Cyclonedx-python-lib

Feature

* feat: Bump XML schemas to latest fix version for 1.2-1.4 - see:
https://github.com/CycloneDX/specification/issues/122

Signed-off-by: Paul Horton <phortonsonatype.com> ([`bd2e756`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd2e756de15c37b34d2866e8de521556420bd5d3))

* feat: bump JSON schemas to latest fix verison for 1.2 and 1.3 - see:
- https://github.com/CycloneDX/specification/issues/123
- https://github.com/CycloneDX/specification/issues/84
- https://github.com/CycloneDX/specification/issues/125

Signed-off-by: Paul Horton <phortonsonatype.com> ([`bd6a088`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bd6a088d51c995c0f08271f56aedb456c60c1a2e))

Unknown

* 2.2.0

Automatically generated by python-semantic-release ([`67ecfac`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/67ecfacc38817398319ac5d627f2b3a17fb45b3f))

* Merge pull request 207 from CycloneDX/feat/update-schemas

feat: Update CycloneDX Schemas to latest patch versions ([`2c55cb5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2c55cb51042694d48a2eccd8e505833196effb59))

* mark schema files as vendored

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`a9c3e77`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a9c3e77998e7c05af5ba097891cd05a8cdb89232))

* Merge pull request 191 from CycloneDX/feat/pre-commit-hooks

[DEV] Add pre-commit hooks ([`91ceeb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/91ceeb1fdafddf20af546d383a2fb16393977ef5))

Fix

* fix: prevent error if `version` not set

Signed-off-by: Paul Horton <phortonsonatype.com> ([`b9a84b5`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b9a84b5b39fe6cb1560764e86f8bd144f2a901e3))

Unknown

* 2.1.1

Automatically generated by python-semantic-release ([`f78d608`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f78d6081abc1a8adb80ef0c79a07c624ad9e3a5c))

* Merge pull request 194 from CycloneDX/fix/json-output-version-optional-bug-193

fix: `version` being optional in JSON output can raise error ([`6f7e09a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/6f7e09aa4d05a4a2dc60569732f6b2ae5582a154))

Feature

* feat: output errors are verbose

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`bfe8fb1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/bfe8fb18825251fd9f146458122aa06137ec27c0))

Fix

* fix: `version` being optional in JSON output can raise error

Signed-off-by: Paul Horton <phortonsonatype.com> ([`ba0c82f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba0c82fbde7ba47502c45caf4fa89e9e4381f482))

Unknown

* 2.1.0

Automatically generated by python-semantic-release ([`c58f8f8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c58f8f8456211fbeac79340b480063791c05f404))

* Merge pull request 198 from CycloneDX/verbose_outout_errors

fix: improved output errors - file/directory is now included ([`4618c62`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4618c62da54f90a67d89583d5339ef0532b7813a))

* updated to be more pythonic

Signed-off-by: Paul Horton <phortonsonatype.com> ([`a1bbf00`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a1bbf001ba9546c998062a0201d4e2562607749e))

* doc: added CONTRIBUTING to public docs
doc: included pre-commit hooks in CONTRIBUTING

Signed-off-by: Paul Horton <phortonsonatype.com> ([`f38215f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f38215f2b370e14f5629edff1ade97734b3a79cd))

* Merge pull request 182 from CycloneDX/sort-imports

style: sort imports ([`aa37e56`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/aa37e56964b35642e2bf92f336a767fba1914e2b))

Breaking

* feat: bump dependencies

BREAKING CHANGE: Adopt PEP-3102

BREAKING CHANGE: Optional Lists are now non-optional Sets

BREAKING CHANGE: Remove concept of DEFAULT schema version - replaced with LATEST schema version

BREAKING CHANGE: Added `BomRef` data type

Signed-off-by: Paul Horton <phortonsonatype.com> ([`da3f0ca`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/da3f0ca3e8b90b37301c03f889eb089bca649b09))

Feature

* feat: completed work on 155 (172)

fix: resolved 169 (part of 155)
feat: as part of solving 155, 147 has been implemented

Signed-off-by: Paul Horton <phortonsonatype.com> ([`a926b34`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a926b34c7facb8b3709936fe00b62a0b80338f31))

* feat: support complete model for `bom.metadata` (162)

* feat: support complete model for `bom.metadata`
fix: JSON comparison in unit tests was broken
chore: corrected some source license headers

Signed-off-by: Paul Horton <phortonsonatype.com> ([`2938a6c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2938a6c001a5b0b25477241d4ad6601030c55165))

* feat: support for `bom.externalReferences` in JSON and XML 124

Signed-off-by: Paul Horton <phortonsonatype.com> ([`1b733d7`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1b733d75a78e3757010a8049cab5c7d4656dc2a5))

* feat: Complete support for `bom.components` (155)

* fix: implemented correct `__hash__` methods in models (153)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`32c0139`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/32c01396251834c69a5b23c82a5554faf8447f61))

* feat: support services in XML BOMs
feat: support nested services in JSON and XML BOMs

Signed-off-by: Paul Horton <phortonsonatype.com> ([`9edf6c9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9edf6c940d20a44f5b99c557392a9fa4532b332e))

Fix

* fix: `license_url` not serialised in XML output 179 (180)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`f014d7c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/f014d7c4411de9ed5e9cb877878ae416d85b2d92))

* fix: `Component.bom_ref` is not Optional in our model implementation (in the schema it is) - we generate a UUID if `bom_ref` is not supplied explicitly

Signed-off-by: Paul Horton <phortonsonatype.com> ([`5c954d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/5c954d1e39ce8509ab36e6de7d521927ad3c997c))

* fix: temporary fix for `__hash__` of Component with `properties` 153

Signed-off-by: Paul Horton <phortonsonatype.com> ([`a51766d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a51766d202c3774003dd7cd8c115b2d9b3da1f50))

* fix: further fix for 150

Signed-off-by: Paul Horton <phortonsonatype.com> ([`1f55f3e`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f55f3edfeacfc515ef0b5e493c27dd6e14861d6))

* fix: regression introduced by first fix for 150

Signed-off-by: Paul Horton <phortonsonatype.com> ([`c09e396`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c09e396b98c484d1d3d509a5c41746133fe41276))

* fix: Components with no version (optional since 1.4) produce invalid BOM output in XML 150

Signed-off-by: Paul Horton <phortonsonatype.com> ([`70d25c8`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/70d25c8c162e05a5992761ccddbad617558346d1))

* fix: `expression` not supported in Component Licsnes for version 1.0

Signed-off-by: Paul Horton <phortonsonatype.com> ([`15b081b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/15b081bd1891566dbe00e18a8b21d3be87154f72))

Unknown

* 2.0.0

Automatically generated by python-semantic-release ([`a4af3dc`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a4af3dccbddf4ea91b277746d2305fadf6078ed8))

* Merge pull request 148 from CycloneDX/feat/add-bom-services ([`631e400`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/631e4009340f4466fb45f25bbf3ce7ffa4d8adca))

* Merge branch &39;main&39; into feat/add-bom-services ([`9a32351`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9a3235155bd04450c6e520ee6de04b2d6f2c5d0a))

* doc: added RTD badge to README

Signed-off-by: Paul Horton <phortonsonatype.com> ([`b20d9d1`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b20d9d1aceebfa8bae21250e6ae39234caffbb0e))

* implemented `__str__` for `BomRef`

Signed-off-by: Paul Horton <phortonsonatype.com> ([`670bde4`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/670bde47a8a60db764aa706797f1d8ed7cf2c227))

* Continuation of 170 - missed updating Vulnerability to use `BomRef` (175)

* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references

Signed-off-by: Paul Horton <phortonsonatype.com>

* updated Vulnerability to also use new `BomRef` model

Signed-off-by: Paul Horton <phortonsonatype.com> ([`0d82c01`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0d82c019afce3e4aefe56bff9607cfd60186c6b0))

* BREAKING CHANGE: added new model `BomRef` unlocking logic later to ensure uniquness and dependency references (174)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`d189f2c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/d189f2c16870deb683e62cd06a6072b008eab05d))

* BREAKING CHANGE: replaced concept of default schema version with latest supported 171 (173)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`020fcf0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/020fcf03ef3985dac82a38b8810d6d6cd301809c))

* BREAKING CHANGE: Updated default schema version to 1.4 from 1.3 (164)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`9b6ce4b`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/9b6ce4bd7b5a2a332e9f01f93db57b78f65af048))

* BREAKING CHANGE: update models to use `Set` rather than `List` (160)

* BREAKING CHANGE: update models to use `Set` and `Iterable` rather than `List[..]`
BREAKING CHANGE: update final models to use `property`
wip

Signed-off-by: Paul Horton <phortonsonatype.com> ([`142b8bf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/142b8bf4dbb2e61d131b7ca2ec332aac472ef3cd))

* removed unnecessary calls to `hash()` in `__hash__()` methods as pointed out by jkowalleck

Signed-off-by: Paul Horton <phortonsonatype.com> ([`0f1fd6d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0f1fd6dfdd41073cbdbb456cf019c7f2ed9e2175))

* BREAKING CHANGE: adopted PEP-3102 for model classes (158)

Signed-off-by: Paul Horton <phortonsonatype.com> ([`b3c8d9a`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b3c8d9a676190f20dfc4ab1b915c1e53c4ac5a82))

* doc: added page to docs to call out which parts of the specification this library supports

Signed-off-by: Paul Horton <phortonsonatype.com> ([`41a4be0`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41a4be0cedcd26b6645b6e3606cce8e3708c569f))

* attempt to resolve Lift finding

Signed-off-by: Paul Horton <phortonsonatype.com> ([`2090c08`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/2090c0868ca82c4b53c6ffc6f439c0d675147601))

* removed unused imports

Signed-off-by: Paul Horton <phortonsonatype.com> ([`a35d540`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/a35d540c97b898eb152f453003f46ce0e18b7ea6))

* WIP on `bom.services`

* WIP but a lil hand up for madpah

Signed-off-by: Jeffry Hesse <5544326+DarthHaterusers.noreply.github.com>

* chore: added missing license header

Signed-off-by: Paul Horton <phortonsonatype.com>

* No default values for required fields

* Add Services to BOM

* Typo fix

* aligned classes with standards, commented out Signature work for now, added first tests for Services

Signed-off-by: Paul Horton <phortonsonatype.com>

* addressed standards

Signed-off-by: Paul Horton <phortonsonatype.com>

* 1.2.0

Automatically generated by python-semantic-release

Signed-off-by: Paul Horton <phortonsonatype.com>

* feat: `bom-ref` for Component and Vulnerability default to a UUID (142)

* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value 141

Signed-off-by: Paul Horton <phortonsonatype.com>

* doc: updated documentation to reflect change

Signed-off-by: Paul Horton <phortonsonatype.com>

* patched other tests to support UUID for bom-ref

Signed-off-by: Paul Horton <phortonsonatype.com>

* better syntax

Signed-off-by: Paul Horton <phortonsonatype.com>

* 1.3.0

Automatically generated by python-semantic-release

Signed-off-by: Paul Horton <phortonsonatype.com>

* WIP but a lil hand up for madpah

Signed-off-by: Jeffry Hesse <5544326+DarthHaterusers.noreply.github.com>
Signed-off-by: Paul Horton <phortonsonatype.com>

* chore: added missing license header

Signed-off-by: Paul Horton <phortonsonatype.com>

* aligned classes with standards, commented out Signature work for now, added first tests for Services

Signed-off-by: Paul Horton <phortonsonatype.com>

* removed signature from this branch

Signed-off-by: Paul Horton <phortonsonatype.com>

* Add Services to BOM

* Typo fix

* addressed standards

Signed-off-by: Paul Horton <phortonsonatype.com>

* resolved typing issues from merge

Signed-off-by: Paul Horton <phortonsonatype.com>

* added a bunch more tests for JSON output

Signed-off-by: Paul Horton <phortonsonatype.com>

Co-authored-by: Paul Horton <phortonsonatype.com>
Co-authored-by: github-actions <actiongithub.com> ([`b45ff18`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/b45ff187056893c5fb294cbf9de854fd130bb7be))

Feature

* feat: `bom-ref` for Component and Vulnerability default to a UUID (142)

* feat: `bom-ref` for Component and Vulnerability default to a UUID if not supplied ensuring they have a unique value 141

Signed-off-by: Paul Horton <phortonsonatype.com>

* doc: updated documentation to reflect change

Signed-off-by: Paul Horton <phortonsonatype.com>

* patched other tests to support UUID for bom-ref

Signed-off-by: Paul Horton <phortonsonatype.com>

* better syntax

Signed-off-by: Paul Horton <phortonsonatype.com> ([`3953bb6`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3953bb676f423c325ca4d80f3fcee33ad042ad93))

Unknown

* 1.3.0

Automatically generated by python-semantic-release ([`4178181`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/41781819e2de8f650271e7de11d395fa43939f22))

Feature

* feat: add CPE to component (138)

* Added CPE to component

Setting CPE was missing for component, now it is possible to set CPE and output CPE for a component.

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Fixing problems with CPE addition

- Fixed styling errors
- Added reference to CPE Spec
- Adding CPE parameter as last parameter to not break arguments

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Again fixes for Style and CPE reference

Missing in the last commit

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Added CPE as argument before deprecated arguments

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Added testing for CPE addition and error fixing

- Added output tests for CPE in XML and JSON
- Fixes style error in components
- Fixes order for CPE output in XML (CPE has to come before PURL)

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Fixed output tests

CPE was still in the wrong position in one of the tests - fixed

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Fixed minor test fixtures issues

- cpe was still in wrong position in 1.2 JSON
- Indentation fixed in 1.4 JSON

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com>

* Fixed missing comma in JSON 1.2 test file

Signed-off-by: Jens Lucius <jens.luciusde.bosch.com> ([`269ee15`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/269ee155f203d5771c56edb92f7279466bf2012f))

Unknown

* 1.2.0

Automatically generated by python-semantic-release ([`97c215c`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/97c215cf0c4e8c315ed84cbcb92b22c6b7bcd8c2))