chore(release): 5.0.0-rc.2

Automatically generated by python-semantic-release

Signed-off-by: semantic-release <semantic-release>

Author: semantic-release

CHANGELOG.md

@@ -2,25 +2,339 @@
 
 
 
+## v5.0.0-rc.2 (2023-10-20)
+
+### Ci
+
+* ci: revisit coverage reporting
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bc8e30b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bc8e30b32163db3ffd31a7c96460a907637b1794))
+
+* ci: revisit coverage reporting
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2967f28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2967f284cf7e5ab4da69406d599d890b07e62ce1))
+
+### Documentation
+
+* docs: update title
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`9373afc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9373afc1b94542680c324bacbc59e7b3a015f721))
+
+### Feature
+
+* feat: v5.0.0-rc.2
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`e298726`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e298726a0a62aee5e1988cd3a2dd230dfbda95f8))
+
+### Style
+
+* style: qa
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a2af2ed`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a2af2eddf2fbfc2e8fbf407527c07877961dcedd))
+
+* style: streamline code quality (#472)
+
+- raised some dev tools
+- added more quality checkers and rules
+- documented and applied additional code standards
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bb0f7a5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bb0f7a5d3610ffcd035ea0b89742225dea5abce9))
+
+### Unknown
+
+* reduce imports
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`d09ac36`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d09ac3685dda97a054be7e0655e95c5b6356057d))
+
+* Merge remote-tracking branch 'origin/main' into 5.0.0-dev ([`c4f7281`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c4f7281b09100208f6b5bc6831344052962e95c4))
+
+
 ## v4.2.3 (2023-10-16)
 
 ### Chore
 
+* chore: revert changelog
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a911106`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a911106d09a7b5538e5ae77edf4fc4c2122f1f8b))
+
+### Fix
+
+* fix: SPDX-expression-validation internal crashes are cought and handled (#471)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab))
+
+### Refactor
+
+* refactor(DX): rename `get_instance()` (#469)
+
+- deprecate function `output.get_instance()`
+- add function `outout.make_outputter()`
+- rename function `validation.get_instance()` -> `validation.make_schemabased_validator()`
+- rename function `validation.schema.get_instance()` -> `validation.make_schemabased_validator()`
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2a2b2dd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2a2b2dd509100eea5ec3153e1ec10ff5dda6f269))
+
+* refactor: schema based validator (#468)
+
+- restructured validators, to enable possible non-schema-based validation. 
+- optimized `validation.schema.get_instance()`
+- optimized `output.get_instance()`
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`65e79cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e79cfeb4fed3e31f85a4ec6d06215988a3a6d1))
+
+### Unknown
+
+* tidy
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6316f09`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6316f094552e8bbd38777bc66a17c5546f2b7d14))
+
+* Merge branch 'main' into 5.0.0-dev ([`55f6f4d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/55f6f4d0ad23189ce2bfce7ed7380e92470ac8b7))
+
+
+## v5.0.0-rc.1 (2023-10-11)
+
+### Breaking
+
+* chore!: bump major version to v5
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`bae8a84`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bae8a84e7aa329780f91f49212c15f4d8c13ddcb))
+
+### Chore
+
+* chore: revisit license headers
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1e963bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1e963bd3d7e6c7d9437e41a34ecd622e0d32f3d8))
+
+* chore: clean deps
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`ac6ad0e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ac6ad0ed5b5933f03d1132c3bbce0ada1915fc40))
+
+* chore: remove encoding hint (#459)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`37219c3`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/37219c321ac7ce5b507a0c0a74776f8204b400bf))
+
 * chore: Update CONTRIBUTING.md
 
 Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`0ebaa21`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0ebaa216d43a1389362dbdb33f9b49f43a21ab66))
 
+* chore: config sem-release
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`839fe11`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/839fe114bafac6117879175eb54a8759b7ef8963))
+
+* chore: sem-release config
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`18b4eca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/18b4eca2c0fe2a2b4f1ca79976719c1afa0816bc))
+
+* chore: absolute tet imports
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`39e0eb9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/39e0eb9af29a13e1cad6a073e5eb20955e492484))
+
+* chore(build): test before release
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5cb695e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5cb695ebf9989f9bdefaa6823f5814d5c2fe9998))
+
+* chore: init 5.0.0-dev
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0a3ae26`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0a3ae26f8fe50e1dc03fb72fb7fdba51654c7f8b))
+
 ### Ci
 
 * ci: publish coverage report to codacy (#439)
 
 Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`0012a82`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0012a82382f9f33831a80aa0e26c0cbb7fd8984b))
 
+### Documentation
+
+* docs: fix hilighter
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`9d49280`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9d49280b680a4f8a7c4b8795f35928584e29baee))
+
+* docs: fix typo
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> ([`6adc98f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6adc98f66da94b7bac987bc5b25da7099498fe3a))
+
+### Feature
+
+* feat: support python 3.12 (#460)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`eaba7a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/eaba7a048de190bce0797fb9ce40c4e2de49c5d9))
+
+* feat: options for beautiful output (#458)
+
+add indention to outputters. this may come at a cost!
+
+
+Breaking Changes
+------------------
+* abstract Method `output.BaseOutput.output_as_string()` got new optional kwarg `indent`
+* abstract Method `output.BaseOutput.output_as_string()` accepts arbitrary kwargs
+
+Changed
+----------
+* XML output uses a default namespace, which makes results smaller.
+
+
+Added
+------------------
+* All outputters' method `output_as_string()` got new optional kwarg `indent`
+* All outputters' method `output_as_string()` accepts arbitrary kwargs
+* All outputters' method `output_to_file()` got new optional kwarg `indent`
+* All outputters' method `output_to_file()` accepts arbitrary kwargs
+
+-----
+
+- [x] implementation
+- [x] tests (snapshot binary compare; structural equal compare) 
+
+-----
+
+enables https://github.com/CycloneDX/cyclonedx-python/issues/424
+fixes #437
+fixes #438
+supersedes #449
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3bcd9e9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3bcd9e99a58b74c9dc1fc474b468e67fc92fb7c4))
+
+* feat: easy access validators (#448)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1c9ea9e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1c9ea9e22e53933347a8f366c5fc06febe811757))
+
+* feat: add CycloneDX document validators to public API (#433)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a4f5ec5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4f5ec5d63d576c04bcef5c0b6641f6c47164cfb))
+
 ### Fix
 
-* fix: SPDX-expression-validation internal crashes are cought and handled (#471)
+* fix: multiple licenses issue #365 (#466)
 
-Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5fa66a0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5fa66a043818eb5747dbd630496c6d31f818c0ab))
+breaking changes
+------------------
+* Reworked license related models and collections
+* API
+  * Removed class `factory.license.LicenseChoiceFactory`  
+    The old functionality was integrated into `factory.license.LicenseFactory`.
+  * Method `factory.license.LicenseFactory.make_from_string()`'s parameter `name_or_spdx` was renamed to `value`
+  * Method `factory.license.LicenseFactory.make_from_string()`'s return value can also be a `LicenseExpression`
+    The behavior imitates the old `factory.license.LicenseChoiceFactory.make_from_string()`
+  * Renamed class `module.License` to `module.license.DisjunctliveLicense`
+  * Removed class `module.LicenseChoice`
+    Use dedicated classes `module.license.DisjunctliveLicense` and `module.license.LicenseExpression` instead
+  * All occurrences of `models.LicenseChoice` were replaced by `models.licenses.License`
+  * All occurrences of `SortedSet[LicenseChoice]` were specialized to `models.license.LicenseRepository`
+
+
+fixes
+------------------
+* serialization of multy-licenses #365
+
+added
+------------------
+* API
+  * Method `factory.license.LicenseFactory.make_with_expression()`
+  * Class `model.license.DisjunctiveLicense`
+  * Class `model.license.LicenseExpression`
+  * Class `model.license.LicenseRepository`
+  * Class `serialization.LicenseRepositoryHelper`
+
+tests
+------------------
+* added regression test for bug #365
+
+misc
+------------------
+* raised dependency `py-serializable@^9.15`
+
+
+
+----
+
+fixes #365
+
+~~BLOCKED by a feature request to serializer: <https://github.com/madpah/serializable/pull/32>~~
+
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`6770786`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67707864ac0f1b27bac166a8fd537ea38523fe6f))
+
+* fix: typing for `kwargs` (#462)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`2240b4d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2240b4dda824c13bc563bce1574dffe563016ac2))
+
+* fix: tuple stuff (#461)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`84c6504`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/84c6504fc92d1207135f7719b6b6477fae7950cb))
+
+* fix: `bom.validate()` detects invalid license constellations (#452)
+
+
+
+If a LicenseExpression is set, then there must be no other license.
+
+fixes #453
+
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`16843b2`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/16843b29086d8f871a7239c33beb930543cfde45))
+
+### Performance
+
+* perf: make validation more secure
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`5d7b86c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5d7b86c0ba84fe17becc53b2ccf4385113f90905))
+
+### Unknown
+
+* tests for backwards compatibility of #365 (#467)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`4c2ef14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4c2ef14017467980509bdb69f937b5098d8c0965))
+
+* tests: snapshots and complete deep comparison, instead of pseudo-compare (#464)
+
+part of https://github.com/CycloneDX/cyclonedx-python-lib/issues/437
+also fixed a bug: unused first level dependencies were not detected. now they are.
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7543789`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/75437896c04e352b51d83e6e52cf94874347f4a6))
+
+* Feat: typing, typehints, & overload (#463)
+
+also: bump `py-serializable@^0.14.0`
+
+---------
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`a68ae24`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a68ae2464539d07ed0fc037aa1e315e5ccda054a))
+
+* Merge branch 'main' into 5.0.0-dev ([`c8c2183`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8c218366298ccc340e769fa180204e79a9a0f3e))
+
+* tests: use internal json strict validation
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`7186b52`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/7186b52a540e478196799ef7a3580f48f77544e9))
+
+* proper enums (#447)
+
+fixes #442
+part of #446
+
+BREAKING CHANGE
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`06b5eb0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/06b5eb03d479e9908b9b62bcee48d23a873dd4ba))
+
+* typo
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`3de2493`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3de24936533a51c0cbf61de4b19785ee7407526c))
+
+* Drop py37 (#441)
+
+Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> ([`1571d21`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1571d21057b11f11cb81e74a5a702f7f30582b09))
 
 
 ## v4.2.2 (2023-09-14)

cyclonedx/__init__.py

@@ -21,4 +21,4 @@
 # !! version is managed by semantic_release
 # do not use typing here, or else `semantic_release` might have issues finding the variable
 # flake8: noqa
-__version__ = "5.0.0-rc.1"
+__version__ = "5.0.0-rc.2"

docs/conf.py

@@ -20,7 +20,7 @@
 
 # The full version, including alpha/beta/rc tags
 # !! version is managed by semantic_release
-release = '5.0.0-rc.1'
+release = '5.0.0-rc.2'
 
 # -- General configuration ---------------------------------------------------
 

pyproject.toml

@@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api"
 [tool.poetry]
 name = "cyclonedx-python-lib"
 # !! version is managed by semantic_release
-version = "5.0.0-rc.1"
+version = "5.0.0-rc.2"
 description = "A library for producing CycloneDX SBOM (Software Bill of Materials) files."
 authors = [
   "Paul Horton <phorton@sonatype.com>",