v0.8.1

Fix

• Multiple hashes being created for an externalRefernce which is not as required (970d192)

v0.8.0

Feature

• Add support for externalReferneces for Components and associated enhancements to parsers to obtain information where possible/known (a152852)

v0.7.0

Feature

• Support for pipenv.lock file parsing (68a2dff)

v0.6.2

Fix

• Added ability to add tools in addition to this library when generating CycloneDX + plus fixes relating to multiple BOM instances (e03a25c)

v0.6.1

Fix

• Better methods for checking if a Component is already represented in the BOM, and the ability to get the existing instance (5fee85f)

v0.6.0

Feature

• Helper method for representing a File as a Component taking into account versioning for files as per https://github.com/CycloneDX/cyclonedx.org/issues/34 (7e0fb3c)
• Support for non-PyPi Components - PackageURL type is now definable when creating a Component (fde79e0)

v0.5.0

Feature

• Add support for tool(s) that generated the SBOM (7d1e6ef)

Fix

• Bumped a dependency version (efc1053)

v0.4.1

Fix

• Improved handling for requirements.txt content without pinned or declared versions (7f318cb)

v0.4.0

Feature

• Support for localising vectors (i.e. stripping out any scheme prefix) (b9e9e17)
• Helper methods for deriving Severity and SourceType (6a86ec2)

Fix

• Removed print call (8806553)
• Relaxed typing of parameter to be compatible with Python < 3.9 (f9c7990)
• Removed print call (d272d2e)
• Remove unused commented out code (ba4f285)

v0.3.0

Feature

• Adding support for extension schema that descriptions vulnerability disclosures (d496695)