Skip to content

Releases: CycloneDX/cyclonedx-node-module

4.1.0

26 Jun 08:09
Compare
Choose a tag to compare

Added

  • New optional dependency @cyclonedx/yarn-plugin-cyclonedx (via #365)
    This is a package for generating SBOM from yarn projects.

What's Changed

Full Changelog: v4.0.5...v4.1.0

4.0.5

06 May 08:55
Compare
Choose a tag to compare

Maintenance release

Docs

  • Acknowledge tools for Rollup, Vite (via #363)

What's Changed

New Contributors

Full Changelog: v4.0.4...v4.0.5

4.0.4

28 Mar 09:20
Compare
Choose a tag to compare

Maintenance release

Docs

  • Acknowledge tools for yarn, esbuild, Rspack/Rsbuid, Svelte (via #359)

What's Changed

Full Changelog: v4.0.3...v4.0.4

4.0.3

16 Dec 12:27
Compare
Choose a tag to compare

Docs

4.0.2

21 Oct 12:06
Compare
Choose a tag to compare

Docs

  • Fixed some typos

4.0.1

21 Oct 07:53
Compare
Choose a tag to compare

Docs:

  • Describe the "Out of Scope" section (via #342)
  • Fixed some typos

4.0.0

21 Oct 06:56
Compare
Choose a tag to compare

⚠️ BREAKING CHANGES

This package became a so-called meta-package, it does no longer ship any own functionality, but it is a collection of dependencies. (via #321)

This package's dependencies are tools with one purpose in common: generate CycloneDX Software Bill-of-Materials (SBOM) from node-based projects.

  • for npm-based projects: @cyclonedx/cyclonedx-npm
  • for yarn-based projects: to be announced
  • for pnpm-based projects: to be announced

If you are looking for a JavaScript/TypeScript library for working with CycloneDX, its data models or serialization, then you might want to try @cyclonedx/cyclonedx-library.

Previous versions

This project used to be a tool-set and a library to work and generate CycloneDX Software Bill-of-Materials (SBOM) from npm and yarn based projects.
Since version 4.0, this was all split to individual projects, and this project changed to a bare meta-package.

Previous versions of this very package are still available via npmjs versions and github releases.

4.0.0-rc.1

21 Oct 06:43
Compare
Choose a tag to compare
4.0.0-rc.1 Pre-release
Pre-release
v4.0.0-rc.1

4.0.0-rc.1

3.10.6

05 Sep 08:19
Compare
Choose a tag to compare

Misc

  • Own in-code license text comments should no longer get stripped by downstream tooling. (#305 via #326)

3.10.4

08 Jul 20:35
Compare
Choose a tag to compare

Misc

  • CI: fixed SBOM gathering for the bundled application in the docker image.