Releases: CycloneDX/cyclonedx-node-yarn
Releases · CycloneDX/cyclonedx-node-yarn
3.1.0
Changed
- Utilizes license file gatherer of
@cyclonedx/cyclonedx-library, previously used own implementation (via #324)
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@8.3.0(via #324)
What's Changed
- build(deps): Bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot in #323
- chore(deps): update dependency mocha to v11.6.0 by @renovate in #325
- feat: use CDX-library's license evidence gathering by @jkowalleck in #324
- chore(deps): update eslint by @renovate in #327
- chore(deps): update dependency typescript-eslint to v8.34.0 by @renovate in #326
- chore(deps): update dependency eslint-plugin-jsdoc to v51 by @renovate in #328
- chore(deps): lock file maintenance by @renovate in #322
Full Changelog: v3.0.3...v3.1.0
Contributors
renovate, jkowalleck, and dependabot
Assets 6
3.0.3
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@8.0.0(via #320, #321) - Upgraded runtime-dependency
[email protected], was@8.0.2(via #298)
What's Changed
- chore(deps): update dependency typescript-eslint to v8.29.1 by @renovate in #294
- chore(deps): update dependency typescript-eslint to v8.31.0 by @renovate in #296
- fix(deps): update yarn by @renovate in #295
- chore(deps): update dependency mocha to v11.2.2 by @renovate in #300
- chore(deps): update dependency npm-run-all2 to v8 by @renovate in #301
- chore(deps): update dependency typescript-eslint to v8.32.0 by @renovate in #299
- chore(deps): update dependency globals to v16.1.0 by @renovate in #302
- chore(deps): update dependency npm-run-all2 to v8.0.2 by @renovate in #303
- chore(deps): update dependency mocha to v11.4.0 by @renovate in #305
- chore(deps): update dependency eslint-config-love to v120 by @renovate in #306
- chore(deps): update dependency npm-run-all2 to v8.0.3 by @renovate in #307
- chore(deps): update dependency typescript-eslint to v8.32.1 by @renovate in #304
- chore(deps): update eslint by @renovate in #297
- chore: add workflow permissions by @jkowalleck in #311
- chore(deps): update dependency mocha to v11.5.0 by @renovate in #308
- chore(deps): update dependency npm-run-all2 to v8.0.4 by @renovate in #310
- chore(deps): update eslint by @renovate in #313
- chore(deps): update dependency typescript-eslint to v8.33.0 by @renovate in #312
- chore(deps): update dependency globals to v16.2.0 by @renovate in #309
- fix(deps): update dependency hosted-git-info to v8.1.0 by @renovate in #298
- ci: use node24 by @jkowalleck in #315
- build(deps): Bump tar-fs from 2.1.2 to 2.1.3 by @dependabot in #314
- fix(deps): update dependency @cyclonedx/cyclonedx-library to v8.2.0 by @renovate in #320
- fix(deps): update yarn by @renovate in #318
- chore(deps): update dependency typescript-eslint to v8.33.1 by @renovate in #317
- chore(deps): update dependency eslint-plugin-n to v17.19.0 by @renovate in #319
- chore(deps): lock file maintenance by @renovate in #286
- fix(deps): update dependency @cyclonedx/cyclonedx-library to v8.3.0 by @renovate in #321
Full Changelog: v3.0.2...v3.0.3
Contributors
renovate, jkowalleck, and dependabot
Assets 6
3.0.3-alpha.0
Signed-off-by: jkowalleck <[email protected]>
3.0.2
Maintenance release with provenance.
Build
What's Changed
- fix(deps): update yarn by @renovate in #291
- build: release with provenance by @jkowalleck in #292
Full Changelog: v3.0.1...v3.0.2
Contributors
renovate and jkowalleck
Assets 6
3.0.1
Added
- CLI switch
-oas shorthand for--output-file(#280 via #281) - CLI switch
--ofas shorthand for--outout-format(#280 via #281) - CLI switch
--svas shorthand for--spec-version(#280 via #281)
Fixed
Build
- Use TypeScript
v5.8.3now, wasv5.8.2(via #282)
What's Changed
- style: apply neostandard to JS files by @jkowalleck in #276
- refactor by @jkowalleck in #279
- feat: shorthands by @jkowalleck in #281
- refactor: rearrange CLI options by @jkowalleck in #285
- chore(deps): update dependency typescript to v5.8.3 by @renovate in #282
- chore(deps): update eslint to v9.24.0 by @renovate in #284
- chore(deps): update dependency typescript-eslint to v8.29.0 by @renovate in #283
- fix(deps): update yarn by @renovate in #277
- chore(deps): lock file maintenance by @renovate in #278
- fix: License gathering correctly ignores symlinks and directories by @jkowalleck in #288
Full Changelog: v3.0.0...v3.0.1
Contributors
renovate and jkowalleck
Assets 6
3.0.0
BREAKING Changes
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@7.1.0(via #267) - Upgraded runtime-dependency
[email protected], was@7.0.2(via #268) - Upgraded runtime-dependency
[email protected], was@6.0.2(via #269)
Build
- Use TypeScript
v5.8.2now, wasv5.7.3(via #261) - Use @yarnpkg/builder
v4.2.1now, wasv4.2.0(via #262)
What's Changed
- docs: fix link to
https://jsr.ioby @guspan-tanadi in #259 - chore(deps): update juuxel/publish-checkstyle-report action to v2 by @renovate in #263
- chore(deps): update dependency typescript to v5.8.2 by @renovate in #261
- feat!: require node 20.18.0 by @jkowalleck in #265
- chore(dev-deps): bum some deps by @jkowalleck in #266
- chore(deps): use
@cyclonedx/cyclonedx-library@^8.0.0by @jkowalleck in #267 - fix(deps): update yarn by @renovate in #262
- refactor & modernize eslint by @jkowalleck in #270
- feat!: drop support for yarn3 by @jkowalleck in #271
- fix(deps): update dependency hosted-git-info to v8 by @renovate in #268
- fix(deps): update dependency normalize-package-data to v7 by @renovate in #269
- chore(deps): update eslint by @renovate in #273
- chore(deps): lock file maintenance by @renovate in #258
- chore: gitnogore yarn as recommended by @jkowalleck in #274
- chore: revisit 3rd party licenss by @jkowalleck in #275
New Contributors
- @guspan-tanadi made their first contribution in #259
Full Changelog: v2.0.0...v3.0.0
Contributors
renovate, jkowalleck, and guspan-tanadi
Assets 6
2.0.0
BREAKING Changes
- CLI option
--spec-versiondefaults to1.6, was1.5(#222 via #251) - Emit
$.metadata.toolsas components (#221 via #254)
This affects only CycloneDX spec-version 1.5 and later. - Emitted
.purlvalues might be partially url-encoded (via #254)
This is caused by changes on underlying 3rd-party dependencypackageurl-js. - Create dir for output file if not exists (#253 via #255)
This is only a breaking change if you relied on non-existent result paths to cause errors.
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@6.13.1(via #254)
What's Changed
- chore(deps): lock file maintenance by @renovate in #250
- feat!: emit tools as
metadata.tools.componentsby @jkowalleck in #254 - feat!: default to CDX 1.6 by @jkowalleck in #251
- feat!: create outpur dir if not exist by @jkowalleck in #255
Full Changelog: v1.1.0...v2.0.0
Contributors
renovate and jkowalleck
Assets 6
1.1.0
Added
- Capability to gather license text evidences (#33 via #193)
This feature can be controlled via CLI switch--gather-license-texts.
This feature is experimental. This feature is disabled per default.
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@6.11.0(via #206, #237)
This was done to incorporate non-breaking upstream changes and fixes. - Upgraded runtime-dependency
[email protected], was@6.0.1(via #141)
This was done to incorporate non-breaking upstream changes and fixes. - Removed unused runtime dependency
packageurl-js(via #220)
Build
- Use TypeScript
v5.7.3now, wasv5.5.3(via #160, #178, #233, #212, #244) - Use @yarnpkg/builder
v4.2.0now, wasv4.1.1(via #164, #172)
What's Changed
- chore(deps-dev): Bump mocha from 10.6.0 to 10.7.0 in the mocha group by @dependabot in #161
- chore(deps-dev): Bump typescript from 5.5.3 to 5.5.4 in the typescript group by @dependabot in #160
- chore(deps-dev): Bump @yarnpkg/builder from 4.1.1 to 4.1.2 by @dependabot in #164
- chore(deps-dev): Bump mocha from 10.7.0 to 10.7.3 in the mocha group by @dependabot in #166
- chore: dependabot group
@yarnpkgby @jkowalleck in #171 - chore(deps-dev): Bump @yarnpkg/builder from 4.1.2 to 4.2.0 in the yarn group by @dependabot in #172
- chore(deps): bump normalize-package-data from 6.0.1 to 6.0.2 by @dependabot in #141
- chore(deps-dev): bump typescript from 5.5.4 to 5.6.2 in the typescript group by @dependabot in #178
- chore: pin
flict==2.1.14by @jkowalleck in #197 - chore(ci): dont upgrade yarn unexpectedly by @jkowalleck in #200
- Switch to a TypeScript version that is compatible with the used ESLint version. by @AugustusKling in #199
- chore: Configure Renovate by @renovate in #202
- chore: disable dependabot by @jkowalleck in #211
- chore(deps): update dependency mocha to v10.8.2 by @renovate in #207
- chore(deps): update yarn to v4.5.1 by @renovate in #205
- chore(deps): update eslint by @renovate in #215
- chore: revisit release process by @jkowalleck in #216
- chore(deps): remove dep
packageurl-jsby @jkowalleck in #220 - Extraction of license text from files. by @AugustusKling in #193
- chore: bring back
yarn.lockby @jkowalleck in #198 - chore(deps): lock file maintenance by @renovate in #232
- fix(deps): update dependency @cyclonedx/cyclonedx-library to v6.13.0 by @renovate in #206
- chore(deps): update yarn to v4.5.3 by @renovate in #223
- chore(deps): use TS 5.6.2 - again by @jkowalleck in #233
- chore(deps): update dependency typescript to v5.7.2 by @renovate in #212
- chore(deps): update dependency c8 to v10.1.3 by @renovate in #234
- chore(deps): lock file maintenance by @renovate in #235
- fix(deps): update dependency @cyclonedx/cyclonedx-library to v6.13.1 by @renovate in #237
- refactor:
structuredClonePolyfillto helpers by @jkowalleck in #239 - fix(deps): update yarn by @renovate in #241
- chore(deps): update dependency fast-glob to v3.3.3 by @renovate in #243
- chore(deps): lock file maintenance by @renovate in #238
- chore(deps): update dependency typescript to v5.7.3 by @renovate in #244
- chore(deps): lock file maintenance by @renovate in #245
- ci: fix license checks by @jkowalleck in #247
- ci: use node 22/23 by @jkowalleck in #248
New Contributors
Full Changelog: v1.0.2...v1.1.0
Contributors
AugustusKling, renovate, and 2 other contributors
Assets 6
1.1.0-rc.1
Signed-off-by: jkowalleck <[email protected]>
1.0.2
Dependencies
- Upgraded runtime-dependency
@cyclonedx/[email protected], was@6.10.0(via #151, #157)
This was done to incorporate non-breaking upstream changes and fixes.
Build
- Use TypeScript
v5.5.3now, wasv5.5.2(via #149)
What's Changed
- chore(deps-dev): Bump mocha from 10.5.2 to 10.6.0 in the mocha group by @dependabot in #150
- chore(deps): Bump @cyclonedx/cyclonedx-library from 6.10.0 to 6.10.1 by @dependabot in #151
- tests: fixerFix by @jkowalleck in #153
- tests: package manifest repository by @jkowalleck in #156
- chore(deps-dev): Bump typescript from 5.5.2 to 5.5.3 in the typescript group by @dependabot in #149
- chore(deps): Bump @cyclonedx/cyclonedx-library from 6.10.1 to 6.11.0 by @dependabot in #157
Full Changelog: v1.0.1...v1.0.2
Contributors
jkowalleck and dependabot