Sun Feb 20 21:23:44 2022 UTC ()
py-cyclonedx-python-lib: update to 1.3.0.

1.3.0 (2022-01-24)
Feature

    bom-ref for Component and Vulnerability default to a UUID (#142) (3953bb6)

1.2.0 (2022-01-24)
Feature

    Add CPE to component (#138) (269ee15)

1.1.1 (2022-01-19)
Fix

    Bump dependencies (#136) (18ec498)

1.1.0 (2022-01-13)
Feature

    Add support for bom.metadata.component (#118) (1ac31f4)

1.0.0 (2022-01-13)

Support for CycloneDX schema version 1.4 (#108)
Breaking Changes

Support for CycloneDX 1.4. This includes:

    Support for tools having externalReferences
    Allowing version for a Component to be optional in 1.4
    Support for releaseNotes per Component
    Support for the core schema implementation of Vulnerabilities (VEX)

Features

    $schema is now included in JSON BOMs
    Concrete Parsers how now been moved into downstream projects to keep this libraries focus on modelling and outputting CycloneDX - see https://github.com/CycloneDX/cyclonedx-python

Fixes

    Unit tests now include schema validation (we've left schema validation out of the core library due to dependency bloat)
    Ensure schema is adhered to in 1.0
    URIs are now used throughout the library through a new XsUri class to provide URI validation

Other

    Documentation is now hosted on readthedocs.org (https://cyclonedx-python-library.readthedocs.io/)
    Added reference to release of this library on Anaconda

0.12.3 (2021-12-15)
Fix

    Removed requirements-parser as dependency (temp) as not available for Python 3 as Wheel (#98) (3677d9f)

0.12.2 (2021-12-09)
Fix

    Tightened dependency packageurl-python (#95) (eb4ae5c)

0.12.1 (2021-12-09)
Fix

    Further loosened dependency definitions (8bef6ec)

0.12.0 (2021-12-09)
Feature

    Loosed dependency versions to make this library more consumable (55f10fb)


(wiz)
diff -r1.3 -r1.4 pkgsrc/security/py-cyclonedx-python-lib/Makefile
diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/PLIST
diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/distinfo
diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/patches/patch-setup.py
cvs diff -r1.3 -r1.4 pkgsrc/security/py-cyclonedx-python-lib/Makefile (expand / switch to context diff)
--- pkgsrc/security/py-cyclonedx-python-lib/Makefile 2022/01/04 20:54:40 1.3
+++ pkgsrc/security/py-cyclonedx-python-lib/Makefile 2022/02/20 21:23:44 1.4
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.3 2022/01/04 20:54:40 wiz Exp $
+# $NetBSD: Makefile,v 1.4 2022/02/20 21:23:44 wiz Exp $
 
-DISTNAME=	cyclonedx-python-lib-0.11.1
+DISTNAME=	cyclonedx-python-lib-1.3.0
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
-PKGREVISION=	1
 CATEGORIES=	security python
 MASTER_SITES=	${MASTER_SITE_PYPI:=c/cyclonedx-python-lib/}
 
@@ -11,15 +10,21 @@
 COMMENT=	Python library for generating CycloneDX SBOMs
 LICENSE=	apache-2.0
 
-DEPENDS+=	${PYPKGPREFIX}-packageurl-[0-9]*:../../devel/py-packageurl
-DEPENDS+=	${PYPKGPREFIX}-requirements-parser-[0-9]*:../../devel/py-requirements-parser
-DEPENDS+=	${PYPKGPREFIX}-setuptools-[0-9]*:../../devel/py-setuptools
-DEPENDS+=	${PYPKGPREFIX}-toml-[0-9]*:../../textproc/py-toml
-DEPENDS+=	${PYPKGPREFIX}-types-setuptools-[0-9]*:../../devel/py-types-setuptools
-DEPENDS+=	${PYPKGPREFIX}-types-toml-[0-9]*:../../devel/py-types-toml
+DEPENDS+=	${PYPKGPREFIX}-packageurl>=0.9:../../devel/py-packageurl
+DEPENDS+=	${PYPKGPREFIX}-setuptools>=47.0.0:../../devel/py-setuptools
+DEPENDS+=	${PYPKGPREFIX}-toml>=0.10.0:../../textproc/py-toml
+DEPENDS+=	${PYPKGPREFIX}-types-setuptools>=57.0.0:../../devel/py-types-setuptools
+DEPENDS+=	${PYPKGPREFIX}-types-toml>=0.10.0:../../devel/py-types-toml
 TEST_DEPENDS+=	${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
 
 PYTHON_VERSIONS_INCOMPATIBLE=	27
+
+.include "../../lang/python/pyversion.mk"
+
+.if ${PYPKGPREFIX} == "py37"
+DEPENDS+=	${PYPKGPREFIX}-importlib-metadata>=3.4:../../devel/py-importlib-metadata
+DEPENDS+=	${PYPKGPREFIX}-typing-extensions>=3.10:../../devel/py-typing-extensions
+.endif
 
 .include "../../lang/python/egg.mk"
 .include "../../mk/bsd.pkg.mk"
cvs diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/PLIST (expand / switch to context diff)
--- pkgsrc/security/py-cyclonedx-python-lib/PLIST 2021/12/07 18:05:29 1.1
+++ pkgsrc/security/py-cyclonedx-python-lib/PLIST 2022/02/20 21:23:44 1.2
@@ -1,13 +1,16 @@
-@comment $NetBSD: PLIST,v 1.1 2021/12/07 18:05:29 wiz Exp $
+@comment $NetBSD: PLIST,v 1.2 2022/02/20 21:23:44 wiz Exp $
 ${PYSITELIB}/cyclonedx/__init__.py
 ${PYSITELIB}/cyclonedx/__init__.pyc
 ${PYSITELIB}/cyclonedx/__init__.pyo
 ${PYSITELIB}/cyclonedx/exception/__init__.py
 ${PYSITELIB}/cyclonedx/exception/__init__.pyc
 ${PYSITELIB}/cyclonedx/exception/__init__.pyo
-${PYSITELIB}/cyclonedx/exception/parser.py
-${PYSITELIB}/cyclonedx/exception/parser.pyc
-${PYSITELIB}/cyclonedx/exception/parser.pyo
+${PYSITELIB}/cyclonedx/exception/model.py
+${PYSITELIB}/cyclonedx/exception/model.pyc
+${PYSITELIB}/cyclonedx/exception/model.pyo
+${PYSITELIB}/cyclonedx/exception/output.py
+${PYSITELIB}/cyclonedx/exception/output.pyc
+${PYSITELIB}/cyclonedx/exception/output.pyo
 ${PYSITELIB}/cyclonedx/model/__init__.py
 ${PYSITELIB}/cyclonedx/model/__init__.pyc
 ${PYSITELIB}/cyclonedx/model/__init__.pyo
@@ -17,6 +20,15 @@
 ${PYSITELIB}/cyclonedx/model/component.py
 ${PYSITELIB}/cyclonedx/model/component.pyc
 ${PYSITELIB}/cyclonedx/model/component.pyo
+${PYSITELIB}/cyclonedx/model/impact_analysis.py
+${PYSITELIB}/cyclonedx/model/impact_analysis.pyc
+${PYSITELIB}/cyclonedx/model/impact_analysis.pyo
+${PYSITELIB}/cyclonedx/model/issue.py
+${PYSITELIB}/cyclonedx/model/issue.pyc
+${PYSITELIB}/cyclonedx/model/issue.pyo
+${PYSITELIB}/cyclonedx/model/release_note.py
+${PYSITELIB}/cyclonedx/model/release_note.pyc
+${PYSITELIB}/cyclonedx/model/release_note.pyo
 ${PYSITELIB}/cyclonedx/model/vulnerability.py
 ${PYSITELIB}/cyclonedx/model/vulnerability.pyc
 ${PYSITELIB}/cyclonedx/model/vulnerability.pyo
@@ -29,27 +41,18 @@
 ${PYSITELIB}/cyclonedx/output/schema.py
 ${PYSITELIB}/cyclonedx/output/schema.pyc
 ${PYSITELIB}/cyclonedx/output/schema.pyo
+${PYSITELIB}/cyclonedx/output/serializer/__init__.py
+${PYSITELIB}/cyclonedx/output/serializer/__init__.pyc
+${PYSITELIB}/cyclonedx/output/serializer/__init__.pyo
+${PYSITELIB}/cyclonedx/output/serializer/json.py
+${PYSITELIB}/cyclonedx/output/serializer/json.pyc
+${PYSITELIB}/cyclonedx/output/serializer/json.pyo
 ${PYSITELIB}/cyclonedx/output/xml.py
 ${PYSITELIB}/cyclonedx/output/xml.pyc
 ${PYSITELIB}/cyclonedx/output/xml.pyo
 ${PYSITELIB}/cyclonedx/parser/__init__.py
 ${PYSITELIB}/cyclonedx/parser/__init__.pyc
 ${PYSITELIB}/cyclonedx/parser/__init__.pyo
-${PYSITELIB}/cyclonedx/parser/conda.py
-${PYSITELIB}/cyclonedx/parser/conda.pyc
-${PYSITELIB}/cyclonedx/parser/conda.pyo
-${PYSITELIB}/cyclonedx/parser/environment.py
-${PYSITELIB}/cyclonedx/parser/environment.pyc
-${PYSITELIB}/cyclonedx/parser/environment.pyo
-${PYSITELIB}/cyclonedx/parser/pipenv.py
-${PYSITELIB}/cyclonedx/parser/pipenv.pyc
-${PYSITELIB}/cyclonedx/parser/pipenv.pyo
-${PYSITELIB}/cyclonedx/parser/poetry.py
-${PYSITELIB}/cyclonedx/parser/poetry.pyc
-${PYSITELIB}/cyclonedx/parser/poetry.pyo
-${PYSITELIB}/cyclonedx/parser/requirements.py
-${PYSITELIB}/cyclonedx/parser/requirements.pyc
-${PYSITELIB}/cyclonedx/parser/requirements.pyo
 ${PYSITELIB}/cyclonedx/py.typed
 ${PYSITELIB}/cyclonedx/schema/bom-1.0.xsd
 ${PYSITELIB}/cyclonedx/schema/bom-1.1.xsd
@@ -60,6 +63,8 @@
 ${PYSITELIB}/cyclonedx/schema/bom-1.3.proto
 ${PYSITELIB}/cyclonedx/schema/bom-1.3.schema.json
 ${PYSITELIB}/cyclonedx/schema/bom-1.3.xsd
+${PYSITELIB}/cyclonedx/schema/bom-1.4.schema.json
+${PYSITELIB}/cyclonedx/schema/bom-1.4.xsd
 ${PYSITELIB}/cyclonedx/schema/ext/bom-descriptor-0.9.xsd
 ${PYSITELIB}/cyclonedx/schema/ext/bom-descriptor-1.0.xsd
 ${PYSITELIB}/cyclonedx/schema/ext/dependency-graph-1.0.xsd
@@ -67,12 +72,6 @@
 ${PYSITELIB}/cyclonedx/schema/ext/vulnerability-1.0.xsd
 ${PYSITELIB}/cyclonedx/schema/spdx.schema.json
 ${PYSITELIB}/cyclonedx/schema/spdx.xsd
-${PYSITELIB}/cyclonedx/utils/__init__.py
-${PYSITELIB}/cyclonedx/utils/__init__.pyc
-${PYSITELIB}/cyclonedx/utils/__init__.pyo
-${PYSITELIB}/cyclonedx/utils/conda.py
-${PYSITELIB}/cyclonedx/utils/conda.pyc
-${PYSITELIB}/cyclonedx/utils/conda.pyo
 ${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
 ${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
 ${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
cvs diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/distinfo (expand / switch to context diff)
--- pkgsrc/security/py-cyclonedx-python-lib/distinfo 2021/12/07 18:05:29 1.1
+++ pkgsrc/security/py-cyclonedx-python-lib/distinfo 2022/02/20 21:23:44 1.2
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.1 2021/12/07 18:05:29 wiz Exp $
+$NetBSD: distinfo,v 1.2 2022/02/20 21:23:44 wiz Exp $
 
-BLAKE2s (cyclonedx-python-lib-0.11.1.tar.gz) = 8e639a7dba82ed7588e0e4cacfd22878048d6c8efc3f0f1703a68056138a32df
+BLAKE2s (cyclonedx-python-lib-1.3.0.tar.gz) = faef53b42112a10089fa350852bbdac88453113085989cd9a0452e5c9bba932a
-SHA512 (cyclonedx-python-lib-0.11.1.tar.gz) = ed92383fce3d98bd8ed28c1591fc92f3670f6450106fdb4898622bef3c79d0b1140c5878dc5436fbb3a3bcfffff7245744d4e9e505685925f24fef2be847a39c
+SHA512 (cyclonedx-python-lib-1.3.0.tar.gz) = d14b3c426a337bf3d4d7deb1a22dccddc15adde51220e48db613e16c60432cc3cc47ec88b5fde76684c808fa1f98cbcd60d67e2cab1c708401ffb11254564afc
-Size (cyclonedx-python-lib-0.11.1.tar.gz) = 98048 bytes
+Size (cyclonedx-python-lib-1.3.0.tar.gz) = 134990 bytes
-SHA1 (patch-setup.py) = 1d077726a87994685b9035afb379d80dc6c4c6d3
+SHA1 (patch-setup.py) = 3033f49a66cee7048c4c91d2122591684b46bb8c
cvs diff -r1.1 -r1.2 pkgsrc/security/py-cyclonedx-python-lib/patches/Attic/patch-setup.py (expand / switch to context diff)
--- pkgsrc/security/py-cyclonedx-python-lib/patches/Attic/patch-setup.py 2021/12/07 18:05:29 1.1
+++ pkgsrc/security/py-cyclonedx-python-lib/patches/Attic/patch-setup.py 2022/02/20 21:23:44 1.2
@@ -1,25 +1,18 @@
-$NetBSD: patch-setup.py,v 1.1 2021/12/07 18:05:29 wiz Exp $
+$NetBSD: patch-setup.py,v 1.2 2022/02/20 21:23:44 wiz Exp $
 
 Be less restrictive in dependencies.
 
---- setup.py.orig	2021-11-10 15:42:02.183635700 +0000
+--- setup.py.orig	2022-01-24 13:30:26.931830600 +0000
 +++ setup.py
-@@ -13,12 +13,12 @@ package_data = \
- {'': ['*'], 'cyclonedx': ['schema/*', 'schema/ext/*']}
- 
+@@ -15,9 +15,9 @@ package_data = \
  install_requires = \
--['packageurl-python>=0.9.4,<0.10.0',
-- 'requirements_parser>=0.2.0,<0.3.0',
-- 'setuptools>=50.3.2,<51.0.0',
-- 'toml>=0.10.2,<0.11.0',
-- 'types-setuptools>=57.4.2,<58.0.0',
-- 'types-toml>=0.10.1,<0.11.0']
-+['packageurl-python>=0.9.4',
-+ 'requirements_parser>=0.2.0',
-+ 'setuptools>=50.3.2',
-+ 'toml>=0.10.2',
-+ 'types-setuptools>=57.4.2',
-+ 'types-toml>=0.10.1']
+ ['packageurl-python>=0.9',
+  'setuptools>=47.0.0',
+- 'toml>=0.10.0,<0.11.0',
++ 'toml>=0.10.0',
+  'types-setuptools>=57.0.0',
+- 'types-toml>=0.10.0,<0.11.0']
++ 'types-toml>=0.10.0']
  
  extras_require = \
- {':python_version >= "3.6" and python_version < "3.8"': ['importlib-metadata>=4.8.1,<5.0.0',
+ {':python_version < "3.8"': ['importlib-metadata>=3.4',