Prerelease 2.0.0.dev8

2.0.0.dev (2023-05-19)

• breaking changes
  • new command bom convert to import and export SBOM in mutiple formats.
    This new command replaces bom fromCSV, bom FromFlatFist, bom FromSbom,
    bom ToHtml and bom ToSbom.
  • bom sort is discontinued, CycloneDX SBOMs are always sorted by component name.
  • The option -source of GetDependencies python is discontinued, please use
    bom downloadsources instead.
  • project show writes the output file only in plain JSON and not CycloneDX.
  • project CreateReadme requires new entries in readme_oss_config.json to be independent
    of the name Siemens
    • CompanyName
    • CompanyAddressN, N = 1..4
  • bom map now uses alphanumeric identifier for mapping instead of integer values:
    • INVALID: 0-invalid instead of 0
    • FULL_MATCH_BY_ID: 1-full-match-by-id instead of 1
    • FULL_MATCH_BY_HASH: 2-full-match-by-hash instead of 2
    • FULL_MATCH_BY_NAME_AND_VERSION: 3-full-match-by-name-and-version instead of 3
    • MATCH_BY_FILENAME: 4-good-match-by-filename instead of 4
    • MATCH_BY_NAME: 5-candidate-match-by-name instead of 5
    • SIMILAR_COMPONENT_FOUND: 6-candidate-match-similar-component instead of 6
    • NO_MATCH: 9-no-match instead of 100
  • dropped support for option -stage. The SW360 server instance can get specified via the -url parameter.
  • The hard coded address https://sw360.siemens.com has been removed.
    CaPyCLI reads the SW360 server address either from the environment variable SW360ServerUrl or
    via the -url parameter.
  • CaPyCLI supports an optional config file .capycli.cfg. Settings defined in the config file
    supersede settings in environment variables. Command line parameters supersede config file settings.
• The cache functionality of bom map also supports the staging system.
• project GetLicenseInfo can take over data from existing Readme_OSS config files.