File: pyproject.toml

package info (click to toggle)
cyclonedx-python-lib 9.1.0-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 10,112 kB
  • sloc: xml: 14,752; python: 11,463; makefile: 21; sh: 16
file content (142 lines) | stat: -rw-r--r-- 4,554 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
 
[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"

[tool.poetry]
name = "cyclonedx-python-lib"
# !! version is managed by semantic_release
version = "9.1.0"
description = "Python library for CycloneDX"
authors = [
  "Paul Horton <phorton@sonatype.com>",
  "Jan Kowalleck <jan.kowalleck@gmail.com>",
]
maintainers = [
  "Jan Kowalleck <jan.kowalleck@gmail.com>",
]
license = "Apache-2.0"
readme = "README.md"
homepage = "https://github.com/CycloneDX/cyclonedx-python-lib/#readme"
repository = "https://github.com/CycloneDX/cyclonedx-python-lib"
documentation = "https://cyclonedx-python-library.readthedocs.io/"
packages = [
  { include = "cyclonedx" }
]
include = [
  # all is an object -> prevent parse issue with dependabot
  { path="README.md", format =["sdist"] },
  { path="CHANGELOG.md", format=["sdist"] },
  { path="docs", format=["sdist"] },
  { path="examples", format=["sdist"] },
  { path="tests", format=["sdist"] },
]
exclude = [
  # exclude dotfiles and dotfolders
  "**/.*",
  "docs/_build", "docs/processes",
]
classifiers = [
  # Trove classifiers - https://packaging.python.org/specifications/core-metadata/#metadata-classifier
  # Full list: https://pypi.python.org/pypi?%3Aaction=list_classifiers
  'Development Status :: 5 - Production/Stable',
  'Intended Audience :: Developers',
  'Intended Audience :: Information Technology',
  'Intended Audience :: Legal Industry',
  'Intended Audience :: System Administrators',
  'Topic :: Security',
  'Topic :: Software Development',
  'Topic :: System :: Software Distribution',
  'License :: OSI Approved :: Apache Software License',
  'Programming Language :: Python :: 3.8',
  'Programming Language :: Python :: 3.9',
  'Programming Language :: Python :: 3.10',
  'Programming Language :: Python :: 3.11',
  'Programming Language :: Python :: 3.12',
  'Programming Language :: Python :: 3.13',
  'Typing :: Typed',
]
keywords = [
  "CycloneDX", "library",
  "OWASP", "SCA",
  "Software Bill of Materials", "Bill of Materials",
  "BOM", "SBOM", "VEX", "VDR", "OBOM", "MBOM", "SaaSBOM",
  "SPDX", "PackageURL", "PURL",
]

[tool.poetry.urls]
"Bug Tracker" = "https://github.com/CycloneDX/cyclonedx-python-lib/issues"
"Funding" = "https://owasp.org/donate/?reponame=www-project-cyclonedx&title=OWASP+CycloneDX"

[tool.poetry.dependencies]
python = "^3.8"
packageurl-python = ">=0.11, <2"
py-serializable =  "^2.0.0"
sortedcontainers = "^2.4.0"
license-expression = "^30"
jsonschema = { version = "^4.18", extras=['format'], optional=true }
lxml = { version=">=4,<6", optional=true }

[tool.poetry.extras]
validation = ["jsonschema", "lxml"]
json-validation = ["jsonschema"]
xml-validation = ["lxml"]

[tool.poetry.group.dev.dependencies]
ddt = "1.7.2"
coverage = "7.6.1"
flake8 = { version="7.1.2", python=">=3.8.1" }
flake8-annotations = { version="3.1.1", python=">=3.8.1" }
flake8-bugbear = { version="24.12.12", python=">=3.8.1" }
flake8-copyright-validator = "0.0.1"
flake8-isort = "6.1.1"
flake8-quotes = "3.4.0"
flake8-use-fstring = "1.4"
pep8-naming = "0.14.1"
isort = "5.13.2"
autopep8 = "2.3.1"
mypy = "1.14.1"
tomli = { version = "2.2.1", python = "<3.11" }
tox = "4.24.1"
xmldiff = "2.7.0"
bandit = "1.7.10"

[tool.semantic_release]
# see https://python-semantic-release.readthedocs.io/en/latest/configuration.html
commit_author = "semantic-release <semantic-release@bot.local>"
commit_message = "chore(release): {version}\n\nAutomatically generated by python-semantic-release\n\nSigned-off-by: semantic-release <semantic-release@bot.local>"
upload_to_vcs_release = true
build_command = "pip install poetry && poetry build"
version_toml = ["pyproject.toml:tool.poetry.version"]
version_variables = [
  "cyclonedx/__init__.py:__version__",
  "docs/conf.py:release",
]

[tool.semantic_release.publish]
dist_glob_patterns = ["dist/*"]
upload_to_vcs_release = true

[tool.semantic_release.changelog]
changelog_file = "CHANGELOG.md"
exclude_commit_patterns = [
  '''chore(?:\([^)]*?\))?: .+''',
  '''ci(?:\([^)]*?\))?: .+''',
  '''refactor(?:\([^)]*?\))?: .+''',
  '''style(?:\([^)]*?\))?: .+''',
  '''tests?(?:\([^)]*?\))?: .+''',
  '''build\((?!deps\): .+)''',
]

[tool.semantic_release.branches.main]
match = "(main|master)"
prerelease = false

[tool.semantic_release.branches."step"]
match = "(build|chore|ci|docs|feat|fix|perf|style|refactor|tests?)"
prerelease = true
prerelease_token = "alpha"

[tool.semantic_release.branches."major-dev"]
match = "(\\d+\\.0\\.0-(dev|rc)|dev/\\d+\\.0\\.0)"
prerelease = true
prerelease_token = "rc"