Releases · CycloneDX/cyclonedx-python-lib

17 Jun 11:57

cyclonedx-releases

v11.11.0

7129d73

v11.11.0 Latest

Latest

v11.11.0 (2026-06-17)

Bug Fixes

Protocolpropertiestype enum case 5g-aka for CycloneDX 1.7 (#1004, bc97e1c)

Features

cryptoprimitive enum cases for CycloneDX 1.7 (#1002, 788ced1)
protocolpropertiestype enum cases for CycloneDX 1.7 (#1003, f9223d8)

What's Changed

feat: CryptoPrimitive enum cases for CycloneDX 1.7 by @jkowalleck in #1002
feat: ProtocolPropertiesType enum cases for CycloneDX 1.7 by @jkowalleck in #1003
fix: ProtocolPropertiesType enum case 5g-aka for CycloneDX 1.7 by @jkowalleck in #1004
tests: check all enum completeness by @jkowalleck in #992
refactor: simplify contrib.bom.utils by @jkowalleck in #1000

Full Changelog: v11.10.0...v11.11.0

Contributors

jkowalleck

Assets 6

11 Jun 10:36

cyclonedx-releases

v11.10.0

bdeaa91

v11.10.0

v11.10.0 (2026-06-11)

Bug Fixes

Lossless flattening of dependency graph during JSON serialization (#993, d0e10ca)
Typing in contrib.bom.utils.BomDependencyGraphFlatMerger (#998, 988a937)

Documentation

Improve docs of contrib.bom.utils.BomRefDiscriminator (#996, 9beaf5c)

Features

Add contrib.bom.utils.BomDependencyGraphFlatMerger (#997, 78b8d8b)
Move output.BomRefDiscriminator to contrib.bom.utils.BomRefDiscriminator (#995, 3bb87aa)

Performance Improvements

contrib.bom.utils.bomdependencygraphflatmerger._flatten_merge (#999, a8579b8)

What's Changed

feat: move output.BomRefDiscriminator to contrib.bom.utils.BomRefDiscriminator by @jkowalleck in #995
docs: improve docs of contrib.bom.utils.BomRefDiscriminator by @jkowalleck in #996
feat: add contrib.bom.utils.BomDependencyGraphFlatMerger by @jkowalleck in #997
fix: typing in contrib.bom.utils.BomDependencyGraphFlatMerger by @jkowalleck in #998
perf: contrib.bom.utils.BomDependencyGraphFlatMerger._flatten_merge by @jkowalleck in #999
fix: lossless flattening of dependency graph during JSON serialization by @jkowalleck in #993

Full Changelog: v11.9.0...v11.10.0

Contributors

jkowalleck

Assets 6

08 Jun 07:32

cyclonedx-releases

v11.9.0

150777e

v11.9.0

v11.9.0 (2026-06-08)

Features

Add support for license expression details (#908, b502381)

What's Changed

chore(deps): bump snok/install-poetry from 1.4.1 to 1.4.2 by @dependabot[bot] in #990
chore(deps): update m2r2 requirement from >=0.3.2 to >=0.3.4 by @dependabot[bot] in #970
feat: add support for license expression details by @Churro in #908

Full Changelog: v11.8.0...v11.9.0

Contributors

Churro and dependabot

Assets 6

04 Jun 10:38

cyclonedx-releases

v11.8.0

e537812

v11.8.0

v11.8.0 (2026-06-04)

Documentation

Update CDX summary (#951, 752b162)

Features

Add support CycloneDX 1.7.1 & 1.6.2 & 1.5.1 (#985, 303889b)
Pull SPDX license IDs v1.1-3.28.0 (#986, 42ff044)

What's Changed

chore: extract glob for pyupgrade to separate script for cross-platform compatibility by @peschuster in #950
docs: update CDX summary by @jkowalleck in #951
chore: fix test coverage reporting by @jkowalleck in #956
chore(deps-dev): update tomli requirement from 2.3.0 to 2.4.1 by @dependabot[bot] in #954
chore(release): use own GH app for releasing by @jkowalleck in #958
chore(ci): pin GitHub Actions to immutable SHAs while preserving tag tracking by @Copilot in #961
chore: add zizmor workflow to harden GitHub Actions security by @Copilot in #968
Update PULL_REQUEST_TEMPLATE.md by @jkowalleck in #974
chore: Update CONTRIBUTING.md by @jkowalleck in #975
chore(ci): comments for pinned actions by @jkowalleck in #984
feat: add support CycloneDX 1.7.1 & 1.6.2 & 1.5.1 by @jkowalleck in #985
chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 by @dependabot[bot] in #982
chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.1 by @dependabot[bot] in #964
chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.1 by @dependabot[bot] in #963
feat: pull SPDX license IDs v1.1-3.28.0 by @jkowalleck in #986