1.6.1

Functionally equivalent to CycloneDX 1.6.0 but with bug fixes to the XML/JSON/ProtoBuf implementations, and spelling, grammar and other editorial improvements.

---

What's Changed

• tests: annotate schema for test resources of CDX1.6 JSON by @jkowalleck in #423
• chore: depedabot for all used ecosystems by @jkowalleck in #424
• chore(dependencies): bump bufbuild/buf:1.30.1 by @jkowalleck in #431
• chore(deps): bump ajv-formats from 2.1.1 to 3.0.1 in /tools/src/test/js by @dependabot in #430
• docs: annotate protobuf licenses by @jkowalleck in #468
• chore(deps): bump org.apache.commons:commons-text from 1.2 to 1.12.0 in /tools by @dependabot in #439
• chore(deps): bump commons-io:commons-io from 2.7 to 2.16.1 in /tools by @dependabot in #429
• chore(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.0.0-M5 to 3.2.5 in /tools by @dependabot in #428
• Fix(1.6spec): Fixed typo in componentEvidence description by @Petzys in #451
• issue451-streamline by @jkowalleck in #475
• tests: Update to cyclonedx-core-java-9.0.2 for test runners by @Nicolas-Peiffer in #480
• tests: Adding 1.6 valid and invalid test files in the Java tests by @Nicolas-Peiffer in #482
• chore(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 in /tools by @dependabot in #484
• Update pom.xml by @jkowalleck in #489
• docs: revisit example urls in spec 1.6 by @jkowalleck in #490
• chore(deps): bump glob from 10.4.5 to 11.0.0 in /tools/src/test/js by @dependabot in #496
• Add space after colon by @tamir-alltrue-ai in #494
• 1.6 ecma by @stevespringett in #478
• chore(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.4.0 in /tools by @dependabot in #504
• chore(deps): bump org.apache.commons:commons-lang3 from 3.6 to 3.16.0 in /tools by @dependabot in #499
• chore(dependencies): bump Saxon-HE from 9.9.1-8 to 10.9 by @jkowalleck in #432
• fix: add missing cryptoRef to cryptoProperties.protocolPropertiesfor XML/PB by @jkowalleck in #502
• fix: ProtoBuf evidence not repeated, but optional by @jkowalleck in #425
• 1.6 ecma -- docs carry over by @jkowalleck in #512
• fix: revert PR #425 by @jkowalleck in #516
• fix(ProtoBuff): component evidence should be optional, istead of repeated by @jkowalleck in #517
• tests: fix ProtoBuf breaking detection to be wire-only by @jkowalleck in #532
• tests: bump docker image from bufbuild/buf:1.30.1 to :1.46.0 by @jkowalleck in #519
• tests: fix BrotoBuf BCcheck on version-level by @jkowalleck in #536
• tests: fix BrotoBuf test reports by @jkowalleck in #537
• fix(ProtoBuf): add ExternalReterence Type EXTERNAL_REFERENCE_TYPE_RELEASE_NOTES by @jkowalleck in #531
• fix(ProtoBuf,XML): component data repeatable by @jkowalleck in #530
• fix(ProtoBuf): Component.evidence optional by @jkowalleck in #534
• fix(ProtoBuf): add LicenseExpression.bom_ref by @jkowalleck in #529
• docs: transfer spec docs to ProtoBuf 1.6 by @jkowalleck in #539
• docs: transfer specdocs to XML 1.6 by @jkowalleck in #540
• fix(xml): requirement descriptions should be unbounded by @hakandilek in #533
• chore: prep v1.6.1 by @jkowalleck in #535
• chore(deps): bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 in /tools by @dependabot in #509

New Contributors

• @Petzys made their first contribution in #451
• @Nicolas-Peiffer made their first contribution in #480
• @tamir-alltrue-ai made their first contribution in #494
• @hakandilek made their first contribution in #533

Full Changelog: 1.6...1.6.1