v0.5.0

Updates in this release

New features

• feat: Introduce XML parsing for CycloneDX (fixes #1)
• feat: Add CycloneDX assembly suport (fixes #13)
• feat: Add initial support for SPDX RDF and XML files
• feat: Add vulnerabilities to SBOM
• feat: User defined license handling in SPDX
• feat: Add enhanced metadata attributes
• feat: Add vulnerability object
• feat: Refactor CycloneDX generator
• feat: Allow license text to be specified with license name
• feat: Allow SPDX version to be specified for SPDX documents
• feat: Allow UUID to be user specified
• feat: Reuse metadata from parsed SBOMs
• feat: Update examples

Fixes

• bug: Handle '-' in supplier name (Fixes #14)
• doc: Update README
• fix: Ensure user defined id is valid for SPDX
• fix: Fix metadata tools field of CycloneDX
• fix: Fix organisation typo
• fix: Formatting issues with generated document
• fix: Handle deprecated tools specification in CycloneDX version 1.5
• fix: Handle missing file id
• fix: Id overwritten by name for file object
• fix: License expression handling for CycloneDX
• fix: Linting
• fix: Remove commented code
• fix: Remove debug code
• fix: SPDX handling of user defined component id
• fix: SPDX version field truncated
• fix: Supplier contains digit (fixes #17)
• fix: Tool version metadata handling (CycloneDX)
• fix: Update relationships
• fix: Update test example
• fix: validate supplier type
• Merge pull request #15 from ffontaine/fix-typo
• Merge pull request #18 from ffontaine/fix-tools
• test: Additional Cyclonedx example
• test: Add CycloneDX XML test files