From db0ad0b3ff2d56a846782e74d2db150b454e7862 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 11 Dec 2024 19:45:51 +0000
Subject: [PATCH 1/2] Bump cyclonedx-python-lib from 7.6.2 to 8.5.0

Bumps [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib) from 7.6.2 to 8.5.0.
- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/CycloneDX/cyclonedx-python-lib/compare/v7.6.2...v8.5.0)

---
updated-dependencies:
- dependency-name: cyclonedx-python-lib
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 0b87d1af..72248eaa 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -47,7 +47,7 @@ dependencies = [
     "olefile==0.47.*",
     "defusedxml==0.7.*",
     "spdx-tools==0.8.*",
-    "cyclonedx-python-lib==7.6.2",
+    "cyclonedx-python-lib==8.5.0",
     "pluggy==1.*",
     "click==8.*",
     "javatools>=1.6,==1.*",

From 7d9da22d680e3a6b92623b6ca9bb19db7a555449 Mon Sep 17 00:00:00 2001
From: Ryan Mast <mast9@llnl.gov>
Date: Wed, 11 Dec 2024 12:00:18 -0800
Subject: [PATCH 2/2] Fixes for breaking changes in cyclonedx-python-lib v8

---
 surfactant/output/cyclonedx_writer.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/surfactant/output/cyclonedx_writer.py b/surfactant/output/cyclonedx_writer.py
index f8d95881..082c9eb4 100644
--- a/surfactant/output/cyclonedx_writer.py
+++ b/surfactant/output/cyclonedx_writer.py
@@ -3,12 +3,13 @@
 from typing import Dict, List, Optional, Tuple
 
 import cyclonedx.output
-from cyclonedx.model import HashAlgorithm, HashType, Tool
+from cyclonedx.model import HashAlgorithm, HashType
 from cyclonedx.model.bom import Bom, BomMetaData
 from cyclonedx.model.bom_ref import BomRef
 from cyclonedx.model.component import Component, ComponentType
 from cyclonedx.model.contact import OrganizationalEntity
 from cyclonedx.model.dependency import Dependency
+from cyclonedx.model.tool import Tool
 
 import surfactant.plugin
 from surfactant import __version__ as surfactant_version