Releases: CycloneDX/cyclonedx-maven-plugin
Releases · CycloneDX/cyclonedx-maven-plugin
2.7.6
- improve documentation on Maven dependency scopes (not CycloneDX scopes) (#309) @hboutemy
- extract dependencies conversion from Mojo to component (#301) @hboutemy
- clean pom, upgrade compiler plugin, use release (#299) @hboutemy
- add a test for Maven parent dependencies in reactor (#298) @hboutemy
- extract dependency analysis code that infers scope (#294) @hboutemy
- Fix typo in README (#285) @nielsbasjes
🚀 New features and improvements
- feat: expose the outputDirectory configuration parameter as a property (#321) @goldmann
- streamline plugin output (#304) @hboutemy
- add included Maven dependency scopes to tool description in SBOM (#300) @hboutemy
🐛 Bug Fixes
- Fixes #307, addresses cyclic dependencies created by self references (#308) @knrc
- Fixes #284, Switch to aether and filter artifacts based on individual… (#302) @knrc
- schema version 1.1 requires components cleanup from dependencies (#293) @hboutemy
📦 Dependency updates
- Bump maven-release-plugin from 3.0.0-M7 to 3.0.0 (#316) @dependabot
- Bump actions/checkout from 3.3.0 to 3.5.0 (#320) @dependabot
- Bump cyclonedx-core-java from 7.3.1 to 7.3.2 (#297) @dependabot
Contributors
goldmann, hboutemy, and 3 other contributors
Assets 2
2.7.5
- document and test verbose (#280) @hboutemy
- simplify ITs code (#277) @hboutemy
- extract model converter DI component from base mojo (#275) @hboutemy
- move code out of base when possible (#268) @hboutemy
- Simplify code (#267) @hboutemy
- Explicit aggregate dependencies where necessary (#266) @hboutemy
- clarify exclude* parameters (#265) @hboutemy
🚀 New features and improvements
- add effective goal into BOM tool name (#283) @hboutemy
- add outputDirectory parameter (#279) @hboutemy
- Fix dependencies concealed during BOM creation, aligning more closely with the dependency graph (#256) @knrc
- mark makeBom and makeAggregatedBom threadsafe as makePackageBom (#264) @hboutemy
🐛 Bug Fixes
📦 Dependency updates
- Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 (#281) @dependabot
- Bump maven-invoker-plugin from 3.4.0 to 3.5.0 (#282) @dependabot
- Bump maven-enforcer-plugin from 3.1.0 to 3.2.1 (#270) @dependabot
- Bump actions/checkout from 3.2.0 to 3.3.0 (#255) @dependabot
- Bump junit-bom from 5.9.1 to 5.9.2 (#258) @dependabot
- Bump maven-plugin-plugin from 3.7.0 to 3.7.1 (#260) @dependabot
- Bump maven-plugin-annotations from 3.7.0 to 3.7.1 (#261) @dependabot
Full Changelog: cyclonedx-maven-plugin-2.7.4...cyclonedx-maven-plugin-2.7.5
Contributors
hboutemy, knrc, and dependabot
Assets 2
2.7.4
- code cleanup: move parameter to aggregate, simplify code (#249) @hboutemy
- add goals description (#251) @hboutemy
- add release-drafter configuration (#247) @hboutemy
- fix multiple times BOM generation on multi-module makeAggregateBom (#242) @hboutemy
- use project.url for component website instead of organisation url (#241) @hboutemy
- improve README: no execution by default (#243) @hboutemy
- Simplifying effective pom generation (#238) @stevespringett
- Revert "don't use pom.distributionManagement.repository.url for BOM" (#244) @stevespringett
- don't use pom.distributionManagement.repository.url for BOM (#239) @hboutemy
- Add JUnit5 and vintage engine. #227 (#228) @robertk3s
- directly document parameters so it's picked by generated goal documen… (#230) @hboutemy
- add smoke tests for makeBom and makeAggregateBom (#234) @hboutemy
- improve menu and breadcrumbs (#229) @hboutemy
📦 Dependency updates
- Bump maven-plugin-api from 3.8.6 to 3.8.7 (#252) @dependabot
- Bump maven-core from 3.8.6 to 3.8.7 (#253) @dependabot
- Bump maven-invoker-plugin from 3.3.0 to 3.4.0 (#240) @dependabot
- Bump takari-plugin-integration-testing from 3.0.0 to 3.0.1 (#222) @dependabot
- Bump maven-dependency-tree from 3.2.0 to 3.2.1 (#224) @dependabot
- Bump actions/checkout from 3.1.0 to 3.2.0 (#231) @dependabot
- Bump cyclonedx-core-java from 7.2.1 to 7.3.1 (#235) @dependabot
Full Changelog: cyclonedx-maven-plugin-2.7.3...cyclonedx-maven-plugin-2.7.4
Contributors
hboutemy, stevespringett, and 2 other contributors
Assets 2
2.7.3
What's Changed
- Provide filter by group IDs by @synaos-bwi in #218
- Bump maven-plugin-annotations from 3.6.4 to 3.7.0 by @dependabot in #217
- Bump maven-plugin-plugin from 3.6.4 to 3.7.0 by @dependabot in #216
- Bump maven-release-plugin from 3.0.0-M6 to 3.0.0-M7 by @dependabot in #215
New Contributors
- @synaos-bwi made their first contribution in #218
Full Changelog: cyclonedx-maven-plugin-2.7.2...cyclonedx-maven-plugin-2.7.3
Contributors
dependabot and synaos-bwi
Assets 2
2.7.2
What's Changed
- Bump maven-site-plugin from 3.12.0 to 3.12.1 by @dependabot in #200
- Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 by @dependabot in #201
- Bump maven-dependency-analyzer from 1.12.0 to 1.13.0 by @dependabot in #203
- Bump actions/checkout from 3.0.2 to 3.1.0 by @dependabot in #212
- Bump maven-jar-plugin from 3.2.2 to 3.3.0 by @dependabot in #211
- Update maven-dependency-tree to latest version by @sanderv in #213
New Contributors
Full Changelog: cyclonedx-maven-plugin-2.7.1...cyclonedx-maven-plugin-2.7.2
Contributors
sanderv and dependabot
Assets 2
2.7.1
What's Changed
- Bump maven-enforcer-plugin from 3.0.0 to 3.1.0 by @dependabot in #196
- Bump maven-plugin-api from 3.8.5 to 3.8.6 by @dependabot in #195
- Bump maven-core from 3.8.5 to 3.8.6 by @dependabot in #194
- Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M6 by @dependabot in #193
Full Changelog: cyclonedx-maven-plugin-2.7.0...cyclonedx-maven-plugin-2.7.1
Contributors
dependabot
Assets 2
2.7.0
What's Changed
- Logging params on all MOJOs by @ThomGeG in #184
- Allow dependencies to appear in graph multiple times by @ThomGeG in #187
📦 Dependency updates
- Bump maven-dependency-tree from 3.1.0 to 3.1.1 by @dependabot in #188
- Bump cyclonedx-core-java from 7.1.3 to 7.1.4 by @dependabot in #186
- Bump takari-lifecycle-plugin from 2.0.7 to 2.0.8 by @dependabot in #185
Full Changelog: cyclonedx-maven-plugin-2.6.2...cyclonedx-maven-plugin-2.7.0
Contributors
ThomGeG and dependabot
Assets 2
2.6.2
Full Changelog: cyclonedx-maven-plugin-2.6.1...cyclonedx-maven-plugin-2.6.2
2.6.1
Full Changelog: cyclonedx-maven-plugin-2.6.0...cyclonedx-maven-plugin-2.6.1
2.6.0
What's Changed
- Utilize base-version instead of version by @ThomGeG in #175
- Add cyclonedx.verbose flag by @rovarga in #162
- Allows Mojos to detect dependencies in test scope by @mscottford in #153
- exclude Maven core provided artifacts from SBOM by @hboutemy in #178
- Polish Code by @mr-zepol in #179
📦 Dependency updates
- Bump maven-plugin-annotations from 3.6.1 to 3.6.4 by @dependabot in #148
- Bump maven-plugin-plugin from 3.6.1 to 3.6.4 by @dependabot in #147
- Bump maven-core from 3.8.2 to 3.8.4 by @dependabot in #141
- Bump maven-javadoc-plugin from 3.3.0 to 3.3.1 by @dependabot in #130
- Bump actions/checkout from 2.3.4 to 2.4.0 by @dependabot in #139
- Bump maven-plugin-api from 3.8.2 to 3.8.4 by @dependabot in #140
- Bump cyclonedx-core-java from 5.0.4 to 5.0.5 by @dependabot in #156
- Bump maven-release-plugin from 3.0.0-M4 to 3.0.0-M5 by @dependabot in #157
- Bump maven-jar-plugin from 3.2.0 to 3.2.2 by @dependabot in #154
- Bump actions/checkout from 2.4.0 to 3.0.2 by @dependabot in #176
- Bump maven-javadoc-plugin from 3.3.1 to 3.4.0 by @dependabot in #174
- Bump actions/setup-java from 2 to 3 by @dependabot in #171
- Bump maven-core from 3.8.4 to 3.8.5 by @dependabot in #169
- Bump maven-plugin-api from 3.8.4 to 3.8.5 by @dependabot in #168
- Bump cyclonedx-core-java from 5.0.5 to 7.1.3 by @dependabot in #170
New Contributors
- @rovarga made their first contribution in #162
- @mscottford made their first contribution in #153
- @mr-zepol made their first contribution in #179
Full Changelog: cyclonedx-maven-plugin-2.5.3...cyclonedx-maven-plugin-2.6.0
Contributors
mscottford, hboutemy, and 4 other contributors