Skip to content

Releases: CycloneDX/cyclonedx-node-npm

1.19.3

15 Jul 13:01
Compare
Choose a tag to compare

Dependencies

  • Raised runtime dependency @cyclonedx/cyclonedx-library@^6.11.0, was @^6.6.0 (via #1205)
    This was done to incorporate non-breaking upstream changes and fixes.

Build

  • Use TypeScript v5.5.3 now, was v5.4.5 (via #1201)

What's Changed

Full Changelog: v1.19.2...v1.19.3

1.19.2

10 Jul 13:40
Compare
Choose a tag to compare

Fixed

  • CycloneDX externalReferences for vcs type (#1198 via #1202)
  • CycloneDX property cdx:npm:package:path's value on Windows systems (via #1203)

What's Changed

Full Changelog: v1.19.0...v1.19.2

1.19.0

01 Jun 15:23
Compare
Choose a tag to compare

Changed

  • Try to sanitize distribution URLs (via #1187, #1191)

Added

  • More debug output when it comes to package manifest loading (via #1189)

Misc

  • Added direct dependency hosted-git-info@^4||^5||^6||^7 (via #1191)
    This is also a transitive dependency via already existing direct dependency normalize-package-data.

What's Changed

Full Changelog: v1.18.0...v1.19.0

1.18.0

08 May 16:15
Compare
Choose a tag to compare

Added

  • Licenses acknowledgement might be populated (#1171 via #1183)

Misc

  • Raised dependency @cyclonedx/cyclonedx-library@^6.6.0, was @^6.5.0 (via #1183)

What's Changed

Full Changelog: v1.17.0...v1.18.0

1.17.0

23 Apr 11:30
Compare
Choose a tag to compare

Added support for CycloneDX Specification-1.6.

Changed

  • This tool explicitly supports CycloneDX Specification-1.6 now (via #1175)

Added

  • CLI switch --spec-version now supports value 1.6 to reflect CycloneDX Specification-1.6 (via #1175)
    Default value for that option is unchanged - still 1.4.

Build

  • Use TypeScript v5.4.5 now, was v5.4.2 (via #1167)

What's Changed

New Contributors

Full Changelog: v1.16.2...v1.17.0

1.16.2

19 Mar 11:11
Compare
Choose a tag to compare

Style

  • Applied latest code standards (via #1149)

Build

  • Use TypeScript v5.4.2 now, was v5.3.3 (via #1160)

What's Changed

Full Changelog: v1.16.1...v1.16.2

1.16.1

11 Jan 22:12
Compare
Choose a tag to compare
  • Fixed
    • Writing large results to buffered streams no longer drops data, but retries until success (via #1145)
  • Docs
    • Showcase programmatic CLI usage (#1142 via #1145)

What's Changed

Full Changelog: v1.16.0...v1.16.1

1.16.0

11 Dec 16:32
Compare
Choose a tag to compare

Change

  • If BOM result validation was explicitly requested and skipped, then a warning is shown (#1137 via #1138)
  • Log messages that explain program failures were set to "error" level (via #1138)

What's Changed

Full Changelog: v1.15.0...v1.16.0

1.15.0

10 Dec 15:29
Compare
Choose a tag to compare

Changed

  • Log output is less verbose, can be re-enabled via CLI switch --verbose (#158 via #1131)
    Warnings and errors are still displayed as before!
    This is considered a non-breaking change, since only informational logs and debug information is affected.
  • Hardened JSON imports (via #1132, #1135)

Added

  • CLI switch -v, --verbose to increase output verbosity (#158 via #1131)
    May be used multiple times, like -vvv.
  • More logs on info-level (via #1131)
  • More logs on debug-level (via #1131)

Build

  • Use TypeScript v5.3.3 now, was v5.3.2 (via #1133)

What's Changed

Full Changelog: v1.14.3...v1.15.0

1.14.3

01 Dec 16:07
Compare
Choose a tag to compare

Fixed

  • Added direct dependency packageurl-js as such (via #1122)

Docs

  • Fixed typos (via #1123)

Style

  • Applied latest code standards (via #1124)

Build

  • Use TypeScript v5.3.2 now, was v5.2.2 (via #1125)

What's Changed

Full Changelog: v1.14.2...v1.14.3