Skip to content

Pull requests: CycloneDX/specification

New pull request New
38 Open 401 Closed
38 Open 401 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Added support for conditional components and associated unit tests proposed core enhancement request for comment RFC notice sent A public RFC notice was distributed to the CycloneDX mailing list for consideration
#929 opened May 12, 2026 by stevespringett Member Loading… 2.0
1
@stevespringett
chore(deps): bump actions/download-artifact from 5.0.0 to 8.0.1 dependencies Pull requests that update a dependency file
#926 opened May 9, 2026 by dependabot Bot Loading…
fix: correct BLS12 algorithm pattern
#923 opened May 2, 2026 by Mehrn0ush Contributor Loading…
1
fix: correct GOST 28147 algorithm names
#921 opened May 2, 2026 by Mehrn0ush Contributor Loading…
1
fix: sync cryptographic algorithm family enum
#919 opened May 2, 2026 by Mehrn0ush Contributor Loading…
1
chore(deps): bump commons-io:commons-io from 2.17.0 to 2.22.0 in /tools dependencies Pull requests that update a dependency file
#916 opened Apr 25, 2026 by dependabot Bot Loading…
2
chore(deps): bump actions/setup-python from 5.6.0 to 6.2.0 dependencies Pull requests that update a dependency file
#913 opened Apr 18, 2026 by dependabot Bot Loading…
1
chore(deps-dev): bump com.networknt:json-schema-validator from 1.5.5 to 3.0.2 in /tools dependencies Pull requests that update a dependency file
#912 opened Apr 18, 2026 by dependabot Bot Loading…
1
chore(deps): bump actions/upload-artifact from 4.6.2 to 7.0.1 dependencies Pull requests that update a dependency file
#911 opened Apr 18, 2026 by dependabot Bot Loading…
1
chore(deps): bump actions/checkout from 5.0.1 to 6.0.2 dependencies Pull requests that update a dependency file
#910 opened Apr 18, 2026 by dependabot Bot Loading…
1
CBOM: add custom fingerprints cap: cryptography Capability: Cryptography (CBOM) proposed core enhancement request for comment RFC notice sent A public RFC notice was distributed to the CycloneDX mailing list for consideration
#903 opened Apr 2, 2026 by bhess Contributor Loading… 2.0
4
chore: GH workflow default permissions for bundle_2.0_schemas.yml
#902 opened Mar 31, 2026 by jkowalleck Member Loading… 2.0
chore: update algorithm families
#893 opened Mar 26, 2026 by github-actions Bot Loading…
streamline self refs
#888 opened Mar 16, 2026 by jkowalleck Member Loading… 2.0
Migrate enveloped signature support from JSF to JSS proposed core enhancement request for comment RFC notice sent A public RFC notice was distributed to the CycloneDX mailing list for consideration
#858 opened Mar 1, 2026 by stevespringett Member Loading… 2.0
1
@stevespringett
26
chore(deps-dev): bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.5 in /tools dependencies Pull requests that update a dependency file
#854 opened Feb 28, 2026 by dependabot Bot Loading…
2
test(js): compile CycloneDX 2.0 schema in lint harness
#838 opened Feb 21, 2026 by Mehrn0ush Contributor Loading… 2.0
@jkowalleck
fix(tests): enable JS functional tests for CycloneDX 2.0
#836 opened Feb 21, 2026 by Mehrn0ush Contributor Loading… 2.0
@jkowalleck
fix(linter): harden traverseSchema (cycle-safe traversal, unambiguous paths)
#833 opened Feb 21, 2026 by Mehrn0ush Contributor Loading… 2.0
chore(deps-dev): bump org.junit.jupiter:junit-jupiter-api from 5.11.4 to 6.0.3 in /tools dependencies Pull requests that update a dependency file
#831 opened Feb 21, 2026 by dependabot Bot Loading…
2
schema: refactor data/threat models and refresh bundles
#777 opened Jan 17, 2026 by P3tra-WP Loading… 2.0
21
Refactors role-specific properties into entities breaking-changes CDX 2.0 related to release v2.0 promote to tc54 Promote to Ecma Technical Committee 54 request for comment RFC notice sent A public RFC notice was distributed to the CycloneDX mailing list for consideration RFC vote accepted
#776 opened Jan 15, 2026 by stevespringett Member Loading… 2.0
1
@stevespringett
18
Implements conditional subschemas based on component type CDX 2.0 related to release v2.0
#774 opened Jan 13, 2026 by stevespringett Member Loading… 2.0
1
7
2.0 dev threat modeling petras suggestions
#760 opened Jan 4, 2026 by P3tra-WP Loading… 2.0
12
fix: allow multiple entries for ModelCard considerations lists in xml CDX 1.5 related to release v1.5 CDX 1.6 related to release v1.6 CDX 1.7 related to release v1.7 defect format: XML
#744 opened Dec 17, 2025 by wiebe-vandendriessche Loading… 1.7.1
1
23
ProTip! Follow long discussions with comments:>50.