CycloneDX/cyclonedx-python-lib v11.8.0

on GitHub

v11.8.0 (2026-06-04)

Documentation

• Update CDX summary (#951, 752b162)

Features

• Add support CycloneDX 1.7.1 & 1.6.2 & 1.5.1 (#985, 303889b)

• Pull SPDX license IDs v1.1-3.28.0 (#986, 42ff044)

What's Changed

• chore: extract glob for pyupgrade to separate script for cross-platform compatibility by @peschuster in #950
• docs: update CDX summary by @jkowalleck in #951
• chore: fix test coverage reporting by @jkowalleck in #956
• chore(deps-dev): update tomli requirement from 2.3.0 to 2.4.1 by @dependabot[bot] in #954
• chore(release): use own GH app for releasing by @jkowalleck in #958
• chore(ci): pin GitHub Actions to immutable SHAs while preserving tag tracking by @Copilot in #961
• chore: add zizmor workflow to harden GitHub Actions security by @Copilot in #968
• Update PULL_REQUEST_TEMPLATE.md by @jkowalleck in #974
• chore: Update CONTRIBUTING.md by @jkowalleck in #975
• chore(ci): comments for pinned actions by @jkowalleck in #984
• feat: add support CycloneDX 1.7.1 & 1.6.2 & 1.5.1 by @jkowalleck in #985
• chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 by @dependabot[bot] in #982
• chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.1 by @dependabot[bot] in #964
• chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.1 by @dependabot[bot] in #963
• feat: pull SPDX license IDs v1.1-3.28.0 by @jkowalleck in #986

Full Changelog: v11.7.0...v11.8.0