v9.0.2

v9.0.2 (2025-02-26)

maintenance release

---

Full Changelog: v9.0.0...v9.0.2

v9.0.0

v9.0.0 (2025-02-26)

BREAKING Changes

• Fix: model.vulnerability.VulnerabilityReference's properties are all mandatory (#790 via #792)
• Refactor: Rename spdx.is_compund_expression -> spdx.is_expression (#779)
• Behavior: BomRef affects comparison/hashing (#754 & #780)
  This is only a breaking change if you relied on ordering of elements.
• Behavior: streamline comparison/hashing functions (#755)
  This is only a breaking change if you relied on ordering of elements.
• Dependency: bump dependency py-serializable >=2 <3, was >=1.1.1 <2 (#775)
  This is only a breaking change if you have other packages depend on that specific version.

---

What's Changed

• feat!: 9.0.1 by @jkowalleck & @wkoot in #777

Full Changelog: v8.9.0...v9.0.0

v8.9.0

v8.9.0 (2025-02-25)

Documentation

• docs: extended instructions for "contributing" (#783)

Feature

• feat: avoid raising NoPropertiesProvidedException for optional parameters (#786)

the following classes' init no longer raise NoPropertiesProvidedException:

• cyclonedx.model.IdentifiableAction
• cyclonedx.model.component.Commit
• cyclonedx.model.component.ComponentEvidence
• cyclonedx.model.component.Diff
• cyclonedx.model.component.Pedigree
• cyclonedx.model.issue.IssueTypeSource
• cyclonedx.model.vulnerability.VulnerabilityAnalysis
• cyclonedx.model.vulnerability.VulnerabilityCredits
• cyclonedx.model.vulnerability.VulnerabilityRating
• cyclonedx.model.vulnerability.VulnerabilitySource

---

What's Changed

• docs: extended instructions for "contributing" by @jkowalleck in #783
• chore(deps-dev): update flake8 requirement from 7.1.1 to 7.1.2 by @dependabot in #788
• feat: avoid raising NoPropertiesProvidedException for optional parameters by @indiVar0508 in #786

Full Changelog: v8.8.0...v8.9.0

v9.0.1-rc.1

v9.0.1-rc.1 (2025-02-13)

BREAKING Changes

• Rename spdx.is_compund_expression -> spdx.is_expression (#779)
• BomRef affects comparison/hashing (#754 & #780)
  This is only a breaking change if you relied on ordering of elements.
• Streamline comparison/hashing functions (#755)
  This is only a breaking change if you relied on ordering of elements.
• Bumped dependency py-serializable >=2 <3, was >=1.1.1 <2 (#775)
  This is only a breaking change if you have other packages depend on that specific version.

---

What's Changed

• feat: add cyclonedx.model.crypto.ProtocolProperties.crypto_refs by @indiVar0508 in #767
• tests: simplify tests for crypto_refs by @jkowalleck in #778
• refactor: streamline hash compare 2 by @jkowalleck in #780
• refactor: rename spdx.is_compund_expression -> spdx.is_expression by @jkowalleck in #779
• tests: revisit spdx.is_expression() by @jkowalleck in #782

New Contributors

• @indiVar0508 made their first contribution in #767

Full Changelog: v9.0.0-rc.1...v9.0.1-rc.1

v9.0.0-rc.1

v9.0.0-rc.1 (2025-02-12)

see #777

BREAKING Changes

• BomRef affect equality/comparison (#754)
• Streamline comparison/hashing functions (#755)
• Bumped dependency py-serializable >=2 <3, was >=1.1.1 <2 (#775)

---

What's Changed

• refactor!: streamline comparison/hashing functions by @jkowalleck in #755
• chore(deps)!: py-serializable==^1.1.1 -> ^2.0.0 by @jkowalleck in #775
• feat!: BomRef affect equality/comparisson by @jkowalleck in #754

Full Changelog: v8.7.0...v9.0.0-rc.1

v8.8.0

v8.8.0 (2025-02-12)

Feature

• feat: add cyclonedx.model.crypto.ProtocolProperties.crypto_refs (#767)

---

What's Changed

• feat: add cyclonedx.model.crypto.ProtocolProperties.crypto_refs by @indiVar0508 in #767
• tests: simplify tests for crypto_refs by @jkowalleck in #778

New Contributors

• @indiVar0508 made their first contribution in #767

Full Changelog: v8.7.0...v8.8.0

v8.7.0

v8.7.0 (2025-02-06)

Feature

• feat: allow empty OrganizationalContact object (#772)

---

What's Changed

• feat: allow empty OrganizationalContact object by @Churro in #772

Full Changelog: v8.6.0...v8.7.0

v8.6.0

v8.6.0 (2025-02-04)

Feature

• feat: expand the capabilities of models.definition.Standard (#713)
• feat: allow empty OrganizationalEntity object (#768)

---

What's Changed

• feat: allow empty OrganizationalEntity object by @Churro in #768
• chore: tools shebang by @jkowalleck in #770
• feat: add extended support for Definitions by @hakandilek in #713

Full Changelog: v8.5.1...v8.6.0

v8.5.1

v8.5.1 (2025-01-28)

Documentation

• docs: responsibilities & capabilities (#763)
• docs: Fix typos in conda-forge.md and remove unused reference in README (#762)
• docs: modernize docstrings for CDX1.6 (#759)

Feature

• feat: couple classes and their serializes (#757)
  Deprecates .serialization.BomRefHelper and .serialization.LicenseRepositoryHelper.
  (stealth-release of this feature, as it is almost only used internally)

---

What's Changed

• chore(deps-dev): update tomli requirement from 2.1.0 to 2.2.1 by @dependabot in #744
• chore(deps-dev): update flake8-bugbear requirement from 24.10.31 to 24.12.12 by @dependabot in #748
• chore(deps-dev): update mypy requirement from 1.13.0 to 1.14.1 by @dependabot in #751
• docs: modernize docstrings for CDX1.6 by @jkowalleck in #759
• feat: couple classes and their serializes by @jkowalleck in #757
• chore(deps-dev): update tox requirement from 4.23.2 to 4.24.1 by @dependabot in #761
• docs: Fix typos in in conda-forge.md and remove unused reference in README by @bact in #762
• docs: responsibilities & capabilities by @jkowalleck in #763

New Contributors

• @bact made their first contribution in #762

Full Changelog: v8.5.0...v8.5.1

v8.5.0

v8.5.0 (2024-11-18)

Documentation

• docs: remove invalid docsting note about auto-assigned bom-ref values (#733) (5aa5787)

Feature

• feat: support CycloneDX 1.6.1 (#742)

---

What's Changed

• docs: remove invalid docsting note about auto-assigned bom-ref values by @jkowalleck in #733
• chore(deps-dev): update flake8-bugbear requirement from 24.8.19 to 24.10.31 by @dependabot in #734
• chore(deps-dev): update tomli requirement from 2.0.2 to 2.1.0 by @dependabot in #739
• feat: support CycloneDX 1.6.1 by @jkowalleck in #742

Full Changelog: v8.4.0...v8.5.0