feat!: v4.0.0

.editorconfig

@@ -31,7 +31,7 @@ trim_trailing_whitespace = false
 indent_style = space
 indent_size = 4
 
-[*.ini]
+[{*.ini,.bandit,.flake8}]
 charset = latin1
 indent_style = space
 indent_size = 4

.envrc

@@ -0,0 +1,5 @@
+# https://pipenv.pypa.io/en/latest/configuration.html
+export PIPENV_IGNORE_VIRTUALENVS=1
+
+# https://pdm-project.org/latest/usage/venv/
+export PDM_IGNORE_ACTIVE_VENV=1

.flake8

@@ -0,0 +1,20 @@
+[flake8]
+## https://flake8.pycqa.org/en/latest/user/configuration.html
+## keep in sync with isort config - in `.isort.cfg` file
+
+exclude =
+    build,dist,__pycache__,.eggs,*.egg-info*,
+    *_cache,*.cache,
+    .git,.tox,.venv,venv
+    _OLD,_TEST,
+    docs
+
+max-line-length = 120
+
+max-complexity = 15
+
+ignore =
+    # ignore `self`, `cls` markers of flake8-annotations>=2.0
+    ANN101,ANN102
+    # ignore ANN401 for dynamically typed *args and **kwargs
+    ANN401

.github/ISSUE_TEMPLATE/ValidationError-report.md

@@ -0,0 +1,33 @@
+---
+name: ValidationError report
+about: Report a ValidationError to help us improve
+title: "[ValidationError]"
+labels: ValidationError
+assignees: ''
+
+---
+
+## To Reproduce
+
+Steps to reproduce the behavior:
+
+1. How was _cyclonedx-py_  called?
+   <!-- e.g. `cyclonedx-py requirements ...` -->
+2. What kind of evidence was processed?
+   <!-- upload a complete project or set of other evidences to this issue, or a pastebin of you choice and put the link here. -->
+3. Error report:
+   <!-- upload the complete output to this issue, or a pastebin of you choice and put the link here. -->
+4. Expected result:
+   <!-- run the original call again
+   with parameters `--no-validate -vvv -o -`, 
+   then upload the output this issue, or to a pastebin of you choice and put the link here. -->
+
+## Environment
+
+- _cyclonedx-py_ version: <!-- e.g. `v3.2.0`. get via `cyclonedx-py --version` -->
+- Python version: <!-- get via `python --version` -->
+- OS: <!-- e.g. windows 11, ubuntu linux, ... -->
+
+## Additional context
+
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,34 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: "[BUG]"
+labels: bug
+assignees: ''
+
+---
+
+## Describe the bug
+
+A clear and concise description of what the bug is.
+
+## To Reproduce
+
+Steps to reproduce the behavior
+
+## Expected behavior
+
+A clear and concise description of what you expected to happen.
+
+## Screenshots or output-paste
+
+If applicable, add screenshots or past the output to help explain your problem.
+
+## Environment
+
+- _cyclonedx-py_ version: <!-- e.g. `v3.2.0`. get via `cyclonedx-py --version` -->
+- Python version: <!-- get via `python --version` -->
+- OS: <!-- e.g. windows 11, ubuntu linux, ... -->
+
+## Additional context
+
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,24 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+## Is your feature request related to a problem? Please describe.
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+## Describe the solution you'd like
+
+A clear and concise description of what you want to happen.
+
+## Describe alternatives you've considered
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+## Additional context
+
+Add any other context or screenshots about the feature request here.

.github/workflows/docker.yml

@@ -15,8 +15,8 @@ concurrency:
 
 env:
   REPORTS_DIR: CI_reports
-  PYTHON_VERISON: "3.10"
-  POETRY_VERSION: "1.1.15"
+  PYTHON_VERSION: "3.11"
+  POETRY_VERSION: "1.7.1"
 
 jobs:
   test:
@@ -34,11 +34,12 @@ jobs:
           fetch-depth: 0
       - name: setup reports-dir
         run: mkdir "$REPORTS_DIR"
-      - name: Setup python ${{ env.PYTHON_VERISON }}
+      - name: Setup python ${{ env.PYTHON_VERSION }}
         # see https://github.com/actions/setup-python
         uses: actions/setup-python@v5
         with:
-          python-version: ${{ env.PYTHON_VERISON }}
+          python-version: ${{ env.PYTHON_VERSION }}
+          architecture: 'x64'
       - name: Setup poetry ${{ env.POETRY_VERSION }}
         # see https://github.com/marketplace/actions/setup-poetry
         uses: Gr1N/setup-poetry@v8
@@ -73,18 +74,16 @@ jobs:
       - name: Build own SBoM (XML)
         run: >
           docker run --rm "$DOCKER_TAG"
-          -X
-          --environment
-          --format=xml
-          --output=-
+          environment
+          -vvv
+          --output-format XML
           > "$REPORTS_DIR/docker-image.bom.xml"
       - name: Build own SBoM (JSON)
         run: >
           docker run --rm "$DOCKER_TAG"
-          -X
-          --environment
-          --format=json
-          --output=-
+          environment
+          -vvv
+          --output-format JSON
           > "$REPORTS_DIR/docker-image.bom.json"
       - name: Artifact reports
         if: ${{ ! cancelled() }}