Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: CycloneDX/cyclonedx-python-lib
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.4.4
Choose a base ref
...
head repository: CycloneDX/cyclonedx-python-lib
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v7.0.0
Choose a head ref
  • 4 commits
  • 314 files changed
  • 4 contributors

Commits on Mar 26, 2024

  1. chore(deps-dev): update tox requirement from 4.14.1 to 4.14.2 (#574)

    Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
    - [Release notes](https://github.com/tox-dev/tox/releases)
    - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
    - [Commits](tox-dev/tox@4.14.1...4.14.2)
    
    ---
    updated-dependencies:
    - dependency-name: tox
      dependency-type: direct:development
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Mar 26, 2024
    Copy the full SHA
    d60f457 View commit details

Commits on Mar 31, 2024

  1. chore(deps-dev): update autopep8 requirement from 2.0.4 to 2.1.0 (#573)

    Updates the requirements on [autopep8](https://github.com/hhatto/autopep8) to permit the latest version.
    - [Release notes](https://github.com/hhatto/autopep8/releases)
    - [Commits](hhatto/autopep8@v2.0.4...v2.1.0)
    
    ---
    updated-dependencies:
    - dependency-name: autopep8
      dependency-type: direct:development
    ...
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Mar 31, 2024
    Copy the full SHA
    35749c6 View commit details

Commits on Apr 9, 2024

  1. feat!: Support for CycloneDX v1.6

    * added draft v1.6 schemas and boilerplate for v1.6
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * re-generated test snapshots for v1.6
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * note `bom.metadata.manufacture` as deprecated
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * work on `bom.metadata` for v1.6
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * Deprecated `.component.author`. Added `.component.authors` and `.component.manufacturer`
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * work to add `.component.omniborid` - but tests deserialisation tests fail due to schema differences (`.component.author` not in 1.6)
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * work to get deserialization tests passing
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * chore(deps): bump `py-serializable` to >=1.0.3 to resolve issues with deserialization to XML
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * imports tidied
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * properly added `.component.swhid`
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * add `.component.cryptoProperties` - with test failures for SchemaVersion < 1.6
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * typing and bandit ignores
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * coding standards
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * test filtering
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * coding standards
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * additional tests to increase code coverage
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * corrected CryptoMode enum
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * coding standards
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * Added `address` to `organizationalEntity`
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * Added `address` to `organizationalEntity`
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * raise `UserWarning` in `.component.version` has length > 1024
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * coding standards and typing
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * add `acknowledgement` to `LicenseExpression` (#582)
    
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * more proper way to filter test cases
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * update schema to published versions
    
    Signed-off-by: Paul Horton <[email protected]>
    
    * fetch schema 1.6 JSON
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * fetch test data for CDX 1.6
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * reformat
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * reformat
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * refactor
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * style
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * refactor
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    * docs
    
    Signed-off-by: Jan Kowalleck <[email protected]>
    
    ---------
    
    Signed-off-by: Paul Horton <[email protected]>
    Signed-off-by: Jan Kowalleck <[email protected]>
    Co-authored-by: Jan Kowalleck <[email protected]>
    madpah and jkowalleck authored Apr 9, 2024
    Copy the full SHA
    8bbdf46 View commit details
  2. chore(release): 7.0.0

    Automatically generated by python-semantic-release
    
    Signed-off-by: semantic-release <semantic-release>
    semantic-release committed Apr 9, 2024
    Copy the full SHA
    a28013b View commit details
Showing 314 changed files with 34,492 additions and 310 deletions.
179 changes: 179 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -2,6 +2,185 @@



## v7.0.0 (2024-04-09)

### Breaking

* feat!: Support for CycloneDX v1.6

* added draft v1.6 schemas and boilerplate for v1.6

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* re-generated test snapshots for v1.6

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* note `bom.metadata.manufacture` as deprecated

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* work on `bom.metadata` for v1.6

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* Deprecated `.component.author`. Added `.component.authors` and `.component.manufacturer`

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* work to add `.component.omniborid` - but tests deserialisation tests fail due to schema differences (`.component.author` not in 1.6)

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* work to get deserialization tests passing

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* chore(deps): bump `py-serializable` to &gt;=1.0.3 to resolve issues with deserialization to XML

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* imports tidied

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* properly added `.component.swhid`

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* add `.component.cryptoProperties` - with test failures for SchemaVersion &lt; 1.6

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* typing and bandit ignores

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* coding standards

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* test filtering

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* coding standards

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* additional tests to increase code coverage

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* corrected CryptoMode enum

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* coding standards

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* Added `address` to `organizationalEntity`

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* Added `address` to `organizationalEntity`

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* raise `UserWarning` in `.component.version` has length &gt; 1024

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* coding standards and typing

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* add `acknowledgement` to `LicenseExpression` (#582)


Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* more proper way to filter test cases

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* update schema to published versions

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;

* fetch schema 1.6 JSON

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* fetch test data for CDX 1.6

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* reformat

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* reformat

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* refactor

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* style

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* refactor

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

* docs

Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;

---------

Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;
Signed-off-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt;
Co-authored-by: Jan Kowalleck &lt;jan.kowalleck@gmail.com&gt; ([`8bbdf46`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8bbdf461434ab66673a496a8305c2878bf5c88da))

### Chore

* chore(deps-dev): update autopep8 requirement from 2.0.4 to 2.1.0 (#573)

Updates the requirements on [autopep8](https://github.com/hhatto/autopep8) to permit the latest version.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v2.0.4...v2.1.0)

---
updated-dependencies:
- dependency-name: autopep8
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt; ([`35749c6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/35749c6cd18ebb8911b7cefac8a381d2ee57177a))

* chore(deps-dev): update tox requirement from 4.14.1 to 4.14.2 (#574)

Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](https://github.com/tox-dev/tox/compare/4.14.1...4.14.2)

---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:development
...

Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt; ([`d60f457`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d60f4570621246ce3d68e7f2e7f1aa831fb818f0))


## v6.4.4 (2024-03-18)

### Chore
2 changes: 1 addition & 1 deletion cyclonedx/__init__.py
Original file line number Diff line number Diff line change
@@ -20,4 +20,4 @@

# !! version is managed by semantic_release
# do not use typing here, or else `semantic_release` might have issues finding the variable
__version__ = "6.4.4" # noqa:Q000
__version__ = "7.0.0" # noqa:Q000
32 changes: 32 additions & 0 deletions cyclonedx/exception/model.py
Original file line number Diff line number Diff line change
@@ -45,6 +45,38 @@ class InvalidLocaleTypeException(CycloneDxModelException):
pass


class InvalidNistQuantumSecurityLevelException(CycloneDxModelException):
"""
Raised when an invalid value is provided for an NIST Quantum Security Level
as defined at https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/
evaluation-criteria/security-(evaluation-criteria).
"""
pass


class InvalidOmniBorIdException(CycloneDxModelException):
"""
Raised when a supplied value for an OmniBOR ID does not meet the format requirements
as defined at https://www.iana.org/assignments/uri-schemes/prov/gitoid.
"""
pass


class InvalidRelatedCryptoMaterialSizeException(CycloneDxModelException):
"""
Raised when the supplied size of a Related Crypto Material is negative.
"""
pass


class InvalidSwhidException(CycloneDxModelException):
"""
Raised when a supplied value for an Swhid does not meet the format requirements
as defined at https://docs.softwareheritage.org/devel/swh-model/persistent-identifiers.html.
"""
pass


class InvalidUriException(CycloneDxModelException):
"""
Raised when a `str` is provided that needs to be a valid URI, but isn't.
Loading