Releases · CycloneDX/cyclonedx-webpack-plugin

05 Jul 13:08

github-actions

v3.7.0

960e119

3.7.0

Added support for CycloneDX Specification-1.5.

Changed

This tool supports CycloneDX Specification-1.5 now (#1001 via #1021)
This tool warns now, if SBOM generation is skipped due to an unsupported value for option specVersion (via #1021)
Previous behaviour was a silent skip.

Added

Option specVersion now supports value 1.5 to reflect CycloneDX Specification-1.5 (#1001 via #1021)
Default value for that option is unchanged - still 1.4.

Build

Use TypeScript v5.1.6 now, was v5.1.3 (via #1017)

Misc

Raised dependency @cyclonedx/cyclonedx-library@^3||^4, was @^2.0.0 (#1001 via #1021)

Full Changelog: v3.6.1...v3.7.0

Assets 2

16 Jun 11:08

github-actions

v3.6.1

bf44661

3.6.1

Maintenance release

Build

Use TypeScript v5.1.3 now, was v5.0.4 (via #934)
Disabled TypeScript compilerOption esModuleInterop (via #892)
Disabled TypeScript compilerOption allowSyntheticDefaultImports (via #892)

Misc

Improved internal type-compatibility to webpack (via #980)

Full Changelog: v3.6.0...v3.6.1

Assets 2

17 May 17:31

github-actions

v3.6.0

5ff8922

3.6.0

Changes

SPDX license expression detection improved (via #881)
Previously, some expressions were not properly detected, so they were marked as named-license in the SBOM results.
They should be marked as expression, now.

Misc

Raised dependency @cyclonedx/cyclonedx-library@^2.0.0, was @^1.14.0 (via #881)

Full Changelog: v3.5.0...v3.6.0

Assets 2

27 Apr 08:08

github-actions

v3.5.0

9846c89

3.5.0

Added

SBOM results might be validated (via #825)
This feature is enabled per default and can be controlled via the new option validateResults.
Validation is skipped, if requirements are not met. Requires transitive optional dependencies

Build

Use TypeScript v5.0.4 now, was v4.9.5. (via #790)

Full Changelog: v3.4.1...v3.5.0

Assets 2

31 Mar 11:16

github-actions

v3.4.1

7193e6f

3.4.1

Fixed:

If packages' metadata normalization fails, then this results no longer in an unhandled crash but causes a warning message (#745 via #754)

Misc

Packages' metadata normalization is less verbose (via #754)
If failed, then a warning is sent to webpack's log, now. No additional debug messages anymore.
As always, you can control the display of these messages via webpack stats.

Full Changelog: v3.3.1...v3.4.1

Assets 2

30 Mar 13:50

github-actions

v3.4.1-rc.1

a30e862

3.4.1-rc.1 Pre-release

Pre-release

Fixed:

If packages' metadata normalization
fails, then this results no longer in an unhandled crash but causes a warning message ([#745] via [#754])

install via

npm i -D @cyclonedx/webpack-plugin@3.4.1-rc.1
yarn add -D @cyclonedx/webpack-plugin@@3.4.1-rc.1

Full Changelog: v3.3.1...v3.4.1-rc.1

Assets 2

28 Mar 14:56

github-actions

v3.4.0

34bf478

3.4.0

Added

SBOM result might have serialNumber populated (#747 via #748)

Full Changelog: v3.3.1...v3.4.0

Assets 2

15 Mar 11:52

github-actions

v3.3.1

2f1cfe3

3.3.1

Maintenance release.

Full Changelog: v3.3.0...v3.3.1

Assets 2

02 Mar 13:47

github-actions

v3.3.0

6e12184

3.3.0

Changed

Detected node packages' metadata are now normalized, before translation to SBOM components happens. (#678 via #679)
This might increase the quality of SBOM results.

Full Changelog: v3.2.0...v3.3.0

Assets 2

16 Feb 20:20

github-actions

v3.2.0

3e97169

3.2.0

Added

SBOM result might have additional items in metadata.tools populated (#637 via #638)

Misc

Dropped outdated dependency read-pkg-up (#647 via #648)

Full Changelog: v3.1.4...v3.2.0

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Changed

Added

Build

Misc

Build

Misc

Changes

Misc

Added

Build

Fixed:

Misc

Fixed:

Added

Changed

Added

Misc

Releases: CycloneDX/cyclonedx-webpack-plugin

3.7.0

Changed

Added

Build

Misc

3.6.1

Build

Misc

3.6.0

Changes

Misc

3.5.0

Added

Build

3.4.1

Fixed:

Misc

3.4.1-rc.1

Fixed:

3.4.0

Added

3.3.1

3.3.0

Changed

3.2.0

Added

Misc