v6.0.0-rc.1

Breaking Changes

• Removed symbols that were already marked as deprecated (via #493)
• Removed symbols in parser.* (#489 via #495)
• Removed output.LATEST_SUPPORTED_SCHEMA_VERSION (#491 via #494)
• Serialization of unsupported enum values might downgrade/migrate/omit them (#490 via #496)
  Handling might raise warnings if a data loss occurred due to omitting.
  The result is a guaranteed valid XML/JSON, since no (enum-)invalid values are rendered.
• Serialization of any model.component.Component with unsupported type raises exception.serialization.SerializationOfUnsupportedComponentTypeException (#490 via #496)

Added

• Basic support for CycloneDX 1.5 (#404 via #488)
  • No data models were enhanced nor added, yet.
    Pull requests to add functionality are welcome.
  • Existing enumerable got new cases, to reflect features of CycloneDX 1.5 (#404 via #488)
  • Outputters were enabled to render CycloneDX 1.5 (#404 via #488)

Tests

• Created (regression/unit/integration/functional) tests for CycloneDX 1.5 (#404 via #488)
• Created (regression/functional) tests for Enums' handling and completeness (#490 via #496)

Misc

• Bumped dependency py-serializable@^0.16, was @^0.15 (via #496)

---

API Changes — the details for migration

• Added new sub-package exception.serialization (via #496)
• Enum model.ExternalReferenceType got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
• Enum model.component.ComponentType got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
• Removed model.component.Component.__init__()'s optional kwarg namespace (via #493)
  Use kwarg group instead.
• Removed model.component.Component.__init__()'s optional kwarg license_str (via #493)
  Use kwarg licenses instead.
• Removed method model.component.Component.get_namespace() (via #493)
• Removed model.vulnerability.Vulnerability.__init__()'s optional kwarg source_name (via #493)
  Use kwarg source instead.
• Removed model.vulnerability.Vulnerability.__init__()'s optional kwarg source_url (via #493)
  Use kwarg source instead.
• Removed model.vulnerability.Vulnerability.__init__()'s optional kwarg recommendations (via #493)
  Use kwarg recommendation instead.
• Removed model.vulnerability.VulnerabilityRating.__init__()'s optional kwarg score_base (via #493)
  Use kwarg score instead.
• Enum model.vulnerability.VulnerabilityScoreSource got new cases, to reflect features for CycloneDX 1.5 (#404 via #488)
• Removed output.LATEST_SUPPORTED_SCHEMA_VERSION (#491 via #494)
• Removed deprecated function output.get_instance() (via #493)
  Use function output.make_outputter() instead.
• Added new class output.json.JsonV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)
• Added new item to dict output.json.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)
• Added new class output.xml.XmlV1Dot5, to reflect CycloneDX 1.5 (#404 via #488)
• Added new item to dict output.xml.BY_SCHEMA_VERSION, to reflect CycloneDX 1.5 (#404 via #488)
• Removed class parser.ParserWarning (#489 via #495)
• Removed class parser.BaseParser (#489 via #495)
• Enum schema.SchemaVersion got new case V1_5, to reflect CycloneDX 1.5 (#404 via #488)

---

What's Changed

• chore(deps-dev): update flake8-isort requirement from 6.1.0 to 6.1.1 by @dependabot in #481
• chore: mograte dev-dependencies to new poetry layout by @jkowalleck in #482
• chore(deps-dev): update ddt requirement from 1.6.0 to 1.7.0 by @dependabot in #483
• chore(deps-dev): update mypy requirement from 1.6.1 to 1.7.0 by @dependabot in #484
• docs: keywords & funding by @jkowalleck in #486
• chore(deps-dev): update mypy requirement from 1.7.0 to 1.7.1 by @dependabot in #487
• feat: add basic support for CDX 1.5 by @Churro and @jkowalleck in #488
• Remove deprecated 6.0.0 by @jkowalleck in #493
• bc: remove const output.LATEST_SUPPORTED_SCHEMA_VERSION by @jkowalleck in #494
• bc: remove parser API by @jkowalleck in #495
• Feat: prevent unknwon enums from rendering by @jkowalleck in #496

Full Changelog: v5.1.1...v6.0.0-rc.1