v7.6.1

v7.6.1 (2024-09-18)

Fix

• fix: file copyright headers (#676)

utilizes flake8 plugin
<https://pypi.org/project/flake8-copyright-validator/> to assert the
correct headers

Signed-off-by: Jan Kowalleck <[email protected]> (35e00b4)

---

What's Changed

• chore(deps-dev): update tox requirement from 4.17.1 to 4.18.0 by @dependabot in #664
• chore(deps-dev): update flake8-bugbear requirement from 24.4.26 to 24.8.19 by @dependabot in #666
• chore(deps-dev): update mypy requirement from 1.11.1 to 1.11.2 by @dependabot in #668
• chore(deps-dev): update tox requirement from 4.18.0 to 4.18.1 by @dependabot in #670
• chore(deps): update sphinx requirement from <8,>=7.2.6 to >=7.2.6,<9 by @dependabot in #656
• fix: file copyright headers by @jkowalleck in #676

Full Changelog: v7.6.0...v7.6.1

v7.6.0

v7.6.0 (2024-08-14)

Feature

• feat: HashType.from_composite_str for Blake2b, SHA3, Blake3 (#663)

The code mistreated hashes for Blake2b and SHA3.
Code for explicitly handling SHA1 & BLAKE3 was added, as those have no
variants defined in the CycloneDX specification.

fixes #652

---

Signed-off-by: Michael Schlenker <[email protected]>
Co-authored-by: Michael Schlenker <[email protected]>
Co-authored-by: Jan Kowalleck <[email protected]> (c59036e)

---

What's Changed

• chore(deps-dev): update coverage requirement from 7.5.4 to 7.6.0 by @dependabot in #647
• chore(deps-dev): update mypy requirement from 1.10.1 to 1.11.0 by @dependabot in #651
• chore(deps-dev): update mypy requirement from 1.11.0 to 1.11.1 by @dependabot in #655
• chore(deps-dev): update tox requirement from 4.16.0 to 4.17.1 by @dependabot in #662
• chore(deps-dev): update flake8 requirement from 7.1.0 to 7.1.1 by @dependabot in #661
• chore(deps-dev): update coverage requirement from 7.6.0 to 7.6.1 by @dependabot in #660
• feat: HashType.from_composite_str for Blake2b, SHA3, Blake3 by @schlenk in #663

Full Changelog: v7.5.1...v7.6.0

v7.5.1

v7.5.1 (2024-07-08)

Fix

• fix: XML serialize normalizedString and token properly (#646)

fixes #638

---

Signed-off-by: Jan Kowalleck <[email protected]> (b40f739)

---

What's Changed

• chore(deps-dev): update tox requirement from 4.15.1 to 4.16.0 by @dependabot in #644
• fix: XML serialize normalizedString and token properly by @jkowalleck in #646

Full Changelog: v7.5.0...v7.5.1

v7.5.0

v7.5.0 (2024-07-04)

Feature

• feat: add workaround property for v1.5 and v1.6 (#642)

Property workaround was missing from the vulnerability model. It was
added in spec v1.5 and was marked as TODO before.

This is my first contribution on this project so if I done something
wrong, just say me 😃

Signed-off-by: Louis Maillard <[email protected]>
Signed-off-by: Louis Maillard <[email protected]>
Co-authored-by: Louis Maillard <[email protected]> (b5ebcf8)

Style

• style: model args - one per line (#643)

this should make future PR reviews easier, since adding new args in the
middle will not cause complete code blocks to change, but is just a new
line ...

Signed-off-by: Jan Kowalleck <[email protected]> (5b74b0f)

---

What's Changed

• chore(deps-dev): update bandit requirement from 1.7.8 to 1.7.9 by @dependabot in #634
• chore(deps-dev): update flake8 requirement from 7.0.0 to 7.1.0 by @dependabot in #637
• chore(deps-dev): update mypy requirement from 1.10.0 to 1.10.1 by @dependabot in #639
• chore(deps-dev): update coverage requirement from 7.5.3 to 7.5.4 by @dependabot in #641
• chore(deps-dev): update autopep8 requirement from 2.2.0 to 2.3.1 by @dependabot in #640
• style: model args - one per line by @jkowalleck in #643
• feat: add workaround property for v1.5 and v1.6 by @loulou123546 in #642

New Contributors

• @loulou123546 made their first contribution in #642

Full Changelog: v7.4.1...v7.5.0

v7.4.1

v7.4.1 (2024-06-12)

Chore

• chore: rollback py sem release matcher

Signed-off-by: Jan Kowalleck <[email protected]> (c33a130)

Documentation

• docs: exclude dep bumps from changelog (#627)

fixes #616

---

Signed-off-by: Jan Kowalleck <[email protected]> (60361f7)

Fix

• fix: cyclonedx.model.Property.value value is optional (#631)

cyclonedx.model.Property.value value is optional, in accordance with
the spec.

fixes #630

---

Signed-off-by: Michael Schlenker <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]>
Co-authored-by: Michael Schlenker <[email protected]>
Co-authored-by: Jan Kowalleck <[email protected]> (ad0f98b)

v7.4.0

v7.4.0 (2024-05-23)

Documentation

• docs: OSSP best practice percentage

Signed-off-by: Jan Kowalleck <[email protected]> (75f58dc)

Feature

• feat: updated SPDX license list to v3.24.0 (#622)

Signed-off-by: Jan Kowalleck <[email protected]> (3f9770a)

---

What's Changed

• chore(deps-dev): update flake8-annotations requirement from 3.0.1 to 3.1.0 by @dependabot in #615
• chore(deps-dev): update flake8-annotations requirement from 3.1.0 to 3.1.1 by @dependabot in #618
• chore(deps-dev): update pep8-naming requirement from 0.13.3 to 0.14.1 by @dependabot in #619
• chore(deps-dev): update xmldiff requirement from 2.6.3 to 2.7.0 by @dependabot in #620
• feat: updated SPDX license list to v3.24.0 by @jkowalleck in #622

Full Changelog: v7.3.4...v7.4.0

v7.3.4

v7.3.4 (2024-05-06)

Fix

• fix: allow suppliers with empty-string names (#611)

fixes #600

---

Signed-off-by: Jan Kowalleck <[email protected]> (b331aeb)

---

What's Changed

• fix: allow suppliers with empty-string names by @jkowalleck in #611

Full Changelog: v7.3.3...v7.3.4

v7.3.3

v7.3.3 (2024-05-06)

Chore

• chore: shield_ossf-best-practices subbary

Signed-off-by: Jan Kowalleck <[email protected]> (0d00496)

• chore(ci): update GH action versions (#606)

Signed-off-by: Paul Horton <[email protected]> (6d1bc5b)

Fix

• fix: json validation allow arbitrary $schema value (#613)

fixes #612

---

Signed-off-by: Jan Kowalleck <[email protected]> (08b7c60)

---

What's Changed

• chore(deps-dev): update mypy requirement from 1.9.0 to 1.10.0 by @dependabot in #602
• chore(deps-dev): update flake8-bugbear requirement from 24.2.6 to 24.4.26 by @dependabot in #604
• chore(deps-dev): update coverage requirement from 7.4.4 to 7.5.0 by @dependabot in #605
• chore(deps-dev): update tox requirement from 4.14.2 to 4.15.0 by @dependabot in #603
• chore(ci): update GH action versions by @madpah in #606
• chore(deps-dev): update coverage requirement from 7.5.0 to 7.5.1 by @dependabot in #608
• fix: json validation allow arbitrary $schema value by @jkowalleck in #613

Full Changelog: v7.3.2...v7.3.3

v7.3.2

v7.3.2 (2024-04-26)

Fix

• fix: properly sort components based on all properties (#599)

reverts #587 - as this one introduced errors
fixes #598
fixes #586

---

Signed-off-by: Jan Kowalleck <[email protected]>
Signed-off-by: Paul Horton <[email protected]>
Co-authored-by: Paul Horton <[email protected]> (8df488c)

v7.3.1

v7.3.1 (2024-04-22)

Chore

• chore: semantic-release git commit/sign valid email address

Signed-off-by: Jan Kowalleck <[email protected]> (d437c40)

Fix

• fix: include all fields of Component in __lt__ function for #586 (#587)

Fixes #586.

Signed-off-by: Paul Horton <[email protected]> (d784685)