1.10.0

Features

• Order components and dependencies by purl and ref to have reproducible output by @emirmx in #457
• feat: add includeMetadataResolution property by @skhokhlov in #477

Bug Fixes

• Include local project dependencies as components #432 by @loicrouchon in #474
• fix: check that plugin.properties file exists by @skhokhlov in #489

Other Changes

• build(deps): bump org.cyclonedx.bom from 1.8.2 to 1.9.0 by @dependabot in #473
• chore: add proper configuration for thread lock by @skhokhlov in #476
• build: update gradle actions by @skhokhlov in #475
• build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #480
• build(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #483
• build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #484
• build(deps): migrate to gradle actions v4 by @skhokhlov in #486
• build: run dependency-submission only on master branch by @skhokhlov in #488
• chore: run thread lock less frequent by @skhokhlov in #490
• build: run dependency-submission only on master by @skhokhlov in #491
• build(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #487
• Update Gradle Wrapper from 8.9 to 8.10 by @github-actions in #492
• build: bump cyclonedx-core-java to 9.0.5 by @skhokhlov in #493
• Update issue templates by @skhokhlov in #494
• build(deps): bump org.apache.maven:maven-core from 3.9.8 to 3.9.9 by @dependabot in #496

New Contributors

• @emirmx made their first contribution in #457

Full Changelog: cyclonedx-gradle-plugin-1.9.0...cyclonedx-gradle-plugin-1.10.0

1.9.0

What's Changed

• Support for CycloneDX 1.6 in #444
• New componentName configuration property in #467
• Support for zip artifacts in #413
• build(deps): bump org.cyclonedx.bom from 1.8.1 to 1.8.2 by @dependabot in #389
• build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.1 by @dependabot in #397
• Update Gradle Wrapper from 8.5 to 8.6 by @github-actions in #396
• build(deps): bump gradle/wrapper-validation-action from 1.1.0 to 2.0.0 by @dependabot in #395
• build(deps): bump gradle/gradle-build-action from 2.11.1 to 3.0.0 by @dependabot in #394
• fix: move plugin.properties to namespaced location by @gcx-seb in #380
• build(deps): bump gradle/gradle-build-action from 3.0.0 to 3.1.0 by @dependabot in #402
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #406
• build(deps): bump commons-io:commons-io from 2.15.1 to 2.16.1 by @dependabot in #418
• build(deps): bump gradle/gradle-build-action from 3.1.0 to 3.2.1 by @dependabot in #417
• Update Gradle Wrapper from 8.6 to 8.7 by @github-actions in #412
• build(deps): bump gradle/wrapper-validation-action from 2.0.0 to 3.3.0 by @dependabot in #421
• build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 by @dependabot in #427
• build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #426
• build(deps): bump gradle/wrapper-validation-action from 3.3.0 to 3.3.1 by @dependabot in #425
• build(deps): bump gradle/gradle-build-action from 3.2.1 to 3.3.1 by @dependabot in #424
• fix for issue #331 by @zkstchhh in #413
• build(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #460
• build(deps): bump actions/checkout from 4.1.3 to 4.1.7 by @dependabot in #447
• chore: Create CODEOWNERS by @jkowalleck in #465
• docs: Update README.md by @prncoprs in #409
• build(deps): bump actions/setup-java from 4.0.0 to 4.2.1 by @dependabot in #408
• print all parsing errors during BOM validation by @skhokhlov in #445
• build(deps): bump org.apache.maven:maven-core from 3.9.6 to 3.9.8 by @dependabot in #452
• build(deps): bump commons-codec:commons-codec from 1.16.0 to 1.17.1 by @dependabot in #462
• test: verify that schema version 1.5 is used by default by @skhokhlov in #468
• Update Gradle Wrapper from 8.7 to 8.9 by @github-actions in #461
• fix: fail plugin execution if group, name, or version are not set by @skhokhlov in #469
• upgrade cyclonedx-core-java to 9.x.x by @skhokhlov in #444
• Enable override of the default component name by @MH-17 in #467
• build: prepare version 1.9.0 by @skhokhlov in #470

New Contributors

• @gcx-seb made their first contribution in #380
• @zkstchhh made their first contribution in #413
• @jkowalleck made their first contribution in #465
• @prncoprs made their first contribution in #409
• @MH-17 made their first contribution in #467

Full Changelog: cyclonedx-gradle-plugin-1.8.2...cyclonedx-gradle-plugin-1.9.0

1.8.2

What's Changed

• Update plugin version used in final BOM
• Check for artifact existence before looking inside for pom.xml
• Add local project dependencies to the built dependencies for local resolution
• include and skip configurations with regex by @skhokhlov in #383
• Add java 21 to CI tools by @glefloch in #385

Full Changelog: cyclonedx-gradle-plugin-1.8.1...cyclonedx-gradle-plugin-1.8.2

1.8.1

What's Changed

• Fix support for CycloneDX 1.5
• Bump version to 1.8.1

Full Changelog: cyclonedx-gradle-plugin-1.8.0...cyclonedx-gradle-plugin-1.8.1

1.8.0

What's Changed

• Consistently describe the defaults
• Migrate to kotlin based gradle DSL
• Update default task to include a small description of what it does
• Include transitive dependencies of non-jar artifacts instead ignore it
• Adding Metadata:Manufacture and Licenses
• Bump default schema to version 1.5

New Contributors

• @Bert-R made their first contribution in #274
• @akkrishnakumar made their first contribution in #350
• @flashfishgit made their first contribution in #310

Full Changelog: cyclonedx-gradle-plugin-1.7.4...cyclonedx-gradle-plugin-1.8.0

1.7.4

What's Changed

• Add instructions to generate BOM for multiple projects
• Throw validation exceptions to make it easier to debug validation failures
• Include license text configuration
• Support for aar dependencies on graph

Full Changelog: cyclonedx-gradle-plugin-1.7.3...cyclonedx-gradle-plugin-1.7.4

1.7.3

What's Changed

• Keep first track of dependency
• Add skipProject option
• Update Gradle Wrapper from 7.5.1 to 7.6

cyclonedx-gradle-plugin-1.7.2

What's Changed

• Fix issue with subprojects paths

1.7.1

What's Changed

• doc issue about configs
• Disregard non-jar dependencies
• Add componentVersion property
• Prevent stack overflow in case of loop in the dependency graph
• Handle dependency graph for multi-module project

1.7.0

What's new:

• Fix delayed properties
• Fix output formats
• Init contributing guide
• Fix javadoc warning about version on writeBom
• Expose dependency graph