Releases · CycloneDX/cyclonedx-javascript-library

15 May 19:33

github-actions

v2.0.0-rc.0

e0e230a

2.0.0-rc.0 Pre-release

Pre-release

Breaking Changes:

Class Factories.LicenseFactory was modified
- Function makeFromString() was changed in its behaviour (#271, #530 via #547)
  Will try to create Models.SpdxLicense if value is eligible,
  else try to create Models.LicenseExpression if value is eligible,
  else fall back to Models.NamedLicense.
- Renamed function makeDisjunctiveWithId() -> makeSpdxLicense() (#530 via #547)
- Renamed function makeDisjunctiveWithName() -> makeNamedLicense() (#530 via #547)
Class Models.LicenseExpression was modified
- Removed static function isEligibleExpression() (via #547)
  Use Spdx.isValidSpdxLicenseExpression() instead.
- Constructor no longer throws, when value is not eligible (#530 via #547)
  You may utilize Factories.LicenseFactory to mimic the previous behaviour.
- Property expression setter no longer throws, when value is not eligible (#530 via #547)
  You may utilize Factories.LicenseFactory to mimic the previous behaviour.
Class Models.SpdxLicense was modified
- Constructor no longer throws, when value is not eligible (#530 via #547)
- Property id setter no longer throws, when value is not eligible (#530 via #547)
Interface Spec.Protocol now defines a new mandatory property supportsComponentEvidence:boolean (via #753)
Interface Spec.Protocol now defines a new mandatory property supportsVulnerabilities:boolean (via #722)
Removed deprecated symbols (#747 via #752)
- Namespace {Builders,Factories}.FromPackageJson -> use {Builders,Factories}.FromNodePackageJson instead
- Class Models.HashRepository -> use Models.HashDictionary instead
- Function Serialize.{Json,Xml}.Normalize.*.normalizeRepository() -> use Serialize.{Json,Xml}.Normalize.*.normalizeIterable() instead
- Type alias Types.UrnUuid - use string instead
  Type predicate Types.isUrnUuid() no longer exists

Changed

Removed beta state from symbols {Enums,Models}.Vulnerability.* (#164 via #722)
The structures are defined as stable now.
Class Models.Attachment was modified
- Property content was widened to be any stringable, was string (#516 via #753)
  This enables the use of Buffer and other data-saving mechanisms.
Class Models.Component was modified
- Property copyright was widened to be any stringable, was string (#516 via #753)
  This enables the use of Buffer and other data-saving mechanisms.
Class Models.Vulnerability.Credits was modified
- Property organizations is no longer optional (via #722)
  This collection(Set) will always exist, but might be empty.
  This is considered a non-breaking change, as the class was in beta state.
- Property individuals is no longer optional (via #722)
  This collection(Set) will always exist, but might be empty.
  This is considered a non-breaking change, as the class was in beta state.

Added

Serializers and Bom-Normalizers will take Bom.vulnerabilities into account (#164 via #722)
Serializers and Component-Normalizers will take Component.evidence into account (#516 via #753)
Namespace Models was enhanced
- Class Component was enhanced
  - New optional property evidence of type Models.ComponentEvidence (#516 via #753)
- New Classes ComponentEvidence (#516 via #753)
- NamespaceVulnerability was enhanced
  - Class Advisory was enhanced
    - New method compare() (via #722)
  - Class AdvisoryRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
  - Class Affect was enhanced
    - New method compare() (via #722)
  - Class AffectRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
  - Class AffectedSingleVersion was enhanced
    - New method compare() (via #722)
  - Class AffectedVersionRange was enhanced
    - New method compare() (via #722)
  - Class AffectedVersionRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
  - Class Rating was enhanced
    - New method compare() (via #722)
  - Class RatingRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
  - class Reference was enhanced
    - New method compare() (via #722)
  - Class ReferenceRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
  - class Source was enhanced
    - New method compare() (via #722)
  - class Vulnerability was enhanced
    - New method compare() (via #722)
  - Class VulnerabilityRepository was enhanced
    - New method sorted() (via #722)
    - New method compare() (via #722)
Namespace Serialize.{Json,Xml}.Normalize was enhanced
- Class Factory was enhanced
  - New Method makeForComponentEvidence() (#516 via #753)
  - New method makeForVulnerability() (#164 via #722)
  - New method makeForVulnerabilitySource() (#164 via #722)
  - New method makeForVulnerabilityReference() (#164 via #722)
  - New method makeForVulnerabilityRating (#164 via #722)
  - New method makeForVulnerabilityAdvisory (#164 via #722)
  - New method makeForVulnerabilityCredits (#164 via #722)
  - New method makeForVulnerabilityAffect (#164 via #722)
  - New method makeForVulnerabilityAffectedVersion (#164 via #722)
  - New method makeForVulnerabilityAnalysis (#164 via #722)
- New class ComponentEvidenceNormalizer (#516 via #753)
- Class OrganizationalEntityNormalizer was enhanced
  - New method normalizeIterable() (via #722)
- New class VulnerabilityNormalizer (#164 via #722)
- New class VulnerabilityAdvisoryNormalizer (#164 via #722)
- New class VulnerabilityAffectNormalizer (#164 via #722)
- New class VulnerabilityAffectedVersionNormalizer (#164 via #722)
- New class VulnerabilityAnalysisNormalizer (#164 via #722)
- New class VulnerabilityCreditsNormalizer (#164 via #722)
- New class VulnerabilityRatingNormalizer (#164 via #722)
- New class VulnerabilityReferenceNormalizer (#164 via #722)
- New class VulnerabilitySourceNormalizer (#164 via #722)
Namespace Spec
- Const Spec1dot{2,3,4}
  - New Property supportsComponentEvidence:boolean (via #753)
  - New Property supportsVulnerabilities:boolean (via #722)
Namespace Spdx
- New function isValidSpdxLicenseExpression() (#271 via #547)

Misc

New dependency spdx-expression-parse (via #547)

Full Changelog: v1.14.0...v2.0.0-rc.0

Assets 2

25 Apr 17:00

github-actions

v1.14.0

d9dec38

1.14.0

Added

Formal validators for JSON string and XML string (#620 via #652, #691)
Currently, available only for Node.js. Requires optional dependencies.
- Related new validator classes:
  - Validation.JsonValidator
  - Validation.JsonStrictValidator
  - Validation.XmlValidator
- Related new error classes:
  - Validation.NotImplementedError
  - Validation.MissingOptionalDependencyError

Build

Use TypeScript v5.0.4 now, was v4.9.5. (#549 via #644)
Use Webpack v5.80.0 now, was 5.79.0. (via #686)

Full Changelog: v1.13.3...v1.14.0

Assets 2

24 Apr 12:30

github-actions

v1.14.0-rc.3

6774356

1.14.0-rc.3 Pre-release

Pre-release

v1.14.0-rc.3

prerelease 1.14.0-rc.3

Assets 2

23 Apr 12:57

github-actions

v1.14.0-rc.2

4d5b2ce

1.14.0-rc.2 Pre-release

Pre-release

v1.14.0-rc.2

1.14.0-rc.2

Assets 2

23 Apr 09:41

github-actions

v1.14.0-rc.1

dc8599b

1.14.0-rc.1 Pre-release

Pre-release

v1.14.0-rc.1

1.14.0-rc.1

Assets 2

21 Apr 11:00

github-actions

v1.14.0-rc.0

670c5d9

1.14.0-rc.0 Pre-release

Pre-release

v1.14.0-rc.0

prerelease 1.14.0-rc.0

Assets 2

05 Apr 10:58

github-actions

v1.13.3

4f010d5

1.13.3

Fixed

Serialize.{JSON,XML}.Normalize.LicenseNormalizer.normalizeIterable() now omits invalid license combinations (#602 via #623)
If there is any Models.LicenseExpression, then this is the only license normalized; otherwise all licenses are normalized.

Docs

Fixed link to CycloneDX-specification in README (via #617)

Full Changelog: v1.13.2...v1.13.3

Assets 2

29 Mar 16:57

github-actions

v1.13.2

18ffe35

1.13.2

Fixed

Builders.FromNodePackageJson.ComponentBuilder no longer cuts component's name after a slash(/) (#599 via #600)

Full Changelog: v1.13.1...v1.13.2

Assets 2

28 Mar 16:15

github-actions

v1.13.1

74ce3a9

1.13.1

Docs

Announce and annotate the generator for BOM's SerialNumber (#588 via #598)

Full Changelog: v1.13.0...v1.13.1

Assets 2

28 Mar 13:52

github-actions

v1.13.0

bfd5d7e

1.13.0

Fixed

"Bom.serialNumber" data model can have values following the alternative format allowed in CycloneDX XML specification (#588 via #597)
Serialize.{JSON,XML}.Normalize.BomNormalizer.normalize now omits invalid/unsupported values for serialNumber (#588 via #597)

Changed

Property Models.Bom.serialNumber is of type string, was type-aliased Types.UrnUuid = string (#588 via #597)
Also, the setter no longer throws exceptions, since no string format is illegal.
This is considered a non-breaking behavior change, because the corresponding normalizers assure valid data results.

Added

Published generator for BOM's SerialNumber: Utils.BomUtility.randomSerialNumber() (#588 via #597)
The code was donated from cyclonedx-node-npm.

Deprecation

Type alias Types.UrnUuid = string became deprecated (via #597)
Use type string instead.
Function Types.isUrnUuid became deprecated (via #597)

Full Changelog: v1.12.1...v1.13.0

Assets 2

Uh oh!

Releases: CycloneDX/cyclonedx-javascript-library

2.0.0-rc.0

Breaking Changes:

Changed

Added

Misc

Uh oh!

1.14.0

Added

Build

Uh oh!

1.14.0-rc.3

Uh oh!

1.14.0-rc.2

Uh oh!

1.14.0-rc.1

Uh oh!

1.14.0-rc.0

Uh oh!

1.13.3

Fixed

Docs

Uh oh!

1.13.2

Fixed

Uh oh!

1.13.1

Docs

Uh oh!

1.13.0

Fixed

Changed

Added

Deprecation

Uh oh!