CycloneDX · madpah · Mar 20, 2023 · Jul 6, 2022 · Jul 6, 2022 · Jul 6, 2022
@@ -25,7 +25,7 @@ jobs:
           python -m pip install poetry --upgrade pip
           poetry config virtualenvs.create false
           poetry install
-          python -m pip install python-semantic-release
+          python -m pip install python-semantic-release==7.28.1
       - name: Apply Pre Release Version
         run: |
           RC_VERSION="$(semantic-release --noop --major print-version)-${{ github.event.inputs.release_candidate_suffix }}"

@@ -56,8 +56,8 @@ jobs:
             python-version: '3.10'
             toxenv-factor: 'locked'
           - # test with the lowest dependencies
-            os: ubuntu-20.04
-            python-version: '3.6'
+            os: ubuntu-latest
+            python-version: '3.7'
             toxenv-factor: 'lowest'
     steps:
       - name: Checkout
@@ -82,7 +82,7 @@ jobs:
   build-and-test:
     name: Test (${{ matrix.os }} py${{ matrix.python-version }} ${{ matrix.toxenv-factor }})
     runs-on: ${{ matrix.os }}
-    timeout-minutes: 10
+    timeout-minutes: 15
     env:
       REPORTS_ARTIFACT: tests-reports
     strategy:
@@ -93,22 +93,13 @@ jobs:
           - "3.10" # highest supported
           - "3.9"
           - "3.8"
-          - "3.7"
-          - "3.6" # lowest supported
+          - "3.7" # lowest supported
         toxenv-factor: ['locked']
         include:
-          - # test with py36 ubuntu20
-            os: ubuntu-20.04
-            python-version: '3.6'
-            toxenv-factor: 'locked'
           - # test with the lowest dependencies
-            os: ubuntu-20.04
-            python-version: '3.6'
-            toxenv-factor: 'lowest'
-        exclude:
-          - # no py36 with latest ubuntu - see https://raw.githubusercontent.com/actions/python-versions/main/versions-manifest.json
             os: ubuntu-latest
-            python-version: '3.6'
+            python-version: '3.7'
+            toxenv-factor: 'lowest'
     steps:
       - name: Disabled Git auto EOL CRLF transforms
         run: |

@@ -4,7 +4,7 @@ repos:
     hooks:
       - id: system
         name: mypy
-        entry: poetry run tox -e mypy
+        entry: poetry run tox -e mypy-locked
         pass_filenames: false
         language: system
   - repo: local

@@ -13,19 +13,21 @@
 ----
 
 This CycloneDX module for Python can generate valid CycloneDX bill-of-material document containing an aggregate of all
-project dependencies.
+project dependencies. CycloneDX is a lightweight BOM specification that is easily created, human-readable, and simple 
+to parse.
 
-This module is not designed for standalone use.
+**This module is not designed for standalone use.**
 
-If you're looking for a CycloneDX tool to run to generate (SBOM) software bill-of-materials documents, why not checkout: [CycloneDX Python][cyclonedx-python]
+As of version `3.0.0`, the internal data model was adjusted to allow CycloneDX VEX documents to be produced as per
+[official examples](https://cyclonedx.org/capabilities/bomlink/#linking-external-vex-to-bom-inventory) linking a VEX 
+documents to a separate BOM document.
 
-Additionally, the following tool can be used as well (and this library was written to help improve it) [Jake][jake].
+If you're looking for a CycloneDX tool to run to generate (SBOM) software bill-of-materials documents, why not checkout 
+[CycloneDX Python][cyclonedx-python] or [Jake][jake].
 
-Additionally, you can use this module yourself in your application to programmatically generate SBOMs.
+Alternatively, you can use this module yourself in your application to programmatically generate CycloneDX BOMs.
 
-CycloneDX is a lightweight BOM specification that is easily created, human-readable, and simple to parse.
-
-View our documentation [here](https://cyclonedx-python-library.readthedocs.io/).
+View the documentation [here](https://cyclonedx-python-library.readthedocs.io/).
 
 ## Python Support
 

@@ -21,4 +21,7 @@
 
 
 class CycloneDxException(Exception):
+    """
+    Root exception thrown by this library.
+    """
     pass
@@ -30,16 +30,28 @@ class CycloneDxFactoryException(CycloneDxException):
 
 
 class LicenseChoiceFactoryException(CycloneDxFactoryException):
+    """
+    Base exception that covers all LicenseChoiceFactory exceptions.
+    """
     pass
 
 
 class InvalidSpdxLicenseException(LicenseChoiceFactoryException):
+    """
+    Thrown when an invalid SPDX License is provided.
+    """
     pass
 
 
 class LicenseFactoryException(CycloneDxFactoryException):
+    """
+    Base exception that covers all LicenseFactory exceptions.
+    """
     pass
 
 
 class InvalidLicenseExpressionException(LicenseFactoryException):
+    """
+    Thrown when an invalid License expressions is provided.
+    """
     pass
@@ -22,6 +22,13 @@
 from . import CycloneDxException
 
 
+class BomGenerationErrorException(CycloneDxException):
+    """
+    Raised if there is an unknown error.
+    """
+    pass
+
+
 class FormatNotSupportedException(CycloneDxException):
     """
     Exception raised when attempting to output a BOM to a format not supported in the requested version.

@@ -14,3 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 # Copyright (c) OWASP Foundation. All Rights Reserved.
+
+"""
+Factories used in this library.
+"""
@@ -30,27 +30,24 @@ def make_from_string(self, name_or_spdx: str, *,
                          license_url: Optional[XsUri] = None) -> License:
         """Make a :class:`cyclonedx.model.License` from a string."""
         try:
-            return self.make_with_id(name_or_spdx, license_text=license_text, license_url=license_url)
+            return self.make_with_id(name_or_spdx, text=license_text, url=license_url)
         except InvalidSpdxLicenseException:
-            return self.make_with_name(name_or_spdx, license_text=license_text, license_url=license_url)
+            return self.make_with_name(name_or_spdx, text=license_text, url=license_url)
 
-    def make_with_id(self, spdx_id: str, *,
-                     license_text: Optional[AttachedText] = None,
-                     license_url: Optional[XsUri] = None) -> License:
+    def make_with_id(self, spdx_id: str, *, text: Optional[AttachedText] = None,
+                     url: Optional[XsUri] = None) -> License:
         """Make a :class:`cyclonedx.model.License` from an SPDX-ID.
 
         :raises InvalidSpdxLicenseException: if `spdx_id` was not known/supported SPDX-ID
         """
         spdx_license_id = spdx_fixup(spdx_id)
         if spdx_license_id is None:
             raise InvalidSpdxLicenseException(spdx_id)
-        return License(spdx_license_id=spdx_license_id, license_text=license_text, license_url=license_url)
+        return License(id=spdx_license_id, text=text, url=url)
 
-    def make_with_name(self, name: str, *,
-                       license_text: Optional[AttachedText] = None,
-                       license_url: Optional[XsUri] = None) -> License:
+    def make_with_name(self, name: str, *, text: Optional[AttachedText] = None, url: Optional[XsUri] = None) -> License:
         """Make a :class:`cyclonedx.model.License` with a name."""
-        return License(license_name=name, license_text=license_text, license_url=license_url)
+        return License(name=name, text=text, url=url)
 
 
 class LicenseChoiceFactory:
@@ -74,12 +71,12 @@ def make_with_compound_expression(self, compound_expression: str) -> LicenseChoi
         :raises InvalidLicenseExpressionException: if `expression` is not known/supported license expression
         """
         if is_spdx_compound_expression(compound_expression):
-            return LicenseChoice(license_expression=compound_expression)
+            return LicenseChoice(expression=compound_expression)
         raise InvalidLicenseExpressionException(compound_expression)
 
     def make_with_license(self, name_or_spdx: str, *,
                           license_text: Optional[AttachedText] = None,
                           license_url: Optional[XsUri] = None) -> LicenseChoice:
         """Make a :class:`cyclonedx.model.LicenseChoice` with a license (name or SPDX-ID)."""
-        return LicenseChoice(license_=self.license_factory.make_from_string(
+        return LicenseChoice(license=self.license_factory.make_from_string(
             name_or_spdx, license_text=license_text, license_url=license_url))
-Original file line number
+Diff line change
@@ Expand Up / @@ -21,4 +21,7 @@ @@
     class CycloneDxException(Exception):
+        """
+        Root exception thrown by this library.
+        """
         pass