CVS commit: pkgsrc/security/py-cyclonedx-python-lib

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/py-cyclonedx-python-lib
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 7 Nov 2023 22:58:59 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue Nov  7 22:58:59 UTC 2023

Modified Files:
        pkgsrc/security/py-cyclonedx-python-lib: Makefile PLIST distinfo

Log Message:
py-cyclonedx-python-lib: update to 5.1.1.

5.1.1

Bugfix release

5.1.0

Documentation

    docs: advance license docs (f61a730)

Feature

    feat: guarantee unique BomRefs in serialization result (#479) (a648775)
    Incorporate output.BomRefDiscriminator on serialization

5.0.1

What's Changed

    docs: fix RTFD build by @jkowalleck in #476
    docs: revisit project meta by @jkowalleck in #475
    chore: make pyproject parsable by dependabot by @jkowalleck in #477
    chore(deps): bump python-semantic-release/python-semantic-release from 8.0.8 to 8.3.0 by @dependabot in #474

5.0.0

BREAKING CHANGES

    Dropped support for python<3.8 (#436 via #441; enable #433)
    Reworked license related models, collections, and factories (#365 via #466)
    Behavior
        Method model.bom.Bom.validate() will throw exception.LicenseExpressionAlongWithOthersException, if detecting invalid license constellation (#453 via #452)
        Fixed tuple comparison when unequal lengths (via #461)
    API
        Enum schema.SchemaVersion is no longer string-like (#442 via #447)
        Enum schema.OutputVersion is no longer string-like (#442 via #447)
        Abstract class output.BaseOutput requires implementation of new method output_format (#446 via #447)
        Abstract method output.BaseOutput.output_as_string() got new optional parameter indent (#437 via #458)
        Abstract method output.BaseOutput.output_as_string() accepts arbitrary kwargs (via #458, #462)
        Removed class factory.license.LicenseChoiceFactory (via #466)
        The old functionality was integrated into factory.license.LicenseFactory.
        Method factory.license.LicenseFactory.make_from_string()'s parameter name_or_spdx was renamed to value (via #466)
        Method factory.license.LicenseFactory.make_from_string()'s return value can also be a LicenseExpression (#365 via #466)
        The behavior imitates the old factory.license.LicenseChoiceFactory.make_from_string()
        Renamed class module.License to module.license.DisjunctliveLicense (#365 via #466)
        Removed class module.LicenseChoice (#365 via #466)
        Use dedicated classes module.license.DisjunctliveLicense and module.license.LicenseExpression instead
        All occurrences of models.LicenseChoice were replaced by models.licenses.License (#365 via #466)
        All occurrences of SortedSet[LicenseChoice] were specialized to models.license.LicenseRepository (#365 via #466)

Fixed

    Serialization of multy-licenses (#365 via #466)
    Detect unused "dependent" components in model.bom.validate() (via #464)

Changed

    Updated latest supported list of supported SPDX license identifiers (via #433)
    Shipped schema files are moved to a protected space (via #433)
    These files were never intended for public use.
    XML output uses a default namespace, which makes results smaller. (#438 via #458)

Added

    Support for Python 3.12 (via #460)
    JSON- & XML-Validators (#432, #446 via #433, #448)
    The functionality might require additional dependencies, that can be installed with the extra "validation".
    See the docs in section "Installation" for details.
    JSON & XML can be generated in a more human-friendly form (#437, #438 via #458)
    Type hints, typings & overloads for better integration downstream (via #463)
    API
        New function output.make_outputter() (via #469)
        This replaces the deprecated function output.get_instance().
        New sub-package validation (#432, #446 via #433, #448, #469, #468, #469)
        New class exception.MissingOptionalDependencyException (#432 via #433)
        New class exception.LicenseExpressionAlongWithOthersException (#453 via #452)
        New dictionaries output.{json,xml}.BY_SCHEMA_VERSION (#446 via #447)
        Existing implementations of class output.BaseOutput now have a new method output_format (#446 via #447)
        Existing implementations of method output.BaseOutput.output_as_string() got new optional parameter indent (#437 via #458)
        Existing implementations of method output.BaseOutput.output_to_file() got new optional parameter indent (#437 via #458)
        New method factory.license.LicenseFactory.make_with_expression() (via #466)
        New class model.license.DisjunctiveLicense (#365 via #466)
        New class model.license.LicenseExpression (#365 via #466)
        New class model.license.LicenseRepository (#365 via #466)
        New class serialization.LicenseRepositoryHelper (#365 via #466)

Deprecated

    Function output.get_instance() might be removed, use output.make_outputter() instead (via #469)

Tests

    Added validation tests with official CycloneDX schema test data (#432 via #433)
    Use proper snapshots, instead of pseudo comparison (#437 via #464)
    Added regression test for bug #365 (via #466, #467)

Misc

    Dependencies: bumped py-serializable@^0.15.0, was @^0.11.1 (via #458, #463, #464, #466)
    Style: streamlined quotes and strings (via #472)
    Chore: bumped internal dev- and QA-tools (#436 via #441, #472)
    Chore: added more QA tools to prevent common security issues (via #473)


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/py-cyclonedx-python-lib/Makefile
cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/py-cyclonedx-python-lib/PLIST
cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/py-cyclonedx-python-lib/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/py-cyclonedx-python-lib/Makefile
diff -u pkgsrc/security/py-cyclonedx-python-lib/Makefile:1.17 pkgsrc/security/py-cyclonedx-python-lib/Makefile:1.18
--- pkgsrc/security/py-cyclonedx-python-lib/Makefile:1.17       Sat Oct 28 19:57:14 2023
+++ pkgsrc/security/py-cyclonedx-python-lib/Makefile    Tue Nov  7 22:58:58 2023
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.17 2023/10/28 19:57:14 wiz Exp $
+# $NetBSD: Makefile,v 1.18 2023/11/07 22:58:58 wiz Exp $
 
-DISTNAME=      cyclonedx_python_lib-4.1.0
+DISTNAME=      cyclonedx_python_lib-5.1.1
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:S/_/-/g}
-PKGREVISION=   1
 CATEGORIES=    security python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=c/cyclonedx-python-lib/}
 
@@ -15,16 +14,18 @@ TOOL_DEPENDS+=      ${PYPKGPREFIX}-poetry-cor
 DEPENDS+=      ${PYPKGPREFIX}-packageurl>=0.9:../../devel/py-packageurl
 DEPENDS+=      ${PYPKGPREFIX}-serializable>=0.11.1:../../devel/py-serializable
 DEPENDS+=      ${PYPKGPREFIX}-sortedcontainers>=2.4.0:../../devel/py-sortedcontainers
-TEST_DEPENDS+= ${PYPKGPREFIX}-ddt-[0-9]*:../../devel/py-ddt
+DEPENDS+=      ${PYPKGPREFIX}-license-expression>=0:../../devel/py-license-expression
+TEST_DEPENDS+= ${PYPKGPREFIX}-ddt>=1.6.0:../../devel/py-ddt
 TEST_DEPENDS+= ${PYPKGPREFIX}-jsonschema-[0-9]*:../../textproc/py-jsonschema
 TEST_DEPENDS+= ${PYPKGPREFIX}-lxml-[0-9]*:../../textproc/py-lxml
-TEST_DEPENDS+= ${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
 TEST_DEPENDS+= ${PYPKGPREFIX}-xmldiff-[0-9]*:../../textproc/py-xmldiff
 
 PYTHON_VERSIONS_INCOMPATIBLE=  27
 
-do-test:
-       cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX}
+post-install:
+       ${RM} ${DESTDIR}${PREFIX}/${PYSITELIB}/LICENSE
+       ${RM} ${DESTDIR}${PREFIX}/${PYSITELIB}/NOTICE
+       ${RM} ${DESTDIR}${PREFIX}/${PYSITELIB}/README.md
 
 .include "../../lang/python/wheel.mk"
 .include "../../mk/bsd.pkg.mk"

Index: pkgsrc/security/py-cyclonedx-python-lib/PLIST
diff -u pkgsrc/security/py-cyclonedx-python-lib/PLIST:1.7 pkgsrc/security/py-cyclonedx-python-lib/PLIST:1.8
--- pkgsrc/security/py-cyclonedx-python-lib/PLIST:1.7   Sat Oct 28 19:57:14 2023
+++ pkgsrc/security/py-cyclonedx-python-lib/PLIST       Tue Nov  7 22:58:58 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.7 2023/10/28 19:57:14 wiz Exp $
+@comment $NetBSD: PLIST,v 1.8 2023/11/07 22:58:58 wiz Exp $
 ${PYSITELIB}/cyclonedx/__init__.py
 ${PYSITELIB}/cyclonedx/__init__.pyc
 ${PYSITELIB}/cyclonedx/__init__.pyo
@@ -41,6 +41,9 @@ ${PYSITELIB}/cyclonedx/model/impact_anal
 ${PYSITELIB}/cyclonedx/model/issue.py
 ${PYSITELIB}/cyclonedx/model/issue.pyc
 ${PYSITELIB}/cyclonedx/model/issue.pyo
+${PYSITELIB}/cyclonedx/model/license.py
+${PYSITELIB}/cyclonedx/model/license.pyc
+${PYSITELIB}/cyclonedx/model/license.pyo
 ${PYSITELIB}/cyclonedx/model/release_note.py
 ${PYSITELIB}/cyclonedx/model/release_note.pyc
 ${PYSITELIB}/cyclonedx/model/release_note.pyo
@@ -66,35 +69,44 @@ ${PYSITELIB}/cyclonedx/py.typed
 ${PYSITELIB}/cyclonedx/schema/__init__.py
 ${PYSITELIB}/cyclonedx/schema/__init__.pyc
 ${PYSITELIB}/cyclonedx/schema/__init__.pyo
-${PYSITELIB}/cyclonedx/schema/bom-1.0.xsd
-${PYSITELIB}/cyclonedx/schema/bom-1.1.xsd
-${PYSITELIB}/cyclonedx/schema/bom-1.2-strict.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.2.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.2.xsd
-${PYSITELIB}/cyclonedx/schema/bom-1.2b.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.3-strict.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.3.proto
-${PYSITELIB}/cyclonedx/schema/bom-1.3.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.3.xsd
-${PYSITELIB}/cyclonedx/schema/bom-1.3a.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.4.schema.json
-${PYSITELIB}/cyclonedx/schema/bom-1.4.xsd
-${PYSITELIB}/cyclonedx/schema/ext/bom-descriptor-0.9.xsd
-${PYSITELIB}/cyclonedx/schema/ext/bom-descriptor-1.0.xsd
-${PYSITELIB}/cyclonedx/schema/ext/dependency-graph-1.0.xsd
-${PYSITELIB}/cyclonedx/schema/ext/vulnerability-1.0-SNAPSHOT.schema.json
-${PYSITELIB}/cyclonedx/schema/ext/vulnerability-1.0.xsd
+${PYSITELIB}/cyclonedx/schema/_res/README.md
+${PYSITELIB}/cyclonedx/schema/_res/__init__.py
+${PYSITELIB}/cyclonedx/schema/_res/__init__.pyc
+${PYSITELIB}/cyclonedx/schema/_res/__init__.pyo
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.0.SNAPSHOT.xsd
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.1.SNAPSHOT.xsd
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.2-strict.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.2.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.2.SNAPSHOT.xsd
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.3-strict.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.3.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.3.SNAPSHOT.xsd
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.4.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/bom-1.4.SNAPSHOT.xsd
+${PYSITELIB}/cyclonedx/schema/_res/jsf-0.82.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/spdx.SNAPSHOT.schema.json
+${PYSITELIB}/cyclonedx/schema/_res/spdx.SNAPSHOT.xsd
 ${PYSITELIB}/cyclonedx/schema/schema.py
 ${PYSITELIB}/cyclonedx/schema/schema.pyc
 ${PYSITELIB}/cyclonedx/schema/schema.pyo
-${PYSITELIB}/cyclonedx/schema/spdx.schema.json
-${PYSITELIB}/cyclonedx/schema/spdx.xsd
 ${PYSITELIB}/cyclonedx/serialization/__init__.py
 ${PYSITELIB}/cyclonedx/serialization/__init__.pyc
 ${PYSITELIB}/cyclonedx/serialization/__init__.pyo
 ${PYSITELIB}/cyclonedx/spdx.py
 ${PYSITELIB}/cyclonedx/spdx.pyc
 ${PYSITELIB}/cyclonedx/spdx.pyo
+${PYSITELIB}/cyclonedx/validation/__init__.py
+${PYSITELIB}/cyclonedx/validation/__init__.pyc
+${PYSITELIB}/cyclonedx/validation/__init__.pyo
+${PYSITELIB}/cyclonedx/validation/json.py
+${PYSITELIB}/cyclonedx/validation/json.pyc
+${PYSITELIB}/cyclonedx/validation/json.pyo
+${PYSITELIB}/cyclonedx/validation/model.py
+${PYSITELIB}/cyclonedx/validation/model.pyc
+${PYSITELIB}/cyclonedx/validation/model.pyo
+${PYSITELIB}/cyclonedx/validation/xml.py
+${PYSITELIB}/cyclonedx/validation/xml.pyc
+${PYSITELIB}/cyclonedx/validation/xml.pyo
 ${PYSITELIB}/${WHEEL_INFODIR}/LICENSE
 ${PYSITELIB}/${WHEEL_INFODIR}/METADATA
 ${PYSITELIB}/${WHEEL_INFODIR}/RECORD

Index: pkgsrc/security/py-cyclonedx-python-lib/distinfo
diff -u pkgsrc/security/py-cyclonedx-python-lib/distinfo:1.12 pkgsrc/security/py-cyclonedx-python-lib/distinfo:1.13
--- pkgsrc/security/py-cyclonedx-python-lib/distinfo:1.12       Sat Sep  9 20:56:01 2023
+++ pkgsrc/security/py-cyclonedx-python-lib/distinfo    Tue Nov  7 22:58:58 2023
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.12 2023/09/09 20:56:01 wiz Exp $
+$NetBSD: distinfo,v 1.13 2023/11/07 22:58:58 wiz Exp $
 
-BLAKE2s (cyclonedx_python_lib-4.1.0.tar.gz) = 21ba612f59274304751e40cfd2495c471bbb1ea2942b08129f442a094a3f314f
-SHA512 (cyclonedx_python_lib-4.1.0.tar.gz) = 67ab69bcfa95fd135b3c93399f70f78a9c1460b9546fa7435c67d6059456e3172038156b3e817cd9a4b4c9257d43b8c18481aed1f27b5c2f6a824d3709fddf36
-Size (cyclonedx_python_lib-4.1.0.tar.gz) = 247057 bytes
+BLAKE2s (cyclonedx_python_lib-5.1.1.tar.gz) = 0613d47287ef2b98703fa9dcaaa92f86b43c256d10bd7d1c7a8ec4b656d3491d
+SHA512 (cyclonedx_python_lib-5.1.1.tar.gz) = 5a2ffb8bcd7fc70fd204081e51365bc45c93365a9d7b4f42d642229c1e3dd8d5d991e70787dd0c1522ba1917fcdc970a8aa52f88d0142e225c911f3ffa3492bb
+Size (cyclonedx_python_lib-5.1.1.tar.gz) = 432346 bytes

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index