cyclonedx-python-lib icon indicating copy to clipboard operation
cyclonedx-python-lib copied to clipboard
verified publisher icon CycloneDX

[TRACKING] Complete support for CycloneDX v1.5

Open madpah opened this issue 1 year ago • 1 comments

see https://github.com/CycloneDX/specification/releases/tag/1.5

The following items are not currently supported for CycloneDX v1.5 (as of release 6.4.x):

  • [x] Missing lifecycles on bom.metadata see #698
  • [ ] Missing modelCard on Component
  • [ ] Missing data on Component
  • [ ] Missing bom-ref attribute on OrganizationalContact
    • possible fix: #859
  • [ ] Missing bom-ref attribute on OrganizationalEntity
    • see #799
    • possible fix: #859
  • [ ] Missing bom-ref attribute on LicenseExpression
    • possible fix: #859
  • [ ] Missing licensing on DisjunctiveLicense
  • [ ] Missing properties on DisjunctiveLicense
  • [ ] Missing bom-ref attribute on DisjunctiveLicense
    • possible fix: #859
  • [x] Missing identity on ComponentEvidence
    • see #810
    • see #900
  • [x] Missing occurrences on ComponentEvidence
    • see #810
  • [x] Missing callstack on ComponentEvidence
    • see #810
  • [ ] Missing annotations on Bom
  • [ ] Missing formulation on Bom
  • [x] Bom.metadata.tools missing support for components and services along with deprecation of Tool
    • see #561
    • see https://github.com/CycloneDX/cyclonedx-python-lib/issues/597
  • to be continued

this library is a community effort. if you find a feature that you need is missing, feel free to donate/contribute the missing feature.

  • see #633

madpah avatar Apr 03 '24 13:04 madpah

@madpah, I opened this issue for public contribution

jkowalleck avatar Jun 14 '24 10:06 jkowalleck