Skip to content

dependabot npm(deps-dev): bump @cyclonedx/cyclonedx-npm from 1.19.3 to 1.20.0

Depen d'Abot requested to merge dependabot-npm_and_yarn-cyclonedx-cyclonedx-npm-1.20.0 into master

Bumps @cyclonedx/cyclonedx-npm from 1.19.3 to 1.20.0.

Release notes

Sourced from @​cyclonedx/cyclonedx-npm's releases.

1.20.0

Added

  • Official support for npm@11 (#1245 via #1249)
  • Capability to gather license text evidences (#256 via #1243)
    This feature can be controlled via CLI switch --gather-license-texts.
    This feature is experimental. This feature is disabled per default.

Dependencies

  • No longer directly depend on packageurl-js (via #1237)

Build

#256: CycloneDX/cyclonedx-node-npm#256 #1209: CycloneDX/cyclonedx-node-npm#1209 #1218: CycloneDX/cyclonedx-node-npm#1218 #1237: CycloneDX/cyclonedx-node-npm#1237 #1243: CycloneDX/cyclonedx-node-npm#1243 #1245: CycloneDX/cyclonedx-node-npm#1245 #1249: CycloneDX/cyclonedx-node-npm#1249 #1255: CycloneDX/cyclonedx-node-npm#1255

What's Changed

New Contributors

Full Changelog: https://github.com/CycloneDX/cyclonedx-node-npm/compare/v1.19.3...v1.20.0

Changelog

Sourced from @​cyclonedx/cyclonedx-npm's changelog.

1.20.0 -- 2025-01-13

  • Added
    • Official support for npm@11 (#1245 via #1249)
    • Capability to gather license text evidences (#256 via #1243)
      This feature can be controlled via CLI switch --gather-license-texts.
      This feature is experimental. This feature is disabled per default.
  • Dependencies
    • No longer directly depend on packageurl-js (via #1237)
  • Build

#256: CycloneDX/cyclonedx-node-npm#256 #1209: CycloneDX/cyclonedx-node-npm#1209 #1218: CycloneDX/cyclonedx-node-npm#1218 #1237: CycloneDX/cyclonedx-node-npm#1237 #1243: CycloneDX/cyclonedx-node-npm#1243 #1245: CycloneDX/cyclonedx-node-npm#1245 #1249: CycloneDX/cyclonedx-node-npm#1249 #1255: CycloneDX/cyclonedx-node-npm#1255

Commits

Merge request reports

Private personal CI stack from Kai KRETSCHMANN, for the fun of it!