Path to this page:
./
security/py-cyclonedx-python-lib,
Python library for generating CycloneDX SBOMs
Branch: CURRENT,
Version: 8.4.0,
Package name: py312-cyclonedx-python-lib-8.4.0,
Maintainer: pkgsrc-usersThis CycloneDX module for Python can generate valid CycloneDX
bill-of-material document containing an aggregate of all project
dependencies.
This module is not designed for standalone use.
Master sites:
Filesize: 1105.01 KB
Version history: (Expand)
- (2024-10-30) Updated to version: py312-cyclonedx-python-lib-8.4.0
- (2024-10-22) Updated to version: py312-cyclonedx-python-lib-8.0.0
- (2024-10-12) Updated to version: py312-cyclonedx-python-lib-7.6.2
- (2024-09-22) Updated to version: py312-cyclonedx-python-lib-7.6.1
- (2024-08-20) Updated to version: py312-cyclonedx-python-lib-7.6.0
- (2024-07-14) Updated to version: py311-cyclonedx-python-lib-7.5.1
CVS history: (Expand)
2024-04-28 11:54:08 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: update to 7.3.2.
7.3.2
* fix: properly sort components based on all properties (#599)
reverts #587 - as this one introduced errors fixes #598 fixes #586
7.3.1
* chore: semantic-release git commit/sign valid email address
* fix: include all fields of `Component` in `__lt__` function for #586 (#587)
|
2024-04-21 17:35:36 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: update to 7.3.0.
7.3.0
Feature
feat: license factory set acknowledgement (#593)
add a parameter to LicenseFactory.make_*() methods, to set the \
LicenseAcknowledgement.
## v7.2.0 (2024-04-19)
### Feature
* feat: disjunctive license acknowledgement (#591)
---------
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> \
([`9bf1839`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9bf1839859a244e790e91c3e1edd82d333598d60))
### Unknown
* tests: add meaningful names to validation tests (#588)
When packaging cyclonedx-python-lib for a Linux distribution, it’s
pretty common that some JSON validation tests fail. [1]
Due to the large number of combinations and the fact that these tests
are consecutively numbered, it has been tedious to figure out which
tests are exactly failing and why. This in turn makes it difficult to
decide which tests to disable or report upstream.
Append meaningful names to validation tests so that instead of e.g.:
[…]::TestJsonValidator::test_validate_no_none_001
[…]::TestJsonValidator::test_validate_no_none_002
[…]::TestJsonValidator::test_validate_no_none_003
[…]::TestJsonValidator::test_validate_no_none_004
[…]::TestJsonValidator::test_validate_no_none_005
[…]::TestJsonValidator::test_validate_no_none_006
[…]::TestJsonValidator::test_validate_no_none_007
[…]::TestJsonValidator::test_validate_no_none_008
the tests are named:
[…]::TestJsonValidator::test_validate_no_none_001_valid_component_swid_1_6
\
[…]::TestJsonValidator::test_validate_no_none_002_valid_machine_learning_consi \
derations_env_1_6
[…]::TestJsonValidator::test_validate_no_none_003_valid_metadata_tool_1_6
[…]::TestJsonValidator::test_validate_no_none_004_valid_patch_1_6
[…]::TestJsonValidator::test_validate_no_none_005_valid_empty_components_1_6
[…]::TestJsonValidator::test_validate_no_none_006_valid_properties_1_6
[…]::TestJsonValidator::test_validate_no_none_007_valid_service_1_6
[…]::TestJsonValidator::test_validate_no_none_008_valid_metadata_author_1_6
[1]: \
https://aur.archlinux.org/cgit/aur.git/diff/PKGBUILD?h=python-cyclonedx-lib&id=9c6ae556874a633a521407a77a9a85bb31da2047
* doc: poor merge resolved
|
2024-04-18 10:55:26 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
py-cyclonedx-python-lib: update to 7.1.0.
7.1.0
Documentation
docs: missing schema support table & update schema support to reflect \
version 7.0.0 (#584)
Feature
feat: support bom.properties for CycloneDX v1.5+ (#585)
7.0.0
Breaking
feat!: Support for CycloneDX v1.6
added draft v1.6 schemas and boilerplate for v1.6
re-generated test snapshots for v1.6
note bom.metadata.manufacture as deprecated
work on bom.metadata for v1.6
Deprecated .component.author. Added .component.authors and \
.component.manufacturer
work to add .component.omniborid - but tests deserialisation tests fail due \
to schema differences (.component.author not in 1.6)
work to get deserialization tests passing
chore(deps): bump py-serializable to >=1.0.3 to resolve issues with \
deserialization to XML
imports tidied
properly added .component.swhid
add .component.cryptoProperties - with test failures for SchemaVersion < 1.6
typing and bandit ignores
coding standards
test filtering
coding standards
additional tests to increase code coverage
corrected CryptoMode enum
coding standards
Added address to organizationalEntity
Added address to organizationalEntity
raise UserWarning in .component.version has length > 1024
coding standards and typing
add acknowledgement to LicenseExpression (#582)
more proper way to filter test cases
update schema to published versions
fetch schema 1.6 JSON
fetch test data for CDX 1.6
reformat
reformat
refactor
style
refactor
docs
|
2024-03-24 14:04:17 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: updated to 6.4.4
6.4.4
fix: wrong extra name for xml validation
|
2024-03-04 19:49:17 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: updated to 6.4.3
v6.4.3
fix: serialization of model.component.Diff
|
2024-03-03 12:40:53 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: update to 6.4.2.
Maintenance release.
|
2024-02-05 11:53:31 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-cyclonedx-python-lib: updated to 6.4.1
v6.4.1
chore(deps-dev): update bandit requirement from 1.7.6 to 1.7.7
chore(deps-dev): update coverage requirement from 7.4.0 to 7.4.1
docs: ship docs with sdist build
docs: refactor example
fix: model.BomRef no longer equal to unset peers
|
2024-01-28 14:20:00 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-cyclonedx-python-lib: update to 6.4.0.
Chore
chore(deps-dev): update tox requirement from 4.12.0 to 4.12.1 (#533)
Updates the requirements on tox to permit the latest version.
|