Docs

• Made it clear, that {Builders,Factories}.{FromNodePackageJson,FromPackageJson}.* functionality is to be run on already normalized structures. (#517 via #518)
  Normalization should be done downstream, for example via normalize-package-data.

Full Changelog: v1.10.0...v1.12.0

Added

• New vulnerability-related enums were added in a new namespace Enums.Vulnerability (#164 via #419)
  Release stage is “beta”. These namespace and enums have been released to third-party developers experimentally for the purpose of collecting feedback. These enums should not be used in production, because their contracts may change without notice.
  • AffectStatus
  • AnalysisJustification
  • AnalysisResponse
  • AnalysisState
  • RatingMethod
  • Severity
• New vulnerability-related models were added in a new namespace Models.Vulnerability (#164 via #419)
  Release stage is “beta”. These namespace and models have been released to third-party developers experimentally for the purpose of collecting feedback. These models should not be used in production, because their contracts may change without notice.
  Attention: The models are not yet supported by shipped serializers nor shipped normalizers.
  • Advisory, AdvisoryRepository
  • Affect, AffectRepository, AffectedSingleVersion, AffectedVersionRange, AffectedVersionRepository
  • Analysis
  • Credits
  • Rating, RatingRepository
  • Reference, ReferenceRepository
  • Source
  • Vulnerability, VulnerabilityRepository
• New class Models.OrganizationalEntityRepository to represent a collection of Models.OrganizationalEntity (via #419)
  Additionally, Models.OrganizationalEntity.compare() was implemented.
• New types and related functionality Common Weaknesses Enumerations (CWE) were added (via #419)
  Release stage is “beta”. These types, functions and classes have been released to third-party developers experimentally for the purpose of collecting feedback. These types, functions and classes should not be used in production, because their contracts may change without notice.
  • type Types.CWE
  • runtime validation Types.isCWE()
  • class Types.CweRepository

Docs

• Use TSDoc syntax in TypeScript files, instead of JSDoc (via #318, #453)

Build

• Use TypeScript v4.9.5 now, was v4.9.4. (via #463)

Misc

• Added tests for internal helpers (via #454)
• Use eslint-config-standard-with-typescript@34.0.0 now, was 33.0.0 (via #460)

New Contributors

• @thepwagner made their first contribution in #419

Full Changelog: v1.10.0...v1.11.0

Added

• Typing: Interfaces of models' optional properties are now public API (#439 via #440)
• Ship TypeDoc configuration, so that users can build the documentation on demand (#57 via #436)

Fixed

• XML serializer now properly throws UnsupportedFormatError if it is unsupported by the supplied Spec (via #438)

Misc

• Added tests for internal helpers (via #431)
• Added more internal sortable data types (via #165)
• Fixed type hints in internals (via #432)
• Fixed type refs and links in doc-strings (via #437)
• Slightly improved performance of compare methods when reproducible results were needed (via #433)
• Use eslint-config-standard-with-typescript@33.0.0 now, was 23.0.0 (via #382, #423, #445)

Full Changelog: v1.9.2...v1.10.0

Maintenance release.

Docs

• fix CI/CT shield (badges/shields#8671 via #371)

Maintenance release.

Build

• Use TypeScript v4.9.4 now, was v4.9.3. (via #360)

Full Changelog: v1.9.0...v1.9.1

Changed

• Widened the accepted types for first parameter of all normalizeIterable methods (via #317)

Build

• Use TypeScript v4.9.3 now, was v4.8.4. (via #335)

Full Changelog: v1.8.0...v1.9.0

Added

• Detection for node-package manifests deprecated licenses format in the node-specific builders (#308 via #309)

Full Changelog: v1.7.0...v1.8.0

Changed

• Shipped TypeScript declarations are usable by TypeScript v3.8 and above now. (#291 via #292)
  Previously the source code was abused as type declarations, so they required a certain version of TypeScript 4.

Full Changelog: v1.6.0...v1.7.0

Changed

• Removed synthetic default imports im TypeScript sources. (via #243)
  The resulting JavaScript did not change in functionality.
  Downstream users of the TypeScript sources/definitions might consider this a feature, as they are no longer required to compile with allowSyntheticDefaultImports enabled.

Added

• Documentation and example regarding dependency tree modelling were added in multiple places. (via #250)

Build

• No longer enable TypeScript config esModuleInterop & allowSyntheticDefaultImports. (via #243)
• Use TypeScript v4.8.4 now, was v4.8.3. (via #246)

New Contributors

• @candrews made their first contribution in #243

Full Changelog: v1.5.1...v1.6.0

Deprecated

• The normalizer methods normalizeRepository will be known as normalizeIterable. (via #230)
• see also: v1.5.0

Full Changelog: v1.5.0...v1.5.1