Releases: CycloneDX/cyclonedx-python-lib
v4.1.0
v4.1.0 (2023-08-27)
Chore
- chore: migrate to python-semantic-release8 (#421)
Signed-off-by: Jan Kowalleck <[email protected]> (14c501c)
- chore: migrate to python-semantic-release8 (#420)
Signed-off-by: Jan Kowalleck <[email protected]> (0e35d88)
- chore: migrate to python-semantic-release8 (#419)
Signed-off-by: Jan Kowalleck <[email protected]> (adf5a36)
- chore(deps-dev): bump distlib from 0.3.6 to 0.3.7 (#412)
Bumps distlib from 0.3.6 to 0.3.7.
updated-dependencies:
- dependency-name: distlib
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (bc9f01d)
- chore(deps-dev): bump pluggy from 1.0.0 to 1.2.0 (#413)
Bumps pluggy from 1.0.0 to 1.2.0.
updated-dependencies:
- dependency-name: pluggy
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (be8af3e)
- chore(deps-dev): bump typed-ast from 1.5.4 to 1.5.5 (#411)
Bumps typed-ast from 1.5.4 to 1.5.5.
updated-dependencies:
- dependency-name: typed-ast
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (75302b1)
- chore(deps-dev): bump lxml from 4.9.2 to 4.9.3 (#405)
Bumps lxml from 4.9.2 to 4.9.3.
updated-dependencies:
- dependency-name: lxml
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (6aa057b)
- chore(deps-dev): bump mypy from 1.4.0 to 1.4.1 (#400)
Bumps mypy from 1.4.0 to 1.4.1.
updated-dependencies:
- dependency-name: mypy
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (54d6a1a)
Ci
- ci: streamline concurrency for deploy (#406)
Signed-off-by: Jan Kowalleck <[email protected]> (6a7ddfa)
-
ci: run examples on prod-deps only (#402)
-
ci: run examples on prod-deps only
Signed-off-by: Jan Kowalleck <[email protected]>
- ci: simplify ci
Signed-off-by: Jan Kowalleck <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]> (cf40048)
- ci: run examples (#401)
Signed-off-by: Jan Kowalleck <[email protected]> (058f386)
Documentation
- docs(examples): showcase shorthand dependency management (#403)
Signed-off-by: Jan Kowalleck <[email protected]> (8b32efb)
Feature
- feat: programmatic access to library's version (#417)
adds cyclonedx.__version__
Signed-off-by: Jan Kowalleck <[email protected]> (3585ea9)
v4.0.1
v4.0.0
Feature
Breaking
- Large portions of this library have been re-written for this release and many methods and contracts have changed. (
8fb1b14) - Model classes changed to relocated Vulnerability at Bom, not at Component (
8fb1b14) - Model classes changed to relocated Vulnerability at Bom, not at Component (
8fb1b14) - (
8fb1b14)
v3.1.5
v3.1.4
v3.1.3
v3.1.2
v3.1.1
v3.1.0
Feature
Note: There was no 3.0.0 release officially, but due to CI publishing issues, an unexpected 3.0.0 release was publiched to PyPi and subsequently yanked from PyPi. There are NO breaking changes between 2.7.1 and 3.1.0.
v2.7.1
What's Changed
- chore(deps-dev): bump flake8-isort from 4.1.1 to 4.1.2.post0 by @dependabot in #280
- fix: BOM validation fails when Components or Services are nested by @madpah in #276
Full Changelog: v2.7.0...v2.7.1
