Skip to content

Commit 26c7ee9

Browse files
jkowalleckjkowalleck
committed
Merge remote-tracking branch 'origin/9.0.0-dev' into feat/BomRef-affects-comparissons-equality
2 parents 008a797 + 7c20c8e commit 26c7ee9

File tree

52 files changed

+1730
-666
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

52 files changed

+1730
-666
lines changed

.flake8

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,3 +41,6 @@ copyright-text =
4141
'#'
4242
'# SPDX-License-Identifier: Apache-2.0'
4343
'# Copyright (c) OWASP Foundation. All Rights Reserved.'
44+
lines-to-exclude =
45+
## shebang
46+
'#!'

CHANGELOG.md

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,75 @@
22

33

44

5+
## v8.7.0 (2025-02-06)
6+
7+
### Feature
8+
9+
* feat: allow empty `OrganizationalContact` object (#772)
10+
11+
fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/771
12+
13+
---------
14+
15+
Signed-off-by: Johannes Feichtner <[email protected]>
16+
Signed-off-by: Johannes Feichtner <[email protected]> ([`03b35f4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/03b35f4293ab3b4c402c7bb8ff458831e492cb8b))
17+
18+
19+
## v8.6.0 (2025-02-04)
20+
21+
### Feature
22+
23+
* feat: expand the capabilities of `models.definition.Standard` (#713)
24+
25+
26+
---------
27+
28+
Signed-off-by: Hakan Dilek <[email protected]>
29+
Signed-off-by: Jan Kowalleck <[email protected]>
30+
Co-authored-by: Jan Kowalleck <[email protected]> ([`901dcdc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/901dcdc60a8a46d30878764d7b8bda69c6ba8b80))
31+
32+
* feat: allow empty `OrganizationalEntity` object (#768)
33+
34+
fixes https://github.com/CycloneDX/cyclonedx-python-lib/issues/764
35+
36+
Signed-off-by: Johannes Feichtner <[email protected]> ([`472bded`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/472bded38cd480ba6885d44c798e015b63c89190))
37+
38+
39+
## v8.5.1 (2025-01-28)
40+
41+
### Documentation
42+
43+
* docs: responsibilities & capabilities (#763)
44+
45+
46+
47+
Signed-off-by: Jan Kowalleck <[email protected]> ([`ab4ae45`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ab4ae4578555f010914d7e904133dd478d7c80c1))
48+
49+
* docs: Fix typos in in conda-forge.md and remove unused reference in README (#762)
50+
51+
- Fix few typos in conda-forge.md
52+
- Removed unused PEP-508 ref in README.md
53+
54+
Signed-off-by: Arthit Suriyawongkul <[email protected]> ([`66ece7a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/66ece7ae0042740a541ceed3048b89c4f2b24145))
55+
56+
* docs: modernize docstrings for CDX1.6 (#759)
57+
58+
Signed-off-by: Jan Kowalleck <[email protected]> ([`fb9a42e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/fb9a42ef9bda6407ddf4c49e75d10aa0fc91e46d))
59+
60+
### Feature
61+
62+
* feat: couple classes and their serializes (#757)
63+
64+
Deprecates `.serialization.BomRefHelper` and
65+
`.serialization.LicenseRepositoryHelper`
66+
67+
fixes #756
68+
69+
---------
70+
71+
Signed-off-by: Jan Kowalleck <[email protected]> ([`6003feb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6003febaa032969732ee246deb739d1e13bae581))
72+
73+
574
## v8.5.0 (2024-11-18)
675

776
### Documentation

README.md

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -17,20 +17,22 @@
1717
OWASP [CycloneDX][link_website] is a full-stack Bill of Materials (BOM) standard
1818
that provides advanced supply chain capabilities for cyber risk reduction.
1919

20-
This Python package provides data models, validators and more,
20+
This Python package provides data models, validators and more,
2121
to help you create/render/read CycloneDX documents.
2222

23-
**This package is not designed for standalone use. It is a software library.**
24-
25-
As of version `3.0.0`, the internal data model was adjusted to allow CycloneDX VEX documents to be produced as per
26-
[official examples](https://cyclonedx.org/capabilities/bomlink/#linking-external-vex-to-bom-inventory) linking VEX to a separate CycloneDX document.
27-
28-
If you're looking for a CycloneDX tool to run to generate (SBOM) software bill-of-materials documents, why not checkout
29-
[CycloneDX Python][cyclonedx-python] or [Jake][jake].
23+
> [!NOTE]
24+
> This package is a software library not intended for standalone use.
25+
> For generating Software Bill of Materials (SBOM), check out [CycloneDX Python][cyclonedx-python] or [Jake][jake].
3026
3127
## Documentation
3228

33-
View the documentation [here](https://cyclonedx-python-library.readthedocs.io/).
29+
Complete documentation is available on [Read the Docs][link_rtfd]. This includes:
30+
- Responsibilities & Capabilities
31+
- Install Instructions
32+
- API Reference
33+
- Usage Examples
34+
- Integration Guides
35+
- Best Practices
3436

3537
## Python Support
3638

@@ -81,5 +83,3 @@ See the [LICENSE][license_file] file for the full license.
8183
[link_slack]: https://cyclonedx.org/slack/invite
8284
[link_discussion]: https://groups.io/g/CycloneDX
8385
[link_twitter]: https://twitter.com/CycloneDX_Spec
84-
85-
[PEP-508]: https://www.python.org/dev/peps/pep-0508/

cyclonedx/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,4 +22,4 @@
2222

2323
# !! version is managed by semantic_release
2424
# do not use typing here, or else `semantic_release` might have issues finding the variable
25-
__version__ = "8.5.0" # noqa:Q000
25+
__version__ = "8.7.0" # noqa:Q000

cyclonedx/_internal/compare.py

Lines changed: 11 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -58,40 +58,25 @@ def __gt__(self, other: Any) -> bool:
5858
return False
5959

6060

61-
class ComparableDict:
61+
class ComparableDict(ComparableTuple):
6262
"""
6363
Allows comparison of dictionaries, allowing for missing/None values.
6464
"""
6565

66-
def __init__(self, dict_: Dict[Any, Any]) -> None:
67-
self._dict = dict_
68-
69-
def __lt__(self, other: Any) -> bool:
70-
if not isinstance(other, ComparableDict):
71-
return True
72-
keys = sorted(self._dict.keys() | other._dict.keys())
73-
return ComparableTuple(self._dict.get(k) for k in keys) \
74-
< ComparableTuple(other._dict.get(k) for k in keys)
75-
76-
def __gt__(self, other: Any) -> bool:
77-
if not isinstance(other, ComparableDict):
78-
return False
79-
keys = sorted(self._dict.keys() | other._dict.keys())
80-
return ComparableTuple(self._dict.get(k) for k in keys) \
81-
> ComparableTuple(other._dict.get(k) for k in keys)
66+
def __new__(cls, d: Dict[Any, Any]) -> 'ComparableDict':
67+
return super(ComparableDict, cls).__new__(cls, sorted(d.items()))
8268

8369

8470
class ComparablePackageURL(ComparableTuple):
8571
"""
8672
Allows comparison of PackageURL, allowing for qualifiers.
8773
"""
8874

89-
def __new__(cls, purl: 'PackageURL') -> 'ComparablePackageURL':
90-
return super().__new__(
91-
ComparablePackageURL, (
92-
purl.type,
93-
purl.namespace,
94-
purl.version,
95-
ComparableDict(purl.qualifiers) if isinstance(purl.qualifiers, dict) else purl.qualifiers,
96-
purl.subpath
97-
))
75+
def __new__(cls, p: 'PackageURL') -> 'ComparablePackageURL':
76+
return super(ComparablePackageURL, cls).__new__(cls, (
77+
p.type,
78+
p.namespace,
79+
p.version,
80+
ComparableDict(p.qualifiers) if isinstance(p.qualifiers, dict) else p.qualifiers,
81+
p.subpath
82+
))

cyclonedx/exception/model.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -123,3 +123,11 @@ class LicenseExpressionAlongWithOthersException(CycloneDxModelException):
123123
See https://github.com/CycloneDX/specification/pull/205
124124
"""
125125
pass
126+
127+
128+
class InvalidCreIdException(CycloneDxModelException):
129+
"""
130+
Raised when a supplied value for an CRE ID does not meet the format requirements
131+
as defined at https://opencre.org/
132+
"""
133+
pass

0 commit comments

Comments
 (0)