v0.10.4

Updates in this release

New features

• feat: add license exception handling

Fixes

• fix: handle orlater (fixes #88)
• fix: SPDX3 license with exception (fixes #89)
• fix: SPDX handling of OPERATING-SYSTEM for JSON (fixes #78)
• Merge pull request #91 from milica-todorovic/fix-operatingSystemJSONSerialization
• test: add license test suite

v0.10.3

Updates in this release

New features

• feat: handle user defined licences (SPDX3)

Fixes

• fix: handle noassertion as supplier
• fix: improved handling of licences (fixes #87)
• fix: improved handling package supplier (fixes #86)
• fix: remove debug
• Merge pull request #84 from nokia/spelling
• Merge pull request #85 from nokia/test-arguments
• Spelling; fix file suffix
• Test number of arguments: better comment

v0.10.2

Updates in this release

New features

• feat: allow jsonld file extension
• feat: preserve metadata during SBOM enrichment (fixes #83)
• feat: validate licence id during parsing
• feat: validate SPDX3 JSONLD files

Fixes

• chore: updated license synonyms
• doc: typo
• fix: CPE not for cryptograhic-assets
• fix: minor improvements for SPDX3 parsing
• fix: supress qualifier validation in PURL identifier
• fix typo in generator which prevents distribution to be set to something else than clear
• fix: update SPDX3 parser
• Merge pull request #81 from weichslgartner/main

v0.10.1

Updates in this release

Fixes

• fix: correct validation rules for PURLs (fixes #82)
• fix: reduced output for validation errors in spdx validation

v0.10.0

Updates in this release

New features

• feat: add PURL identifier validator
• feat: add PURL validation to parser and generators
• feat: add SPDX3 schema to validator
• feat: introduce Cyclonedx CBOMS
• feat: SPDX3 support
• feat: update examples

Fixes

• chore: bump version
• chore: linting
• chore: update licence list to 3.28
• doc: update README
• fix: correct licence list version format
• fix: CycloneDX fails to validate (fixes #79)
• fix: distribution constraints only for version 1.7
• fix: identify crypto properties which are only available in version 1.7
• fix: logic error in parsing crypto file
• fix: restrict format for SPDX3 generation to json
• fix: SPDX handling of OPERATING-SYSTEM (fixes #78)
• fix: update build to exclude tools directory
• fix: update test apps
• Merge pull request #77 from franred/franred/avoid-adding-test-into-package

v0.9.4

Updates in this release

Fixes

• fix: improved service component processing for CycloneDX

v0.9.3

Updates in this release

Fixes

• fix: convert sbom types between SPDX and CycloneDX
• fix: update licence list (fixes #76)

v0.9.2

Updates in this release

Fixes

• fix: distributionConstraints
• fix: default licence type (fixes #75)

v0.9.1

Updates in this release

Fixes

• doc: update suported Python version (fixes #72)
• fix: add SBOM validation debug
• fix: Invalid CycloneDX SHA algorithm specified (fixes #73)

v0.9.0

Updates in this release

New features

• feat: add support for CycloneDX 1.7
• feat: add support for parsing SPDX documents in in-toto statements

Fixes

• doc: update README
• fix: update SPDX validation