From f4388771dcf0acc0e6e40080493af5e4e3353a19 Mon Sep 17 00:00:00 2001
From: Souta Kawahara <souta.kawahara@almalinux.org>
Date: Mon, 30 Jun 2025 21:17:07 +0900
Subject: [PATCH 1/6] fix: Annotate deprecated classes using `@deprecated`

Signed-off-by: Souta Kawahara <souta.kawahara@almalinux.org>
---
 cyclonedx/serialization/__init__.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/cyclonedx/serialization/__init__.py b/cyclonedx/serialization/__init__.py
index aeab0364..d4007da7 100644
--- a/cyclonedx/serialization/__init__.py
+++ b/cyclonedx/serialization/__init__.py
@@ -27,11 +27,17 @@
 from packageurl import PackageURL
 from py_serializable.helpers import BaseHelper
 
+try:
+    from warnings import deprecated
+except ImportError:
+    from typing_extensions import deprecated
+
 from ..exception.serialization import CycloneDxDeserializationException, SerializationOfUnexpectedValueException
 from ..model.bom_ref import BomRef
 from ..model.license import _LicenseRepositorySerializationHelper
 
 
+@deprecated('Use :class:`BomRef` instead.')
 class BomRefHelper(BaseHelper):
     """**DEPRECATED** in favour of :class:`BomRef`.
 
@@ -88,6 +94,7 @@ def deserialize(cls, o: Any) -> UUID:
             ) from err
 
 
+@deprecated('No public API planned for replacing this,')
 class LicenseRepositoryHelper(_LicenseRepositorySerializationHelper):
     """**DEPRECATED**
 

From b50a28a13e662dee983bf10cce49494168f7174f Mon Sep 17 00:00:00 2001
From: Souta Kawahara <souta.kawahara@almalinux.org>
Date: Fri, 27 Jun 2025 08:44:41 +0900
Subject: [PATCH 2/6] fix: Annotate Tool class using `@deprecated`

Signed-off-by: Souta Kawahara <souta.kawahara@almalinux.org>
---
 cyclonedx/model/tool.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/cyclonedx/model/tool.py b/cyclonedx/model/tool.py
index 6b56057f..f44ce51c 100644
--- a/cyclonedx/model/tool.py
+++ b/cyclonedx/model/tool.py
@@ -26,6 +26,11 @@
 from py_serializable.helpers import BaseHelper
 from sortedcontainers import SortedSet
 
+try:
+    from warnings import deprecated
+except ImportError:
+    from typing_extensions import deprecated
+
 from .._internal.compare import ComparableTuple as _ComparableTuple
 from ..schema import SchemaVersion
 from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6
@@ -37,6 +42,12 @@
     from py_serializable import ObjectMetadataLibrary, ViewType
 
 
+@deprecated(
+    '`Tool` is deprecated from CycloneDX v1.5 onwards. '
+    'This class provides a compatibility layer for backward compatibility '
+    'Use `Component` or `Service` instead, and store data under '
+    '`tools.components` or `tools.services`.'
+)
 @serializable.serializable_class
 class Tool:
     """

From 223ebf72d35c1bb3939f865087b1158e3707eb1c Mon Sep 17 00:00:00 2001
From: Souta Kawahara <souta.kawahara@almalinux.org>
Date: Thu, 26 Jun 2025 10:40:49 +0900
Subject: [PATCH 3/6] fix: Add warnings for deprecated usage of
 dataClassification in old locations

Signed-off-by: Souta Kawahara <souta.kawahara@almalinux.org>
---
 cyclonedx/model/__init__.py | 3 ---
 cyclonedx/model/service.py  | 6 ++++++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py
index 19e2de36..07aa28d8 100644
--- a/cyclonedx/model/__init__.py
+++ b/cyclonedx/model/__init__.py
@@ -73,9 +73,6 @@ class DataClassification:
     """
     This is our internal representation of the `dataClassificationType` complex type within the CycloneDX standard.
 
-    DataClassification might be deprecated since CycloneDX 1.5, but it is not deprecated in this library.
-    In fact, this library will try to provide a compatibility layer if needed.
-
     .. note::
         See the CycloneDX Schema for dataClassificationType:
         https://cyclonedx.org/docs/1.6/xml/#type_dataClassificationType
diff --git a/cyclonedx/model/service.py b/cyclonedx/model/service.py
index c50bcb25..d009ba6e 100644
--- a/cyclonedx/model/service.py
+++ b/cyclonedx/model/service.py
@@ -26,6 +26,7 @@
 
 from collections.abc import Iterable
 from typing import Any, Optional, Union
+from warnings import warn
 
 import py_serializable as serializable
 from sortedcontainers import SortedSet
@@ -61,6 +62,7 @@ def __init__(
         endpoints: Optional[Iterable[XsUri]] = None,
         authenticated: Optional[bool] = None,
         x_trust_boundary: Optional[bool] = None,
+        # Deprecated since v1.5
         data: Optional[Iterable[DataClassification]] = None,
         licenses: Optional[Iterable[License]] = None,
         external_references: Optional[Iterable[ExternalReference]] = None,
@@ -259,6 +261,10 @@ def data(self) -> 'SortedSet[DataClassification]':
 
     @data.setter
     def data(self, data: Iterable[DataClassification]) -> None:
+        if data:
+            warn('`@.data` is deprecated from CycloneDX v1.5 onwards. '
+                 'Alternative implementation is planned for future versions.',
+                 DeprecationWarning)
         self._data = SortedSet(data)
 
     @property

From 39de6d1a830c9e79c8d37cc4799c3ed762dc98b8 Mon Sep 17 00:00:00 2001
From: Jan Kowalleck <jan.kowalleck@gmail.com>
Date: Thu, 3 Jul 2025 12:41:58 +0200
Subject: [PATCH 4/6] revert warning on `models.service.Service.data`

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
---
 cyclonedx/model/__init__.py | 3 +++
 cyclonedx/model/service.py  | 6 ------
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py
index 07aa28d8..19e2de36 100644
--- a/cyclonedx/model/__init__.py
+++ b/cyclonedx/model/__init__.py
@@ -73,6 +73,9 @@ class DataClassification:
     """
     This is our internal representation of the `dataClassificationType` complex type within the CycloneDX standard.
 
+    DataClassification might be deprecated since CycloneDX 1.5, but it is not deprecated in this library.
+    In fact, this library will try to provide a compatibility layer if needed.
+
     .. note::
         See the CycloneDX Schema for dataClassificationType:
         https://cyclonedx.org/docs/1.6/xml/#type_dataClassificationType
diff --git a/cyclonedx/model/service.py b/cyclonedx/model/service.py
index d009ba6e..c50bcb25 100644
--- a/cyclonedx/model/service.py
+++ b/cyclonedx/model/service.py
@@ -26,7 +26,6 @@
 
 from collections.abc import Iterable
 from typing import Any, Optional, Union
-from warnings import warn
 
 import py_serializable as serializable
 from sortedcontainers import SortedSet
@@ -62,7 +61,6 @@ def __init__(
         endpoints: Optional[Iterable[XsUri]] = None,
         authenticated: Optional[bool] = None,
         x_trust_boundary: Optional[bool] = None,
-        # Deprecated since v1.5
         data: Optional[Iterable[DataClassification]] = None,
         licenses: Optional[Iterable[License]] = None,
         external_references: Optional[Iterable[ExternalReference]] = None,
@@ -261,10 +259,6 @@ def data(self) -> 'SortedSet[DataClassification]':
 
     @data.setter
     def data(self, data: Iterable[DataClassification]) -> None:
-        if data:
-            warn('`@.data` is deprecated from CycloneDX v1.5 onwards. '
-                 'Alternative implementation is planned for future versions.',
-                 DeprecationWarning)
         self._data = SortedSet(data)
 
     @property

From 8bee579621f614bd3c95a84d0f64a6ba2400ece8 Mon Sep 17 00:00:00 2001
From: Jan Kowalleck <jan.kowalleck@gmail.com>
Date: Thu, 3 Jul 2025 12:47:09 +0200
Subject: [PATCH 5/6] revert changes on model.tool

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
---
 cyclonedx/model/tool.py | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/cyclonedx/model/tool.py b/cyclonedx/model/tool.py
index f44ce51c..6b56057f 100644
--- a/cyclonedx/model/tool.py
+++ b/cyclonedx/model/tool.py
@@ -26,11 +26,6 @@
 from py_serializable.helpers import BaseHelper
 from sortedcontainers import SortedSet
 
-try:
-    from warnings import deprecated
-except ImportError:
-    from typing_extensions import deprecated
-
 from .._internal.compare import ComparableTuple as _ComparableTuple
 from ..schema import SchemaVersion
 from ..schema.schema import SchemaVersion1Dot4, SchemaVersion1Dot5, SchemaVersion1Dot6
@@ -42,12 +37,6 @@
     from py_serializable import ObjectMetadataLibrary, ViewType
 
 
-@deprecated(
-    '`Tool` is deprecated from CycloneDX v1.5 onwards. '
-    'This class provides a compatibility layer for backward compatibility '
-    'Use `Component` or `Service` instead, and store data under '
-    '`tools.components` or `tools.services`.'
-)
 @serializable.serializable_class
 class Tool:
     """

From f0e21fcc9e34703144ee91066e95735e6086fe46 Mon Sep 17 00:00:00 2001
From: Jan Kowalleck <jan.kowalleck@gmail.com>
Date: Thu, 3 Jul 2025 12:58:28 +0200
Subject: [PATCH 6/6] adjust imports

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
---
 cyclonedx/serialization/__init__.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cyclonedx/serialization/__init__.py b/cyclonedx/serialization/__init__.py
index d4007da7..21212e64 100644
--- a/cyclonedx/serialization/__init__.py
+++ b/cyclonedx/serialization/__init__.py
@@ -20,6 +20,7 @@
 Set of helper classes for use with ``serializable`` when conducting (de-)serialization.
 """
 
+import sys
 from typing import Any, Optional
 from uuid import UUID
 
@@ -27,9 +28,9 @@
 from packageurl import PackageURL
 from py_serializable.helpers import BaseHelper
 
-try:
+if sys.version_info > (3, 13):
     from warnings import deprecated
-except ImportError:
+else:
     from typing_extensions import deprecated
 
 from ..exception.serialization import CycloneDxDeserializationException, SerializationOfUnexpectedValueException