From 296424366bf63f063357de913377cbdbb678c9f6 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 14:16:04 +0200 Subject: [PATCH 01/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 24 ++++++++++++++++++++++-- pyproject.toml | 3 +-- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eb99f16a7..4a7b9662e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -103,11 +103,31 @@ jobs: id-token: write contents: write steps: + - name: Generate GitHub App Token + id: release-bot-token + # see https://github.com/actions/create-github-app-token + uses: actions/create-github-app-token@v3 + with: + # see https://github.com/organizations/CycloneDX/settings/apps/cyclonedx-internal-release-bot + app-id: 3335294 + private-key: ${{ secrets.CDX_RELEASE_BOT_PRIVATE_KEY }} + - name: Get GitHub App User ID + id: release-bot-user-id + run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" + env: + GH_TOKEN: ${{ steps.release-bot-token.outputs.token }} + - name: Checkout code # see https://github.com/actions/checkout uses: actions/checkout@v6 with: fetch-depth: 0 + token: ${{ steps.release-bot-token.outputs.token }} + - name: git config + run: | + git config user.name '${{ steps.app-token.outputs.app-slug }}[bot]' + git config user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com' + git config commit.signoff true - name: Setup python # see https://github.com/actions/setup-python @@ -134,7 +154,7 @@ jobs: # see https://github.com/python-semantic-release/python-semantic-release uses: python-semantic-release/python-semantic-release@v10.0.2 with: - github_token: ${{ secrets.GITHUB_TOKEN }} + github_token: ${{ steps.release-bot-token.outputs.token }} force: ${{ github.event.inputs.release_force }} prerelease: ${{ github.event.inputs.prerelease }} prerelease_token: ${{ github.event.inputs.prerelease_token }} @@ -151,5 +171,5 @@ jobs: # see https://python-semantic-release.readthedocs.io/en/latest/automatic-releases/github-actions.html#python-semantic-release-publish-action uses: python-semantic-release/publish-action@v10 with: - github_token: ${{ secrets.GITHUB_TOKEN }} + github_token: ${{ steps.release-bot-token.outputs.token }} tag: ${{ steps.release.outputs.tag }} diff --git a/pyproject.toml b/pyproject.toml index 52b5dfdc6..343cebb56 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -115,8 +115,7 @@ jsonschema = { version = "*", extras = ["format"], optional=true } logging_use_named_masks = true commit_parser = "conventional" commit_parser_options = { parse_squash_commits = true, ignore_merge_commits = true } -commit_author = "semantic-release " -commit_message = "chore(release): {version}\n\nAutomatically generated by python-semantic-release\n\nSigned-off-by: semantic-release " +commit_message = "chore(release): {version}\n\nAutomatically generated by python-semantic-release" upload_to_vcs_release = true build_command = """ pip install poetry From 1c8e80651086db436fbb0f7815c020700c45c062 Mon Sep 17 00:00:00 2001 From: semantic-release Date: Fri, 10 Apr 2026 12:48:38 +0000 Subject: [PATCH 02/14] chore(release): 11.7.0-rc.1 Automatically generated by python-semantic-release --- CHANGELOG.md | 3 +++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 86d6a8728..a9ab24538 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ +## v11.7.0-rc.1 (2026-04-10) + + ## v11.7.0 (2026-03-17) ### Documentation diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index ff9bd20b3..29c4fc68a 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "11.7.0" # noqa:Q000 +__version__ = "11.7.0-rc.1" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 31daedd81..ad132e0bb 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '11.7.0' +release = '11.7.0-rc.1' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 343cebb56..2456dc2fc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "11.7.0" +version = "11.7.0-rc.1" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From bb409b7227d300cc89fe61f23d9c86e0f5b7fee6 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 14:57:41 +0200 Subject: [PATCH 03/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4a7b9662e..b51174c51 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -128,6 +128,8 @@ jobs: git config user.name '${{ steps.app-token.outputs.app-slug }}[bot]' git config user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com' git config commit.signoff true + git commit --allow-empty -m 'chore(release): testing' + git log -1 - name: Setup python # see https://github.com/actions/setup-python From 4298f1ed3b11ba4313bb82c25c87967484c7864f Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 15:04:54 +0200 Subject: [PATCH 04/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b51174c51..eb186fa9d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -113,7 +113,7 @@ jobs: private-key: ${{ secrets.CDX_RELEASE_BOT_PRIVATE_KEY }} - name: Get GitHub App User ID id: release-bot-user-id - run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" + run: echo "user-id=$(gh api "/users/${{ steps.release-bot-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ steps.release-bot-token.outputs.token }} @@ -125,8 +125,8 @@ jobs: token: ${{ steps.release-bot-token.outputs.token }} - name: git config run: | - git config user.name '${{ steps.app-token.outputs.app-slug }}[bot]' - git config user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com' + git config user.name '${{ steps.release-bot-token.outputs.app-slug }}[bot]' + git config user.email '${{ steps.release-bot-user-id.outputs.user-id }}+${{ steps.release-bot-token.outputs.app-slug }}[bot]@users.noreply.github.com' git config commit.signoff true git commit --allow-empty -m 'chore(release): testing' git log -1 From 58e212b8d8f531e32f5c9346f286fcd850b3195a Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 15:05:51 +0200 Subject: [PATCH 05/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eb186fa9d..a6d8ef202 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -113,7 +113,9 @@ jobs: private-key: ${{ secrets.CDX_RELEASE_BOT_PRIVATE_KEY }} - name: Get GitHub App User ID id: release-bot-user-id - run: echo "user-id=$(gh api "/users/${{ steps.release-bot-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" + run: | + set -x + echo "user-id=$(gh api "/users/${{ steps.release-bot-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ steps.release-bot-token.outputs.token }} From 0df831b4c654de9bce47954d86640414b5915ac6 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 15:07:05 +0200 Subject: [PATCH 06/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a6d8ef202..eb85215d7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -114,7 +114,7 @@ jobs: - name: Get GitHub App User ID id: release-bot-user-id run: | - set -x + set -xeu echo "user-id=$(gh api "/users/${{ steps.release-bot-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ steps.release-bot-token.outputs.token }} @@ -127,6 +127,7 @@ jobs: token: ${{ steps.release-bot-token.outputs.token }} - name: git config run: | + set -xeu git config user.name '${{ steps.release-bot-token.outputs.app-slug }}[bot]' git config user.email '${{ steps.release-bot-user-id.outputs.user-id }}+${{ steps.release-bot-token.outputs.app-slug }}[bot]@users.noreply.github.com' git config commit.signoff true From 1d7cecd3f2c230c8262b3ee1c4eed9c2347b94e3 Mon Sep 17 00:00:00 2001 From: "cyclonedx-internal-release-bot[bot]" <275040549+cyclonedx-internal-release-bot[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 13:09:38 +0000 Subject: [PATCH 07/14] chore(release): testing From 6e3c63729d2e6344c2b322253867b135c02e5d9b Mon Sep 17 00:00:00 2001 From: semantic-release Date: Fri, 10 Apr 2026 13:10:10 +0000 Subject: [PATCH 08/14] chore(release): 11.7.0-rc.2 Automatically generated by python-semantic-release --- CHANGELOG.md | 3 +++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a9ab24538..edf63197c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ +## v11.7.0-rc.2 (2026-04-10) + + ## v11.7.0-rc.1 (2026-04-10) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 29c4fc68a..9cc0d7703 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "11.7.0-rc.1" # noqa:Q000 +__version__ = "11.7.0-rc.2" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index ad132e0bb..87120da16 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '11.7.0-rc.1' +release = '11.7.0-rc.2' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 2456dc2fc..2dbe6deb2 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "11.7.0-rc.1" +version = "11.7.0-rc.2" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From a5fac8608b3ce261441ea19b7069b1ac3a1861da Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 15:41:48 +0200 Subject: [PATCH 09/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- .github/workflows/release.yml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eb85215d7..d6e08827c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -125,14 +125,6 @@ jobs: with: fetch-depth: 0 token: ${{ steps.release-bot-token.outputs.token }} - - name: git config - run: | - set -xeu - git config user.name '${{ steps.release-bot-token.outputs.app-slug }}[bot]' - git config user.email '${{ steps.release-bot-user-id.outputs.user-id }}+${{ steps.release-bot-token.outputs.app-slug }}[bot]@users.noreply.github.com' - git config commit.signoff true - git commit --allow-empty -m 'chore(release): testing' - git log -1 - name: Setup python # see https://github.com/actions/setup-python @@ -159,6 +151,8 @@ jobs: # see https://github.com/python-semantic-release/python-semantic-release uses: python-semantic-release/python-semantic-release@v10.0.2 with: + git_committer_name: ${{ steps.release-bot-token.outputs.app-slug }}[bot] + git_committer_email: ${{ steps.release-bot-user-id.outputs.user-id }}+${{ steps.release-bot-token.outputs.app-slug }}[bot]@users.noreply.github.com github_token: ${{ steps.release-bot-token.outputs.token }} force: ${{ github.event.inputs.release_force }} prerelease: ${{ github.event.inputs.prerelease }} From 7a8fe5de067af248327839b95d3bf342e24b00d0 Mon Sep 17 00:00:00 2001 From: "cyclonedx-internal-release-bot[bot]" <275040549+cyclonedx-internal-release-bot[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 13:47:56 +0000 Subject: [PATCH 10/14] chore(release): 11.7.0-rc.3 Automatically generated by python-semantic-release --- CHANGELOG.md | 3 +++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index edf63197c..9a1beb470 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ +## v11.7.0-rc.3 (2026-04-10) + + ## v11.7.0-rc.2 (2026-04-10) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 9cc0d7703..02f3986ed 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "11.7.0-rc.2" # noqa:Q000 +__version__ = "11.7.0-rc.3" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 87120da16..67624ed66 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '11.7.0-rc.2' +release = '11.7.0-rc.3' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 2dbe6deb2..28ab4ca57 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "11.7.0-rc.2" +version = "11.7.0-rc.3" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From 126585638281fcd7b773b909ed2fb04c4299de06 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 16:03:59 +0200 Subject: [PATCH 11/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck From 5d73c452f640011232e9b60b2eb6cbb0992df298 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 16:11:52 +0200 Subject: [PATCH 12/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck From 27532e1885e1b35fb09b97643f68f34d2154aa7b Mon Sep 17 00:00:00 2001 From: "cyclonedx-releases[bot]" <275040549+cyclonedx-releases[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 14:24:05 +0000 Subject: [PATCH 13/14] chore(release): 11.7.0-rc.4 Automatically generated by python-semantic-release --- CHANGELOG.md | 3 +++ cyclonedx/__init__.py | 2 +- docs/conf.py | 2 +- pyproject.toml | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a1beb470..ba1831d2f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ +## v11.7.0-rc.4 (2026-04-10) + + ## v11.7.0-rc.3 (2026-04-10) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index 02f3986ed..21ae3a1aa 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -22,4 +22,4 @@ # !! version is managed by semantic_release # do not use typing here, or else `semantic_release` might have issues finding the variable -__version__ = "11.7.0-rc.3" # noqa:Q000 +__version__ = "11.7.0-rc.4" # noqa:Q000 diff --git a/docs/conf.py b/docs/conf.py index 67624ed66..531419289 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -23,7 +23,7 @@ # The full version, including alpha/beta/rc tags # !! version is managed by semantic_release -release = '11.7.0-rc.3' +release = '11.7.0-rc.4' # -- General configuration --------------------------------------------------- diff --git a/pyproject.toml b/pyproject.toml index 28ab4ca57..623cc250a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" # !! version is managed by semantic_release -version = "11.7.0-rc.3" +version = "11.7.0-rc.4" description = "Python library for CycloneDX" authors = [ "Paul Horton ", From b0db8b5cd143b05a3bfde47041832ad14b18c557 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Fri, 10 Apr 2026 16:28:14 +0200 Subject: [PATCH 14/14] chore(release): use own GH app for releasing Signed-off-by: Jan Kowalleck --- CHANGELOG.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ba1831d2f..86d6a8728 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,18 +2,6 @@ -## v11.7.0-rc.4 (2026-04-10) - - -## v11.7.0-rc.3 (2026-04-10) - - -## v11.7.0-rc.2 (2026-04-10) - - -## v11.7.0-rc.1 (2026-04-10) - - ## v11.7.0 (2026-03-17) ### Documentation