Releases: CycloneDX/cyclonedx-node-npm
Releases · CycloneDX/cyclonedx-node-npm
1.19.3
Dependencies
- Raised runtime dependency
@cyclonedx/cyclonedx-library@^6.11.0
, was@^6.6.0
(via #1205)
This was done to incorporate non-breaking upstream changes and fixes.
Build
- Use TypeScript
v5.5.3
now, wasv5.4.5
(via #1201)
What's Changed
- Raised runtime dependency
@cyclonedx/cyclonedx-library@^6.11.0
by @jkowalleck in #1205 - chore(deps): bum
[email protected]
by @jkowalleck in #1206 - chore(deps-dev): bump typescript from 5.4.5 to 5.5.3 in the typescript group across 1 directory by @dependabot in #1201
Full Changelog: v1.19.2...v1.19.3
1.19.2
Fixed
- CycloneDX
externalReference
s forvcs
type (#1198 via #1202) - CycloneDX property
cdx:npm:package:path
's value on Windows systems (via #1203)
What's Changed
- tests: tests are less noisy by @jkowalleck in #1194
- tests: more tests by @jkowalleck in #1195
- fix: path property on windows by @jkowalleck in #1203
- fix: vcs url git ssh by @jkowalleck in #1202
Full Changelog: v1.19.0...v1.19.2
1.19.0
Changed
Added
- More debug output when it comes to package manifest loading (via #1189)
Misc
- Added direct dependency
hosted-git-info@^4||^5||^6||^7
(via #1191)
This is also a transitive dependency via already existing direct dependencynormalize-package-data
.
What's Changed
- test: alternative package registry by @jkowalleck in #1186
- feat: try sanitize dist urls by @jkowalleck in #1187
- feat: more debug when loading package manifests by @jkowalleck in #1189
- feat: git url sanitation by @jkowalleck in #1191
Full Changelog: v1.18.0...v1.19.0
1.18.0
Added
Misc
- Raised dependency
@cyclonedx/cyclonedx-library@^6.6.0
, was@^6.5.0
(via #1183)
What's Changed
- chore(ci): fix macos runners by @jkowalleck in #1176
- ci: modernize artifact action by @jkowalleck in #1178
- ci: use node22 by @jkowalleck in #1179
- chore: reduce duplicate test beds by @jkowalleck in #1181
- feat: license acknowledgement by @jkowalleck in #1183
Full Changelog: v1.17.0...v1.18.0
1.17.0
Added support for CycloneDX Specification-1.6.
Changed
- This tool explicitly supports CycloneDX Specification-1.6 now (via #1175)
Added
- CLI switch
--spec-version
now supports value1.6
to reflect CycloneDX Specification-1.6 (via #1175)
Default value for that option is unchanged - still1.4
.
Build
- Use TypeScript
v5.4.5
now, wasv5.4.2
(via #1167)
What's Changed
- docs: add CycloneDX 1.6 to README by @XSpielinbox in #1174
- feat: explicitely support CycloneDX 1.6 by @jkowalleck in #1175
- chore(deps-dev): bump typescript from 5.4.2 to 5.4.5 in the typescript group by @dependabot in #1167
New Contributors
- @XSpielinbox made their first contribution in #1174
Full Changelog: v1.16.2...v1.17.0
1.16.2
Style
- Applied latest code standards (via #1149)
Build
- Use TypeScript
v5.4.2
now, wasv5.3.3
(via #1160)
What's Changed
- refactor: fix typescript-eslint annotations by @jkowalleck in #1146
- chore(deps-dev): bump the eslint group with 2 updates by @dependabot in #1149
- chore(deps-dev): bump the eslint group with 2 updates by @dependabot in #1152
- chore(deps-dev): bump the eslint group with 2 updates by @dependabot in #1157
- tests: run with latest CDX spec-version by @jkowalleck in #1158
- chore(deps): bump softprops/action-gh-release from 1 to 2 by @dependabot in #1159
- chore(deps-dev): bump the typescript group with 1 update by @dependabot in #1160
Full Changelog: v1.16.1...v1.16.2
1.16.1
- Fixed
- Writing large results to buffered streams no longer drops data, but retries until success (via #1145)
- Docs
What's Changed
- chore(deps-dev): bump the eslint group with 2 updates by @dependabot in #1139
- fix: large results on small streams by @jkowalleck in #1145
Full Changelog: v1.16.0...v1.16.1
1.16.0
Change
- If BOM result validation was explicitly requested and skipped, then a warning is shown (#1137 via #1138)
- Log messages that explain program failures were set to "error" level (via #1138)
What's Changed
- Escalate various log messages by @jkowalleck in #1138
Full Changelog: v1.15.0...v1.16.0
1.15.0
Changed
- Log output is less verbose, can be re-enabled via CLI switch
--verbose
(#158 via #1131)
Warnings and errors are still displayed as before!
This is considered a non-breaking change, since only informational logs and debug information is affected. - Hardened JSON imports (via #1132, #1135)
Added
- CLI switch
-v, --verbose
to increase output verbosity (#158 via #1131)
May be used multiple times, like-vvv
. - More logs on info-level (via #1131)
- More logs on debug-level (via #1131)
Build
- Use TypeScript
v5.3.3
now, wasv5.3.2
(via #1133)
What's Changed
- chore(deps-dev): bump the eslint group with 1 update by @dependabot in #1128
- ci: test more node versions by @jkowalleck in #1130
- feat: hardened JSON imports by @jkowalleck in #1132
- feat: more logs & configurable log level by @jkowalleck in #1131
- chore(deps-dev): bump the typescript group with 1 update by @dependabot in #1133
- hardened JSON imports by @jkowalleck in #1135
- refactor & bump
[email protected]
by @jkowalleck in #1136
Full Changelog: v1.14.3...v1.15.0
1.14.3
Fixed
- Added direct dependency
packageurl-js
as such (via #1122)
Docs
- Fixed typos (via #1123)
Style
- Applied latest code standards (via #1124)
Build
- Use TypeScript
v5.3.2
now, wasv5.2.2
(via #1125)
What's Changed
- fix: excplicitely require direct dependency
packageurl-js
by @jkowalleck in #1122 - docs: fix typos by @jkowalleck in #1123
- chore(deps-dev): bump the eslint group with 2 updates by @dependabot in #1124
- chore(deps-dev): bump the typescript group with 1 update by @dependabot in #1125
Full Changelog: v1.14.2...v1.14.3