Releases: sbt/sbt-sbom
Releases · sbt/sbt-sbom
0.4.0
New Maven groupid
sbt-sbom 0.4.0 is published to Maven Central under a new organization name com.github.sbt:
addSbtPlugin("com.github.sbt" % "sbt-sbom" % "0.4.0")- Update group and artifact ids by @raboof in #67
- Rename package to
com.github.sbt.sbomby @raboof in #68
Updates
- BOM verification by @siculo in #49
- Update cyclonedx-core-java to 10.1.0 by @scala-steward in #105
- Generate the latest supported CycloneDX version by default by @raboof in #70
- Update jawn-parser to 1.6.0 by @scala-steward in #86
- Update licenses.json and parsing without XML conversion by @lhns in #94
- fix: Fix dependency-graph by @lhns in #96
- SbomExtractor improvements by @lhns in #95
- JSON bomFormat by @lhns in #99
- Update SPDX license list to latest from upstream by @matmannion in #114
- Use the module homepage as a website externalReference in the components output by @matmannion in #115
- Populate dependencies from module graph by @matmannion in #109
Behind the scene
- ci: Update GitHub Actions by @eed3si9n in #61
- ci: Run scripted tests by @eed3si9n in #62
- Update Scala to 2.12.19, sbt to 1.10.0 by @raboof in #56
- ci: Add and apply scalafmt by @mdedetrich in #63
- ci: Add .git-blame-ignore-revs by @mdedetrich in #64
- ci: Add scala steward configuration by @mdedetrich in #65
- ci: Publish sbom along with other artifacts by @raboof in #57
- ci: Use sbt-github-actions by @mdedetrich in #66
- Update .gitignore by @mdedetrich in #72
- Disable serial number by default by @raboof in #71
- ci: Set scriptedSbt lowest support sbt version by @mdedetrich in #73
- ci: Add sbt-dependency-submission by @mdedetrich in #75
- refactor: Make case classes final by @mdedetrich in #69
- ci: Add scalafix by @mdedetrich in #77
- docs: Clean README.md and document formatting by @mdedetrich in #78
- Update scalatest to 3.2.19 by @scala-steward in #82
- Update scalamock to 6.0.0 by @scala-steward in #85
- Update sbt-ci-release to 1.9.2 by @scala-steward in #103
- Update sbt, scripted-plugin to 1.10.7 by @scala-steward in #104
- Update sbt-buildinfo to 0.13.1 by @scala-steward in #100
- Update scalamock to 6.1.1 by @scala-steward in #106
- chore: remove development dependencies from dependency submission by @raboof in #98
- chore: document that we still expect to make API changes by @raboof in #92
- chore: exclude scripted-sbt from dependency submission by @raboof in #113
- Add explicit license headers by @raboof in #111
New Contributors
- @eed3si9n made their first contribution in #61
- @raboof made their first contribution in #56
- @mdedetrich made their first contribution in #63
- @scala-steward made their first contribution in #83
- @lhns made their first contribution in #94
- @matmannion made their first contribution in #114
Full Changelog: v0.3.0...v0.4.0
Contributors
raboof, eed3si9n, and 5 other contributors
Assets 2
BOM version 1.0 + cyclonedx-core-java integration
Note: the cyclonedx-core-java library has been integrated and is used to generate the BOM. So, all old model classes used so far has been removed.
First development version
This version allow to create a bom.xml from sbt shell. The file created works with tools like Dependency Track (https://dependencytrack.org/). However, the result was not validated against any version of the bom file format. Anyway, the reference version is 1.0 (http://cyclonedx.org/schema/bom/1.0).