1.4
Added support for Vulnerability Exploitability Exchange (VEX), a standard release notes format, improved hardware device support and many other small improvements.
Announcement: https://cyclonedx.org/news/cyclonedx-v1.4-released/
What's Changed
- Added external references support to tools by @stevespringett in #102
- Made component version optional by @stevespringett in #92
- Added vulnerabilities as part of core spec by @stevespringett in #91
- Implemented release notes in XML, JSON, and Protobuf by @stevespringett in #88
- Implemented JSF in the core spec by @stevespringett in #93
- JSON strict: add optional root property
$schema
by @jkowalleck in #107 - spec1.4 JSON fixes #83 by @jkowalleck in #109
- spec 1.4 JSON schema: remove unnecessary self-shadowing
$id
by @jkowalleck in #111 - schema spec1.4: own type for
ref
/bom-ref
by @jkowalleck in #116 - spec1.4 JSON schema : bugfixes #83 by @jkowalleck in #117
- Add service release notes to v1.4 proto file by @coderpatros in #120
- v1.4 General Availability by @stevespringett in #121
Full Changelog: 1.3...1.4