Skip to content

Releases: CycloneDX/cyclonedx-javascript-library

1.14.0-rc.1

23 Apr 09:41
@github-actions github-actions
v1.14.0-rc.1
dc8599b
Compare
Choose a tag to compare
1.14.0-rc.1 Pre-release
Pre-release 
v1.14.0-rc.1

1.14.0-rc.1
Assets 2
Loading

1.14.0-rc.0

21 Apr 11:00
@github-actions github-actions
v1.14.0-rc.0
670c5d9
Compare
Choose a tag to compare
1.14.0-rc.0 Pre-release
Pre-release 
v1.14.0-rc.0

prerelease 1.14.0-rc.0
Assets 2
Loading

1.13.3

05 Apr 10:58
@github-actions github-actions
v1.13.3
4f010d5
Compare
Choose a tag to compare
1.13.3

Fixed

  • Serialize.{JSON,XML}.Normalize.LicenseNormalizer.normalizeIterable() now omits invalid license combinations (#602 via #623)
    If there is any Models.LicenseExpression, then this is the only license normalized; otherwise all licenses are normalized.

Docs

  • Fixed link to CycloneDX-specification in README (via #617)

Full Changelog: v1.13.2...v1.13.3

Assets 2
Loading

1.13.2

29 Mar 16:57
@github-actions github-actions
v1.13.2
18ffe35
Compare
Choose a tag to compare
1.13.2

Fixed

  • Builders.FromNodePackageJson.ComponentBuilder no longer cuts component's name after a slash(/) (#599 via #600)

Full Changelog: v1.13.1...v1.13.2

Assets 2
Loading

1.13.1

28 Mar 16:15
@github-actions github-actions
v1.13.1
74ce3a9
Compare
Choose a tag to compare
1.13.1

Docs

  • Announce and annotate the generator for BOM's SerialNumber (#588 via #598)

Full Changelog: v1.13.0...v1.13.1

Assets 2
Loading

1.13.0

28 Mar 13:52
@github-actions github-actions
v1.13.0
bfd5d7e
Compare
Choose a tag to compare
1.13.0

Fixed

  • "Bom.serialNumber" data model can have values following the alternative format allowed in CycloneDX XML specification (#588 via #597)
  • Serialize.{JSON,XML}.Normalize.BomNormalizer.normalize now omits invalid/unsupported values for serialNumber (#588 via #597)

Changed

  • Property Models.Bom.serialNumber is of type string, was type-aliased Types.UrnUuid = string (#588 via #597)
    Also, the setter no longer throws exceptions, since no string format is illegal.
    This is considered a non-breaking behavior change, because the corresponding normalizers assure valid data results.

Added

  • Published generator for BOM's SerialNumber: Utils.BomUtility.randomSerialNumber() (#588 via #597)
    The code was donated from cyclonedx-node-npm.

Deprecation

  • Type alias Types.UrnUuid = string became deprecated (via #597)
    Use type string instead.
  • Function Types.isUrnUuid became deprecated (via #597)

Full Changelog: v1.12.1...v1.13.0

Assets 2
Loading

1.12.2

28 Mar 03:03
@github-actions github-actions
v1.12.2
0d4423a
Compare
Choose a tag to compare
1.12.2

Fixed

  • Digesting this library in TypeScript build with ECMAScript module results works as expected, now (via #596)

Docs

  • Development-docs are no longer packed with releases (via #572)

Misc

  • Added more integration tests in CI (via #596)

Full Changelog: v1.12.1...v1.12.2

Assets 2
Loading

1.12.1

13 Mar 16:41
@github-actions github-actions
v1.12.1
1bb0aed
Compare
Choose a tag to compare
1.12.1

Maintenance release.

Full Changelog: v1.12.0...v1.12.1

Assets 2
Loading

1.12.0

02 Mar 10:58
@github-actions github-actions
v1.12.0
9367f5d
Compare
Choose a tag to compare
1.12.0

Docs

  • Made it clear, that {Builders,Factories}.{FromNodePackageJson,FromPackageJson}.* functionality is to be run on already normalized structures. (#517 via #518)
    Normalization should be done downstream, for example via normalize-package-data.

Full Changelog: v1.10.0...v1.12.0

Assets 2
Loading

1.11.0

02 Feb 13:38
@github-actions github-actions
v1.11.0
2a080b7
Compare
Choose a tag to compare
1.11.0

Added

  • New vulnerability-related enums were added in a new namespace Enums.Vulnerability (#164 via #419)
    Release stage is “beta”. These namespace and enums have been released to third-party developers experimentally for the purpose of collecting feedback. These enums should not be used in production, because their contracts may change without notice.
    • AffectStatus
    • AnalysisJustification
    • AnalysisResponse
    • AnalysisState
    • RatingMethod
    • Severity
  • New vulnerability-related models were added in a new namespace Models.Vulnerability (#164 via #419)
    Release stage is “beta”. These namespace and models have been released to third-party developers experimentally for the purpose of collecting feedback. These models should not be used in production, because their contracts may change without notice.
    Attention: The models are not yet supported by shipped serializers nor shipped normalizers.
    • Advisory, AdvisoryRepository
    • Affect, AffectRepository, AffectedSingleVersion, AffectedVersionRange, AffectedVersionRepository
    • Analysis
    • Credits
    • Rating, RatingRepository
    • Reference, ReferenceRepository
    • Source
    • Vulnerability, VulnerabilityRepository
  • New class Models.OrganizationalEntityRepository to represent a collection of Models.OrganizationalEntity (via #419)
    Additionally, Models.OrganizationalEntity.compare() was implemented.
  • New types and related functionality Common Weaknesses Enumerations (CWE) were added (via #419)
    Release stage is “beta”. These types, functions and classes have been released to third-party developers experimentally for the purpose of collecting feedback. These types, functions and classes should not be used in production, because their contracts may change without notice.
    • type Types.CWE
    • runtime validation Types.isCWE()
    • class Types.CweRepository

Docs

Build

  • Use TypeScript v4.9.5 now, was v4.9.4. (via #463)

Misc

  • Added tests for internal helpers (via #454)
  • Use eslint-config-standard-with-typescript@34.0.0 now, was 33.0.0 (via #460)

New Contributors

Full Changelog: v1.10.0...v1.11.0

Contributors

thepwagner
Assets 2
Loading