-
-
Notifications
You must be signed in to change notification settings - Fork 40
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
- Loading branch information
1 parent
96386cc
commit 0ac84d7
Showing
3 changed files
with
66 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| Upgrading to v8 | ||
| =============== | ||
|
|
||
| Version 8 is not backwards compatible. Some behaviours and integrations changed. | ||
| This document covers all breaking changes and should give guidance how to migrate from previous versions. | ||
|
|
||
| This document is not a full :doc:`change log <changelog>`, but a migration path. | ||
|
|
||
| Add this library to Metadata Tools | ||
| ---------------------------------- | ||
|
|
||
| This library no longer adds itself to the metadata. | ||
|
|
||
| Downstream users SHOULD add the following to their BOM build processes, | ||
| to keep track of used libraries during the build process. | ||
|
|
||
| .. code-block:: python | ||
| from cyclonedx.builder.this import this_component as cdx_lib_component | ||
| from cyclonedx.model.bom import Bom | ||
| bom = Bom() | ||
| bom.metadata.tools.components.add(cdx_lib_component()) | ||
| Import model Tool | ||
| ----------------- | ||
|
|
||
| Class `cyclonedx.model.Tool` was moved to :class:`cyclonedx.model.tool.Tool`. | ||
| Therefore, the imports need to be migrated: | ||
|
|
||
| Old: ``from cyclonedx.model import Tool`` | ||
|
|
||
| New: ``from cyclonedx.model.tool import Tool`` | ||
|
|
||
| Alter Metadata Tools | ||
| -------------------- | ||
|
|
||
| Property :attr:`cyclonedx.model.bom.BomMetaData.tools` is an instance of :class:`cyclonedx.model.tool.ToolsRepository`, now. | ||
| Therefore, the process of adding new tools needs to be migrated changed. | ||
|
|
||
| Old: ``my_bom.metadata.tools.add(my_tool)`` | ||
|
|
||
| New: ``my_bom.metadata.tools.tools.add(my_tool)`` | ||
|
|
||
| Alter Vulnerability Tools | ||
| ------------------------- | ||
|
|
||
| Property :attr:`cyclonedx.model.vulnerability.Vulnerability.tools` is an instance of :class:`cyclonedx.model.tool.ToolsRepository`, now. | ||
| Therefore, the process of adding new tools needs to be migrated changed. | ||
|
|
||
| Old: ``my_vulnerability.tools.add(my_tool)`` | ||
|
|
||
| New: ``my_vulnerability.tools.tools.add(my_tool)`` | ||
|
|
||
| Set LicenseExpression Acknowledgement | ||
| ------------------------------------- | ||
|
|
||
| :class:`cyclonedx.model.license.LicenseExpression()` no longer accepts optional arguments in a positional way, but in a key-word way. | ||
|
|
||
| Old: ``LicenseExpression(my_exp, my_acknowledgement)`` | ||
|
|
||
| New: ``LicenseExpression(my_exp, acknowledgement=my_acknowledgement)`` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters