Skip to content

v0.7.0
Compare
Choose a tag to compare
@anthonyharrison anthonyharrison released this 25 Mar 18:07
· 83 commits to main since this release
v0.7.0
0dae9bb

Updates in this release

New features

  • feat: Add debug support
  • feat: Add evidence element to package
  • feat: Add metadata property support
  • feat: Add Security policy
  • feat: Add set_cpe and set_purl methods
  • feat: Extract SBOM URN
  • feat: Add get_purl and get_cpe methods
  • feat: Introduce support for software services generation and parsing
  • feat: Linting
  • feat: Linting of example scripts
  • feat: Linting of test scripts
  • feat: Return version of SBOM
  • feat: Specify SPDX version via environment variable
  • feat: Update vulnerability generation and parsing
  • feat: Validate CPE vector string

Fixes

  • doc: update readme for SPDX version environment variable
  • fix: class SBOMPackage: add missing type declaration
  • fix: Add justification validation
  • fix: bom-ref optional for vulnerability
  • fix: File comment missed in SPDX JSON parser
  • fix: Handle CycloneDX legacy metadata tools interface
  • fix: Handle missing serialnumber in CycloneDX document
  • fix: License comments missing in CycloneDX
  • fix: typo in checksum validation
  • fix: typo in cyclonedx vulnerability generator
  • fix: typo in external reference validation
  • fix: typo in justification validation
  • Merge pull request #30 from sah-cdo/dev/update_type_list_according_to_cyclonedx_1_5
Assets 2
Loading