github CycloneDX/cyclonedx-gradle-plugin cyclonedx-gradle-plugin-2.0.0
2.0.0
on GitHub

latest release: cyclonedx-gradle-plugin-2.1.0
one month ago

CycloneDX Gradle Plugin version 2.0.0 features a comprehensive codebase overhaul for improved structure and maintainability, along with new capabilities such as Gradle Configuration Cache support and enhanced dependency resolution for various artifact types, including AAR, WAR, and ZIP files. This update also addresses critical issues, resolving indefinite loops during dependency resolution, ensuring consistent and accurate outcomes, and eliminating problems related to missing dependencies.

🚀 New Features

  • New Implementation for CycloneDX Gradle Plugin: Enhanced BOM generation with a new implementation. By @gordonrousselle in #532
  • Add Git External Reference: Introduced the ability to include Git as an external reference. By @barblin in #520
  • Retrieve Build-System Metadata: The build system now retrieves metadata directly from the environment. By @jeremylong in #546

🛠️ Improvements & Fixes

  • Use Lenient Artifact View: Updated artifact handling for improved leniency. By @jeremylong in #539
  • Fix Component Version in PURL: Ensured correct usage of the configured component version in PURL. By @jeremylong in #542
  • Avoid Deprecated Tools Section: Removed reliance on deprecated tools sections. By @jeremylong in #544
  • Improve Documentation: Fixed typos, clarified warnings resolution, and updated Git documentation. By @TheManWhoStaresAtCode, @barblin, and @jeremylong in #504, #543, and #547

🔧 Dependency Updates

  • Gradle Wrapper updates:
    • From 8.10 to 8.12 via multiple PRs by @github-actions (#506, #516, #533, and #559).
  • Library and action updates by @dependabot:
    • CycloneDX Core Java: From 9.0.5 to 10.1.0 (#526, #550, #560)
    • Actions: Setup Java, Checkout, Upload Artifact, and Gradle Actions (#507, #518, #556, and more)
    • Commons-IO and Commons-Codec libraries (#515, #537, #561)

🧑‍💻 New Contributors

📜 Full Changelog

  • build(deps): bump org.cyclonedx.bom from 1.9.0 to 1.10.0 by @dependabot in #499
  • Update Gradle Wrapper from 8.10 to 8.10.1 by @github-actions in #506
  • build(deps): bump actions/setup-java from 4.2.2 to 4.3.0 by @dependabot in #507
  • Introduce code formatting constraints by @skhokhlov in #508
  • build(deps): bump com.gradle.plugin-publish from 1.2.1 to 1.3.0 by @dependabot in #512
  • build(deps): bump gradle/actions from 4.0.0 to 4.1.0 by @dependabot in #513
  • Update Gradle Wrapper from 8.10.1 to 8.10.2 by @github-actions in #516
  • refactor: decouple methods and add debug logging by @skhokhlov in #510
  • build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #518
  • build(deps): bump gradle-update/update-gradle-wrapper-action from 1.0.20 to 2.0.0 by @dependabot in #514
  • build(deps): bump commons-io:commons-io from 2.16.1 to 2.17.0 by @dependabot in #515
  • build(deps): bump actions/setup-java from 4.3.0 to 4.4.0 by @dependabot in #517
  • build(deps): bump org.cyclonedx:cyclonedx-core-java from 9.0.5 to 9.1.0 by @dependabot in #526
  • build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.3 by @dependabot in #524
  • build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #522
  • fix typos in README.md by @TheManWhoStaresAtCode in #504
  • build(deps): bump actions/setup-java from 4.4.0 to 4.5.0 by @dependabot in #531
  • build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #530
  • Update Gradle Wrapper from 8.10.2 to 8.11 by @github-actions in #533
  • build(deps): bump gradle/actions from 4.1.0 to 4.2.0 by @dependabot in #534
  • Update Gradle Wrapper from 8.11 to 8.11.1 by @github-actions in #538
  • Feat/new implementation cyclonedx bom by @gordonrousselle in #532
  • build(deps): bump gradle/actions from 4.2.0 to 4.2.1 by @dependabot in #536
  • build(deps): bump commons-io:commons-io from 2.17.0 to 2.18.0 by @dependabot in #537
  • fix: use lenient artifact view by @jeremylong in #539
  • fix: use configured componentVersion in PURL by @jeremylong in #542
  • docs: document parameter to resolve build warnings by @jeremylong in #543
  • fix: avoid using deprecated tools section by @jeremylong in #544
  • build: prepare version 2.0.0-alpha-0 by @skhokhlov in #545
  • feat: add git external reference. by @barblin in #520
  • docs: fix vcs git docu and some spelling errors by @barblin in #547
  • build(deps): bump org.cyclonedx:cyclonedx-core-java from 9.1.0 to 10.0.0 by @dependabot in #550
  • feat: retrieve build-system metadata from build environment by @jeremylong in #546
  • Version 2.0.0-alpha-1 by @skhokhlov in #552
  • build(deps): bump org.junit.jupiter:junit-jupiter-engine from 5.11.3 to 5.11.4 by @dependabot in #553
  • build(deps): bump org.junit.jupiter:junit-jupiter-api from 5.11.3 to 5.11.4 by @dependabot in #554
  • build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 by @dependabot in #555
  • build(deps): bump gradle/actions from 4.2.1 to 4.2.2 by @dependabot in #556
  • build(deps): bump actions/setup-java from 4.5.0 to 4.6.0 by @dependabot in #557
  • build(deps): bump org.cyclonedx:cyclonedx-core-java from 10.0.0 to 10.1.0 by @dependabot in #560
  • build(deps): bump commons-codec:commons-codec from 1.17.1 to 1.17.2 by @dependabot in #561
  • build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in #564
  • Update Gradle Wrapper from 8.11.1 to 8.12 by @github-actions in #559
  • build: prepare release version 2.0.0 by @skhokhlov in #566

cyclonedx-gradle-plugin-1.10.0...cyclonedx-gradle-plugin-2.0.0

Check out latest releases or
releases around CycloneDX/cyclonedx-gradle-plugin cyclonedx-gradle-plugin-2.0.0

Don't miss a new cyclonedx-gradle-plugin release

NewReleases is sending notifications on new releases.

Get notifications