build: bump cyclonedx-bom from 4.6.1 to 7.0.0
Open
Number: #17
Type: Pull Request
State: Open
Type: Pull Request
State: Open
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: None
Comments: 0
dependabot[bot]Association: None
Comments: 0
Created:
August 05, 2025 at 02:39 AM UTC
(11 months ago)
(11 months ago)
Updated:
August 05, 2025 at 02:39 AM UTC
(11 months ago)
(11 months ago)
Labels:
dependencies no_ci_cd_run
dependencies no_ci_cd_run
Assignees:
aps831
aps831
Description:
Bumps cyclonedx-bom from 4.6.1 to 7.0.0.
Release notes
Sourced from cyclonedx-bom's releases.
v7.0.0 (2025-07-14)
BREAKING Changes
- Finalize PEP639, auto-enable it, remove CLI switch
environment --PEP-639(#928,6b81028)
- Handling of PEP 639 changed, as the specification changed during finalization.
- Handling of PEP 639 is always enabled, as Python Packing specification 2.4 recognizes it.
- CLI parameter
environment --PEP-639was removed.- Remove deprecated CLI switches
--schema-versionand--outfile, use--spec-versionand--output-fileinstead (#892,2be98e5)
What's Changed
- chore: test for missing dependencies by
@jkowalleckin CycloneDX/cyclonedx-python#930- chore(deps-dev): Update bandit requirement from 1.8.5 to 1.8.6 by
@dependabot[bot] in CycloneDX/cyclonedx-python#932- feat!: finalize PEP639, auto-enable it, remove CLI switch
environment --PEP-639by@jkowalleckin CycloneDX/cyclonedx-python#928- feat!: remove deprecated CLI switches
--schema-versionand--outfile, use--spec-versionand--output-fileinstead by@virgo-oin CycloneDX/cyclonedx-python#892- chore(deps-dev): Update uv requirement from 0.7.19 to 0.7.20 by
@dependabot[bot] in CycloneDX/cyclonedx-python#933Full Changelog: https://github.com/CycloneDX/cyclonedx-python/compare/v6.1.3...v7.0.0
v7.0.0-alpha.1 (2025-07-09)
Detailed Changes: v6.1.3...v7.0.0-alpha.1
v6.1.3 (2025-07-08)
Bug Fixes
What's Changed
- chore(deps-dev): Update uv requirement from 0.7.13 to 0.7.16 by
@dependabotin CycloneDX/cyclonedx-python#922- style: make long-text indents smaller by
@jkowalleckin CycloneDX/cyclonedx-python#924- chore(deps-dev): Update coverage requirement from 7.9.1 to 7.9.2 by
@dependabotin CycloneDX/cyclonedx-python#926- chore(deps-dev): Update uv requirement from 0.7.16 to 0.7.19 by
@dependabotin CycloneDX/cyclonedx-python#927- fix: license file detection according to PEP621 by
@jkowalleckin CycloneDX/cyclonedx-python#929Full Changelog: https://github.com/CycloneDX/cyclonedx-python/compare/v6.1.2...v6.1.3
v6.1.2 (2025-06-26)
... (truncated)
Changelog
Sourced from cyclonedx-bom's changelog.
v7.0.0 (2025-07-14)
BREAKING Changes
Finalize PEP639, auto-enable it, remove CLI switch
environment --PEP-639(#928,6b81028)Remove deprecated CLI switches
--schema-versionand--outfile, use--spec-versionand--output-fileinstead (#892,2be98e5)v6.1.3 (2025-07-08)
Bug Fixes
v6.1.2 (2025-06-26)
Bug Fixes
Documentation
Formatting and reorder of code style instructions. (
15ac2cd)License file
*.rstare NOT typetext- they are binary (#911,168f81d)v6.1.1 (2025-05-12)
Bug Fixes
- Maintenance (
e3c168b)v6.1.0 (2025-05-12)
... (truncated)
Commits
a980d02chore(release): 7.0.0df97008chore(deps-dev): Update uv requirement from 0.7.19 to 0.7.20 (#933)2be98e5feat!: remove deprecated CLI switches--schema-versionand--outfile, use...6b81028feat!: finalize PEP639, auto-enable it, remove CLI switch `environment --PEP-...5c783cdchore(deps-dev): Update bandit requirement from 1.8.5 to 1.8.6 (#932)dab6052Revert "chore(release): 7.0.1-alpha.1"ec64c8cchore(release): 7.0.1-alpha.1b7a8f64chore: fix tox for deptryf5430a2chore: test for missing dependencies (#930)93158ffchore(release): 6.1.3- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request Statistics
Commits:
1
1
Files Changed:
2
2
Additions:
+19
+19
Deletions:
-16
-16
Package Dependencies
Technical Details
| ID: | 4596569 |
| UUID: | 2719670936 |
| Node ID: | PR_kwDOOqzJLs6iGuKY |
| Host: | GitHub |
| Repository: | aps831/workflows-testbed-python |
| Merge State: | Unknown |