diff --git a/CHANGELOG.md b/CHANGELOG.md index d27fe25f..10b9d20b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,246 @@ +## v5.0.0-rc.1 (2023-10-11) + +### Breaking + +* chore!: bump major version to v5 + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bae8a84`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bae8a84e7aa329780f91f49212c15f4d8c13ddcb)) + +### Chore + +* chore: revisit license headers + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1e963bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1e963bd3d7e6c7d9437e41a34ecd622e0d32f3d8)) + +* chore: clean deps + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ac6ad0e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac6ad0ed5b5933f03d1132c3bbce0ada1915fc40)) + +* chore: remove encoding hint (#459) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`37219c3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37219c321ac7ce5b507a0c0a74776f8204b400bf)) + +* chore: Update CONTRIBUTING.md + +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`0ebaa21`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0ebaa216d43a1389362dbdb33f9b49f43a21ab66)) + +* chore: config sem-release + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`839fe11`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/839fe114bafac6117879175eb54a8759b7ef8963)) + +* chore: sem-release config + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`18b4eca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18b4eca2c0fe2a2b4f1ca79976719c1afa0816bc)) + +* chore: absolute tet imports + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`39e0eb9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/39e0eb9af29a13e1cad6a073e5eb20955e492484)) + +* chore(build): test before release + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5cb695e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5cb695ebf9989f9bdefaa6823f5814d5c2fe9998)) + +* chore: init 5.0.0-dev + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0a3ae26`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a3ae26f8fe50e1dc03fb72fb7fdba51654c7f8b)) + +### Ci + +* ci: publish coverage report to codacy (#439) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0012a82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0012a82382f9f33831a80aa0e26c0cbb7fd8984b)) + +### Documentation + +* docs: fix hilighter + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9d49280`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9d49280b680a4f8a7c4b8795f35928584e29baee)) + +* docs: fix typo + +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`6adc98f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6adc98f66da94b7bac987bc5b25da7099498fe3a)) + +### Feature + +* feat: support python 3.12 (#460) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eaba7a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eaba7a048de190bce0797fb9ce40c4e2de49c5d9)) + +* feat: options for beautiful output (#458) + +add indention to outputters. this may come at a cost! + + +Breaking Changes +------------------ +* abstract Method `output.BaseOutput.output_as_string()` got new optional kwarg `indent` +* abstract Method `output.BaseOutput.output_as_string()` accepts arbitrary kwargs + +Changed +---------- +* XML output uses a default namespace, which makes results smaller. + + +Added +------------------ +* All outputters' method `output_as_string()` got new optional kwarg `indent` +* All outputters' method `output_as_string()` accepts arbitrary kwargs +* All outputters' method `output_to_file()` got new optional kwarg `indent` +* All outputters' method `output_to_file()` accepts arbitrary kwargs + +----- + +- [x] implementation +- [x] tests (snapshot binary compare; structural equal compare) + +----- + +enables https://github.com/CycloneDX/cyclonedx-python/issues/424 +fixes #437 +fixes #438 +supersedes #449 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3bcd9e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bcd9e99a58b74c9dc1fc474b468e67fc92fb7c4)) + +* feat: easy access validators (#448) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1c9ea9e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c9ea9e22e53933347a8f366c5fc06febe811757)) + +* feat: add CycloneDX document validators to public API (#433) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a4f5ec5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4f5ec5d63d576c04bcef5c0b6641f6c47164cfb)) + +### Fix + +* fix: multiple licenses issue #365 (#466) + +breaking changes +------------------ +* Reworked license related models and collections +* API + * Removed class `factory.license.LicenseChoiceFactory` + The old functionality was integrated into `factory.license.LicenseFactory`. + * Method `factory.license.LicenseFactory.make_from_string()`'s parameter `name_or_spdx` was renamed to `value` + * Method `factory.license.LicenseFactory.make_from_string()`'s return value can also be a `LicenseExpression` + The behavior imitates the old `factory.license.LicenseChoiceFactory.make_from_string()` + * Renamed class `module.License` to `module.license.DisjunctliveLicense` + * Removed class `module.LicenseChoice` + Use dedicated classes `module.license.DisjunctliveLicense` and `module.license.LicenseExpression` instead + * All occurrences of `models.LicenseChoice` were replaced by `models.licenses.License` + * All occurrences of `SortedSet[LicenseChoice]` were specialized to `models.license.LicenseRepository` + + +fixes +------------------ +* serialization of multy-licenses #365 + +added +------------------ +* API + * Method `factory.license.LicenseFactory.make_with_expression()` + * Class `model.license.DisjunctiveLicense` + * Class `model.license.LicenseExpression` + * Class `model.license.LicenseRepository` + * Class `serialization.LicenseRepositoryHelper` + +tests +------------------ +* added regression test for bug #365 + +misc +------------------ +* raised dependency `py-serializable@^9.15` + + + +---- + +fixes #365 + +~~BLOCKED by a feature request to serializer: <https://github.com/madpah/serializable/pull/32>~~ + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6770786`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67707864ac0f1b27bac166a8fd537ea38523fe6f)) + +* fix: typing for `kwargs` (#462) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2240b4d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2240b4dda824c13bc563bce1574dffe563016ac2)) + +* fix: tuple stuff (#461) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`84c6504`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/84c6504fc92d1207135f7719b6b6477fae7950cb)) + +* fix: `bom.validate()` detects invalid license constellations (#452) + + + +If a LicenseExpression is set, then there must be no other license. + +fixes #453 + + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`16843b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/16843b29086d8f871a7239c33beb930543cfde45)) + +### Performance + +* perf: make validation more secure + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5d7b86c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d7b86c0ba84fe17becc53b2ccf4385113f90905)) + +### Unknown + +* tests for backwards compatibility of #365 (#467) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4c2ef14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c2ef14017467980509bdb69f937b5098d8c0965)) + +* tests: snapshots and complete deep comparison, instead of pseudo-compare (#464) + +part of https://github.com/CycloneDX/cyclonedx-python-lib/issues/437 +also fixed a bug: unused first level dependencies were not detected. now they are. + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7543789`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75437896c04e352b51d83e6e52cf94874347f4a6)) + +* Feat: typing, typehints, & overload (#463) + +also: bump `py-serializable@^0.14.0` + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a68ae24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68ae2464539d07ed0fc037aa1e315e5ccda054a)) + +* Merge branch 'main' into 5.0.0-dev ([`c8c2183`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8c218366298ccc340e769fa180204e79a9a0f3e)) + +* tests: use internal json strict validation + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7186b52`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7186b52a540e478196799ef7a3580f48f77544e9)) + +* proper enums (#447) + +fixes #442 +part of #446 + +BREAKING CHANGE + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`06b5eb0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06b5eb03d479e9908b9b62bcee48d23a873dd4ba)) + +* typo + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3de2493`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3de24936533a51c0cbf61de4b19785ee7407526c)) + +* Drop py37 (#441) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1571d21`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1571d21057b11f11cb81e74a5a702f7f30582b09)) + + ## v4.2.2 (2023-09-14) ### Chore diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index d51cb1fa..6ff0623a 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -20,4 +20,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "5.0.0-alpha.1" +__version__ = "5.0.0-rc.1" diff --git a/docs/conf.py b/docs/conf.py index 4225ce4e..9bc5732e 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -20,7 +20,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '5.0.0-alpha.1' +release = '5.0.0-rc.1' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 33762aee..223f1035 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "5.0.0-rc.0" +version = "5.0.0-rc.1" description = "A library for producing CycloneDX SBOM (Software Bill of Materials) files." authors = [ "Paul Horton ",