Skip to content

Commit

Permalink
chore: update SBOM for Python 3.10 (#4608)
Browse files Browse the repository at this point in the history 
Co-authored-by: GitHub <noreply@github.com>
  • Loading branch information
@github-actions @web-flow
github-actions[bot] and web-flow authored Dec 9, 2024
1 parent e2aa1a5 commit 5afbd66
Show file tree
Hide file tree
Showing 2 changed files with 85 additions and 84 deletions.
108 changes: 55 additions & 53 deletions sbom/cve-bin-tool-py3.10.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:30bcc6da-78f0-4cff-8b86-46b538305353",
"serialNumber": "urn:uuid:cc4c1587-f7c9-47e1-9748-a28d02e87e61",
"version": 1,
"metadata": {
"timestamp": "2024-12-02T00:41:01Z",
"timestamp": "2024-12-09T00:40:33Z",
"lifecycles": [
{
"phase": "build"
Expand Down Expand Up @@ -79,7 +79,7 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
"version": "3.11.9",
"version": "3.11.10",
"description": "Async http client/server framework (asyncio)",
"licenses": [
{
Expand All @@ -97,12 +97,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/aiohttp/3.11.9/#files",
"url": "https://pypi.org/project/aiohttp/3.11.10/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/aiohttp@3.11.9",
"purl": "pkg:pypi/aiohttp@3.11.10",
"properties": [
{
"name": "language",
Expand All @@ -111,6 +111,10 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-12-05T23:51:02.000Z"
}
]
},
Expand Down Expand Up @@ -549,6 +553,10 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-12-01T20:32:32.000Z"
}
]
},
Expand Down Expand Up @@ -917,7 +925,7 @@
"type": "library",
"bom-ref": "19-gsutil",
"name": "gsutil",
"version": "5.31",
"version": "5.32",
"supplier": {
"name": "Google Inc .",
"contact": [
Expand All @@ -926,7 +934,7 @@
}
]
},
"cpe": "cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:google_inc.:gsutil:5.32:*:*:*:*:*:*:*",
"description": "A command line tool for interacting with cloud storage services.",
"licenses": [
{
Expand All @@ -944,12 +952,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/gsutil/5.31/#files",
"url": "https://pypi.org/project/gsutil/5.32/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/gsutil@5.31",
"purl": "pkg:pypi/gsutil@5.32",
"properties": [
{
"name": "language",
Expand All @@ -961,15 +969,15 @@
},
{
"name": "package_release_date",
"value": "2024-10-10T15:59:06.000Z"
"value": "2024-12-04T14:56:46.000Z"
}
]
},
{
"type": "library",
"bom-ref": "20-argcomplete",
"name": "argcomplete",
"version": "3.5.1",
"version": "3.5.2",
"supplier": {
"name": "Andrey Kislyuk",
"contact": [
Expand All @@ -978,8 +986,14 @@
}
]
},
"cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.2:*:*:*:*:*:*:*",
"description": "Bash tab completion for argparse",
"hashes": [
{
"alg": "SHA-1",
"content": "fa88f807ee3f1d1c5b2647ca3c38fd3e0349dbfc"
}
],
"licenses": [
{
"license": {
Expand All @@ -996,12 +1010,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/argcomplete/3.5.1/#files",
"url": "https://pypi.org/project/argcomplete/3.5.2/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/argcomplete@3.5.1",
"purl": "pkg:pypi/argcomplete@3.5.2",
"properties": [
{
"name": "language",
Expand All @@ -1013,7 +1027,7 @@
},
{
"name": "package_release_date",
"value": "2024-10-07T04:00:36.000Z"
"value": "2024-12-06T18:24:27.000Z"
}
]
},
Expand Down Expand Up @@ -1502,7 +1516,7 @@
"type": "library",
"bom-ref": "30-six",
"name": "six",
"version": "1.16.0",
"version": "1.17.0",
"supplier": {
"name": "Benjamin Peterson",
"contact": [
Expand All @@ -1511,14 +1525,8 @@
}
]
},
"cpe": "cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:benjamin_peterson:six:1.17.0:*:*:*:*:*:*:*",
"description": "Python 2 and 3 compatibility utilities",
"hashes": [
{
"alg": "SHA-1",
"content": "65486e4383f9f411da95937451205d3c7b61b9e1"
}
],
"licenses": [
{
"license": {
Expand All @@ -1535,12 +1543,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/six/1.16.0/#files",
"url": "https://pypi.org/project/six/1.17.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/six@1.16.0",
"purl": "pkg:pypi/six@1.17.0",
"properties": [
{
"name": "language",
Expand All @@ -1552,7 +1560,7 @@
},
{
"name": "package_release_date",
"value": "2021-05-05T14:18:17.000Z"
"value": "2024-12-04T17:35:26.000Z"
}
]
},
Expand Down Expand Up @@ -1889,7 +1897,7 @@
"type": "library",
"bom-ref": "37-pyopenssl",
"name": "pyopenssl",
"version": "24.3.0",
"version": "24.2.1",
"supplier": {
"name": "The pyOpenSSL developers",
"contact": [
Expand All @@ -1898,7 +1906,7 @@
}
]
},
"cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.3.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*",
"description": "Python wrapper module around the OpenSSL library",
"licenses": [
{
Expand All @@ -1916,12 +1924,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/pyopenssl/24.3.0/#files",
"url": "https://pypi.org/project/pyopenssl/24.2.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/pyopenssl@24.3.0",
"purl": "pkg:pypi/pyopenssl@24.2.1",
"properties": [
{
"name": "language",
Expand All @@ -1930,18 +1938,14 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-11-27T20:43:21.000Z"
}
]
},
{
"type": "library",
"bom-ref": "38-cryptography",
"name": "cryptography",
"version": "44.0.0",
"version": "43.0.3",
"supplier": {
"name": "The cryptography developers The Python Cryptographic Authority and individual contributors",
"contact": [
Expand All @@ -1950,7 +1954,7 @@
}
]
},
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:44.0.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
Expand All @@ -1964,12 +1968,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/cryptography/44.0.0/#files",
"url": "https://pypi.org/project/cryptography/43.0.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/cryptography@44.0.0",
"purl": "pkg:pypi/cryptography@43.0.3",
"properties": [
{
"name": "language",
Expand All @@ -1978,10 +1982,6 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-11-27T18:05:55.000Z"
}
]
},
Expand Down Expand Up @@ -2499,7 +2499,7 @@
"type": "library",
"bom-ref": "49-rpds-py",
"name": "rpds-py",
"version": "0.21.0",
"version": "0.22.3",
"supplier": {
"name": "Julian Berman",
"contact": [
Expand All @@ -2508,27 +2508,21 @@
}
]
},
"cpe": "cpe:2.3:a:julian_berman:rpds-py:0.21.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:rpds-py:0.22.3:*:*:*:*:*:*:*",
"description": "Python bindings to Rust's persistent data structures (rpds)",
"hashes": [
{
"alg": "SHA-1",
"content": "73581d8dfc56a24eac6ee32c83e6759b4506bb71"
}
],
"externalReferences": [
{
"url": "https://github.com/crate-py/rpds",
"type": "website",
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/rpds-py/0.21.0/#files",
"url": "https://pypi.org/project/rpds-py/0.22.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/rpds-py@0.21.0",
"purl": "pkg:pypi/rpds-py@0.22.3",
"properties": [
{
"name": "language",
Expand All @@ -2540,7 +2534,7 @@
},
{
"name": "package_release_date",
"value": "2024-11-06T13:57:41.000Z"
"value": "2024-12-04T15:31:31.000Z"
}
]
},
Expand Down Expand Up @@ -2589,6 +2583,10 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-09-18T21:36:24.000Z"
}
]
},
Expand Down Expand Up @@ -2753,6 +2751,10 @@
{
"name": "python_version",
"value": "3.10.15"
},
{
"name": "package_release_date",
"value": "2024-08-29T20:36:52.000Z"
}
]
},
Expand Down
Loading

0 comments on commit 5afbd66

Please sign in to comment.