Releases: CycloneDX/cyclonedx-gradle-plugin
Releases · CycloneDX/cyclonedx-gradle-plugin
2.0.0-alpha-1
What's Changed
- feat: add git external reference. by @barblin in #520
- docs: fix vcs git docu and some spelling errors by @barblin in #547
- build(deps): bump org.cyclonedx:cyclonedx-core-java from 9.1.0 to 10.0.0 by @dependabot in #550
- feat: retrieve build-system metadata from build environment by @jeremylong in #546
New Contributors
Full Changelog: cyclonedx-gradle-plugin-2.0.0-alpha-0...cyclonedx-gradle-plugin-2.0.0-alpha-1
2.0.0-alpha-0
Features
- Support for Gradle configuration cache by @gordonrousselle in #532
Bug Fixes
- Fix incorrect dependency resolution #367 by @gordonrousselle in #532
- Fix incorrect dependency loop handling #528 by @gordonrousselle in #532
- fix: use lenient artifact view by @jeremylong in #539
- fix: avoid using deprecated tools section by @jeremylong in #544
Other Changes
- build(deps): bump org.cyclonedx.bom from 1.9.0 to 1.10.0 by @dependabot in #499
- Update Gradle Wrapper from 8.10 to 8.10.1 by @github-actions in #506
- build(deps): bump actions/setup-java from 4.2.2 to 4.3.0 by @dependabot in #507
- Introduce code formatting constraints by @skhokhlov in #508
- build(deps): bump com.gradle.plugin-publish from 1.2.1 to 1.3.0 by @dependabot in #512
- build(deps): bump gradle/actions from 4.0.0 to 4.1.0 by @dependabot in #513
- Update Gradle Wrapper from 8.10.1 to 8.10.2 by @github-actions in #516
- refactor: decouple methods and add debug logging by @skhokhlov in #510
- build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #518
- build(deps): bump gradle-update/update-gradle-wrapper-action from 1.0.20 to 2.0.0 by @dependabot in #514
- build(deps): bump commons-io:commons-io from 2.16.1 to 2.17.0 by @dependabot in #515
- build(deps): bump actions/setup-java from 4.3.0 to 4.4.0 by @dependabot in #517
- build(deps): bump org.cyclonedx:cyclonedx-core-java from 9.0.5 to 9.1.0 by @dependabot in #526
- build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.3 by @dependabot in #524
- build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #522
- fix typos in README.md by @TheManWhoStaresAtCode in #504
- build(deps): bump actions/setup-java from 4.4.0 to 4.5.0 by @dependabot in #531
- build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #530
- Update Gradle Wrapper from 8.10.2 to 8.11 by @github-actions in #533
- build(deps): bump gradle/actions from 4.1.0 to 4.2.0 by @dependabot in #534
- Update Gradle Wrapper from 8.11 to 8.11.1 by @github-actions in #538
- Feat/new implementation cyclonedx bom by @gordonrousselle in #532
- build(deps): bump gradle/actions from 4.2.0 to 4.2.1 by @dependabot in #536
- build(deps): bump commons-io:commons-io from 2.17.0 to 2.18.0 by @dependabot in #537
- fix: use configured componentVersion in PURL by @jeremylong in #542
- docs: document parameter to resolve build warnings by @jeremylong in #543
New Contributors
- @TheManWhoStaresAtCode made their first contribution in #504
- @gordonrousselle made their first contribution in #532
- @jeremylong made their first contribution in #539
Full Changelog: cyclonedx-gradle-plugin-1.10.0...cyclonedx-gradle-plugin-2.0.0-alpha-0
1.10.0
Features
- Order components and dependencies by purl and ref to have reproducible output by @emirmx in #457
- feat: add includeMetadataResolution property by @skhokhlov in #477
Bug Fixes
- Include local project dependencies as components #432 by @loicrouchon in #474
- fix: check that plugin.properties file exists by @skhokhlov in #489
Other Changes
- build(deps): bump org.cyclonedx.bom from 1.8.2 to 1.9.0 by @dependabot in #473
- chore: add proper configuration for thread lock by @skhokhlov in #476
- build: update gradle actions by @skhokhlov in #475
- build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #480
- build(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #483
- build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #484
- build(deps): migrate to gradle actions v4 by @skhokhlov in #486
- build: run dependency-submission only on master branch by @skhokhlov in #488
- chore: run thread lock less frequent by @skhokhlov in #490
- build: run dependency-submission only on master by @skhokhlov in #491
- build(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #487
- Update Gradle Wrapper from 8.9 to 8.10 by @github-actions in #492
- build: bump cyclonedx-core-java to 9.0.5 by @skhokhlov in #493
- Update issue templates by @skhokhlov in #494
- build(deps): bump org.apache.maven:maven-core from 3.9.8 to 3.9.9 by @dependabot in #496
New Contributors
Full Changelog: cyclonedx-gradle-plugin-1.9.0...cyclonedx-gradle-plugin-1.10.0
1.9.0
What's Changed
- Support for CycloneDX 1.6 in #444
- New
componentName
configuration property in #467 - Support for
zip
artifacts in #413 - build(deps): bump org.cyclonedx.bom from 1.8.1 to 1.8.2 by @dependabot in #389
- build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.1 by @dependabot in #397
- Update Gradle Wrapper from 8.5 to 8.6 by @github-actions in #396
- build(deps): bump gradle/wrapper-validation-action from 1.1.0 to 2.0.0 by @dependabot in #395
- build(deps): bump gradle/gradle-build-action from 2.11.1 to 3.0.0 by @dependabot in #394
- fix: move
plugin.properties
to namespaced location by @gcx-seb in #380 - build(deps): bump gradle/gradle-build-action from 3.0.0 to 3.1.0 by @dependabot in #402
- build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #406
- build(deps): bump commons-io:commons-io from 2.15.1 to 2.16.1 by @dependabot in #418
- build(deps): bump gradle/gradle-build-action from 3.1.0 to 3.2.1 by @dependabot in #417
- Update Gradle Wrapper from 8.6 to 8.7 by @github-actions in #412
- build(deps): bump gradle/wrapper-validation-action from 2.0.0 to 3.3.0 by @dependabot in #421
- build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 by @dependabot in #427
- build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #426
- build(deps): bump gradle/wrapper-validation-action from 3.3.0 to 3.3.1 by @dependabot in #425
- build(deps): bump gradle/gradle-build-action from 3.2.1 to 3.3.1 by @dependabot in #424
- fix for issue #331 by @zkstchhh in #413
- build(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #460
- build(deps): bump actions/checkout from 4.1.3 to 4.1.7 by @dependabot in #447
- chore: Create CODEOWNERS by @jkowalleck in #465
- docs: Update README.md by @prncoprs in #409
- build(deps): bump actions/setup-java from 4.0.0 to 4.2.1 by @dependabot in #408
- print all parsing errors during BOM validation by @skhokhlov in #445
- build(deps): bump org.apache.maven:maven-core from 3.9.6 to 3.9.8 by @dependabot in #452
- build(deps): bump commons-codec:commons-codec from 1.16.0 to 1.17.1 by @dependabot in #462
- test: verify that schema version 1.5 is used by default by @skhokhlov in #468
- Update Gradle Wrapper from 8.7 to 8.9 by @github-actions in #461
- fix: fail plugin execution if group, name, or version are not set by @skhokhlov in #469
- upgrade cyclonedx-core-java to 9.x.x by @skhokhlov in #444
- Enable override of the default component name by @MH-17 in #467
- build: prepare version 1.9.0 by @skhokhlov in #470
New Contributors
- @gcx-seb made their first contribution in #380
- @zkstchhh made their first contribution in #413
- @jkowalleck made their first contribution in #465
- @prncoprs made their first contribution in #409
- @MH-17 made their first contribution in #467
Full Changelog: cyclonedx-gradle-plugin-1.8.2...cyclonedx-gradle-plugin-1.9.0
1.8.2
What's Changed
- Update plugin version used in final BOM
- Check for artifact existence before looking inside for pom.xml
- Add local project dependencies to the built dependencies for local resolution
- include and skip configurations with regex by @skhokhlov in #383
- Add java 21 to CI tools by @glefloch in #385
Full Changelog: cyclonedx-gradle-plugin-1.8.1...cyclonedx-gradle-plugin-1.8.2
1.8.1
What's Changed
- Fix support for CycloneDX 1.5
- Bump version to 1.8.1
Full Changelog: cyclonedx-gradle-plugin-1.8.0...cyclonedx-gradle-plugin-1.8.1
1.8.0
What's Changed
- Consistently describe the defaults
- Migrate to kotlin based gradle DSL
- Update default task to include a small description of what it does
- Include transitive dependencies of non-jar artifacts instead ignore it
- Adding Metadata:Manufacture and Licenses
- Bump default schema to version 1.5
New Contributors
- @Bert-R made their first contribution in #274
- @akkrishnakumar made their first contribution in #350
- @flashfishgit made their first contribution in #310
Full Changelog: cyclonedx-gradle-plugin-1.7.4...cyclonedx-gradle-plugin-1.8.0
1.7.4
What's Changed
- Add instructions to generate BOM for multiple projects
- Throw validation exceptions to make it easier to debug validation failures
- Include license text configuration
- Support for aar dependencies on graph
Full Changelog: cyclonedx-gradle-plugin-1.7.3...cyclonedx-gradle-plugin-1.7.4
1.7.3
What's Changed
- Keep first track of dependency
- Add skipProject option
- Update Gradle Wrapper from 7.5.1 to 7.6
cyclonedx-gradle-plugin-1.7.2
What's Changed
- Fix issue with subprojects paths