Skip to content

Releases: CycloneDX/cyclonedx-php-library

3.3.1

06 May 13:39
@github-actions github-actions
v3.3.1
cad0f92
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.3.1 Latest
Latest

Fixed

  • JSON validator allow arbitrary $schema value (#435 via #436)

What's Changed

  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.19 to 10.5.20 in /tools/phpunit by @dependabot in #430
  • ci: modernize artifact action by @jkowalleck in #431
  • chore: psalm php-version auto-detect by @jkowalleck in #433
  • tools(deps-dev): Update vimeo/psalm requirement from 5.23.1 to 5.24.0 in /tools/psalm by @dependabot in #432
  • style: typehint consts by @jkowalleck in #434
  • fix: json validation allow arbitrary $schema value by @jkowalleck in #436

Full Changelog: v3.3.0...v3.3.1

Contributors

jkowalleck and dependabot
Assets 2

3.3.0

26 Apr 14:53
@github-actions github-actions
v3.3.0
34fb57c
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.3.0

Changed

  • Classes \CycloneDX\Core\Serialization\{DOM,JSON}\Normalizers\LicenseNormalizer support license acknowledgement now (#428 via #429)

Added

  • Namespace \CycloneDX\Core\Enums
    • New enum: LicenseAcknowledgement (#428 via #429)
  • Namespace \CycloneDX\Core\Models\License
    • New methods LicenseExpression::{get,set}Acknowledgement() (#428 via #429)
    • New methods NamedLicense::{get,set}Acknowledgement() (#428 via #429)
    • New methods SpdxLicense::{get,set}Acknowledgement() (#428 via #429)

What's Changed

  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.17 to 10.5.19 in /tools/phpunit by @dependabot in #427
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.53.0 to 3.54.0 in /tools/php-cs-fixer by @dependabot in #426
  • feat: license acknowledgement by @jkowalleck in #429

Full Changelog: v3.2.0...v3.3.0

Contributors

jkowalleck and dependabot
Assets 2

3.2.0

10 Apr 12:58
@github-actions github-actions
v3.2.0
660d554
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
3.2.0

Added basic support for CycloneDX Specification-1.6.

Changed

  • Method \CycloneDX\Core\Spec\SpecFactory::makeForVersion() supports CycloneDX Specification-1.6 now (#421 via #422)
  • Classes \CycloneDX\Core\Serialization\{DOM,JSON}\Normalizers\* support CycloneDX Specification-1.6 now (#421 via #422)
  • Classes \CycloneDX\Core\Validation\Validators\* support CycloneDX Specification-1.6 now (#421 via #422)

Added

  • Namespace \CycloneDX\Core\Enums
    • Enum ComponentType got new cases (#421 via #422)
      New: CryptographicAsset
    • Enum ExternalReferenceType got new cases (#421 via #422)
      New: SourceDistribution, ElectronicSignature, DigitalSignature, RFC9116
  • Namespace \CycloneDX\Core\Spec
    • New method SpecFactory::make1dot6() to reflect CycloneDX Specification-1.6 (#421 via #422)
    • Enum Version got new case v1dot6 to reflect CycloneDX Specification-1.6 (#421 via #422)

Style

  • Applied latest PHP Coding Standards (via #415)

What's Changed

  • tools(deps-dev): Update infection/infection requirement from 0.27.10 to 0.27.11 in /tools/infection by @dependabot in #416
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.13 to 10.5.15 in /tools/phpunit by @dependabot in #417
  • tools(deps-dev): Update infection/infection requirement from 0.27.11 to 0.28.1 in /tools/infection by @dependabot in #418
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.15 to 10.5.16 in /tools/phpunit by @dependabot in #419
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.51.0 to 3.52.1 in /tools/php-cs-fixer by @dependabot in #415
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.16 to 10.5.17 in /tools/phpunit by @dependabot in #420
  • feat: add basic support for CycloneDX v1.6 by @jkowalleck in #422
  • chore: drop unused test data by @jkowalleck in #423
  • chore: prep v3.2.0 by @jkowalleck in #424
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.52.1 to 3.53.0 in /tools/php-cs-fixer by @dependabot in #425

Full Changelog: v3.1.2...v3.2.0

Contributors

jkowalleck and dependabot
Assets 2

3.1.2

18 Mar 17:05
@github-actions github-actions
v3.1.2
d52730d
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.1.2

Documentation

What's Changed

  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.9 to 10.5.10 in /tools/phpunit by @dependabot in #405
  • tools(deps-dev): Update vimeo/psalm requirement from 5.21.1 to 5.22.1 in /tools/psalm by @dependabot in #406
  • tools(deps-dev): Update vimeo/psalm requirement from 5.22.1 to 5.22.2 in /tools/psalm by @dependabot in #409
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.49.0 to 3.50.0 in /tools/php-cs-fixer by @dependabot in #408
  • tools(deps-dev): Update infection/infection requirement from 0.27.9 to 0.27.10 in /tools/infection by @dependabot in #407
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.10 to 10.5.11 in /tools/phpunit by @dependabot in #410
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.50.0 to 3.51.0 in /tools/php-cs-fixer by @dependabot in #411
  • docs: host rendered docs at readthedocs by @jkowalleck in #414
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.11 to 10.5.13 in /tools/phpunit by @dependabot in #413
  • tools(deps-dev): Update vimeo/psalm requirement from 5.22.2 to 5.23.1 in /tools/psalm by @dependabot in #412

Full Changelog: v3.1.1...v3.1.2

Contributors

jkowalleck and dependabot
Assets 2

3.1.1

05 Feb 11:48
@github-actions github-actions
v3.1.1
d30f707
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.1.1

Maintenance release.

What's Changed

  • tools(deps-dev): Update infection/infection requirement from 0.27.8 to 0.27.9 in /tools/infection by @dependabot in #385
  • tools(deps-dev): Update ergebnis/composer-normalize requirement from 2.39.0 to 2.40.0 in /tools/composer-normalize by @dependabot in #384
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.1 to 10.5.2 in /tools/phpunit by @dependabot in #383
  • tools(deps-dev): Update vimeo/psalm requirement from 5.16.0 to 5.17.0 in /tools/psalm by @dependabot in #382
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.40.0 to 3.41.0 in /tools/php-cs-fixer by @dependabot in #381
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.2 to 10.5.3 in /tools/phpunit by @dependabot in #386
  • tools(deps-dev): Update ergebnis/composer-normalize requirement from 2.40.0 to 2.41.1 in /tools/composer-normalize by @dependabot in #387
  • tools(deps-dev): Update phpmd/phpmd requirement from 2.14.1 to 2.15.0 in /tools/phpmd by @dependabot in #390
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.41.0 to 3.41.1 in /tools/php-cs-fixer by @dependabot in #391
  • tools(deps-dev): Update vimeo/psalm requirement from 5.17.0 to 5.18.0 in /tools/psalm by @dependabot in #392
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.3 to 10.5.5 in /tools/phpunit by @dependabot in #394
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.41.1 to 3.46.0 in /tools/php-cs-fixer by @dependabot in #395
  • tools(deps-dev): Update vimeo/psalm requirement from 5.18.0 to 5.19.0 in /tools/psalm by @dependabot in #396
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.5 to 10.5.8 in /tools/phpunit by @dependabot in #397
  • gh-actions(deps): Bump actions/cache from 3 to 4 by @dependabot in #400
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.46.0 to 3.48.0 in /tools/php-cs-fixer by @dependabot in #398
  • tools(deps-dev): Update vimeo/psalm requirement from 5.19.0 to 5.20.0 in /tools/psalm by @dependabot in #399
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.5.8 to 10.5.9 in /tools/phpunit by @dependabot in #401
  • tools(deps-dev): Update vimeo/psalm requirement from 5.20.0 to 5.21.1 in /tools/psalm by @dependabot in #404
  • tools(deps-dev): Update ergebnis/composer-normalize requirement from 2.41.1 to 2.42.0 in /tools/composer-normalize by @dependabot in #403
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.48.0 to 3.49.0 in /tools/php-cs-fixer by @dependabot in #402

Full Changelog: v3.1.0...v3.1.1

Contributors

dependabot
Assets 2

3.1.0

02 Dec 09:15
@github-actions github-actions
v3.1.0
3ce5e91
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.1.0

Added

  • Migration/fixup of URL(iri-reference) when normalizing to JSON (via #380)

What's Changed

  • feat: migrate urls when normalizing to JSON by @jkowalleck in #380
  • tools(deps-dev): Update icanhazstring/composer-unused requirement from 0.8.10 to 0.8.11 in /tools/composer-unused by @dependabot in #379
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.4.2 to 10.5.1 in /tools/phpunit by @dependabot in #378

Full Changelog: v3.0.2...v3.1.0

Contributors

jkowalleck and dependabot
Assets 2

3.0.2

27 Nov 10:52
@github-actions github-actions
v3.0.2
02d05eb
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.0.2

Misc

  • Officially support PHP 8.3 (via #265)
  • Integration tests compare against human-readable snapshots, for regression (via #371, #372)

What's Changed

  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.26.1 to 3.28.0 in /tools/php-cs-fixer by @dependabot in #356
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.3.4 to 10.3.5 in /tools/phpunit by @dependabot in #354
  • tools(deps-dev): Update maglnet/composer-require-checker requirement from 4.6.0 to 4.7.0 in /tools/composer-require-checker by @dependabot in #355
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.28.0 to 3.34.0 in /tools/php-cs-fixer by @dependabot in #357
  • tools(deps-dev): Update maglnet/composer-require-checker requirement from 4.7.0 to 4.7.1 in /tools/composer-require-checker by @dependabot in #358
  • tools(deps-dev): Update phpmd/phpmd requirement from 2.13.0 to 2.14.1 in /tools/phpmd by @dependabot in #359
  • Update CONTRIBUTING.md by @jkowalleck in #360
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.3.5 to 10.4.0 in /tools/phpunit by @dependabot in #361
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.34.0 to 3.34.1 in /tools/php-cs-fixer by @dependabot in #362
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.4.0 to 10.4.1 in /tools/phpunit by @dependabot in #363
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.34.1 to 3.35.1 in /tools/php-cs-fixer by @dependabot in #364
  • docs: add openSSF bestpractices link/badge by @jkowalleck in #365
  • ci: move coverage by @jkowalleck in #366
  • tools(deps-dev): Update phpunit/phpunit requirement from 10.4.1 to 10.4.2 in /tools/phpunit by @dependabot in #367
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.35.1 to 3.36.0 in /tools/php-cs-fixer by @dependabot in #368
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.36.0 to 3.37.1 in /tools/php-cs-fixer by @dependabot in #369
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.37.1 to 3.38.0 in /tools/php-cs-fixer by @dependabot in #370
  • tests: snapshots by @jkowalleck in #371
  • tests: dep tree tests by @jkowalleck in #372
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.38.0 to 3.38.2 in /tools/php-cs-fixer by @dependabot in #373
  • tools(deps-dev): Update vimeo/psalm requirement from 5.15.0 to 5.16.0 in /tools/psalm by @dependabot in #374
  • tools(deps-dev): Update friendsofphp/php-cs-fixer requirement from 3.38.2 to 3.39.1 in /tools/php-cs-fixer by @dependabot in #375
  • bump ergebnis/composer-normalize@2.28.3 -> @2.39.0 by @jkowalleck in #376
  • support php 8.3 by @jkowalleck in #265
  • tools(deps-dev): Update infection/infection requirement from 0.26.19 to 0.27.8 in /tools/infection by @dependabot in #377

Full Changelog: v3.0.1...v3.0.2

Contributors

jkowalleck and dependabot
Assets 2

3.0.1

16 Sep 16:53
@github-actions github-actions
v3.0.1
6819a28
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
3.0.1

Fixed

  • fixed a possible JSON schema validation issue regarding "version" property (via #352)

Full Changelog: v3.0.0...v3.0.1

Assets 2

3.0.0

27 Aug 16:18
@github-actions github-actions
v3.0.0
c2f0a54
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
3.0.0

BREAKING

  • Interface \CycloneDX\Core\Spec\Spec was removed from public API (#344 via #345)
    This is only a breaking change if you used this interface downstream; internal usage is non-breaking.
    This change was necessary, so that implementing more spec-features cause no breaking changes.

Style

  • Applied latest PHP Coding Standards (via #341)

Full Changelog: v2.3.0...v3.0.0

Assets 2

2.3.0

27 Jun 16:09
@github-actions github-actions
v2.3.0
94e5455
This commit was signed with the committer’s verified signature.
jkowalleck Jan Kowalleck
GPG key ID: 4099D653FB71069F
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.0

Added support for CycloneDX Specification-1.5.

  • Changed
    • Method \CycloneDX\Core\Spec\SpecFactory::makeForVersion() supports CycloneDX Specification-1.5 now (#193 via #255)
    • Classes \CycloneDX\Core\Serialization\{DOM,JSON}\Normalizers\* support CycloneDX Specification-1.5 now (#193 via #255)
    • Classes \CycloneDX\Core\Validation\Validators\* support CycloneDX Specification-1.5 now (#193 via #255)
  • Added
    • Namespace \CycloneDX\Core\Enums
      • Enum ComponentType got new cases (#193 via #255)
        New: Data, DeviceDriver, MachineLearningModel, Platform
      • Enum ExternalReferenceType got new cases (#193 via #255)
        New: AdversaryModel, Attestation, CertificationReport, CodifiedInfrastructure, ComponentAnalysisReport, Configuration, DistributionIntake, DynamicAnalysisReport, Evidence, ExploitabilityStatement, Formulation, Log, MaturityReport, ModelCard, POAM, PentestReport, QualityMetrics, RiskAssessment, RuntimeAnalysisReport, SecurityContact, StaticAnalysisReport, ThreatModel, VulnerabilityAssertion
    • Namespace \CycloneDX\Core\Spec
      • New method SpecFactory::make1dot5() to reflect CycloneDX Specification-1.5 (#193 via #255)
      • Enum Version got new case v1dot5 to reflect CycloneDX Specification-1.5 (#193 via #255)
  • Misc
    • Added functional and integration tests for CycloneDX Specification-1.5 (#193 via #255)
    • Fetched latest stable schema definition files for offline usage (via #255)

Full Changelog: v2.2.0...v2.3.0

Assets 2