cyclonedx-core-java
cyclonedx-core-java copied to clipboard
CycloneDX
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
https://github.com/CycloneDX/cyclonedx-core-java/blob/a45240713b751d80d53e6298aa832285a4aba566/pom.xml#L186 It would be nice if the dependency to `com.networknt:json-schema-validator:1.0.73` as found in the pom.xml could be upgraded to the [latest 1.4.0](https://mvnrepository.com/artifact/com.networknt/json-schema-validator/1.4.0), as one of our projects depends on features...
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.5. Release notes Sourced from actions/checkout's releases. v4.1.5 What's Changed Update NPM dependencies by @cory-miller in actions/checkout#1703 Bump github/codeql-action from 2 to 3 by @dependabot...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Add "Mozilla Public License, Version 2.0" as mapping to MPL-2.0 Evidence of correct mapping: `pkg:maven/org.mozilla/[email protected]` [Link to POM](https://repo1.maven.org/maven2/org/mozilla/rhino/1.7.14/rhino-1.7.14.pom) This is published by The Mozilla Foundation themselves. Signed-off-by: Mark Symons
Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.17.0. Changelog Sourced from commons-codec:commons-codec's changelog. Apache Commons Codec 1.17.0 RELEASE NOTES The Apache Commons Codec component contains encoders and decoders for various formats such...
1. The new ToolInformation class did not have equals & hashCode methods, which prevented equality checks during downstream unit testing 2. The custom deserializer for ToolInformation did not correctly handle...
I can see on master, in pom.xml that jackson-dataformat-xml 2.16.1, but the currently released version (8.0.3) uses v2.15.3. When used in a Gradle build (via the Cyclone DXP Plugin) that...
Hello I recently submitted an issue to the maven-plugin _(https://github.com/CycloneDX/cyclonedx-maven-plugin/issues/487)_ however, looking at their code, I realize that this project may actually be the origin of my problem. In short...
If I serialize a org.cyclonedx.model.Bom to JSON using BomJsonGenerator.toJsonString() then I unexpectedly lose newlines in various strings, like license and copyright text where new lines are especially important. I tracked...
See https://github.com/CycloneDX/specification/releases/tag/1.6.
