Releases: CycloneDX/cyclonedx-python-lib
v4.2.0
v4.2.0 (2023-09-06)
Chore
- chore(deps): bump python-semantic-release/python-semantic-release (#423)
Bumps python-semantic-release/python-semantic-release from 8.0.7 to 8.0.8.
updated-dependencies:
- dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (13e441d
)
Feature
- feat: complete SPDX license expression (#425)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (e06f9fd
)
v4.1.0
v4.1.0 (2023-08-27)
Chore
- chore: migrate to python-semantic-release8 (#421)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (14c501c
)
- chore: migrate to python-semantic-release8 (#420)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (0e35d88
)
- chore: migrate to python-semantic-release8 (#419)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (adf5a36
)
- chore(deps-dev): bump distlib from 0.3.6 to 0.3.7 (#412)
Bumps distlib from 0.3.6 to 0.3.7.
updated-dependencies:
- dependency-name: distlib
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (bc9f01d
)
- chore(deps-dev): bump pluggy from 1.0.0 to 1.2.0 (#413)
Bumps pluggy from 1.0.0 to 1.2.0.
updated-dependencies:
- dependency-name: pluggy
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (be8af3e
)
- chore(deps-dev): bump typed-ast from 1.5.4 to 1.5.5 (#411)
Bumps typed-ast from 1.5.4 to 1.5.5.
updated-dependencies:
- dependency-name: typed-ast
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (75302b1
)
- chore(deps-dev): bump lxml from 4.9.2 to 4.9.3 (#405)
Bumps lxml from 4.9.2 to 4.9.3.
updated-dependencies:
- dependency-name: lxml
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (6aa057b
)
- chore(deps-dev): bump mypy from 1.4.0 to 1.4.1 (#400)
Bumps mypy from 1.4.0 to 1.4.1.
updated-dependencies:
- dependency-name: mypy
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (54d6a1a
)
Ci
- ci: streamline concurrency for deploy (#406)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (6a7ddfa
)
-
ci: run examples on prod-deps only (#402)
-
ci: run examples on prod-deps only
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
- ci: simplify ci
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (cf40048
)
- ci: run examples (#401)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (058f386
)
Documentation
- docs(examples): showcase shorthand dependency management (#403)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (8b32efb
)
Feature
- feat: programmatic access to library's version (#417)
adds cyclonedx.__version__
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (3585ea9
)
v4.0.1
v4.0.0
Feature
Breaking
- Large portions of this library have been re-written for this release and many methods and contracts have changed. (
8fb1b14
) - Model classes changed to relocated Vulnerability at Bom, not at Component (
8fb1b14
) - Model classes changed to relocated Vulnerability at Bom, not at Component (
8fb1b14
) - (
8fb1b14
)
v3.1.5
v3.1.4
v3.1.3
v3.1.2
v3.1.1
v3.1.0
Feature
Note: There was no 3.0.0 release officially, but due to CI publishing issues, an unexpected 3.0.0 release was publiched to PyPi and subsequently yanked from PyPi. There are NO breaking changes between 2.7.1 and 3.1.0.