./security/py-cyclonedx-bom, Creates CycloneDX Software Bill of Materials for Python projects

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.5.0, Package name: py311-cyclonedx-bom-4.5.0, Maintainer: pkgsrc-users

This project provides a runnable Python-based application for
generating CycloneDX bill-of-material documents from either:

* Your current Python Environment

* Your project's manifest (e.g. Pipfile.lock, poetry.lock or
requirements.txt)

* Conda as a Package Manager

The BOM will contain an aggregate of all your current project's
dependencies, or those defined by the manifest you supply.

CycloneDX is a lightweight BOM specification that is easily created,
human-readable, and simple to parse.


Master sites:

Filesize: 2215.86 KB

Version history: (Expand)


CVS history: (Expand)


   2024-06-18 12:31:17 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-cyclonedx-bom: updated to 4.5.0

4.5.0

Feature

feat: environment - gather declared license information according to PEP639
From python environments, gather additional declared license information \ 
according to PEP 639 (improving license clarity with better package metadata).

New CLI switches for cyclonedx environment:

--PEP-639: Enable license gathering according to PEP 639 (improving license \ 
clarity with better package metadata). The behavior may change during the draft \ 
development of the PEP.
--gather-license-texts: Enable license text gathering.
In current state of implementation, --gather-license-texts has effect only if \ 
--PEP-639 is also given.
   2024-05-13 11:36:52 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-cyclonedx-bom: updated to 4.4.3

v4.4.3 (2024-04-26)

Fix

fix: do not use cyclonedx-lib==7.3.1

v4.4.2 (2024-04-21)

Fix

fix: release lates container image

v4.4.1 (2024-04-21)

Fix

fix: release lates container image
   2024-03-24 14:06:01 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
py-cyclonedx-bom: updated to 4.1.3

v4.1.3
docs: imprve environment use cases and examples
fix: declared license texts as such, not as license name

v4.1.2
build: use poetry v1.8.1

v4.1.1
docs: improve example for programmatic call of CLI
fix: normalize package extras

v4.1.0
feat: support poetry multi-constraint dependencies
   2022-01-05 16:41:32 by Thomas Klausner | Files touched by this commit (289)
Log message:
python: egg.mk: add USE_PKG_RESOURCES flag

This flag should be set for packages that import pkg_resources
and thus need setuptools after the build step.

Set this flag for packages that need it and bump PKGREVISION.
   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-12-17 11:18:24 by Thomas Klausner | Files touched by this commit (2)
Log message:
py-cyclonedx-*: mark as not for python 2.7
   2021-12-07 19:04:46 by Thomas Klausner | Files touched by this commit (4)
Log message:
security/py-cyclonedx-bom: import py-cyclonedx-bom-1.5.3

This project provides a runnable Python-based application for
generating CycloneDX bill-of-material documents from either:

* Your current Python Environment

* Your project's manifest (e.g. Pipfile.lock, poetry.lock or
  requirements.txt)

* Conda as a Package Manager

The BOM will contain an aggregate of all your current project's
dependencies, or those defined by the manifest you supply.

CycloneDX is a lightweight BOM specification that is easily created,
human-readable, and simple to parse.