chore(deps): bump @cyclonedx/cyclonedx-library from 6.13.1 to 7.1.0 in the cyclonedx group across 1 directory

[dependabot]

Bumps the cyclonedx group with 1 update in the / directory: @cyclonedx/cyclonedx-library.

Updates @cyclonedx/cyclonedx-library from 6.13.1 to 7.1.0

Release notes

Sourced from @​cyclonedx/cyclonedx-library's releases.

7.1.0

Added

• New type Models.Copyright and class Models.CopyrightRepository (via #1202)
• New type Models.AttachmentContent (via #1202)

Changed

• Replace usage of internals Stringable & SortableStringables with public API (#1192 via #1202)
  This is considered a non-breaking change, as the types are not changed, but made publicly available.

Style

• Apply latest code style guide (via #1201)

Misc

• Support npm11 (#1191 via #1203)

#1191: CycloneDX/cyclonedx-javascript-library#1191 #1192: CycloneDX/cyclonedx-javascript-library#1192 #1201: CycloneDX/cyclonedx-javascript-library#1201 #1202: CycloneDX/cyclonedx-javascript-library#1202 #1203: CycloneDX/cyclonedx-javascript-library#1203

---

What's Changed

• chore(deps): bump typedoc from 0.26.11 to 0.27.2 in /tools/docs-gen in the typedoc group across 1 directory by @​dependabot in CycloneDX/cyclonedx-javascript-library#1186
• chore(deps-dev): bump webpack from 5.96.1 to 5.97.1 in the webpack group across 1 directory by @​dependabot in CycloneDX/cyclonedx-javascript-library#1187
• dont use internal types/classes in public API by @​jkowalleck in CycloneDX/cyclonedx-javascript-library#1202
• ci: use npm11 by @​jkowalleck in CycloneDX/cyclonedx-javascript-library#1203
• chore(deps-dev): bump webpack-cli from 5.1.4 to 6.0.1 in the webpack group across 1 directory by @​dependabot in CycloneDX/cyclonedx-javascript-library#1194
• chore(deps-dev): bump mocha from 10.8.2 to 11.0.1 in the mocha group across 1 directory by @​dependabot in CycloneDX/cyclonedx-javascript-library#1188
• chore(deps): bump the eslint group across 1 directory with 6 updates by @​dependabot in CycloneDX/cyclonedx-javascript-library#1201

Full Changelog: CycloneDX/cyclonedx-javascript-library@v7.0.0...v7.1.0

7.0.0

BREAKING changes

• Property Models.Bom.tools is an instance of Models.Tools now (#1152 via #1163)
  Before, it was an instance of Models.ToolRepository.
• Property Models.Vulnerability.tools is an instance of Models.Tools now (via #1163)
  Before, it was an instance of Models.ToolRepository.

Added

• Static function Models.Tool.fromComponent() (via #1163)
• Static function Models.Tool.fromService() (via #1163)
• New class Models.Tools (#1152 via #1163)
• New serialization/normalization for Models.Tools (#1152 via #1163, #1180)

Changed

• Serializers and Bom-Normalizers will take changed Models.Bom.tools into account (#1152 via #1163)
• Serializers and Vulnerability-Normalizers will take changed Models.Vulnerability.tools into account (via #1163)

Style

• Apply latest code style guide (via #1170, #1181)

Dependencies

• Support libxmljs2@^0.35 (via #1173)

... (truncated)

Changelog

Sourced from @​cyclonedx/cyclonedx-library's changelog.

7.1.0 -- 2025-01-09

• Added
  • New type Models.Copyright and class Models.CopyrightRepository (via #1202)
  • New type Models.AttachmentContent (via #1202)
• Changed
  • Replace usage of internals Stringable & SortableStringables with public API (#1192 via #1202)
    This is considered a non-breaking change, as the types are not changed, but made publicly available.
• Style
  • Apply latest code style guide (via #1201)
• Misc
  • Support npm11 (#1191 via #1203)

#1191: CycloneDX/cyclonedx-javascript-library#1191 #1192: CycloneDX/cyclonedx-javascript-library#1192 #1201: CycloneDX/cyclonedx-javascript-library#1201 #1202: CycloneDX/cyclonedx-javascript-library#1202 #1203: CycloneDX/cyclonedx-javascript-library#1203

7.0.0 -- 2024-11-26

• BREAKING changes
  • Property Models.Bom.tools is an instance of Models.Tools now (#1152 via #1163)
    Before, it was an instance of Models.ToolRepository.
  • Property Models.Vulnerability.tools is an instance of Models.Tools now (via #1163)
    Before, it was an instance of Models.ToolRepository.
• Added
  • Static function Models.Tool.fromComponent() (via #1163)
  • Static function Models.Tool.fromService() (via #1163)
  • New class Models.Tools (#1152 via #1163)
  • New serialization/normalization for Models.Tools (#1152 via #1163, #1180)
• Changed
  • Serializers and Bom-Normalizers will take changed Models.Bom.tools into account (#1152 via #1163)
  • Serializers and Vulnerability-Normalizers will take changed Models.Vulnerability.tools into account (via #1163)
• Style
  • Apply latest code style guide (via #1170, #1181)
• Dependencies
  • Support libxmljs2@^0.35 (via #1173)
  • Use packageurl-js@^2.0.1, was @>=0.0.6 <0.0.8 || ^1 (via #1142)
• Build
  • Use TypeScript v5.7.2 now, was v5.6.3 (via #1182)

#1142: CycloneDX/cyclonedx-javascript-library#1142 #1152: CycloneDX/cyclonedx-javascript-library#1152 #1163: CycloneDX/cyclonedx-javascript-library#1163 #1170: CycloneDX/cyclonedx-javascript-library#1170 #1173: CycloneDX/cyclonedx-javascript-library#1173 #1180: CycloneDX/cyclonedx-javascript-library#1180 #1181: CycloneDX/cyclonedx-javascript-library#1181 #1182: CycloneDX/cyclonedx-javascript-library#1182

Commits

• 08414c4 7.1.0
• a98d512 docs
• 492923c docs
• d031db7 chore: prep v7.1.0
• ccafb9f chore(deps): bump the eslint group across 1 directory with 6 updates (#1201)
• 35f6fce chore(deps-dev): bump mocha from 10.8.2 to 11.0.1 in the mocha group across 1...
• 4e43b62 chore(deps-dev): bump webpack-cli from 5.1.4 to 6.0.1 in the webpack group ac...
• 1070c28 ci: use npm11 (#1203)
• 9f707a3 docs
• 8932743 dont use internal types/classes in public API (#1202)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions