diff --git a/CHANGELOG.md b/CHANGELOG.md index ea13f1c09..bf6235ed6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,17 +1,97 @@ # CHANGELOG + +## v4.5.0 (2024-06-10) + +### Chore + +* chore: shield_ossf-best-practices subbary + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1a1ad60`](https://github.com/CycloneDX/cyclonedx-python/commit/1a1ad606af261fc0e13095306571b2073ad4b3c3)) + +### Ci + +* ci: modernize artifact action (#737) + +supersedes #625 +supersedes #624 + +--------- + +Signed-off-by: dependabot[bot] <support@github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`1222201`](https://github.com/CycloneDX/cyclonedx-python/commit/122220199bf1185c2c607c2c9774e4f39427e866)) + +### Documentation + +* docs: exclude dep bumps from changelog (#750) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3d02d6a`](https://github.com/CycloneDX/cyclonedx-python/commit/3d02d6ab32d864a6cf9c84a12f60623c6a784c4b)) + +* docs: OSSF best practice badge percentage + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5717803`](https://github.com/CycloneDX/cyclonedx-python/commit/5717803b27f71d6133cce5a5ea91cd87f130626a)) + +### Feature + +* feat: environment - gather declared license information according to PEP639 (#755) + +From python environments, gather additional declared license information +according to [PEP 639](https://peps.python.org/pep-0639) (improving +license clarity with better package metadata). + +New CLI switches for `cyclonedx environment`: +* `--PEP-639`: Enable license gathering according to PEP 639 (improving +license clarity with better package metadata). + The behavior may change during the draft development of the PEP. +* `--gather-license-texts`: Enable license text gathering. + +In current state of implementation, `--gather-license-texts` has effect +only if `--PEP-639` is also given. + + + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e9cc805`](https://github.com/CycloneDX/cyclonedx-python/commit/e9cc8058bb299e98a6f645426a2626bcfa3f06eb)) + +### Refactor + +* refactor: const for purl type `pypi` (#754) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`cba521e`](https://github.com/CycloneDX/cyclonedx-python/commit/cba521ee01aeb7bd3309518b4f46ba71d74abac9)) + +* refactor: `extred` -> `extref` (#753) + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a178d2e`](https://github.com/CycloneDX/cyclonedx-python/commit/a178d2ec62e2af7afab05a9807cc24102ff51a19)) + +### Unknown + +* Create config.yml + +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`f13311b`](https://github.com/CycloneDX/cyclonedx-python/commit/f13311bc691cd494636684a502760b5929cec3fb)) + +* Rename feature_request.md to 1-feature_request.md + +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`c4b15d8`](https://github.com/CycloneDX/cyclonedx-python/commit/c4b15d82b5146d78edd87be2d799ec9be38df6f1)) + +* Rename bug_report.md to 2-bug_report.md + +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`58199a5`](https://github.com/CycloneDX/cyclonedx-python/commit/58199a5c1bdc7fa9092a97a2bd24256e6b79de42)) + + ## v4.4.3 (2024-04-26) ### Fix * fix: do not use `cyclonedx-lib==7.3.1` (#729) -add regression test for #727 -fixes #727 - ---------- - +add regression test for #727 +fixes #727 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`aa715c0`](https://github.com/CycloneDX/cyclonedx-python/commit/aa715c0e94045c35fda7b6908c3c59cb84fb5e0c)) @@ -45,15 +125,15 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`692b8ea`](https: * feat: publish to GHCR (#724) -Tee container image version of the app is also available on GitHubContainerRegistry: <https://github.com/orgs/CycloneDX/packages/container/package/cyclonedx-python> - ---------- - - -Signed-off-by: jxdv <virgoj@protonmail.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: semantic-release <semantic-release@bot.local> -Co-authored-by: jxdv <virgoj@protonmail.com> +Tee container image version of the app is also available on GitHubContainerRegistry: <https://github.com/orgs/CycloneDX/packages/container/package/cyclonedx-python> + +--------- + + +Signed-off-by: jxdv <virgoj@protonmail.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: semantic-release <semantic-release@bot.local> +Co-authored-by: jxdv <virgoj@protonmail.com> Co-authored-by: semantic-release <semantic-release@bot.local> ([`8c18484`](https://github.com/CycloneDX/cyclonedx-python/commit/8c184842af1a790692a898e9437a209a8fa65422)) @@ -63,14 +143,14 @@ Co-authored-by: semantic-release <semantic-release@bot.local> ([`8c18484`] * feat: improve declared licenses detection (#722) -- Add declared licenses from License Troves if not mapped to SPDX -license ID -- CycloneDX 1.6 mark licenses as "declared" - -fixes #718 - ---------- - +- Add declared licenses from License Troves if not mapped to SPDX +license ID +- CycloneDX 1.6 mark licenses as "declared" + +fixes #718 + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0ae453`](https://github.com/CycloneDX/cyclonedx-python/commit/b0ae453e7dc69356ba5e1b987a6b19a31d106909)) @@ -80,7 +160,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b0ae453`](https: * feat: support CycloneDX 1.6 output (#720) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`639b35a`](https://github.com/CycloneDX/cyclonedx-python/commit/639b35ad7e9aa832a4ad9b489a2391348f97fc15)) @@ -99,8 +179,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`93f0184`](https: * fix: docs for default of CLI switch `--mc-type` (#710) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a218b40`](https://github.com/CycloneDX/cyclonedx-python/commit/a218b40ae8bc383e449b69ba3aa5280253387f19)) @@ -110,8 +190,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a218b40`](https: * fix: poetry analyzer crashed with certain optional package's version constraints (#703) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8ade6e1`](https://github.com/CycloneDX/cyclonedx-python/commit/8ade6e18637428e86332ecd1019416dfc121e862)) @@ -133,7 +213,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0d38c7b`](https: * fix: declared license texts as such, not as license name (#694) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ec7ab3e`](https://github.com/CycloneDX/cyclonedx-python/commit/ec7ab3eb3a0aba31ce84227637aa0c91e05e76ba)) @@ -158,10 +238,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2ac3f21`](https: * fix: normalize package extras (#671) -ALL names of package extras are normalized, according to spec <https://packaging.python.org/en/latest/specifications/name-normalization/#name-normalization> - ---------- - +ALL names of package extras are normalized, according to spec <https://packaging.python.org/en/latest/specifications/name-normalization/#name-normalization> + +--------- + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4d550ad`](https://github.com/CycloneDX/cyclonedx-python/commit/4d550ad2467bcfbf3a8705188fd4f15e0dee194e)) @@ -171,7 +251,7 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4d550ad`](https: * feat: support poetry multi-constraint dependencies (#668) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`50d2a4b`](https://github.com/CycloneDX/cyclonedx-python/commit/50d2a4bb1827fc0e7de83a7f78fc0a4d278df93e)) ### Unknown @@ -191,58 +271,58 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`491e875`](https: * feat!: v4.0.0 (#605) - - - ## Changelog - - See also the migration guide in the docs. - - - BC: Removed support for python < 3.8 - - BC: Removed deprecated shell script `cyclonedx-bom`; use `cyclonedx-py` instead - - BC: Removed conda support. However, conda's Python environments are fully supported. See below. - - BC: Removed public API. You may use the CLI instead, see chapter "usage" in the docs. - - BC: Complete redesign of the CommandLineInterface(CLI): - - Uses sub-commands for easy accessibility and divide in specific purposes and domains - - Easy understandable flags, switches and options -- in accordance with the domains - - Updated help pages, added usage examples - - Dozens of new features and fixes, such as: - - _environment_ analyzer supports any Python (virtual) environment -- - including support for, but not limited to: _conda_, _Hatch_, _PDM_, _Pipenv_, _Poetry_, _venv_, _virtualenv_ - - _Poetry_ analyzer support groups, filtering, and such - - _Pipenv_ analyzer support categories, filtering, and such - - _requirements_ analyzer is feature complete and fixed - - More details in the SBOM results (based on method) - - PackageURLs may have more qualifiers (enabled per default, disable via `--short-PURLs`) - - component properties according to [official taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy/blob/main/cdx/) - - SBOM results may be validated (enabled per default, disable via `--no-validate`) - - SBOM results may have dependency graph populated (if supported by method - applies to _environment_ and _Poetry_) - - SBOM results may have root-component populated (if `pyproject` provided) - - SBOM results are more `diff`-friendly and not just one long line of text - - Fixed possible issues with input data encoding - - May omit dev-dependencies or domain-specific groups/categories (if supported by method and issued by CLI switches) - - Strip authentication secrets from (private) download/index URLs - - Support CycloneDX 1.5 - which is the default now - - Upgraded documentation, examples, ... - - Complete rewrite from scratch - - Dependencies were bumped, dropped, added, ... - - QA and test suites were massively enhanced - - - ---------- - -Signed-off-by: Paul Horton <paul.horton@owasp.org> -Signed-off-by: Thomas Graf <thomas.graf@siemens.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> -Signed-off-by: dependabot[bot] <support@github.com> -Signed-off-by: Andreas Fehlner <fehlner@arcor.de> -Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> -Signed-off-by: semantic-release <semantic-release> -Co-authored-by: Paul Horton <paul.horton@owasp.org> -Co-authored-by: Thomas Graf <thomas.graf@siemens.com> -Co-authored-by: semantic-release <semantic-release> -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> -Co-authored-by: github-actions <github-actions@github.com> + + + ## Changelog + + See also the migration guide in the docs. + + - BC: Removed support for python < 3.8 + - BC: Removed deprecated shell script `cyclonedx-bom`; use `cyclonedx-py` instead + - BC: Removed conda support. However, conda's Python environments are fully supported. See below. + - BC: Removed public API. You may use the CLI instead, see chapter "usage" in the docs. + - BC: Complete redesign of the CommandLineInterface(CLI): + - Uses sub-commands for easy accessibility and divide in specific purposes and domains + - Easy understandable flags, switches and options -- in accordance with the domains + - Updated help pages, added usage examples + - Dozens of new features and fixes, such as: + - _environment_ analyzer supports any Python (virtual) environment -- + including support for, but not limited to: _conda_, _Hatch_, _PDM_, _Pipenv_, _Poetry_, _venv_, _virtualenv_ + - _Poetry_ analyzer support groups, filtering, and such + - _Pipenv_ analyzer support categories, filtering, and such + - _requirements_ analyzer is feature complete and fixed + - More details in the SBOM results (based on method) + - PackageURLs may have more qualifiers (enabled per default, disable via `--short-PURLs`) + - component properties according to [official taxonomy](https://github.com/CycloneDX/cyclonedx-property-taxonomy/blob/main/cdx/) + - SBOM results may be validated (enabled per default, disable via `--no-validate`) + - SBOM results may have dependency graph populated (if supported by method - applies to _environment_ and _Poetry_) + - SBOM results may have root-component populated (if `pyproject` provided) + - SBOM results are more `diff`-friendly and not just one long line of text + - Fixed possible issues with input data encoding + - May omit dev-dependencies or domain-specific groups/categories (if supported by method and issued by CLI switches) + - Strip authentication secrets from (private) download/index URLs + - Support CycloneDX 1.5 - which is the default now + - Upgraded documentation, examples, ... + - Complete rewrite from scratch + - Dependencies were bumped, dropped, added, ... + - QA and test suites were massively enhanced + + + +--------- + +Signed-off-by: Paul Horton <paul.horton@owasp.org> +Signed-off-by: Thomas Graf <thomas.graf@siemens.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Signed-off-by: dependabot[bot] <support@github.com> +Signed-off-by: Andreas Fehlner <fehlner@arcor.de> +Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> +Signed-off-by: semantic-release <semantic-release> +Co-authored-by: Paul Horton <paul.horton@owasp.org> +Co-authored-by: Thomas Graf <thomas.graf@siemens.com> +Co-authored-by: semantic-release <semantic-release> +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> +Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Andreas Fehlner <fehlner@arcor.de> ([`6d24e65`](https://github.com/CycloneDX/cyclonedx-python/commit/6d24e656835d1be2705237100b289ae0c3ff51df)) @@ -282,9 +362,9 @@ Automatically generated by python-semantic-release ([`6002e0e`](https://github.c * fix: Custom input encoding (#601) -The custom input specified via CLI's `-i` option did not properly detect the input encoding. -This was fixed. - +The custom input specified via CLI's `-i` option did not properly detect the input encoding. +This was fixed. + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`363934c`](https://github.com/CycloneDX/cyclonedx-python/commit/363934c0bc69ebbb23472f1173bf3c6b1e3c023a)) ### Unknown @@ -321,8 +401,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`4adab1c`](https: * docs: publish coverage (#600) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bd4f48e`](https://github.com/CycloneDX/cyclonedx-python/commit/bd4f48ef7f3c4c890a138c45dbc87f6ca3e2cf7b)) * docs: adjust syntax hilight for code blocks (#592) @@ -337,14 +417,14 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`411cf3d`](https: * fix: input file encoding (#596) -Input files in lock-format are expected in a certain encoding, -other input file encodings are detected. - -fixes https://github.com/CycloneDX/cyclonedx-python/issues/448 - ---------- - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Input files in lock-format are expected in a certain encoding, +other input file encodings are detected. + +fixes https://github.com/CycloneDX/cyclonedx-python/issues/448 + +--------- + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a9dda4b`](https://github.com/CycloneDX/cyclonedx-python/commit/a9dda4bfd0e68529628eab99b6db00fb5214bfc3)) ### Unknown @@ -364,11 +444,11 @@ Signed-off-by: Andreas Fehlner <fehlner@arcor.de> ([`04e1ea8`](https://git * fix: referenced branch `main`, instead of `master` (#562) -somebody renamed the `master` branch to `main`. -but forgot to transition the docs. - -fixed this - +somebody renamed the `master` branch to `main`. +but forgot to transition the docs. + +fixed this + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`830d15c`](https://github.com/CycloneDX/cyclonedx-python/commit/830d15c27fadb475fa9a15918b1d5930cd71834d)) ### Unknown @@ -384,11 +464,11 @@ Automatically generated by python-semantic-release ([`614f6fa`](https://github.c * chore: finish transition to main branch (#561) -somebody renamed the `master` branch to `main`. -but forgot to transition the CI triggers. - -fixed this - +somebody renamed the `master` branch to `main`. +but forgot to transition the CI triggers. + +fixed this + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ea233cb`](https://github.com/CycloneDX/cyclonedx-python/commit/ea233cbfced743859842336bfcc0cdd07ad3a7da)) * chore: rename file for lowest constraints/requirements (#517) @@ -415,13 +495,13 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c8e6d0d`](https: * ci: finish transition to main branch (#560) -somebody renamed the `master` branch to `main`. -but forgot to transition the CI triggers. - -fixed this - -followup of #558 - +somebody renamed the `master` branch to `main`. +but forgot to transition the CI triggers. + +fixed this + +followup of #558 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0ea56c7`](https://github.com/CycloneDX/cyclonedx-python/commit/0ea56c764870240a5636be2ca2ec16ae2e342e43)) * ci: adjust release concurrecncy (#559) @@ -430,11 +510,11 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4b0ceac`](https: * ci: finish transition to main branch (#558) -somebody renamed the `master` branch to `main`. -but forgot to transition the CI triggers. - -fixed this - +somebody renamed the `master` branch to `main`. +but forgot to transition the CI triggers. + +fixed this + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7556eb9`](https://github.com/CycloneDX/cyclonedx-python/commit/7556eb98e4e985304a8afd876c8dd2c79f62d298)) * ci: add build concurrency (#557) @@ -449,10 +529,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c95e384`](https: * fix: fix typo in help page (#552) -`it's` -> `its` - -fixes #551 - +`it's` -> `its` + +fixes #551 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`19bf41a`](https://github.com/CycloneDX/cyclonedx-python/commit/19bf41a52a698ee3ddee5fafc5d293ea3d9427be)) ### Unknown @@ -484,16 +564,16 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2122dba`](https: * docs: fix typos (#482) -* Fix typo - -Signed-off-by: Thomas Beutlich <thomas.beutlich@neocx.de> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* Fix typo + +Signed-off-by: Thomas Beutlich <thomas.beutlich@neocx.de> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`edbe3d4`](https://github.com/CycloneDX/cyclonedx-python/commit/edbe3d4e0ee62396ac10b42dd9ee5d6094817675)) * docs: fix shields (#473) -caused by https://github.com/badges/shields/issues/8671 - +caused by https://github.com/badges/shields/issues/8671 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e32b288`](https://github.com/CycloneDX/cyclonedx-python/commit/e32b28894a8859925f22a1f45aec8608e7cd8bc3)) ### Feature @@ -515,16 +595,16 @@ Automatically generated by python-semantic-release ([`fe5ea31`](https://github.c * docs: improve CONTRIBUTION instructions - sign-off step (#470) - - + + Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`578c0a8`](https://github.com/CycloneDX/cyclonedx-python/commit/578c0a88e63c804b1462e3d3b617f56b53b6012e)) ### Fix * fix: PURL for PyPI packages from 'conda list' have the correct format now (#471) - - + + Signed-off-by: Roland Weber <rolweber@de.ibm.com> ([`1573064`](https://github.com/CycloneDX/cyclonedx-python/commit/157306483a21583d752714a77ad7d0c7395291e5)) ### Unknown @@ -540,10 +620,10 @@ Automatically generated by python-semantic-release ([`7b44aea`](https://github.c * feat: add support for poetry lock format v2.0 (#469) - - -Signed-off-by: tewfik-ghariani <tewfik.ghariani@1und1.de> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + + +Signed-off-by: tewfik-ghariani <tewfik.ghariani@1und1.de> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: tewfik-ghariani <tewfik.ghariani@1und1.de> ([`0b1e07f`](https://github.com/CycloneDX/cyclonedx-python/commit/0b1e07f91aada201088605a84ea394182ce0f10e)) ### Unknown @@ -559,8 +639,8 @@ Automatically generated by python-semantic-release ([`2501bed`](https://github.c * feat: parsers can outbut more debug messages (#466) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9eedb4f`](https://github.com/CycloneDX/cyclonedx-python/commit/9eedb4ff27bb81f4ad323e9fa0f79230b0710032)) ### Unknown @@ -576,7 +656,7 @@ Automatically generated by python-semantic-release ([`895f597`](https://github.c * feat: error- and debug-output is send to STDERR, instead of STDOUT (#465) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f543b69`](https://github.com/CycloneDX/cyclonedx-python/commit/f543b69ee4463df3fb4d4b7c86475562f62e4744)) ### Unknown @@ -596,15 +676,15 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`889a83e`](https: * chore: dependabot interval weekly (#454) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`876ed30`](https://github.com/CycloneDX/cyclonedx-python/commit/876ed30b55300ad4abd4b078609d1b8d6e0e08a5)) ### Fix * fix: ignore broken licenses in env parser (#463) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3118acd`](https://github.com/CycloneDX/cyclonedx-python/commit/3118acdf180b6d8d35a637b3e94dc6ec7c5c5b3d)) ### Unknown @@ -620,34 +700,34 @@ Automatically generated by python-semantic-release ([`de188b8`](https://github.c * chore: Bump flake8-bugbear from 22.8.23 to 22.9.23 (#422) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.8.23 to 22.9.23. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.8.23...22.9.23) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Signed-off-by: dependabot[bot] <support@github.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.8.23 to 22.9.23. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.8.23...22.9.23) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Signed-off-by: dependabot[bot] <support@github.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`b05c55a`](https://github.com/CycloneDX/cyclonedx-python/commit/b05c55a7f191521a4d0b4bda29bdef3d250d8b4a)) ### Ci * ci: test dockerimage with more unique version identifier (#453) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5a7fb9a`](https://github.com/CycloneDX/cyclonedx-python/commit/5a7fb9a374b336ee72852d8f4ccd9bcd0dfe0a36)) * ci: migrate `set-output` to `>> $GITHUB_OUTPUT` (#452) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bf133a3`](https://github.com/CycloneDX/cyclonedx-python/commit/bf133a3c7a436a25bd6930eae7be435747c8b521)) * ci: fix py36 (#451) @@ -658,8 +738,8 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b35e2bf`](https: * fix: adjust dependency `pip-requirements-parser` to a working version (#450) - - + + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6101986`](https://github.com/CycloneDX/cyclonedx-python/commit/610198659be408b5ef17d649aa381944d992a7dd)) ### Unknown @@ -675,10 +755,10 @@ Automatically generated by python-semantic-release ([`d425005`](https://github.c * fix: add a missing space in the help pages `pathto` -> `path to` (#443) -* docs: fix typo `pathto` -> `path to` -* fix(help): added the missing space `pathto` -> `path to` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> +* docs: fix typo `pathto` -> `path to` +* fix(help): added the missing space `pathto` -> `path to` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bc5fe57`](https://github.com/CycloneDX/cyclonedx-python/commit/bc5fe5760565e608387ad7638126869550d65213)) ### Unknown @@ -694,30 +774,30 @@ Automatically generated by python-semantic-release ([`7aff239`](https://github.c * chore(dep): bump and devide `coverage` (#438) -* chore(deps): bump `coverage` -* chore(deps): bump `coverage` locked - +* chore(deps): bump `coverage` +* chore(deps): bump `coverage` locked + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`db051d1`](https://github.com/CycloneDX/cyclonedx-python/commit/db051d12660c5b6cc8209234a48f51b9e0657cec)) ### Ci * ci: enable py311 & bump `poetry` (#437) -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b7d5a4e`](https://github.com/CycloneDX/cyclonedx-python/commit/b7d5a4eb09e2348df34942d2afdf2a149efd9378)) * ci: fix python-version for static-code-analysis (#439) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`86daf68`](https://github.com/CycloneDX/cyclonedx-python/commit/86daf688a12c385406422dae3a582a48d0ca5e82)) ### Fix * fix(EnvironmentParser): reduced crashes if no Classifiers are found (#441) -fixes #440 - +fixes #440 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`67f56e7`](https://github.com/CycloneDX/cyclonedx-python/commit/67f56e7bfa4fb9d50654ebd07ece1ad14377a355)) ### Unknown @@ -733,8 +813,8 @@ Automatically generated by python-semantic-release ([`b2a97e0`](https://github.c * feat: pass purl-bom-ref to EnvironmentParser (#432) - - + + Signed-off-by: a1lu <github.foreshoe@slmail.me> ([`7cfefeb`](https://github.com/CycloneDX/cyclonedx-python/commit/7cfefeb389b3c63b69ad93aeca1a709231da2901)) ### Unknown @@ -750,8 +830,8 @@ Automatically generated by python-semantic-release ([`8c9a65a`](https://github.c * fix(EnvironmentParser): remove code break when classifier parsing in py>=3.8 (#431) - - + + Signed-off-by: a1lu <github.foreshoe@slmail.me> ([`4ab075e`](https://github.com/CycloneDX/cyclonedx-python/commit/4ab075ee814571a8dc8c1e7b962686b232619330)) ### Unknown @@ -782,21 +862,21 @@ Automatically generated by python-semantic-release ([`ddea61e`](https://github.c * chore: Bump packageurl-python from 0.9.9 to 0.10.3 (#416) -Bumps [packageurl-python](https://github.com/package-url/packageurl-python) from 0.9.9 to 0.10.3. -- [Release notes](https://github.com/package-url/packageurl-python/releases) -- [Changelog](https://github.com/package-url/packageurl-python/blob/main/CHANGELOG.rst) -- [Commits](https://github.com/package-url/packageurl-python/compare/v0.9.9...v0.10.3) - ---- -updated-dependencies: -- dependency-name: packageurl-python - dependency-type: direct:production - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - -Signed-off-by: dependabot[bot] <support@github.com> +Bumps [packageurl-python](https://github.com/package-url/packageurl-python) from 0.9.9 to 0.10.3. +- [Release notes](https://github.com/package-url/packageurl-python/releases) +- [Changelog](https://github.com/package-url/packageurl-python/blob/main/CHANGELOG.rst) +- [Commits](https://github.com/package-url/packageurl-python/compare/v0.9.9...v0.10.3) + +--- +updated-dependencies: +- dependency-name: packageurl-python + dependency-type: direct:production + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`2d6dade`](https://github.com/CycloneDX/cyclonedx-python/commit/2d6dadef49c6c2fb6bafb2ef10702125f2af11cb)) ### Fix @@ -818,8 +898,8 @@ Automatically generated by python-semantic-release ([`0a8f8ff`](https://github.c * fix: properly declare licenses from environment (#417) -use named licenses instead of license expressions. - +use named licenses instead of license expressions. + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`25f9e29`](https://github.com/CycloneDX/cyclonedx-python/commit/25f9e29a162f20918b6f1bbe887cc7b18c623c16)) ### Unknown @@ -843,125 +923,125 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b5ceec5`](https: * chore: Bump flake8-bugbear from 22.8.22 to 22.8.23 (#404) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.8.22 to 22.8.23. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.8.22...22.8.23) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-patch -... - -Signed-off-by: dependabot[bot] <support@github.com> - -Signed-off-by: dependabot[bot] <support@github.com> +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.8.22 to 22.8.23. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.8.22...22.8.23) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-patch +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`37f18f8`](https://github.com/CycloneDX/cyclonedx-python/commit/37f18f88337bbfa89f5a40fa203d22aad6b852ef)) * chore: Bump flake8-bugbear from 22.7.1 to 22.8.22 (#403) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.7.1 to 22.8.22. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.7.1...22.8.22) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - -Signed-off-by: dependabot[bot] <support@github.com> +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.7.1 to 22.8.22. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.7.1...22.8.22) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`1b6e7a0`](https://github.com/CycloneDX/cyclonedx-python/commit/1b6e7a062f8598187122599305eebbad5c76915a)) * chore: Bump flake8-isort from 4.1.1 to 4.2.0 (#400) -Bumps [flake8-isort](https://github.com/gforcada/flake8-isort) from 4.1.1 to 4.2.0. -- [Release notes](https://github.com/gforcada/flake8-isort/releases) -- [Changelog](https://github.com/gforcada/flake8-isort/blob/master/CHANGES.rst) -- [Commits](https://github.com/gforcada/flake8-isort/compare/4.1.1...4.2.0) - ---- -updated-dependencies: -- dependency-name: flake8-isort - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-isort](https://github.com/gforcada/flake8-isort) from 4.1.1 to 4.2.0. +- [Release notes](https://github.com/gforcada/flake8-isort/releases) +- [Changelog](https://github.com/gforcada/flake8-isort/blob/master/CHANGES.rst) +- [Commits](https://github.com/gforcada/flake8-isort/compare/4.1.1...4.2.0) + +--- +updated-dependencies: +- dependency-name: flake8-isort + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`b4275e7`](https://github.com/CycloneDX/cyclonedx-python/commit/b4275e7943d4428805c8533da386313c1229a83a)) * chore: Bump types-toml from 0.10.7 to 0.10.8 (#387) -Bumps [types-toml](https://github.com/python/typeshed) from 0.10.7 to 0.10.8. -- [Release notes](https://github.com/python/typeshed/releases) -- [Commits](https://github.com/python/typeshed/commits) - ---- -updated-dependencies: -- dependency-name: types-toml - dependency-type: direct:production - update-type: version-update:semver-patch -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [types-toml](https://github.com/python/typeshed) from 0.10.7 to 0.10.8. +- [Release notes](https://github.com/python/typeshed/releases) +- [Commits](https://github.com/python/typeshed/commits) + +--- +updated-dependencies: +- dependency-name: types-toml + dependency-type: direct:production + update-type: version-update:semver-patch +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`4a68f5f`](https://github.com/CycloneDX/cyclonedx-python/commit/4a68f5fd47c657735f57dceb66c9625d0839e2b3)) * chore: Bump mypy from 0.961 to 0.971 (#390) -Bumps [mypy](https://github.com/python/mypy) from 0.961 to 0.971. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.961...v0.971) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.961 to 0.971. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.961...v0.971) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`f2a7ec4`](https://github.com/CycloneDX/cyclonedx-python/commit/f2a7ec4b2c4919e32d73957e22fb320fb9ca843c)) * chore: Bump tox from 3.25.0 to 3.25.1 (#384) -Bumps [tox](https://github.com/tox-dev/tox) from 3.25.0 to 3.25.1. -- [Release notes](https://github.com/tox-dev/tox/releases) -- [Changelog](https://github.com/tox-dev/tox/blob/master/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/tox/compare/3.25.0...3.25.1) - ---- -updated-dependencies: -- dependency-name: tox - dependency-type: direct:development - update-type: version-update:semver-patch -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [tox](https://github.com/tox-dev/tox) from 3.25.0 to 3.25.1. +- [Release notes](https://github.com/tox-dev/tox/releases) +- [Changelog](https://github.com/tox-dev/tox/blob/master/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/tox/compare/3.25.0...3.25.1) + +--- +updated-dependencies: +- dependency-name: tox + dependency-type: direct:development + update-type: version-update:semver-patch +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`cfd4a73`](https://github.com/CycloneDX/cyclonedx-python/commit/cfd4a736e2e8df83d6d998cadb68eeb822d6a8b1)) * chore: Bump flake8-bugbear from 22.6.22 to 22.7.1 (#385) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.6.22 to 22.7.1. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.6.22...22.7.1) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.6.22 to 22.7.1. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.6.22...22.7.1) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`3ac5df9`](https://github.com/CycloneDX/cyclonedx-python/commit/3ac5df95f45675c1780b6c8cb7a9e2ecf422da81)) ### Documentation @@ -974,16 +1054,16 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`c04196e`](https: * docs: Minor updates to poetry usage details & contributing.md (#407) -* docs: fix minor typo in poetry usage docs -* docs: update commit flag in contribution guidelines - +* docs: fix minor typo in poetry usage docs +* docs: update commit flag in contribution guidelines + Signed-off-by: Emily Schultz <emilyschultz16@gmail.com> ([`0abe230`](https://github.com/CycloneDX/cyclonedx-python/commit/0abe23049b5423f55b3e0951a00047f4e3f93056)) ### Feature * feat: enable dependency `cyclonedx-python-lib@^3` (#418) - + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`05cd51e`](https://github.com/CycloneDX/cyclonedx-python/commit/05cd51e1da261d29fb5c3e1722544a8f00a0cfcd)) ### Unknown @@ -1003,19 +1083,19 @@ docs: describe command line usages as `cyclonedx-py` rather than `cyclonedx-bom` * chore: Bump flake8-bugbear from 22.4.25 to 22.6.22 (#376) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.4.25 to 22.6.22. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.4.25...22.6.22) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.4.25 to 22.6.22. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.4.25...22.6.22) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7139bb0`](https://github.com/CycloneDX/cyclonedx-python/commit/7139bb093e9c7b3585abaf193a2dee5a63c1ec1b)) ### Feature @@ -1089,43 +1169,43 @@ Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.githu * chore: Bump mypy from 0.960 to 0.961 (#365) -Bumps [mypy](https://github.com/python/mypy) from 0.960 to 0.961. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.960...v0.961) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.960 to 0.961. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.960...v0.961) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`3bab869`](https://github.com/CycloneDX/cyclonedx-python/commit/3bab86909701f7e6a3af8815969625aeed2dfdc4)) * chore: Bump mypy from 0.942 to 0.960 (#356) -* chore: Bump mypy from 0.942 to 0.960 - -Bumps [mypy](https://github.com/python/mypy) from 0.942 to 0.960. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.942...v0.960) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - -* chore: try type fixes - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> +* chore: Bump mypy from 0.942 to 0.960 + +Bumps [mypy](https://github.com/python/mypy) from 0.942 to 0.960. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.942...v0.960) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + +* chore: try type fixes + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b62fc5e`](https://github.com/CycloneDX/cyclonedx-python/commit/b62fc5e2e8bfe2f85765b0e566f4d119dee20b8b)) ### Feature @@ -1136,12 +1216,12 @@ Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`b62fc5e`](https * test: extend `TestRequirementsParser` to check `hashes` (#368) -* Extend TestRequirementsParser.test_example_with_hashes() to check hashes - -Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> - -* Add additional test for hash. - +* Extend TestRequirementsParser.test_example_with_hashes() to check hashes + +Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> + +* Add additional test for hash. + Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com> ([`e2be444`](https://github.com/CycloneDX/cyclonedx-python/commit/e2be444b8db7dd12031f3e9b481dfdae23f3e59e)) ### Unknown @@ -1198,89 +1278,89 @@ Signed-off-by: Rodney Richardson <rodney.richardson@cambridgeconsultants.com& * chore: Bump cyclonedx-python-lib from 2.1.0 to 2.4.0 (#353) -Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 2.1.0 to 2.4.0. -- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) -- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) -- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v2.1.0...v2.4.0) - ---- -updated-dependencies: -- dependency-name: cyclonedx-python-lib - dependency-type: direct:production - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 2.1.0 to 2.4.0. +- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) +- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) +- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v2.1.0...v2.4.0) + +--- +updated-dependencies: +- dependency-name: cyclonedx-python-lib + dependency-type: direct:production + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`350297e`](https://github.com/CycloneDX/cyclonedx-python/commit/350297ee11cfaa312f4d4d08b983ac7c3d0ca719)) * chore: Bump flake8-bugbear from 22.3.23 to 22.4.25 (#351) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.3.23 to 22.4.25. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.3.23...22.4.25) +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.3.23 to 22.4.25. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.3.23...22.4.25) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`ecfb175`](https://github.com/CycloneDX/cyclonedx-python/commit/ecfb17560f1be39e1d28aa64f009344871db4162)) ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... +* chore: Bump tox from 3.24.5 to 3.25.0 (#345) -Signed-off-by: dependabot[bot] <support@github.com> +Bumps [tox](https://github.com/tox-dev/tox) from 3.24.5 to 3.25.0. +- [Release notes](https://github.com/tox-dev/tox/releases) +- [Changelog](https://github.com/tox-dev/tox/blob/master/docs/changelog.rst) +- [Commits](https://github.com/tox-dev/tox/compare/3.24.5...3.25.0) + +--- +updated-dependencies: +- dependency-name: tox + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`194d287`](https://github.com/CycloneDX/cyclonedx-python/commit/194d2878fe088f8f1a680cc4eb95504c046d34a2)) -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`ecfb175`](https://github.com/CycloneDX/cyclonedx-python/commit/ecfb17560f1be39e1d28aa64f009344871db4162)) +* chore: Bump actions/download-artifact from 2 to 3 (#343) -* chore: Bump tox from 3.24.5 to 3.25.0 (#345) +Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3. +- [Release notes](https://github.com/actions/download-artifact/releases) +- [Commits](https://github.com/actions/download-artifact/compare/v2...v3) + +--- +updated-dependencies: +- dependency-name: actions/download-artifact + dependency-type: direct:production + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> + +Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`259351e`](https://github.com/CycloneDX/cyclonedx-python/commit/259351ea468c7d7642be4640783e76826a56d39a)) -Bumps [tox](https://github.com/tox-dev/tox) from 3.24.5 to 3.25.0. -- [Release notes](https://github.com/tox-dev/tox/releases) -- [Changelog](https://github.com/tox-dev/tox/blob/master/docs/changelog.rst) -- [Commits](https://github.com/tox-dev/tox/compare/3.24.5...3.25.0) - ---- -updated-dependencies: -- dependency-name: tox - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`194d287`](https://github.com/CycloneDX/cyclonedx-python/commit/194d2878fe088f8f1a680cc4eb95504c046d34a2)) - -* chore: Bump actions/download-artifact from 2 to 3 (#343) - -Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3. -- [Release notes](https://github.com/actions/download-artifact/releases) -- [Commits](https://github.com/actions/download-artifact/compare/v2...v3) - ---- -updated-dependencies: -- dependency-name: actions/download-artifact - dependency-type: direct:production - update-type: version-update:semver-major -... - -Signed-off-by: dependabot[bot] <support@github.com> - -Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`259351e`](https://github.com/CycloneDX/cyclonedx-python/commit/259351ea468c7d7642be4640783e76826a56d39a)) - -* chore: Bump actions/upload-artifact from 2 to 3 (#342) - -Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. -- [Release notes](https://github.com/actions/upload-artifact/releases) -- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3) - ---- -updated-dependencies: -- dependency-name: actions/upload-artifact - dependency-type: direct:production - update-type: version-update:semver-major -... - -Signed-off-by: dependabot[bot] <support@github.com> +* chore: Bump actions/upload-artifact from 2 to 3 (#342) +Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. +- [Release notes](https://github.com/actions/upload-artifact/releases) +- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3) + +--- +updated-dependencies: +- dependency-name: actions/upload-artifact + dependency-type: direct:production + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`4b74fa0`](https://github.com/CycloneDX/cyclonedx-python/commit/4b74fa064b40051bbe0e2aad298caecff6ef7940)) ### Ci @@ -1301,10 +1381,10 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`72c4967`](https://gi * fix: add actively used (transitive) dependencies (#363) -* ci: add test with lowest dependencies -* fix: have some typings corrected -* fix: add actively used (transitive) dependencies - +* ci: add test with lowest dependencies +* fix: have some typings corrected +* fix: add actively used (transitive) dependencies + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1f45ad9`](https://github.com/CycloneDX/cyclonedx-python/commit/1f45ad9162be511f07e9310414793218c554a097)) ### Unknown @@ -1349,54 +1429,54 @@ fix: cli default file name for json format ([`929e26d`](https://github.com/Cyclo * chore: Bump cyclonedx-python-lib from 2.0.0 to 2.1.0 (#340) -Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 2.0.0 to 2.1.0. -- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) -- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) -- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v2.0.0...v2.1.0) - ---- -updated-dependencies: -- dependency-name: cyclonedx-python-lib - dependency-type: direct:production - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 2.0.0 to 2.1.0. +- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) +- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) +- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v2.0.0...v2.1.0) + +--- +updated-dependencies: +- dependency-name: cyclonedx-python-lib + dependency-type: direct:production + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`171aafe`](https://github.com/CycloneDX/cyclonedx-python/commit/171aafe8daf2ca3fc0ec15b7aa2d0cacf3c208e4)) * chore: Bump mypy from 0.941 to 0.942 (#339) -Bumps [mypy](https://github.com/python/mypy) from 0.941 to 0.942. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.941...v0.942) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.941 to 0.942. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.941...v0.942) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`7cb551c`](https://github.com/CycloneDX/cyclonedx-python/commit/7cb551c182d05d3cc54bf2c5cca5f408c96fa4cd)) * chore: Bump flake8-bugbear from 22.3.20 to 22.3.23 (#336) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.3.20 to 22.3.23. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.3.20...22.3.23) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-patch -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.3.20 to 22.3.23. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.3.20...22.3.23) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-patch +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`11fcb60`](https://github.com/CycloneDX/cyclonedx-python/commit/11fcb60d8be0e95ad44e2b3d6d7431c9a1e018e1)) * chore: dependabot prefixes with `chore` and scope (#324) @@ -1415,23 +1495,23 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`8747620`](https: * test: fix malformed or wrong test setups (#333) -* test: corrected malformed/broken tests - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* test: fix tests and fixtures - -Signed-off-by: Mostafa Moradian <mostafamoradian0@gmail.com> - -* test: corrected malformed/broken tests - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fix: fix style and remove unnecessary package - -Signed-off-by: Mostafa Moradian <mostafamoradian0@gmail.com> -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - +* test: corrected malformed/broken tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* test: fix tests and fixtures + +Signed-off-by: Mostafa Moradian <mostafamoradian0@gmail.com> + +* test: corrected malformed/broken tests + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fix: fix style and remove unnecessary package + +Signed-off-by: Mostafa Moradian <mostafamoradian0@gmail.com> +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + Co-authored-by: Mostafa Moradian <mostafamoradian0@gmail.com> ([`0ff6493`](https://github.com/CycloneDX/cyclonedx-python/commit/0ff6493dd59d2e8efafd35d4460847525e590937)) ### Unknown @@ -1453,53 +1533,53 @@ feat: make package/module callable ([`193f1a4`](https://github.com/CycloneDX/cyc * chore: Bump flake8-bugbear from 22.1.11 to 22.3.20 (#335) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.1.11 to 22.3.20. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.1.11...22.3.20) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 22.1.11 to 22.3.20. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/22.1.11...22.3.20) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`5e344e2`](https://github.com/CycloneDX/cyclonedx-python/commit/5e344e223a19048c896b394bf1e6fe1a3a8d4855)) * chore: Bump mypy from 0.940 to 0.941 (#330) -Bumps [mypy](https://github.com/python/mypy) from 0.940 to 0.941. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.940...v0.941) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.940 to 0.941. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.940...v0.941) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`c02d770`](https://github.com/CycloneDX/cyclonedx-python/commit/c02d770cf18a57e118347a0a57db29ae65919c35)) * chore: Bump mypy from 0.931 to 0.940 (#329) -Bumps [mypy](https://github.com/python/mypy) from 0.931 to 0.940. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.931...v0.940) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.931 to 0.940. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.931...v0.940) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`133ef9f`](https://github.com/CycloneDX/cyclonedx-python/commit/133ef9f432253923b7533852cbf5ba637363002e)) ### Documentation @@ -1536,10 +1616,10 @@ Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5b3d8d7`](https: * fix(conda-parser): version recognition for strings (#332) -conda packacge string parser no longer raises unexpected errors, -if the build-number is non-numeric. -fixes #331 - +conda packacge string parser no longer raises unexpected errors, +if the build-number is non-numeric. +fixes #331 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65246dd`](https://github.com/CycloneDX/cyclonedx-python/commit/65246ddfa9a55ce53fbf87f33b1f269c519f9b3a)) ### Unknown @@ -1563,37 +1643,37 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`8d7d6b6`](https://gi * chore: Bump actions/setup-python from 2 to 3 (#322) -Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3. -- [Release notes](https://github.com/actions/setup-python/releases) -- [Commits](https://github.com/actions/setup-python/compare/v2...v3) - ---- -updated-dependencies: -- dependency-name: actions/setup-python - dependency-type: direct:production - update-type: version-update:semver-major -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3. +- [Release notes](https://github.com/actions/setup-python/releases) +- [Commits](https://github.com/actions/setup-python/compare/v2...v3) + +--- +updated-dependencies: +- dependency-name: actions/setup-python + dependency-type: direct:production + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`69de237`](https://github.com/CycloneDX/cyclonedx-python/commit/69de237fb6bd327f7e2a6f1047122dfafb65e388)) * chore: Bump actions/checkout from 2.4.0 to 3 (#323) -Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3. -- [Release notes](https://github.com/actions/checkout/releases) -- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) -- [Commits](https://github.com/actions/checkout/compare/v2.4.0...v3) - ---- -updated-dependencies: -- dependency-name: actions/checkout - dependency-type: direct:production - update-type: version-update:semver-major -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3. +- [Release notes](https://github.com/actions/checkout/releases) +- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) +- [Commits](https://github.com/actions/checkout/compare/v2.4.0...v3) + +--- +updated-dependencies: +- dependency-name: actions/checkout + dependency-type: direct:production + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`cae737f`](https://github.com/CycloneDX/cyclonedx-python/commit/cae737f2b6fcbb9c44f7d6602260bc460da23858)) * chore: make isort and flake8-isort available @@ -1716,10 +1796,10 @@ Automatically generated by python-semantic-release ([`f7ca95c`](https://github.c * Merge pull request #316 from CycloneDX/feat/update-lib-2.0.x -feat: bump to latest `cyclonedx-python-lib` - -feat: Added marker and classifiers to denote this as typed (#313) - +feat: bump to latest `cyclonedx-python-lib` + +feat: Added marker and classifiers to denote this as typed (#313) + BREAKING CHANGE: bump to latest `cyclonedx-python-lib` ([`4700399`](https://github.com/CycloneDX/cyclonedx-python/commit/4700399a6ca9121324f361ce696a90f7345a8fc4)) * 2.1.0 @@ -1757,8 +1837,8 @@ Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`689e7e9`](https://gi * fix: docker image releae checkout ref w/o `tags` (#309) -fixes #308 - +fixes #308 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5d8b1e1`](https://github.com/CycloneDX/cyclonedx-python/commit/5d8b1e159c2ced59e810b9e9564e19a29fe263d0)) ### Unknown @@ -1774,18 +1854,18 @@ Automatically generated by python-semantic-release ([`8379712`](https://github.c * fix: properly support reading from stdin (#307) -* Adjust cli when reading from stdin. - -Bind reading from stdin on specifying `-i -`. This is part of -[`argparse.FileType`](https://docs.python.org/3/library/argparse.html?highlight=pseudo-argument#argparse.FileType). - -Local tests under the following conditions: - - * implicit reading `poetry.lock` using args `-p -o -` - * explicit reading `poetry.lock` using args `-p -i poetry.lock -o -` - * explicit reading `poetry.lock` file after renaming using - `cat p.lock | python -m cyclonedx_py.client -p -i - -o -` - +* Adjust cli when reading from stdin. + +Bind reading from stdin on specifying `-i -`. This is part of +[`argparse.FileType`](https://docs.python.org/3/library/argparse.html?highlight=pseudo-argument#argparse.FileType). + +Local tests under the following conditions: + + * implicit reading `poetry.lock` using args `-p -o -` + * explicit reading `poetry.lock` using args `-p -i poetry.lock -o -` + * explicit reading `poetry.lock` file after renaming using + `cat p.lock | python -m cyclonedx_py.client -p -i - -o -` + Signed-off-by: Theodor van Nahl <theo@van-nahl.org> ([`23f31a0`](https://github.com/CycloneDX/cyclonedx-python/commit/23f31a03a4fbf888f396b88a9413c054358b2a3a)) ### Unknown @@ -1805,43 +1885,43 @@ link to pep8 ([`4f87341`](https://github.com/CycloneDX/cyclonedx-python/commit/4 * chore: add CI artifacts and improve build consistency (#290) -fixes #292 -prep for #289 - +fixes #292 +prep for #289 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`185b300`](https://github.com/CycloneDX/cyclonedx-python/commit/185b30071acc2fb310e4632a7a1b735b9cc9382e)) * chore: Bump flake8-bugbear from 21.11.29 to 22.1.11 (#301) -Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.11.29 to 22.1.11. -- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) -- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.11.29...22.1.11) - ---- -updated-dependencies: -- dependency-name: flake8-bugbear - dependency-type: direct:development - update-type: version-update:semver-major -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.11.29 to 22.1.11. +- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases) +- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/21.11.29...22.1.11) + +--- +updated-dependencies: +- dependency-name: flake8-bugbear + dependency-type: direct:development + update-type: version-update:semver-major +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`1b6e042`](https://github.com/CycloneDX/cyclonedx-python/commit/1b6e0422d6932dac0accbad78169b850602162ca)) * chore: Bump mypy from 0.930 to 0.931 (#297) -Bumps [mypy](https://github.com/python/mypy) from 0.930 to 0.931. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.930...v0.931) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.930 to 0.931. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.930...v0.931) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`19b285c`](https://github.com/CycloneDX/cyclonedx-python/commit/19b285c9590cc4a66c07a32bcbbd54df8839dc7b)) * chore: corrected next version @@ -1904,220 +1984,220 @@ Signed-off-by: Paul Horton <phorton@sonatype.com> ([`8343c0d`](https://git * chore: Bump cyclonedx-python-lib from 0.12.2 to 0.12.3 (#285) -Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 0.12.2 to 0.12.3. -- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) -- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) -- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v0.12.2...v0.12.3) - ---- -updated-dependencies: -- dependency-name: cyclonedx-python-lib - dependency-type: direct:production - update-type: version-update:semver-patch -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 0.12.2 to 0.12.3. +- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) +- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) +- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v0.12.2...v0.12.3) + +--- +updated-dependencies: +- dependency-name: cyclonedx-python-lib + dependency-type: direct:production + update-type: version-update:semver-patch +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`2ef2b3e`](https://github.com/CycloneDX/cyclonedx-python/commit/2ef2b3eb767ed45c329390abc2800927c6324948)) * chore: Bump mypy from 0.920 to 0.930 (#288) -Bumps [mypy](https://github.com/python/mypy) from 0.920 to 0.930. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.920...v0.930) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.920 to 0.930. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.920...v0.930) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`a58ed74`](https://github.com/CycloneDX/cyclonedx-python/commit/a58ed740fd5f6a603d76a0308d69551a186f8c65)) * chore: update `flake8` to v4 and add `autopep8` (#283) -closes #275 - -update locked dependencies: - • Updating pycodestyle (2.7.0 -> 2.8.0) - • Updating pyflakes (2.3.1 -> 2.4.0) - • Updating flake8 (3.9.2 -> 4.0.1) - • Installing autopep8 (1.6.0) - • Updating flake8-annotations (2.0.1 -> 2.7.0) - +closes #275 + +update locked dependencies: + • Updating pycodestyle (2.7.0 -> 2.8.0) + • Updating pyflakes (2.3.1 -> 2.4.0) + • Updating flake8 (3.9.2 -> 4.0.1) + • Installing autopep8 (1.6.0) + • Updating flake8-annotations (2.0.1 -> 2.7.0) + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`87aa348`](https://github.com/CycloneDX/cyclonedx-python/commit/87aa3487864ca94cab3c2c9dff3c263f0a849c21)) * chore: Bump mypy from 0.910 to 0.920 (#286) -Bumps [mypy](https://github.com/python/mypy) from 0.910 to 0.920. -- [Release notes](https://github.com/python/mypy/releases) -- [Commits](https://github.com/python/mypy/compare/v0.910...v0.920) - ---- -updated-dependencies: -- dependency-name: mypy - dependency-type: direct:development - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [mypy](https://github.com/python/mypy) from 0.910 to 0.920. +- [Release notes](https://github.com/python/mypy/releases) +- [Commits](https://github.com/python/mypy/compare/v0.910...v0.920) + +--- +updated-dependencies: +- dependency-name: mypy + dependency-type: direct:development + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`a2dc03f`](https://github.com/CycloneDX/cyclonedx-python/commit/a2dc03f15a994361c973e97f2f9c406a41f9d7cd)) * chore: build(deps): Bump cyclonedx-python-lib from 0.11.1 to 0.12.2 (#282) -Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 0.11.1 to 0.12.2. -- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) -- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) -- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v0.11.1...v0.12.2) - ---- -updated-dependencies: -- dependency-name: cyclonedx-python-lib - dependency-type: direct:production - update-type: version-update:semver-minor -... - -Signed-off-by: dependabot[bot] <support@github.com> - +Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 0.11.1 to 0.12.2. +- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) +- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) +- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v0.11.1...v0.12.2) + +--- +updated-dependencies: +- dependency-name: cyclonedx-python-lib + dependency-type: direct:production + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> + Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> ([`6b51a66`](https://github.com/CycloneDX/cyclonedx-python/commit/6b51a66094afa5e424d8548724e5d09ea3851f7d)) * chore: remove dev-container (#265) -closes #262 - +closes #262 + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`16349cb`](https://github.com/CycloneDX/cyclonedx-python/commit/16349cbef449ded638c0fdcba01d3b1a6978678a)) ### Documentation * docs: readme maintenance - shields & links (#266) -* README: added typehint to the vode blocks - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: fixed fenced-code and lists - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: shields got modernixed and linked - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* README: harmonized links - +* README: added typehint to the vode blocks + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: fixed fenced-code and lists + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: shields got modernixed and linked + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* README: harmonized links + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a34046f`](https://github.com/CycloneDX/cyclonedx-python/commit/a34046f9b4c96d013fdf2dbdac5e930aa9204e15)) ### Feature * feat: add support for CycloneDX 1.4 specification (#294) -* feat: add support for output to CycloneDX 1.4 (draft) -feat: Error with return code 2 if attempting to output in JSON and SchemaVersion < 1.2 -test: Multiple tests added - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fix: addressed flake8 issues -fix: added missing bump to dependencies - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* fix: corrected import - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* ci: removed poetry cache as broken? - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* bump to latest RC for cyclonedx-python-lib - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* doc: migration to RTD (#296) - -* doc: migration to RTD. - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: removed references to schema version 1.4 - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* doc: updates to include schema version - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* doc: cleanup - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: BREAKING CHANGE - relocated concrete parsers (#299) -BREAKING CHANGE Concrete Parsers now reside in this project, not `cyclonedx-python-lib` - -* re-located tests for Utils - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* feat: BREAKING CHANGE - relocated concrete parsers from `cyclonedx-python-lib` -doc: updated to reflect breaking changes -dod: added changelog - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* feat: BREAKING CHANGE - relocated concrete parsers from `cyclonedx-python-lib` -doc: updated to reflect breaking changes -dod: added changelog - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: removed schema validation from unit tests as this is performed in upstream library `cyclonedx-python-lib` - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: removed schema validation from unit tests as this is performed in upstream library `cyclonedx-python-lib` - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: add pre-release manual GH workflow - -Signed-off-by: Paul Horton <phorton@sonatype.com> -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: bump to latest RC of `cyclonedx-python-lib` - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* added `purl` into `Component`s output by parsers - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* Ignore type for packageurl imports - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* doc: corrected project title - -Signed-off-by: Paul Horton <paul.horton@owasp.org> - -* chore: bump to released version of `cyclonedx-python-lib` - +* feat: add support for output to CycloneDX 1.4 (draft) +feat: Error with return code 2 if attempting to output in JSON and SchemaVersion < 1.2 +test: Multiple tests added + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fix: addressed flake8 issues +fix: added missing bump to dependencies + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* fix: corrected import + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* ci: removed poetry cache as broken? + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* bump to latest RC for cyclonedx-python-lib + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* doc: migration to RTD (#296) + +* doc: migration to RTD. + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: removed references to schema version 1.4 + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* doc: updates to include schema version + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* doc: cleanup + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: BREAKING CHANGE - relocated concrete parsers (#299) +BREAKING CHANGE Concrete Parsers now reside in this project, not `cyclonedx-python-lib` + +* re-located tests for Utils + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* feat: BREAKING CHANGE - relocated concrete parsers from `cyclonedx-python-lib` +doc: updated to reflect breaking changes +dod: added changelog + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* feat: BREAKING CHANGE - relocated concrete parsers from `cyclonedx-python-lib` +doc: updated to reflect breaking changes +dod: added changelog + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: removed schema validation from unit tests as this is performed in upstream library `cyclonedx-python-lib` + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: removed schema validation from unit tests as this is performed in upstream library `cyclonedx-python-lib` + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: add pre-release manual GH workflow + +Signed-off-by: Paul Horton <phorton@sonatype.com> +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: bump to latest RC of `cyclonedx-python-lib` + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* added `purl` into `Component`s output by parsers + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* Ignore type for packageurl imports + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* doc: corrected project title + +Signed-off-by: Paul Horton <paul.horton@owasp.org> + +* chore: bump to released version of `cyclonedx-python-lib` + Signed-off-by: Paul Horton <paul.horton@owasp.org> ([`7bb6d32`](https://github.com/CycloneDX/cyclonedx-python/commit/7bb6d328adec59cdd4c3ab80eb5f39568ca3bc9c)) ### Test @@ -2134,12 +2214,12 @@ Automatically generated by python-semantic-release ([`958af1a`](https://github.c * doc: migration to RTD (#296) -* doc: migration to RTD. - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* doc: removed references to schema version 1.4 - +* doc: migration to RTD. + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* doc: removed references to schema version 1.4 + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`1744f4d`](https://github.com/CycloneDX/cyclonedx-python/commit/1744f4d77a16e135a26fdf28a5367dd187ad7502)) * Update CONTRIBUTING.md ([`1175c84`](https://github.com/CycloneDX/cyclonedx-python/commit/1175c8433a36ac5c98020e3fb04fe619bf9d994b)) @@ -2219,12 +2299,12 @@ Automatically generated by python-semantic-release ([`7586867`](https://github.c * fix: Re-enable build and publish of Docker Image (#263) -* fix: update `Dockerfile` to use Python 3.10 - -Signed-off-by: Paul Horton <phorton@sonatype.com> - -* ci: renable publishing of Docker Images - +* fix: update `Dockerfile` to use Python 3.10 + +Signed-off-by: Paul Horton <phorton@sonatype.com> + +* ci: renable publishing of Docker Images + Signed-off-by: Paul Horton <phorton@sonatype.com> ([`478360d`](https://github.com/CycloneDX/cyclonedx-python/commit/478360db0de269159ab6e3777cd291b87e2e1174)) ### Unknown @@ -2240,12 +2320,12 @@ Automatically generated by python-semantic-release ([`dd31888`](https://github.c * feat: support for Python 3.10 (#261) -* enabled py3.10 tests in CI - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* add py-version classifiers - +* enabled py3.10 tests in CI + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* add py-version classifiers + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`f4f9ffe`](https://github.com/CycloneDX/cyclonedx-python/commit/f4f9ffe4b1e2d4fffe4ad0b274a067a20c9c372f)) ### Unknown @@ -2277,49 +2357,49 @@ Automatically generated by python-semantic-release ([`8050477`](https://github.c * FIX: add static code analysis, better typing and bump to `cyclonedx-python-lib` >= `0.11.0` -* fixed some tox issues - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* add more QA - -bumped `cyclonedx-python-lib` to the version that opened type-checks -added QA tools: `mypy`, `flake8-annotations`, `flake8-bugbear` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* gitignore alternative paths of `venv` - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* gh-action CI no longer failes fast - -this allowes to run all tests, regardless of failes in parallel tests of the matrix - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* add missing return types - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* make mypy pass - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* tests dont run subprocesses in the shell - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* unittest run in verbose mode - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* fix windows tox run - -Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> - -* make tests a module - +* fixed some tox issues + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* add more QA + +bumped `cyclonedx-python-lib` to the version that opened type-checks +added QA tools: `mypy`, `flake8-annotations`, `flake8-bugbear` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* gitignore alternative paths of `venv` + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* gh-action CI no longer failes fast + +this allowes to run all tests, regardless of failes in parallel tests of the matrix + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* add missing return types + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* make mypy pass + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* tests dont run subprocesses in the shell + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* unittest run in verbose mode + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* fix windows tox run + +Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> + +* make tests a module + Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3080b57`](https://github.com/CycloneDX/cyclonedx-python/commit/3080b571c2561268d90b0ecee17788da9046893b)) @@ -3491,7 +3571,7 @@ Support requirements.txt with local files ([`f476f4f`](https://github.com/Cyclon * Support requirements.txt with local files -It's possible for the requirements.txt file to have local file listings. These do not have 'name' values, and so cause a runtime error when trying to concatenate a NoneType with a string. Test for 'local_file' requirements and skip them when generating bom. +It's possible for the requirements.txt file to have local file listings. These do not have 'name' values, and so cause a runtime error when trying to concatenate a NoneType with a string. Test for 'local_file' requirements and skip them when generating bom. See https://requirements-parser.readthedocs.io/en/latest/usage.html#parsing-requirement-specifiers ([`97d0cde`](https://github.com/CycloneDX/cyclonedx-python/commit/97d0cdebc4f3895bb5f2304c9ae9da931082bf4b)) * Update README.rst ([`89b488b`](https://github.com/CycloneDX/cyclonedx-python/commit/89b488b2f0e08c5368b26ab7352cace98598404d)) diff --git a/cyclonedx_py/__init__.py b/cyclonedx_py/__init__.py index 1fad3ae5a..f188e778d 100644 --- a/cyclonedx_py/__init__.py +++ b/cyclonedx_py/__init__.py @@ -15,7 +15,7 @@ # !! version is managed by `semantic_release` # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "4.4.3" # noqa:Q000 +__version__ = "4.5.0" # noqa:Q000 # There is no stable/public API. # However, you might call the stable CLI instead, like so: diff --git a/docs/conf.py b/docs/conf.py index 4b8472d30..e85aa3c93 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -22,7 +22,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = "4.4.3" +release = "4.5.0" # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 09fe02cc9..159c59fd8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,7 +7,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] # keep in sync with `cyclonedx_py/_internal/utils/cdx.py` name = "cyclonedx-bom" -version = "4.4.3" +version = "4.5.0" description = "CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments" authors = [ "Jan Kowalleck ",