,143 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> Signed-off-by: Paul Horton <phorton@sonatype.com> Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) +Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) + + +## v1.3.0 (2022-01-24) + +### Feature + +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) + +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) + +### Unknown * 1.3.0 -Automatically generated by python-semantic-release ([`4178181`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) +Automatically generated by python-semantic-release ([`4178181`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) + + +## v1.2.0 (2022-01-24) + +### Feature + +* feat: add CPE to component (#138) + +* Added CPE to component + +Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixing problems with CPE addition + +- Fixed styling errors +- Added reference to CPE Spec +- Adding CPE parameter as last parameter to not break arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Again fixes for Style and CPE reference + +Missing in the last commit + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added CPE as argument before deprecated arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added testing for CPE addition and error fixing + +- Added output tests for CPE in XML and JSON +- Fixes style error in components +- Fixes order for CPE output in XML (CPE has to come before PURL) + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed output tests + +CPE was still in the wrong position in one of the tests - fixed + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed minor test fixtures issues + +- cpe was still in wrong position in 1.2 JSON +- Indentation fixed in 1.4 JSON + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed missing comma in JSON 1.2 test file + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) + +### Unknown * 1.2.0 -Automatically generated by python-semantic-release ([`97c215c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) +Automatically generated by python-semantic-release ([`97c215c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) + + +## v1.1.1 (2022-01-19) + +### Fix + +* fix: bump dependencies (#136) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) + +### Unknown * 1.1.1 -Automatically generated by python-semantic-release ([`dec63de`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) +Automatically generated by python-semantic-release ([`dec63de`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) + + +## v1.1.0 (2022-01-13) + +### Feature + +* feat: add support for `bom.metadata.component` (#118) + +* Add support for metadata component + +Part of #6 + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> + +* Better docs and simpler ifs + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) + +### Unknown * 1.1.0 -Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) +Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) + + +## v1.0.0 (2022-01-13) + +### Unknown -* Manually generated release ([`3509fb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) +* Manually generated release ([`3509fb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) * Support for CycloneDX schema version 1.4 (#108) @@ -2034,43 +2142,111 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) + +* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) + + +## v0.12.3 (2021-12-15) + +### Fix + +* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) +### Unknown * 0.12.3 -Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) +Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) + + +## v0.12.2 (2021-12-09) + +### Fix + +* fix: tightened dependency `packageurl-python` (#95) + +fixes #94 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) + +### Unknown * 0.12.2 -Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) +Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) + + +## v0.12.1 (2021-12-09) + +### Fix + +* fix: further loosened dependency definitions + +see #44 + +updated some locked dependencies to latest versions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) + +### Unknown * 0.12.1 -Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) +Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) + + +## v0.12.0 (2021-12-09) + +### Feature + +* feat: loosed dependency versions to make this library more consumable + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) + +### Unknown * 0.12.0 -Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) +Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) * Merge pull request #88 from CycloneDX/contributing-file -initial CONTRIBUTING file ([`20035bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) +initial CONTRIBUTING file ([`20035bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) * initial CONTRIBUTING file -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) * CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 -poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) +poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) * CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) +poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) * poetry(deps): bump filelock from 3.3.2 to 3.4.0 @@ -2086,11 +2262,11 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) +Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) * CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) +poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) * poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 @@ -2105,11 +2281,11 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) +Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) * CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 -poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) * poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 @@ -2124,15 +2300,15 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) +Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) * CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) +poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) * CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 -poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) * poetry(deps-dev): bump coverage from 6.1.2 to 6.2 @@ -2148,9 +2324,9 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) +Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) -* DOCS: fix README shields & links ([`43b1121`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) +* DOCS: fix README shields & links ([`43b1121`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) * doc: readme maintenance - shields & links (#72) @@ -2184,7 +2360,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> * README: removed py version shield -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) * poetry(deps): bump mako from 1.1.5 to 1.1.6 @@ -2200,11 +2376,11 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) +Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) * Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 -poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) +poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) * FIX: update Conda package parsing to handle `build` containing underscore (#66) @@ -2214,7 +2390,7 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * updated some typings -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) * poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 @@ -2230,7 +2406,7 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) +Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) * poetry(deps): bump filelock from 3.3.1 to 3.3.2 @@ -2246,19 +2422,19 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) +Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) * Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 -poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) +poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) * Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 -poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) +poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) * Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 -poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) +poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) * poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 @@ -2274,7 +2450,7 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) +Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) * poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 @@ -2290,11 +2466,22 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) +Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) + + +## v0.11.1 (2021-11-10) + +### Fix + +* fix: constructor for `Vulnerability` to correctly define `ratings` as optional + +Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) + +### Unknown * 0.11.1 -Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) * FEAT: Support Python 3.10 (#64) @@ -2308,7 +2495,7 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) * poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 @@ -2324,39 +2511,118 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) +Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) + + +## v0.11.0 (2021-11-10) + +### Feature + +* feat: Typing & PEP 561 + +* adde file for type checkers according to PEP 561 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added static code analysis as a dev-test + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added the "typed" trove + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added `flake8-annotations` to the tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* further typing updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing additions and test updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing - added type stubs for toml and setuptools + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* typing work + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* coding standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fixed tox and mypy running in correct python version + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed some typing related flaws + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added flake8-bugbear for code analysis + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) + +### Unknown * 0.11.0 -Automatically generated by python-semantic-release ([`7262783`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) +Automatically generated by python-semantic-release ([`7262783`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) * Merge pull request #41 from jkowalleck/improv-abstract -fixed some abstract definitions ([`f34e2c2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) +fixed some abstract definitions ([`f34e2c2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) * Merge pull request #42 from jkowalleck/improv-pipenv -slacked pipenv parser ([`08bc4ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) +slacked pipenv parser ([`08bc4ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) * Merge pull request #43 from jkowalleck/improv-conda-typehints -fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) +fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) * Merge pull request #54 from jkowalleck/create-CODEOWNERS -created CODEOWNERS ([`7f28bef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) +created CODEOWNERS ([`7f28bef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) * Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 -poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) +poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) * Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 -poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) +poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) * Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 -poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) +poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) * poetry(deps): bump py from 1.10.0 to 1.11.0 @@ -2372,219 +2638,398 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) +Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) + +* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 + +poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) + +* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 + +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) + +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) + +* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 + +poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) + +* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) + +* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 + +Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) + +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) + +* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 + +Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. +- [Release notes](https://github.com/pypa/virtualenv/releases) +- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) +- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) + +--- +updated-dependencies: +- dependency-name: virtualenv + dependency-type: indirect + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) + +* created CODEOWNERS + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) + +* fixed typehints/docs in `_BaseCondaParser` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) + +* slacked pipenv parser + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) + +* fixed some abstract definitions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) + + +## v0.10.2 (2021-10-21) + +### Fix + +* fix: correct way to write utf-8 encoded files + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) + +### Unknown + +* 0.10.2 + +Automatically generated by python-semantic-release ([`79538e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) + + +## v0.10.1 (2021-10-21) + +### Fix + +* fix: ensure output to file is UTF-8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) + +* fix: ensure output to file is UTF-8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) + +### Unknown + +* 0.10.1 + +Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) + +* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError + +FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) + +* remove memoryview from sha1 file hashing + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) + +* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) + + +## v0.10.0 (2021-10-20) + +### Feature + +* feat: add support for Conda + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) + +### Unknown + +* 0.10.0 + +Automatically generated by python-semantic-release ([`eea3598`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) + +* Merge pull request #38 from CycloneDX/feat/conda-support + +feat: add support for Conda ([`ee5d36d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) + +* add support pre Python 3.8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) + +* doc: updated documentation with Conda support (and missed updates for externalReferences) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) + + +## v0.9.1 (2021-10-19) + +### Fix + +* fix: missing check for Classifiers in Environment Parser + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) + +### Unknown + +* 0.9.1 + +Automatically generated by python-semantic-release ([`f132c92`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) + + +## v0.9.0 (2021-10-19) + +### Feature + +* feat: add support for parsing package licenses when using the `Environment` Parsers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) + +### Unknown + +* 0.9.0 + +Automatically generated by python-semantic-release ([`ad65564`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) + +* Merge pull request #36 from CycloneDX/feat/add-license-support + +Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) + + +## v0.8.3 (2021-10-14) + +### Fix + +* fix: coding standards violations + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) + +* fix: handle `Pipfile.lock` dependencies without an `index` specified +fix: multiple fixes in variable scoping to prevent accidental data sharing + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) + +### Unknown + +* 0.8.3 + +Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) -* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 +* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure -poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) +BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) +## v0.8.2 (2021-10-14) ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-major -... +### Fix -Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) +* fix: add namespace and subpath support to Component to complete PackageURL Spec support -* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) -poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +### Unknown -* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) +* 0.8.2 -* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 +Automatically generated by python-semantic-release ([`298318f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) -Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) +* Merge pull request #32 from CycloneDX/feat/full-packageurl-support ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-major -... +Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) -Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) -* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 +## v0.8.1 (2021-10-12) -Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. -- [Release notes](https://github.com/pypa/virtualenv/releases) -- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) -- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) +### Fix ---- -updated-dependencies: -- dependency-name: virtualenv - dependency-type: indirect - update-type: version-update:semver-minor -... +* fix: multiple hashes being created for an externalRefernce which is not as required -Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) -* created CODEOWNERS +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) +* 0.8.1 -* fixed typehints/docs in `_BaseCondaParser` +Automatically generated by python-semantic-release ([`70689a2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) -* slacked pipenv parser +## v0.8.0 (2021-10-12) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) +### Feature -* fixed some abstract definitions +* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) -* 0.10.2 +### Unknown -Automatically generated by python-semantic-release ([`79538e9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) +* 0.8.0 -* 0.10.1 +Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) -Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) +* Merge pull request #29 from CycloneDX/feat/component-external-references -* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError +FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) -FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) +* doc: notable improvements to API documentation generation (added search, branding, a little styling) -* remove memoryview from sha1 file hashing +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) -* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows +## v0.7.0 (2021-10-11) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) +### Feature -* 0.10.0 +* feat: support for pipenv.lock file parsing -Automatically generated by python-semantic-release ([`eea3598`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) -* Merge pull request #38 from CycloneDX/feat/conda-support +### Unknown -feat: add support for Conda ([`ee5d36d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) +* 0.7.0 -* add support pre Python 3.8 +Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) +* Merge pull request #27 from CycloneDX/feat/add-pipenv-support -* doc: updated documentation with Conda support (and missed updates for externalReferences) +FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) +* doc: updated README.md to include Pipfile.lock parsing -* 0.9.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) -Automatically generated by python-semantic-release ([`f132c92`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) +## v0.6.2 (2021-10-11) -* 0.9.0 +### Fix -Automatically generated by python-semantic-release ([`ad65564`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) +* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances -* Merge pull request #36 from CycloneDX/feat/add-license-support +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) +### Unknown -* 0.8.3 +* 0.6.2 -Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) +Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) -* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -* 0.8.2 +## v0.6.1 (2021-10-11) -Automatically generated by python-semantic-release ([`298318f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) +### Fix -* Merge pull request #32 from CycloneDX/feat/full-packageurl-support +* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance -Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) -* 0.8.1 +### Unknown -Automatically generated by python-semantic-release ([`70689a2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) +* 0.6.1 -* 0.8.0 +Automatically generated by python-semantic-release ([`c530460`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) -Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) -* Merge pull request #29 from CycloneDX/feat/component-external-references -FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) +## v0.6.0 (2021-10-11) -* doc: notable improvements to API documentation generation (added search, branding, a little styling) +### Feature -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) +* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 -* 0.7.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) -Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) +* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component -* Merge pull request #27 from CycloneDX/feat/add-pipenv-support +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) -FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +### Unknown -* doc: updated README.md to include Pipfile.lock parsing +* 0.6.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) +Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) -* 0.6.2 +* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov -Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) +Support for representing File as Component ([`63a86b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -* 0.6.1 +## v0.5.0 (2021-10-11) -Automatically generated by python-semantic-release ([`c530460`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) +### Build + +* build: updated dependencies, moved pdoc3 to a dev dependency -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) -* 0.6.0 +### Feature + +* feat: add support for tool(s) that generated the SBOM -Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) -* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov +### Fix + +* fix: bumped a dependency version + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) -Support for representing File as Component ([`63a86b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) +### Unknown * 0.5.0 -Automatically generated by python-semantic-release ([`a655d29`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) +Automatically generated by python-semantic-release ([`a655d29`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) * Merge pull request #20 from CycloneDX/feat/additional-metadata -feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) +feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) * fix for Pytho< 3.8 support in tests -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) * doc: added documentation -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) * poetry(deps): bump zipp from 3.5.0 to 3.6.0 @@ -2600,256 +3045,434 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) * doc: bumped gh-action for publishing docs -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) * doc: added documentation to model/bom -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) * doc: formatting -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) * doc: added missing docstrings to allow documentation to generate -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) * Merge pull request #10 from coderpatros/docs -Add initial doc generation and publishing ([`7873ad9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) +Add initial doc generation and publishing ([`7873ad9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) + + +## v0.4.1 (2021-09-27) + +### Build + +* build: dependencies updated + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) + +### Fix + +* fix: improved handling for `requirements.txt` content without pinned or declared versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) + +### Unknown * 0.4.1 -Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) +Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) * Merge pull request #15 from CycloneDX/fix/issue-14-requirements-unpinned-versions -fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) +fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) * Add initial doc generation and publishing -Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) +Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) + + +## v0.4.0 (2021-09-16) + +### Feature + +* feat: support for localising vectors (i.e. stripping out any scheme prefix) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) + +* feat: helper methods for deriving Severity and SourceType + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) + +### Fix + +* fix: removed print call + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) + +* fix: relaxed typing of parameter to be compatible with Python < 3.9 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) + +* fix: removed print call + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) + +* fix: remove unused commented out code + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) + +### Unknown * 0.4.0 -Automatically generated by python-semantic-release ([`f441413`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) +Automatically generated by python-semantic-release ([`f441413`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) + + +## v0.3.0 (2021-09-15) + +### Feature + +* feat: adding support for extension schema that descriptions vulnerability disclosures + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) + +### Unknown * 0.3.0 -Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) +Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) * Merge pull request #5 from CycloneDX/feat/support-schema-extension-vulnerability-1.0 -FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) +FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) * doc: updated README to explain support for Vulnerability Disclosures -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) + + +## v0.2.0 (2021-09-14) + +### Feature + +* feat: added helper method to return a PackageURL object representing a Component + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) + +### Fix + +* fix: whitespace on empty line removed + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) + +### Unknown * 0.2.0 -Automatically generated by python-semantic-release ([`866eda7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) +Automatically generated by python-semantic-release ([`866eda7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) * Merge pull request #4 from CycloneDX/feat/component-as-packageurl -fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) +fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) + + +## v0.1.0 (2021-09-13) + +### Feature + +* feat: add poetry support + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) + +### Unknown * 0.1.0 -Automatically generated by python-semantic-release ([`0da668f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) +Automatically generated by python-semantic-release ([`0da668f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) * Merge pull request #3 from CycloneDX/feat/poetry-lock-support -FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) +FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) * feat(parser) - added support for parsing dependencies from poetry.lock files. -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) * fix(parser) parsers were able to share state unexpectedly -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) + + +## v0.0.11 (2021-09-10) + +### Fix + +* fix(test): test was not updated for revised author statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) + +* fix(build): test failure and dependency missing + +Fixed failing tests due to dependency on now removed VERSION file +Added flake8 officially as a DEV dependency to poetry + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) + +* fix(build): removed artefacts associtated with non-poetry build + +Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) + +### Unknown * 0.0.11 -Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) +Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) * Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip -fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) +fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) + + +## v0.0.10 (2021-09-08) + +### Fix + +* fix: add in pypi badge ([`6098c36`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) + +### Unknown * 0.0.10 -Automatically generated by python-semantic-release ([`245d809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) +Automatically generated by python-semantic-release ([`245d809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) + + +## v0.0.9 (2021-09-08) + +### Fix + +* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) + +### Unknown * 0.0.9 -Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) +Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) + + +## v0.0.8 (2021-09-08) + +### Fix + +* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) +### Unknown * 0.0.8 -Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) +Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) + + +## v0.0.7 (2021-09-08) + +### Fix + +* fix: release with full name ([`4c620ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) +### Unknown * 0.0.7 -Automatically generated by python-semantic-release ([`19943e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) +Automatically generated by python-semantic-release ([`19943e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) + + +## v0.0.6 (2021-09-08) + +### Fix + +* fix: initial release to pypi ([`99687db`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) + +### Unknown * 0.0.6 -Automatically generated by python-semantic-release ([`98ad249`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) +Automatically generated by python-semantic-release ([`98ad249`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) -* Switch to using action ([`cce468a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) +* Switch to using action ([`cce468a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) + + +## v0.0.5 (2021-09-08) + +### Unknown * 0.0.5 -Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) +Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) -* Try this on for size ([`aa93310`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) +* Try this on for size ([`aa93310`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) + + +## v0.0.4 (2021-09-08) + +### Unknown * 0.0.4 -Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) +Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) -* Use python3 to install ([`4c810e1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) +* Use python3 to install ([`4c810e1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) + + +## v0.0.3 (2021-09-08) + +### Unknown * 0.0.3 -Automatically generated by python-semantic-release ([`05306ee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) +Automatically generated by python-semantic-release ([`05306ee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) -* Bump up version of poetry ([`89db268`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) +* Bump up version of poetry ([`89db268`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) + + +## v0.0.2 (2021-09-08) + +### Unknown * 0.0.2 -Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) +Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) -* Remove check for push ([`71b1270`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) +* Remove check for push ([`71b1270`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) -* Manual deploy workflow ([`9b4ac33`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) +* Manual deploy workflow ([`9b4ac33`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) -* License headers, OWASP etc... ([`559b8d2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) +* License headers, OWASP etc... ([`559b8d2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) -* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) +* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) -* Bump to version 0.0.2 ([`1050839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) +* Bump to version 0.0.2 ([`1050839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) -* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) +* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) -* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) +* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) -* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) +* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) * Merge pull request #1 from sonatype-nexus-community/features/initial-port-of-v1.1-generation-from-jake -Initial port of library code to new library ([`2f2634b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) +Initial port of library code to new library ([`2f2634b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) -* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) +* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) -* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) +* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) -* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) +* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) -* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) +* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) -* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) +* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) -* Fixing CircleCI config. ([`a446f4c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) +* Fixing CircleCI config. ([`a446f4c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) -* Fixes to GitHub actions. ([`d2aa277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) +* Fixes to GitHub actions. ([`d2aa277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) -* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) +* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) -* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) +* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) -* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) +* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) -* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) +* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) -* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) +* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) -* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) +* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) -* Fixed typo in Github action. ([`3953675`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) +* Fixed typo in Github action. ([`3953675`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) -* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) +* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) -* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) +* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) -* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) +* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) -* Added Poetry supprot. ([`e9a67f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) +* Added Poetry supprot. ([`e9a67f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) -* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) +* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) -* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) +* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) -* Updated README to reflect support for author. ([`bff5954`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) +* Updated README to reflect support for author. ([`bff5954`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) -* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) +* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) -* Corrected typo in README ([`0d2c355`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) +* Corrected typo in README ([`0d2c355`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) -* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) +* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) -* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) +* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) -* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) +* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) -* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) +* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) -* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) +* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) -* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) +* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) -* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) +* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) -* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) +* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) -* Added HTML coverage report. ([`ce700e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) +* Added HTML coverage report. ([`ce700e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) -* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) +* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) -* Added coverage reporting for tests ([`c34b1a6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) +* Added coverage reporting for tests ([`c34b1a6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) -* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) +* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) -* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) +* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) -* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) +* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) -* Rebasing from main. ([`822ab8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) +* Rebasing from main. ([`822ab8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) -* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) +* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) -* pretty badge ([`60e975c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) +* pretty badge ([`60e975c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) -* initial CI for discussion ([`7e88cd5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) +* initial CI for discussion ([`7e88cd5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) -* Added a little more information to the README. ([`460c624`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) +* Added a little more information to the README. ([`460c624`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) -* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) +* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) -* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) +* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) -* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) +* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) -* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) +* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) -* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) +* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) -* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) +* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) -* Initial commit ([`62353b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) +* Initial commit ([`62353b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 1809a0e2..daefd93d 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "1.0.0" # noqa:Q000 +__version__ = "8.3.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 27ff176a..5890b293 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '1.0.0' +release = '8.3.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 29c6c561..82f08931 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "1.0.0" +version = "8.3.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From e28ea694fb36d865fc2cf43a8c88eee5c0434a22 Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Mon, 14 Oct 2024 18:36:24 -0400 Subject: [PATCH 09/37] chore: fix the typo Signed-off-by: Saquib Saifee From a152395af293954a982123d8bbd83fec0a8c47c2 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 15 Oct 2024 16:42:15 +0200 Subject: [PATCH 10/37] chore(docs): link python test snapshots docs Signed-off-by: Jan Kowalleck From 30ab6e0e60d1d2f2601519d0de8d1d27aafb519c Mon Sep 17 00:00:00 2001 From: weichslgartner Date: Wed, 23 Oct 2024 20:31:25 +0200 Subject: [PATCH 11/37] chore: fix pre-commit hook for mypy (#723) Fixes #721 Signed-off-by: weichslgartner From f1a5839628c53e3726951d052cafe098448cdf8d Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Sun, 27 Oct 2024 15:45:25 -0400 Subject: [PATCH 12/37] Revert "Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib" This reverts commit 969b58b301d7e09a1615306dc2ef1e7c7c97ca77, reversing changes made to a38d55f4a5e611c1ecdf8b4f8dfcdc2f1223bf2e. --- CHANGELOG.md | 1952 +++++++++++++++++++++++++------------------------- 1 file changed, 976 insertions(+), 976 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ec7d0edf..0423d5d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,10 +14,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https: * feat: add basic support for Definitions (#701) - - ---------- - + + +--------- + Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) @@ -45,21 +45,21 @@ Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://gith * docs: fix code examples regarding outputting (#709) - - + + Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) ### Feature * feat: add support for Lifecycles in BOM metadata (#698) - - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> + + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) @@ -69,46 +69,46 @@ Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https * feat!: v8.0.0 (#665) -### BREAKING Changes - -* Removed `cyclonedx.mode.ThisTool`, utilize `cyclonedx.builder.this.this_tool()` instead. -* Moved `cyclonedx.model.Tool` to `cyclonedx.model.tool.Tool`. -* Property `cyclonedx.mode.bom.BomMetaData.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. - The getter will act accordingly; the setter might act in a backwards-compatible way. -* Property `cyclonedx.mode.vulnerability.Vulnerability.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. - The getter will act accordingly; the setter might act in a backwards-compatible way. -* Constructor `cyclonedx.model.license.LicenseExpression()` accepts optional argument `acknowledgement` only as key-word argument, no longer as positional argument. - - -### Changes - -* Constructor of `cyclonedx.model.bom.BomMetaData` also accepts an instance of `cyclonedx.model.tool.ToolRepository` for argument `tools`. -* Constructor of `cyclonedx.model.bom.BomMetaData` no longer adds this very library as a tool. - Downstream users SHOULD add it manually, like `my-bom.metadata.tools.components.add(cyclonedx.builder.this.this_component())`. - -### Fixes - -* Deserialization of CycloneDX that do not include tools in the metadata are no longer unexpectedly modified/altered. - -### Added - -Enabled Metadata Tools representation and serialization in accordance with CycloneDX 1.5 - -* New class `cyclonedx.model.tool.ToolRepository`. -* New function `cyclonedx.builder.this.this_component()` -- representation of this very python library as a `Component`. -* New function `cyclonedx.builder.this.this_tool()` -- representation of this very python library as a `Tool`. -* New function `cyclonedx.model.tool.Tool.from_component()`. - -### Dependencies - -* Raised runtime dependency `py-serializable>=1.1.1,<2`, was `>=1.1.0,<2`. - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Joshua Kugler <tek30584@adobe.com> -Signed-off-by: semantic-release <semantic-release@bot.local> -Co-authored-by: Joshua Kugler <joshua@azariah.com> +### BREAKING Changes + +* Removed `cyclonedx.mode.ThisTool`, utilize `cyclonedx.builder.this.this_tool()` instead. +* Moved `cyclonedx.model.Tool` to `cyclonedx.model.tool.Tool`. +* Property `cyclonedx.mode.bom.BomMetaData.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. + The getter will act accordingly; the setter might act in a backwards-compatible way. +* Property `cyclonedx.mode.vulnerability.Vulnerability.tools` is of type `cyclonedx.model.tool.ToolRepository` now, was `SortedSet[cyclonedx.model.Tool]`. + The getter will act accordingly; the setter might act in a backwards-compatible way. +* Constructor `cyclonedx.model.license.LicenseExpression()` accepts optional argument `acknowledgement` only as key-word argument, no longer as positional argument. + + +### Changes + +* Constructor of `cyclonedx.model.bom.BomMetaData` also accepts an instance of `cyclonedx.model.tool.ToolRepository` for argument `tools`. +* Constructor of `cyclonedx.model.bom.BomMetaData` no longer adds this very library as a tool. + Downstream users SHOULD add it manually, like `my-bom.metadata.tools.components.add(cyclonedx.builder.this.this_component())`. + +### Fixes + +* Deserialization of CycloneDX that do not include tools in the metadata are no longer unexpectedly modified/altered. + +### Added + +Enabled Metadata Tools representation and serialization in accordance with CycloneDX 1.5 + +* New class `cyclonedx.model.tool.ToolRepository`. +* New function `cyclonedx.builder.this.this_component()` -- representation of this very python library as a `Component`. +* New function `cyclonedx.builder.this.this_tool()` -- representation of this very python library as a `Tool`. +* New function `cyclonedx.model.tool.Tool.from_component()`. + +### Dependencies + +* Raised runtime dependency `py-serializable>=1.1.1,<2`, was `>=1.1.0,<2`. + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Joshua Kugler <tek30584@adobe.com> +Signed-off-by: semantic-release <semantic-release@bot.local> +Co-authored-by: Joshua Kugler <joshua@azariah.com> Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) ### Documentation @@ -130,10 +130,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https: * fix: behavior of and typing for crypto setters with optional values (#694) -fixes #690 - ---------- - +fixes #690 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) @@ -143,10 +143,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https: * fix: file copyright headers (#676) -utilizes flake8 plugin -<https://pypi.org/project/flake8-copyright-validator/> to assert the -correct headers - +utilizes flake8 plugin +<https://pypi.org/project/flake8-copyright-validator/> to assert the +correct headers + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) @@ -156,16 +156,16 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https: * feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) -The code mistreated hashes for Blake2b and SHA3. -Code for explicitly handling SHA1 & BLAKE3 was added, as those have no -variants defined in the CycloneDX specification. - -fixes #652 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +The code mistreated hashes for Blake2b and SHA3. +Code for explicitly handling SHA1 & BLAKE3 was added, as those have no +variants defined in the CycloneDX specification. + +fixes #652 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) @@ -175,10 +175,10 @@ Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https * fix: XML serialize `normalizedString` and `token` properly (#646) -fixes #638 - ---------- - +fixes #638 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) @@ -188,14 +188,14 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https: * feat: add workaround property for v1.5 and v1.6 (#642) -Property `workaround` was missing from the vulnerability model. It was -added in spec v1.5 and was marked as TODO before. - -This is my first contribution on this project so if I done something -wrong, just say me :smiley: - -Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> -Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> +Property `workaround` was missing from the vulnerability model. It was +added in spec v1.5 and was marked as TODO before. + +This is my first contribution on this project so if I done something +wrong, just say me :smiley: + +Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> +Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) @@ -205,26 +205,26 @@ Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5 * docs: exclude dep bumps from changelog (#627) -fixes #616 - ---------- - +fixes #616 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) ### Fix * fix: `cyclonedx.model.Property.value` value is optional (#631) -`cyclonedx.model.Property.value` value is optional, in accordance with -the spec. - -fixes #630 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +`cyclonedx.model.Property.value` value is optional, in accordance with +the spec. + +fixes #630 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) @@ -249,10 +249,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https: * fix: allow suppliers with empty-string names (#611) -fixes #600 - ---------- - +fixes #600 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) @@ -262,10 +262,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https: * fix: json validation allow arbitrary `$schema` value (#613) -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 - ---------- - +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) @@ -275,14 +275,14 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https: * fix: properly sort components based on all properties (#599) -reverts #587 - as this one introduced errors -fixes #598 -fixes #586 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> +reverts #587 - as this one introduced errors +fixes #598 +fixes #586 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) @@ -292,8 +292,8 @@ Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://g * fix: include all fields of `Component` in `__lt__` function for #586 (#587) -Fixes #586. - +Fixes #586. + Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) @@ -303,8 +303,8 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://gi * feat: license factory set `acknowledgement` (#593) -add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. - +add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) @@ -314,9 +314,9 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https: * feat: disjunctive license acknowledgement (#591) - ---------- - + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) ### Unknown @@ -347,143 +347,143 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://gi * feat!: Support for CycloneDX v1.6 -* added draft v1.6 schemas and boilerplate for v1.6 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* re-generated test snapshots for v1.6 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* note `bom.metadata.manufacture` as deprecated - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* work on `bom.metadata` for v1.6 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* Deprecated `.component.author`. Added `.component.authors` and `.component.manufacturer` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* work to add `.component.omniborid` - but tests deserialisation tests fail due to schema differences (`.component.author` not in 1.6) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* work to get deserialization tests passing - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore(deps): bump `py-serializable` to >=1.0.3 to resolve issues with deserialization to XML - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* imports tidied - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* properly added `.component.swhid` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* add `.component.cryptoProperties` - with test failures for SchemaVersion < 1.6 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* typing and bandit ignores - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* coding standards - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* test filtering - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* coding standards - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* additional tests to increase code coverage - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* corrected CryptoMode enum - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* coding standards - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* Added `address` to `organizationalEntity` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* Added `address` to `organizationalEntity` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* raise `UserWarning` in `.component.version` has length > 1024 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* coding standards and typing - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* add `acknowledgement` to `LicenseExpression` (#582) - - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* more proper way to filter test cases - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* update schema to published versions - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fetch schema 1.6 JSON - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fetch test data for CDX 1.6 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* reformat - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* reformat - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* refactor - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* style - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* refactor - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - ---------- - -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* added draft v1.6 schemas and boilerplate for v1.6 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* re-generated test snapshots for v1.6 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* note `bom.metadata.manufacture` as deprecated + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* work on `bom.metadata` for v1.6 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* Deprecated `.component.author`. Added `.component.authors` and `.component.manufacturer` + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* work to add `.component.omniborid` - but tests deserialisation tests fail due to schema differences (`.component.author` not in 1.6) + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* work to get deserialization tests passing + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore(deps): bump `py-serializable` to >=1.0.3 to resolve issues with deserialization to XML + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* imports tidied + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* properly added `.component.swhid` + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* add `.component.cryptoProperties` - with test failures for SchemaVersion < 1.6 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* typing and bandit ignores + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* coding standards + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* test filtering + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* coding standards + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* additional tests to increase code coverage + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* corrected CryptoMode enum + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* coding standards + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* Added `address` to `organizationalEntity` + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* Added `address` to `organizationalEntity` + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* raise `UserWarning` in `.component.version` has length > 1024 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* coding standards and typing + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* add `acknowledgement` to `LicenseExpression` (#582) + + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* more proper way to filter test cases + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* update schema to published versions + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fetch schema 1.6 JSON + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fetch test data for CDX 1.6 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* reformat + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* reformat + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* refactor + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* style + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* refactor + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +--------- + +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) @@ -493,8 +493,8 @@ Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https * fix: wrong extra name for xml validation (#571) - - + + Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) @@ -504,12 +504,12 @@ Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`]( * fix: serialization of `model.component.Diff` (#557) -Fixes #556 - ---------- - -Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Fixes #556 + +--------- + +Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) @@ -525,8 +525,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https: * docs: update architecture description and examples (#550) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) * docs: exclude internal docs from rendering (#545) @@ -560,11 +560,11 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https: * fix: `model.BomRef` no longer equal to unset peers (#543) - fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) - - ---------- - + fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) + + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) @@ -628,18 +628,18 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https: * feat: allow `lxml` requirement in range of `>=4,<6` (#523) -Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. -- [Release notes](https://github.com/lxml/lxml/releases) -- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) -- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) - ---- -updated-dependencies: -- dependency-name: lxml - dependency-type: direct:production -... - -Signed-off-by: dependabot[bot] <support@github.com> +Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. +- [Release notes](https://github.com/lxml/lxml/releases) +- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) +- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) + +--- +updated-dependencies: +- dependency-name: lxml + dependency-type: direct:production +... + +Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) ### Unknown @@ -655,8 +655,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https: * feat: add function to map python `hashlib` algorithms to CycloneDX (#519) -new API: `model.HashType.from_hashlib_alg()` - +new API: `model.HashType.from_hashlib_alg()` + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) @@ -666,94 +666,94 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https: * feat!: v6.0.0 (#492) -### Breaking Changes - -* Removed symbols that were already marked as deprecated (via [#493]) -* Removed symbols in `parser.*` ([#489] via [#495]) -* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) -* Serialization of unsupported enum values might downgrade/migrate/omit them ([#490] via [#496]) - Handling might raise warnings if a data loss occurred due to omitting. - The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered. -* Serialization of any `model.component.Component` with unsupported `type` raises `exception.serialization.SerializationOfUnsupportedComponentTypeException` ([#490] via [#496]) -* Object `model.bom_ref.BomRef`'s property `value` defaults to `Null`, was arbitrary `UUID` ([#504] via [#505]) - This change does not affect serialization. All `bom-ref`s are guaranteed to have unique values on rendering. -* Removed helpers from public API ([#503] via [#506]) - -### Added - -* Basic support for CycloneDX 1.5 ([#404] via [#488]) - * No data models were enhanced nor added, yet. - Pull requests to add functionality are welcome. - * Existing enumerable got new cases, to reflect features of CycloneDX 1.5 ([#404] via [#488]) - * Outputters were enabled to render CycloneDX 1.5 ([#404] via [#488]) - -### Tests - -* Created (regression/unit/integration/functional) tests for CycloneDX 1.5 ([#404] via [#488]) -* Created (regression/functional) tests for Enums' handling and completeness ([#490] via [#496]) - -### Misc - -* Bumped dependency `py-serializable@^0.16`, was `@^0.15` (via [#496]) - - ----- - -### API Changes — the details for migration - -* Added new sub-package `exception.serialization` (via [#496]) -* Removed class `models.ComparableTuple` ([#503] via [#506]) -* Enum `model.ExternalReferenceType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) -* Removed function `models.get_now_utc` ([#503] via [#506]) -* Removed function `models.sha1sum` ([#503] via [#506]) -* Enum `model.component.ComponentType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) -* Removed `model.component.Component.__init__()`'s deprecated optional kwarg `namespace` (via [#493]) - Use kwarg `group` instead. -* Removed `model.component.Component.__init__()`'s deprecated optional kwarg `license_str` (via [#493]) - Use kwarg `licenses` instead. -* Removed deprecated method `model.component.Component.get_namespace()` (via [#493]) -* Removed class `models.dependency.DependencyDependencies` ([#503] via [#506]) -* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_name` (via [#493]) - Use kwarg `source` instead. -* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_url` (via [#493]) - Use kwarg `source` instead. -* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `recommendations` (via [#493]) - Use kwarg `recommendation` instead. -* Removed `model.vulnerability.VulnerabilityRating.__init__()`'s deprecated optional kwarg `score_base` (via [#493]) - Use kwarg `score` instead. -* Enum `model.vulnerability.VulnerabilityScoreSource` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) -* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) -* Removed deprecated function `output.get_instance()` (via [#493]) - Use function `output.make_outputter()` instead. -* Added new class `output.json.JsonV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) -* Added new item to dict `output.json.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) -* Added new class `output.xml.XmlV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) -* Added new item to dict `output.xml.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) -* Removed class `parser.ParserWarning` ([#489] via [#495]) -* Removed class `parser.BaseParser` ([#489] via [#495]) -* Enum `schema.SchemaVersion` got new case `V1_5`, to reflect CycloneDX 1.5 ([#404] via [#488]) - - -[#404]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/404 -[#488]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/488 -[#489]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/489 -[#490]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/490 -[#491]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/491 -[#493]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/493 -[#494]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/494 -[#495]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/495 -[#496]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/496 -[#503]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/503 -[#504]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/504 -[#505]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/505 -[#506]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/506 - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: semantic-release <semantic-release> -Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +### Breaking Changes + +* Removed symbols that were already marked as deprecated (via [#493]) +* Removed symbols in `parser.*` ([#489] via [#495]) +* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) +* Serialization of unsupported enum values might downgrade/migrate/omit them ([#490] via [#496]) + Handling might raise warnings if a data loss occurred due to omitting. + The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered. +* Serialization of any `model.component.Component` with unsupported `type` raises `exception.serialization.SerializationOfUnsupportedComponentTypeException` ([#490] via [#496]) +* Object `model.bom_ref.BomRef`'s property `value` defaults to `Null`, was arbitrary `UUID` ([#504] via [#505]) + This change does not affect serialization. All `bom-ref`s are guaranteed to have unique values on rendering. +* Removed helpers from public API ([#503] via [#506]) + +### Added + +* Basic support for CycloneDX 1.5 ([#404] via [#488]) + * No data models were enhanced nor added, yet. + Pull requests to add functionality are welcome. + * Existing enumerable got new cases, to reflect features of CycloneDX 1.5 ([#404] via [#488]) + * Outputters were enabled to render CycloneDX 1.5 ([#404] via [#488]) + +### Tests + +* Created (regression/unit/integration/functional) tests for CycloneDX 1.5 ([#404] via [#488]) +* Created (regression/functional) tests for Enums' handling and completeness ([#490] via [#496]) + +### Misc + +* Bumped dependency `py-serializable@^0.16`, was `@^0.15` (via [#496]) + + +---- + +### API Changes — the details for migration + +* Added new sub-package `exception.serialization` (via [#496]) +* Removed class `models.ComparableTuple` ([#503] via [#506]) +* Enum `model.ExternalReferenceType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) +* Removed function `models.get_now_utc` ([#503] via [#506]) +* Removed function `models.sha1sum` ([#503] via [#506]) +* Enum `model.component.ComponentType` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) +* Removed `model.component.Component.__init__()`'s deprecated optional kwarg `namespace` (via [#493]) + Use kwarg `group` instead. +* Removed `model.component.Component.__init__()`'s deprecated optional kwarg `license_str` (via [#493]) + Use kwarg `licenses` instead. +* Removed deprecated method `model.component.Component.get_namespace()` (via [#493]) +* Removed class `models.dependency.DependencyDependencies` ([#503] via [#506]) +* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_name` (via [#493]) + Use kwarg `source` instead. +* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `source_url` (via [#493]) + Use kwarg `source` instead. +* Removed `model.vulnerability.Vulnerability.__init__()`'s deprecated optional kwarg `recommendations` (via [#493]) + Use kwarg `recommendation` instead. +* Removed `model.vulnerability.VulnerabilityRating.__init__()`'s deprecated optional kwarg `score_base` (via [#493]) + Use kwarg `score` instead. +* Enum `model.vulnerability.VulnerabilityScoreSource` got new cases, to reflect features for CycloneDX 1.5 ([#404] via [#488]) +* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) +* Removed deprecated function `output.get_instance()` (via [#493]) + Use function `output.make_outputter()` instead. +* Added new class `output.json.JsonV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) +* Added new item to dict `output.json.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) +* Added new class `output.xml.XmlV1Dot5`, to reflect CycloneDX 1.5 ([#404] via [#488]) +* Added new item to dict `output.xml.BY_SCHEMA_VERSION`, to reflect CycloneDX 1.5 ([#404] via [#488]) +* Removed class `parser.ParserWarning` ([#489] via [#495]) +* Removed class `parser.BaseParser` ([#489] via [#495]) +* Enum `schema.SchemaVersion` got new case `V1_5`, to reflect CycloneDX 1.5 ([#404] via [#488]) + + +[#404]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/404 +[#488]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/488 +[#489]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/489 +[#490]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/490 +[#491]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/491 +[#493]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/493 +[#494]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/494 +[#495]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/495 +[#496]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/496 +[#503]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/503 +[#504]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/504 +[#505]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/505 +[#506]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/506 + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: semantic-release <semantic-release> +Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) @@ -769,10 +769,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https: * feat: `model.XsUri` migrate control characters according to spec (#498) -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 - ---------- - +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) @@ -797,8 +797,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https: * feat: guarantee unique `BomRef`s in serialization result (#479) -Incorporate `output.BomRefDiscriminator` on serialization - +Incorporate `output.BomRefDiscriminator` on serialization + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) @@ -829,122 +829,122 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https: * feat!: v5.0.0 (#440) -BREAKING CHANGES ----------------- -* Dropped support for python<3.8 ([#436] via [#441]; enable [#433]) -* Reworked license related models, collections, and factories ([#365] via [#466]) -* Behavior - * Method `model.bom.Bom.validate()` will throw `exception.LicenseExpressionAlongWithOthersException`, if detecting invalid license constellation ([#453] via [#452]) - * Fixed tuple comparison when unequal lengths (via [#461]) -* API - * Enum `schema.SchemaVersion` is no longer string-like ([#442] via [#447]) - * Enum `schema.OutputVersion` is no longer string-like ([#442] via [#447]) - * Abstract class `output.BaseOutput` requires implementation of new method `output_format` ([#446] via [#447]) - * Abstract method `output.BaseOutput.output_as_string()` got new optional parameter `indent` ([#437] via [#458]) - * Abstract method `output.BaseOutput.output_as_string()` accepts arbitrary kwargs (via [#458], [#462]) - * Removed class `factory.license.LicenseChoiceFactory` (via [#466]) - The old functionality was integrated into `factory.license.LicenseFactory`. - * Method `factory.license.LicenseFactory.make_from_string()`'s parameter `name_or_spdx` was renamed to `value` (via [#466]) - * Method `factory.license.LicenseFactory.make_from_string()`'s return value can also be a `LicenseExpression` ([#365] via [#466]) - The behavior imitates the old `factory.license.LicenseChoiceFactory.make_from_string()` - * Renamed class `module.License` to `module.license.DisjunctliveLicense` ([#365] via [#466]) - * Removed class `module.LicenseChoice` ([#365] via [#466]) - Use dedicated classes `module.license.DisjunctliveLicense` and `module.license.LicenseExpression` instead - * All occurrences of `models.LicenseChoice` were replaced by `models.licenses.License` ([#365] via [#466]) - * All occurrences of `SortedSet[LicenseChoice]` were specialized to `models.license.LicenseRepository` ([#365] via [#466]) - - -Fixed ----------------- -* Serialization of multy-licenses ([#365] via [#466]) -* Detect unused "dependent" components in `model.bom.validate()` (via [#464]) - - -Changed ----------------- -* Updated latest supported list of supported SPDX license identifiers (via [#433]) -* Shipped schema files are moved to a protected space (via [#433]) - These files were never intended for public use. -* XML output uses a default namespace, which makes results smaller. ([#438] via [#458]) - - -Added ----------------- -* Support for Python 3.12 (via [#460]) -* JSON- & XML-Validators ([#432], [#446] via [#433], [#448]) - The functionality might require additional dependencies, that can be installed with the extra "validation". - See the docs in section "Installation" for details. -* JSON & XML can be generated in a more human-friendly form ([#437], [#438] via [#458]) -* Type hints, typings & overloads for better integration downstream (via [#463]) -* API - * New function `output.make_outputter()` (via [#469]) - This replaces the deprecated function `output.get_instance()`. - * New sub-package `validation` ([#432], [#446] via [#433], [#448], [#469], [#468], [#469]) - * New class `exception.MissingOptionalDependencyException` ([#432] via [#433]) - * New class `exception.LicenseExpressionAlongWithOthersException` ([#453] via [#452]) - * New dictionaries `output.{json,xml}.BY_SCHEMA_VERSION` ([#446] via [#447]) - * Existing implementations of class `output.BaseOutput` now have a new method `output_format` ([#446] via [#447]) - * Existing implementations of method `output.BaseOutput.output_as_string()` got new optional parameter `indent` ([#437] via [#458]) - * Existing implementations of method `output.BaseOutput.output_to_file()` got new optional parameter `indent` ([#437] via [#458]) - * New method `factory.license.LicenseFactory.make_with_expression()` (via [#466]) - * New class `model.license.DisjunctiveLicense` ([#365] via [#466]) - * New class `model.license.LicenseExpression` ([#365] via [#466]) - * New class `model.license.LicenseRepository` ([#365] via [#466]) - * New class `serialization.LicenseRepositoryHelper` ([#365] via [#466]) - - -Deprecated ----------------- -* Function `output.get_instance()` might be removed, use `output.make_outputter()` instead (via [#469]) - - -Tests ----------------- -* Added validation tests with official CycloneDX schema test data ([#432] via [#433]) -* Use proper snapshots, instead of pseudo comparison ([#437] via [#464]) -* Added regression test for bug [#365] (via [#466], [#467]) - - -Misc ----------------- -* Dependencies: bumped `py-serializable@^0.15.0`, was `@^0.11.1` (via [#458], [#463], [#464], [#466]) -* Style: streamlined quotes and strings (via [#472]) -* Chore: bumped internal dev- and QA-tools ([#436] via [#441], [#472]) -* Chore: added more QA tools to prevent common security issues (via [#473]) - - -[#432]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/432 -[#433]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/433 -[#436]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/436 -[#437]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/437 -[#365]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/365 -[#438]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/438 -[#440]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/440 -[#441]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/441 -[#442]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/442 -[#446]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/446 -[#447]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/447 -[#448]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/448 -[#452]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/452 -[#453]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/453 -[#458]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/458 -[#460]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/460 -[#461]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/461 -[#462]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/462 -[#463]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/463 -[#464]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/464 -[#466]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/466 -[#467]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/467 -[#468]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/468 -[#469]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/469 -[#472]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/472 -[#473]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/473 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> -Signed-off-by: semantic-release <semantic-release> +BREAKING CHANGES +---------------- +* Dropped support for python<3.8 ([#436] via [#441]; enable [#433]) +* Reworked license related models, collections, and factories ([#365] via [#466]) +* Behavior + * Method `model.bom.Bom.validate()` will throw `exception.LicenseExpressionAlongWithOthersException`, if detecting invalid license constellation ([#453] via [#452]) + * Fixed tuple comparison when unequal lengths (via [#461]) +* API + * Enum `schema.SchemaVersion` is no longer string-like ([#442] via [#447]) + * Enum `schema.OutputVersion` is no longer string-like ([#442] via [#447]) + * Abstract class `output.BaseOutput` requires implementation of new method `output_format` ([#446] via [#447]) + * Abstract method `output.BaseOutput.output_as_string()` got new optional parameter `indent` ([#437] via [#458]) + * Abstract method `output.BaseOutput.output_as_string()` accepts arbitrary kwargs (via [#458], [#462]) + * Removed class `factory.license.LicenseChoiceFactory` (via [#466]) + The old functionality was integrated into `factory.license.LicenseFactory`. + * Method `factory.license.LicenseFactory.make_from_string()`'s parameter `name_or_spdx` was renamed to `value` (via [#466]) + * Method `factory.license.LicenseFactory.make_from_string()`'s return value can also be a `LicenseExpression` ([#365] via [#466]) + The behavior imitates the old `factory.license.LicenseChoiceFactory.make_from_string()` + * Renamed class `module.License` to `module.license.DisjunctliveLicense` ([#365] via [#466]) + * Removed class `module.LicenseChoice` ([#365] via [#466]) + Use dedicated classes `module.license.DisjunctliveLicense` and `module.license.LicenseExpression` instead + * All occurrences of `models.LicenseChoice` were replaced by `models.licenses.License` ([#365] via [#466]) + * All occurrences of `SortedSet[LicenseChoice]` were specialized to `models.license.LicenseRepository` ([#365] via [#466]) + + +Fixed +---------------- +* Serialization of multy-licenses ([#365] via [#466]) +* Detect unused "dependent" components in `model.bom.validate()` (via [#464]) + + +Changed +---------------- +* Updated latest supported list of supported SPDX license identifiers (via [#433]) +* Shipped schema files are moved to a protected space (via [#433]) + These files were never intended for public use. +* XML output uses a default namespace, which makes results smaller. ([#438] via [#458]) + + +Added +---------------- +* Support for Python 3.12 (via [#460]) +* JSON- & XML-Validators ([#432], [#446] via [#433], [#448]) + The functionality might require additional dependencies, that can be installed with the extra "validation". + See the docs in section "Installation" for details. +* JSON & XML can be generated in a more human-friendly form ([#437], [#438] via [#458]) +* Type hints, typings & overloads for better integration downstream (via [#463]) +* API + * New function `output.make_outputter()` (via [#469]) + This replaces the deprecated function `output.get_instance()`. + * New sub-package `validation` ([#432], [#446] via [#433], [#448], [#469], [#468], [#469]) + * New class `exception.MissingOptionalDependencyException` ([#432] via [#433]) + * New class `exception.LicenseExpressionAlongWithOthersException` ([#453] via [#452]) + * New dictionaries `output.{json,xml}.BY_SCHEMA_VERSION` ([#446] via [#447]) + * Existing implementations of class `output.BaseOutput` now have a new method `output_format` ([#446] via [#447]) + * Existing implementations of method `output.BaseOutput.output_as_string()` got new optional parameter `indent` ([#437] via [#458]) + * Existing implementations of method `output.BaseOutput.output_to_file()` got new optional parameter `indent` ([#437] via [#458]) + * New method `factory.license.LicenseFactory.make_with_expression()` (via [#466]) + * New class `model.license.DisjunctiveLicense` ([#365] via [#466]) + * New class `model.license.LicenseExpression` ([#365] via [#466]) + * New class `model.license.LicenseRepository` ([#365] via [#466]) + * New class `serialization.LicenseRepositoryHelper` ([#365] via [#466]) + + +Deprecated +---------------- +* Function `output.get_instance()` might be removed, use `output.make_outputter()` instead (via [#469]) + + +Tests +---------------- +* Added validation tests with official CycloneDX schema test data ([#432] via [#433]) +* Use proper snapshots, instead of pseudo comparison ([#437] via [#464]) +* Added regression test for bug [#365] (via [#466], [#467]) + + +Misc +---------------- +* Dependencies: bumped `py-serializable@^0.15.0`, was `@^0.11.1` (via [#458], [#463], [#464], [#466]) +* Style: streamlined quotes and strings (via [#472]) +* Chore: bumped internal dev- and QA-tools ([#436] via [#441], [#472]) +* Chore: added more QA tools to prevent common security issues (via [#473]) + + +[#432]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/432 +[#433]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/433 +[#436]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/436 +[#437]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/437 +[#365]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/365 +[#438]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/438 +[#440]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/440 +[#441]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/441 +[#442]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/442 +[#446]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/446 +[#447]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/447 +[#448]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/448 +[#452]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/452 +[#453]: https://github.com/CycloneDX/cyclonedx-python-lib/issues/453 +[#458]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/458 +[#460]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/460 +[#461]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/461 +[#462]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/462 +[#463]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/463 +[#464]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/464 +[#466]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/466 +[#467]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/467 +[#468]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/468 +[#469]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/469 +[#472]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/472 +[#473]: https://github.com/CycloneDX/cyclonedx-python-lib/pull/473 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> +Signed-off-by: semantic-release <semantic-release> Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) @@ -1006,8 +1006,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https: * feat: programmatic access to library's version (#417) -adds `cyclonedx.__version__` - +adds `cyclonedx.__version__` + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) @@ -1027,8 +1027,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https: * fix: conditional warning if no root dependencies were found (#398) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) ### Unknown @@ -1039,9 +1039,9 @@ Automatically generated by python-semantic-release ([`4a72f51`](https://github.c * Add missing space in warning message. (#364) - - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> + + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) @@ -1051,122 +1051,122 @@ Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> * feat: Release 4.0.0 #341) -Highlights of this release include: -* Support for De-serialization from JSON and XML to this Pythonic Model -* Deprecation of Python 3.6 support -* Support for Python 3.11 -* Support for `BomLink` -* Support VEX without needing `Component` in the same `Bom` -* Support for `services` having `dependencies` - -BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -feat: allow `version` of BOM to be defined - -feat: allow `serial_number` of BOM to be prescribed - -feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: fix release workflow - -* chore: editorconfig - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* feat: support for deserialization from JSON and XML (#290) - -BREAKING CHANGE: - -* feat: drop Python 3.6 support - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> - -* fix: update `serializable` to include XML safety changes - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: Support for Python 3.11 (#349) - -* feat: officially test and support Python 3.11 - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* removed unused imports - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* bump `poetry` to `1.1.12` in CI - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fix: remove `toml` as dependency as not used and seems to be breaking Python 3.11 CI - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fix: removed `types-toml` from dependencies - not used - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - ---------- - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fix: removed `autopep8` in favour of `flake8` as both have conflicting dependencies now - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: bump dev dependencies - -fix: removed `setuptools` as dependency -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* tests: compoennt versions optional (#350) - -* chore: exclude `venv*` from QA; add typing to QA - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* tests: component versions are optional - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* doc: doc updates for new deserialization feature - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* doc: doc updates for contribution - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - ---------- - -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@gmail.com> +Highlights of this release include: +* Support for De-serialization from JSON and XML to this Pythonic Model +* Deprecation of Python 3.6 support +* Support for Python 3.11 +* Support for `BomLink` +* Support VEX without needing `Component` in the same `Bom` +* Support for `services` having `dependencies` + +BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +feat: allow `version` of BOM to be defined + +feat: allow `serial_number` of BOM to be prescribed + +feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: fix release workflow + +* chore: editorconfig + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* feat: support for deserialization from JSON and XML (#290) + +BREAKING CHANGE: + +* feat: drop Python 3.6 support + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Hakan Dilek <hakandilek@gmail.com> +Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> + +* fix: update `serializable` to include XML safety changes + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: Support for Python 3.11 (#349) + +* feat: officially test and support Python 3.11 + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* removed unused imports + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* bump `poetry` to `1.1.12` in CI + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fix: remove `toml` as dependency as not used and seems to be breaking Python 3.11 CI + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fix: removed `types-toml` from dependencies - not used + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +--------- + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fix: removed `autopep8` in favour of `flake8` as both have conflicting dependencies now + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: bump dev dependencies + +fix: removed `setuptools` as dependency +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* tests: compoennt versions optional (#350) + +* chore: exclude `venv*` from QA; add typing to QA + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* tests: component versions are optional + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* doc: doc updates for new deserialization feature + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* doc: doc updates for contribution + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +--------- + +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) ### Unknown @@ -1182,8 +1182,8 @@ Automatically generated by python-semantic-release ([`40fbfda`](https://github.c * fix: mak test's schema paths relative to `cyclonedx` package (#338) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) ### Unknown @@ -1199,9 +1199,9 @@ Automatically generated by python-semantic-release ([`ba603cf`](https://github.c * fix(tests): include tests in `sdist` builds (#337) -* feat: include `tests` in `sdist` builds for #336 -* delete unexpected `DS_Store` file - +* feat: include `tests` in `sdist` builds for #336 +* delete unexpected `DS_Store` file + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) ### Unknown @@ -1217,9 +1217,9 @@ Automatically generated by python-semantic-release ([`0b19294`](https://github.c * fix: serialize dependency graph for nested components (#329) -* tests: regression tests for issue #328 -* fix: for issue #328 - +* tests: regression tests for issue #328 +* fix: for issue #328 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) ### Unknown @@ -1239,21 +1239,21 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https: * docs: fix shields (#324) -caused by https://github.com/badges/shields/issues/8671 - +caused by https://github.com/badges/shields/issues/8671 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) * docs: fix typo (#318) - + Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) ### Fix * fix: prevent errors on metadata handling for some specification versions (#330) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) ### Unknown @@ -1264,7 +1264,7 @@ Automatically generated by python-semantic-release ([`0853d14`](https://github.c * clarify sign-off step (#319) - + Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) @@ -1351,8 +1351,8 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://gi * Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 -fix: BOM validation fails when Components or Services are nested #275 - +fix: BOM validation fails when Components or Services are nested #275 + fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) * Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) @@ -1442,8 +1442,8 @@ Automatically generated by python-semantic-release ([`fb9a796`](https://github.c * fix: add missing `Vulnerability` comparator for sorting (#246) -Partial fix for #245. - +Partial fix for #245. + Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) ### Unknown @@ -1459,16 +1459,16 @@ Automatically generated by python-semantic-release ([`1ea5b20`](https://github.c * build: move typing to dev-dependencies -Move `types-setuptools` and `types-toml` to dev-dependencies (#226) - +Move `types-setuptools` and `types-toml` to dev-dependencies (#226) + Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) ### Documentation * docs: fix typo "This is out" -> "This is our" -Fix typo in comments: "This is out" -> "This is our" (#233) - +Fix typo in comments: "This is out" -> "This is our" (#233) + Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) ### Feature @@ -1565,8 +1565,8 @@ Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com& * feat(deps): remove unused `typing-extensions` constraints -PullRequest and details via #224 - +PullRequest and details via #224 + Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) ### Unknown @@ -1767,17 +1767,17 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://git * feat: completed work on #155 (#172) -fix: resolved #169 (part of #155) -feat: as part of solving #155, #147 has been implemented - +fix: resolved #169 (part of #155) +feat: as part of solving #155, #147 has been implemented + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) * feat: support complete model for `bom.metadata` (#162) -* feat: support complete model for `bom.metadata` -fix: JSON comparison in unit tests was broken -chore: corrected some source license headers - +* feat: support complete model for `bom.metadata` +fix: JSON comparison in unit tests was broken +chore: corrected some source license headers + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) * feat: support for `bom.externalReferences` in JSON and XML #124 @@ -1786,8 +1786,8 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://git * feat: Complete support for `bom.components` (#155) -* fix: implemented correct `__hash__` methods in models (#153) - +* fix: implemented correct `__hash__` methods in models (#153) + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) * feat: support services in XML BOMs @@ -1845,12 +1845,12 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://git * Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) -* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated Vulnerability to also use new `BomRef` model - +* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* updated Vulnerability to also use new `BomRef` model + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) * BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) @@ -1867,10 +1867,10 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://git * BREAKING CHANGE: update models to use `Set` rather than `List` (#160) -* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` -BREAKING CHANGE: update final models to use `@property` -wip - +* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` +BREAKING CHANGE: update final models to use `@property` +wip + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) * removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck @@ -1895,92 +1895,92 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://git * WIP on `bom.services` -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* No default values for required fields - -* Add Services to BOM - -* Typo fix - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.2.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.3.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* removed signature from this branch - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* Add Services to BOM - -* Typo fix - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* resolved typing issues from merge - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* added a bunch more tests for JSON output - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> +* WIP but a lil hand up for @madpah + +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> + +* chore: added missing license header + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* No default values for required fields + +* Add Services to BOM + +* Typo fix + +* aligned classes with standards, commented out Signature work for now, added first tests for Services + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* addressed standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* 1.2.0 + +Automatically generated by python-semantic-release + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) + +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* 1.3.0 + +Automatically generated by python-semantic-release + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* WIP but a lil hand up for @madpah + +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* chore: added missing license header + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* aligned classes with standards, commented out Signature work for now, added first tests for Services + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* removed signature from this branch + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* Add Services to BOM + +* Typo fix + +* addressed standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* resolved typing issues from merge + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added a bunch more tests for JSON output + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) @@ -1990,20 +1990,20 @@ Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://gi * feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) ### Unknown @@ -2019,53 +2019,53 @@ Automatically generated by python-semantic-release ([`4178181`](https://github.c * feat: add CPE to component (#138) -* Added CPE to component - -Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixing problems with CPE addition - -- Fixed styling errors -- Added reference to CPE Spec -- Adding CPE parameter as last parameter to not break arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Again fixes for Style and CPE reference - -Missing in the last commit - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added CPE as argument before deprecated arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added testing for CPE addition and error fixing - -- Added output tests for CPE in XML and JSON -- Fixes style error in components -- Fixes order for CPE output in XML (CPE has to come before PURL) - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed output tests - -CPE was still in the wrong position in one of the tests - fixed - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed minor test fixtures issues - -- cpe was still in wrong position in 1.2 JSON -- Indentation fixed in 1.4 JSON - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed missing comma in JSON 1.2 test file - +* Added CPE to component + +Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixing problems with CPE addition + +- Fixed styling errors +- Added reference to CPE Spec +- Adding CPE parameter as last parameter to not break arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Again fixes for Style and CPE reference + +Missing in the last commit + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added CPE as argument before deprecated arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added testing for CPE addition and error fixing + +- Added output tests for CPE in XML and JSON +- Fixes style error in components +- Fixes order for CPE output in XML (CPE has to come before PURL) + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed output tests + +CPE was still in the wrong position in one of the tests - fixed + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed minor test fixtures issues + +- cpe was still in wrong position in 1.2 JSON +- Indentation fixed in 1.4 JSON + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed missing comma in JSON 1.2 test file + Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) ### Unknown @@ -2096,14 +2096,14 @@ Automatically generated by python-semantic-release ([`dec63de`](https://github.c * feat: add support for `bom.metadata.component` (#118) -* Add support for metadata component - -Part of #6 - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> - -* Better docs and simpler ifs - +* Add support for metadata component + +Part of #6 + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> + +* Better docs and simpler ifs + Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) ### Unknown @@ -2121,27 +2121,27 @@ Automatically generated by python-semantic-release ([`d4007bd`](https://github.c * Support for CycloneDX schema version 1.4 (#108) -BREAKING CHANGE: Support for CycloneDX 1.4. This includes: -- Support for `tools` having `externalReferences` -- Allowing `version` for a `Component` to be optional in 1.4 -- Support for `releaseNotes` per `Component` -- Support for the core schema implementation of Vulnerabilities (VEX) - -Other changes included in this PR: -- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) -- Fixes to ensure schema is adhered to in 1.0 -- URI's are now used throughout the library through a new `XsUri` class to provide URI validation -- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) -- `$schema` is now included in JSON BOMs -- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python -- Added reference to release of this library on Anaconda - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> - +BREAKING CHANGE: Support for CycloneDX 1.4. This includes: +- Support for `tools` having `externalReferences` +- Allowing `version` for a `Component` to be optional in 1.4 +- Support for `releaseNotes` per `Component` +- Support for the core schema implementation of Vulnerabilities (VEX) + +Other changes included in this PR: +- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) +- Fixes to ensure schema is adhered to in 1.0 +- URI's are now used throughout the library through a new `XsUri` class to provide URI validation +- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) +- `$schema` is now included in JSON BOMs +- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python +- Added reference to release of this library on Anaconda + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> + Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) * Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) @@ -2170,8 +2170,8 @@ Automatically generated by python-semantic-release ([`cfc9d38`](https://github.c * fix: tightened dependency `packageurl-python` (#95) -fixes #94 - +fixes #94 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) ### Unknown @@ -2187,10 +2187,10 @@ Automatically generated by python-semantic-release ([`54b9f74`](https://github.c * fix: further loosened dependency definitions -see #44 - -updated some locked dependencies to latest versions - +see #44 + +updated some locked dependencies to latest versions + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) ### Unknown @@ -2206,24 +2206,24 @@ Automatically generated by python-semantic-release ([`43fc36e`](https://github.c * feat: loosed dependency versions to make this library more consumable -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement - +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) ### Unknown @@ -2330,36 +2330,36 @@ Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://g * doc: readme maintenance - shields & links (#72) -* README: restructure links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add lan to fenced code blocks - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: fix some formatting - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: modernized shields - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: harmonize links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add language to code fences - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: markdown fixes - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: removed py version shield - +* README: restructure links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add lan to fenced code blocks + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: fix some formatting + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: modernized shields + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: harmonize links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add language to code fences + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: markdown fixes + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: removed py version shield + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) * poetry(deps): bump mako from 1.1.5 to 1.1.6 @@ -2384,12 +2384,12 @@ poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/ * FIX: update Conda package parsing to handle `build` containing underscore (#66) -* fix: update conda package parsing to handle `build` containing underscore - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated some typings - +* fix: update conda package parsing to handle `build` containing underscore + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* updated some typings + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) * poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 @@ -2485,16 +2485,16 @@ Automatically generated by python-semantic-release ([`a80f87a`](https://github.c * FEAT: Support Python 3.10 (#64) -* fix: tested with Python 3.10 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* added trove classifier for Python 3.10 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) - +* fix: tested with Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added trove classifier for Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) * poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 @@ -2520,74 +2520,74 @@ Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://g * feat: Typing & PEP 561 -* adde file for type checkers according to PEP 561 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added static code analysis as a dev-test - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added the "typed" trove - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added `flake8-annotations` to the tests - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* further typing updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing additions and test updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - added type stubs for toml and setuptools - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* typing work - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* coding standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* fixed tox and mypy running in correct python version - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed some typing related flaws - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added flake8-bugbear for code analysis - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - +* adde file for type checkers according to PEP 561 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added static code analysis as a dev-test + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added the "typed" trove + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added `flake8-annotations` to the tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* further typing updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing additions and test updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing - added type stubs for toml and setuptools + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* typing work + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* coding standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fixed tox and mypy running in correct python version + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed some typing related flaws + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added flake8-bugbear for code analysis + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) ### Unknown From 6d7b5c6b6bf5806beea4ebef52abf011e15c7e6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 20 Oct 2024 13:26:48 +0200 Subject: [PATCH 13/37] chore(deps-dev): update mypy requirement from 1.11.2 to 1.12.0 (#716) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the requirements on [mypy](https://github.com/python/mypy) to permit the latest version.
Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.12

We’ve just uploaded mypy 1.12 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support Python 3.12 Syntax for Generics (PEP 695)

Support for the new type parameter syntax introduced in Python 3.12 is now enabled by default, documented, and no longer experimental. It was available through a feature flag in mypy 1.11 as an experimental feature.

This example demonstrates the new syntax:

# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...

reveal_type(f(1))  # Revealed type is 'int'


Generic class


class C[T]:
def init(self, x: T) -> None:
self.x = x


c = C('a')
reveal_type(c.x)  # Revealed type is 'str'


Type alias


type A[T] = C[list[T]]

For more information, refer to the documentation.

These improvements are included:

  • Document Python 3.12 type parameter syntax (Jukka Lehtosalo, PR 17816)
  • Further documentation updates (Jukka Lehtosalo, PR 17826)
  • Allow Self return types with contravariance (Jukka Lehtosalo, PR 17786)
  • Enable new type parameter syntax by default (Jukka Lehtosalo, PR 17798)
  • Generate error if new-style type alias used as base class (Jukka Lehtosalo, PR 17789)
  • Inherit variance if base class has explicit variance (Jukka Lehtosalo, PR 17787)

... (truncated)

Commits

Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | mypy | [>= 0.971.a, < 0.972] |
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Saquib Saifee --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 4636a10f..329fb9dc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -94,7 +94,7 @@ flake8-use-fstring = "1.4" pep8-naming = "0.14.1" isort = "5.13.2" autopep8 = "2.3.1" -mypy = "1.11.2" +mypy = "1.12.0" tomli = { version = "2.0.1", python = "<3.11" } tox = "4.21.2" xmldiff = "2.7.0" From fb7ebb5d682db18015b3b7b8db22981875e1898c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 20 Oct 2024 13:27:01 +0200 Subject: [PATCH 14/37] chore(deps-dev): update tox requirement from 4.21.2 to 4.23.0 (#714) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
Release notes

Sourced from tox's releases.

4.23.0

What's Changed

New Contributors

Full Changelog: https://github.com/tox-dev/tox/compare/4.22.0...4.23.0

Changelog

Sourced from tox's changelog.

v4.23.0 (2024-10-16)

Features - 4.23.0

- Add ``NETRC`` to the list of environment variables always
passed through. (:issue:`3410`)

Improved Documentation - 4.23.0

  • replace [tool.pyproject] and [tool.tox.pyproject] with [tool.tox] in config.rst (:issue:3411)

v4.22.0 (2024-10-15)

Features - 4.22.0

- Implement dependency group support as defined in :pep:`735`
- see :ref:`dependency_groups` - by :user:`gaborbernat`. (:issue:`3408`)

v4.21.2 (2024-10-03)


Bugfixes - 4.21.2

  • Include tox.toml in sdist archives to fix test failures resulting from its lack.
    • by :user:mgorny (:issue:3389)

v4.21.1 (2024-10-02)

Bugfixes - 4.21.1

- Fix error when using ``requires`` within a TOML
configuration file - by :user:`gaborbernat`. (:issue:`3386`)
- Fix error when using ``deps`` within a TOML configuration file - by
:user:`gaborbernat`. (:issue:`3387`)
- Multiple fixes for the TOML configuration by :user:`gaborbernat`.:

    

  • Do not fail when there is an empty command within
commands.
    • 

  • Allow references for set_env by accepting list of
dictionaries for it.
    • 

  • Do not try to be smart about reference unrolling, instead allow the
user to control it via the extend flag,
available both for posargs and ref
replacements.
    • 

  • The ref replacements raw key has been
renamed to of. (:issue:3388)
    • 



v4.21.0 (2024-09-30)


Features - 4.21.0

  • Native TOML configuration support - by :user:gaborbernat. (:issue:999)

Improved Documentation - 4.21.0

</tr></table>

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Saquib Saifee --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 329fb9dc..40ac6479 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -96,7 +96,7 @@ isort = "5.13.2" autopep8 = "2.3.1" mypy = "1.12.0" tomli = { version = "2.0.1", python = "<3.11" } -tox = "4.21.2" +tox = "4.23.0" xmldiff = "2.7.0" bandit = "1.7.10" From 67a2d10fe2c69f28502d35399fca5e2e79f0420b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 20 Oct 2024 13:35:35 +0200 Subject: [PATCH 15/37] chore(deps-dev): update tomli requirement from 2.0.1 to 2.0.2 (#715) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the requirements on [tomli](https://github.com/hukkin/tomli) to permit the latest version.
Changelog

Sourced from tomli's changelog.

2.0.2

  • Removed
    • Python 3.7 support
  • Improved
    • Make loads raise TypeError not AttributeError on bad input types that do not have the replace attribute. Improve error message when bytes is received.
  • Type annotations
    • Type annotate load input as typing.IO[bytes] (previously typing.BinaryIO).

2.0.1

  • Improved
    • Make bundling easier by using relative imports internally and adding license and copyright notice to source files.
    • Make error messages more uniform
    • Raise a friendly TypeError for wrong file mode
    • Allow parse_float to return objects having the append attr
    • Eagerly raise an error if parse_float returns an illegal type
  • Packaging
    • Move from pytest testing framework to unittest and remove python-dateutil test dependency. Tests now only require Python interpreter.

1.2.3

  • Fixed
    • Backport: Allow lower case "t" and "z" in datetimes

2.0.0

  • Removed
    • Python 3.6 support
    • Support for text file objects as load input. Use binary file objects instead.
    • First argument of load and loads can no longer be passed by keyword.
  • Fixed
    • Allow lower case "t" and "z" in datetimes
  • Improved
    • Raise an error when dotted keys define values outside the "current table". Technically speaking TOML v1.0.0 does allow such assignments but that isn't intended by specification writers, and will change in a future specification version (see the pull request).

1.2.2

  • Fixed
    • Illegal characters in error messages were surrounded by two pairs of quotation marks
  • Improved
    • TOMLDecodeError.__module__ is now the public import path (tomli) instead of private import path (tomli._parser)
    • Eliminated an import cycle when typing.TYPE_CHECKING is True. This allows sphinx-autodoc-typehints to resolve type annotations.

... (truncated)

Commits
  • 3ec6775 Bump version: 2.0.1 → 2.0.2
  • 1dcd317 Add v2.0.2 changelog
  • c94ee69 Fix GitHub Actions badge
  • 4e245a4 tomli.loads: Raise TypeError not AttributeError. Improve message (#229)
  • facdab0 Update pre-commit. Remove docformatter
  • a613867 Use sys.version_info in compatibility layer (#220)
  • 39eff9b Add support for Python 3.12, drop EOL 3.7 (#224)
  • 0054e60 [pre-commit.ci] pre-commit autoupdate (#208)
  • 1bd3345 Test against Python 3.12-dev
  • 5646e69 Type annotate as IO[bytes], not BinaryIO
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Saquib Saifee --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 40ac6479..7df6f16c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -95,7 +95,7 @@ pep8-naming = "0.14.1" isort = "5.13.2" autopep8 = "2.3.1" mypy = "1.12.0" -tomli = { version = "2.0.1", python = "<3.11" } +tomli = { version = "2.0.2", python = "<3.11" } tox = "4.23.0" xmldiff = "2.7.0" bandit = "1.7.10" From 9a3a45e37b35a665a086526df8f8d6891e336575 Mon Sep 17 00:00:00 2001 From: Johannes Feichtner <343448+Churro@users.noreply.github.com> Date: Mon, 21 Oct 2024 10:29:08 +0200 Subject: [PATCH 16/37] feat: add support for Lifecycles in BOM metadata (#698) --------- Signed-off-by: Johannes Feichtner Signed-off-by: Jan Kowalleck Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> Co-authored-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- cyclonedx/model/bom.py | 32 ++- cyclonedx/model/lifecycle.py | 245 ++++++++++++++++++ tests/_data/models.py | 17 ++ .../snapshots/enum_LifecyclePhase-1.0.xml.bin | 4 + .../snapshots/enum_LifecyclePhase-1.1.xml.bin | 4 + .../enum_LifecyclePhase-1.2.json.bin | 10 + .../snapshots/enum_LifecyclePhase-1.2.xml.bin | 6 + .../enum_LifecyclePhase-1.3.json.bin | 10 + .../snapshots/enum_LifecyclePhase-1.3.xml.bin | 6 + .../enum_LifecyclePhase-1.4.json.bin | 10 + .../snapshots/enum_LifecyclePhase-1.4.xml.bin | 6 + .../enum_LifecyclePhase-1.5.json.bin | 43 +++ .../snapshots/enum_LifecyclePhase-1.5.xml.bin | 33 +++ .../enum_LifecyclePhase-1.6.json.bin | 43 +++ .../snapshots/enum_LifecyclePhase-1.6.xml.bin | 33 +++ ...et_bom_just_complete_metadata-1.5.json.bin | 5 + ...get_bom_just_complete_metadata-1.5.xml.bin | 5 + ...et_bom_just_complete_metadata-1.6.json.bin | 5 + ...get_bom_just_complete_metadata-1.6.xml.bin | 5 + .../get_bom_with_lifecycles-1.0.xml.bin | 4 + .../get_bom_with_lifecycles-1.1.xml.bin | 4 + .../get_bom_with_lifecycles-1.2.json.bin | 21 ++ .../get_bom_with_lifecycles-1.2.xml.bin | 13 + .../get_bom_with_lifecycles-1.3.json.bin | 21 ++ .../get_bom_with_lifecycles-1.3.xml.bin | 13 + .../get_bom_with_lifecycles-1.4.json.bin | 20 ++ .../get_bom_with_lifecycles-1.4.xml.bin | 12 + .../get_bom_with_lifecycles-1.5.json.bin | 42 +++ .../get_bom_with_lifecycles-1.5.xml.bin | 28 ++ .../get_bom_with_lifecycles-1.6.json.bin | 42 +++ .../get_bom_with_lifecycles-1.6.xml.bin | 28 ++ tests/test_enums.py | 21 +- tests/test_model_bom.py | 11 +- tests/test_model_lifecycle.py | 107 ++++++++ 34 files changed, 896 insertions(+), 13 deletions(-) create mode 100644 cyclonedx/model/lifecycle.py create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.0.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.1.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.2.json.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.2.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.3.json.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.3.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.4.json.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.4.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.5.json.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.5.xml.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.6.json.bin create mode 100644 tests/_data/snapshots/enum_LifecyclePhase-1.6.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_lifecycles-1.6.xml.bin create mode 100644 tests/test_model_lifecycle.py diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py index 7bd09740..94cdd83e 100644 --- a/cyclonedx/model/bom.py +++ b/cyclonedx/model/bom.py @@ -43,6 +43,7 @@ from .contact import OrganizationalContact, OrganizationalEntity from .dependency import Dependable, Dependency from .license import License, LicenseExpression, LicenseRepository +from .lifecycle import Lifecycle, LifecycleRepository, _LifecycleRepositoryHelper from .service import Service from .tool import Tool, ToolRepository, _ToolRepositoryHelper from .vulnerability import Vulnerability @@ -70,6 +71,7 @@ def __init__( properties: Optional[Iterable[Property]] = None, timestamp: Optional[datetime] = None, manufacturer: Optional[OrganizationalEntity] = None, + lifecycles: Optional[Iterable[Lifecycle]] = None, # Deprecated as of v1.6 manufacture: Optional[OrganizationalEntity] = None, ) -> None: @@ -81,6 +83,7 @@ def __init__( self.licenses = licenses or [] # type:ignore[assignment] self.properties = properties or [] # type:ignore[assignment] self.manufacturer = manufacturer + self.lifecycles = lifecycles or [] # type:ignore[assignment] self.manufacture = manufacture if manufacture: @@ -105,16 +108,23 @@ def timestamp(self) -> datetime: def timestamp(self, timestamp: datetime) -> None: self._timestamp = timestamp - # @property - # ... - # @serializable.view(SchemaVersion1Dot5) - # @serializable.xml_sequence(2) - # def lifecycles(self) -> ...: - # ... # TODO since CDX1.5 - # - # @lifecycles.setter - # def lifecycles(self, ...) -> None: - # ... # TODO since CDX1.5 + @property + @serializable.view(SchemaVersion1Dot5) + @serializable.view(SchemaVersion1Dot6) + @serializable.type_mapping(_LifecycleRepositoryHelper) + @serializable.xml_sequence(2) + def lifecycles(self) -> LifecycleRepository: + """ + An optional list of BOM lifecycle stages. + + Returns: + Set of `Lifecycle` + """ + return self._lifecycles + + @lifecycles.setter + def lifecycles(self, lifecycles: Iterable[Lifecycle]) -> None: + self._lifecycles = LifecycleRepository(lifecycles) @property @serializable.type_mapping(_ToolRepositoryHelper) @@ -290,7 +300,7 @@ def __eq__(self, other: object) -> bool: def __hash__(self) -> int: return hash(( tuple(self.authors), self.component, tuple(self.licenses), self.manufacture, tuple(self.properties), - self.supplier, self.timestamp, self.tools, self.manufacturer, + tuple(self.lifecycles), self.supplier, self.timestamp, self.tools, self.manufacturer )) def __repr__(self) -> str: diff --git a/cyclonedx/model/lifecycle.py b/cyclonedx/model/lifecycle.py new file mode 100644 index 00000000..24082f5d --- /dev/null +++ b/cyclonedx/model/lifecycle.py @@ -0,0 +1,245 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +""" + This set of classes represents the lifecycles types in the CycloneDX standard. + +.. note:: + Introduced in CycloneDX v1.5 + +.. note:: + See the CycloneDX Schema for lifecycles: https://cyclonedx.org/docs/1.5/#metadata_lifecycles +""" + +from enum import Enum +from json import loads as json_loads +from typing import TYPE_CHECKING, Any, Dict, List, Optional, Type, Union +from xml.etree.ElementTree import Element # nosec B405 + +import serializable +from serializable.helpers import BaseHelper +from sortedcontainers import SortedSet + +from .._internal.compare import ComparableTuple as _ComparableTuple +from ..exception.serialization import CycloneDxDeserializationException + +if TYPE_CHECKING: # pragma: no cover + from serializable import ViewType + + +@serializable.serializable_enum +class LifecyclePhase(str, Enum): + """ + Enum object that defines the permissible 'phase' for a Lifecycle according to the CycloneDX schema. + + .. note:: + See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.3/#type_classification + """ + DESIGN = 'design' + PRE_BUILD = 'pre-build' + BUILD = 'build' + POST_BUILD = 'post-build' + OPERATIONS = 'operations' + DISCOVERY = 'discovery' + DECOMMISSION = 'decommission' + + +@serializable.serializable_class +class PredefinedLifecycle: + """ + Object that defines pre-defined phases in the product lifecycle. + + .. note:: + See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.5/#metadata_lifecycles + """ + + def __init__(self, phase: LifecyclePhase) -> None: + self._phase = phase + + @property + def phase(self) -> LifecyclePhase: + return self._phase + + @phase.setter + def phase(self, phase: LifecyclePhase) -> None: + self._phase = phase + + def __hash__(self) -> int: + return hash(self._phase) + + def __eq__(self, other: object) -> bool: + if isinstance(other, PredefinedLifecycle): + return hash(other) == hash(self) + return False + + def __lt__(self, other: Any) -> bool: + if isinstance(other, PredefinedLifecycle): + return self._phase < other._phase + if isinstance(other, NamedLifecycle): + return True # put PredefinedLifecycle before any NamedLifecycle + return NotImplemented + + def __repr__(self) -> str: + return f'' + + +@serializable.serializable_class +class NamedLifecycle: + """ + Object that defines custom state in the product lifecycle. + + .. note:: + See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.5/#metadata_lifecycles + """ + + def __init__(self, name: str, *, description: Optional[str] = None) -> None: + self._name = name + self._description = description + + @property + @serializable.xml_sequence(1) + @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) + def name(self) -> str: + """ + Name of the lifecycle phase. + + Returns: + `str` + """ + return self._name + + @name.setter + def name(self, name: str) -> None: + self._name = name + + @property + @serializable.xml_sequence(2) + @serializable.xml_string(serializable.XmlStringSerializationType.NORMALIZED_STRING) + def description(self) -> Optional[str]: + """ + Description of the lifecycle phase. + + Returns: + `str` + """ + return self._description + + @description.setter + def description(self, description: Optional[str]) -> None: + self._description = description + + def __hash__(self) -> int: + return hash((self._name, self._description)) + + def __eq__(self, other: object) -> bool: + if isinstance(other, NamedLifecycle): + return hash(other) == hash(self) + return False + + def __lt__(self, other: Any) -> bool: + if isinstance(other, NamedLifecycle): + return _ComparableTuple((self._name, self._description)) < _ComparableTuple( + (other._name, other._description) + ) + if isinstance(other, PredefinedLifecycle): + return False # put NamedLifecycle after any PredefinedLifecycle + return NotImplemented + + def __repr__(self) -> str: + return f'' + + +Lifecycle = Union[PredefinedLifecycle, NamedLifecycle] +"""TypeAlias for a union of supported lifecycle models. + +- :class:`PredefinedLifecycle` +- :class:`NamedLifecycle` +""" + +if TYPE_CHECKING: # pragma: no cover + # workaround for https://github.com/python/mypy/issues/5264 + # this code path is taken when static code analysis or documentation tools runs through. + class LifecycleRepository(SortedSet[Lifecycle]): + """Collection of :class:`Lifecycle`. + + This is a `set`, not a `list`. Order MUST NOT matter here. + """ +else: + class LifecycleRepository(SortedSet): + """Collection of :class:`Lifecycle`. + + This is a `set`, not a `list`. Order MUST NOT matter here. + """ + + +class _LifecycleRepositoryHelper(BaseHelper): + @classmethod + def json_normalize(cls, o: LifecycleRepository, *, + view: Optional[Type['ViewType']], + **__: Any) -> Any: + if len(o) == 0: + return None + return [json_loads(li.as_json( # type:ignore[union-attr] + view_=view)) for li in o] + + @classmethod + def json_denormalize(cls, o: List[Dict[str, Any]], + **__: Any) -> LifecycleRepository: + repo = LifecycleRepository() + for li in o: + if 'phase' in li: + repo.add(PredefinedLifecycle.from_json( # type:ignore[attr-defined] + li)) + elif 'name' in li: + repo.add(NamedLifecycle.from_json( # type:ignore[attr-defined] + li)) + else: + raise CycloneDxDeserializationException(f'unexpected: {li!r}') + return repo + + @classmethod + def xml_normalize(cls, o: LifecycleRepository, *, + element_name: str, + view: Optional[Type['ViewType']], + xmlns: Optional[str], + **__: Any) -> Optional[Element]: + if len(o) == 0: + return None + elem = Element(element_name) + for li in o: + elem.append(li.as_xml( # type:ignore[union-attr] + view_=view, as_string=False, element_name='lifecycle', xmlns=xmlns)) + return elem + + @classmethod + def xml_denormalize(cls, o: Element, + default_ns: Optional[str], + **__: Any) -> LifecycleRepository: + repo = LifecycleRepository() + ns_map = {'bom': default_ns or ''} + # Do not iterate over `o` and do not check for expected `.tag` of items. + # This check could have been done by schema validators before even deserializing. + for li in o.iterfind('bom:lifecycle', ns_map): + if li.find('bom:phase', ns_map) is not None: + repo.add(PredefinedLifecycle.from_xml( # type:ignore[attr-defined] + li, default_ns)) + elif li.find('bom:name', ns_map) is not None: + repo.add(NamedLifecycle.from_xml( # type:ignore[attr-defined] + li, default_ns)) + else: + raise CycloneDxDeserializationException(f'unexpected content: {li!r}') + return repo diff --git a/tests/_data/models.py b/tests/_data/models.py index 72504e83..ab1805eb 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -87,6 +87,7 @@ ) from cyclonedx.model.issue import IssueClassification, IssueType, IssueTypeSource from cyclonedx.model.license import DisjunctiveLicense, License, LicenseAcknowledgement, LicenseExpression +from cyclonedx.model.lifecycle import LifecyclePhase, NamedLifecycle, PredefinedLifecycle from cyclonedx.model.release_note import ReleaseNotes from cyclonedx.model.service import Service from cyclonedx.model.tool import Tool, ToolRepository @@ -534,6 +535,7 @@ def get_bom_just_complete_metadata() -> Bom: content='VGVzdCBjb250ZW50IC0gdGhpcyBpcyBub3QgdGhlIEFwYWNoZSAyLjAgbGljZW5zZSE=' ) )] + bom.metadata.lifecycles = [PredefinedLifecycle(LifecyclePhase.BUILD)] bom.metadata.properties = get_properties_1() return bom @@ -1273,6 +1275,20 @@ def get_bom_for_issue_630_empty_property() -> Bom: }) +def get_bom_with_lifecycles() -> Bom: + return _make_bom( + metadata=BomMetaData( + lifecycles=[ + PredefinedLifecycle(LifecyclePhase.BUILD), + PredefinedLifecycle(LifecyclePhase.POST_BUILD), + NamedLifecycle(name='platform-integration-testing', + description='Integration testing specific to the runtime platform'), + ], + component=Component(name='app', type=ComponentType.APPLICATION, bom_ref='my-app'), + ), + ) + + # --- @@ -1318,4 +1334,5 @@ def get_bom_for_issue_630_empty_property() -> Bom: get_bom_for_issue_598_multiple_components_with_purl_qualifiers, get_bom_with_component_setuptools_with_v16_fields, get_bom_for_issue_630_empty_property, + get_bom_with_lifecycles, } diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.0.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.1.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.2.json.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.2.json.bin new file mode 100644 index 00000000..8f473bd3 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.2.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.2.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.2.xml.bin new file mode 100644 index 00000000..df1938ec --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.2.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.3.json.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.3.json.bin new file mode 100644 index 00000000..02943890 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.3.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.3.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.3.xml.bin new file mode 100644 index 00000000..8341ff60 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.3.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.4.json.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.4.json.bin new file mode 100644 index 00000000..48f1745d --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.4.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.4.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.4.xml.bin new file mode 100644 index 00000000..d0a7d4c9 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.4.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.5.json.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.5.json.bin new file mode 100644 index 00000000..438211b7 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.5.json.bin @@ -0,0 +1,43 @@ +{ + "metadata": { + "lifecycles": [ + { + "phase": "build" + }, + { + "phase": "decommission" + }, + { + "phase": "design" + }, + { + "phase": "discovery" + }, + { + "phase": "operations" + }, + { + "phase": "post-build" + }, + { + "phase": "pre-build" + } + ], + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.5.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.5.xml.bin new file mode 100644 index 00000000..a7b6f45c --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.5.xml.bin @@ -0,0 +1,33 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + build + + + decommission + + + design + + + discovery + + + operations + + + post-build + + + pre-build + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.6.json.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.6.json.bin new file mode 100644 index 00000000..4daf2f8f --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.6.json.bin @@ -0,0 +1,43 @@ +{ + "metadata": { + "lifecycles": [ + { + "phase": "build" + }, + { + "phase": "decommission" + }, + { + "phase": "design" + }, + { + "phase": "discovery" + }, + { + "phase": "operations" + }, + { + "phase": "post-build" + }, + { + "phase": "pre-build" + } + ], + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/enum_LifecyclePhase-1.6.xml.bin b/tests/_data/snapshots/enum_LifecyclePhase-1.6.xml.bin new file mode 100644 index 00000000..514837b9 --- /dev/null +++ b/tests/_data/snapshots/enum_LifecyclePhase-1.6.xml.bin @@ -0,0 +1,33 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + build + + + decommission + + + design + + + discovery + + + operations + + + post-build + + + pre-build + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin index d2c06c75..c3e653c7 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.json.bin @@ -350,6 +350,11 @@ } } ], + "lifecycles": [ + { + "phase": "build" + } + ], "manufacture": { "contact": [ { diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin index 928f05ed..0280b1ad 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.5.xml.bin @@ -2,6 +2,11 @@ 2023-01-07T13:44:32.312678+00:00 + + + build + + A N Other diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin index fa530802..ff9232be 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.json.bin @@ -380,6 +380,11 @@ } } ], + "lifecycles": [ + { + "phase": "build" + } + ], "manufacture": { "address": { "country": "GB", diff --git a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin index fcc591fd..1c0dc447 100644 --- a/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_just_complete_metadata-1.6.xml.bin @@ -2,6 +2,11 @@ 2023-01-07T13:44:32.312678+00:00 + + + build + + A N Other diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.2.json.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.2.json.bin new file mode 100644 index 00000000..18150abd --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.2.json.bin @@ -0,0 +1,21 @@ +{ + "dependencies": [ + { + "ref": "my-app" + } + ], + "metadata": { + "component": { + "bom-ref": "my-app", + "name": "app", + "type": "application", + "version": "" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.2.xml.bin new file mode 100644 index 00000000..5fb21515 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.2.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + app + + + + + + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.3.json.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.3.json.bin new file mode 100644 index 00000000..fd64f145 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.3.json.bin @@ -0,0 +1,21 @@ +{ + "dependencies": [ + { + "ref": "my-app" + } + ], + "metadata": { + "component": { + "bom-ref": "my-app", + "name": "app", + "type": "application", + "version": "" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.3.xml.bin new file mode 100644 index 00000000..7bb6d933 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.3.xml.bin @@ -0,0 +1,13 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + app + + + + + + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.4.json.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.4.json.bin new file mode 100644 index 00000000..19983566 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.4.json.bin @@ -0,0 +1,20 @@ +{ + "dependencies": [ + { + "ref": "my-app" + } + ], + "metadata": { + "component": { + "bom-ref": "my-app", + "name": "app", + "type": "application" + }, + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.4.xml.bin new file mode 100644 index 00000000..118c192f --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.4.xml.bin @@ -0,0 +1,12 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + app + + + + + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.5.json.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.5.json.bin new file mode 100644 index 00000000..fca2c94b --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.5.json.bin @@ -0,0 +1,42 @@ +{ + "dependencies": [ + { + "ref": "my-app" + } + ], + "metadata": { + "component": { + "bom-ref": "my-app", + "name": "app", + "type": "application" + }, + "lifecycles": [ + { + "phase": "build" + }, + { + "phase": "post-build" + }, + { + "description": "Integration testing specific to the runtime platform", + "name": "platform-integration-testing" + } + ], + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.5.xml.bin new file mode 100644 index 00000000..cfa09097 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.5.xml.bin @@ -0,0 +1,28 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + build + + + post-build + + + platform-integration-testing + Integration testing specific to the runtime platform + + + + app + + + + + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.6.json.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.6.json.bin new file mode 100644 index 00000000..194bf22f --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.6.json.bin @@ -0,0 +1,42 @@ +{ + "dependencies": [ + { + "ref": "my-app" + } + ], + "metadata": { + "component": { + "bom-ref": "my-app", + "name": "app", + "type": "application" + }, + "lifecycles": [ + { + "phase": "build" + }, + { + "phase": "post-build" + }, + { + "description": "Integration testing specific to the runtime platform", + "name": "platform-integration-testing" + } + ], + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_lifecycles-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_lifecycles-1.6.xml.bin new file mode 100644 index 00000000..7ff8cb10 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_lifecycles-1.6.xml.bin @@ -0,0 +1,28 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + build + + + post-build + + + platform-integration-testing + Integration testing specific to the runtime platform + + + + app + + + + + + + val1 + val2 + + diff --git a/tests/test_enums.py b/tests/test_enums.py index 294c58f2..27c37def 100644 --- a/tests/test_enums.py +++ b/tests/test_enums.py @@ -29,10 +29,11 @@ from cyclonedx.exception import MissingOptionalDependencyException from cyclonedx.exception.serialization import SerializationOfUnsupportedComponentTypeException from cyclonedx.model import AttachedText, ExternalReference, HashType, XsUri -from cyclonedx.model.bom import Bom +from cyclonedx.model.bom import Bom, BomMetaData from cyclonedx.model.component import Component, Patch, Pedigree from cyclonedx.model.issue import IssueType from cyclonedx.model.license import DisjunctiveLicense +from cyclonedx.model.lifecycle import LifecyclePhase, PredefinedLifecycle from cyclonedx.model.service import DataClassification, Service from cyclonedx.model.vulnerability import ( BomTarget, @@ -471,3 +472,21 @@ def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, for vs in VulnerabilitySeverity ))]) super()._test_cases_render(bom, of, sv) + + +@ddt +class TestEnumLifecyclePhase(_EnumTestCase): + + @idata(set(chain( + dp_cases_from_xml_schemas(f"./{SCHEMA_NS}simpleType[@name='lifecyclePhaseType']"), + dp_cases_from_json_schemas('definitions', 'metadata', 'properties', 'lifecycles', 'items', 'phase'), + ))) + def test_knows_value(self, value: str) -> None: + super()._test_knows_value(LifecyclePhase, value) + + @named_data(*NAMED_OF_SV) + def test_cases_render_valid(self, of: OutputFormat, sv: SchemaVersion, *_: Any, **__: Any) -> None: + bom = _make_bom(metadata=BomMetaData( + lifecycles=[PredefinedLifecycle(phase=phase) for phase in LifecyclePhase] + )) + super()._test_cases_render(bom, of, sv) diff --git a/tests/test_model_bom.py b/tests/test_model_bom.py index 2cd36e5e..74046a09 100644 --- a/tests/test_model_bom.py +++ b/tests/test_model_bom.py @@ -29,6 +29,7 @@ from cyclonedx.model.component import Component, ComponentType from cyclonedx.model.contact import OrganizationalContact, OrganizationalEntity from cyclonedx.model.license import DisjunctiveLicense +from cyclonedx.model.lifecycle import LifecyclePhase, NamedLifecycle, PredefinedLifecycle from cyclonedx.model.tool import Tool from tests._data.models import ( get_bom_component_licenses_invalid, @@ -54,6 +55,7 @@ def test_empty_bom_metadata(self) -> None: self.assertIsNone(metadata.manufacture) self.assertIsNone(metadata.supplier) self.assertEqual(0, len(metadata.licenses)) + self.assertEqual(0, len(metadata.lifecycles)) self.assertEqual(0, len(metadata.properties)) self.assertEqual(0, len(metadata.tools)) @@ -73,12 +75,16 @@ def test_basic_bom_metadata(self) -> None: DisjunctiveLicense(id='MIT'), DisjunctiveLicense(id='Apache-2.0'), ] + lifecycles = [ + PredefinedLifecycle(phase=LifecyclePhase.BUILD), + NamedLifecycle(name='named_lifecycle', description='test'), + ] properties = [ Property(name='property_1', value='value_1'), Property(name='property_2', value='value_2', ) ] - metadata = BomMetaData(tools=tools, authors=authors, component=component, + metadata = BomMetaData(tools=tools, authors=authors, component=component, lifecycles=lifecycles, manufacture=manufacturer, supplier=supplier, licenses=licenses, properties=properties) self.assertIsNotNone(metadata.timestamp) self.assertIsNotNone(metadata.authors) @@ -90,6 +96,9 @@ def test_basic_bom_metadata(self) -> None: self.assertIsNotNone(metadata.licenses) self.assertTrue(licenses[0] in metadata.licenses) self.assertTrue(licenses[1] in metadata.licenses) + self.assertIsNotNone(metadata.lifecycles) + self.assertTrue(lifecycles[0] in metadata.lifecycles) + self.assertTrue(lifecycles[1] in metadata.lifecycles) self.assertIsNotNone(metadata.properties) self.assertTrue(properties[0] in metadata.properties) self.assertTrue(properties[1] in metadata.properties) diff --git a/tests/test_model_lifecycle.py b/tests/test_model_lifecycle.py new file mode 100644 index 00000000..96420a5a --- /dev/null +++ b/tests/test_model_lifecycle.py @@ -0,0 +1,107 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from random import shuffle +from unittest import TestCase + +from cyclonedx.model.lifecycle import LifecyclePhase, NamedLifecycle, PredefinedLifecycle +from tests import reorder + + +class TestModelPredefinedLifecycle(TestCase): + def test_create(self) -> None: + lifecycle = PredefinedLifecycle(phase=LifecyclePhase.BUILD) + self.assertIs(LifecyclePhase.BUILD, lifecycle.phase) + + def test_update(self) -> None: + lifecycle = PredefinedLifecycle(phase=LifecyclePhase.DESIGN) + lifecycle.phase = LifecyclePhase.DISCOVERY + self.assertIs(LifecyclePhase.DISCOVERY, lifecycle.phase) + + def test_equal(self) -> None: + a = PredefinedLifecycle(phase=LifecyclePhase.BUILD) + b = PredefinedLifecycle(phase=LifecyclePhase.BUILD) + c = PredefinedLifecycle(phase=LifecyclePhase.DESIGN) + self.assertEqual(a, b) + self.assertNotEqual(a, c) + + def test_sort(self) -> None: + expected_order = [3, 0, 2, 1] + lifecycles = [ + NamedLifecycle(name='foo', description='baz'), + NamedLifecycle(name='foo'), + NamedLifecycle(name='foo', description='qux'), + NamedLifecycle(name='bar'), + ] + expected_lifecycles = reorder(lifecycles, expected_order) + shuffle(lifecycles) + sorted_lifecycles = sorted(lifecycles) + self.assertListEqual(sorted_lifecycles, expected_lifecycles) + + +class TestModelNamedLifecycle(TestCase): + def test_create(self) -> None: + lifecycle = NamedLifecycle(name='foo') + self.assertEqual('foo', lifecycle.name) + self.assertIsNone(lifecycle.description) + + lifecycle = NamedLifecycle(name='foo2n', description='foo2d') + self.assertEqual('foo2n', lifecycle.name) + self.assertEqual('foo2d', lifecycle.description) + + def test_update(self) -> None: + lifecycle = NamedLifecycle(name='foo') + self.assertEqual('foo', lifecycle.name) + lifecycle.name = 'bar' + self.assertEqual('bar', lifecycle.name) + + def test_equal(self) -> None: + a = NamedLifecycle('foo') + b = NamedLifecycle('foo') + c = NamedLifecycle('bar') + self.assertEqual(a, b) + self.assertNotEqual(a, c) + self.assertNotEqual(a, 'foo') + + def test_sort(self) -> None: + expected_order = [3, 0, 2, 1] + lifecycles = [ + NamedLifecycle(name='foo', description='baz'), + NamedLifecycle(name='foo'), + NamedLifecycle(name='foo', description='qux'), + NamedLifecycle(name='bar'), + ] + expected_lifecycles = reorder(lifecycles, expected_order) + shuffle(lifecycles) + sorted_lifecycles = sorted(lifecycles) + self.assertListEqual(sorted_lifecycles, expected_lifecycles) + + +class TestModelLifecycle(TestCase): + def test_sort_mixed(self) -> None: + expected_order = [3, 0, 2, 1] + lifecycles = [ + PredefinedLifecycle(phase=LifecyclePhase.DESIGN), + NamedLifecycle(name='Example2'), + NamedLifecycle(name='Example'), + PredefinedLifecycle(phase=LifecyclePhase.BUILD), + ] + expected_lifecycles = reorder(lifecycles, expected_order) + shuffle(lifecycles) + sorted_lifecycles = sorted(lifecycles) + self.assertListEqual(sorted_lifecycles, expected_lifecycles) From be8a6e226574706f080ed2cd6a5f83658f8e1b24 Mon Sep 17 00:00:00 2001 From: semantic-release Date: Mon, 21 Oct 2024 08:32:05 +0000 Subject: [PATCH 17/37] chore(release): 8.1.0 Automatically generated by python-semantic-release Signed-off-by: semantic-release Signed-off-by: Saquib Saifee --- CHANGELOG.md | 24 ++++++++++++++++++++++++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 27 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f9df9672..5e311ad1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,30 @@ +## v8.1.0 (2024-10-21) + +### Documentation + +* docs: fix code examples regarding outputting (#709) + + + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) + +### Feature + +* feat: add support for Lifecycles in BOM metadata (#698) + + + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) + + ## v8.0.0 (2024-10-14) ### Breaking diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 23b3f638..19cc8d52 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.0.0" # noqa:Q000 +__version__ = "8.1.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 326c61be..9eb1b399 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -20,7 +20,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.0.0' +release = '8.1.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 7df6f16c..b3d3ad1f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.0.0" +version = "8.1.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From c10e59321bad53f3c55bd04cac3ad4b525bac6b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anton=20Gr=C3=BCbel?= Date: Tue, 22 Oct 2024 09:31:59 +0200 Subject: [PATCH 18/37] feat: Add Python 3.13 support (#718) Signed-off-by: gruebel Signed-off-by: Saquib Saifee --- .github/workflows/python.yml | 7 ++++--- pyproject.toml | 1 + tox.ini | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 9f46c3ad..444ea2e2 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -82,7 +82,7 @@ jobs: include: - # test with the latest dependencies os: ubuntu-latest - python-version: '3.12' + python-version: '3.13' toxenv-factors: '-current' - # test with the lowest dependencies os: ubuntu-latest @@ -117,7 +117,8 @@ jobs: matrix: os: ['ubuntu-latest', 'windows-latest', 'macos-13'] python-version: - - "3.12" # highest supported + - "3.13" # highest supported + - "3.12" - "3.11" - "3.10" - "3.9" @@ -215,7 +216,7 @@ jobs: # see https://github.com/actions/setup-python uses: actions/setup-python@v5 with: - python-version: '>=3.8 <=3.12' # supported version range + python-version: '>=3.8 <=3.13' # supported version range - name: Validate Python Environment shell: python run: | diff --git a/pyproject.toml b/pyproject.toml index b3d3ad1f..0f20a7c4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -52,6 +52,7 @@ classifiers = [ 'Programming Language :: Python :: 3.10', 'Programming Language :: Python :: 3.11', 'Programming Language :: Python :: 3.12', + 'Programming Language :: Python :: 3.13', 'Typing :: Typed', ] keywords = [ diff --git a/tox.ini b/tox.ini index 190ae959..4eace2fc 100644 --- a/tox.ini +++ b/tox.ini @@ -8,7 +8,7 @@ minversion = 4.0 envlist = flake8 mypy-{current,lowest} - py{312,311,310,39,38}-{allExtras,noExtras} + py{313,312,311,310,39,38}-{allExtras,noExtras} bandit skip_missing_interpreters = True usedevelop = False From dfe02b264288efbe12a1753ff02d3753d3e2629d Mon Sep 17 00:00:00 2001 From: semantic-release Date: Tue, 22 Oct 2024 07:34:48 +0000 Subject: [PATCH 19/37] chore(release): 8.2.0 Automatically generated by python-semantic-release Signed-off-by: semantic-release Signed-off-by: Saquib Saifee --- CHANGELOG.md | 9 +++++++++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5e311ad1..f32c4fe0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ +## v8.2.0 (2024-10-22) + +### Feature + +* feat: Add Python 3.13 support (#718) + +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) + + ## v8.1.0 (2024-10-21) ### Documentation diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 19cc8d52..d5a79e6f 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.1.0" # noqa:Q000 +__version__ = "8.2.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 9eb1b399..cfd3ec98 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -20,7 +20,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.1.0' +release = '8.2.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 0f20a7c4..1afab541 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.1.0" +version = "8.2.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From a56c4adf83942fe37e84bd693af448fcf3f2b5e1 Mon Sep 17 00:00:00 2001 From: weichslgartner Date: Wed, 23 Oct 2024 20:31:25 +0200 Subject: [PATCH 20/37] chore: fix pre-commit hook for mypy (#723) Fixes #721 Signed-off-by: weichslgartner Signed-off-by: Saquib Saifee --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 8a7f3f0d..a81e9433 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,7 +4,7 @@ repos: hooks: - id: system name: mypy - entry: poetry run tox -e mypy-locked + entry: poetry run tox -e mypy-current pass_filenames: false language: system - repo: local From 193380248ca5b1e4bc0386d6b422c951dd70732b Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 24 Oct 2024 12:53:44 +0200 Subject: [PATCH 21/37] fix: encode quotation mark in URL (#724) Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- cyclonedx/model/__init__.py | 2 ++ tests/_data/models.py | 9 ++++++++- .../snapshots/get_bom_for_issue_497_urls-1.1.xml.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.2.json.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.2.xml.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.3.json.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.3.xml.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.4.json.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.4.xml.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.5.json.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.5.xml.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.6.json.bin | 2 +- .../snapshots/get_bom_for_issue_497_urls-1.6.xml.bin | 2 +- 13 files changed, 21 insertions(+), 12 deletions(-) diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py index 3ac988db..6b77dbb7 100644 --- a/cyclonedx/model/__init__.py +++ b/cyclonedx/model/__init__.py @@ -689,6 +689,8 @@ class XsUri(serializable.helpers.BaseHelper): __SPEC_REPLACEMENTS = ( (' ', '%20'), + ('"', '%22'), + ("'", '%27'), ('[', '%5B'), (']', '%5D'), ('<', '%3C'), diff --git a/tests/_data/models.py b/tests/_data/models.py index ab1805eb..963b1743 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -1213,7 +1213,14 @@ def get_bom_for_issue_497_urls() -> Bom: ExternalReference( type=ExternalReferenceType.OTHER, comment='control characters', - url=XsUri('https://acme.org/?foo=sp ace&bar[23]=42<=1<2>=3>2&cb={lol}') + url=XsUri('https://acme.org/?' + 'foo=sp ace&' + 'bar[23]=42&' + 'lt=1<2&' + 'gt=3>2&' + 'cb={lol}&' + 'quote="test"is\'test\'' + ) ), ExternalReference( type=ExternalReferenceType.OTHER, diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.1.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.1.xml.bin index d006b51e..6506e2bf 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.1.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.1.xml.bin @@ -14,7 +14,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin index aa874e99..af420942 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.json.bin @@ -16,7 +16,7 @@ { "comment": "control characters", "type": "other", - "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D" + "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D"e=%22test%22is%27test%27" } ], "name": "dummy", diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin index edf73273..659778ba 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.2.xml.bin @@ -17,7 +17,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin index 625c6a9e..1eba574f 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.json.bin @@ -16,7 +16,7 @@ { "comment": "control characters", "type": "other", - "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D" + "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D"e=%22test%22is%27test%27" } ], "name": "dummy", diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin index e6af9f05..eb950283 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.3.xml.bin @@ -17,7 +17,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin index 09ad3d10..f715c57a 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.json.bin @@ -16,7 +16,7 @@ { "comment": "control characters", "type": "other", - "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D" + "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D"e=%22test%22is%27test%27" } ], "name": "dummy", diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin index 264d4286..0364698a 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.4.xml.bin @@ -16,7 +16,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin index aa21468f..60a822f1 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.json.bin @@ -16,7 +16,7 @@ { "comment": "control characters", "type": "other", - "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D" + "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D"e=%22test%22is%27test%27" } ], "name": "dummy", diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin index 62049bdc..f947d6ce 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.5.xml.bin @@ -16,7 +16,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin index b07192c6..4336a31c 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.json.bin @@ -16,7 +16,7 @@ { "comment": "control characters", "type": "other", - "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D" + "url": "https://acme.org/?foo=sp%20ace&bar%5B23%5D=42<=1%3C2>=3%3E2&cb=%7Blol%7D"e=%22test%22is%27test%27" } ], "name": "dummy", diff --git a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin index b780c8cf..c7fee449 100644 --- a/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin +++ b/tests/_data/snapshots/get_bom_for_issue_497_urls-1.6.xml.bin @@ -16,7 +16,7 @@ pre-encoded - https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D + https://acme.org/?foo=sp%20ace&bar%5B23%5D=42&lt=1%3C2&gt=3%3E2&cb=%7Blol%7D&quote=%22test%22is%27test%27 control characters From fc2560468941089ff384993ddbca1fc74e7b5e71 Mon Sep 17 00:00:00 2001 From: semantic-release Date: Thu, 24 Oct 2024 10:56:50 +0000 Subject: [PATCH 22/37] chore(release): 8.2.1 Automatically generated by python-semantic-release Signed-off-by: semantic-release Signed-off-by: Saquib Saifee --- CHANGELOG.md | 9 +++++++++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f32c4fe0..c5a61688 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ +## v8.2.1 (2024-10-24) + +### Fix + +* fix: encode quotation mark in URL (#724) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) + + ## v8.2.0 (2024-10-22) ### Feature diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index d5a79e6f..df0a3c48 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.2.0" # noqa:Q000 +__version__ = "8.2.1" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index cfd3ec98..15de5141 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -20,7 +20,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.2.0' +release = '8.2.1' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 1afab541..7c253b59 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.2.0" +version = "8.2.1" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From fefee6f66a2d1bcf671c82e3d481916a077addf0 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 24 Oct 2024 14:23:24 +0200 Subject: [PATCH 23/37] chore: render current year in docs Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- docs/conf.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/conf.py b/docs/conf.py index 15de5141..cd981b92 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -14,8 +14,11 @@ # -- Project information ----------------------------------------------------- + +from datetime import date + project = 'CycloneDX Python Library' -copyright = '2022, Copyright (c) OWASP Foundation' +copyright = f'{date.today().strftime("%Y")}, Copyright (c) OWASP Foundation' author = 'Paul Horton, Jan Kowalleck, Steve Springett, Patrick Dwyer' # The full version, including alpha/beta/rc tags From dd9ef7f95e2f38a61d17d08ad8b78853e72abe99 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 25 Oct 2024 10:06:25 +0200 Subject: [PATCH 24/37] docs: revisit examples readme (#725) Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- examples/README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/examples/README.md b/examples/README.md index c80af878..238028ea 100644 --- a/examples/README.md +++ b/examples/README.md @@ -1,8 +1,11 @@ # Examples +## Usage + * [Build & Serialize](complex_serialize.py) * [Deserialize](complex_deserialize.py) ----- +## Data models -see examples how to use data models in the [test data](../tests/data.py) +The [`models` test data](../tests/_data/models.py) holds also examples for complete structures +with all possible use cases, all nesting, and advanced complexity. From 1d782dd89c2b2884d7e0655782b57bb80cdcc35f Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 25 Oct 2024 15:21:01 +0200 Subject: [PATCH 25/37] chore: test unpinned daily Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- .github/workflows/python.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 444ea2e2..7b854562 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -4,14 +4,14 @@ name: Python CI on: push: - branches: ["main"] + branches: ["main", "next"] + tags: [ 'v*' ] pull_request: - branches-ignore: ['dependabot/**'] workflow_dispatch: schedule: - # schedule weekly tests, since some dependencies are not intended to be pinned - # this means: at 23:42 on Fridays - - cron: '42 23 * * 5' + # schedule daily tests, since some dependencies are not intended to be pinned + # this means: at 23:42 every day + - cron: '42 23 * * *' concurrency: group: ${{ github.workflow }}-${{ github.ref }} From 74c76cf9610dbec83ab88691c442fd2245137d9b Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sat, 26 Oct 2024 12:20:39 +0200 Subject: [PATCH 26/37] chore: internals init intended to be empyy Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- cyclonedx/_internal/__init__.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cyclonedx/_internal/__init__.py b/cyclonedx/_internal/__init__.py index 4513dbac..93ec7d3d 100644 --- a/cyclonedx/_internal/__init__.py +++ b/cyclonedx/_internal/__init__.py @@ -20,3 +20,6 @@ !!! ALL SYMBOLS IN HERE ARE INTERNAL. Everything might change without any notice. """ + +# THIS FILE IS INTENDED TO BE EMPTY. +# Put symbols in own modules/packages, not in this file! From 3e6ad14f867895f90c3f2e8b3791b02da5d109fb Mon Sep 17 00:00:00 2001 From: Hakan Dilek Date: Sat, 26 Oct 2024 15:16:12 +0200 Subject: [PATCH 27/37] feat: add basic support for Definitions (#701) --------- Signed-off-by: Hakan Dilek Signed-off-by: Saquib Saifee --- cyclonedx/_internal/bom_ref.py | 33 +++ cyclonedx/model/bom.py | 19 ++ cyclonedx/model/definition.py | 230 ++++++++++++++++++ tests/_data/models.py | 17 +- ...bom_with_definitions_standards-1.0.xml.bin | 4 + ...bom_with_definitions_standards-1.1.xml.bin | 4 + ...om_with_definitions_standards-1.2.json.bin | 10 + ...bom_with_definitions_standards-1.2.xml.bin | 6 + ...om_with_definitions_standards-1.3.json.bin | 10 + ...bom_with_definitions_standards-1.3.xml.bin | 6 + ...om_with_definitions_standards-1.4.json.bin | 10 + ...bom_with_definitions_standards-1.4.xml.bin | 6 + ...om_with_definitions_standards-1.5.json.bin | 20 ++ ...bom_with_definitions_standards-1.5.xml.bin | 10 + ...om_with_definitions_standards-1.6.json.bin | 37 +++ ...bom_with_definitions_standards-1.6.xml.bin | 25 ++ tests/test_model_definition.py | 67 +++++ 17 files changed, 513 insertions(+), 1 deletion(-) create mode 100644 cyclonedx/_internal/bom_ref.py create mode 100644 cyclonedx/model/definition.py create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.0.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.1.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.2.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.2.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.3.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.3.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.4.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.4.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.5.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.5.xml.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.6.json.bin create mode 100644 tests/_data/snapshots/get_bom_with_definitions_standards-1.6.xml.bin create mode 100644 tests/test_model_definition.py diff --git a/cyclonedx/_internal/bom_ref.py b/cyclonedx/_internal/bom_ref.py new file mode 100644 index 00000000..c0943da5 --- /dev/null +++ b/cyclonedx/_internal/bom_ref.py @@ -0,0 +1,33 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +""" +!!! ALL SYMBOLS IN HERE ARE INTERNAL. +Everything might change without any notice. +""" + +from typing import Optional, Union + +from ..model.bom_ref import BomRef + + +def bom_ref_from_str(bom_ref: Optional[Union[str, BomRef]]) -> BomRef: + if isinstance(bom_ref, BomRef): + return bom_ref + else: + return BomRef(value=str(bom_ref) if bom_ref else None) diff --git a/cyclonedx/model/bom.py b/cyclonedx/model/bom.py index 94cdd83e..03809f2d 100644 --- a/cyclonedx/model/bom.py +++ b/cyclonedx/model/bom.py @@ -41,6 +41,7 @@ from .bom_ref import BomRef from .component import Component from .contact import OrganizationalContact, OrganizationalEntity +from .definition import Definitions from .dependency import Dependable, Dependency from .license import License, LicenseExpression, LicenseRepository from .lifecycle import Lifecycle, LifecycleRepository, _LifecycleRepositoryHelper @@ -327,6 +328,7 @@ def __init__( dependencies: Optional[Iterable[Dependency]] = None, vulnerabilities: Optional[Iterable[Vulnerability]] = None, properties: Optional[Iterable[Property]] = None, + definitions: Optional[Definitions] = None, ) -> None: """ Create a new Bom that you can manually/programmatically add data to later. @@ -343,6 +345,7 @@ def __init__( self.vulnerabilities = vulnerabilities or [] # type:ignore[assignment] self.dependencies = dependencies or [] # type:ignore[assignment] self.properties = properties or [] # type:ignore[assignment] + self.definitions = definitions or Definitions() @property @serializable.type_mapping(UrnUuidHelper) @@ -552,6 +555,22 @@ def vulnerabilities(self, vulnerabilities: Iterable[Vulnerability]) -> None: # def formulation(self, ...) -> None: # ... # TODO Since CDX 1.5 + @property + @serializable.view(SchemaVersion1Dot6) + @serializable.xml_sequence(110) + def definitions(self) -> Optional[Definitions]: + """ + The repository for definitions + + Returns: + `DefinitionRepository` + """ + return self._definitions if len(self._definitions.standards) > 0 else None + + @definitions.setter + def definitions(self, definitions: Definitions) -> None: + self._definitions = definitions + def get_component_by_purl(self, purl: Optional['PackageURL']) -> Optional[Component]: """ Get a Component already in the Bom by its PURL diff --git a/cyclonedx/model/definition.py b/cyclonedx/model/definition.py new file mode 100644 index 00000000..0bde33c3 --- /dev/null +++ b/cyclonedx/model/definition.py @@ -0,0 +1,230 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +from typing import TYPE_CHECKING, Any, Iterable, Optional, Union + +import serializable +from sortedcontainers import SortedSet + +from .._internal.bom_ref import bom_ref_from_str +from .._internal.compare import ComparableTuple as _ComparableTuple +from ..serialization import BomRefHelper +from . import ExternalReference +from .bom_ref import BomRef + +if TYPE_CHECKING: # pragma: no cover + pass + + +@serializable.serializable_class +class Standard: + """ + A standard of regulations, industry or organizational-specific standards, maturity models, best practices, + or any other requirements. + """ + + def __init__( + self, *, + bom_ref: Optional[Union[str, BomRef]] = None, + name: Optional[str] = None, + version: Optional[str] = None, + description: Optional[str] = None, + owner: Optional[str] = None, + external_references: Optional[Iterable['ExternalReference']] = None + ) -> None: + self._bom_ref = bom_ref_from_str(bom_ref) + self.name = name + self.version = version + self.description = description + self.owner = owner + self.external_references = external_references or [] # type:ignore[assignment] + + def __lt__(self, other: Any) -> bool: + if isinstance(other, Standard): + return (_ComparableTuple((self.bom_ref, self.name, self.version)) + < _ComparableTuple((other.bom_ref, other.name, other.version))) + return NotImplemented + + def __eq__(self, other: object) -> bool: + if isinstance(other, Standard): + return hash(other) == hash(self) + return False + + def __hash__(self) -> int: + return hash(( + self.bom_ref, self.name, self.version, self.description, self.owner, tuple(self.external_references) + )) + + def __repr__(self) -> str: + return f'' + + @property + @serializable.json_name('bom-ref') + @serializable.type_mapping(BomRefHelper) + @serializable.xml_attribute() + @serializable.xml_name('bom-ref') + def bom_ref(self) -> BomRef: + """ + An optional identifier which can be used to reference the standard elsewhere in the BOM. Every bom-ref MUST be + unique within the BOM. If a value was not provided in the constructor, a UUIDv4 will have been assigned. + Returns: + `BomRef` + """ + return self._bom_ref + + @property + @serializable.xml_sequence(1) + def name(self) -> Optional[str]: + """ + Returns: + The name of the standard + """ + return self._name + + @name.setter + def name(self, name: Optional[str]) -> None: + self._name = name + + @property + @serializable.xml_sequence(2) + def version(self) -> Optional[str]: + """ + Returns: + The version of the standard + """ + return self._version + + @version.setter + def version(self, version: Optional[str]) -> None: + self._version = version + + @property + @serializable.xml_sequence(3) + def description(self) -> Optional[str]: + """ + Returns: + The description of the standard + """ + return self._description + + @description.setter + def description(self, description: Optional[str]) -> None: + self._description = description + + @property + @serializable.xml_sequence(4) + def owner(self) -> Optional[str]: + """ + Returns: + The owner of the standard, often the entity responsible for its release. + """ + return self._owner + + @owner.setter + def owner(self, owner: Optional[str]) -> None: + self._owner = owner + + # @property + # @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'requirement') + # @serializable.xml_sequence(5) + # def requirements(self) -> 'SortedSet[Requirement]': + # """ + # Returns: + # A SortedSet of requirements comprising the standard. + # """ + # return self._requirements + # + # @requirements.setter + # def requirements(self, requirements: Iterable[Requirement]) -> None: + # self._requirements = SortedSet(requirements) + # + # @property + # @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'level') + # @serializable.xml_sequence(6) + # def levels(self) -> 'SortedSet[Level]': + # """ + # Returns: + # A SortedSet of levels associated with the standard. Some standards have different levels of compliance. + # """ + # return self._levels + # + # @levels.setter + # def levels(self, levels: Iterable[Level]) -> None: + # self._levels = SortedSet(levels) + + @property + @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'reference') + @serializable.xml_sequence(7) + def external_references(self) -> 'SortedSet[ExternalReference]': + """ + Returns: + A SortedSet of external references associated with the standard. + """ + return self._external_references + + @external_references.setter + def external_references(self, external_references: Iterable[ExternalReference]) -> None: + self._external_references = SortedSet(external_references) + + +@serializable.serializable_class(name='definitions') +class Definitions: + """ + The repository for definitions + """ + + def __init__( + self, *, + standards: Optional[Iterable[Standard]] = None + ) -> None: + self.standards = standards or () # type:ignore[assignment] + + @property + @serializable.xml_array(serializable.XmlArraySerializationType.NESTED, 'standard') + @serializable.xml_sequence(1) + def standards(self) -> 'SortedSet[Standard]': + """ + Returns: + A SortedSet of Standards + """ + return self._standards + + @standards.setter + def standards(self, standards: Iterable[Standard]) -> None: + self._standards = SortedSet(standards) + + def __bool__(self) -> bool: + return len(self._standards) > 0 + + def __eq__(self, other: object) -> bool: + if not isinstance(other, Definitions): + return False + + return self._standards == other._standards + + def __hash__(self) -> int: + return hash((tuple(self._standards))) + + def __lt__(self, other: Any) -> bool: + if isinstance(other, Definitions): + return (_ComparableTuple(self._standards) + < _ComparableTuple(other.standards)) + return NotImplemented + + def __repr__(self) -> str: + return '' diff --git a/tests/_data/models.py b/tests/_data/models.py index 963b1743..ffbf7d4a 100644 --- a/tests/_data/models.py +++ b/tests/_data/models.py @@ -78,6 +78,7 @@ RelatedCryptoMaterialState, RelatedCryptoMaterialType, ) +from cyclonedx.model.definition import Definitions, Standard from cyclonedx.model.dependency import Dependency from cyclonedx.model.impact_analysis import ( ImpactAnalysisAffectedStatus, @@ -1292,7 +1293,20 @@ def get_bom_with_lifecycles() -> Bom: description='Integration testing specific to the runtime platform'), ], component=Component(name='app', type=ComponentType.APPLICATION, bom_ref='my-app'), - ), + ) + ) + + +def get_bom_with_definitions_standards() -> Bom: + """ + Returns a BOM with definitions and standards only. + """ + return _make_bom( + definitions=Definitions(standards=[ + Standard(name='Some Standard', version='1.2.3', description='Some description', bom_ref='some-standard', + owner='Some Owner', external_references=[get_external_reference_2()] + ) + ]) ) @@ -1342,4 +1356,5 @@ def get_bom_with_lifecycles() -> Bom: get_bom_with_component_setuptools_with_v16_fields, get_bom_for_issue_630_empty_property, get_bom_with_lifecycles, + get_bom_with_definitions_standards, } diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.0.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.0.xml.bin new file mode 100644 index 00000000..acb06612 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.0.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.1.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.1.xml.bin new file mode 100644 index 00000000..55ef5cda --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.1.xml.bin @@ -0,0 +1,4 @@ + + + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.json.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.json.bin new file mode 100644 index 00000000..8f473bd3 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.2b.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.2" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.xml.bin new file mode 100644 index 00000000..df1938ec --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.2.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.json.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.json.bin new file mode 100644 index 00000000..02943890 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.3a.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.3" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.xml.bin new file mode 100644 index 00000000..8341ff60 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.3.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.json.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.json.bin new file mode 100644 index 00000000..48f1745d --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.json.bin @@ -0,0 +1,10 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.xml.bin new file mode 100644 index 00000000..d0a7d4c9 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.4.xml.bin @@ -0,0 +1,6 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.json.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.json.bin new file mode 100644 index 00000000..57b5e590 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.json.bin @@ -0,0 +1,20 @@ +{ + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.xml.bin new file mode 100644 index 00000000..f952637c --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.5.xml.bin @@ -0,0 +1,10 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + val1 + val2 + + diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.json.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.json.bin new file mode 100644 index 00000000..9fba8848 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.json.bin @@ -0,0 +1,37 @@ +{ + "definitions": { + "standards": [ + { + "bom-ref": "some-standard", + "description": "Some description", + "externalReferences": [ + { + "type": "website", + "url": "https://cyclonedx.org" + } + ], + "name": "Some Standard", + "owner": "Some Owner", + "version": "1.2.3" + } + ] + }, + "metadata": { + "timestamp": "2023-01-07T13:44:32.312678+00:00" + }, + "properties": [ + { + "name": "key1", + "value": "val1" + }, + { + "name": "key2", + "value": "val2" + } + ], + "serialNumber": "urn:uuid:1441d33a-e0fc-45b5-af3b-61ee52a88bac", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6" +} \ No newline at end of file diff --git a/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.xml.bin b/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.xml.bin new file mode 100644 index 00000000..b983bdf6 --- /dev/null +++ b/tests/_data/snapshots/get_bom_with_definitions_standards-1.6.xml.bin @@ -0,0 +1,25 @@ + + + + 2023-01-07T13:44:32.312678+00:00 + + + val1 + val2 + + + + + Some Standard + 1.2.3 + Some description + Some Owner + + + https://cyclonedx.org + + + + + + diff --git a/tests/test_model_definition.py b/tests/test_model_definition.py new file mode 100644 index 00000000..5a1b80f3 --- /dev/null +++ b/tests/test_model_definition.py @@ -0,0 +1,67 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + + +from unittest import TestCase + +from cyclonedx.model.definition import Definitions, Standard + + +class TestModelDefinitionRepository(TestCase): + + def test_init(self) -> Definitions: + s = Standard(name='test-standard') + dr = Definitions( + standards=(s, ), + ) + self.assertIs(s, tuple(dr.standards)[0]) + return dr + + def test_filled(self) -> None: + dr = self.test_init() + self.assertIsNotNone(dr.standards) + self.assertEqual(1, len(dr.standards)) + self.assertTrue(dr) + + def test_empty(self) -> None: + dr = Definitions() + self.assertIsNotNone(dr.standards) + self.assertEqual(0, len(dr.standards)) + self.assertFalse(dr) + + def test_unequal_different_type(self) -> None: + dr = Definitions() + self.assertFalse(dr == 'other') + + def test_equal_self(self) -> None: + dr = Definitions() + dr.standards.add(Standard(name='my-standard')) + self.assertTrue(dr == dr) + + def test_unequal(self) -> None: + dr1 = Definitions() + dr1.standards.add(Standard(name='my-standard')) + tr2 = Definitions() + self.assertFalse(dr1 == tr2) + + def test_equal(self) -> None: + s = Standard(name='my-standard') + dr1 = Definitions() + dr1.standards.add(s) + tr2 = Definitions() + tr2.standards.add(s) + self.assertTrue(dr1 == tr2) From ebd6f753229bddc8ea696bea69f92c1aa108fdd8 Mon Sep 17 00:00:00 2001 From: semantic-release Date: Sat, 26 Oct 2024 13:19:06 +0000 Subject: [PATCH 28/37] chore(release): 8.3.0 Automatically generated by python-semantic-release Signed-off-by: semantic-release Signed-off-by: Saquib Saifee --- CHANGELOG.md | 19 +++++++++++++++++++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c5a61688..0423d5d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,25 @@ +## v8.3.0 (2024-10-26) + +### Documentation + +* docs: revisit examples readme (#725) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) + +### Feature + +* feat: add basic support for Definitions (#701) + + + +--------- + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) + + ## v8.2.1 (2024-10-24) ### Fix diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index df0a3c48..daefd93d 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.2.1" # noqa:Q000 +__version__ = "8.3.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index cd981b92..5890b293 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.2.1' +release = '8.3.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 7c253b59..82f08931 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.2.1" +version = "8.3.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From cf1d8805dcc567df20c9bcae9c1a9fb96c6db613 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sat, 26 Oct 2024 17:01:07 +0200 Subject: [PATCH 29/37] refactor: reuse internal helper `bom_ref_from_str` (#727) fixes #722 Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- cyclonedx/_internal/bom_ref.py | 26 +++++++++++-- cyclonedx/model/component.py | 6 +-- cyclonedx/model/contact.py | 4 +- cyclonedx/model/service.py | 6 +-- cyclonedx/model/vulnerability.py | 6 +-- tests/test_internal/__init__.py | 16 ++++++++ tests/test_internal/test_bom_ref.py | 57 +++++++++++++++++++++++++++++ 7 files changed, 103 insertions(+), 18 deletions(-) create mode 100644 tests/test_internal/__init__.py create mode 100644 tests/test_internal/test_bom_ref.py diff --git a/cyclonedx/_internal/bom_ref.py b/cyclonedx/_internal/bom_ref.py index c0943da5..b6fefd22 100644 --- a/cyclonedx/_internal/bom_ref.py +++ b/cyclonedx/_internal/bom_ref.py @@ -21,13 +21,31 @@ Everything might change without any notice. """ -from typing import Optional, Union +from typing import Literal, Optional, Union, overload from ..model.bom_ref import BomRef -def bom_ref_from_str(bom_ref: Optional[Union[str, BomRef]]) -> BomRef: +@overload +def bom_ref_from_str(bom_ref: BomRef, optional: bool = ...) -> BomRef: + ... # pragma: no cover + + +@overload +def bom_ref_from_str(bom_ref: Optional[str], optional: Literal[False] = False) -> BomRef: + ... # pragma: no cover + + +@overload +def bom_ref_from_str(bom_ref: Optional[str], optional: Literal[True] = ...) -> Optional[BomRef]: + ... # pragma: no cover + + +def bom_ref_from_str(bom_ref: Optional[Union[str, BomRef]], optional: bool = False) -> Optional[BomRef]: if isinstance(bom_ref, BomRef): return bom_ref - else: - return BomRef(value=str(bom_ref) if bom_ref else None) + if bom_ref: + return BomRef(value=str(bom_ref)) + return None \ + if optional \ + else BomRef() diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py index f7acafa7..6e43d921 100644 --- a/cyclonedx/model/component.py +++ b/cyclonedx/model/component.py @@ -27,6 +27,7 @@ from packageurl import PackageURL from sortedcontainers import SortedSet +from .._internal.bom_ref import bom_ref_from_str as _bom_ref_from_str from .._internal.compare import ComparablePackageURL as _ComparablePackageURL, ComparableTuple as _ComparableTuple from .._internal.hash import file_sha1sum as _file_sha1sum from ..exception.model import InvalidOmniBorIdException, InvalidSwhidException, NoPropertiesProvidedException @@ -1098,10 +1099,7 @@ def __init__( ) -> None: self.type = type self.mime_type = mime_type - if isinstance(bom_ref, BomRef): - self._bom_ref = bom_ref - else: - self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else None) + self._bom_ref = _bom_ref_from_str(bom_ref) self.supplier = supplier self.manufacturer = manufacturer self.authors = authors or [] # type:ignore[assignment] diff --git a/cyclonedx/model/contact.py b/cyclonedx/model/contact.py index a3cc2ed4..5a004f33 100644 --- a/cyclonedx/model/contact.py +++ b/cyclonedx/model/contact.py @@ -21,6 +21,7 @@ import serializable from sortedcontainers import SortedSet +from .._internal.bom_ref import bom_ref_from_str as _bom_ref_from_str from .._internal.compare import ComparableTuple as _ComparableTuple from ..exception.model import NoPropertiesProvidedException from ..schema.schema import SchemaVersion1Dot6 @@ -49,8 +50,7 @@ def __init__( postal_code: Optional[str] = None, street_address: Optional[str] = None, ) -> None: - self._bom_ref = bom_ref if isinstance(bom_ref, BomRef) else BomRef( - value=bom_ref) if bom_ref else None + self._bom_ref = _bom_ref_from_str(bom_ref, optional=True) self.country = country self.region = region self.locality = locality diff --git a/cyclonedx/model/service.py b/cyclonedx/model/service.py index 46ce6c29..d4a89fe4 100644 --- a/cyclonedx/model/service.py +++ b/cyclonedx/model/service.py @@ -31,6 +31,7 @@ from cyclonedx.serialization import BomRefHelper, LicenseRepositoryHelper +from .._internal.bom_ref import bom_ref_from_str as _bom_ref_from_str from .._internal.compare import ComparableTuple as _ComparableTuple from ..schema.schema import SchemaVersion1Dot3, SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6 from . import DataClassification, ExternalReference, Property, XsUri @@ -68,10 +69,7 @@ def __init__( services: Optional[Iterable['Service']] = None, release_notes: Optional[ReleaseNotes] = None, ) -> None: - if isinstance(bom_ref, BomRef): - self._bom_ref = bom_ref - else: - self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else None) + self._bom_ref = _bom_ref_from_str(bom_ref) self.provider = provider self.group = group self.name = name diff --git a/cyclonedx/model/vulnerability.py b/cyclonedx/model/vulnerability.py index 1a64cdf6..ae859d95 100644 --- a/cyclonedx/model/vulnerability.py +++ b/cyclonedx/model/vulnerability.py @@ -38,6 +38,7 @@ import serializable from sortedcontainers import SortedSet +from .._internal.bom_ref import bom_ref_from_str as _bom_ref_from_str from .._internal.compare import ComparableTuple as _ComparableTuple from ..exception.model import MutuallyExclusivePropertiesException, NoPropertiesProvidedException from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6 @@ -959,10 +960,7 @@ def __init__( affects: Optional[Iterable[BomTarget]] = None, properties: Optional[Iterable[Property]] = None, ) -> None: - if isinstance(bom_ref, BomRef): - self._bom_ref: BomRef = bom_ref - else: - self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else None) + self._bom_ref = _bom_ref_from_str(bom_ref) self.id = id self.source = source self.references = references or [] # type:ignore[assignment] diff --git a/tests/test_internal/__init__.py b/tests/test_internal/__init__.py new file mode 100644 index 00000000..671a2188 --- /dev/null +++ b/tests/test_internal/__init__.py @@ -0,0 +1,16 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. diff --git a/tests/test_internal/test_bom_ref.py b/tests/test_internal/test_bom_ref.py new file mode 100644 index 00000000..45bfdc67 --- /dev/null +++ b/tests/test_internal/test_bom_ref.py @@ -0,0 +1,57 @@ +# This file is part of CycloneDX Python Library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# Copyright (c) OWASP Foundation. All Rights Reserved. + +from unittest import TestCase + +from cyclonedx._internal.bom_ref import bom_ref_from_str +from cyclonedx.model.bom_ref import BomRef + + +class TestInternalBomRefFromStr(TestCase): + + def test_bomref_io(self) -> None: + i = BomRef() + o = bom_ref_from_str(i) + self.assertIs(i, o) + + def test_none_optional_is_none(self) -> None: + o = bom_ref_from_str(None, optional=True) + self.assertIsNone(o) + + def test_none_mandatory_is_something(self) -> None: + o = bom_ref_from_str(None, optional=False) + self.assertIsInstance(o, BomRef) + self.assertIsNone(o.value) + + def test_nothing_optional_is_none(self) -> None: + o = bom_ref_from_str('', optional=True) + self.assertIsNone(o) + + def test_nothing_mandatory_is_something(self) -> None: + o = bom_ref_from_str('', optional=False) + self.assertIsInstance(o, BomRef) + self.assertIsNone(o.value) + + def test_something_optional(self) -> None: + o = bom_ref_from_str('foobar', optional=True) + self.assertIsInstance(o, BomRef) + self.assertEqual('foobar', o.value) + + def test_something_mandatory(self) -> None: + o = bom_ref_from_str('foobar', optional=False) + self.assertIsInstance(o, BomRef) + self.assertEqual('foobar', o.value) From 45b367fd6b898c1d53f8f0aaf6a8b2482239af0a Mon Sep 17 00:00:00 2001 From: semantic-release Date: Sat, 26 Oct 2024 23:52:59 +0000 Subject: [PATCH 30/37] chore(release): 1.0.0 Automatically generated by python-semantic-release Signed-off-by: semantic-release Signed-off-by: Saquib Saifee --- CHANGELOG.md | 3463 +++++++++++++++++------------------------ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 1423 insertions(+), 2046 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0423d5d4..f3b66957 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,68 +2,7 @@ -## v8.3.0 (2024-10-26) - -### Documentation - -* docs: revisit examples readme (#725) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) - -### Feature - -* feat: add basic support for Definitions (#701) - - - ---------- - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) - - -## v8.2.1 (2024-10-24) - -### Fix - -* fix: encode quotation mark in URL (#724) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) - - -## v8.2.0 (2024-10-22) - -### Feature - -* feat: Add Python 3.13 support (#718) - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) - - -## v8.1.0 (2024-10-21) - -### Documentation - -* docs: fix code examples regarding outputting (#709) - - - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) - -### Feature - -* feat: add support for Lifecycles in BOM metadata (#698) - - - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) - - -## v8.0.0 (2024-10-14) +## v1.0.0 (2024-10-26) ### Breaking @@ -109,241 +48,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Joshua Kugler <tek30584@adobe.com> Signed-off-by: semantic-release <semantic-release@bot.local> Co-authored-by: Joshua Kugler <joshua@azariah.com> -Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) - -### Documentation - -* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) - - -## v7.6.2 (2024-10-07) - -### Documentation - -* docs: fix some doc strings - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) - -### Fix - -* fix: behavior of and typing for crypto setters with optional values (#694) - -fixes #690 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) - - -## v7.6.1 (2024-09-18) - -### Fix - -* fix: file copyright headers (#676) - -utilizes flake8 plugin -<https://pypi.org/project/flake8-copyright-validator/> to assert the -correct headers - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) - - -## v7.6.0 (2024-08-14) - -### Feature - -* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) - -The code mistreated hashes for Blake2b and SHA3. -Code for explicitly handling SHA1 & BLAKE3 was added, as those have no -variants defined in the CycloneDX specification. - -fixes #652 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) - - -## v7.5.1 (2024-07-08) - -### Fix - -* fix: XML serialize `normalizedString` and `token` properly (#646) - -fixes #638 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) - - -## v7.5.0 (2024-07-04) - -### Feature - -* feat: add workaround property for v1.5 and v1.6 (#642) - -Property `workaround` was missing from the vulnerability model. It was -added in spec v1.5 and was marked as TODO before. - -This is my first contribution on this project so if I done something -wrong, just say me :smiley: - -Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> -Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> -Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) - - -## v7.4.1 (2024-06-12) - -### Documentation - -* docs: exclude dep bumps from changelog (#627) - -fixes #616 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) - -### Fix - -* fix: `cyclonedx.model.Property.value` value is optional (#631) - -`cyclonedx.model.Property.value` value is optional, in accordance with -the spec. - -fixes #630 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) - - -## v7.4.0 (2024-05-23) - -### Documentation - -* docs: OSSP best practice percentage - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) - -### Feature - -* feat: updated SPDX license list to `v3.24.0` (#622) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) - - -## v7.3.4 (2024-05-06) - -### Fix - -* fix: allow suppliers with empty-string names (#611) - -fixes #600 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) - - -## v7.3.3 (2024-05-06) - -### Fix - -* fix: json validation allow arbitrary `$schema` value (#613) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) - - -## v7.3.2 (2024-04-26) - -### Fix - -* fix: properly sort components based on all properties (#599) - -reverts #587 - as this one introduced errors -fixes #598 -fixes #586 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) - - -## v7.3.1 (2024-04-22) - -### Fix - -* fix: include all fields of `Component` in `__lt__` function for #586 (#587) - -Fixes #586. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) - - -## v7.3.0 (2024-04-19) - -### Feature - -* feat: license factory set `acknowledgement` (#593) - -add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) - - -## v7.2.0 (2024-04-19) - -### Feature - -* feat: disjunctive license acknowledgement (#591) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) - -### Unknown - -* doc: poor merge resolved - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) - - -## v7.1.0 (2024-04-10) - -### Documentation - -* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) - -### Feature - -* feat: support `bom.properties` for CycloneDX v1.5+ (#585) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) - - -## v7.0.0 (2024-04-09) - -### Breaking +Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) * feat!: Support for CycloneDX v1.6 @@ -484,187 +189,9 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) - - -## v6.4.4 (2024-03-18) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) -### Fix - -* fix: wrong extra name for xml validation (#571) - - - -Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) - - -## v6.4.3 (2024-03-04) - -### Fix - -* fix: serialization of `model.component.Diff` (#557) - -Fixes #556 - ---------- - -Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) - - -## v6.4.2 (2024-03-01) - -### Build - -* build: use poetry v1.8.1 (#560) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) - -### Documentation - -* docs: update architecture description and examples (#550) - - - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) - -* docs: exclude internal docs from rendering (#545) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) - -### Unknown - -* docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) - -* docs (#546) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) - - -## v6.4.1 (2024-01-30) - -### Documentation - -* docs: ship docs with `sdist` build (#544) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) - -* docs: refactor example - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -### Fix - -* fix: `model.BomRef` no longer equal to unset peers (#543) - - fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) - - -## v6.4.0 (2024-01-22) - -### Documentation - -* docs: add OpenSSF Best Practices shield (#532) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) - -### Feature - -* feat: support `py-serializable` v1.0 (#531) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) - - -## v6.3.0 (2024-01-06) - -### Documentation - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) - -### Feature - -* feat: enable dependency `py-serializable 0.17` (#529) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) - - -## v6.2.0 (2023-12-31) - -### Build - -* build: allow additional major-version RC branch patterns - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) - -### Documentation - -* docs: fix typo - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) - -* docs: update intro and description - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) - -* docs: buld docs on ubuntu22.04 python311 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) - -### Feature - -* feat: allow `lxml` requirement in range of `>=4,<6` (#523) - -Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. -- [Release notes](https://github.com/lxml/lxml/releases) -- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) -- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) - ---- -updated-dependencies: -- dependency-name: lxml - dependency-type: direct:production -... - -Signed-off-by: dependabot[bot] <support@github.com> -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) - -### Unknown - -* docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) - - -## v6.1.0 (2023-12-22) - -### Feature - -* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) - -new API: `model.HashType.from_hashlib_alg()` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) - - -## v6.0.0 (2023-12-10) - -### Breaking - -* feat!: v6.0.0 (#492) +* feat!: v6.0.0 (#492) ### Breaking Changes @@ -754,78 +281,7 @@ Signed-off-by: Johannes Feichtner <johannes@web-wack.at> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) - - -## v5.2.0 (2023-12-02) - -### Documentation - -* docs: keywaords & funding (#486) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) - -### Feature - -* feat: `model.XsUri` migrate control characters according to spec (#498) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) - - -## v5.1.1 (2023-11-02) - -### Fix - -* fix: update own `externalReferences` (#480) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) - - -## v5.1.0 (2023-10-31) - -### Documentation - -* docs: advance license docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) - -### Feature - -* feat: guarantee unique `BomRef`s in serialization result (#479) - -Incorporate `output.BomRefDiscriminator` on serialization - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) - - -## v5.0.1 (2023-10-24) - -### Documentation - -* docs: revisit project meta (#475) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) - -* docs: fix RTFD build (#476) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) - -### Unknown - -* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" - -This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) - - -## v5.0.0 (2023-10-24) - -### Breaking +Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) * feat!: v5.0.0 (#440) @@ -945,119 +401,17 @@ Misc Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> Signed-off-by: semantic-release <semantic-release> -Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) - - -## v4.2.3 (2023-10-16) - -### Fix - -* fix: SPDX-expression-validation internal crashes are cought and handled (#471) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) - - -## v4.2.2 (2023-09-14) - -### Documentation - -* docs: fix shield in README - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) - -* docs(example): showcase `LicenseChoiceFactory` (#428) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) - -### Fix - -* fix: ship meta files (#434) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) - +Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) -## v4.2.1 (2023-09-06) - -### Fix - -* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) - - -## v4.2.0 (2023-09-06) - -### Feature - -* feat: complete SPDX license expression (#425) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) - - -## v4.1.0 (2023-08-27) - -### Documentation - -* docs(examples): showcase shorthand dependency management (#403) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) - -### Feature - -* feat: programmatic access to library's version (#417) +* feat: Release 4.0.0 #341) -adds `cyclonedx.__version__` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) - - -## v4.0.1 (2023-06-28) - -### Documentation - -* docs(examples): README (#399) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) - -* docs: add exaple how to build and serialize (#397) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) - -### Fix - -* fix: conditional warning if no root dependencies were found (#398) - - - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) - -### Unknown - -* 4.0.1 - -Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) - -* Add missing space in warning message. (#364) - - - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) - - -## v4.0.0 (2023-03-20) - -### Breaking - -* feat: Release 4.0.0 #341) - -Highlights of this release include: -* Support for De-serialization from JSON and XML to this Pythonic Model -* Deprecation of Python 3.6 support -* Support for Python 3.11 -* Support for `BomLink` -* Support VEX without needing `Component` in the same `Bom` -* Support for `services` having `dependencies` +Highlights of this release include: +* Support for De-serialization from JSON and XML to this Pythonic Model +* Deprecation of Python 3.6 support +* Support for Python 3.11 +* Support for `BomLink` +* Support VEX without needing `Component` in the same `Bom` +* Support for `services` having `dependencies` BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. @@ -1167,1869 +521,2070 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) - -### Unknown - -* 4.0.0 - -Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) +Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) +* feat: bump dependencies -## v3.1.5 (2023-01-12) +BREAKING CHANGE: Adopt PEP-3102 -### Fix +BREAKING CHANGE: Optional Lists are now non-optional Sets -* fix: mak test's schema paths relative to `cyclonedx` package (#338) +BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) +BREAKING CHANGE: Added `BomRef` data type -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) -* 3.1.5 +### Build -Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) +* build: use poetry v1.8.1 (#560) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) -## v3.1.4 (2023-01-11) +* build: allow additional major-version RC branch patterns -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) -* fix(tests): include tests in `sdist` builds (#337) +* build: move typing to dev-dependencies -* feat: include `tests` in `sdist` builds for #336 -* delete unexpected `DS_Store` file +Move `types-setuptools` and `types-toml` to dev-dependencies (#226) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) +Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) -### Unknown +* build: updated dependencies, moved pdoc3 to a dev dependency -* 3.1.4 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) + +* build: dependencies updated -Automatically generated by python-semantic-release ([`0b19294`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) +### Documentation -## v3.1.3 (2023-01-07) +* docs: revisit examples readme (#725) -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) -* fix: serialize dependency graph for nested components (#329) +* docs: fix code examples regarding outputting (#709) -* tests: regression tests for issue #328 -* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) -### Unknown +* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) -* 3.1.3 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) -Automatically generated by python-semantic-release ([`11a420c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) +* docs: fix some doc strings +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) -## v3.1.2 (2023-01-06) +* docs: exclude dep bumps from changelog (#627) -### Documentation +fixes #616 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) -* docs: typo +* docs: OSSP best practice percentage -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) -* docs: fix shields (#324) +* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) -caused by https://github.com/badges/shields/issues/8671 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) -* docs: fix typo (#318) +* docs: update architecture description and examples (#550) -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) - -### Fix + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) -* fix: prevent errors on metadata handling for some specification versions (#330) +* docs: exclude internal docs from rendering (#545) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) -### Unknown +* docs: ship docs with `sdist` build (#544) -* 3.1.2 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) -Automatically generated by python-semantic-release ([`0853d14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) +* docs: refactor example -* clarify sign-off step (#319) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) +* docs: add OpenSSF Best Practices shield (#532) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) -## v3.1.1 (2022-11-28) +* docs: add `Documentation` url to project meta -### Fix +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) -* fix: type hint for `get_component_by_purl` is incorrect +* docs: add `Documentation` url to project meta -chore: force automated release -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) -### Unknown +* docs: fix typo -* 3.1.1 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) -Automatically generated by python-semantic-release ([`503955e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) +* docs: update intro and description -* Merge pull request #310 from gruebel/fix-method-type-hint +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) -fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) +* docs: buld docs on ubuntu22.04 python311 -* move tests to model bom file +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) +* docs: keywaords & funding (#486) -* fix type hint for get_component_by_purl +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) +* docs: advance license docs +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) -## v3.1.0 (2022-09-15) +* docs: revisit project meta (#475) -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) -* feat: out-factor SPDX compund detection +* docs: fix RTFD build (#476) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) -* feat: out-factor SPDX compund detection +* docs: fix shield in README -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) -* feat: license factories +* docs(example): showcase `LicenseChoiceFactory` (#428) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) -### Unknown +* docs(examples): showcase shorthand dependency management (#403) -* 3.1.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) -Automatically generated by python-semantic-release ([`e52c174`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) +* docs(examples): README (#399) -* Merge pull request #305 from CycloneDX/license-factories +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) -feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) +* docs: add exaple how to build and serialize (#397) -* Merge pull request #301 from CycloneDX/fix-poetry-in-tox +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) -chore: fix poetry in tox ([`92aea8d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) +* docs: typo -* remove v3 from CHANGELOG #286 (#287) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) +* docs: fix shields (#324) -* 3.0.0 +caused by https://github.com/badges/shields/issues/8671 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) -Automatically generated by python-semantic-release ([`69582ff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) +* docs: fix typo (#318) + +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) -## v2.7.1 (2022-08-01) +* docs: fix typo "This is out" -> "This is our" -### Fix +Fix typo in comments: "This is out" -> "This is our" (#233) + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) -* fix: pinned `mypy <= 0.961` due to #278 +### Feature -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) +* feat: add basic support for Definitions (#701) -* fix: properly support nested `components` and `services` #275 + + +--------- + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) +* feat: Add Python 3.13 support (#718) -### Unknown +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) -* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 +* feat: add support for Lifecycles in BOM metadata (#698) -fix: BOM validation fails when Components or Services are nested #275 -fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) -* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) +* feat: add cpe format validation -* added tests to cover new `Component.get_all_nested_components()` method +Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`aea3b04`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aea3b047bc86a4256e8437bdba931578859700df)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +* feat: add CPE format validation in property setter -* Revert "chore: re-added `isort` to pre-commit hooks" +Signed-off-by: Saquib Saifee <saquibsaifee@ibm.com> ([`c74218b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c74218ba0f969cdbe20c5988ef37b358c9c0e011)) -This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. +* feat: add cpe format validation -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) +- Implemented regex-based validation for CPE format in the model. +- Added tests to verify handling of invalid CPE strings. -* removed tests where services are part of dependency tree - see #277 +Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`15d9c19`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15d9c198404d4c55cf2e9039283a31ff973e8a1b)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) +* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) -* aded XML output tests for Issue #275 +The code mistreated hashes for Blake2b and SHA3. +Code for explicitly handling SHA1 & BLAKE3 was added, as those have no +variants defined in the CycloneDX specification. + +fixes #652 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) +* feat: add workaround property for v1.5 and v1.6 (#642) -* updated XML output tests +Property `workaround` was missing from the vulnerability model. It was +added in spec v1.5 and was marked as TODO before. + +This is my first contribution on this project so if I done something +wrong, just say me :smiley: + +Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> +Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> +Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) +* feat: updated SPDX license list to `v3.24.0` (#622) -* addressed JSON output for #275 including test addiitions +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) +* feat: license factory set `acknowledgement` (#593) +add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) -## v2.7.0 (2022-07-21) +* feat: disjunctive license acknowledgement (#591) -### Feature + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) -* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) +* feat: support `bom.properties` for CycloneDX v1.5+ (#585) -* feat: support for CycloneDX schema version `1.4.2` -- Provides support for `vulnerability.properties` +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) +* feat: support `py-serializable` v1.0 (#531) -* feat: added updated CycloneDX 1.4.2 schemas +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) +* feat: enable dependency `py-serializable 0.17` (#529) -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) -* 2.7.0 +* feat: allow `lxml` requirement in range of `>=4,<6` (#523) -Automatically generated by python-semantic-release ([`96d155e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) +Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. +- [Release notes](https://github.com/lxml/lxml/releases) +- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) +- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) + +--- +updated-dependencies: +- dependency-name: lxml + dependency-type: direct:production +... + +Signed-off-by: dependabot[bot] <support@github.com> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) +* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) -## v2.6.0 (2022-06-20) +new API: `model.HashType.from_hashlib_alg()` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) -### Feature +* feat: `model.XsUri` migrate control characters according to spec (#498) -* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) +* feat: guarantee unique `BomRef`s in serialization result (#479) -### Unknown +Incorporate `output.BomRefDiscriminator` on serialization + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) -* 2.6.0 +* feat: complete SPDX license expression (#425) -Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) +* feat: programmatic access to library's version (#417) -## v2.5.2 (2022-06-15) +adds `cyclonedx.__version__` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) -### Fix +* feat: out-factor SPDX compund detection -* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) +* feat: out-factor SPDX compund detection -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) -* 2.5.2 - -Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) - - -## v2.5.1 (2022-06-10) - -### Fix - -* fix: add missing `Vulnerability` comparator for sorting (#246) +* feat: license factories -Partial fix for #245. - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) -### Unknown +* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) -* 2.5.1 +* feat: support for CycloneDX schema version `1.4.2` +- Provides support for `vulnerability.properties` -Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) +* feat: added updated CycloneDX 1.4.2 schemas -## v2.5.0 (2022-06-10) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) -### Build +* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) -* build: move typing to dev-dependencies +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) -Move `types-setuptools` and `types-toml` to dev-dependencies (#226) - -Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) +* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson -### Documentation +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) -* docs: fix typo "This is out" -> "This is our" +* feat(deps): remove unused `typing-extensions` constraints -Fix typo in comments: "This is out" -> "This is our" (#233) +PullRequest and details via #224 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) -### Feature - -* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) +* feat: add support for Dependency Graph in Model and output serialisation -### Unknown +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) -* 2.5.0 - -Automatically generated by python-semantic-release ([`c820423`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) +* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: +https://github.com/CycloneDX/specification/issues/122 -* Merge pull request #235 from RodneyRichardson/use-sorted-set +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) -feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) +* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: +- https://github.com/CycloneDX/specification/issues/123 +- https://github.com/CycloneDX/specification/issues/84 +- https://github.com/CycloneDX/specification/issues/125 -* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) -* Fix SortedSet type hints for python < 3.8 +* feat: output errors are verbose -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) -* Fix line length warning. +* feat: completed work on #155 (#172) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) +fix: resolved #169 (part of #155) +feat: as part of solving #155, #147 has been implemented + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) -* Fix more type hints for python < 3.8 +* feat: support complete model for `bom.metadata` (#162) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) +* feat: support complete model for `bom.metadata` +fix: JSON comparison in unit tests was broken +chore: corrected some source license headers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) -* Fix SortedSet type hints for python < 3.8 +* feat: support for `bom.externalReferences` in JSON and XML #124 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) -* Fix type hint on ComparableTuple +* feat: Complete support for `bom.components` (#155) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) +* fix: implemented correct `__hash__` methods in models (#153) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) -* Sort usings. +* feat: support services in XML BOMs +feat: support nested services in JSON and XML BOMs -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) -* Fix sonatype-lift warnings +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) -* Fix warnings. +* feat: add CPE to component (#138) -Change tuple -> Tuple -Fix Diff initialization -Add sorting to AttachedText +* Added CPE to component + +Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixing problems with CPE addition + +- Fixed styling errors +- Added reference to CPE Spec +- Adding CPE parameter as last parameter to not break arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Again fixes for Style and CPE reference + +Missing in the last commit + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added CPE as argument before deprecated arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added testing for CPE addition and error fixing + +- Added output tests for CPE in XML and JSON +- Fixes style error in components +- Fixes order for CPE output in XML (CPE has to come before PURL) + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed output tests + +CPE was still in the wrong position in one of the tests - fixed + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed minor test fixtures issues + +- cpe was still in wrong position in 1.2 JSON +- Indentation fixed in 1.4 JSON + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed missing comma in JSON 1.2 test file + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) +* feat: add support for `bom.metadata.component` (#118) -* Reduce sortedcontainers.pyi to only the functions used. +* Add support for metadata component + +Part of #6 + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> + +* Better docs and simpler ifs + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) +* feat: loosed dependency versions to make this library more consumable -* Remove flake8 warnings +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) -Remove unused imports and trailing whitespace. -Sort usings in pyi file. +* feat: Typing & PEP 561 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) +* adde file for type checkers according to PEP 561 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added static code analysis as a dev-test + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added the "typed" trove + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added `flake8-annotations` to the tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* further typing updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing additions and test updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing - added type stubs for toml and setuptools + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* typing work + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* coding standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fixed tox and mypy running in correct python version + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed some typing related flaws + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added flake8-bugbear for code analysis + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) -* Add type hints for SortedSet +* feat: add support for Conda -Fix use of set/Set. +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) +* feat: add support for parsing package licenses when using the `Environment` Parsers -* Replace object type hint in __lt__ with Any +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) +* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known -* Make reorder() return type explicit List (as flagged by sonatype-lift bot) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) +* feat: support for pipenv.lock file parsing -* Use SortedSet in model to improve reproducibility +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) -Added `__lt__()` to all model classes used in SortedSet, with tests -Explicitly declared Enums as (str, Enum) to allow sorting -Added dependency to sortedcollections package +* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) +* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component -## v2.4.0 (2022-05-17) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) -### Feature +* feat: add support for tool(s) that generated the SBOM -* feat(deps): remove unused `typing-extensions` constraints +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) -PullRequest and details via #224 - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) +* feat: support for localising vectors (i.e. stripping out any scheme prefix) -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) -* 2.4.0 +* feat: helper methods for deriving Severity and SourceType -Automatically generated by python-semantic-release ([`4874354`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) -* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) +* feat: adding support for extension schema that descriptions vulnerability disclosures +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) -## v2.3.0 (2022-04-20) +* feat: added helper method to return a PackageURL object representing a Component -### Feature +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) -* feat: add support for Dependency Graph in Model and output serialisation +* feat: add poetry support -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) -### Unknown +### Fix -* 2.3.0 +* fix: encode quotation mark in URL (#724) -Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) -* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies +* fix: behavior of and typing for crypto setters with optional values (#694) -feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) +fixes #690 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) -* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast +* fix: file copyright headers (#676) -no cast ([`2551545`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) +utilizes flake8 plugin +<https://pypi.org/project/flake8-copyright-validator/> to assert the +correct headers + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) -* no cast +* fix: XML serialize `normalizedString` and `token` properly (#646) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) +fixes #638 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) -* update to use `Set` operators (more Pythonic) +* fix: `cyclonedx.model.Property.value` value is optional (#631) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) +`cyclonedx.model.Property.value` value is optional, in accordance with +the spec. + +fixes #630 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) -* missing closing `>` in `BomRef.__repr__` +* fix: allow suppliers with empty-string names (#611) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) +fixes #600 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) -* removed unnecessary condition - `self.get_bom().components` is always a `Set` +* fix: json validation allow arbitrary `$schema` value (#613) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) -* added additional tests to validate Component in Metadata is properly represented in Dependency Graph +* fix: properly sort components based on all properties (#599) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) +reverts #587 - as this one introduced errors +fixes #598 +fixes #586 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) -* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy +* fix: include all fields of `Component` in `__lt__` function for #586 (#587) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) +Fixes #586. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) -* updates based on feedback from @jkowalleck +* fix: wrong extra name for xml validation (#571) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) + + +Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) -* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) +* fix: serialization of `model.component.Diff` (#557) -* doc: updated docs to reflect support for Dependency Graph +Fixes #556 + +--------- + +Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) +* fix: `model.BomRef` no longer equal to unset peers (#543) -* updated file hash in test + fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) +* fix: update own `externalReferences` (#480) -* removed unused import +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) +* fix: SPDX-expression-validation internal crashes are cought and handled (#471) -* doc: updated docs to reflect support for Dependency Graph +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) +* fix: ship meta files (#434) -* updated file hash in test +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) +* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) -* removed unused import +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) +* fix: conditional warning if no root dependencies were found (#398) + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) -## v2.2.0 (2022-04-12) +* fix: mak test's schema paths relative to `cyclonedx` package (#338) -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) -* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: -https://github.com/CycloneDX/specification/issues/122 +* fix(tests): include tests in `sdist` builds (#337) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) +* feat: include `tests` in `sdist` builds for #336 +* delete unexpected `DS_Store` file + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) -* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: -- https://github.com/CycloneDX/specification/issues/123 -- https://github.com/CycloneDX/specification/issues/84 -- https://github.com/CycloneDX/specification/issues/125 +* fix: serialize dependency graph for nested components (#329) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) +* tests: regression tests for issue #328 +* fix: for issue #328 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) -### Unknown +* fix: prevent errors on metadata handling for some specification versions (#330) -* 2.2.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) -Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) +* fix: type hint for `get_component_by_purl` is incorrect -* Merge pull request #207 from CycloneDX/feat/update-schemas +chore: force automated release +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) -feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) +* fix: pinned `mypy <= 0.961` due to #278 -* mark schema files as vendored +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) +* fix: properly support nested `components` and `services` #275 -* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) -[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) +* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) -## v2.1.1 (2022-04-05) +* fix: add missing `Vulnerability` comparator for sorting (#246) -### Fix +Partial fix for #245. + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) * fix: prevent error if `version` not set -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) - -### Unknown - -* 2.1.1 - -Automatically generated by python-semantic-release ([`f78d608`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) - -* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 - -fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) +* fix: `version` being optional in JSON output can raise error -## v2.1.0 (2022-03-28) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) -### Feature +* fix: `license_url` not serialised in XML output #179 (#180) -* feat: output errors are verbose +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) +* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) -* fix: `version` being optional in JSON output can raise error +* fix: temporary fix for `__hash__` of Component with `properties` #153 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) -### Unknown +* fix: further fix for #150 -* 2.1.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) -Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) +* fix: regression introduced by first fix for #150 -* Merge pull request #198 from CycloneDX/verbose_outout_errors +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) -fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) +* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 -* updated to be more pythonic +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) +* fix: `expression` not supported in Component Licsnes for version 1.0 -* doc: added CONTRIBUTING to public docs -doc: included pre-commit hooks in CONTRIBUTING +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) +* fix: bump dependencies (#136) -* Merge pull request #182 from CycloneDX/sort-imports +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) -style: sort imports ([`aa37e56`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) +* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -## v2.0.0 (2022-02-21) +* fix: tightened dependency `packageurl-python` (#95) -### Breaking +fixes #94 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) -* feat: bump dependencies +* fix: further loosened dependency definitions -BREAKING CHANGE: Adopt PEP-3102 +see #44 + +updated some locked dependencies to latest versions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) -BREAKING CHANGE: Optional Lists are now non-optional Sets +* fix: constructor for `Vulnerability` to correctly define `ratings` as optional -BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version +Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) -BREAKING CHANGE: Added `BomRef` data type +* fix: correct way to write utf-8 encoded files -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) -### Feature +* fix: ensure output to file is UTF-8 -* feat: completed work on #155 (#172) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) -fix: resolved #169 (part of #155) -feat: as part of solving #155, #147 has been implemented - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) +* fix: ensure output to file is UTF-8 -* feat: support complete model for `bom.metadata` (#162) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) -* feat: support complete model for `bom.metadata` -fix: JSON comparison in unit tests was broken -chore: corrected some source license headers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) +* fix: missing check for Classifiers in Environment Parser -* feat: support for `bom.externalReferences` in JSON and XML #124 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) +* fix: coding standards violations -* feat: Complete support for `bom.components` (#155) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) -* fix: implemented correct `__hash__` methods in models (#153) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) +* fix: handle `Pipfile.lock` dependencies without an `index` specified +fix: multiple fixes in variable scoping to prevent accidental data sharing -* feat: support services in XML BOMs -feat: support nested services in JSON and XML BOMs +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) +* fix: add namespace and subpath support to Component to complete PackageURL Spec support -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) -* fix: `license_url` not serialised in XML output #179 (#180) +* fix: multiple hashes being created for an externalRefernce which is not as required -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) -* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly +* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -* fix: temporary fix for `__hash__` of Component with `properties` #153 +* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) -* fix: further fix for #150 +* fix: bumped a dependency version -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) -* fix: regression introduced by first fix for #150 +* fix: improved handling for `requirements.txt` content without pinned or declared versions -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) -* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 +* fix: removed print call -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) -* fix: `expression` not supported in Component Licsnes for version 1.0 +* fix: relaxed typing of parameter to be compatible with Python < 3.9 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) -### Unknown +* fix: removed print call -* 2.0.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) -Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) +* fix: remove unused commented out code -* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) -* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) +* fix: whitespace on empty line removed -* doc: added RTD badge to README +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) +* fix(test): test was not updated for revised author statement -* implemented `__str__` for `BomRef` +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) +* fix(build): test failure and dependency missing -* Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) +Fixed failing tests due to dependency on now removed VERSION file +Added flake8 officially as a DEV dependency to poetry -* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated Vulnerability to also use new `BomRef` model - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) -* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) +* fix(build): removed artefacts associtated with non-poetry build -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) +Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. -* BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) +* fix: add in pypi badge ([`6098c36`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) -* BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) +* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) +* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) -* BREAKING CHANGE: update models to use `Set` rather than `List` (#160) +* fix: release with full name ([`4c620ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) -* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` -BREAKING CHANGE: update final models to use `@property` -wip - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) +* fix: initial release to pypi ([`99687db`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) -* removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) +* Merge branch 'CycloneDX:main' into main ([`8c4082e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c4082e96eb3af94740b03bcd70c62e8c133c5c0)) -* BREAKING CHANGE: adopted PEP-3102 for model classes (#158) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4197b8f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4197b8ff2fb774d6b2a4bf522536644b7556ce8a)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`39f1ea1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/39f1ea163859b203d23f66920a1e358e0a0d434b)) -* doc: added page to docs to call out which parts of the specification this library supports +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`8d6c632`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d6c632829bc59ee71de76bb9b06481cd71b3ebc)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) +* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4c9bf32`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c9bf32cb213ef32499d0e15f6a3c30a7c648477)) -* attempt to resolve Lift finding +* Merge branch 'CycloneDX:main' into main ([`2cd8250`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2cd825006d2e1dd4164388baf1124ba0063e0d88)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) +* Merge branch 'CycloneDX:main' into main ([`be4fd4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be4fd4b0fa7e274689e6dadbcd0a3c2764ca88d1)) -* removed unused imports +* Merge pull request #3 from CycloneDX/main -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) +sync ([`a0bfc3d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a0bfc3dc2114d0ff66a8c5911299da9d83b31034)) -* WIP on `bom.services` +* doc: poor merge resolved -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* No default values for required fields - -* Add Services to BOM - -* Typo fix - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.2.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* 1.3.0 - -Automatically generated by python-semantic-release - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* WIP but a lil hand up for @madpah - -Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* chore: added missing license header - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* aligned classes with standards, commented out Signature work for now, added first tests for Services - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* removed signature from this branch - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* Add Services to BOM - -* Typo fix - -* addressed standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* resolved typing issues from merge - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* added a bunch more tests for JSON output - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) +* docs -## v1.3.0 (2022-01-24) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) -### Feature +* docs (#546) -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) +* docs -### Unknown +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) -* 1.3.0 +* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" -Automatically generated by python-semantic-release ([`4178181`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) +This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) -## v1.2.0 (2022-01-24) +* 4.0.1 -### Feature +Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) -* feat: add CPE to component (#138) +* Add missing space in warning message. (#364) -* Added CPE to component - -Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixing problems with CPE addition - -- Fixed styling errors -- Added reference to CPE Spec -- Adding CPE parameter as last parameter to not break arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> -* Again fixes for Style and CPE reference - -Missing in the last commit - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added CPE as argument before deprecated arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added testing for CPE addition and error fixing - -- Added output tests for CPE in XML and JSON -- Fixes style error in components -- Fixes order for CPE output in XML (CPE has to come before PURL) - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed output tests - -CPE was still in the wrong position in one of the tests - fixed - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed minor test fixtures issues - -- cpe was still in wrong position in 1.2 JSON -- Indentation fixed in 1.4 JSON -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed missing comma in JSON 1.2 test file +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) + +* 4.0.0 + +Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) + +* 3.1.5 + +Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) + +* 3.1.4 + +Automatically generated by python-semantic-release ([`0b19294`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) + +* 3.1.3 + +Automatically generated by python-semantic-release ([`11a420c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) + +* 3.1.2 + +Automatically generated by python-semantic-release ([`0853d14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) + +* clarify sign-off step (#319) + -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) -### Unknown +* 3.1.1 -* 1.2.0 +Automatically generated by python-semantic-release ([`503955e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) -Automatically generated by python-semantic-release ([`97c215c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) +* Merge pull request #310 from gruebel/fix-method-type-hint +fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) -## v1.1.1 (2022-01-19) +* move tests to model bom file -### Fix +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) -* fix: bump dependencies (#136) +* fix type hint for get_component_by_purl -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) -### Unknown +* 3.1.0 -* 1.1.1 +Automatically generated by python-semantic-release ([`e52c174`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) -Automatically generated by python-semantic-release ([`dec63de`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) +* Merge pull request #305 from CycloneDX/license-factories +feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) -## v1.1.0 (2022-01-13) +* Merge pull request #301 from CycloneDX/fix-poetry-in-tox -### Feature +chore: fix poetry in tox ([`92aea8d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) -* feat: add support for `bom.metadata.component` (#118) +* remove v3 from CHANGELOG #286 (#287) -* Add support for metadata component - -Part of #6 - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> - -* Better docs and simpler ifs +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) + +* 3.0.0 + +Automatically generated by python-semantic-release ([`69582ff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) + +* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 + +fix: BOM validation fails when Components or Services are nested #275 -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) +fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) -### Unknown +* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) -* 1.1.0 +* added tests to cover new `Component.get_all_nested_components()` method -Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +* Revert "chore: re-added `isort` to pre-commit hooks" -## v1.0.0 (2022-01-13) +This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -### Unknown +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) -* Manually generated release ([`3509fb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) +* removed tests where services are part of dependency tree - see #277 -* Support for CycloneDX schema version 1.4 (#108) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) -BREAKING CHANGE: Support for CycloneDX 1.4. This includes: -- Support for `tools` having `externalReferences` -- Allowing `version` for a `Component` to be optional in 1.4 -- Support for `releaseNotes` per `Component` -- Support for the core schema implementation of Vulnerabilities (VEX) - -Other changes included in this PR: -- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) -- Fixes to ensure schema is adhered to in 1.0 -- URI's are now used throughout the library through a new `XsUri` class to provide URI validation -- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) -- `$schema` is now included in JSON BOMs -- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python -- Added reference to release of this library on Anaconda - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> - -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) +* aded XML output tests for Issue #275 -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) -* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) +* updated XML output tests +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) -## v0.12.3 (2021-12-15) +* addressed JSON output for #275 including test addiitions -### Fix +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) -* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +* 2.7.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) +Automatically generated by python-semantic-release ([`96d155e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) -### Unknown +* 2.6.0 -* 0.12.3 +Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) -Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) +* 2.5.2 +Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) -## v0.12.2 (2021-12-09) +* 2.5.1 -### Fix +Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) -* fix: tightened dependency `packageurl-python` (#95) +* 2.5.0 -fixes #94 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) +Automatically generated by python-semantic-release ([`c820423`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) -### Unknown +* Merge pull request #235 from RodneyRichardson/use-sorted-set -* 0.12.2 +feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) -Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) +* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +* Fix SortedSet type hints for python < 3.8 -## v0.12.1 (2021-12-09) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) -### Fix +* Fix line length warning. -* fix: further loosened dependency definitions +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) -see #44 - -updated some locked dependencies to latest versions - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) +* Fix more type hints for python < 3.8 -### Unknown +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) -* 0.12.1 +* Fix SortedSet type hints for python < 3.8 -Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +* Fix type hint on ComparableTuple -## v0.12.0 (2021-12-09) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) -### Feature +* Sort usings. -* feat: loosed dependency versions to make this library more consumable +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) +* Fix sonatype-lift warnings -### Unknown +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) -* 0.12.0 +* Fix warnings. -Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) +Change tuple -> Tuple +Fix Diff initialization +Add sorting to AttachedText -* Merge pull request #88 from CycloneDX/contributing-file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) -initial CONTRIBUTING file ([`20035bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) +* Reduce sortedcontainers.pyi to only the functions used. -* initial CONTRIBUTING file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) +* Remove flake8 warnings -* CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 +Remove unused imports and trailing whitespace. +Sort usings in pyi file. -poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) -* CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 +* Add type hints for SortedSet -poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) +Fix use of set/Set. -* poetry(deps): bump filelock from 3.3.2 to 3.4.0 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) -Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.2 to 3.4.0. -- [Release notes](https://github.com/tox-dev/py-filelock/releases) -- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.2...3.4.0) +* Replace object type hint in __lt__ with Any ---- -updated-dependencies: -- dependency-name: filelock - dependency-type: indirect - update-type: version-update:semver-minor -... +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) + +* Make reorder() return type explicit List (as flagged by sonatype-lift bot) -Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) -* CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 +* Use SortedSet in model to improve reproducibility -poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) +Added `__lt__()` to all model classes used in SortedSet, with tests +Explicitly declared Enums as (str, Enum) to allow sorting +Added dependency to sortedcollections package -* poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) -Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.2 to 57.4.4. -- [Release notes](https://github.com/python/typeshed/releases) -- [Commits](https://github.com/python/typeshed/commits) +* 2.4.0 ---- -updated-dependencies: -- dependency-name: types-setuptools - dependency-type: direct:production - update-type: version-update:semver-patch -... +Automatically generated by python-semantic-release ([`4874354`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) -Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) +* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) -* CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +* 2.3.0 -poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) -* poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 +* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.9.2 to 21.11.29. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.9.2...21.11.29) +feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... +* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast -Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) +no cast ([`2551545`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) -* CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 +* no cast -poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) -* CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 +* update to use `Set` operators (more Pythonic) -poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) -* poetry(deps-dev): bump coverage from 6.1.2 to 6.2 +* missing closing `>` in `BomRef.__repr__` -Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.2...6.2) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-minor -... +* removed unnecessary condition - `self.get_bom().components` is always a `Set` -Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) -* DOCS: fix README shields & links ([`43b1121`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) +* added additional tests to validate Component in Metadata is properly represented in Dependency Graph -* doc: readme maintenance - shields & links (#72) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) -* README: restructure links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add lan to fenced code blocks - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: fix some formatting - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: modernized shields - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: harmonize links - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: add language to code fences - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: markdown fixes - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: removed py version shield - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) +* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy -* poetry(deps): bump mako from 1.1.5 to 1.1.6 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) -Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.5 to 1.1.6. -- [Release notes](https://github.com/sqlalchemy/mako/releases) -- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) -- [Commits](https://github.com/sqlalchemy/mako/commits) +* updates based on feedback from @jkowalleck + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) + +* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) + +* doc: updated docs to reflect support for Dependency Graph + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) + +* updated file hash in test + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) + +* removed unused import ---- -updated-dependencies: -- dependency-name: mako - dependency-type: indirect - update-type: version-update:semver-patch -... +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) -Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) +* doc: updated docs to reflect support for Dependency Graph -* Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) -poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) +* updated file hash in test -* FIX: update Conda package parsing to handle `build` containing underscore (#66) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) -* fix: update conda package parsing to handle `build` containing underscore - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* updated some typings - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) +* removed unused import -* poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) -Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 4.8.2. -- [Release notes](https://github.com/python/importlib_metadata/releases) -- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) -- [Commits](https://github.com/python/importlib_metadata/compare/v4.8.1...v4.8.2) +* 2.2.0 ---- -updated-dependencies: -- dependency-name: importlib-metadata - dependency-type: direct:production - update-type: version-update:semver-patch -... +Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) -Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) +* Merge pull request #207 from CycloneDX/feat/update-schemas -* poetry(deps): bump filelock from 3.3.1 to 3.3.2 +feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) -Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.1 to 3.3.2. -- [Release notes](https://github.com/tox-dev/py-filelock/releases) -- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.1...3.3.2) +* mark schema files as vendored ---- -updated-dependencies: -- dependency-name: filelock - dependency-type: indirect - update-type: version-update:semver-patch -... +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) -Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) +* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks -* Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 +[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) -poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) +* 2.1.1 -* Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 +Automatically generated by python-semantic-release ([`f78d608`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) -poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) +* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 -* Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 +fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) -poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) +* 2.1.0 -* poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 +Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.0.5 to 3.0.6. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_3.0.5...pyparsing_3.0.6) +* Merge pull request #198 from CycloneDX/verbose_outout_errors ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-patch -... +fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) -Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) +* updated to be more pythonic -* poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) -Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.1 to 6.1.2. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.1...6.1.2) +* doc: added CONTRIBUTING to public docs +doc: included pre-commit hooks in CONTRIBUTING ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-patch -... +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) -Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) +* Merge pull request #182 from CycloneDX/sort-imports +style: sort imports ([`aa37e56`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) -## v0.11.1 (2021-11-10) +* 2.0.0 -### Fix +Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) -* fix: constructor for `Vulnerability` to correctly define `ratings` as optional +* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) -Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) +* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) -### Unknown +* doc: added RTD badge to README -* 0.11.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) + +* implemented `__str__` for `BomRef` -Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) -* FEAT: Support Python 3.10 (#64) +* Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) -* fix: tested with Python 3.10 +* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references Signed-off-by: Paul Horton <phorton@sonatype.com> -* added trove classifier for Python 3.10 - -Signed-off-by: Paul Horton <phorton@sonatype.com> +* updated Vulnerability to also use new `BomRef` model -* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) + +* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) + +* BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) + +* BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) + +* BREAKING CHANGE: update models to use `Set` rather than `List` (#160) + +* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]` +BREAKING CHANGE: update final models to use `@property` +wip -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) -* poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 +* removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck -Bumps [importlib-resources](https://github.com/python/importlib_resources) from 5.3.0 to 5.4.0. -- [Release notes](https://github.com/python/importlib_resources/releases) -- [Changelog](https://github.com/python/importlib_resources/blob/main/CHANGES.rst) -- [Commits](https://github.com/python/importlib_resources/compare/v5.3.0...v5.4.0) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) ---- -updated-dependencies: -- dependency-name: importlib-resources - dependency-type: indirect - update-type: version-update:semver-minor -... +* BREAKING CHANGE: adopted PEP-3102 for model classes (#158) -Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +* doc: added page to docs to call out which parts of the specification this library supports -## v0.11.0 (2021-11-10) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) -### Feature +* attempt to resolve Lift finding -* feat: Typing & PEP 561 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) -* adde file for type checkers according to PEP 561 +* removed unused imports + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) + +* WIP on `bom.services` + +* WIP but a lil hand up for @madpah -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> -* added static code analysis as a dev-test +* chore: added missing license header -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* added the "typed" trove +* No default values for required fields -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* Add Services to BOM -* added `flake8-annotations` to the tests +* Typo fix -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* aligned classes with standards, commented out Signature work for now, added first tests for Services -* added type hints +Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* addressed standards -* further typing updates +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* 1.2.0 + +Automatically generated by python-semantic-release Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing additions and test updates +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) + +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing +* doc: updated documentation to reflect change Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing - added type stubs for toml and setuptools +* patched other tests to support UUID for bom-ref Signed-off-by: Paul Horton <phorton@sonatype.com> -* further typing +* better syntax Signed-off-by: Paul Horton <phorton@sonatype.com> -* typing work +* 1.3.0 + +Automatically generated by python-semantic-release Signed-off-by: Paul Horton <phorton@sonatype.com> -* coding standards +* WIP but a lil hand up for @madpah +Signed-off-by: Jeffry Hesse <5544326+DarthHater@users.noreply.github.com> Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed tox and mypy running in correct python version +* chore: added missing license header -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` +* aligned classes with standards, commented out Signature work for now, added first tests for Services -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed type hints +* removed signature from this branch -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -* fixed some typing related flaws +* Add Services to BOM -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* Typo fix -* added flake8-bugbear for code analysis +* addressed standards -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) - -### Unknown - -* 0.11.0 - -Automatically generated by python-semantic-release ([`7262783`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) - -* Merge pull request #41 from jkowalleck/improv-abstract - -fixed some abstract definitions ([`f34e2c2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) - -* Merge pull request #42 from jkowalleck/improv-pipenv - -slacked pipenv parser ([`08bc4ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) +* resolved typing issues from merge + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added a bunch more tests for JSON output + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> +Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) -* Merge pull request #43 from jkowalleck/improv-conda-typehints +* 1.3.0 -fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) +Automatically generated by python-semantic-release ([`4178181`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) -* Merge pull request #54 from jkowalleck/create-CODEOWNERS +* 1.2.0 -created CODEOWNERS ([`7f28bef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) +Automatically generated by python-semantic-release ([`97c215c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) -* Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 +* 1.1.1 -poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) +Automatically generated by python-semantic-release ([`dec63de`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) -* Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 +* 1.1.0 -poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) +Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) -* Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 +* Manually generated release ([`3509fb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) -poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) +* Support for CycloneDX schema version 1.4 (#108) -* poetry(deps): bump py from 1.10.0 to 1.11.0 +BREAKING CHANGE: Support for CycloneDX 1.4. This includes: +- Support for `tools` having `externalReferences` +- Allowing `version` for a `Component` to be optional in 1.4 +- Support for `releaseNotes` per `Component` +- Support for the core schema implementation of Vulnerabilities (VEX) + +Other changes included in this PR: +- Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat) +- Fixes to ensure schema is adhered to in 1.0 +- URI's are now used throughout the library through a new `XsUri` class to provide URI validation +- Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/) +- `$schema` is now included in JSON BOMs +- Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python +- Added reference to release of this library on Anaconda + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> + +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) -Bumps [py](https://github.com/pytest-dev/py) from 1.10.0 to 1.11.0. -- [Release notes](https://github.com/pytest-dev/py/releases) -- [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) -- [Commits](https://github.com/pytest-dev/py/compare/1.10.0...1.11.0) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) ---- -updated-dependencies: -- dependency-name: py - dependency-type: indirect - update-type: version-update:semver-minor -... +* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) -Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) +* 0.12.3 -* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 +Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) -poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) +* 0.12.2 -* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 +Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) +* 0.12.1 ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-major -... +Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) -Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) +* 0.12.0 -* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 +Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) -poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +* Merge pull request #88 from CycloneDX/contributing-file -* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) +initial CONTRIBUTING file ([`20035bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) -* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 +* initial CONTRIBUTING file -Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-major -... +* CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 -Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) +poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) -* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 +* CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. -- [Release notes](https://github.com/pypa/virtualenv/releases) -- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) -- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) +poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) + +* poetry(deps): bump filelock from 3.3.2 to 3.4.0 + +Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.2 to 3.4.0. +- [Release notes](https://github.com/tox-dev/py-filelock/releases) +- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.2...3.4.0) --- updated-dependencies: -- dependency-name: virtualenv +- dependency-name: filelock dependency-type: indirect update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) +Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) -* created CODEOWNERS +* CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) +poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) -* fixed typehints/docs in `_BaseCondaParser` +* poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) +Bumps [types-setuptools](https://github.com/python/typeshed) from 57.4.2 to 57.4.4. +- [Release notes](https://github.com/python/typeshed/releases) +- [Commits](https://github.com/python/typeshed/commits) -* slacked pipenv parser +--- +updated-dependencies: +- dependency-name: types-setuptools + dependency-type: direct:production + update-type: version-update:semver-patch +... -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) +Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) -* fixed some abstract definitions +* CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) +poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +* poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -## v0.10.2 (2021-10-21) +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.9.2 to 21.11.29. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.9.2...21.11.29) -### Fix +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... -* fix: correct way to write utf-8 encoded files +Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) +* CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -### Unknown +poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) -* 0.10.2 +* CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 -Automatically generated by python-semantic-release ([`79538e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) +poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +* poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -## v0.10.1 (2021-10-21) +Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.2 to 6.2. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.2...6.2) -### Fix +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-minor +... -* fix: ensure output to file is UTF-8 +Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) +* DOCS: fix README shields & links ([`43b1121`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) -* fix: ensure output to file is UTF-8 +* doc: readme maintenance - shields & links (#72) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) +* README: restructure links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add lan to fenced code blocks + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: fix some formatting + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: modernized shields + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: harmonize links + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: add language to code fences + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: markdown fixes + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: removed py version shield + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) -### Unknown +* poetry(deps): bump mako from 1.1.5 to 1.1.6 -* 0.10.1 +Bumps [mako](https://github.com/sqlalchemy/mako) from 1.1.5 to 1.1.6. +- [Release notes](https://github.com/sqlalchemy/mako/releases) +- [Changelog](https://github.com/sqlalchemy/mako/blob/main/CHANGES) +- [Commits](https://github.com/sqlalchemy/mako/commits) -Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) +--- +updated-dependencies: +- dependency-name: mako + dependency-type: indirect + update-type: version-update:semver-patch +... -* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError +Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) -FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) +* Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 -* remove memoryview from sha1 file hashing +poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) +* FIX: update Conda package parsing to handle `build` containing underscore (#66) -* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows +* fix: update conda package parsing to handle `build` containing underscore + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* updated some typings + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) +* poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 +Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.8.1 to 4.8.2. +- [Release notes](https://github.com/python/importlib_metadata/releases) +- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst) +- [Commits](https://github.com/python/importlib_metadata/compare/v4.8.1...v4.8.2) -## v0.10.0 (2021-10-20) +--- +updated-dependencies: +- dependency-name: importlib-metadata + dependency-type: direct:production + update-type: version-update:semver-patch +... -### Feature +Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) -* feat: add support for Conda +* poetry(deps): bump filelock from 3.3.1 to 3.3.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) +Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.3.1 to 3.3.2. +- [Release notes](https://github.com/tox-dev/py-filelock/releases) +- [Changelog](https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/py-filelock/compare/3.3.1...3.3.2) -### Unknown +--- +updated-dependencies: +- dependency-name: filelock + dependency-type: indirect + update-type: version-update:semver-patch +... -* 0.10.0 +Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) -Automatically generated by python-semantic-release ([`eea3598`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) +* Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 -* Merge pull request #38 from CycloneDX/feat/conda-support +poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) -feat: add support for Conda ([`ee5d36d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) +* Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 -* add support pre Python 3.8 +poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) +* Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 -* doc: updated documentation with Conda support (and missed updates for externalReferences) +poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) +* poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 3.0.5 to 3.0.6. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_3.0.5...pyparsing_3.0.6) -## v0.9.1 (2021-10-19) +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-patch +... -### Fix +Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) -* fix: missing check for Classifiers in Environment Parser +* poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) +Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.1.1 to 6.1.2. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/6.1.1...6.1.2) -### Unknown +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-patch +... -* 0.9.1 +Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) -Automatically generated by python-semantic-release ([`f132c92`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) +* 0.11.1 -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) +Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +* FEAT: Support Python 3.10 (#64) -## v0.9.0 (2021-10-19) +* fix: tested with Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* added trove classifier for Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) -### Feature +* poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 -* feat: add support for parsing package licenses when using the `Environment` Parsers +Bumps [importlib-resources](https://github.com/python/importlib_resources) from 5.3.0 to 5.4.0. +- [Release notes](https://github.com/python/importlib_resources/releases) +- [Changelog](https://github.com/python/importlib_resources/blob/main/CHANGES.rst) +- [Commits](https://github.com/python/importlib_resources/compare/v5.3.0...v5.4.0) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) +--- +updated-dependencies: +- dependency-name: importlib-resources + dependency-type: indirect + update-type: version-update:semver-minor +... -### Unknown +Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) -* 0.9.0 +* 0.11.0 -Automatically generated by python-semantic-release ([`ad65564`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) +Automatically generated by python-semantic-release ([`7262783`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) -* Merge pull request #36 from CycloneDX/feat/add-license-support +* Merge pull request #41 from jkowalleck/improv-abstract + +fixed some abstract definitions ([`f34e2c2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) -Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) +* Merge pull request #42 from jkowalleck/improv-pipenv +slacked pipenv parser ([`08bc4ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) -## v0.8.3 (2021-10-14) +* Merge pull request #43 from jkowalleck/improv-conda-typehints -### Fix +fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) -* fix: coding standards violations +* Merge pull request #54 from jkowalleck/create-CODEOWNERS -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) +created CODEOWNERS ([`7f28bef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) -* fix: handle `Pipfile.lock` dependencies without an `index` specified -fix: multiple fixes in variable scoping to prevent accidental data sharing +* Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) +poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) -### Unknown +* Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 -* 0.8.3 +poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) + +* Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 -Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) +poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) -* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure +* poetry(deps): bump py from 1.10.0 to 1.11.0 -BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) +Bumps [py](https://github.com/pytest-dev/py) from 1.10.0 to 1.11.0. +- [Release notes](https://github.com/pytest-dev/py/releases) +- [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) +- [Commits](https://github.com/pytest-dev/py/compare/1.10.0...1.11.0) +--- +updated-dependencies: +- dependency-name: py + dependency-type: indirect + update-type: version-update:semver-minor +... -## v0.8.2 (2021-10-14) +Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) -### Fix +* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 -* fix: add namespace and subpath support to Component to complete PackageURL Spec support +poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) +* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 -### Unknown +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) -* 0.8.2 +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-major +... -Automatically generated by python-semantic-release ([`298318f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) -* Merge pull request #32 from CycloneDX/feat/full-packageurl-support +* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 -Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) -## v0.8.1 (2021-10-12) +* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 -### Fix +Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) -* fix: multiple hashes being created for an externalRefernce which is not as required +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-major +... -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) +Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) -### Unknown +* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 -* 0.8.1 +Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. +- [Release notes](https://github.com/pypa/virtualenv/releases) +- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) +- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) -Automatically generated by python-semantic-release ([`70689a2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) +--- +updated-dependencies: +- dependency-name: virtualenv + dependency-type: indirect + update-type: version-update:semver-minor +... +Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) -## v0.8.0 (2021-10-12) +* created CODEOWNERS -### Feature +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) -* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known +* fixed typehints/docs in `_BaseCondaParser` -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) -### Unknown +* slacked pipenv parser -* 0.8.0 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) -Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) +* fixed some abstract definitions -* Merge pull request #29 from CycloneDX/feat/component-external-references +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) -FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) +* 0.10.2 -* doc: notable improvements to API documentation generation (added search, branding, a little styling) +Automatically generated by python-semantic-release ([`79538e9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) +* 0.10.1 +Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) -## v0.7.0 (2021-10-11) +* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError -### Feature +FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) -* feat: support for pipenv.lock file parsing +* remove memoryview from sha1 file hashing -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) -### Unknown +* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows -* 0.7.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) -Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) +* 0.10.0 -* Merge pull request #27 from CycloneDX/feat/add-pipenv-support +Automatically generated by python-semantic-release ([`eea3598`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) -FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +* Merge pull request #38 from CycloneDX/feat/conda-support -* doc: updated README.md to include Pipfile.lock parsing +feat: add support for Conda ([`ee5d36d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) +* add support pre Python 3.8 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) -## v0.6.2 (2021-10-11) +* doc: updated documentation with Conda support (and missed updates for externalReferences) -### Fix +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) -* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances +* 0.9.1 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) +Automatically generated by python-semantic-release ([`f132c92`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) -* 0.6.2 +* 0.9.0 -Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) +Automatically generated by python-semantic-release ([`ad65564`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) +* Merge pull request #36 from CycloneDX/feat/add-license-support +Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) -## v0.6.1 (2021-10-11) +* 0.8.3 -### Fix +Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) -* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance +* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) +BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -### Unknown +* 0.8.2 -* 0.6.1 +Automatically generated by python-semantic-release ([`298318f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) -Automatically generated by python-semantic-release ([`c530460`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) +* Merge pull request #32 from CycloneDX/feat/full-packageurl-support -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) +Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +* 0.8.1 -## v0.6.0 (2021-10-11) +Automatically generated by python-semantic-release ([`70689a2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) -### Feature +* 0.8.0 -* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 +Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) +* Merge pull request #29 from CycloneDX/feat/component-external-references -* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component +FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) +* doc: notable improvements to API documentation generation (added search, branding, a little styling) -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) -* 0.6.0 +* 0.7.0 -Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) +Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) -* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov +* Merge pull request #27 from CycloneDX/feat/add-pipenv-support -Support for representing File as Component ([`63a86b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) +FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +* doc: updated README.md to include Pipfile.lock parsing -## v0.5.0 (2021-10-11) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) -### Build +* 0.6.2 -* build: updated dependencies, moved pdoc3 to a dev dependency +Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -### Feature +* 0.6.1 -* feat: add support for tool(s) that generated the SBOM +Automatically generated by python-semantic-release ([`c530460`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) -### Fix +* 0.6.0 -* fix: bumped a dependency version +Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) +* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov -### Unknown +Support for representing File as Component ([`63a86b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) * 0.5.0 -Automatically generated by python-semantic-release ([`a655d29`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) +Automatically generated by python-semantic-release ([`a655d29`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) * Merge pull request #20 from CycloneDX/feat/additional-metadata -feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) +feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) * fix for Pytho< 3.8 support in tests -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) * doc: added documentation -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) * poetry(deps): bump zipp from 3.5.0 to 3.6.0 @@ -3045,434 +2600,256 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) * doc: bumped gh-action for publishing docs -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) * doc: added documentation to model/bom -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) * doc: formatting -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) * doc: added missing docstrings to allow documentation to generate -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) * Merge pull request #10 from coderpatros/docs -Add initial doc generation and publishing ([`7873ad9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) - - -## v0.4.1 (2021-09-27) - -### Build - -* build: dependencies updated - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) - -### Fix - -* fix: improved handling for `requirements.txt` content without pinned or declared versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) - -### Unknown +Add initial doc generation and publishing ([`7873ad9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) * 0.4.1 -Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) +Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) * Merge pull request #15 from CycloneDX/fix/issue-14-requirements-unpinned-versions -fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) +fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) * Add initial doc generation and publishing -Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) - - -## v0.4.0 (2021-09-16) - -### Feature - -* feat: support for localising vectors (i.e. stripping out any scheme prefix) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) - -* feat: helper methods for deriving Severity and SourceType - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) - -### Fix - -* fix: removed print call - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) - -* fix: relaxed typing of parameter to be compatible with Python < 3.9 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) - -* fix: removed print call - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) - -* fix: remove unused commented out code - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) - -### Unknown +Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) * 0.4.0 -Automatically generated by python-semantic-release ([`f441413`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) - - -## v0.3.0 (2021-09-15) - -### Feature - -* feat: adding support for extension schema that descriptions vulnerability disclosures - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) - -### Unknown +Automatically generated by python-semantic-release ([`f441413`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) * 0.3.0 -Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) +Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) * Merge pull request #5 from CycloneDX/feat/support-schema-extension-vulnerability-1.0 -FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) +FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) * doc: updated README to explain support for Vulnerability Disclosures -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) - - -## v0.2.0 (2021-09-14) - -### Feature - -* feat: added helper method to return a PackageURL object representing a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) - -### Fix - -* fix: whitespace on empty line removed - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) - -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) * 0.2.0 -Automatically generated by python-semantic-release ([`866eda7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) +Automatically generated by python-semantic-release ([`866eda7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) * Merge pull request #4 from CycloneDX/feat/component-as-packageurl -fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) +fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) - - -## v0.1.0 (2021-09-13) - -### Feature - -* feat: add poetry support - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) - -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) * 0.1.0 -Automatically generated by python-semantic-release ([`0da668f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) +Automatically generated by python-semantic-release ([`0da668f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) * Merge pull request #3 from CycloneDX/feat/poetry-lock-support -FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) +FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) * feat(parser) - added support for parsing dependencies from poetry.lock files. -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) * fix(parser) parsers were able to share state unexpectedly -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) - - -## v0.0.11 (2021-09-10) - -### Fix - -* fix(test): test was not updated for revised author statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) - -* fix(build): test failure and dependency missing - -Fixed failing tests due to dependency on now removed VERSION file -Added flake8 officially as a DEV dependency to poetry - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) - -* fix(build): removed artefacts associtated with non-poetry build - -Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) - -### Unknown +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) * 0.0.11 -Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) +Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) * Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip -fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) - - -## v0.0.10 (2021-09-08) - -### Fix - -* fix: add in pypi badge ([`6098c36`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) - -### Unknown +fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) * 0.0.10 -Automatically generated by python-semantic-release ([`245d809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) - - -## v0.0.9 (2021-09-08) - -### Fix - -* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) - -### Unknown +Automatically generated by python-semantic-release ([`245d809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) * 0.0.9 -Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) - -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) - - -## v0.0.8 (2021-09-08) - -### Fix - -* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) +Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) * 0.0.8 -Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) - -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) - - -## v0.0.7 (2021-09-08) - -### Fix - -* fix: release with full name ([`4c620ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) +Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) -### Unknown +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) * 0.0.7 -Automatically generated by python-semantic-release ([`19943e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) - - -## v0.0.6 (2021-09-08) - -### Fix - -* fix: initial release to pypi ([`99687db`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) - -### Unknown +Automatically generated by python-semantic-release ([`19943e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) * 0.0.6 -Automatically generated by python-semantic-release ([`98ad249`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) +Automatically generated by python-semantic-release ([`98ad249`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) -* Switch to using action ([`cce468a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) - - -## v0.0.5 (2021-09-08) - -### Unknown +* Switch to using action ([`cce468a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) * 0.0.5 -Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) +Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) -* Try this on for size ([`aa93310`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) - - -## v0.0.4 (2021-09-08) - -### Unknown +* Try this on for size ([`aa93310`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) * 0.0.4 -Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) +Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) -* Use python3 to install ([`4c810e1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) - - -## v0.0.3 (2021-09-08) - -### Unknown +* Use python3 to install ([`4c810e1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) * 0.0.3 -Automatically generated by python-semantic-release ([`05306ee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) +Automatically generated by python-semantic-release ([`05306ee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) -* Bump up version of poetry ([`89db268`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) - - -## v0.0.2 (2021-09-08) - -### Unknown +* Bump up version of poetry ([`89db268`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) * 0.0.2 -Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) +Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) -* Remove check for push ([`71b1270`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) +* Remove check for push ([`71b1270`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) -* Manual deploy workflow ([`9b4ac33`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) +* Manual deploy workflow ([`9b4ac33`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) -* License headers, OWASP etc... ([`559b8d2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) +* License headers, OWASP etc... ([`559b8d2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) -* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) +* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) -* Bump to version 0.0.2 ([`1050839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) +* Bump to version 0.0.2 ([`1050839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) -* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) +* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) -* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) +* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) -* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) +* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) * Merge pull request #1 from sonatype-nexus-community/features/initial-port-of-v1.1-generation-from-jake -Initial port of library code to new library ([`2f2634b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) +Initial port of library code to new library ([`2f2634b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) -* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) +* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) -* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) +* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) -* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) +* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) -* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) +* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) -* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) +* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) -* Fixing CircleCI config. ([`a446f4c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) +* Fixing CircleCI config. ([`a446f4c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) -* Fixes to GitHub actions. ([`d2aa277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) +* Fixes to GitHub actions. ([`d2aa277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) -* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) +* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) -* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) +* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) -* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) +* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) -* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) +* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) -* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) +* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) -* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) +* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) -* Fixed typo in Github action. ([`3953675`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) +* Fixed typo in Github action. ([`3953675`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) -* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) +* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) -* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) +* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) -* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) +* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) -* Added Poetry supprot. ([`e9a67f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) +* Added Poetry supprot. ([`e9a67f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) -* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) +* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) -* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) +* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) -* Updated README to reflect support for author. ([`bff5954`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) +* Updated README to reflect support for author. ([`bff5954`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) -* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) +* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) -* Corrected typo in README ([`0d2c355`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) +* Corrected typo in README ([`0d2c355`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) -* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) +* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) -* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) +* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) -* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) +* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) -* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) +* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) -* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) +* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) -* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) +* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) -* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) +* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) -* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) +* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) -* Added HTML coverage report. ([`ce700e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) +* Added HTML coverage report. ([`ce700e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) -* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) +* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) -* Added coverage reporting for tests ([`c34b1a6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) +* Added coverage reporting for tests ([`c34b1a6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) -* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) +* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) -* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) +* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) -* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) +* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) -* Rebasing from main. ([`822ab8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) +* Rebasing from main. ([`822ab8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) -* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) +* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) -* pretty badge ([`60e975c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) +* pretty badge ([`60e975c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) -* initial CI for discussion ([`7e88cd5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) +* initial CI for discussion ([`7e88cd5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) -* Added a little more information to the README. ([`460c624`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) +* Added a little more information to the README. ([`460c624`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) -* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) +* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) -* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) +* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) -* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) +* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) -* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) +* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) -* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) +* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) -* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) +* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) -* Initial commit ([`62353b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) +* Initial commit ([`62353b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index daefd93d..1809a0e2 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "8.3.0" # noqa:Q000 +__version__ = "1.0.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 5890b293..27ff176a 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '8.3.0' +release = '1.0.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 82f08931..29c6c561 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "8.3.0" +version = "1.0.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From 22558b8b71c5df381408fbfd531a1d4101d1a3b3 Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Sun, 27 Oct 2024 15:14:42 -0400 Subject: [PATCH 31/37] Revert "chore(release): 1.0.0" This reverts commit ce3fe7f30bbfd74d00da69ca12c183d75d52e0ed. Signed-off-by: Saquib Saifee --- CHANGELOG.md | 3285 ++++++++++++++++++++++++----------------- cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 1957 insertions(+), 1334 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f3b66957..0423d5d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,68 @@ -## v1.0.0 (2024-10-26) +## v8.3.0 (2024-10-26) + +### Documentation + +* docs: revisit examples readme (#725) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) + +### Feature + +* feat: add basic support for Definitions (#701) + + + +--------- + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) + + +## v8.2.1 (2024-10-24) + +### Fix + +* fix: encode quotation mark in URL (#724) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) + + +## v8.2.0 (2024-10-22) + +### Feature + +* feat: Add Python 3.13 support (#718) + +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) + + +## v8.1.0 (2024-10-21) + +### Documentation + +* docs: fix code examples regarding outputting (#709) + + + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) + +### Feature + +* feat: add support for Lifecycles in BOM metadata (#698) + + + +--------- + +Signed-off-by: Johannes Feichtner <johannes@web-wack.at> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) + + +## v8.0.0 (2024-10-14) ### Breaking @@ -48,7 +109,241 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Joshua Kugler <tek30584@adobe.com> Signed-off-by: semantic-release <semantic-release@bot.local> Co-authored-by: Joshua Kugler <joshua@azariah.com> -Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) +Co-authored-by: semantic-release <semantic-release@bot.local> ([`002f966`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/002f96630ce8fc6f1766ee6cc92a16b35a821c69)) + +### Documentation + +* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) + + +## v7.6.2 (2024-10-07) + +### Documentation + +* docs: fix some doc strings + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) + +### Fix + +* fix: behavior of and typing for crypto setters with optional values (#694) + +fixes #690 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) + + +## v7.6.1 (2024-09-18) + +### Fix + +* fix: file copyright headers (#676) + +utilizes flake8 plugin +<https://pypi.org/project/flake8-copyright-validator/> to assert the +correct headers + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) + + +## v7.6.0 (2024-08-14) + +### Feature + +* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) + +The code mistreated hashes for Blake2b and SHA3. +Code for explicitly handling SHA1 & BLAKE3 was added, as those have no +variants defined in the CycloneDX specification. + +fixes #652 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) + + +## v7.5.1 (2024-07-08) + +### Fix + +* fix: XML serialize `normalizedString` and `token` properly (#646) + +fixes #638 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) + + +## v7.5.0 (2024-07-04) + +### Feature + +* feat: add workaround property for v1.5 and v1.6 (#642) + +Property `workaround` was missing from the vulnerability model. It was +added in spec v1.5 and was marked as TODO before. + +This is my first contribution on this project so if I done something +wrong, just say me :smiley: + +Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> +Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> +Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) + + +## v7.4.1 (2024-06-12) + +### Documentation + +* docs: exclude dep bumps from changelog (#627) + +fixes #616 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) + +### Fix + +* fix: `cyclonedx.model.Property.value` value is optional (#631) + +`cyclonedx.model.Property.value` value is optional, in accordance with +the spec. + +fixes #630 + +--------- + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) + + +## v7.4.0 (2024-05-23) + +### Documentation + +* docs: OSSP best practice percentage + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) + +### Feature + +* feat: updated SPDX license list to `v3.24.0` (#622) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) + + +## v7.3.4 (2024-05-06) + +### Fix + +* fix: allow suppliers with empty-string names (#611) + +fixes #600 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) + + +## v7.3.3 (2024-05-06) + +### Fix + +* fix: json validation allow arbitrary `$schema` value (#613) + +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) + + +## v7.3.2 (2024-04-26) + +### Fix + +* fix: properly sort components based on all properties (#599) + +reverts #587 - as this one introduced errors +fixes #598 +fixes #586 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) + + +## v7.3.1 (2024-04-22) + +### Fix + +* fix: include all fields of `Component` in `__lt__` function for #586 (#587) + +Fixes #586. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) + + +## v7.3.0 (2024-04-19) + +### Feature + +* feat: license factory set `acknowledgement` (#593) + +add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) + + +## v7.2.0 (2024-04-19) + +### Feature + +* feat: disjunctive license acknowledgement (#591) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) + +### Unknown + +* doc: poor merge resolved + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) + + +## v7.1.0 (2024-04-10) + +### Documentation + +* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) + +### Feature + +* feat: support `bom.properties` for CycloneDX v1.5+ (#585) + +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) + + +## v7.0.0 (2024-04-09) + +### Breaking * feat!: Support for CycloneDX v1.6 @@ -189,15 +484,193 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da)) -* feat!: v6.0.0 (#492) -### Breaking Changes - -* Removed symbols that were already marked as deprecated (via [#493]) -* Removed symbols in `parser.*` ([#489] via [#495]) -* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) +## v6.4.4 (2024-03-18) + +### Fix + +* fix: wrong extra name for xml validation (#571) + + + +Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) + + +## v6.4.3 (2024-03-04) + +### Fix + +* fix: serialization of `model.component.Diff` (#557) + +Fixes #556 + +--------- + +Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) + + +## v6.4.2 (2024-03-01) + +### Build + +* build: use poetry v1.8.1 (#560) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) + +### Documentation + +* docs: update architecture description and examples (#550) + + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) + +* docs: exclude internal docs from rendering (#545) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) + +### Unknown + +* docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) + +* docs (#546) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) + + +## v6.4.1 (2024-01-30) + +### Documentation + +* docs: ship docs with `sdist` build (#544) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) + +* docs: refactor example + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) + +### Fix + +* fix: `model.BomRef` no longer equal to unset peers (#543) + + fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) + + +## v6.4.0 (2024-01-22) + +### Documentation + +* docs: add OpenSSF Best Practices shield (#532) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) + +### Feature + +* feat: support `py-serializable` v1.0 (#531) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) + + +## v6.3.0 (2024-01-06) + +### Documentation + +* docs: add `Documentation` url to project meta + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) + +* docs: add `Documentation` url to project meta + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) + +### Feature + +* feat: enable dependency `py-serializable 0.17` (#529) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) + + +## v6.2.0 (2023-12-31) + +### Build + +* build: allow additional major-version RC branch patterns + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) + +### Documentation + +* docs: fix typo + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) + +* docs: update intro and description + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) + +* docs: buld docs on ubuntu22.04 python311 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) + +### Feature + +* feat: allow `lxml` requirement in range of `>=4,<6` (#523) + +Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. +- [Release notes](https://github.com/lxml/lxml/releases) +- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) +- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) + +--- +updated-dependencies: +- dependency-name: lxml + dependency-type: direct:production +... + +Signed-off-by: dependabot[bot] <support@github.com> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) + +### Unknown + +* docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) + + +## v6.1.0 (2023-12-22) + +### Feature + +* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) + +new API: `model.HashType.from_hashlib_alg()` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) + + +## v6.0.0 (2023-12-10) + +### Breaking + +* feat!: v6.0.0 (#492) + +### Breaking Changes + +* Removed symbols that were already marked as deprecated (via [#493]) +* Removed symbols in `parser.*` ([#489] via [#495]) +* Removed `output.LATEST_SUPPORTED_SCHEMA_VERSION` ([#491] via [#494]) * Serialization of unsupported enum values might downgrade/migrate/omit them ([#490] via [#496]) Handling might raise warnings if a data loss occurred due to omitting. The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered. @@ -281,7 +754,78 @@ Signed-off-by: Johannes Feichtner <johannes@web-wack.at> Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: semantic-release <semantic-release> Co-authored-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) +Co-authored-by: semantic-release <semantic-release> ([`74865f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74865f8e498c9723c2ce3556ceecb6a3cfc4c490)) + + +## v5.2.0 (2023-12-02) + +### Documentation + +* docs: keywaords & funding (#486) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) + +### Feature + +* feat: `model.XsUri` migrate control characters according to spec (#498) + +fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) + + +## v5.1.1 (2023-11-02) + +### Fix + +* fix: update own `externalReferences` (#480) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) + + +## v5.1.0 (2023-10-31) + +### Documentation + +* docs: advance license docs + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) + +### Feature + +* feat: guarantee unique `BomRef`s in serialization result (#479) + +Incorporate `output.BomRefDiscriminator` on serialization + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) + + +## v5.0.1 (2023-10-24) + +### Documentation + +* docs: revisit project meta (#475) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) + +* docs: fix RTFD build (#476) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) + +### Unknown + +* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" + +This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) + + +## v5.0.0 (2023-10-24) + +### Breaking * feat!: v5.0.0 (#440) @@ -401,54 +945,156 @@ Misc Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> Signed-off-by: semantic-release <semantic-release> -Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) +Co-authored-by: semantic-release <semantic-release> ([`26b151c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26b151cba7d7d484f23ee7888444f09ad6d016b1)) -* feat: Release 4.0.0 #341) -Highlights of this release include: -* Support for De-serialization from JSON and XML to this Pythonic Model -* Deprecation of Python 3.6 support -* Support for Python 3.11 -* Support for `BomLink` -* Support VEX without needing `Component` in the same `Bom` -* Support for `services` having `dependencies` - -BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: support VEX without Components in the same BOM - -BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -feat: allow `version` of BOM to be defined - -feat: allow `serial_number` of BOM to be prescribed - -feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: fix release workflow - -* chore: editorconfig - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* feat: support for deserialization from JSON and XML (#290) - -BREAKING CHANGE: - -* feat: drop Python 3.6 support - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> +## v4.2.3 (2023-10-16) + +### Fix + +* fix: SPDX-expression-validation internal crashes are cought and handled (#471) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) + + +## v4.2.2 (2023-09-14) + +### Documentation + +* docs: fix shield in README + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) + +* docs(example): showcase `LicenseChoiceFactory` (#428) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) + +### Fix + +* fix: ship meta files (#434) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) + + +## v4.2.1 (2023-09-06) + +### Fix + +* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) + + +## v4.2.0 (2023-09-06) + +### Feature + +* feat: complete SPDX license expression (#425) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) + + +## v4.1.0 (2023-08-27) + +### Documentation + +* docs(examples): showcase shorthand dependency management (#403) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) + +### Feature + +* feat: programmatic access to library's version (#417) + +adds `cyclonedx.__version__` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) + + +## v4.0.1 (2023-06-28) + +### Documentation + +* docs(examples): README (#399) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) + +* docs: add exaple how to build and serialize (#397) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) + +### Fix + +* fix: conditional warning if no root dependencies were found (#398) + + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) + +### Unknown + +* 4.0.1 + +Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) + +* Add missing space in warning message. (#364) + + + +Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> +Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) + + +## v4.0.0 (2023-03-20) + +### Breaking + +* feat: Release 4.0.0 #341) + +Highlights of this release include: +* Support for De-serialization from JSON and XML to this Pythonic Model +* Deprecation of Python 3.6 support +* Support for Python 3.11 +* Support for `BomLink` +* Support VEX without needing `Component` in the same `Bom` +* Support for `services` having `dependencies` + +BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed. + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: support VEX without Components in the same BOM + +BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +feat: allow `version` of BOM to be defined + +feat: allow `serial_number` of BOM to be prescribed + +feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: fix release workflow + +* chore: editorconfig + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* feat: support for deserialization from JSON and XML (#290) + +BREAKING CHANGE: + +* feat: drop Python 3.6 support + +Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Signed-off-by: Paul Horton <paul.horton@owasp.org> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> @@ -521,1337 +1167,681 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Hakan Dilek <hakandilek@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Hakan Dilek <hakandilek@gmail.com> -Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) - -* feat: bump dependencies - -BREAKING CHANGE: Adopt PEP-3102 - -BREAKING CHANGE: Optional Lists are now non-optional Sets - -BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version - -BREAKING CHANGE: Added `BomRef` data type - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) - -### Build - -* build: use poetry v1.8.1 (#560) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6f81dfa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f81dfaed32b76f251647f6291791e714ab158a3)) - -* build: allow additional major-version RC branch patterns - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f8af156`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f8af156c9c38f737b7067722d2a96f8a2a4fcb48)) - -* build: move typing to dev-dependencies - -Move `types-setuptools` and `types-toml` to dev-dependencies (#226) - -Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) - -* build: updated dependencies, moved pdoc3 to a dev dependency +Co-authored-by: Hakan Dilek <hakandilek@users.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) +### Unknown -* build: dependencies updated +* 4.0.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) +Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) -### Documentation -* docs: revisit examples readme (#725) +## v3.1.5 (2023-01-12) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9020f0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9020f0b709a5245d1749d2811b8568f892869bb)) +### Fix -* docs: fix code examples regarding outputting (#709) +* fix: mak test's schema paths relative to `cyclonedx` package (#338) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`c72d5f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c72d5f483d5c1990fe643c4c25e37373d4d3248f)) - -* docs(chaneglog): omit chore/ci/refactor/style/test/build (#703) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a210809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a210809efb34c2dc895fc0c6d96a3412a9097625)) - -* docs: fix some doc strings +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4fa8fc1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4fa8fc1b6703ecf6788b72f2d53c6a17e2146cf7)) - -* docs: exclude dep bumps from changelog (#627) +### Unknown -fixes #616 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`60361f7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60361f781a1b356f24a553e133e0f58a2ad37a7d)) +* 3.1.5 -* docs: OSSP best practice percentage +Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`75f58dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75f58dcd41c1495737bff69d354beeeff7660c15)) -* docs: missing schema support table & update schema support to reflect version 7.0.0 (#584) +## v3.1.4 (2023-01-11) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d230e67`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d230e67188661a5fb94730e52bf59c11c965c8d7)) +### Fix -* docs: update architecture description and examples (#550) +* fix(tests): include tests in `sdist` builds (#337) +* feat: include `tests` in `sdist` builds for #336 +* delete unexpected `DS_Store` file - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a19fd28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a19fd2828355ae031164ef7a0dda2a8ea2365108)) - -* docs: exclude internal docs from rendering (#545) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7e55dfe`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e55dfe213cb2a88b3686f9e8bf93cf4642a2ccd)) - -* docs: ship docs with `sdist` build (#544) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`52ef01c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/52ef01c99319d5aed950e7f6ef6fcfe731ac8b2f)) - -* docs: refactor example +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c1776b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c1776b718b81cf72ef0c0251504e0d3631e30b17)) - -* docs: add OpenSSF Best Practices shield (#532) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`59c4381`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/59c43814b07db0aa881d87192939eb93e79b0cc2)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1080b73`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1080b7387a0bbc49a067cd2efefb1545470947e5)) - -* docs: add `Documentation` url to project meta - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c4288b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c4288b35e0e1050f0982f7492cfcd3bea34b445c)) - -* docs: fix typo - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2563996`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25639967c93ad464e486f2fe6a148b3be439f43d)) - -* docs: update intro and description - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f0bd05d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f0bd05dc854b5b71421b82cfb527fcb8f41a7c4a)) - -* docs: buld docs on ubuntu22.04 python311 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b3e9ab7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3e9ab77696f2ee763f1746f8142bdf471477c39)) - -* docs: keywaords & funding (#486) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3189e59`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3189e59ff8e3d3d10f7b949b5a08397ff3d3642b)) - -* docs: advance license docs - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f61a730`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f61a7303de1d5dacf0917a1d66f5ebe0732ccd75)) - -* docs: revisit project meta (#475) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c3254d0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3254d055f3cda96d2849222a0bba7be8cf486a3)) - -* docs: fix RTFD build (#476) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b9fcfb4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9fcfb40af366fdee7258ccb720e0fad27994824)) - -* docs: fix shield in README - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6a941b1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a941b1ef5cc0f9e956173cce7e9da57e8c6bf22)) - -* docs(example): showcase `LicenseChoiceFactory` (#428) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c56ec83`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c56ec8395dd203ac41fa6f4c43970a50c0e80efb)) - -* docs(examples): showcase shorthand dependency management (#403) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8b32efb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a)) - -* docs(examples): README (#399) +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1d262ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647)) +* 3.1.4 -* docs: add exaple how to build and serialize (#397) +Automatically generated by python-semantic-release ([`0b19294`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e22bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa)) -* docs: typo +## v3.1.3 (2023-01-07) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) +### Fix -* docs: fix shields (#324) +* fix: serialize dependency graph for nested components (#329) -caused by https://github.com/badges/shields/issues/8671 +* tests: regression tests for issue #328 +* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) - -* docs: fix typo (#318) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) +### Unknown -* docs: fix typo "This is out" -> "This is our" +* 3.1.3 -Fix typo in comments: "This is out" -> "This is our" (#233) - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) +Automatically generated by python-semantic-release ([`11a420c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) -### Feature -* feat: add basic support for Definitions (#701) +## v3.1.2 (2023-01-06) - - ---------- - -Signed-off-by: Hakan Dilek <hakandilek@gmail.com> ([`a1573e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1573e5af12bb54c7328c73971dc2c2f8d820c0a)) - -* feat: Add Python 3.13 support (#718) - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`d4be3ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4be3ba6b3ccc65553a7dd10ad559c1eddfbb19b)) - -* feat: add support for Lifecycles in BOM metadata (#698) - - - ---------- - -Signed-off-by: Johannes Feichtner <johannes@web-wack.at> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Johannes Feichtner <343448+Churro@users.noreply.github.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6cfeb71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6cfeb711f11aec8fa4d7be885f6797cc2eaa7e67)) - -* feat: add cpe format validation - -Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`aea3b04`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aea3b047bc86a4256e8437bdba931578859700df)) - -* feat: add CPE format validation in property setter - -Signed-off-by: Saquib Saifee <saquibsaifee@ibm.com> ([`c74218b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c74218ba0f969cdbe20c5988ef37b358c9c0e011)) - -* feat: add cpe format validation - -- Implemented regex-based validation for CPE format in the model. -- Added tests to verify handling of invalid CPE strings. - -Signed-off-by: Saquib Saifee <saquibsaifee2@gmail.com> ([`15d9c19`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15d9c198404d4c55cf2e9039283a31ff973e8a1b)) - -* feat: `HashType.from_composite_str` for Blake2b, SHA3, Blake3 (#663) - -The code mistreated hashes for Blake2b and SHA3. -Code for explicitly handling SHA1 & BLAKE3 was added, as those have no -variants defined in the CycloneDX specification. - -fixes #652 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c59036e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c59036e06ddc97284f82efbbc168dc2d89d090d1)) - -* feat: add workaround property for v1.5 and v1.6 (#642) - -Property `workaround` was missing from the vulnerability model. It was -added in spec v1.5 and was marked as TODO before. - -This is my first contribution on this project so if I done something -wrong, just say me :smiley: - -Signed-off-by: Louis Maillard <louis.maillard@savoirfairelinux.com> -Signed-off-by: Louis Maillard <louis.maillard@protonmail.com> -Co-authored-by: Louis Maillard <louis.maillard@savoirfairelinux.com> ([`b5ebcf8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b5ebcf8104faf57030cbc5d8190c78524ab86431)) - -* feat: updated SPDX license list to `v3.24.0` (#622) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3f9770a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f9770a95fbe48dfc0cb911a6526690017c2fb37)) - -* feat: license factory set `acknowledgement` (#593) - -add a parameter to `LicenseFactory.make_*()` methods, to set the `LicenseAcknowledgement`. - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7ca2455`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7ca2455018d0e191afaaa2fd136a7e4d5b325ec6)) - -* feat: disjunctive license acknowledgement (#591) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9bf1839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60)) - -* feat: support `bom.properties` for CycloneDX v1.5+ (#585) - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`1d1c45a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d1c45ac82c7927acc388489228a9b5990f68aa7)) - -* feat: support `py-serializable` v1.0 (#531) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1e7277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1e72777d8a355c6854f4d9eb26c1e2083c806df)) - -* feat: enable dependency `py-serializable 0.17` (#529) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9f24220`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9f24220029cd18cd191f63876899cd86be52dce1)) - -* feat: allow `lxml` requirement in range of `>=4,<6` (#523) - -Updates the requirements on [lxml](https://github.com/lxml/lxml) to permit the latest version. -- [Release notes](https://github.com/lxml/lxml/releases) -- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) -- [Commits](https://github.com/lxml/lxml/compare/lxml-4.0.0...lxml-5.0.0) - ---- -updated-dependencies: -- dependency-name: lxml - dependency-type: direct:production -... - -Signed-off-by: dependabot[bot] <support@github.com> -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7d12b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d12b9a9f7a2fdc5e6bb12f891c6f4291e20e65e)) - -* feat: add function to map python `hashlib` algorithms to CycloneDX (#519) - -new API: `model.HashType.from_hashlib_alg()` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`81f8cf5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/81f8cf59b1f40ffbd213789a8b1b621a01e3f631)) - -* feat: `model.XsUri` migrate control characters according to spec (#498) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/497 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e490429`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e49042976f8577af4061c34394db270612488cdf)) - -* feat: guarantee unique `BomRef`s in serialization result (#479) - -Incorporate `output.BomRefDiscriminator` on serialization - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a648775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a648775bb5195621e17fdbae92950ab6d56a665a)) - -* feat: complete SPDX license expression (#425) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e06f9fd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a)) - -* feat: programmatic access to library's version (#417) - -adds `cyclonedx.__version__` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3585ea9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604)) - -* feat: out-factor SPDX compund detection - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) - -* feat: out-factor SPDX compund detection - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) - -* feat: license factories - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) - -* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) - -* feat: support for CycloneDX schema version `1.4.2` -- Provides support for `vulnerability.properties` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) - -* feat: added updated CycloneDX 1.4.2 schemas - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) - -* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) - -* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) - -* feat(deps): remove unused `typing-extensions` constraints - -PullRequest and details via #224 - -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) - -* feat: add support for Dependency Graph in Model and output serialisation - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) - -* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: -https://github.com/CycloneDX/specification/issues/122 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) - -* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: -- https://github.com/CycloneDX/specification/issues/123 -- https://github.com/CycloneDX/specification/issues/84 -- https://github.com/CycloneDX/specification/issues/125 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) - -* feat: output errors are verbose - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) - -* feat: completed work on #155 (#172) - -fix: resolved #169 (part of #155) -feat: as part of solving #155, #147 has been implemented - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) - -* feat: support complete model for `bom.metadata` (#162) - -* feat: support complete model for `bom.metadata` -fix: JSON comparison in unit tests was broken -chore: corrected some source license headers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) - -* feat: support for `bom.externalReferences` in JSON and XML #124 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) - -* feat: Complete support for `bom.components` (#155) - -* fix: implemented correct `__hash__` methods in models (#153) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) - -* feat: support services in XML BOMs -feat: support nested services in JSON and XML BOMs - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) - -* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: updated documentation to reflect change - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* patched other tests to support UUID for bom-ref - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* better syntax - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) - -* feat: add CPE to component (#138) - -* Added CPE to component - -Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixing problems with CPE addition - -- Fixed styling errors -- Added reference to CPE Spec -- Adding CPE parameter as last parameter to not break arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Again fixes for Style and CPE reference - -Missing in the last commit - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added CPE as argument before deprecated arguments - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Added testing for CPE addition and error fixing - -- Added output tests for CPE in XML and JSON -- Fixes style error in components -- Fixes order for CPE output in XML (CPE has to come before PURL) - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed output tests - -CPE was still in the wrong position in one of the tests - fixed - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed minor test fixtures issues - -- cpe was still in wrong position in 1.2 JSON -- Indentation fixed in 1.4 JSON - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> - -* Fixed missing comma in JSON 1.2 test file - -Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) - -* feat: add support for `bom.metadata.component` (#118) - -* Add support for metadata component - -Part of #6 - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> - -* Better docs and simpler ifs - -Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) - -* feat: loosed dependency versions to make this library more consumable - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) - -* feat: Typing & PEP 561 - -* adde file for type checkers according to PEP 561 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added static code analysis as a dev-test - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added the "typed" trove - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added `flake8-annotations` to the tests - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* further typing updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing additions and test updates - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - added type stubs for toml and setuptools - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* further typing - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* typing work - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* coding standards - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* fixed tox and mypy running in correct python version - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed type hints - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fixed some typing related flaws - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* added flake8-bugbear for code analysis - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) - -* feat: add support for Conda - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) - -* feat: add support for parsing package licenses when using the `Environment` Parsers - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) - -* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) - -* feat: support for pipenv.lock file parsing - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) - -* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) - -* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) - -* feat: add support for tool(s) that generated the SBOM - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) - -* feat: support for localising vectors (i.e. stripping out any scheme prefix) - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) - -* feat: helper methods for deriving Severity and SourceType - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) - -* feat: adding support for extension schema that descriptions vulnerability disclosures - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) - -* feat: added helper method to return a PackageURL object representing a Component - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) - -* feat: add poetry support - -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) - -### Fix - -* fix: encode quotation mark in URL (#724) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a7c7c97`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a7c7c97c37ee1c7988c028aa779f74893f858c7b)) - -* fix: behavior of and typing for crypto setters with optional values (#694) - -fixes #690 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d8b20bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d8b20bdc5224ea30cf767f6f3f1a6f8ff2754973)) - -* fix: file copyright headers (#676) - -utilizes flake8 plugin -<https://pypi.org/project/flake8-copyright-validator/> to assert the -correct headers - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`35e00b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35e00b4ee5a9306b9e97b011025409bcbfcef309)) - -* fix: XML serialize `normalizedString` and `token` properly (#646) - -fixes #638 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b40f739`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b40f739206a44f7dbd94042fb5e1a37c047ea024)) - -* fix: `cyclonedx.model.Property.value` value is optional (#631) - -`cyclonedx.model.Property.value` value is optional, in accordance with -the spec. - -fixes #630 - ---------- - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ad0f98b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad0f98b433fd85ba14db6b6288f33d98bc79ee51)) - -* fix: allow suppliers with empty-string names (#611) - -fixes #600 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b331aeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b331aeb4b7261c7b1359c592b2dcda27bd35e369)) - -* fix: json validation allow arbitrary `$schema` value (#613) - -fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/612 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`08b7c60`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08b7c607360b65215d9d29d42ae86e60c6efe49b)) - -* fix: properly sort components based on all properties (#599) - -reverts #587 - as this one introduced errors -fixes #598 -fixes #586 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Paul Horton <paul.horton@owasp.org> ([`8df488c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8df488cb422a6363421fee39714df4e8e8e7a593)) - -* fix: include all fields of `Component` in `__lt__` function for #586 (#587) - -Fixes #586. - -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d784685`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d7846850d1ad33184d1d58b59fdf41a778d05900)) - -* fix: wrong extra name for xml validation (#571) - - - -Signed-off-by: Christoph Reiter <reiter.christoph@gmail.com> ([`10e38e2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10e38e25095de4b2dafbfcd1fd81dce7a9c0f124)) - -* fix: serialization of `model.component.Diff` (#557) - -Fixes #556 - ---------- - -Signed-off-by: rcross-lc <151086351+rcross-lc@users.noreply.github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`22fa873`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22fa8734bf1a3a8789ad7578bfa0c86cf0a49d4a)) - -* fix: `model.BomRef` no longer equal to unset peers (#543) - - fixes [#539](https://github.com/CycloneDX/cyclonedx-python-lib/issues/539) - - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1fd7fee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1fd7fee9dec888c10087921f2e5a7a60062fb419)) - -* fix: update own `externalReferences` (#480) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edb3dde`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/edb3dde889c06755dd1963ed21dd803db3ea0dcc)) - -* fix: SPDX-expression-validation internal crashes are cought and handled (#471) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab)) - -* fix: ship meta files (#434) - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3a1a8a5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3a1a8a5c1cbe8d8989b4cb335269a02b5c6d4f38)) +### Documentation -* fix: `LicenseChoiceFactory.make_from_string()` prioritize SPDX id over expression (#427) +* docs: typo -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e1bdfdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e1bdfddcfab97359fbde9f53dc65f56fc8ec4ba9)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`539b57a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/539b57a00e4e60e239bb26141f219366121e7bc2)) -* fix: conditional warning if no root dependencies were found (#398) +* docs: fix shields (#324) +caused by https://github.com/badges/shields/issues/8671 +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`555dad4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/555dad4bc255066036ecca028192eb83df8ba5a0)) + +* docs: fix typo (#318) + -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8175bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`63bfb87`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63bfb8772fe78e9842675d17862c456150dbbc15)) -* fix: mak test's schema paths relative to `cyclonedx` package (#338) +### Fix + +* fix: prevent errors on metadata handling for some specification versions (#330) Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f0c05f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) -* fix(tests): include tests in `sdist` builds (#337) +### Unknown -* feat: include `tests` in `sdist` builds for #336 -* delete unexpected `DS_Store` file - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`936ad7d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab)) +* 3.1.2 -* fix: serialize dependency graph for nested components (#329) +Automatically generated by python-semantic-release ([`0853d14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) + +* clarify sign-off step (#319) -* tests: regression tests for issue #328 -* fix: for issue #328 -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fb3f835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb3f8351881783281f8b7e796098a4c145b35927)) +Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) -* fix: prevent errors on metadata handling for some specification versions (#330) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f08a656`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f08a65649aee750397edc061eb3b8325a69bb4b4)) +## v3.1.1 (2022-11-28) + +### Fix * fix: type hint for `get_component_by_purl` is incorrect chore: force automated release -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3f20bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f20bf04a65d5c539230281437255b5f48e17621)) -* fix: pinned `mypy <= 0.961` due to #278 +### Unknown -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) +* 3.1.1 -* fix: properly support nested `components` and `services` #275 +Automatically generated by python-semantic-release ([`503955e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) +* Merge pull request #310 from gruebel/fix-method-type-hint -* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) +fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) +* move tests to model bom file -* fix: add missing `Vulnerability` comparator for sorting (#246) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) -Partial fix for #245. - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) +* fix type hint for get_component_by_purl -* fix: prevent error if `version` not set +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) -* fix: `version` being optional in JSON output can raise error +## v3.1.0 (2022-09-15) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) +### Feature -* fix: `license_url` not serialised in XML output #179 (#180) +* feat: out-factor SPDX compund detection -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`fd4d537`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fd4d537c9dced0e38f14d99dee174cc5bb0bd465)) -* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly +* feat: out-factor SPDX compund detection -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2b69925`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b699252f8857d97231a689ea9cbfcdff9459626)) -* fix: temporary fix for `__hash__` of Component with `properties` #153 +* feat: license factories -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`033bad2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/033bad2a50fd2236c712d4621caa57b04fcc2043)) -* fix: further fix for #150 +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) +* 3.1.0 -* fix: regression introduced by first fix for #150 +Automatically generated by python-semantic-release ([`e52c174`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) +* Merge pull request #305 from CycloneDX/license-factories -* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 +feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) +* Merge pull request #301 from CycloneDX/fix-poetry-in-tox -* fix: `expression` not supported in Component Licsnes for version 1.0 +chore: fix poetry in tox ([`92aea8d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) +* remove v3 from CHANGELOG #286 (#287) -* fix: bump dependencies (#136) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) +* 3.0.0 -* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) +Automatically generated by python-semantic-release ([`69582ff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -* fix: tightened dependency `packageurl-python` (#95) +## v2.7.1 (2022-08-01) -fixes #94 - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) +### Fix -* fix: further loosened dependency definitions +* fix: pinned `mypy <= 0.961` due to #278 -see #44 - -updated some locked dependencies to latest versions - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`d6955cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d6955cb86d8da7a72d0146d0dbeb7c34a794a954)) -* fix: constructor for `Vulnerability` to correctly define `ratings` as optional +* fix: properly support nested `components` and `services` #275 -Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`6597db7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6597db740f222c68ad90f74fb8fdb58b72642adb)) -* fix: correct way to write utf-8 encoded files +### Unknown -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) +* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 -* fix: ensure output to file is UTF-8 +fix: BOM validation fails when Components or Services are nested #275 + +fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) +* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) -* fix: ensure output to file is UTF-8 +* added tests to cover new `Component.get_all_nested_components()` method -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) -* fix: missing check for Classifiers in Environment Parser +* Revert "chore: re-added `isort` to pre-commit hooks" -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) +This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -* fix: coding standards violations +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) +* removed tests where services are part of dependency tree - see #277 -* fix: handle `Pipfile.lock` dependencies without an `index` specified -fix: multiple fixes in variable scoping to prevent accidental data sharing +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) +* aded XML output tests for Issue #275 -* fix: add namespace and subpath support to Component to complete PackageURL Spec support +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) +* updated XML output tests -* fix: multiple hashes being created for an externalRefernce which is not as required +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) +* addressed JSON output for #275 including test addiitions -* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance +## v2.7.0 (2022-07-21) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) +### Feature -* fix: bumped a dependency version +* feat: support for CycloneDX schema `1.4.2` - adds `vulnerability.properties` to the schema ([`32e7929`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32e792928bdf37133e966ef72ec01b0bc698482d)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) +* feat: support for CycloneDX schema version `1.4.2` +- Provides support for `vulnerability.properties` -* fix: improved handling for `requirements.txt` content without pinned or declared versions +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`db7445c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/db7445cd343fc35c6d6fc9f5af3e28cf97a19732)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) +* feat: added updated CycloneDX 1.4.2 schemas -* fix: removed print call +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7fb27ae`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb27aed58f7de10f8c6b703699bba315af353e7)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) +### Unknown -* fix: relaxed typing of parameter to be compatible with Python < 3.9 +* 2.7.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) +Automatically generated by python-semantic-release ([`96d155e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) -* fix: removed print call -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) +## v2.6.0 (2022-06-20) -* fix: remove unused commented out code +### Feature -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) +* feat: reduce unnessessarry type casting of `set`/`SortedSet` (#203) -* fix: whitespace on empty line removed +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`089d971`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/089d9714f8f9f8c70076e48baa18340899cc29fa)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) +### Unknown -* fix(test): test was not updated for revised author statement +* 2.6.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) +Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) -* fix(build): test failure and dependency missing -Fixed failing tests due to dependency on now removed VERSION file -Added flake8 officially as a DEV dependency to poetry +## v2.5.2 (2022-06-15) + +### Fix -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) +* fix: add expected lower-than comparators for `OrganizationalEntity` and `VulnerabilityCredits` (#248) -* fix(build): removed artefacts associtated with non-poetry build +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0046ee1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0046ee19547be8dafe5d73bad886b9c5f725f26e)) -Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. +### Unknown + +* 2.5.2 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) +Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) -* fix: add in pypi badge ([`6098c36`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) -* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) +## v2.5.1 (2022-06-10) -* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) +### Fix -* fix: release with full name ([`4c620ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) +* fix: add missing `Vulnerability` comparator for sorting (#246) -* fix: initial release to pypi ([`99687db`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) +Partial fix for #245. + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`c3f3d0d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c3f3d0d105f0dcf991175040b6d6c2b6e7e25d8f)) ### Unknown -* Merge branch 'CycloneDX:main' into main ([`8c4082e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c4082e96eb3af94740b03bcd70c62e8c133c5c0)) +* 2.5.1 -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4197b8f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4197b8ff2fb774d6b2a4bf522536644b7556ce8a)) +Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`39f1ea1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/39f1ea163859b203d23f66920a1e358e0a0d434b)) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`8d6c632`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d6c632829bc59ee71de76bb9b06481cd71b3ebc)) +## v2.5.0 (2022-06-10) -* Merge branch 'main' of https://github.com/saquibsaifee/cyclonedx-python-lib ([`4c9bf32`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c9bf32cb213ef32499d0e15f6a3c30a7c648477)) +### Build -* Merge branch 'CycloneDX:main' into main ([`2cd8250`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2cd825006d2e1dd4164388baf1124ba0063e0d88)) +* build: move typing to dev-dependencies -* Merge branch 'CycloneDX:main' into main ([`be4fd4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be4fd4b0fa7e274689e6dadbcd0a3c2764ca88d1)) +Move `types-setuptools` and `types-toml` to dev-dependencies (#226) + +Signed-off-by: Adam Johnson <me@adamj.eu> ([`0e2376b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0e2376baade068ae0490b05550837d104e9abfa4)) -* Merge pull request #3 from CycloneDX/main +### Documentation -sync ([`a0bfc3d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a0bfc3dc2114d0ff66a8c5911299da9d83b31034)) +* docs: fix typo "This is out" -> "This is our" -* doc: poor merge resolved +Fix typo in comments: "This is out" -> "This is our" (#233) + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0278a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0278a2044147e73a281c5a59f95049d4af7641)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a498faa`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a498faaab248d0512bad9e66afbd8fb1d6c42a66)) +### Feature -* docs +* feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`63cff7e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63cff7ee697c9d5fb96da3c8c16f7c9bc7b34e58)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8a1c404`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8a1c4043f502292b32c4ab36a8618cf3f67ac8df)) -* docs (#546) +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0e5b43`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b0e5b43880e17ec6ce23d5d4e1e7a9a2547c1e79)) +* 2.5.0 -* docs +Automatically generated by python-semantic-release ([`c820423`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7dcd166`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7dcd16621002713dcf1ce8e17bc5762320fae4fa)) +* Merge pull request #235 from RodneyRichardson/use-sorted-set -* "chore(deps): revert bump python-semantic-release/python-semantic-release (#474)" +feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) -This reverts commit 9c3ffac34e89610ccc4f9701444127e1e6f5ee07. +* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aae7304`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aae73048c7aebe5920ec888225bdbde08111601b)) +* Fix SortedSet type hints for python < 3.8 -* 4.0.1 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) -Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715)) +* Fix line length warning. -* Add missing space in warning message. (#364) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) - - -Signed-off-by: Michael Schlenker <michael.schlenker@contact-software.com> -Co-authored-by: Michael Schlenker <michael.schlenker@contact-software.com> ([`dad0d28`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04)) +* Fix more type hints for python < 3.8 -* 4.0.0 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) -Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b)) +* Fix SortedSet type hints for python < 3.8 -* 3.1.5 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) -Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c)) +* Fix type hint on ComparableTuple -* 3.1.4 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) -Automatically generated by python-semantic-release ([`0b19294`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61)) +* Sort usings. -* 3.1.3 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) -Automatically generated by python-semantic-release ([`11a420c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/11a420c5fc38bb48d2a91713cc74574acb131184)) +* Fix sonatype-lift warnings -* 3.1.2 +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) -Automatically generated by python-semantic-release ([`0853d14`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0853d14780b8e44e9b285bee2ac6b81551640c5f)) +* Fix warnings. -* clarify sign-off step (#319) +Change tuple -> Tuple +Fix Diff initialization +Add sorting to AttachedText - -Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`007fb96`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/007fb96a1ec23b9516bc383afa85b3efc2707aa8)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) -* 3.1.1 +* Reduce sortedcontainers.pyi to only the functions used. -Automatically generated by python-semantic-release ([`503955e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/503955ea9e19e1d3ca611df36508dcf1aa93905c)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) -* Merge pull request #310 from gruebel/fix-method-type-hint +* Remove flake8 warnings -fix: type hint for `get_component_by_purl` is incorrect ([`06037b9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/06037b99e0d6ebc5388d3c5e0799a68233ed92e8)) +Remove unused imports and trailing whitespace. +Sort usings in pyi file. -* move tests to model bom file +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`4c8a3ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c8a3ab0eef349c007285ff9dfed0c00c6732a96)) +* Add type hints for SortedSet -* fix type hint for get_component_by_purl +Fix use of set/Set. -Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`735c05e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/735c05eebb792eed55aeb4d5a7be8043ee1cd9ae)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) -* 3.1.0 +* Replace object type hint in __lt__ with Any -Automatically generated by python-semantic-release ([`e52c174`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e52c17447b1520103ccb24192ab92560429df595)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) -* Merge pull request #305 from CycloneDX/license-factories +* Make reorder() return type explicit List (as flagged by sonatype-lift bot) -feat: add license factories to more easily support creation of `License` or `LicenseChoice` from SPDX license strings #304 ([`5ff4494`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5ff4494b0e0d76d04cf8a4245ce0426f0abbd8f9)) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) -* Merge pull request #301 from CycloneDX/fix-poetry-in-tox +* Use SortedSet in model to improve reproducibility -chore: fix poetry in tox ([`92aea8d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/92aea8d3413cd2af820cc8160ef48a737951b0ea)) +Added `__lt__()` to all model classes used in SortedSet, with tests +Explicitly declared Enums as (str, Enum) to allow sorting +Added dependency to sortedcollections package -* remove v3 from CHANGELOG #286 (#287) +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7029721`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/702972105364a3ab225ea5a586c48cec664601ca)) -* 3.0.0 +## v2.4.0 (2022-05-17) -Automatically generated by python-semantic-release ([`69582ff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69582ff7a9e3a1cfb2c7193c3d194d69e35899c1)) +### Feature -* Merge pull request #276 from CycloneDX/fix/bom-validation-nested-components-isue-275 +* feat(deps): remove unused `typing-extensions` constraints -fix: BOM validation fails when Components or Services are nested #275 +PullRequest and details via #224 -fix: updated dependencies #271, #270, #269 and #256 ([`68a0cdd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/68a0cddc0a226947d76b6a275cfceba383797d3b)) +Signed-off-by: gruebel <anton.gruebel@gmail.com> ([`2ce358a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2ce358a37e6ce5f06aa9297aed17f8f5bea38e93)) -* Merge branch 'main' into fix/bom-validation-nested-components-isue-275 ([`6caee65`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6caee657260e46f18cade24a73b4f17bc5ad6dd8)) +### Unknown -* added tests to cover new `Component.get_all_nested_components()` method +* 2.4.0 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`75a77ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75a77ed6576f362435d1a3e6e59cbc5d871b9971)) +Automatically generated by python-semantic-release ([`4874354`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) -* Revert "chore: re-added `isort` to pre-commit hooks" +* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) -This reverts commit f50ee1eb79f3f4e5b9d21824e64192d0af43d3f0. -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5f7f30e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5f7f30e6a79f7cef6fff296ae0d7e5381f9b5cda)) +## v2.3.0 (2022-04-20) -* removed tests where services are part of dependency tree - see #277 +### Feature -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f26862b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f26862b0b7f85e3610efbdf17cf304ddc71e5366)) +* feat: add support for Dependency Graph in Model and output serialisation -* aded XML output tests for Issue #275 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ea34513`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ea34513f8229a909007793288ace2f6f51684333)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`ebef5f2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ebef5f212fec13fc8c9bf00553f9bf3f77a0d3f6)) +### Unknown -* updated XML output tests +* 2.3.0 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`356c37e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/356c37ebea85eb10e2505f2b16264d95f292bd55)) +Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) -* addressed JSON output for #275 including test addiitions +* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`692c005`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/692c005c686157134a79e3ffc8ab1e7ce8942de9)) +feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) -* 2.7.0 +* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast -Automatically generated by python-semantic-release ([`96d155e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/96d155e864d83482242c22f69af8e7c618d05a1b)) +no cast ([`2551545`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) -* 2.6.0 +* no cast -Automatically generated by python-semantic-release ([`8481e9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8481e9bd8dc5196c2e703e5cd19974bb22bc270e)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) -* 2.5.2 +* update to use `Set` operators (more Pythonic) -Automatically generated by python-semantic-release ([`fb9a796`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fb9a796d0b34c2d930503790c74d6d7ed5e3c3d6)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) -* 2.5.1 +* missing closing `>` in `BomRef.__repr__` -Automatically generated by python-semantic-release ([`1ea5b20`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ea5b20f1c93e6e6b3799444c7ea6fd65a2e068c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) -* 2.5.0 +* removed unnecessary condition - `self.get_bom().components` is always a `Set` -Automatically generated by python-semantic-release ([`c820423`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c820423ffffb90ec7a42d8873d99428277f9ae28)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) -* Merge pull request #235 from RodneyRichardson/use-sorted-set +* added additional tests to validate Component in Metadata is properly represented in Dependency Graph -feat: use `SortedSet` in model to improve reproducibility - this will provide predictable ordering of various items in generated CycloneDX documents - thanks to @RodneyRichardson ([`c43f6d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c43f6d8ce41a9de91a84cea7a40045cab8121792)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) -* Merge branch 'CycloneDX:main' into use-sorted-set ([`1b8ac25`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1b8ac252a28af1b938d6cad4182e6f2d586b26c0)) +* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy -* Fix SortedSet type hints for python < 3.8 +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`71eeb4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71eeb4aeeb9e911df2422c097ebfb671c648242d)) +* updates based on feedback from @jkowalleck -* Fix line length warning. +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e9ee712`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9ee71291da882a924a9edec7d1f5d6be62797e6)) +* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) -* Fix more type hints for python < 3.8 +* doc: updated docs to reflect support for Dependency Graph -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f042bce`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f042bcef1829a852dd787e226d883f5bbd5c39c3)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) -* Fix SortedSet type hints for python < 3.8 +* updated file hash in test -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2e283ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2e283abed0b67e9e70c825e0d7c6ad7e6691c678)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) -* Fix type hint on ComparableTuple +* removed unused import -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`43ef908`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43ef908d61fd03e5a4c2ecfabdf22764c8613429)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) -* Sort usings. +* doc: updated docs to reflect support for Dependency Graph -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`8f86c12`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8f86c1292d5d0c550a4ec6018b81400255567f93)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) -* Fix sonatype-lift warnings +* updated file hash in test -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`f1e92e3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1e92e3cfbe9df2b07b745582608f9f72531684c)) +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) -* Fix warnings. +* removed unused import -Change tuple -> Tuple -Fix Diff initialization -Add sorting to AttachedText +Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) + + +## v2.2.0 (2022-04-12) + +### Feature + +* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see: +https://github.com/CycloneDX/specification/issues/122 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`2b47ff6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2b47ff612335b538ceab5e77b60dbe058f739e2e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd2e756`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3)) + +* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: +- https://github.com/CycloneDX/specification/issues/123 +- https://github.com/CycloneDX/specification/issues/84 +- https://github.com/CycloneDX/specification/issues/125 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd6a088`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e)) + +### Unknown -* Reduce sortedcontainers.pyi to only the functions used. +* 2.2.0 -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ef0fbe2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ef0fbe2130f763888cb34e8e71a6520d282a0cda)) +Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) -* Remove flake8 warnings +* Merge pull request #207 from CycloneDX/feat/update-schemas -Remove unused imports and trailing whitespace. -Sort usings in pyi file. +feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`41d1bee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41d1bee824381c25a8c6870abeb1f484c33c78ba)) +* mark schema files as vendored -* Add type hints for SortedSet +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) -Fix use of set/Set. +* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`df0f554`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/df0f554bff311886705327fd863d573e82123f9e)) +[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) -* Replace object type hint in __lt__ with Any -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`ec22f68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ec22f683e1b12843421a23cff15f91628a7dfffe)) +## v2.1.1 (2022-04-05) -* Make reorder() return type explicit List (as flagged by sonatype-lift bot) +### Fix -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`695ee86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/695ee862ce9043807a9d825324970cd1b770a46c)) +* fix: prevent error if `version` not set -* Use SortedSet in model to improve reproducibility +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9a84b5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3)) -Added `__lt__()` to all model classes used in SortedSet, with tests -Explicitly declared Enums as (str, Enum) to allow sorting -Added dependency to sortedcollections package +### Unknown -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`368f522`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/368f5221e54a635cd03255efd56d4da2a8d7f56b)) +* 2.1.1 -* 2.4.0 +Automatically generated by python-semantic-release ([`f78d608`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) -Automatically generated by python-semantic-release ([`4874354`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48743542fd2f3219a4f2295f363ae6e5bcf2a738)) +* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 -* revert `types-toml` on lowest setup ([`32ece98`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/32ece98b24fd6966722b8cdf698f01b8fb1b8821)) +fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) -* 2.3.0 -Automatically generated by python-semantic-release ([`5c1047a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5c1047afc75726cca4130b90b8459418ec6342e8)) +## v2.1.0 (2022-03-28) -* Merge pull request #210 from CycloneDX/feat/support-bom-dependencies +### Feature -feat: add support for Dependency Graph in Model and output serialisation (JSON and XML) ([`938169c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/938169c05b458967cd1dabc338981d296f5b2842)) +* feat: output errors are verbose -* Merge pull request #214 from CycloneDX/feat/support-bom-dependencies-no-cast +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bfe8fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0)) -no cast ([`2551545`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/25515456f2707964032c1f9642bae3d79ba2b994)) +### Fix -* no cast +* fix: `version` being optional in JSON output can raise error -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`dec3b70`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec3b703f7e69cd2b3fdff34583ee052b1cbb1d2)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba0c82f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482)) -* update to use `Set` operators (more Pythonic) +### Unknown -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f01665e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f01665e96c87b9dd1fdb37d907a8339ba819e2cc)) +* 2.1.0 -* missing closing `>` in `BomRef.__repr__` +Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`2c7c4be`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c7c4be8210231dcfaf9e8937bd943f3ea6683c3)) +* Merge pull request #198 from CycloneDX/verbose_outout_errors -* removed unnecessary condition - `self.get_bom().components` is always a `Set` +fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`5eb5669`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5eb5669bdeb982c9f0b4a72f2264a8559e9a3bc3)) +* updated to be more pythonic -* added additional tests to validate Component in Metadata is properly represented in Dependency Graph +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`b8d526e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8d526ee52b3923c7755a897e0c042c159fb8d99)) +* doc: added CONTRIBUTING to public docs +doc: included pre-commit hooks in CONTRIBUTING -* adjusted unit tests to account for inclusion of Component in Bom Metadata in Dependency Graphy +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`c605f2b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c605f2be90092f09bb0eb89dccb27767d78dcfac)) +* Merge pull request #182 from CycloneDX/sort-imports -* updates based on feedback from @jkowalleck +style: sort imports ([`aa37e56`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`04511f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/04511f3c523bc26b0b434d8334d37eccaaaf1ea4)) -* Merge branch 'feat/support-bom-dependencies' of github.com:CycloneDX/cyclonedx-python-lib into feat/support-bom-dependencies ([`8fb408c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8fb408cfe7941efca424777a94084755ee8a50e4)) +## v2.0.0 (2022-02-21) -* doc: updated docs to reflect support for Dependency Graph +### Breaking -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`a680544`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a68054491529631c792e51c764bbf64a5e9b4834)) +* feat: bump dependencies -* updated file hash in test +BREAKING CHANGE: Adopt PEP-3102 -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`56f3d5d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/56f3d5d432b6c50679cfd733cf2b0ed2ea55400e)) +BREAKING CHANGE: Optional Lists are now non-optional Sets -* removed unused import +BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`61c3338`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/61c3338e139a8e1a72a659080f2043b352007561)) +BREAKING CHANGE: Added `BomRef` data type -* doc: updated docs to reflect support for Dependency Graph +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`da3f0ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09)) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`3df017f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3df017feaaa461bcfa7082f58a5824aa92493b59)) +### Feature -* updated file hash in test +* feat: completed work on #155 (#172) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`449cb1e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/449cb1e56e64e6c144c0d2b6b69649df2d6e5320)) +fix: resolved #169 (part of #155) +feat: as part of solving #155, #147 has been implemented + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31)) -* removed unused import +* feat: support complete model for `bom.metadata` (#162) -Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`f487c4a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f487c4a44f5604fa3d1da2c0bc57d09e22057973)) +* feat: support complete model for `bom.metadata` +fix: JSON comparison in unit tests was broken +chore: corrected some source license headers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165)) -* 2.2.0 +* feat: support for `bom.externalReferences` in JSON and XML #124 -Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1b733d7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5)) -* Merge pull request #207 from CycloneDX/feat/update-schemas +* feat: Complete support for `bom.components` (#155) -feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59)) +* fix: implemented correct `__hash__` methods in models (#153) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61)) -* mark schema files as vendored +* feat: support services in XML BOMs +feat: support nested services in JSON and XML BOMs -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9c3e77`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9edf6c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e)) -* Merge pull request #191 from CycloneDX/feat/pre-commit-hooks +### Fix -[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5)) +* fix: `license_url` not serialised in XML output #179 (#180) -* 2.1.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f014d7c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92)) -Automatically generated by python-semantic-release ([`f78d608`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c)) +* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly -* Merge pull request #194 from CycloneDX/fix/json-output-version-optional-bug-193 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5c954d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c)) -fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154)) +* fix: temporary fix for `__hash__` of Component with `properties` #153 -* 2.1.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a51766d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50)) -Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404)) +* fix: further fix for #150 -* Merge pull request #198 from CycloneDX/verbose_outout_errors +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1f55f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6)) -fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a)) +* fix: regression introduced by first fix for #150 -* updated to be more pythonic +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c09e396`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a1bbf00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e)) +* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML #150 -* doc: added CONTRIBUTING to public docs -doc: included pre-commit hooks in CONTRIBUTING +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`70d25c8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f38215f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd)) +* fix: `expression` not supported in Component Licsnes for version 1.0 -* Merge pull request #182 from CycloneDX/sort-imports +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15b081b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72)) -style: sort imports ([`aa37e56`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b)) +### Unknown * 2.0.0 -Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) +Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8)) -* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) +* Merge pull request #148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca)) -* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) +* Merge branch 'main' into feat/add-bom-services ([`9a32351`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a)) * doc: added RTD badge to README -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b20d9d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e)) * implemented `__str__` for `BomRef` -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`670bde4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227)) * Continuation of #170 - missed updating Vulnerability to use `BomRef` (#175) @@ -1861,19 +1851,19 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * updated Vulnerability to also use new `BomRef` model -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0)) * BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (#174) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d189f2c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d)) * BREAKING CHANGE: replaced concept of default schema version with latest supported #171 (#173) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`020fcf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c)) * BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (#164) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048)) * BREAKING CHANGE: update models to use `Set` rather than `List` (#160) @@ -1881,27 +1871,27 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9b6ce4b`](https://git BREAKING CHANGE: update final models to use `@property` wip -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd)) * removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by @jkowalleck -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0f1fd6d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175)) * BREAKING CHANGE: adopted PEP-3102 for model classes (#158) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b3c8d9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82)) * doc: added page to docs to call out which parts of the specification this library supports -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`41a4be0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f)) * attempt to resolve Lift finding -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2090c08`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601)) * removed unused imports -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a35d540`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6)) * WIP on `bom.services` @@ -1991,25 +1981,143 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> Signed-off-by: Paul Horton <phorton@sonatype.com> Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) +Co-authored-by: github-actions <action@github.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be)) + + +## v1.3.0 (2022-01-24) + +### Feature + +* feat: `bom-ref` for Component and Vulnerability default to a UUID (#142) + +* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value #141 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: updated documentation to reflect change + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* patched other tests to support UUID for bom-ref + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* better syntax + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93)) + +### Unknown * 1.3.0 -Automatically generated by python-semantic-release ([`4178181`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) +Automatically generated by python-semantic-release ([`4178181`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22)) + + +## v1.2.0 (2022-01-24) + +### Feature + +* feat: add CPE to component (#138) + +* Added CPE to component + +Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component. + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixing problems with CPE addition + +- Fixed styling errors +- Added reference to CPE Spec +- Adding CPE parameter as last parameter to not break arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Again fixes for Style and CPE reference + +Missing in the last commit + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added CPE as argument before deprecated arguments + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Added testing for CPE addition and error fixing + +- Added output tests for CPE in XML and JSON +- Fixes style error in components +- Fixes order for CPE output in XML (CPE has to come before PURL) + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed output tests + +CPE was still in the wrong position in one of the tests - fixed + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed minor test fixtures issues + +- cpe was still in wrong position in 1.2 JSON +- Indentation fixed in 1.4 JSON + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> + +* Fixed missing comma in JSON 1.2 test file + +Signed-off-by: Jens Lucius <jens.lucius@de.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f)) + +### Unknown * 1.2.0 -Automatically generated by python-semantic-release ([`97c215c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) +Automatically generated by python-semantic-release ([`97c215c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2)) + + +## v1.1.1 (2022-01-19) + +### Fix + +* fix: bump dependencies (#136) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`18ec498`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18ec4987f6aa4a259d30000a19aa6ee1d49681d1)) + +### Unknown * 1.1.1 -Automatically generated by python-semantic-release ([`dec63de`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) +Automatically generated by python-semantic-release ([`dec63de`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dec63de950e0ad81cbb51373b0e647bce551297e)) + + +## v1.1.0 (2022-01-13) + +### Feature + +* feat: add support for `bom.metadata.component` (#118) + +* Add support for metadata component + +Part of #6 + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> + +* Better docs and simpler ifs + +Signed-off-by: Artem Smotrakov <asmotrakov@riotgames.com> ([`1ac31f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ac31f4cb14b6c466e092ff38ee2aa472c883c5d)) + +### Unknown * 1.1.0 -Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) +Automatically generated by python-semantic-release ([`d4007bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4007bd5986173eb2645eebcdd2c6405150f1456)) + + +## v1.0.0 (2022-01-13) + +### Unknown -* Manually generated release ([`3509fb6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) +* Manually generated release ([`3509fb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3509fb643af12cc4393309a006c6bbe63b1bd674)) * Support for CycloneDX schema version 1.4 (#108) @@ -2034,43 +2142,111 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Paul Horton <phorton@sonatype.com> -Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) +Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7fb6da9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7fb6da9166050333ae5db7e35ab792b9bdee48d4)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) + +* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) + + +## v0.12.3 (2021-12-15) + +### Fix + +* fix: removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`d26970b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d26970bcc52568645c303f060d71cbc25edbfe78)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`3677d9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3677d9fd584b7c0eb715954bb7b8adc59c0bc9b1)) -* Update CONTRIBUTING.md ([`4448d9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4448d9b4846a7dfb9eeee355d41fbb100a48d388)) +### Unknown * 0.12.3 -Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) +Automatically generated by python-semantic-release ([`cfc9d38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc9d382aea3f69f79d50a4fbb8607346f86ce03)) + + +## v0.12.2 (2021-12-09) + +### Fix + +* fix: tightened dependency `packageurl-python` (#95) + +fixes #94 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eb4ae5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb4ae5ca8842877b780a755b6611feef847bdb8c)) + +### Unknown * 0.12.2 -Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) +Automatically generated by python-semantic-release ([`54b9f74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/54b9f744be28b53795bd03e78576eed15b70c10a)) + + +## v0.12.1 (2021-12-09) + +### Fix + +* fix: further loosened dependency definitions + +see #44 + +updated some locked dependencies to latest versions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8bef6ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bef6ecad36f51a003b266d776c9520d33e06034)) + +### Unknown * 0.12.1 -Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) +Automatically generated by python-semantic-release ([`43fc36e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43fc36ebc966ac511e5b7dbff9b0bef6f88d5d2c)) + + +## v0.12.0 (2021-12-09) + +### Feature + +* feat: loosed dependency versions to make this library more consumable + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum dependency versions - importlib-metadata raising minimum to ensure we get a typed library + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: lowering minimum version for importlib-metadata to 3.4.0 with modified import statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`55f10fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f10fb5524dafa68112c0836806c27bdd74fcbe)) + +### Unknown * 0.12.0 -Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) +Automatically generated by python-semantic-release ([`1a907ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1a907eae0a3436844ffc2782b990c4b502f409e6)) * Merge pull request #88 from CycloneDX/contributing-file -initial CONTRIBUTING file ([`20035bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) +initial CONTRIBUTING file ([`20035bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/20035bb5dde8dd3b619b200aec7037c338b18c74)) * initial CONTRIBUTING file -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6ffe14d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ffe14d4d51d246cda66ce99ee20893ede8d017f)) * CHORE: poetry(deps): bump filelock from 3.3.2 to 3.4.0 -poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) +poetry(deps): bump filelock from 3.3.2 to 3.4.0 ([`e144aa2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e144aa29a0fd61483f4940da08ff542c9c3c3332)) * CHORE: poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 -poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) +poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 ([`5fcdcb7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fcdcb701a9da5c9a786e0fe690bfd0a8d5d4e0c)) * poetry(deps): bump filelock from 3.3.2 to 3.4.0 @@ -2086,11 +2262,11 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) +Signed-off-by: dependabot[bot] <support@github.com> ([`8d4520e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8d4520ee3ee781a3a2f4db879e79e38b40fe4829)) * CHORE: poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 -poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) +poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 ([`fc6e3ac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc6e3acd5a1875a27e3b8037ad3b9a794598c894)) * poetry(deps): bump types-setuptools from 57.4.2 to 57.4.4 @@ -2105,11 +2281,11 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) +Signed-off-by: dependabot[bot] <support@github.com> ([`00dcbb8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00dcbb80d25c00b2b9bd4f6b765275cd956b33fa)) * CHORE: poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 -poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) +poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 ([`28f9676`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/28f96769e653c3b7c76cb07ba1a4ecbbc43ab46c)) * poetry(deps-dev): bump flake8-bugbear from 21.9.2 to 21.11.29 @@ -2124,15 +2300,15 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) +Signed-off-by: dependabot[bot] <support@github.com> ([`1eec2e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1eec2e8aab5f31f3070be34eccfd8791ef2edcca)) * CHORE: poetry(deps-dev): bump coverage from 6.1.2 to 6.2 -poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) +poetry(deps-dev): bump coverage from 6.1.2 to 6.2 ([`bdd9365`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdd93650a64ce2385f4f29bc1f20df6530e9012c)) * CHORE: poetry(deps): bump mako from 1.1.5 to 1.1.6 -poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) +poetry(deps): bump mako from 1.1.5 to 1.1.6 ([`33d3ecc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/33d3ecc80f47c947d2fc2b13743471dd6dc941ab)) * poetry(deps-dev): bump coverage from 6.1.2 to 6.2 @@ -2148,9 +2324,9 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) +Signed-off-by: dependabot[bot] <support@github.com> ([`be1af9b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/be1af9b9955a31b6c1a8627010bfd4d932c9f9f1)) -* DOCS: fix README shields & links ([`43b1121`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) +* DOCS: fix README shields & links ([`43b1121`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/43b112128acd9e28a47e46d8691ead46e39b288e)) * doc: readme maintenance - shields & links (#72) @@ -2184,7 +2360,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> * README: removed py version shield -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d0ea2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3d0ea2f4c6ee5c2dedf1abb779f46543896fff4a)) * poetry(deps): bump mako from 1.1.5 to 1.1.6 @@ -2200,11 +2376,11 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) +Signed-off-by: dependabot[bot] <support@github.com> ([`3344b86`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3344b862490ecb419c9b1f74bd7548ddcf392329)) * Merge pull request #47 from CycloneDX/dependabot/pip/filelock-3.3.2 -poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) +poetry(deps): bump filelock from 3.3.1 to 3.3.2 ([`3f967b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3f967b3d0ec47ba5bcc1cdd8fb29970ba69d7aed)) * FIX: update Conda package parsing to handle `build` containing underscore (#66) @@ -2214,7 +2390,7 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * updated some typings -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c6020a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c6020a208aa1c0fd13ab337db6343ad1d2d5c43)) * poetry(deps): bump importlib-metadata from 4.8.1 to 4.8.2 @@ -2230,7 +2406,7 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) +Signed-off-by: dependabot[bot] <support@github.com> ([`003f6b4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/003f6b410e0e32e8c454ad157999b031471baf6f)) * poetry(deps): bump filelock from 3.3.1 to 3.3.2 @@ -2246,19 +2422,19 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) +Signed-off-by: dependabot[bot] <support@github.com> ([`55022b7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55022b7a63763436d193cefda6d6a4e0ad36fb40)) * Merge pull request #45 from CycloneDX/dependabot/pip/importlib-resources-5.4.0 -poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) +poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 ([`b8acf9f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b8acf9f3e087f37c2f9afded2d8555c053f09a43)) * Merge pull request #70 from CycloneDX/dependabot/pip/pyparsing-3.0.6 -poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) +poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 ([`faa8628`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/faa862813e27bb4b828f6116c95961b156cd7547)) * Merge pull request #69 from CycloneDX/dependabot/pip/coverage-6.1.2 -poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) +poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 ([`eba56dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eba56dc6512304e2956563d173bdb363b785fa50)) * poetry(deps): bump pyparsing from 3.0.5 to 3.0.6 @@ -2274,7 +2450,7 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) +Signed-off-by: dependabot[bot] <support@github.com> ([`4f2b2d8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4f2b2d89291b1c20385ce6431959586acfeab1cd)) * poetry(deps-dev): bump coverage from 6.1.1 to 6.1.2 @@ -2290,11 +2466,22 @@ updated-dependencies: update-type: version-update:semver-patch ... -Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) +Signed-off-by: dependabot[bot] <support@github.com> ([`1d0f5ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d0f5ea2ed5dfb38ce1d1d8170773cb880f228dc)) + + +## v0.11.1 (2021-11-10) + +### Fix + +* fix: constructor for `Vulnerability` to correctly define `ratings` as optional + +Signed-off-by: William Woodruff <william@trailofbits.com> ([`395a0ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395a0ec14ebcba8e0849a0ced30ec4163c42fa7a)) + +### Unknown * 0.11.1 -Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) +Automatically generated by python-semantic-release ([`a80f87a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a80f87a588f8b52bfd8e9c5b12edf0fdde56c510)) * FEAT: Support Python 3.10 (#64) @@ -2308,7 +2495,7 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> * fix: upgrade Poetry version to workaround issue between Poetry and Python 3.10 (see: https://github.com/python-poetry/poetry/issues/4210) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`385b835`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/385b835f44fadb0f227b6a8ac992b0c73afc6ef0)) * poetry(deps): bump importlib-resources from 5.3.0 to 5.4.0 @@ -2324,39 +2511,118 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) +Signed-off-by: dependabot[bot] <support@github.com> ([`a1dd775`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1dd7752459b70b432784ec2b7d8a1cb24a916a9)) + + +## v0.11.0 (2021-11-10) + +### Feature + +* feat: Typing & PEP 561 + +* adde file for type checkers according to PEP 561 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added static code analysis as a dev-test + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added the "typed" trove + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added `flake8-annotations` to the tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* further typing updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing additions and test updates + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing - added type stubs for toml and setuptools + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* further typing + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* typing work + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* coding standards + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* fixed tox and mypy running in correct python version + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* supressed mypy for `cyclonedx.utils.conda.parse_conda_json_to_conda_package` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed type hints + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fixed some typing related flaws + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* added flake8-bugbear for code analysis + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: Paul Horton <phorton@sonatype.com> ([`9144765`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91447656c0914ceb2af2e4b7282292ec7b93f5bf)) + +### Unknown * 0.11.0 -Automatically generated by python-semantic-release ([`7262783`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) +Automatically generated by python-semantic-release ([`7262783`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7262783dbcf5823065670f3f7cbba0ce25b3a4ea)) * Merge pull request #41 from jkowalleck/improv-abstract -fixed some abstract definitions ([`f34e2c2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) +fixed some abstract definitions ([`f34e2c2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f34e2c2bc7aed20968a5ac69337ed484d097af3b)) * Merge pull request #42 from jkowalleck/improv-pipenv -slacked pipenv parser ([`08bc4ab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) +slacked pipenv parser ([`08bc4ab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/08bc4ab2b01c76d7472a558cae02deab0485c61c)) * Merge pull request #43 from jkowalleck/improv-conda-typehints -fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) +fixed typehints/docs in `_BaseCondaParser` ([`931016d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/931016d9b700280692903db5aa653d390a80bd63)) * Merge pull request #54 from jkowalleck/create-CODEOWNERS -created CODEOWNERS ([`7f28bef`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) +created CODEOWNERS ([`7f28bef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f28bef15ed0b9ed6af88286d5f6dcc0726b6feb)) * Merge pull request #56 from CycloneDX/dependabot/pip/py-1.11.0 -poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) +poetry(deps): bump py from 1.10.0 to 1.11.0 ([`f1cda3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1cda3c3ba859336d70da36d4966bc7c247af97a)) * Merge pull request #58 from CycloneDX/dependabot/pip/pyparsing-3.0.5 -poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) +poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 ([`0525439`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0525439d2237684ce531449d19e60456fc46d26b)) * Merge pull request #19 from CycloneDX/dependabot/pip/zipp-3.6.0 -poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) +poetry(deps): bump zipp from 3.5.0 to 3.6.0 ([`c54c968`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c54c96853e3325571dee26038e965279d5b9cfe2)) * poetry(deps): bump py from 1.10.0 to 1.11.0 @@ -2372,219 +2638,398 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) +Signed-off-by: dependabot[bot] <support@github.com> ([`330711f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/330711fe911739ac9119a0721f7f7bde6e1389e4)) + +* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 + +poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) + +* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 + +Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. +- [Release notes](https://github.com/pyparsing/pyparsing/releases) +- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) +- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) + +--- +updated-dependencies: +- dependency-name: pyparsing + dependency-type: indirect + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) + +* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 + +poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) + +* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) + +* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 + +Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. +- [Release notes](https://github.com/nedbat/coveragepy/releases) +- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) +- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) + +--- +updated-dependencies: +- dependency-name: coverage + dependency-type: direct:development + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) + +* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 + +Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. +- [Release notes](https://github.com/pypa/virtualenv/releases) +- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) +- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) + +--- +updated-dependencies: +- dependency-name: virtualenv + dependency-type: indirect + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) + +* created CODEOWNERS + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) + +* fixed typehints/docs in `_BaseCondaParser` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) + +* slacked pipenv parser + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) + +* fixed some abstract definitions + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) + + +## v0.10.2 (2021-10-21) + +### Fix + +* fix: correct way to write utf-8 encoded files + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`49f9369`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/49f9369b3eba47a3a8d1bcc505546d7dfaf4c5fe)) + +### Unknown + +* 0.10.2 + +Automatically generated by python-semantic-release ([`79538e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) + + +## v0.10.1 (2021-10-21) + +### Fix + +* fix: ensure output to file is UTF-8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a10da20`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a10da20865e90e9a0a5bb1e12fba9cfd23970c39)) + +* fix: ensure output to file is UTF-8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`193bf64`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/193bf64cdb19bf6fb9662367402dcf7eaab8dd1a)) + +### Unknown + +* 0.10.1 + +Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) + +* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError + +FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) + +* remove memoryview from sha1 file hashing + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) + +* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) + + +## v0.10.0 (2021-10-20) + +### Feature + +* feat: add support for Conda + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`bd29c78`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd29c782d39a4956f482b9e4de20d7f829beefba)) + +### Unknown + +* 0.10.0 + +Automatically generated by python-semantic-release ([`eea3598`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) + +* Merge pull request #38 from CycloneDX/feat/conda-support + +feat: add support for Conda ([`ee5d36d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) + +* add support pre Python 3.8 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) + +* doc: updated documentation with Conda support (and missed updates for externalReferences) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) + + +## v0.9.1 (2021-10-19) + +### Fix + +* fix: missing check for Classifiers in Environment Parser + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b7fa38e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7fa38e9740bbc5b4c406410df37c3b34818010c)) + +### Unknown + +* 0.9.1 + +Automatically generated by python-semantic-release ([`f132c92`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) + + +## v0.9.0 (2021-10-19) + +### Feature + +* feat: add support for parsing package licenses when using the `Environment` Parsers + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c414eaf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c414eafde2abaca1005a2a0af6993fcdc17897d3)) + +### Unknown + +* 0.9.0 + +Automatically generated by python-semantic-release ([`ad65564`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) + +* Merge pull request #36 from CycloneDX/feat/add-license-support + +Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) + + +## v0.8.3 (2021-10-14) + +### Fix + +* fix: coding standards violations + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`00cd1ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/00cd1ca20899b6861b1b959611a3556ffad36832)) + +* fix: handle `Pipfile.lock` dependencies without an `index` specified +fix: multiple fixes in variable scoping to prevent accidental data sharing + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`26c62fb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/26c62fb996c4b1b2bf719e10c9072cf4fbadab9f)) + +### Unknown + +* 0.8.3 + +Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) -* Merge pull request #57 from CycloneDX/dependabot/pip/coverage-6.1.1 +* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure -poetry(deps-dev): bump coverage from 5.5 to 6.1.1 ([`fa55e5c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fa55e5ceef65749ccbf6bd0303db649346c79019)) +BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -* poetry(deps): bump pyparsing from 2.4.7 to 3.0.5 -Bumps [pyparsing](https://github.com/pyparsing/pyparsing) from 2.4.7 to 3.0.5. -- [Release notes](https://github.com/pyparsing/pyparsing/releases) -- [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) -- [Commits](https://github.com/pyparsing/pyparsing/compare/pyparsing_2.4.7...pyparsing_3.0.5) +## v0.8.2 (2021-10-14) ---- -updated-dependencies: -- dependency-name: pyparsing - dependency-type: indirect - update-type: version-update:semver-major -... +### Fix -Signed-off-by: dependabot[bot] <support@github.com> ([`3bedaff`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3bedaffc7f52026348cc6e2a38ba193ba71d4f29)) +* fix: add namespace and subpath support to Component to complete PackageURL Spec support -* Merge pull request #55 from CycloneDX/dependabot/pip/virtualenv-20.10.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`780adeb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780adebe3861ef08eb1e8817a5e9e3451c0a2137)) -poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 ([`4c3df85`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c3df857eba656f1ccb51ba9ad6af2cb49226747)) +### Unknown -* CI/CT runs on main & master branch ([`2d0df7b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d0df7bacf4ead54eee7378ede8626cc93fce3df)) +* 0.8.2 -* poetry(deps-dev): bump coverage from 5.5 to 6.1.1 +Automatically generated by python-semantic-release ([`298318f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) -Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.5 to 6.1.1. -- [Release notes](https://github.com/nedbat/coveragepy/releases) -- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) -- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.5...6.1.1) +* Merge pull request #32 from CycloneDX/feat/full-packageurl-support ---- -updated-dependencies: -- dependency-name: coverage - dependency-type: direct:development - update-type: version-update:semver-major -... +Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) -Signed-off-by: dependabot[bot] <support@github.com> ([`e322d74`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e322d7476b4a17b012d27c26683809bd1dee86b1)) -* poetry(deps): bump virtualenv from 20.8.1 to 20.10.0 +## v0.8.1 (2021-10-12) -Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.8.1 to 20.10.0. -- [Release notes](https://github.com/pypa/virtualenv/releases) -- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) -- [Commits](https://github.com/pypa/virtualenv/compare/20.8.1...20.10.0) +### Fix ---- -updated-dependencies: -- dependency-name: virtualenv - dependency-type: indirect - update-type: version-update:semver-minor -... +* fix: multiple hashes being created for an externalRefernce which is not as required -Signed-off-by: dependabot[bot] <support@github.com> ([`3927cdc`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3927cdcd2c37af23543832dbfae2d087cb09787c)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`970d192`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/970d19202d13d4becbbf040b3a9fb115dd7a0795)) -* created CODEOWNERS +### Unknown -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e8e499c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8e499cb2b74f9d7e7afe4d0f00e1725eabb655e)) +* 0.8.1 -* fixed typehints/docs in `_BaseCondaParser` +Automatically generated by python-semantic-release ([`70689a2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`af6ddfd`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/af6ddfdc8c7cbdd1bade5ea0c89896ca9791eb3d)) -* slacked pipenv parser +## v0.8.0 (2021-10-12) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a3572ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a3572ba61ca537de8efd0855c774819a963cd212)) +### Feature -* fixed some abstract definitions +* feat: add support for `externalReferneces` for `Components` and associated enhancements to parsers to obtain information where possible/known -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9e67998`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9e67998e53558363b2c76c75f13bb2772fb5a22d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a152852`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a152852b361bbb7a69c9f7ab61ae7ea6dcffd214)) -* 0.10.2 +### Unknown -Automatically generated by python-semantic-release ([`79538e9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/79538e92834e548a3f9697388a47efa3b27da678)) +* 0.8.0 -* 0.10.1 +Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) -Automatically generated by python-semantic-release ([`e6451a3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e6451a39ee18fcf49287a8f685df730846e965b7)) +* Merge pull request #29 from CycloneDX/feat/component-external-references -* Merge pull request #40 from CycloneDX/fix/issue-39-windows-UnicodeEncodeError +FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) -FIX: Resolve file encoding issues on Windows ([`48329e0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/48329e033e499f4b9a2c204b2fe5c7c512689605)) +* doc: notable improvements to API documentation generation (added search, branding, a little styling) -* remove memoryview from sha1 file hashing +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`a56be0f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a56be0f2044c1c867c383a7ed26f5fce4097d21a)) -* added debug to CI to aid understanding of miss matching SHA1 hashes on Windows +## v0.7.0 (2021-10-11) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`10c6b51`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/10c6b51ec1fb8fc816002fda96e551ff0e430941)) +### Feature -* 0.10.0 +* feat: support for pipenv.lock file parsing -Automatically generated by python-semantic-release ([`eea3598`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eea35980ab121899d46178ec10e90058d0e1be45)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`68a2dff`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/68a2dffc770d40f693b6891a580d1f7d8018f71c)) -* Merge pull request #38 from CycloneDX/feat/conda-support +### Unknown -feat: add support for Conda ([`ee5d36d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ee5d36dd677abfb1ba5600b44abf45cb2612b792)) +* 0.7.0 -* add support pre Python 3.8 +Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2d01116`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2d011165e36d03c8d82c7b92b56f1aeec9c18cd6)) +* Merge pull request #27 from CycloneDX/feat/add-pipenv-support -* doc: updated documentation with Conda support (and missed updates for externalReferences) +FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`57e9dc7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/57e9dc7b2adcfa2bac60a854c91bf77947e8e9cf)) +* doc: updated README.md to include Pipfile.lock parsing -* 0.9.1 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) -Automatically generated by python-semantic-release ([`f132c92`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f132c92bf38f1c173b381f18817f0f86b6ddde85)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`51a1e50`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/51a1e50aad27c1f862812031be74281e839815df)) +## v0.6.2 (2021-10-11) -* 0.9.0 +### Fix -Automatically generated by python-semantic-release ([`ad65564`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ad6556462d92381dcd8494ca93496ea796282565)) +* fix: added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances -* Merge pull request #36 from CycloneDX/feat/add-license-support +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e03a25c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e03a25c3d2a1a0b711204bb26c7b898eadacdcb0)) -Add support for parsing package licenses from installed packages ([`d45f75b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d45f75b88611ab97f39bde672cbdd9e8ff71dd3e)) +### Unknown -* 0.8.3 +* 0.6.2 -Automatically generated by python-semantic-release ([`91f9a8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/91f9a8bb60fe8faddd86268c0ede89cd0caa5a76)) +Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) -* Merge pull request #34 from CycloneDX/fix/issue-33-pipfile-lock-parse-failure +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -BUG: Fixe for `Pipfile.lock` parsing + accidental data sharing issues identified during testing ([`4079323`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4079323617263886319ddcf80ee1d77909a40b69)) -* 0.8.2 +## v0.6.1 (2021-10-11) -Automatically generated by python-semantic-release ([`298318f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/298318fdbf252115f874eb544c2d1f24abb6ab5a)) +### Fix -* Merge pull request #32 from CycloneDX/feat/full-packageurl-support +* fix: better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance -Add `namespace` and `subpath` support to `Component` ([`bb3af91`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb3af916f1ff0e224d9c197596570bca98ea4525)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`5fee85f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fee85fc38376478a1a438d228c632a5d14f4740)) -* 0.8.1 +### Unknown -Automatically generated by python-semantic-release ([`70689a2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/70689a21edfd5f17cd2aabc09d4579646a4f1633)) +* 0.6.1 -* 0.8.0 +Automatically generated by python-semantic-release ([`c530460`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) -Automatically generated by python-semantic-release ([`7a49f9d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7a49f9d8cd791e9b1a7e1a8587e589e3b8319ec7)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) -* Merge pull request #29 from CycloneDX/feat/component-external-references -FEATURE: Add support for `externalReferences` against `Component`s ([`bdee0ea`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bdee0ea277d9f378b3a5e225c2ac3d8e20e2c53c)) +## v0.6.0 (2021-10-11) -* doc: notable improvements to API documentation generation (added search, branding, a little styling) +### Feature -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`e7a5b5a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e7a5b5a2c5b5681a75a24e9739d13ead01f362e3)) +* feat: helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 -* 0.7.0 +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7e0fb3c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e0fb3c7e32e08cb8667ad11461c7f8208dfdf7f)) -Automatically generated by python-semantic-release ([`827bd1c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/827bd1cf2db6cfcffdae98dbd6d24efac63d0cb6)) +* feat: support for non-PyPi Components - PackageURL type is now definable when creating a Component -* Merge pull request #27 from CycloneDX/feat/add-pipenv-support +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fde79e0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fde79e02705bce216e62acd05056b6d2046cde22)) -FEATURE: Add `Pipfile.lock` (pipenv) support ([`2c42e2a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c42e2a616c07eec1f844b4fbc4e1e3b4a0815d8)) +### Unknown -* doc: updated README.md to include Pipfile.lock parsing +* 0.6.0 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2c66834`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2c66834ee6aac75b3e810d13b5a3b41967043252)) +Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) -* 0.6.2 +* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov -Automatically generated by python-semantic-release ([`e68fbc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e68fbc2ff5576fc1f5c0444f601c58f40f3cd917)) +Support for representing File as Component ([`63a86b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`2bf2711`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2bf27119e7a1a3716706c28c3fb259496d0de6f1)) -* 0.6.1 +## v0.5.0 (2021-10-11) -Automatically generated by python-semantic-release ([`c530460`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c530460f504939d34e8c73066bfdd252dd95f090)) +### Build + +* build: updated dependencies, moved pdoc3 to a dev dependency -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`eb3a46b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eb3a46b4365818dec08ea079f47e4abd75ebbd64)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a9947d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a9947de1036b63804352e45c035d40658d3db01)) -* 0.6.0 +### Feature + +* feat: add support for tool(s) that generated the SBOM -Automatically generated by python-semantic-release ([`907cd2d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/907cd2d317f3cfd28febb450959938d09815b9c2)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7d1e6ef`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7d1e6ef04d473407b9b4eefc2ef18e6723838f94)) -* Merge pull request #25 from CycloneDX/feat/additions-to-enable-integration-into-checkov +### Fix + +* fix: bumped a dependency version + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`efc1053`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/efc1053ec9ed3f57711f78f1eca181f7bff0c3bf)) -Support for representing File as Component ([`63a86b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/63a86b05aa722078d57f143f35c1f5600396ec7a)) +### Unknown * 0.5.0 -Automatically generated by python-semantic-release ([`a655d29`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) +Automatically generated by python-semantic-release ([`a655d29`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a655d29ae9a93bdd72fee481d6a0ec8b71f6cce0)) * Merge pull request #20 from CycloneDX/feat/additional-metadata -feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) +feat: add support for tool(s) that generated the SBOM ([`b33cbf4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b33cbf4cb40179e5710729b89d3c120e69448777)) * fix for Pytho< 3.8 support in tests -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`c9b6019`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c9b6019609ae206ba965d0c4f7c06ffcf8835e1d)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`53a82cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/53a82cfbe7e828380c31b2441113f318d2a2c99e)) * ensure support for Python < 3.8 -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`2a9e56a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a9e56a7e1e0235a06aa70f7750f1656f9305a8a)) * doc: added documentation -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cf13c68`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cf13c6817552c0a6549ecd7131fdcd437ccc7210)) * poetry(deps): bump zipp from 3.5.0 to 3.6.0 @@ -2600,256 +3045,434 @@ updated-dependencies: update-type: version-update:semver-minor ... -Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) +Signed-off-by: dependabot[bot] <support@github.com> ([`30f2547`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/30f254724b49c7596c58f11ef8f5a182706ef03a)) * doc: bumped gh-action for publishing docs -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ac70eee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac70eeed9325892ef9ae44b162d8a3ae43a435cc)) * doc: added documentation to model/bom -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`fe98ada`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fe98ada121279f6119f3045abd737cc5b775a30f)) * doc: formatting -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1ad7fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1ad7fb117acbec87def897f4dc549dc398decce6)) * doc: added missing docstrings to allow documentation to generate -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ed743d9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ed743d9b90904a6719309de85078657f9e4a48cd)) * Merge pull request #10 from coderpatros/docs -Add initial doc generation and publishing ([`7873ad9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) +Add initial doc generation and publishing ([`7873ad9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7873ad9d3fed8c04b94999c21345ae4ca198e091)) + + +## v0.4.1 (2021-09-27) + +### Build + +* build: dependencies updated + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`0411826`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/04118263c2fed1241c4a9f38cc256542ba543d50)) + +### Fix + +* fix: improved handling for `requirements.txt` content without pinned or declared versions + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`7f318cb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7f318cb495ac1754029088cae1ef2574c58da2e5)) + +### Unknown * 0.4.1 -Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) +Automatically generated by python-semantic-release ([`d5b7a2f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d5b7a2fc731b29fd7a3f29fe3c94f14a98a82e69)) * Merge pull request #15 from CycloneDX/fix/issue-14-requirements-unpinned-versions -fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) +fix: improved handling for `requirements.txt` content without pinned … ([`f248015`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f248015ff9719dd0029f6267067356672f16f8c3)) * Add initial doc generation and publishing -Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) +Signed-off-by: Patrick Dwyer <patrick.dwyer@owasp.org> ([`cd1b558`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cd1b558fe472895f9332d9844f99e652c14ec41e)) + + +## v0.4.0 (2021-09-16) + +### Feature + +* feat: support for localising vectors (i.e. stripping out any scheme prefix) + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`b9e9e17`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9e9e17ba1e2c1c9dfe551c61ad5152eebd829ab)) + +* feat: helper methods for deriving Severity and SourceType + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`6a86ec2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6a86ec27c13ff5e413c5a5f96d9b7671646f9388)) + +### Fix + +* fix: removed print call + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8806553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/880655304c082a88d94d6d50c64d33ad931cc974)) + +* fix: relaxed typing of parameter to be compatible with Python < 3.9 + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9c7990`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9c7990695119969c5055bc92a233030db999b84)) + +* fix: removed print call + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d272d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d272d2ea7d3331bde0660bdc87a6ac3331ae0720)) + +* fix: remove unused commented out code + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`ba4f285`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba4f285fdbe124c28f7ea60310347cf896540125)) + +### Unknown * 0.4.0 -Automatically generated by python-semantic-release ([`f441413`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) +Automatically generated by python-semantic-release ([`f441413`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f441413668676c0435b173c01d612e9040d6f6db)) + + +## v0.3.0 (2021-09-15) + +### Feature + +* feat: adding support for extension schema that descriptions vulnerability disclosures + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d496695`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d4966951ab6c0229171cfe97723421bb0302c4fc)) + +### Unknown * 0.3.0 -Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) +Automatically generated by python-semantic-release ([`a5c3dab`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a5c3dab5818c183bd88385c7ad88e11eb34a0417)) * Merge pull request #5 from CycloneDX/feat/support-schema-extension-vulnerability-1.0 -FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) +FEATURE: add support for Vulnerability Disclosures ([`6914272`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69142723935199409f6bf91b68ecf1e91107f165)) * doc: updated README to explain support for Vulnerability Disclosures -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f477bf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f477bf03fc78cc2652e97cd77a3e7ab66306a39b)) + + +## v0.2.0 (2021-09-14) + +### Feature + +* feat: added helper method to return a PackageURL object representing a Component + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`367bef1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/367bef11bb1a7ede3100acae39581e33d20fa7f5)) + +### Fix + +* fix: whitespace on empty line removed + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`cfc952e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cfc952eb5f3feb97a41b6c895657058429da3430)) + +### Unknown * 0.2.0 -Automatically generated by python-semantic-release ([`866eda7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) +Automatically generated by python-semantic-release ([`866eda7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/866eda764d01ee85778bea662c7556113121137e)) * Merge pull request #4 from CycloneDX/feat/component-as-packageurl -fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) +fix: whitespace on empty line removed ([`ddc37f3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ddc37f395a1dbace39280a4f7b1074d954414f2d)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib ([`6142d2e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6142d2e3b9b655ebf95b59c93525ce8008851b34)) + + +## v0.1.0 (2021-09-13) + +### Feature + +* feat: add poetry support + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f3ac42f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f3ac42f298b8d093b0ac368993beba43c58c251a)) + +### Unknown * 0.1.0 -Automatically generated by python-semantic-release ([`0da668f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) +Automatically generated by python-semantic-release ([`0da668f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0da668f398bef2baee63b0d342063b6dc0eea71a)) * Merge pull request #3 from CycloneDX/feat/poetry-lock-support -FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) +FEATURE: Adde poetry.lock parser support ([`37ba7c6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37ba7c61a17881fc02119dcfd7b6e0a7cab48cbf)) * feat(parser) - added support for parsing dependencies from poetry.lock files. -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`15bc553`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15bc5539e2339581f80048a571ca632f17988530)) * fix(parser) parsers were able to share state unexpectedly -Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`dc59914`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dc59914e961104d9fcd37822b172d798e68b6ebd)) + + +## v0.0.11 (2021-09-10) + +### Fix + +* fix(test): test was not updated for revised author statement + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`d1c9d37`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d1c9d379a1e92ee49aae8d133e2ad3e117054ec9)) + +* fix(build): test failure and dependency missing + +Fixed failing tests due to dependency on now removed VERSION file +Added flake8 officially as a DEV dependency to poetry + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`9a2cfe9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a2cfe94386b51acca44ae3bacae319b9b3c8f0d)) + +* fix(build): removed artefacts associtated with non-poetry build + +Tidied up project to remove items associated with non-Poetry build process. Also aligned a few references in README to new home of this project under CycloneDX. + +Signed-off-by: Paul Horton <phorton@sonatype.com> ([`f9119d4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9119d49e462cf1f7ccca9c50af2936f8962fd6d)) + +### Unknown * 0.0.11 -Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) +Automatically generated by python-semantic-release ([`1c0aa71`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c0aa716b36e1305b7a3a2b9e2dfd6e5c6ac0011)) * Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip -fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) +fix(build): removed artefacts associated with non-poetry build ([`b7de7b3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b7de7b3c9ba2c8c824d898ee994169b66b78b07a)) + + +## v0.0.10 (2021-09-08) + +### Fix + +* fix: add in pypi badge ([`6098c36`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6098c36715b2459d7b04ced5ba6294437576e481)) + +### Unknown * 0.0.10 -Automatically generated by python-semantic-release ([`245d809`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) +Automatically generated by python-semantic-release ([`245d809`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/245d809c3918d023ae58af2fb352f14912be091c)) + + +## v0.0.9 (2021-09-08) + +### Fix + +* fix: additional info to poetry, remove circleci ([`2fcfa5a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2fcfa5ac3a7d9d7f372be6d69e1c616b551877df)) + +### Unknown * 0.0.9 -Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) +Automatically generated by python-semantic-release ([`e4a90cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e4a90cfc46db3284e1f3e53f6555405fc14dc654)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) + + +## v0.0.8 (2021-09-08) + +### Fix + +* fix: initial release to pypi, tell poetry to include cyclonedx package ([`a030177`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a030177cb1a370713c4438b13b7520ef6afd19f6)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`69aaba5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/69aaba5f941cbffc40b47d18c6f9dd9dd754b57b)) +### Unknown * 0.0.8 -Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) +Automatically generated by python-semantic-release ([`fc3f24c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fc3f24c13938948c4786ecf8ace3fc241c0f458e)) + +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) + + +## v0.0.7 (2021-09-08) + +### Fix + +* fix: release with full name ([`4c620ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c620ed053aac8c31343b1ca84ca56912b762ab2)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`da2d18c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/da2d18cd60a781bf097e563466bda0d3e51b9e8f)) +### Unknown * 0.0.7 -Automatically generated by python-semantic-release ([`19943e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) +Automatically generated by python-semantic-release ([`19943e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/19943e8287bbe67031cada6f5377d438f2b033c1)) + + +## v0.0.6 (2021-09-08) + +### Fix + +* fix: initial release to pypi ([`99687db`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/99687dbec1389bf323bb625bfb707306aa3b8d1a)) + +### Unknown * 0.0.6 -Automatically generated by python-semantic-release ([`98ad249`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) +Automatically generated by python-semantic-release ([`98ad249`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/98ad24950dbb5f5b08db41e1bb4e359f8f0b8b49)) -* Switch to using action ([`cce468a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) +* Switch to using action ([`cce468a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce468a7004d848ddbaab4affa392bd2f74414dd)) + + +## v0.0.5 (2021-09-08) + +### Unknown * 0.0.5 -Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) +Automatically generated by python-semantic-release ([`9bf4b9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf4b9a29cc4b0bbdf5771ffc22b918a6081a0a1)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`eeec0bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eeec0bba7d0a615f8384caa50ed95c2240b5a951)) -* Try this on for size ([`aa93310`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) +* Try this on for size ([`aa93310`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa93310830a86aa441337be34081c46d9475384c)) + + +## v0.0.4 (2021-09-08) + +### Unknown * 0.0.4 -Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) +Automatically generated by python-semantic-release ([`b16d6c5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b16d6c59495de396c73dfe1ffabcbfd325dfa619)) -* Use python3 to install ([`4c810e1`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) +* Use python3 to install ([`4c810e1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c810e16b1a93afb923652f66e77ee08ff0ffd49)) + + +## v0.0.3 (2021-09-08) + +### Unknown * 0.0.3 -Automatically generated by python-semantic-release ([`05306ee`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) +Automatically generated by python-semantic-release ([`05306ee`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/05306ee235df1d7aa662c9323e6186cc3d1129dc)) -* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) +* Merge branch 'main' of github.com:CycloneDX/cyclonedx-python-lib into main ([`f1d120c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f1d120c5dca530424dd79b3303458cc0adbc28de)) -* Bump up version of poetry ([`89db268`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) +* Bump up version of poetry ([`89db268`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/89db2689bbdb94f2f290abe1bf721b163d75001e)) + + +## v0.0.2 (2021-09-08) + +### Unknown * 0.0.2 -Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) +Automatically generated by python-semantic-release ([`e15dec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e15dec696bd88d00f5f5fdce74cb407bc65a42e2)) -* Remove check for push ([`71b1270`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) +* Remove check for push ([`71b1270`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/71b12709f0fb55852cbb030669a80a5ebd2f2e92)) -* Manual deploy workflow ([`9b4ac33`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) +* Manual deploy workflow ([`9b4ac33`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b4ac335becf7e7b83cd3fa619c8975b6335f5eb)) -* License headers, OWASP etc... ([`559b8d2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) +* License headers, OWASP etc... ([`559b8d2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/559b8d227e52b6798a71149c87f4090ea1244c85)) -* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) +* Fixed unit tests pinned to a VERISON. ([`5d907d5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d907d58e57f2eb7731047a51a88104cb07c1796)) -* Bump to version 0.0.2 ([`1050839`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) +* Bump to version 0.0.2 ([`1050839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/105083951dc93f28a4816c0c699af7db7f2789d9)) -* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) +* Implemented writing SBOM to a file. ([`74f4153`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/74f4153d84c3bbdb875eac679fe933b777f90f18)) -* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) +* Updated badge in README to include Python 3.6+ support. ([`0a5903c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a5903c56971a19172fe904f02836c5c5e2262db)) -* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) +* Removed print() statement accidentally left in. ([`22965a7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/22965a707de6db7bb08721809035562be72c69d5)) * Merge pull request #1 from sonatype-nexus-community/features/initial-port-of-v1.1-generation-from-jake -Initial port of library code to new library ([`2f2634b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) +Initial port of library code to new library ([`2f2634b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f2634b86612b4f0d2142b09f3aece588937fcaa)) -* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) +* Added license headers to all source files. Added classifiers for Python version to setup.py. ([`bb6bb24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb6bb24440996257ce609b0f399f930153b65e8e)) -* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) +* Renamed model file to not reference CycloneDX as the models are agnostic on purpose. ([`03d03ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/03d03edfca7bed56d21733120cb5b002a32bb466)) -* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) +* Forgot to add updated poetry.lock file relfecting Python 3.6+ support ([`5d3d491`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d3d49184039a2f41411cd96d5dfcf1544fab05f)) -* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) +* Updated project to state support from Python v3.6+ ([`619ee1d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/619ee1dfc23f7220a1941c3fa5068761346c84cb)) -* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) +* Adding Python 3.6 support for test & CI. ([`daa12ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/daa12ba8925128da040cf836bc3f16a2126e9091)) -* Fixing CircleCI config. ([`a446f4c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) +* Fixing CircleCI config. ([`a446f4c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a446f4cb197fd40a3065a372108c1719cde91136)) -* Fixes to GitHub actions. ([`d2aa277`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) +* Fixes to GitHub actions. ([`d2aa277`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d2aa277bce954100adad42e33c095bc1f9ce23cd)) -* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) +* Disabled Py3.6 checks and added flake8. ([`8c01da3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c01da3d8f6038fb24df07ab3fb0945c79893e9f)) -* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) +* Attempt to fix CI's for multiple Python environments. ([`affb6b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/affb6b2dc7afeaff5b5cd0a1d4f65678394a2ff7)) -* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) +* Added support for Python versions 3.7+ ([`ae24ba9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ae24ba9c26ddf4ef91937e8489b1894a986724de)) -* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) +* Added missing ENV var for GH actions. ([`c750ec6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c750ec62411c6d4473d3cc0a33dc96f90a443cef)) -* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) +* Missed wrapping a coverage command with poetry. ([`3c74c82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3c74c822445e5aeaaa387c8e5522ca8cd841cfd8)) -* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) +* Added poetry virtualenv caching + wrapped tox and coverage with poetry to ensure they run in the poetry venv. ([`780e3df`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/780e3dfa043957174e1f79cf450d1ee69d6530d3)) -* Fixed typo in Github action. ([`3953675`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) +* Fixed typo in Github action. ([`3953675`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/395367531e7a00c086e723a78d059e6016fb242e)) -* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) +* Correction: Supported Python version in setup.py ([`2f4917b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2f4917ba81f8ddba994a2c5012303bccb307a419)) -* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) +* Updated poetry dependencies and configuration. ([`75041e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75041e51ff684853d7c2b94e5a722a4ec14043fc)) -* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) +* Initial draft GitHub actions being added. ([`e2403e8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e2403e8c4194be6bee70a58ef86d9acec6de5dbb)) -* Added Poetry supprot. ([`e9a67f8`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) +* Added Poetry supprot. ([`e9a67f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e9a67f8a405b6c664d2b91bd4966a8ade9902d40)) -* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) +* Addressing issues reported by flake8. ([`3ad394c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3ad394c14d9cbf3e706f4fe47b6f83938576a2ac)) -* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) +* Refactored output classes to use multiple inheritance allowing a single place to define which schema version support various attributes and elements. ([`95c5b38`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/95c5b389bb5c8c358420aaf5c62694dcabe663ce)) -* Updated README to reflect support for author. ([`bff5954`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) +* Updated README to reflect support for author. ([`bff5954`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bff5954f70967f3605fa6226a223590b89e07313)) -* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) +* Skeleton support for 'author' + v1.1 and v1.0 for JSON added (along with tests). ([`e987f35`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e987f357314199442ed2c5823575833915dfccb1)) -* Corrected typo in README ([`0d2c355`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) +* Corrected typo in README ([`0d2c355`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d2c35519374b4efddf399dd519e5a1443a56692)) -* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) +* Updated README to include a summary of the support this library provides across the different schema versions. ([`34f421f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/34f421f4076d16c30ddf291f5c1866c1b623258a)) -* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) +* Initial support for V1.0 and V1.1 in XML output format. ([`37f6b00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37f6b00b7e354b76a9f8f72ed2c1004a0e728319)) -* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) +* Added 'serialNumber' to SBOMs (JSON and XML). ([`50e3c75`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/50e3c7546b92e3241feefa6dea0fbfa9c1145843)) -* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) +* Added a bunch more content to the README to explain how the library can be used. ([`bb41dc6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb41dc6d333f59025aae97c602cbe41343645b20)) -* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) +* Added metadata initial support to JSON output format. ([`8c5590f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8c5590fd3c5c59de9a5b6cf49005f4c6e444265d)) -* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) +* Addition of simple 'metadata' element for XML SBOM's. ([`f9e9773`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f9e97733b0cc57bbb71341b4ced4ccc8f09b7f28)) -* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) +* Added initial JSON outputter and associated tests. ([`3e1f5ec`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3e1f5ec9354a779adf44129656a1ccdcffadee6d)) -* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) +* Fix to generate HTML coverage reports and stash in CircleCI builds. ([`dd88603`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dd886032b92d491f462d62f269f3df7ed823d436)) -* Added HTML coverage report. ([`ce700e5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) +* Added HTML coverage report. ([`ce700e5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ce700e5bdff7ce4a8bd5614239b129e59afe2908)) -* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) +* Missed coverage as a dependency for testing. ([`01643d6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/01643d67f73ec8ee35884d0bcc15c892649f6b72)) -* Added coverage reporting for tests ([`c34b1a6`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) +* Added coverage reporting for tests ([`c34b1a6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c34b1a63fd7958d2b1060ba51054a55b57228549)) -* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) +* Added first tests for XML SBOM generation (v1.3 and v1.2). ([`cb4337a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cb4337a1cb14ee62471140add8954dd7c5b6b314)) -* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) +* WIP: Starting to generate XML output for BOMs ([`35bdfca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35bdfca4fc01cdb3fa7ab6fb37b1c05eaa7189ec)) -* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) +* Updated CircleCI config to run tox. Fixed fomratting in tests. ([`9a56230`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a5623098ff712df0cefbd2327e8058f9ac74e17)) -* Rebasing from main. ([`822ab8b`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) +* Rebasing from main. ([`822ab8b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/822ab8b43a06bf1712d134d44acb136e70134c05)) -* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) +* Initial skeleton tests for output genereation. ([`a614f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a614f3e9cc6210a25daff79e4ec428f15221cc1e)) -* pretty badge ([`60e975c`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) +* pretty badge ([`60e975c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/60e975c12cdf6c15c9e38585becaf53850609d67)) -* initial CI for discussion ([`7e88cd5`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) +* initial CI for discussion ([`7e88cd5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7e88cd5920480cd6bde4e72b8b85314242964013)) -* Added a little more information to the README. ([`460c624`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) +* Added a little more information to the README. ([`460c624`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/460c62487e66df750a99e10a62bf19bf0baf2e76)) -* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) +* Fixed issue reported by Flake8. Ensuring tests run on PY 3.9. ([`cce130f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/cce130f53a7c73554015ce672cbe8799e863e64b)) -* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) +* Basic structure without any output generation available (very basic Component definition). ([`6ac5dc2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6ac5dc29fb4bc52f66698966e0b570588621be72)) -* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) +* Added tox config with flake8 and py3.9 support. ([`1def201`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1def2015d3aad4b58980d9b86cca840f19ac4ee6)) -* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) +* Initially added skeleton packaging structure and official CycloneDX schemas. ([`ac519c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac519c9a21bc8e4a75927868f32f29febc648509)) -* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) +* Added inital blank README prior to branching for initial work. ([`b175f6a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b175f6a9178c510cfa14b5d2788feecfd65d8e94)) -* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) +* Added inital blank README prior to branching for initial work. ([`e8b5d48`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e8b5d4802079f92da106b8e0a68f9311c328a656)) -* Initial commit ([`62353b0`](https://github.com/saquibsaifee/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) +* Initial commit ([`62353b0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/62353b0ce57f797bcb9dfd97871e886db8269478)) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 1809a0e2..daefd93d 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "1.0.0" # noqa:Q000 +__version__ = "8.3.0" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 27ff176a..5890b293 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '1.0.0' +release = '8.3.0' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 29c6c561..82f08931 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "1.0.0" +version = "8.3.0" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From 272e28049a9703e5449ffb5bed839d201ad1a3c0 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sun, 27 Oct 2024 09:43:49 +0100 Subject: [PATCH 32/37] chore: py-release workflow is not auto-triggered anymore Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee --- .github/workflows/release.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 90be2059..709e9c57 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,8 +1,6 @@ name: Release on: - push: - branches: [ 'main', 'master' ] workflow_dispatch: inputs: release_force: From f9f960768ea2fdda25c1fa376fa5dce7fd97e1ac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 27 Oct 2024 09:50:11 +0100 Subject: [PATCH 33/37] chore(deps-dev): update tox requirement from 4.23.0 to 4.23.2 (#729) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
Release notes

Sourced from tox's releases.

4.23.2

What's Changed

New Contributors

Full Changelog: https://github.com/tox-dev/tox/compare/4.23.1...4.23.2

Changelog

Sourced from tox's changelog.

v4.23.2 (2024-10-22)

Misc - 4.23.2

- :issue:`3415`

v4.23.1 (2024-10-21)


Improved Documentation - 4.23.1

  • Fix bad example in documentation for dependency groups - by :user:gaborbernat. (:issue:3240)

v4.23.0 (2024-10-16)

Features - 4.23.0

- Add ``NETRC`` to the list of environment variables always
passed through. (:issue:`3410`)

Improved Documentation - 4.23.0

  • replace [tool.pyproject] and [tool.tox.pyproject] with [tool.tox] in config.rst (:issue:3411)

v4.22.0 (2024-10-15)

Features - 4.22.0

- Implement dependency group support as defined in :pep:`735`
- see :ref:`dependency_groups` - by :user:`gaborbernat`. (:issue:`3408`)

v4.21.2 (2024-10-03)


Bugfixes - 4.21.2

  • Include tox.toml in sdist archives to fix test failures resulting from its lack.
    • by :user:mgorny (:issue:3389)

v4.21.1 (2024-10-02)

Bugfixes - 4.21.1

- Fix error when using ``requires`` within a TOML
configuration file - by :user:`gaborbernat`. (:issue:`3386`)
- Fix error when using ``deps`` within a TOML configuration file - by
:user:`gaborbernat`. (:issue:`3387`)
- Multiple fixes for the TOML configuration by :user:`gaborbernat`.:

    

  • Do not fail when there is an empty command within
commands.
</tr></table>

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Saquib Saifee --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 82f08931..fd78e624 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -97,7 +97,7 @@ isort = "5.13.2" autopep8 = "2.3.1" mypy = "1.12.0" tomli = { version = "2.0.2", python = "<3.11" } -tox = "4.23.0" +tox = "4.23.2" xmldiff = "2.7.0" bandit = "1.7.10" From 08774d655663cb772edbe2084407278cc81cad94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 27 Oct 2024 09:50:26 +0100 Subject: [PATCH 34/37] chore(deps-dev): update mypy requirement from 1.12.0 to 1.13.0 (#730) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the requirements on [mypy](https://github.com/python/mypy) to permit the latest version.
Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.13

We’ve just uploaded mypy 1.13 to the Python Package Index (PyPI). Mypy is a static type checker for Python. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Note that unlike typical releases, Mypy 1.13 does not have any changes to type checking semantics from 1.12.1.

Improved performance

Mypy 1.13 contains several performance improvements. Users can expect mypy to be 5-20% faster. In environments with long search paths (such as environments using many editable installs), mypy can be significantly faster, e.g. 2.2x faster in the use case targeted by these improvements.

Mypy 1.13 allows use of the orjson library for handling the cache instead of the stdlib json, for improved performance. You can ensure the presence of orjson using the faster-cache extra:

python3 -m pip install -U mypy[faster-cache]

Mypy may depend on orjson by default in the future.

These improvements were contributed by Shantanu.

List of changes:

  • Significantly speed up file handling error paths (Shantanu, PR 17920)
  • Use fast path in modulefinder more often (Shantanu, PR 17950)
  • Let mypyc optimise os.path.join (Shantanu, PR 17949)
  • Make is_sub_path faster (Shantanu, PR 17962)
  • Speed up stubs suggestions (Shantanu, PR 17965)
  • Use sha1 for hashing (Shantanu, PR 17953)
  • Use orjson instead of json, when available (Shantanu, PR 17955)
  • Add faster-cache extra, test in CI (Shantanu, PR 17978)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • Shantanu Jain
  • Jukka Lehtosalo

Mypy 1.12

We’ve just uploaded mypy 1.12 to the Python Package Index (PyPI). Mypy is a static type

... (truncated)

Commits

Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | mypy | [>= 0.971.a, < 0.972] |
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Saquib Saifee --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index fd78e624..6adc9a92 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -95,7 +95,7 @@ flake8-use-fstring = "1.4" pep8-naming = "0.14.1" isort = "5.13.2" autopep8 = "2.3.1" -mypy = "1.12.0" +mypy = "1.13.0" tomli = { version = "2.0.2", python = "<3.11" } tox = "4.23.2" xmldiff = "2.7.0" From 7df7d03648f2883c7844326d4c452baeae71ab7a Mon Sep 17 00:00:00 2001 From: Saquib Saifee Date: Mon, 14 Oct 2024 18:36:24 -0400 Subject: [PATCH 35/37] chore: fix the typo Signed-off-by: Saquib Saifee Signed-off-by: Saquib Saifee From 8ccb9f5e3cf8cd23b3119d88f7ac8b4367bbfec6 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Tue, 15 Oct 2024 16:42:15 +0200 Subject: [PATCH 36/37] chore(docs): link python test snapshots docs Signed-off-by: Jan Kowalleck Signed-off-by: Saquib Saifee From 8793fef58613b3ec8c55c7206770588017f8e677 Mon Sep 17 00:00:00 2001 From: weichslgartner Date: Wed, 23 Oct 2024 20:31:25 +0200 Subject: [PATCH 37/37] chore: fix pre-commit hook for mypy (#723) Fixes #721 Signed-off-by: weichslgartner Signed-off-by: Saquib Saifee