Releases · CycloneDX/cyclonedx-webpack-plugin

Option specVersion defaults to "1.6", was "1.4" (#1329 via #1333)
Emit $.metadata.tools as components (#1330 via #1331)
This affects only CycloneDX spec-version 1.5 and later.
Emitted .purl values might be partially url-encoded (via #1331)
This is caused by changes on underlying 3rd-party dependency packageurl-js.

Added

Emit "webpack" as part of $.metadata.tools (via #1354)

Dependencies

Upgraded runtime-dependency @cyclonedx/cyclonedx-library@^7.0.0, was @^6.11.0 (via #1331)

Build

Use TypeScript v5.7.3 now, was v5.6.3 (via #1351)

What's Changed

chore(deps-dev): bump typescript from 5.6.3 to 5.7.3 in the typescript group across 1 directory by @dependabot in #1351
feat: tools as components by @jkowalleck in #1331
feat!: emit defaults to CycloneDX1.6 by @jkowalleck in #1333
feat: emit webpack as metadata.tools by @jkowalleck in #1354

Full Changelog: v3.17.0...v4.0.0

Contributors

jkowalleck and dependabot

Assets 3

10 Jan 10:34

github-actions

v3.17.0

0e406b7

3.17.0

Added

Configuration option for rootComponentVCS (#1344 via #1350)

What's Changed

feat: add rootComponentVCS configuration by @jeremylong in #1350

Full Changelog: v3.16.0...v3.17.0

Contributors

jeremylong

Assets 3

08 Jan 12:47

github-actions

v3.16.0

48701a7

3.16.0

Added

Configuration option for rootComponentBuildSystem (#1344 via #1349)

What's Changed

build: do not bundle sourvcemaps by @jkowalleck in #1341
build: do not emit comments by @jkowalleck in #1342
feat: add rootComponentBuildSystem configuration by @jeremylong in #1349

New Contributors

@jeremylong made their first contribution in #1349

Full Changelog: v3.15.1...v3.16.0

Contributors

jeremylong and jkowalleck

Assets 3

03 Dec 14:12

github-actions

v3.15.1

affddd5

3.15.1

Fixed

Properly detect license evidences like LICEN[CS]E.{Apache,BSD,GPL,MIT} (#1337 via #1339)

What's Changed

refactor: remove unnessessary lowercase by @jkowalleck in #1327
fix: Properly detect license evidences like LICEN[CS]E.{Apache,BSD,GPL,MIT} by @jkowalleck in #1339

Full Changelog: v3.15.0...v3.15.1

Contributors

jkowalleck

Assets 3

19 Oct 11:52

github-actions

v3.15.0

50e2a07

3.15.0

Added
- Extended license evidence collection to also find *.LICEN[CS]E files (#1321 via #1322)
Build
- Use TypeScript v5.6.3 now, was v5.6.2 (via #1320)

What's Changed

tests: modernize-1.6 by @jkowalleck in #1317
refactor: type of CycloneDxWebpackPluginOptions.collectEvidence inherited by @jkowalleck in #1318
docs: example uses specVersion:1.6 and collectEvidence:true by @jkowalleck in #1319
tests: yarn setup not modify intended version by @jkowalleck in #1323
feat: license evidence *.licen[cs]e by @jkowalleck in #1322
chore(deps-dev): bump typescript from 5.6.2 to 5.6.3 in the typescript group by @dependabot in #1320

Full Changelog: v3.14.0...v3.15.0

Contributors

jkowalleck and dependabot

Assets 3

08 Oct 09:54

github-actions

v3.14.0

33939cb

3.14.0

Added

Feature for collecting (license) evidence (#676 via #1309, #1312)
Controlled with option collectEvidence, disabled by default.

Build

Use TypeScript v5.6.2 now, was v5.5.3 (via #1302, #1306)

What's Changed

chore(deps-dev): bump typescript from 5.5.3 to 5.5.4 in the typescript group by @dependabot in #1302
chore(deps-dev): bump typescript from 5.5.4 to 5.6.2 in the typescript group by @dependabot in #1306
feat: collect evidences for license by @Frozen-byte in #1309
refactor: helpers by @jkowalleck in #1313
fix: pollish evidence gathering by @jkowalleck in #1312
chore(dev-deps): bump some eslint by @jkowalleck in #1314
chore: migrate to npm-run-all2 by @jkowalleck in #1315

New Contributors

@Frozen-byte made their first contribution in #1309

Full Changelog: v3.13.0...v3.14.0

Contributors

jkowalleck, Frozen-byte, and dependabot

Assets 3

21 Jul 09:29

github-actions

v3.13.0

ebe1394

3.13.0

Dependencies

Upgraded runtime-dependency @cyclonedx/cyclonedx-library@^6.11.0, was @^6.6.0 (via #1300)
This was done to incorporate non-breaking upstream changes and fixes.

Build

Use TypeScript v5.5.3 now, was v5.4.5 (via #1296)

What's Changed

tests: testbed vue2 cli by @jkowalleck in #1297
tests: package manifest repository by @jkowalleck in #1299
deps: cyclonedx library 6.11.0 by @jkowalleck in #1300
chore(deps-dev): bump typescript from 5.4.5 to 5.5.3 in the typescript group across 1 directory by @dependabot in #1296

Full Changelog: v3.12.0...v3.13.0

Contributors

jkowalleck and dependabot

Assets 3

17 Jun 14:00

github-actions

v3.12.0

9f8296a

3.12.0

Changed

Improved package detection (#1284 via #1286)

What's Changed

tests: yarn setup by @jkowalleck in #1288
feat: enhance package.json finder by @reey in #1286
chore(deb-deps): bump some deps by @jkowalleck in #1290

New Contributors

@reey made their first contribution in #1286

Full Changelog: v3.11.0...v3.12.0

Contributors

jkowalleck and reey

Assets 3

08 May 16:07

github-actions

v3.11.0

913c22c

3.11.0

Added

Licenses acknowledgement might be populated (#1274 via #1281)

Misc

Raised dependency @cyclonedx/cyclonedx-library@^6.6.0, was @^6.5.0 (via #1281)

What's Changed

chore(ci): use node 22 by @jkowalleck in #1278
Ci/modernize artifact action by @jkowalleck in #1279
feat: license acknowledgement by @jkowalleck in #1281

Full Changelog: v3.10.0...v3.11.0

Contributors

jkowalleck

Assets 3

Releases: CycloneDX/cyclonedx-webpack-plugin

4.0.1

Fixed

What's Changed

Contributors

4.0.0

BREAKING Changes

Added

Dependencies

Build

What's Changed

Contributors

3.17.0

Added

What's Changed

Contributors

3.16.0

Added

What's Changed

New Contributors

Contributors

3.15.1

Fixed

What's Changed

Contributors

3.15.0

What's Changed

Contributors

3.14.0

Added

Build

What's Changed

New Contributors

Contributors

3.13.0

Dependencies

Build

What's Changed

Contributors

3.12.0

Changed

What's Changed

New Contributors

Contributors

3.11.0

Added

Misc

What's Changed

Contributors