Releases: CycloneDX/cyclonedx-webpack-plugin
Releases · CycloneDX/cyclonedx-webpack-plugin
3.7.0
Added support for CycloneDX Specification-1.5.
Changed
- This tool supports CycloneDX Specification-1.5 now (#1001 via #1021)
- This tool warns now, if SBOM generation is skipped due to an unsupported value for option
specVersion
(via #1021)
Previous behaviour was a silent skip.
Added
- Option
specVersion
now supports value1.5
to reflect CycloneDX Specification-1.5 (#1001 via #1021)
Default value for that option is unchanged - still1.4
.
Build
- Use TypeScript
v5.1.6
now, wasv5.1.3
(via #1017)
Misc
Full Changelog: v3.6.1...v3.7.0
3.6.1
Maintenance release
Build
- Use TypeScript
v5.1.3
now, wasv5.0.4
(via #934) - Disabled TypeScript compilerOption
esModuleInterop
(via #892) - Disabled TypeScript compilerOption
allowSyntheticDefaultImports
(via #892)
Misc
- Improved internal type-compatibility to webpack (via #980)
Full Changelog: v3.6.0...v3.6.1
3.6.0
Changes
- SPDX license expression detection improved (via #881)
Previously, some expressions were not properly detected, so they were marked as named-license in the SBOM results.
They should be marked as expression, now.
Misc
- Raised dependency
@cyclonedx/cyclonedx-library@^2.0.0
, was@^1.14.0
(via #881)
Full Changelog: v3.5.0...v3.6.0
3.5.0
Added
- SBOM results might be validated (via #825)
This feature is enabled per default and can be controlled via the new optionvalidateResults
.
Validation is skipped, if requirements are not met. Requires transitive optional dependencies
Build
- Use TypeScript
v5.0.4
now, wasv4.9.5
. (via #790)
Full Changelog: v3.4.1...v3.5.0
3.4.1
Fixed:
- If packages' metadata normalization fails, then this results no longer in an unhandled crash but causes a warning message (#745 via #754)
Misc
- Packages' metadata normalization is less verbose (via #754)
If failed, then a warning is sent to webpack's log, now. No additional debug messages anymore.
As always, you can control the display of these messages via webpack stats.
Full Changelog: v3.3.1...v3.4.1
3.4.1-rc.1
Fixed:
- If packages' metadata normalization
fails, then this results no longer in an unhandled crash but causes a warning message ([#745] via [#754])
install via
npm i -D @cyclonedx/webpack-plugin@3.4.1-rc.1
yarn add -D @cyclonedx/webpack-plugin@@3.4.1-rc.1
Full Changelog: v3.3.1...v3.4.1-rc.1
3.4.0
3.3.1
3.3.0
Changed
- Detected node packages' metadata are now normalized, before translation to SBOM components happens. (#678 via #679)
This might increase the quality of SBOM results.
Full Changelog: v3.2.0...v3.3.0