Skip to content

v1.2.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 22 Feb 12:01
· 452 commits to develop since this release
v1.2.0
a58c1f9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Installation

Cargo

cargo install uv-sbom

Python (PyPI)

pip install uv-sbom-bin

Pre-built Binaries

macOS (Apple Silicon):

curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v1.2.0/uv-sbom-aarch64-apple-darwin.tar.gz
tar xzf uv-sbom-aarch64-apple-darwin.tar.gz
sudo mv uv-sbom /usr/local/bin/

macOS (Intel):

curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v1.2.0/uv-sbom-x86_64-apple-darwin.tar.gz
tar xzf uv-sbom-x86_64-apple-darwin.tar.gz
sudo mv uv-sbom /usr/local/bin/

Linux (x86_64):

curl -LO https://github.com/Taketo-Yoda/uv-sbom/releases/download/v1.2.0/uv-sbom-x86_64-unknown-linux-gnu.tar.gz
tar xzf uv-sbom-x86_64-unknown-linux-gnu.tar.gz
sudo mv uv-sbom /usr/local/bin/

Windows:
Download the .zip file below and extract to your desired location.

Verify Installation

uv-sbom --version

See the README for full documentation.

What's Changed

  • chore(deps): bump the dependencies group with 4 updates by @dependabot[bot] in #226
  • feat(license): add license compliance policy check (--check-license) by @Taketo-Yoda in #227
  • refactor(application): implement SbomResponseBuilder pattern by @Taketo-Yoda in #233
  • feat(domain): add ResolutionEntry and IntroducedBy domain models by @Taketo-Yoda in #234
  • feat(domain): add ResolutionAnalyzer domain service by @Taketo-Yoda in #235
  • feat(application): add resolution guide view model and builder logic (#231) by @Taketo-Yoda in #236
  • feat(adapters): render resolution guide in Markdown and CycloneDX formatters by @Taketo-Yoda in #237
  • chore(deps): bump the dependencies group with 4 updates by @dependabot[bot] in #238
  • chore(deps): bump toml from 0.9.11+spec-1.1.0 to 1.0.1+spec-1.1.0 by @dependabot[bot] in #239
  • feat(cyclonedx): add component group field and SPDX license ID mapping by @Taketo-Yoda in #241
  • feat(cyclonedx): add package hashes from PyPI and metadata.component by @Taketo-Yoda in #242
  • docs: add license compliance and vulnerability resolution guide documentation by @Taketo-Yoda in #243
  • chore(release): prepare v1.2.0 by @Taketo-Yoda in #245
  • chore(deps): bump the dependencies group with 5 updates by @dependabot[bot] in #247
  • Release v1.2.0 by @Taketo-Yoda in #246

Full Changelog: v1.1.0...v1.2.0

Contributors

dependabot and Taketo-Yoda
Assets 6
Loading