Workflow

Cyclonedx-python-lib

Latest version: v9.1.0

Safety actively analyzes 723144 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 9 of 19

4.2.0

Feature

* feat: complete SPDX license expression (425)

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`e06f9fd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/e06f9fd2c30e8976766f326ff216103d2560cb9a))

4.1.0

Documentation

* docs(examples): showcase shorthand dependency management (403)

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`8b32efb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8b32efb322a3281d58e9f980bb9001b112aa944a))

Feature

* feat: programmatic access to library&39;s version (417)

adds `cyclonedx.__version__`

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`3585ea9`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/3585ea9911ae521e86793ef18f5891289fb0b604))

4.0.1

Documentation

* docs(examples): README (399)

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`1d262ba`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1d262ba57eab0d61b947fc293fc59c6234f19647))

* docs: add exaple how to build and serialize (397)

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`65e22bd`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/65e22bdc6a1a3fc02a6282146bc8fbc17ddb32fa))

Fix

* fix: conditional warning if no root dependencies were found (398)



Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`c8175bb`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/c8175bb6aebac7f129d42d7a5a0ae928212c20cb))

Unknown

* 4.0.1

Automatically generated by python-semantic-release ([`4a72f51`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/4a72f515ad7b5e46a07f31bea18a94b162e87715))

* Add missing space in warning message. (364)



Signed-off-by: Michael Schlenker <michael.schlenkercontact-software.com>
Co-authored-by: Michael Schlenker <michael.schlenkercontact-software.com> ([`dad0d28`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/dad0d28ceb7381d1b503e5b29776fc01513f8b04))

4.0.0

Breaking

* feat: Release 4.0.0 341)

Highlights of this release include:
* Support for De-serialization from JSON and XML to this Pythonic Model
* Deprecation of Python 3.6 support
* Support for Python 3.11
* Support for `BomLink`
* Support VEX without needing `Component` in the same `Bom`
* Support for `services` having `dependencies`

BREAKING CHANGE: Large portions of this library have been re-written for this release and many methods and contracts have changed.

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* feat: support VEX without Components in the same BOM

BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* feat: support VEX without Components in the same BOM

BREAKING CHANGE: Model classes changed to relocated Vulnerability at Bom, not at Component

Signed-off-by: Paul Horton <paul.hortonowasp.org>

feat: allow `version` of BOM to be defined

feat: allow `serial_number` of BOM to be prescribed

feat: add helper method to get URN for a BOM according to https://www.iana.org/assignments/urn-formal/cdx
Signed-off-by: Paul Horton <paul.hortonowasp.org>

* chore: fix release workflow

* chore: editorconfig

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>

* feat: support for deserialization from JSON and XML (290)

BREAKING CHANGE:

* feat: drop Python 3.6 support

Signed-off-by: Hakan Dilek <hakandilekgmail.com>
Signed-off-by: Paul Horton <paul.hortonowasp.org>
Co-authored-by: Hakan Dilek <hakandilekgmail.com>
Co-authored-by: Hakan Dilek <hakandilekusers.noreply.github.com>

* fix: update `serializable` to include XML safety changes

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* feat: Support for Python 3.11 (349)

* feat: officially test and support Python 3.11

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* removed unused imports

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* bump `poetry` to `1.1.12` in CI

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* fix: remove `toml` as dependency as not used and seems to be breaking Python 3.11 CI

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* fix: removed `types-toml` from dependencies - not used

Signed-off-by: Paul Horton <paul.hortonowasp.org>

---------

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* fix: removed `autopep8` in favour of `flake8` as both have conflicting dependencies now

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* chore: bump dev dependencies

fix: removed `setuptools` as dependency
Signed-off-by: Paul Horton <paul.hortonowasp.org>

* tests: compoennt versions optional (350)

* chore: exclude `venv*` from QA; add typing to QA

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>

* tests: component versions are optional

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>

---------

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>

* doc: doc updates for new deserialization feature

Signed-off-by: Paul Horton <paul.hortonowasp.org>

* doc: doc updates for contribution

Signed-off-by: Paul Horton <paul.hortonowasp.org>

---------

Signed-off-by: Paul Horton <paul.hortonowasp.org>
Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>
Signed-off-by: Hakan Dilek <hakandilekgmail.com>
Co-authored-by: Jan Kowalleck <jan.kowalleckgmail.com>
Co-authored-by: Hakan Dilek <hakandilekgmail.com>
Co-authored-by: Hakan Dilek <hakandilekusers.noreply.github.com> ([`8fb1b14`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/8fb1b14f5e04e85f21e654c44fa6b9b774867757))

Unknown

* 4.0.0

Automatically generated by python-semantic-release ([`40fbfda`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/40fbfda428cfa71b16fd6e5e8d5f49cea4b5438b))

3.1.5

Fix

* fix: mak test&39;s schema paths relative to `cyclonedx` package (338)

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com>

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`1f0c05f`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/1f0c05fe2b2a22bc84a1a437dd59390f2ceaf986))

Unknown

* 3.1.5

Automatically generated by python-semantic-release ([`ba603cf`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/ba603cf96fad51a85d5159e83c402d613fefbb7c))

3.1.4

Fix

* fix(tests): include tests in `sdist` builds (337)

* feat: include `tests` in `sdist` builds for 336
* delete unexpected `DS_Store` file

Signed-off-by: Jan Kowalleck <jan.kowalleckgmail.com> ([`936ad7d`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/936ad7d0c26d8f98040203d3234ca8f1afbd73ab))

Unknown

* 3.1.4

Automatically generated by python-semantic-release ([`0b19294`](https://github.com/CycloneDX/cyclonedx-python-lib/commit/0b19294e4820f0da5e81decd4d902ef7789ecb61))

Page 9 of 19

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.