Skip to content

chore(deps): bump cyclonedx-python-lib from 11.7.0 to 11.11.0#65

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/cyclonedx-python-lib-11.11.0
Open

chore(deps): bump cyclonedx-python-lib from 11.7.0 to 11.11.0#65
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/cyclonedx-python-lib-11.11.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 20, 2026

Copy link
Copy Markdown
Contributor

Bumps cyclonedx-python-lib from 11.7.0 to 11.11.0.

Release notes

Sourced from cyclonedx-python-lib's releases.

v11.11.0 (2026-06-17)

Bug Fixes

  • Protocolpropertiestype enum case 5g-aka for CycloneDX 1.7 (#1004, bc97e1c)

Features

  • cryptoprimitive enum cases for CycloneDX 1.7 (#1002, 788ced1)

  • protocolpropertiestype enum cases for CycloneDX 1.7 (#1003, f9223d8)


What's Changed

Full Changelog: CycloneDX/cyclonedx-python-lib@v11.10.0...v11.11.0

v11.10.0 (2026-06-11)

Bug Fixes

  • Lossless flattening of dependency graph during JSON serialization (#993, d0e10ca)

  • Typing in contrib.bom.utils.BomDependencyGraphFlatMerger (#998, 988a937)

Documentation

  • Improve docs of contrib.bom.utils.BomRefDiscriminator (#996, 9beaf5c)

Features

  • Add contrib.bom.utils.BomDependencyGraphFlatMerger (#997, 78b8d8b)

  • Move output.BomRefDiscriminator to contrib.bom.utils.BomRefDiscriminator (#995, 3bb87aa)

Performance Improvements

  • contrib.bom.utils.bomdependencygraphflatmerger._flatten_merge (#999, a8579b8)

What's Changed

... (truncated)

Changelog

Sourced from cyclonedx-python-lib's changelog.

v11.11.0 (2026-06-17)

Bug Fixes

  • Protocolpropertiestype enum case 5g-aka for CycloneDX 1.7 (#1004, bc97e1c)

Features

  • cryptoprimitive enum cases for CycloneDX 1.7 (#1002, 788ced1)

  • protocolpropertiestype enum cases for CycloneDX 1.7 (#1003, f9223d8)

v11.10.0 (2026-06-11)

Bug Fixes

  • Lossless flattening of dependency graph during JSON serialization (#993, d0e10ca)

  • Typing in contrib.bom.utils.BomDependencyGraphFlatMerger (#998, 988a937)

Documentation

  • Improve docs of contrib.bom.utils.BomRefDiscriminator (#996, 9beaf5c)

Features

  • Add contrib.bom.utils.BomDependencyGraphFlatMerger (#997, 78b8d8b)

  • Move output.BomRefDiscriminator to contrib.bom.utils.BomRefDiscriminator (#995, 3bb87aa)

Performance Improvements

  • contrib.bom.utils.bomdependencygraphflatmerger._flatten_merge

... (truncated)

Commits
  • 7129d73 chore(release): 11.11.0
  • 28b75bd refactor: simplify contrib.bom.utils (#1000)
  • ebb168a tests: check all enum completeness (#992)
  • bc97e1c fix: ProtocolPropertiesType enum case 5g-aka for CycloneDX 1.7 (#1004)
  • f9223d8 feat: ProtocolPropertiesType enum cases for CycloneDX 1.7 (#1003)
  • 788ced1 feat: CryptoPrimitive enum cases for CycloneDX 1.7 (#1002)
  • bdeaa91 chore(release): 11.10.0
  • d0e10ca fix: lossless flattening of dependency graph during JSON serialization (#993)
  • a8579b8 perf: contrib.bom.utils.BomDependencyGraphFlatMerger._flatten_merge (#999)
  • 988a937 fix: typing in contrib.bom.utils.BomDependencyGraphFlatMerger (#998)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 11.7.0 to 11.11.0.
- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md)
- [Commits](CycloneDX/cyclonedx-python-lib@v11.7.0...v11.11.0)

---
updated-dependencies:
- dependency-name: cyclonedx-python-lib
  dependency-version: 11.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 20, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: deps, poetry. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants