[build-system]
requires = ["poetry-core>=1.0.0"]
build-backend = "poetry.core.masonry.api"

[tool.poetry]
name = "cyclonedx-python-lib"
# !! version is managed by semantic_release
version = "6.4.1"
description = "Python library for CycloneDX"
authors = [
  "Paul Horton <phorton@sonatype.com>",
  "Jan Kowalleck <jan.kowalleck@gmail.com>",
]
maintainers = [
  "Jan Kowalleck <jan.kowalleck@gmail.com>",
]
license = "Apache-2.0"
readme = "README.md"
homepage = "https://github.com/CycloneDX/cyclonedx-python-lib/#readme"
repository = "https://github.com/CycloneDX/cyclonedx-python-lib"
documentation = "https://cyclonedx-python-library.readthedocs.io/"
packages = [
  { include = "cyclonedx" }
]
include = [
  # all is an object -> prevent parse issue with dependabot
  { path="README.md", format =["sdist","wheel"] },
  { path="LICENSE", format=["sdist","wheel"] },
  { path="NOTICE", format=["sdist","wheel"] },
  { path="CHANGELOG.md", format=["sdist"] },
  { path="docs", format=["sdist"] },
  { path="examples", format=["sdist"] },
  { path="tests", format=["sdist"] },
]
exclude = [
  # exclude dotfiles and dotfolders
  "**/.*",
  "docs/_build", "docs/processes",
]
classifiers = [
  # Trove classifiers - https://packaging.python.org/specifications/core-metadata/#metadata-classifier
  # Full list: https://pypi.python.org/pypi?%3Aaction=list_classifiers
  'Development Status :: 5 - Production/Stable',
  'Intended Audience :: Developers',
  'Intended Audience :: Information Technology',
  'Intended Audience :: Legal Industry',
  'Intended Audience :: System Administrators',
  'Topic :: Security',
  'Topic :: Software Development',
  'Topic :: System :: Software Distribution',
  'License :: OSI Approved :: Apache Software License',
  'Programming Language :: Python :: 3.8',
  'Programming Language :: Python :: 3.9',
  'Programming Language :: Python :: 3.10',
  'Programming Language :: Python :: 3.11',
  'Programming Language :: Python :: 3.12',
  'Typing :: Typed',
]
keywords = [
  "CycloneDX", "library",
  "OWASP", "SCA",
  "Software Bill of Materials", "Bill of Materials",
  "BOM", "SBOM", "VEX", "VDR", "OBOM", "MBOM", "SaaSBOM",
  "SPDX", "PackageURL", "PURL",
]

[tool.poetry.urls]
"Bug Tracker" = "https://github.com/CycloneDX/cyclonedx-python-lib/issues"
"Funding" = "https://owasp.org/donate/?reponame=www-project-cyclonedx&title=OWASP+CycloneDX"

[tool.poetry.dependencies]
python = "^3.8"
packageurl-python = ">=0.11, <2"
py-serializable =  ">=0.16, <2"
sortedcontainers = "^2.4.0"
license-expression = "^30"
jsonschema = { version = "^4.18", extras=['format'], optional=true }
lxml = { version=">=4,<6", optional=true }

[tool.poetry.extras]
validation = ["jsonschema", "lxml"]
json-validation = ["jsonschema"]
xml-validation = ["lxml"]

[tool.poetry.group.dev.dependencies]
ddt = "1.7.1"
coverage = "7.4.1"
flake8 = { version="7.0.0", python=">=3.8.1" }
flake8-annotations = { version="3.0.1", python=">=3.8.1" }
flake8-bugbear = { version="24.2.6", python=">=3.8.1" }
flake8-isort = "6.1.1"
flake8-quotes = "3.4.0"
flake8-use-fstring = "1.4"
pep8-naming = "0.13.3"
isort = "5.13.2"
autopep8 = "2.0.4"
mypy = "1.8.0"
tox = "4.13.0"
xmldiff = "2.6.3"
bandit = "1.7.7"

[tool.semantic_release]
# see https://python-semantic-release.readthedocs.io/en/latest/configuration.html
commit_author = "semantic-release <semantic-release>"
commit_message = "chore(release): {version}\n\nAutomatically generated by python-semantic-release\n\nSigned-off-by: semantic-release <semantic-release>"
upload_to_vcs_release = true
build_command = "pip install poetry && poetry build"
version_toml = ["pyproject.toml:tool.poetry.version"]
version_variables = [
  "cyclonedx/__init__.py:__version__",
  "docs/conf.py:release",
]

[tool.semantic_release.publish]
dist_glob_patterns = ["dist/*"]
upload_to_vcs_release = true

[tool.semantic_release.changelog]
changelog_file = "CHANGELOG.md"
exclude_commit_patterns = [
  "chore\\(release\\):",
]

[tool.semantic_release.branches.main]
match = "(main|master)"
prerelease = false

[tool.semantic_release.branches."step"]
match = "(build|chore|ci|docs|feat|fix|perf|style|refactor|test)"
prerelease = true
prerelease_token = "alpha"

[tool.semantic_release.branches."major-dev"]
match = "(\\d+\\.0\\.0-(dev|rc)|dev/\\d+\\.0\\.0)"
prerelease = true
prerelease_token = "rc"