Workflow

Lib4sbom

Latest version: v0.8.2

Safety actively analyzes 722491 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 5

0.8.2

Updates in this release
New features
- feat: add evidence to SPDX SBOM
- feat: differentiate between release and build dates
- feat: extend support for checksum algorithms
- feat: updated license synonyms
Fixes
- chore: linting
- doc: Include SBOMParserException
- fix: cyclonedx handling of user defined component id
- fix: handle non ascii characters (fixes 62)
- Merge pull request 63 from ffontaine/fix-cyclonedx-set-id
- test: check synonyms against license list

0.8.1

Updates in this release
Fixes
- chore: bump version
- fix: Ensure consistency of reference category for Package-Manager
- fix: Handle None as licence expression (fixes 61)

0.8.0

Updates in this release
New features
- feat: add built date support for package component
- feat: add composition date item
- feat: handle custom vulnerability attributes (fixes 56)
- feat: include OTHER external references
- feat: raise user defined exception if parsing error (fixes 59)
- feat: update license test files(fixes 52)
- feat: validate external reference categories
Fixes
- chore: fix max line length
- chore: linting
- doc: Update README (fixes 54)
- fix: Allow empty license name in CycloneDX XML
- fix: BuiltDate should be ReleaseDate
- fix: Checksum algorithm validation
- fix: Ensure license list version is of format M.N
- fix: Handle file as source of relationship (fixes 50)
- fix: Handle multiple licenses (fixes 45)
- fix: Handle source of vulnerability
- fix: Handle zero length strings
- fix: Handling non-semantic versions

- Merge pull request 58 from raboof/allow-empty-license-name

0.7.5

Updates in this release
Fixes
- chore: bump version
- fix: Handle empty file
- fix: Improve handling of invalid JSON files
- fix: Naming of file comment
- fix: SPDX validation (fixes 51)

0.7.4

Updates in this release
Fixes
- fix: add debug to CycloneDX parser
- fix: license handling
- fix: support mixed case email addresses
- fix: typo in organization

0.7.3

Updates in this release
Fixes
- chore: bump version
- fix: SBOM spec version validation (fixes 48)
- fix: storage of uuid
- fix: Typo in checksumValue (fixes 47)

Page 1 of 5

Links

Releases

Has known vulnerabilities

Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.