v3.1.0

What's Changed

• Pin GitHub Actions workflows by @jspeed-meyers in #206
• Add GitHub Actions updates to dependabot by @jspeed-meyers in #207
• Bump ossf/scorecard-action from 2.3.1 to 2.4.0 in #212
• Bump actions/checkout from 2.7.0 to 4.2.2 in #211
• Bump pypa/gh-action-pypi-publish from 1.4.2 to 1.11.0 in #210
• Bump tj-actions/bandit from 5.1 to 5.5 in #209
• Bump actions/upload-artifact from 97a0fba1372883ab732affbe8f94b823f91727db to c24449f33cd45d4826c6702db7e49f7cdb9b551d in #208
• Bump actions/upload-artifact from 3.2.1.pre.node20 to 4.4.3 in #215
• Bump actions/setup-python from 3.1.4 to 5.3.0 in #216
• Make bandit Github Action read-only by @jspeed-meyers in #217
• Update SECURITY.md supported versions by @jspeed-meyers in #213
• Make permissions read-only for black linter by @jspeed-meyers in #218
• Update CodeQL GitHub Actions by @jspeed-meyers in #219
• Bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.2 in #220
• Update permissions on pylint GitHub Action by @jspeed-meyers in #221
• Fix typo: generare -> generate in README by @bact in #225
• Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 in #229
• Add FSCTv3 Common SBOM Baseline Attributes checker by @bact in #224
• Include FSCT3 information in README by @bact in #226
• Bump actions/upload-artifact from 4.4.3 to 4.5.0 in #231
• Update release version in pyproject.toml to 3.1.0 by @jspeed-meyers in #232
• Add Takashi's SBOM requirements comparison slide to README by @bact in #233

New Contributors

• @bact made their first contribution in #225. In fact, @bact rewrote and improved the entire codebase :) So thank you!!!!!

Full Changelog: v3.0.2...v3.1.0

v3.0.2

What's Changed

• Bump spdx-tools from 0.8.2 to 0.8.3 in #203
• Bump spdx-tools version to 0.8.3 in pyproject.toml in #204
• Bump package version to 3.0.2 in #205

Full Changelog: v3.0.1...v3.0.2

v3.0.1

What's Changed

• Add a Chainguard Images container SBOM and associated test
• Make get_components_without_identifiers() more concise
• Bump version to 3.0.1
• Remove container usage instructions from README

Full Changelog: v3.0.0...v3.0.1

v3.0.0

What's Changed

• 🔴 BREAKING CHANGE: Find the DESCRIBES relationship by looking through attached packages by @DanielOjalvo in #189
• Add Docker Version to Installation Instructions in #187
• Add scorecard GitHub Action YAML in #190
• Add Scorecard Badge to README in #191
• Create SECURITY.md file in #195
• missing supplier error message typo by @DmPanov in #197
• Bump version to v3.0.0 in #198

New Contributors

• @DanielOjalvo made their first contribution in #189
• @DmPanov made their first contribution in #197

Full Changelog: v2.0.0...v3.0.0

v2.0.0

What's Changed

• 🔴 BREAKING CHANGE: Fixed spelling of ntia_mininum_elements_compliant property by @thireo in #175
• 🔴 BREAKING CHANGE: Fix logic error in get_components_without_suppliers in #176
• 🔴 BREAKING CHANGE: Revise the implementation of check_dependency_relationships in #182
• Bump ntia-conformance-checker version to 2.0.0 in #184
• Delete .idea directory in #181
• Add pylint and black formatting instructions to contributing doc in #171
• Update README.md by @vargenau in #172

New Contributors

• @vargenau made their first contribution in #172
• @thireo made their first contribution in #175

Full Changelog: v1.1.0...v2.0.0

[This is take TWO on this release.]

v1.1.0

What's Changed

• Bump python version to 3.9 in GH Action CI by @jspeed-meyers in #164
• Provide more information in get_components_without_* functions by @CsatariGergely in #169

New Contributors

• @CsatariGergely made their first contribution in #169

Full Changelog: v1.0.0...v1.1.0

v1.0.0

What's Changed

• Bump spdx-tools from 0.8.1 to 0.8.2 by @dependabot in #160
• Cut v1.0.0 release by @jspeed-meyers in #163

Full Changelog: v0.6.0...v1.0.0

v0.6.0

What's Changed

• Bump spdx-tools from 0.8.0 to 0.8.1 by @dependabot in #149
• Make --file argument optional by @jspeed-meyers in #151
• Create release.md by @jspeed-meyers in #152
• Fix file argument by @mwkm00 in #154
• support for -v shorthand for --verbose by @devbysn in #156
• Bump spdx-tools from 0.8.1 to 0.8.2 by @dependabot in #158
• Bump project version to v0.6.0 by @jspeed-meyers in #159

New Contributors

• @mwkm00 made their first contribution in #154
• @devbysn made their first contribution in #156

Full Changelog: v0.5.1...v0.6.0

v0.5.1

What's Changed

• Bump spdx-tools from 0.8.0 to 0.8.1 by @dependabot in #146
• Bump version to 0.5.1 by @jspeed-meyers in #147

Full Changelog: v0.5.0...v0.5.1

v0.5.0

What's Changed

• make --file argument required by @lumjjb in #140
• fix json serialization for validation msgs by @lumjjb in #141
• Remove coverage bot by @jspeed-meyers in #143
• implement --skip-validation flag by @lumjjb in #142
• Bump version in pyproject.toml by @jspeed-meyers in #144

New Contributors

• @lumjjb made their first contribution in #140

Full Changelog: v0.4.0...v0.5.0