Releases: CycloneDX/cyclonedx-core-java
Releases · CycloneDX/cyclonedx-core-java
cyclonedx-core-java-9.0.5
What's Changed
Enhancements 🚀
- Teach versions / generators about their supported file formats by @sschuberth in #445
- BOM string creation improvements by @sschuberth in #459
- Make Vulnerability objects comparable by value by @SaberStrat in #464
Bug Fixes 🐛
- Handle serialization of empty LicenseChoice correctly by @patveck in #441
- Fix missing offline mapping for
jsf-0.82.schema.json
by @nscuro in #469 - Fix
ObjectLocator
not working when BOM doesn't have ametadata.component
node by @nscuro in #456
Dependency Updates 🤖
- Bump com.networknt:json-schema-validator from 1.4.2 to 1.4.3 by @dependabot in #440
- Bump org.junit.jupiter:junit-jupiter-engine from 5.10.2 to 5.10.3 by @dependabot in #442
- Bump org.junit.jupiter:junit-jupiter-params from 5.10.2 to 5.10.3 by @dependabot in #443
- Bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #451
- Bump actions/download-artifact from 4.1.7 to 4.1.8 by @dependabot in #452
- Bump JamesIves/github-pages-deploy-action from 4.6.1 to 4.6.3 by @dependabot in #450
- Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.17.1 to 2.17.2 by @dependabot in #449
- Bump com.networknt:json-schema-validator from 1.4.3 to 1.5.0 by @dependabot in #448
- Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @dependabot in #453
- Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #444
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by @dependabot in #454
- Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #458
- Bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1 by @dependabot in #457
- Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @dependabot in #461
- Bump commons-codec:commons-codec from 1.17.0 to 1.17.1 by @dependabot in #460
- Bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #474
- Bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #473
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.0 to 2.8.1 by @dependabot in #472
- Bump github/codeql-action from 3.25.12 to 3.25.15 by @dependabot in #470
- Bump com.networknt:json-schema-validator from 1.5.0 to 1.5.1 by @dependabot in #467
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by @dependabot in #465
New Contributors
- @patveck made their first contribution in #441
- @SaberStrat made their first contribution in #464
Full Changelog: cyclonedx-core-java-9.0.4...cyclonedx-core-java-9.0.5
9.0.4
What's Changed
Enhancements 🚀
Bug Fixes 🐛
- Fix possible XXE during XML schema version detection by @mr-zepol in #434
- Fix path to
jacoco.xml
for PR coverage reporting by @nscuro in #433
Dependency Updates 🤖
- Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 by @dependabot in #435
- Bump com.networknt:json-schema-validator from 1.4.0 to 1.4.2 by @dependabot in #436
Full Changelog: cyclonedx-core-java-9.0.3...cyclonedx-core-java-9.0.4
cyclonedx-core-java-9.0.3
What's Changed
- Code Improvements by @mr-zepol in #376
- Add extensible types during license serialization by @mr-zepol in #414
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 by @dependabot in #417
- Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 by @dependabot in #415
- Add missing equals and hashCode by @mr-zepol in #419
- Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #420
- Fix Evidence Serialization by @mr-zepol in #423
- Improve De/Serializer by @mr-zepol in #421
- Add Missing Annotations to filter based on spec by @mr-zepol in #416
- External References and Metadata Validations by @mr-zepol in #426
- Add
CODEOWNERS
file by @nscuro in #425 - Serializer for Properties and Hashes for backwards compatibility by @mr-zepol in #428
- Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.0 by @dependabot in #429
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by @dependabot in #430
- CI pipeline improvements by @nscuro in #424
- Fix order of elements for generated SBOMs to match the specs by @mr-zepol in #431
Full Changelog: https://github.com/CycloneDX/cyclonedx-core-java/commits/cyclonedx-core-java-9.0.3