cyclonedx-core-java
cyclonedx-core-java copied to clipboard
CycloneDX
CycloneDX SBOM Model and Utils for Creating and Validating BOMs
Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.17.2 to 2.18.0. Commits 276d060 [maven-release-plugin] prepare release jackson-dataformat-xml-2.18.0 02e8c2e Prepare for 2.18.0 release 139b0b1 Back to snapshot ffc6880 [maven-release-plugin] prepare for next development iteration 1d5b804 [maven-release-plugin]...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps commons-io:commons-io from 2.16.1 to 2.17.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
This PR introduces key improvements following extensive testing across various scenarios. It addresses issues with the de/serialization process for formulation, particularly in handling environment variables, which were previously inconsistent. To...
Fix https://github.com/CycloneDX/cyclonedx-core-java/issues/498
The ComponentData object is not specific to model cards and should not reside in that package.
Solves https://github.com/CycloneDX/cyclonedx-core-java/issues/497
For component->evidence->occurrence->symbol, the schemas define symbol as a string. Core Java defines symbol as an Integer which is incorrect. Reported by Andrew Maguire in https://groups.io/g/CycloneDX/message/299
Hi, I have a problem when writing a BOM with 2+ tools, only in XML format. The xml is wrote but it is not valid : a `` element appears...
Coming from [here](https://github.com/oss-review-toolkit/ort/issues/9556), it seems that an [EPSS vulnerability score of 0.000760000](https://api.first.org/data/v1/epss?cve=CVE-2020-15250) is serialized as "7.600000244565308E-4" (at least in XML), which causes https://cyclonedx.github.io/cyclonedx-web-tool/validate to fail with > The 'http://cyclonedx.org/schema/bom/1.5:score' element...
