Skip to content

Releases: CycloneDX/cyclonedx-node-module

3.10.2

08 Jul 19:36
@github-actions github-actions
v3.10.2
5ba253e
Compare
Choose a tag to compare
3.10.2

Misc

  • Simplified the docker image. (via #316)
Assets 4
Loading

3.10.1

22 Jun 07:31
@github-actions github-actions
v3.10.1
d1e76a9
Compare
Choose a tag to compare
3.10.1

Fixed

  • Component.compare() no longer raises an exception when only one of both has a purl. (#308 via #313)
Assets 4
Loading

3.10.0

15 Jun 21:18
@github-actions github-actions
v3.10.0
f5a7c1b
Compare
Choose a tag to compare
3.10.0

Added

  • Consider optional element "comment" when serializing ExternalReference (via #312)
Assets 4
Loading

3.9.0

06 May 11:13
@github-actions github-actions
v3.9.0
9808074
Compare
Choose a tag to compare
3.9.0

Added

  • Dependency graph is built and emitted. (#61 via #296)
Assets 4
Loading

3.8.1

05 May 17:57
@github-actions github-actions
v3.8.1
ed75743
Compare
Choose a tag to compare
3.8.1

Fixed

  • Added missing handling of Dependency when environment variable BOM_REPRODUCIBLE is present. (via #297)

Misc:

  • Worked packaging from whitelist to blacklist to add files, like NOTICE. (via #289)
Assets 4
Loading

3.8.0

24 Apr 13:54
@github-actions github-actions
v3.8.0
fe6309f
Compare
Choose a tag to compare
3.8.0

Added

  • Environment variable BOM_REPRODUCIBLE causes bom result to be more consistent
    over multiple runs by omitting time/rand-based values, and sorting lists. (via #288)
  • Method Component.compare() compares self by purl or group/name/version. (via #288)
  • Method ExternalReference.compare() compares self by type/url. (via #288)
  • Method Hash.compare() compares self by algorithm/value. (via #288)
  • JSDoc for ExternalReference, ExternalReferenceList, Hash, HashList. (via #288)

Fixed

  • ExternalReference.url is now correctly treated as mandatory. (via #288)
  • Hash.value is now correctly treated as mandatory. (via #288)
  • ExternalReferenceList.isEligibleHomepage now returns the correct result, was inverted. (via #288)

Changed

  • Private properties of ExternalReference, ExternalReferenceList, Hash, HashList
    became inaccessible. (#233 via #288)

Misc: Dependencies

  • Bump jest-junit from 13.1.0 to 13.2.0 (via #287)
Assets 4
Loading

3.7.0

13 Apr 20:30
@github-actions github-actions
v3.7.0
9783752
Compare
Choose a tag to compare
3.7.0

Added

  • Added support for yarn.lock file. (#238 via #282)

Misc: Dependencies

  • Bump @xmldom/xmldom from 0.7.5 to 0.8.2 (via #279)
  • Bump packageurl-js from 0.0.5 to 0.0.6 (via #276)
Assets 4
Loading

3.6.0

09 Mar 07:34
@github-actions github-actions
v3.6.0
055f25f
Compare
Choose a tag to compare
3.6.0

Changed

  • Updated available set of SPDX license. (via c837ada)

Tests

  • Reduced code duplication and made integration tests more consistent. (via #271)
Assets 4
Loading

3.5.0

03 Mar 17:56
@github-actions github-actions
v3.5.0
60310fe
Compare
Choose a tag to compare
3.5.0

Changed

  • If 'homepage' property is solely a period, then omit 'website' entry from the externalReferences array. (#263 via #264)

Documentation

  • Examples use the preferred call via cyclonedx-node, instead of the fallback cyclonedx-bom. (via #258)
    This is a follow-up of [#193].

Tests

  • Moved integration tests to a dedicated space and updated documentation for it. (via #260)
Assets 4
Loading

3.4.1

11 Feb 15:32
@github-actions github-actions
v3.4.1
9041f0f
Compare
Choose a tag to compare
3.4.1

Fixed

  • root-packages without a name no longer cause unexpected crashes (#252 via #253)
Assets 4
Loading