From 7415143fe9af48fafb4bd823cfd1dc1aaea9084e Mon Sep 17 00:00:00 2001
From: nscuro <nscuro@protonmail.com>
Date: Wed, 28 Sep 2022 23:54:03 +0200
Subject: [PATCH 1/3] feat: return error when parsing unknown spec versions

Signed-off-by: nscuro <nscuro@protonmail.com>
---
 cyclonedx.go      | 3 +++
 cyclonedx_json.go | 6 +++++-
 cyclonedx_xml.go  | 2 ++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/cyclonedx.go b/cyclonedx.go
index cca1f62..50d23cf 100644
--- a/cyclonedx.go
+++ b/cyclonedx.go
@@ -19,6 +19,7 @@ package cyclonedx
 
 import (
 	"encoding/xml"
+	"errors"
 	"fmt"
 	"regexp"
 )
@@ -29,6 +30,8 @@ const (
 	BOMFormat = "CycloneDX"
 )
 
+var ErrInvalidSpecVersion = errors.New("invalid specification version")
+
 type Advisory struct {
 	Title string `json:"title,omitempty" xml:"title,omitempty"`
 	URL   string `json:"url" xml:"url"`
diff --git a/cyclonedx_json.go b/cyclonedx_json.go
index 013578f..3d3e71f 100644
--- a/cyclonedx_json.go
+++ b/cyclonedx_json.go
@@ -17,7 +17,9 @@
 
 package cyclonedx
 
-import "encoding/json"
+import (
+	"encoding/json"
+)
 
 func (sv SpecVersion) MarshalJSON() ([]byte, error) {
 	return json.Marshal(sv.String())
@@ -41,6 +43,8 @@ func (sv *SpecVersion) UnmarshalJSON(bytes []byte) error {
 		*sv = SpecVersion1_3
 	case SpecVersion1_4.String():
 		*sv = SpecVersion1_4
+	default:
+		return ErrInvalidSpecVersion
 	}
 
 	return nil
diff --git a/cyclonedx_xml.go b/cyclonedx_xml.go
index 655e1bd..6431094 100644
--- a/cyclonedx_xml.go
+++ b/cyclonedx_xml.go
@@ -183,6 +183,8 @@ func (sv *SpecVersion) UnmarshalXML(d *xml.Decoder, start xml.StartElement) erro
 		*sv = SpecVersion1_3
 	case SpecVersion1_4.String():
 		*sv = SpecVersion1_4
+	default:
+		return ErrInvalidSpecVersion
 	}
 
 	return nil

From 8f8fadfe296ad32dd78f513cd7475e81ed85e200 Mon Sep 17 00:00:00 2001
From: nscuro <nscuro@protonmail.com>
Date: Wed, 28 Sep 2022 23:54:40 +0200
Subject: [PATCH 2/3] docs: fix cyclonedx-go version in compatibility matrix

Signed-off-by: nscuro <nscuro@protonmail.com>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5f39b93..c716f65 100644
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ Also, checkout the [`examples`](./example_test.go) to get an idea of how this li
 |:---------------------:|:---------------------:|:------------------------:|
 |       < v0.4.0        |         1.14+         |           1.2            |
 |       == v0.4.0       |         1.14+         |           1.3            |
-|       >= v0.5.0       |         1.15+         |           1.4            |
+|  >= v0.5.0, < v0.7.0  |         1.15+         |           1.4            |
 |       >= v0.7.0       |         1.17+         |         1.0-1.4          |
 
 We're aiming to support all [officially supported](https://golang.org/doc/devel/release.html#policy) Go versions, plus

From 124f2be91434d720dd5d3149d7ab04461405c207 Mon Sep 17 00:00:00 2001
From: nscuro <nscuro@protonmail.com>
Date: Wed, 28 Sep 2022 23:57:05 +0200
Subject: [PATCH 3/3] docs: fix typos

Signed-off-by: nscuro <nscuro@protonmail.com>
---
 copy.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/copy.go b/copy.go
index 55fe1bb..6dc9f4b 100644
--- a/copy.go
+++ b/copy.go
@@ -24,7 +24,7 @@ import (
 )
 
 // copy creates a deep copy of the BOM in a given destination.
-// Copying is currently done be encoding and decoding the BOM struct using the gop.
+// Copying is currently done by encoding and decoding the BOM struct using gob.
 // In the future we may choose to switch to a more efficient strategy,
 // and consider to export this API.
 func (b BOM) copy(dst *BOM) error {