Skip to content

Releases: CycloneDX/cyclonedx-python

v7.0.0

14 Jul 09:13
@github-actions github-actions
v7.0.0
a980d02
Compare
Choose a tag to compare
v7.0.0 Latest
Latest

v7.0.0 (2025-07-14)

BREAKING Changes

  • Finalize PEP639, auto-enable it, remove CLI switch environment --PEP-639 (#928, 6b81028)
    • Handling of PEP 639 changed, as the specification changed during finalization.
    • Handling of PEP 639 is always enabled, as Python Packing specification 2.4 recognizes it.
    • CLI parameter environment --PEP-639 was removed.
  • Remove deprecated CLI switches --schema-version and --outfile, use --spec-version and --output-file instead (#892, 2be98e5)

What's Changed

  • chore: test for missing dependencies by @jkowalleck in #930
  • chore(deps-dev): Update bandit requirement from 1.8.5 to 1.8.6 by @dependabot[bot] in #932
  • feat!: finalize PEP639, auto-enable it, remove CLI switch environment --PEP-639 by @jkowalleck in #928
  • feat!: remove deprecated CLI switches --schema-version and --outfile, use --spec-version and --output-file instead by @virgo-o in #892
  • chore(deps-dev): Update uv requirement from 0.7.19 to 0.7.20 by @dependabot[bot] in #933

Full Changelog: v6.1.3...v7.0.0

Contributors

jkowalleck, dependabot, and virgo-o
Assets 6
Loading

v7.0.1-alpha.2

09 Jul 16:19
@github-actions github-actions
v7.0.1-alpha.2
1821bf5
Compare
Choose a tag to compare
v7.0.1-alpha.2 Pre-release
Pre-release

v7.0.1-alpha.2 (2025-07-09)

Detailed Changes: v7.0.0-alpha.1...v7.0.1-alpha.2

Loading

v7.0.0-alpha.1

09 Jul 10:19
@github-actions github-actions
v7.0.0-alpha.1
0655f00
Compare
Choose a tag to compare
v7.0.0-alpha.1 Pre-release
Pre-release

v7.0.0-alpha.1 (2025-07-09)

Detailed Changes: v6.1.3...v7.0.0-alpha.1

Loading

v6.1.3

08 Jul 16:24
@github-actions github-actions
v6.1.3
93158ff
Compare
Choose a tag to compare
v6.1.3

v6.1.3 (2025-07-08)

Bug Fixes

  • License file detection according to PEP621 (#929, 28dcbf7)

What's Changed

  • chore(deps-dev): Update uv requirement from 0.7.13 to 0.7.16 by @dependabot in #922
  • style: make long-text indents smaller by @jkowalleck in #924
  • chore(deps-dev): Update coverage requirement from 7.9.1 to 7.9.2 by @dependabot in #926
  • chore(deps-dev): Update uv requirement from 0.7.16 to 0.7.19 by @dependabot in #927
  • fix: license file detection according to PEP621 by @jkowalleck in #929

Full Changelog: v6.1.2...v6.1.3

Contributors

jkowalleck and dependabot
Loading

v6.1.2

26 Jun 14:29
@github-actions github-actions
v6.1.2
d853cb6
Compare
Choose a tag to compare
v6.1.2

v6.1.2 (2025-06-26)

Bug Fixes

  • Make pep621 license detections type-aware (#920, 0c9aeac)

Documentation

  • Formatting and reorder of code style instructions. (15ac2cd)

  • License file *.rst are NOT type text - they are binary (#911, 168f81d)

What's Changed

  • chore(deps-dev): Update uv requirement from 0.7.3 to 0.7.4 by @dependabot in #899
  • chore(deps-dev): Update tox requirement from 4.25.0 to 4.26.0 by @dependabot in #900
  • chore(deps-dev): Update coverage requirement from 7.8.0 to 7.8.2 by @dependabot in #901
  • chore(deps-dev): Update uv requirement from 0.7.4 to 0.7.8 by @dependabot in #902
  • chore(deps-dev): Update uv requirement from 0.7.8 to 0.7.9 by @dependabot in #905
  • chore(deps-dev): Update mypy requirement from 1.15.0 to 1.16.0 by @dependabot in #906
  • chore(deps): Bump python-semantic-release/python-semantic-release from 9.21.1 to 10.0.2 by @dependabot in #903
  • chore(deps): Bump python-semantic-release/publish-action from 9 to 10 by @dependabot in #904
  • chore: bring pyupgrade by @jkowalleck in #908
  • chore(deps-dev): Update uv requirement from 0.7.9 to 0.7.12 by @dependabot in #909
  • style: justify import of non-explicitely exported by @jkowalleck in #910
  • docs: license file *.rst are NOT type text - they are binary by @jkowalleck in #911
  • chore(deps-dev): Update bandit requirement from 1.8.3 to 1.8.5 by @dependabot in #916
  • chore(deps-dev): Update mypy requirement from 1.16.0 to 1.16.1 by @dependabot in #917
  • chore(deps-dev): Update tox requirement from 4.26.0 to 4.27.0 by @dependabot in #919
  • chore(deps-dev): Update flake8 requirement from 7.2.0 to 7.3.0 by @dependabot in #918
  • chore(deps-dev): Update uv requirement from 0.7.12 to 0.7.13 by @dependabot in #913
  • chore(deps-dev): Update coverage requirement from 7.8.2 to 7.9.1 by @dependabot in #914
  • fix: make pep621 license detections type-aware by @manavgup in #920

New Contributors

Full Changelog: v6.1.1...v6.1.2

Contributors

jkowalleck, manavgup, and dependabot
Loading

v6.1.1

12 May 10:37
@github-actions github-actions
v6.1.1
c4d75b8
Compare
Choose a tag to compare
v6.1.1

v6.1.1 (2025-05-12)

Bug Fixes

Signed-off-by: Jan Kowalleck jan.kowalleck@gmail.com

Detailed Changes: v6.1.0...v6.1.1

Loading

v6.1.0

12 May 09:49
@github-actions github-actions
v6.1.0
e82393d
Compare
Choose a tag to compare
v6.1.0

v6.1.0 (2025-05-12)

Documentation

  • Fix default value for --spec-version (2f2982b)

Signed-off-by: Jan Kowalleck jan.kowalleck@gmail.com

Features

What's Changed

  • chore(deps-dev): Update flake8-logging requirement from 1.6.0 to 1.7.0 by @dependabot in #888
  • chore(deps-dev): Update pep8-naming requirement from 0.14.1 to 0.15.0 by @dependabot in #891
  • chore(deps-dev): Update uv requirement from 0.6.14 to 0.7.2 by @dependabot in #890
  • chore(deps-dev): Update pep8-naming requirement from 0.15.0 to 0.15.1 by @dependabot in #896
  • feat: rootless docker container by @virgo-o in #893
  • chore(deps): Bump python-semantic-release/python-semantic-release from 9.21.0 to 9.21.1 by @dependabot in #894
  • chore(deps-dev): Update uv requirement from 0.7.2 to 0.7.3 by @dependabot in #895

Full Changelog: v6.0.0...v6.1.0

Contributors

dependabot and virgo-o
Loading

v6.1.0-rc.1

12 May 10:15
@github-actions github-actions
v6.1.0-rc.1
37dbcd6
Compare
Choose a tag to compare
v6.1.0-rc.1 Pre-release
Pre-release

v6.1.0-rc.1 (2025-05-12)

Detailed Changes: v6.1.0-alpha.1...v6.1.0-rc.1

Loading

v6.1.0-alpha.1

12 May 10:03
@github-actions github-actions
v6.1.0-alpha.1
6ea7f51
Compare
Choose a tag to compare
v6.1.0-alpha.1 Pre-release
Pre-release

v6.1.0-alpha.1 (2025-05-12)

Documentation

  • Fix default value for --spec-version (2f2982b)

Signed-off-by: Jan Kowalleck jan.kowalleck@gmail.com

Features

As per OWASP's Docker Security Cheat Sheet, it is recommended to set a user instead of running the container as root.

bash virgo@lenovo:~$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ee568549229f cyclonedx-py:latest "/bin/bash" About a minute ago Up About a minute nifty_swirles virgo@lenovo:~$ docker exec -it ee568549229f sh -c "id" uid=1000(cyclonedx) gid=1000(cyclonedx) groups=1000(cyclonedx)

⬆️ Now the container is running as a standard user.

Signed-off-by: virgo-o virgoj@protonmail.com

Detailed Changes: v6.0.0...v6.1.0-alpha.1

Loading

v6.0.0

24 Apr 15:35
@github-actions github-actions
v6.0.0
184cb60
Compare
Choose a tag to compare
v6.0.0

BREAKING CHANGE

  • drop support for python <3.9
  • spec-version defaults to CycloneDX 1.6

Feat

  • Handle misencoded license text files graceful.
  • Add mimetype detection for rich text format (rtf)

What's Changed

  • feat!: drop support for python <3.9 by @jkowalleck in #883
  • ci: test macos latest by @jkowalleck in #864
  • feat!: spec-version defaults to CycloneDX 1.6 by @jkowalleck in #885
  • chore(deps): Bump python-semantic-release/python-semantic-release from 9.1.1 to 9.21.0 by @dependabot in #856
  • chore(deps): Bump python from 3.12-slim to 3.13-slim by @dependabot in #810
  • feat: Add mimetype detection for rich text format (rtf) by @schlenk in #886
  • Handle misencoded license text files graceful. by @schlenk in #884

New Contributors

Full Changelog: v5.5.0...v6.0.0

Contributors

schlenk, jkowalleck, and dependabot
Loading