diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
index 496e740e5c..d02c39aa5a 100644
--- a/sbom/cve-bin-tool-py3.9.json
+++ b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:7980739c-277f-4abd-b471-6eb4c197e206",
+ "serialNumber": "urn:uuid:61069711-4704-416c-898b-175b041b2d5b",
"version": 1,
"metadata": {
- "timestamp": "2024-12-16T00:39:37Z",
+ "timestamp": "2024-12-23T00:37:22Z",
"lifecycles": [
{
"phase": "build"
@@ -81,7 +81,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -89,12 +89,12 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
- "version": "3.11.10",
+ "version": "3.11.11",
"description": "Async http client/server framework (asyncio)",
"hashes": [
{
"alg": "SHA-256",
- "content": "cbad88a61fa743c5d283ad501b01c153820734118b65aee2bd7dbb735475ce0d"
+ "content": "a60804bff28662cbcf340a4d61598891f12eea3a66af48ecfdc975ceec21e3c8"
}
],
"licenses": [
@@ -113,7 +113,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/aiohttp/3.11.10/#files",
+ "url": "https://pypi.org/project/aiohttp/3.11.11/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -150,11 +150,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/aiohttp@3.11.10",
+ "purl": "pkg:pypi/aiohttp@3.11.11",
"properties": [
{
"name": "release_date",
- "value": "2024-12-05T23:51:02Z"
+ "value": "2024-12-18T21:17:26Z"
},
{
"name": "language",
@@ -162,7 +162,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -236,7 +236,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -303,7 +303,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -388,7 +388,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -466,7 +466,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -474,7 +474,7 @@
"type": "library",
"bom-ref": "7-attrs",
"name": "attrs",
- "version": "24.2.0",
+ "version": "24.3.0",
"supplier": {
"name": "Hynek Schlawack",
"contact": [
@@ -483,17 +483,17 @@
}
]
},
- "cpe": "cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:hynek_schlawack:attrs:24.3.0:*:*:*:*:*:*:*",
"description": "Classes Without Boilerplate",
"hashes": [
{
"alg": "SHA-256",
- "content": "81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2"
+ "content": "ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/attrs/24.2.0/#files",
+ "url": "https://pypi.org/project/attrs/24.3.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -518,11 +518,11 @@
"type": "other"
}
],
- "purl": "pkg:pypi/attrs@24.2.0",
+ "purl": "pkg:pypi/attrs@24.3.0",
"properties": [
{
"name": "release_date",
- "value": "2024-08-06T14:37:36Z"
+ "value": "2024-12-16T06:59:26Z"
},
{
"name": "language",
@@ -530,95 +530,93 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "8-importlib-metadata",
- "name": "importlib-metadata",
- "version": "8.5.0",
+ "bom-ref": "8-multidict",
+ "name": "multidict",
+ "version": "6.1.0",
"supplier": {
- "name": "Jason R .",
+ "name": "Andrew Svetlov",
"contact": [
{
- "email": "jaraco@jaraco.com"
+ "email": "andrew.svetlov@gmail.com"
}
]
},
- "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*",
- "description": "Read metadata from Python packages",
+ "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*",
+ "description": "multidict implementation",
"hashes": [
{
"alg": "SHA-256",
- "content": "45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b"
+ "content": "3380252550e372e8511d49481bd836264c009adb826b23fefcc5dd3c69692f60"
+ }
+ ],
+ "licenses": [
+ {
+ "license": {
+ "id": "Apache-2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0",
+ "acknowledgement": "concluded"
+ }
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/importlib-metadata/8.5.0/#files",
+ "url": "https://github.com/aio-libs/multidict",
+ "type": "website",
+ "comment": "Home page for project"
+ },
+ {
+ "url": "https://pypi.org/project/multidict/6.1.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
{
- "url": "https://github.com/python/importlib_metadata",
- "type": "vcs"
- }
- ],
- "purl": "pkg:pypi/importlib-metadata@8.5.0",
- "properties": [
+ "url": "https://matrix.to/#/#aio-libs:matrix.org",
+ "type": "other"
+ },
{
- "name": "release_date",
- "value": "2024-09-11T14:56:07Z"
+ "url": "https://matrix.to/#/#aio-libs-space:matrix.org",
+ "type": "other"
},
{
- "name": "language",
- "value": "Python"
+ "url": "https://github.com/aio-libs/multidict/actions",
+ "type": "build-system"
},
{
- "name": "python_version",
- "value": "3.9.20"
- }
- ]
- },
- {
- "type": "library",
- "bom-ref": "9-zipp",
- "name": "zipp",
- "version": "3.21.0",
- "supplier": {
- "name": "Jason R .",
- "contact": [
- {
- "email": "jaraco@jaraco.com"
- }
- ]
- },
- "cpe": "cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*",
- "description": "Backport of pathlib-compatible object wrapper for zip files",
- "hashes": [
+ "url": "https://github.com/aio-libs/.github/blob/master/CODE_OF_CONDUCT.md",
+ "type": "other"
+ },
{
- "alg": "SHA-256",
- "content": "ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931"
- }
- ],
- "externalReferences": [
+ "url": "https://codecov.io/github/aio-libs/multidict",
+ "type": "other"
+ },
{
- "url": "https://pypi.org/project/zipp/3.21.0/#files",
- "type": "distribution",
- "comment": "Download location for component"
+ "url": "https://multidict.aio-libs.org/en/latest/changes/",
+ "type": "log"
},
{
- "url": "https://github.com/jaraco/zipp",
+ "url": "https://multidict.aio-libs.org",
+ "type": "other"
+ },
+ {
+ "url": "https://github.com/aio-libs/multidict/issues",
+ "type": "issue-tracker"
+ },
+ {
+ "url": "https://github.com/aio-libs/multidict",
"type": "vcs"
}
],
- "purl": "pkg:pypi/zipp@3.21.0",
+ "purl": "pkg:pypi/multidict@6.1.0",
"properties": [
{
"name": "release_date",
- "value": "2024-11-10T15:05:19Z"
+ "value": "2024-09-09T23:47:18Z"
},
{
"name": "language",
@@ -626,13 +624,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "10-typing-extensions",
+ "bom-ref": "9-typing-extensions",
"name": "typing-extensions",
"version": "4.12.2",
"supplier": {
@@ -695,107 +693,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
- }
- ]
- },
- {
- "type": "library",
- "bom-ref": "11-multidict",
- "name": "multidict",
- "version": "6.1.0",
- "supplier": {
- "name": "Andrew Svetlov",
- "contact": [
- {
- "email": "andrew.svetlov@gmail.com"
- }
- ]
- },
- "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*",
- "description": "multidict implementation",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "3380252550e372e8511d49481bd836264c009adb826b23fefcc5dd3c69692f60"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "Apache-2.0",
- "url": "https://www.apache.org/licenses/LICENSE-2.0",
- "acknowledgement": "concluded"
- }
- }
- ],
- "externalReferences": [
- {
- "url": "https://github.com/aio-libs/multidict",
- "type": "website",
- "comment": "Home page for project"
- },
- {
- "url": "https://pypi.org/project/multidict/6.1.0/#files",
- "type": "distribution",
- "comment": "Download location for component"
- },
- {
- "url": "https://matrix.to/#/#aio-libs:matrix.org",
- "type": "other"
- },
- {
- "url": "https://matrix.to/#/#aio-libs-space:matrix.org",
- "type": "other"
- },
- {
- "url": "https://github.com/aio-libs/multidict/actions",
- "type": "build-system"
- },
- {
- "url": "https://github.com/aio-libs/.github/blob/master/CODE_OF_CONDUCT.md",
- "type": "other"
- },
- {
- "url": "https://codecov.io/github/aio-libs/multidict",
- "type": "other"
- },
- {
- "url": "https://multidict.aio-libs.org/en/latest/changes/",
- "type": "log"
- },
- {
- "url": "https://multidict.aio-libs.org",
- "type": "other"
- },
- {
- "url": "https://github.com/aio-libs/multidict/issues",
- "type": "issue-tracker"
- },
- {
- "url": "https://github.com/aio-libs/multidict",
- "type": "vcs"
- }
- ],
- "purl": "pkg:pypi/multidict@6.1.0",
- "properties": [
- {
- "name": "release_date",
- "value": "2024-09-09T23:47:18Z"
- },
- {
- "name": "language",
- "value": "Python"
- },
- {
- "name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "12-propcache",
+ "bom-ref": "10-propcache",
"name": "propcache",
"version": "0.2.1",
"supplier": {
@@ -883,13 +787,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "13-yarl",
+ "bom-ref": "11-yarl",
"name": "yarl",
"version": "1.18.3",
"supplier": {
@@ -977,13 +881,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "14-idna",
+ "bom-ref": "12-idna",
"name": "idna",
"version": "3.10",
"supplier": {
@@ -1033,13 +937,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "15-beautifulsoup4",
+ "bom-ref": "13-beautifulsoup4",
"name": "beautifulsoup4",
"version": "4.12.3",
"supplier": {
@@ -1095,13 +999,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "16-soupsieve",
+ "bom-ref": "14-soupsieve",
"name": "soupsieve",
"version": "2.6",
"supplier": {
@@ -1144,13 +1048,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "17-cvss",
+ "bom-ref": "15-cvss",
"name": "cvss",
"version": "3.3",
"supplier": {
@@ -1218,13 +1122,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "18-defusedxml",
+ "bom-ref": "16-defusedxml",
"name": "defusedxml",
"version": "0.7.1",
"supplier": {
@@ -1276,13 +1180,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "19-distro",
+ "bom-ref": "17-distro",
"name": "distro",
"version": "1.9.0",
"supplier": {
@@ -1334,13 +1238,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "20-filetype",
+ "bom-ref": "18-filetype",
"name": "filetype",
"version": "1.2.0",
"supplier": {
@@ -1392,13 +1296,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "21-gsutil",
+ "bom-ref": "19-gsutil",
"name": "gsutil",
"version": "5.33",
"supplier": {
@@ -1450,13 +1354,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "22-argcomplete",
+ "bom-ref": "20-argcomplete",
"name": "argcomplete",
"version": "3.5.2",
"supplier": {
@@ -1524,13 +1428,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "23-crcmod",
+ "bom-ref": "21-crcmod",
"name": "crcmod",
"version": "1.7",
"supplier": {
@@ -1582,13 +1486,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "24-fasteners",
+ "bom-ref": "22-fasteners",
"name": "fasteners",
"version": "0.19",
"supplier": {
@@ -1635,13 +1539,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "25-gcs-oauth2-boto-plugin",
+ "bom-ref": "23-gcs-oauth2-boto-plugin",
"name": "gcs-oauth2-boto-plugin",
"version": "3.2",
"supplier": {
@@ -1693,13 +1597,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "26-rsa",
+ "bom-ref": "24-rsa",
"name": "rsa",
"version": "4.7.2",
"supplier": {
@@ -1751,13 +1655,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "27-pyasn1",
+ "bom-ref": "25-pyasn1",
"name": "pyasn1",
"version": "0.6.1",
"supplier": {
@@ -1825,13 +1729,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "28-boto",
+ "bom-ref": "26-boto",
"name": "boto",
"version": "2.49.0",
"supplier": {
@@ -1883,13 +1787,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "29-google-reauth",
+ "bom-ref": "27-google-reauth",
"name": "google-reauth",
"version": "0.1.1",
"supplier": {
@@ -1941,13 +1845,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "30-pyu2f",
+ "bom-ref": "28-pyu2f",
"name": "pyu2f",
"version": "0.1.5",
"supplier": {
@@ -1999,13 +1903,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "31-six",
+ "bom-ref": "29-six",
"name": "six",
"version": "1.17.0",
"supplier": {
@@ -2057,13 +1961,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "32-httplib2",
+ "bom-ref": "30-httplib2",
"name": "httplib2",
"version": "0.20.4",
"supplier": {
@@ -2115,13 +2019,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "33-pyparsing",
+ "bom-ref": "31-pyparsing",
"name": "pyparsing",
"version": "3.2.0",
"supplier": {
@@ -2164,13 +2068,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "34-oauth2client",
+ "bom-ref": "32-oauth2client",
"name": "oauth2client",
"version": "4.1.3",
"supplier": {
@@ -2222,13 +2126,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "35-pyasn1-modules",
+ "bom-ref": "33-pyasn1-modules",
"name": "pyasn1-modules",
"version": "0.4.1",
"supplier": {
@@ -2292,13 +2196,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "36-pyopenssl",
+ "bom-ref": "34-pyopenssl",
"name": "pyopenssl",
"version": "24.2.1",
"supplier": {
@@ -2354,13 +2258,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "37-cryptography",
+ "bom-ref": "35-cryptography",
"name": "cryptography",
"version": "43.0.3",
"supplier": {
@@ -2424,13 +2328,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "38-cffi",
+ "bom-ref": "36-cffi",
"name": "cffi",
"version": "1.17.1",
"supplier": {
@@ -2506,13 +2410,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "39-pycparser",
+ "bom-ref": "37-pycparser",
"name": "pycparser",
"version": "2.22",
"supplier": {
@@ -2564,13 +2468,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "40-retry-decorator",
+ "bom-ref": "38-retry-decorator",
"name": "retry-decorator",
"version": "1.1.1",
"supplier": {
@@ -2622,13 +2526,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "41-google-auth",
+ "bom-ref": "39-google-auth",
"name": "google-auth",
"version": "2.17.0",
"supplier": {
@@ -2680,13 +2584,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "42-cachetools",
+ "bom-ref": "40-cachetools",
"name": "cachetools",
"version": "5.5.0",
"supplier": {
@@ -2738,13 +2642,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "43-google-auth-httplib2",
+ "bom-ref": "41-google-auth-httplib2",
"name": "google-auth-httplib2",
"version": "0.2.0",
"supplier": {
@@ -2796,13 +2700,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "44-google-apitools",
+ "bom-ref": "42-google-apitools",
"name": "google-apitools",
"version": "0.5.32",
"supplier": {
@@ -2854,13 +2758,13 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
{
"type": "library",
- "bom-ref": "45-monotonic",
+ "bom-ref": "43-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
@@ -2912,7 +2816,103 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "44-importlib-metadata",
+ "name": "importlib-metadata",
+ "version": "8.5.0",
+ "supplier": {
+ "name": "Jason R .",
+ "contact": [
+ {
+ "email": "jaraco@jaraco.com"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*",
+ "description": "Read metadata from Python packages",
+ "hashes": [
+ {
+ "alg": "SHA-256",
+ "content": "45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b"
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/importlib-metadata/8.5.0/#files",
+ "type": "distribution",
+ "comment": "Download location for component"
+ },
+ {
+ "url": "https://github.com/python/importlib_metadata",
+ "type": "vcs"
+ }
+ ],
+ "purl": "pkg:pypi/importlib-metadata@8.5.0",
+ "properties": [
+ {
+ "name": "release_date",
+ "value": "2024-09-11T14:56:07Z"
+ },
+ {
+ "name": "language",
+ "value": "Python"
+ },
+ {
+ "name": "python_version",
+ "value": "3.9.21"
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "45-zipp",
+ "name": "zipp",
+ "version": "3.21.0",
+ "supplier": {
+ "name": "Jason R .",
+ "contact": [
+ {
+ "email": "jaraco@jaraco.com"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*",
+ "description": "Backport of pathlib-compatible object wrapper for zip files",
+ "hashes": [
+ {
+ "alg": "SHA-256",
+ "content": "ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931"
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/zipp/3.21.0/#files",
+ "type": "distribution",
+ "comment": "Download location for component"
+ },
+ {
+ "url": "https://github.com/jaraco/zipp",
+ "type": "vcs"
+ }
+ ],
+ "purl": "pkg:pypi/zipp@3.21.0",
+ "properties": [
+ {
+ "name": "release_date",
+ "value": "2024-11-10T15:05:19Z"
+ },
+ {
+ "name": "language",
+ "value": "Python"
+ },
+ {
+ "name": "python_version",
+ "value": "3.9.21"
}
]
},
@@ -2920,17 +2920,17 @@
"type": "library",
"bom-ref": "46-jinja2",
"name": "jinja2",
- "version": "3.1.4",
+ "version": "3.1.5",
"description": "A very fast and expressive template engine.",
"hashes": [
{
"alg": "SHA-256",
- "content": "bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d"
+ "content": "aba0f4dc9ed8013c424088f68a5c226f7d6097ed89b246d7749c2ec4175c6adb"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/jinja2/3.1.4/#files",
+ "url": "https://pypi.org/project/jinja2/3.1.5/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -2955,11 +2955,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/jinja2@3.1.4",
+ "purl": "pkg:pypi/jinja2@3.1.5",
"properties": [
{
"name": "release_date",
- "value": "2024-05-05T23:41:59Z"
+ "value": "2024-12-21T18:30:19Z"
},
{
"name": "language",
@@ -2967,7 +2967,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3022,7 +3022,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3104,7 +3104,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3173,7 +3173,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3246,7 +3246,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3319,7 +3319,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3327,7 +3327,7 @@
"type": "library",
"bom-ref": "52-lib4sbom",
"name": "lib4sbom",
- "version": "0.8.0",
+ "version": "0.8.1",
"supplier": {
"name": "Anthony Harrison",
"contact": [
@@ -3336,12 +3336,12 @@
}
]
},
- "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.8.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.8.1:*:*:*:*:*:*:*",
"description": "Software Bill of Material (SBOM) generator and consumer library",
"hashes": [
{
"alg": "SHA-256",
- "content": "27f98d2c109b4d91636913302cfaa4e8bf47315b6beb6b35a19ff66380c1e395"
+ "content": "7fba7451760c49738911b344fef96a3a274baaef6d34ab61e89284c506f0a343"
}
],
"licenses": [
@@ -3360,16 +3360,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/lib4sbom/0.8.0/#files",
+ "url": "https://pypi.org/project/lib4sbom/0.8.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/lib4sbom@0.8.0",
+ "purl": "pkg:pypi/lib4sbom@0.8.1",
"properties": [
{
"name": "release_date",
- "value": "2024-12-09T20:13:26Z"
+ "value": "2024-12-18T21:54:27Z"
},
{
"name": "language",
@@ -3377,7 +3377,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3455,7 +3455,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3513,7 +3513,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3571,7 +3571,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3629,7 +3629,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3682,7 +3682,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3744,7 +3744,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3797,7 +3797,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3846,7 +3846,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3920,7 +3920,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -3990,7 +3990,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4042,7 +4042,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4112,7 +4112,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4170,7 +4170,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4236,7 +4236,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4302,7 +4302,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4310,7 +4310,7 @@
"type": "library",
"bom-ref": "68-urllib3",
"name": "urllib3",
- "version": "2.2.3",
+ "version": "2.3.0",
"supplier": {
"name": "Andrey Petrov",
"contact": [
@@ -4319,17 +4319,11 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.3.0:*:*:*:*:*:*:*",
"description": "HTTP library with thread-safe connection pooling, file post, and more.",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac"
- }
- ],
"externalReferences": [
{
- "url": "https://pypi.org/project/urllib3/2.2.3/#files",
+ "url": "https://pypi.org/project/urllib3/2.3.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4350,11 +4344,11 @@
"type": "issue-tracker"
}
],
- "purl": "pkg:pypi/urllib3@2.2.3",
+ "purl": "pkg:pypi/urllib3@2.3.0",
"properties": [
{
"name": "release_date",
- "value": "2024-09-12T10:52:16Z"
+ "value": "2024-10-09T07:38:02Z"
},
{
"name": "language",
@@ -4362,7 +4356,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4424,7 +4418,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4482,7 +4476,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4538,7 +4532,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4596,7 +4590,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4654,7 +4648,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4662,7 +4656,7 @@
"type": "library",
"bom-ref": "74-elementpath",
"name": "elementpath",
- "version": "4.6.0",
+ "version": "4.7.0",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -4671,12 +4665,12 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.7.0:*:*:*:*:*:*:*",
"description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
"hashes": [
{
"alg": "SHA-256",
- "content": "e578677f19ccc6ff374c4477c687c547ecbaf7b478d98abb951b7b4b45260a17"
+ "content": "607804a1b4250ac448c1e2bfaec4ee1c980b0a07cfdb0d9057b57102038ed480"
}
],
"licenses": [
@@ -4695,16 +4689,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/elementpath/4.6.0/#files",
+ "url": "https://pypi.org/project/elementpath/4.7.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/elementpath@4.6.0",
+ "purl": "pkg:pypi/elementpath@4.7.0",
"properties": [
{
"name": "release_date",
- "value": "2024-10-27T21:52:58Z"
+ "value": "2024-12-20T13:58:04Z"
},
{
"name": "language",
@@ -4712,7 +4706,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
},
@@ -4770,7 +4764,7 @@
},
{
"name": "python_version",
- "value": "3.9.20"
+ "value": "3.9.21"
}
]
}
@@ -4786,13 +4780,13 @@
"ref": "1-cve-bin-tool",
"dependsOn": [
"2-aiohttp",
- "15-beautifulsoup4",
- "17-cvss",
- "18-defusedxml",
- "19-distro",
- "20-filetype",
- "21-gsutil",
- "8-importlib-metadata",
+ "13-beautifulsoup4",
+ "15-cvss",
+ "16-defusedxml",
+ "17-distro",
+ "18-filetype",
+ "19-gsutil",
+ "44-importlib-metadata",
"46-jinja2",
"48-jsonschema",
"52-lib4sbom",
@@ -4810,7 +4804,7 @@
"68-urllib3",
"73-xmlschema",
"75-zstandard",
- "9-zipp"
+ "45-zipp"
]
},
{
@@ -4821,9 +4815,9 @@
"6-async-timeout",
"7-attrs",
"5-frozenlist",
- "11-multidict",
- "12-propcache",
- "13-yarl"
+ "8-multidict",
+ "10-propcache",
+ "11-yarl"
]
},
{
@@ -4833,152 +4827,139 @@
]
},
{
- "ref": "7-attrs",
- "dependsOn": [
- "8-importlib-metadata"
- ]
- },
- {
- "ref": "8-importlib-metadata",
- "dependsOn": [
- "9-zipp",
- "10-typing-extensions"
- ]
- },
- {
- "ref": "11-multidict",
+ "ref": "8-multidict",
"dependsOn": [
- "10-typing-extensions"
+ "9-typing-extensions"
]
},
{
- "ref": "13-yarl",
+ "ref": "11-yarl",
"dependsOn": [
- "14-idna",
- "11-multidict",
- "12-propcache"
+ "12-idna",
+ "8-multidict",
+ "10-propcache"
]
},
{
- "ref": "15-beautifulsoup4",
+ "ref": "13-beautifulsoup4",
"dependsOn": [
- "16-soupsieve"
+ "14-soupsieve"
]
},
{
- "ref": "21-gsutil",
+ "ref": "19-gsutil",
"dependsOn": [
- "22-argcomplete",
- "23-crcmod",
- "24-fasteners",
- "25-gcs-oauth2-boto-plugin",
- "44-google-apitools",
- "32-httplib2",
- "29-google-reauth",
- "45-monotonic",
- "36-pyopenssl",
- "40-retry-decorator",
- "31-six",
- "41-google-auth",
- "43-google-auth-httplib2"
+ "20-argcomplete",
+ "21-crcmod",
+ "22-fasteners",
+ "23-gcs-oauth2-boto-plugin",
+ "42-google-apitools",
+ "30-httplib2",
+ "27-google-reauth",
+ "43-monotonic",
+ "34-pyopenssl",
+ "38-retry-decorator",
+ "29-six",
+ "39-google-auth",
+ "41-google-auth-httplib2"
]
},
{
- "ref": "25-gcs-oauth2-boto-plugin",
+ "ref": "23-gcs-oauth2-boto-plugin",
"dependsOn": [
- "26-rsa",
- "28-boto",
- "29-google-reauth",
- "32-httplib2",
- "34-oauth2client",
- "36-pyopenssl",
- "40-retry-decorator",
- "31-six",
- "41-google-auth",
- "43-google-auth-httplib2"
+ "24-rsa",
+ "26-boto",
+ "27-google-reauth",
+ "30-httplib2",
+ "32-oauth2client",
+ "34-pyopenssl",
+ "38-retry-decorator",
+ "29-six",
+ "39-google-auth",
+ "41-google-auth-httplib2"
]
},
{
- "ref": "26-rsa",
+ "ref": "24-rsa",
"dependsOn": [
- "27-pyasn1"
+ "25-pyasn1"
]
},
{
- "ref": "29-google-reauth",
+ "ref": "27-google-reauth",
"dependsOn": [
- "30-pyu2f"
+ "28-pyu2f"
]
},
{
- "ref": "30-pyu2f",
+ "ref": "28-pyu2f",
"dependsOn": [
- "31-six"
+ "29-six"
]
},
{
- "ref": "32-httplib2",
+ "ref": "30-httplib2",
"dependsOn": [
- "33-pyparsing"
+ "31-pyparsing"
]
},
{
- "ref": "34-oauth2client",
+ "ref": "32-oauth2client",
"dependsOn": [
- "32-httplib2",
- "27-pyasn1",
- "35-pyasn1-modules",
- "26-rsa",
- "31-six"
+ "30-httplib2",
+ "25-pyasn1",
+ "33-pyasn1-modules",
+ "24-rsa",
+ "29-six"
]
},
{
- "ref": "35-pyasn1-modules",
+ "ref": "33-pyasn1-modules",
"dependsOn": [
- "27-pyasn1"
+ "25-pyasn1"
]
},
{
- "ref": "36-pyopenssl",
+ "ref": "34-pyopenssl",
"dependsOn": [
- "37-cryptography"
+ "35-cryptography"
]
},
{
- "ref": "37-cryptography",
+ "ref": "35-cryptography",
"dependsOn": [
- "38-cffi"
+ "36-cffi"
]
},
{
- "ref": "38-cffi",
+ "ref": "36-cffi",
"dependsOn": [
- "39-pycparser"
+ "37-pycparser"
]
},
{
- "ref": "41-google-auth",
+ "ref": "39-google-auth",
"dependsOn": [
- "42-cachetools",
- "35-pyasn1-modules",
- "31-six",
- "26-rsa"
+ "40-cachetools",
+ "33-pyasn1-modules",
+ "29-six",
+ "24-rsa"
]
},
{
- "ref": "43-google-auth-httplib2",
+ "ref": "41-google-auth-httplib2",
"dependsOn": [
- "41-google-auth",
- "32-httplib2"
+ "39-google-auth",
+ "30-httplib2"
]
},
{
- "ref": "44-google-apitools",
+ "ref": "42-google-apitools",
"dependsOn": [
- "32-httplib2",
- "24-fasteners",
- "34-oauth2client",
- "31-six"
+ "30-httplib2",
+ "22-fasteners",
+ "32-oauth2client",
+ "29-six"
]
},
{
@@ -5014,7 +4995,7 @@
"dependsOn": [
"53-pyyaml",
"54-semantic-version",
- "18-defusedxml"
+ "16-defusedxml"
]
},
{
@@ -5037,7 +5018,7 @@
"dependsOn": [
"59-markdown-it-py",
"61-pygments",
- "10-typing-extensions"
+ "9-typing-extensions"
]
},
{
@@ -5057,7 +5038,7 @@
"ref": "66-requests",
"dependsOn": [
"67-charset-normalizer",
- "14-idna",
+ "12-idna",
"68-urllib3",
"69-certifi"
]
@@ -5071,7 +5052,7 @@
{
"ref": "75-zstandard",
"dependsOn": [
- "38-cffi"
+ "36-cffi"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
index d4dae4efe8..45dd1c4256 100644
--- a/sbom/cve-bin-tool-py3.9.spdx
+++ b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-760aa8bc-559a-4597-a2fe-bd897ceb6610
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-c7b63716-84f8-401e-b177-44cd670ab4a3
LicenseListVersion: 3.25
Creator: Tool: sbom4python-0.12.1
-Created: 2024-12-16T00:39:29Z
+Created: 2024-12-23T00:37:14Z
CreatorComment: This document has been automatically generated.
#####
@@ -23,24 +23,24 @@ PackageLicenseConcluded: GPL-3.0-or-later
PackageCopyrightText: NOASSERTION
PackageSummary: CVE Binary Checker Tool
ReleaseDate: 2024-09-17T18:57:44Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cve-bin-tool@3.4
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cve-bin-tool@3.4
ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
#####
PackageName: aiohttp
SPDXID: SPDXRef-2-aiohttp
-PackageVersion: 3.11.10
+PackageVersion: 3.11.11
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiohttp/3.11.10/#files
+PackageDownloadLocation: https://pypi.org/project/aiohttp/3.11.11/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/aiohttp
-PackageChecksum: SHA256: cbad88a61fa743c5d283ad501b01c153820734118b65aee2bd7dbb735475ce0d
+PackageChecksum: SHA256: a60804bff28662cbcf340a4d61598891f12eea3a66af48ecfdc975ceec21e3c8
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Async http client/server framework (asyncio)
-ReleaseDate: 2024-12-05T23:51:02Z
+ReleaseDate: 2024-12-18T21:17:26Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER build-system https://github.com/aio-libs/aiohttp/actions?query=workflow%3ACI
@@ -49,7 +49,7 @@ ExternalRef: OTHER log https://docs.aiohttp.org/en/stable/changes.html
ExternalRef: OTHER other https://docs.aiohttp.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiohttp/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/aiohttp
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.11.10
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.11.11
#####
PackageName: aiohappyeyeballs
@@ -70,7 +70,7 @@ ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiohappyeyeballs/is
ExternalRef: OTHER log https://github.com/aio-libs/aiohappyeyeballs/blob/main/CHANGELOG.md
ExternalRef: OTHER documentation https://aiohappyeyeballs.readthedocs.io
ExternalRef: OTHER vcs https://github.com/aio-libs/aiohappyeyeballs
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohappyeyeballs@2.4.4
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohappyeyeballs@2.4.4
ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.4:*:*:*:*:*:*:*
#####
@@ -94,7 +94,7 @@ ExternalRef: OTHER other https://codecov.io/github/aio-libs/aiosignal
ExternalRef: OTHER other https://docs.aiosignal.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiosignal/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/aiosignal
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiosignal@1.3.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiosignal@1.3.2
#####
PackageName: frozenlist
@@ -121,7 +121,7 @@ ExternalRef: OTHER log https://github.com/aio-libs/frozenlist/blob/master/CHANGE
ExternalRef: OTHER other https://frozenlist.aio-libs.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/frozenlist/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/frozenlist
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/frozenlist@1.5.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/frozenlist@1.5.0
#####
PackageName: async-timeout
@@ -144,70 +144,62 @@ ExternalRef: OTHER build-system https://github.com/aio-libs/async-timeout/action
ExternalRef: OTHER other https://codecov.io/github/aio-libs/async-timeout
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/async-timeout/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/async-timeout
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/async-timeout@5.0.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/async-timeout@5.0.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:async-timeout:5.0.1:*:*:*:*:*:*:*
#####
PackageName: attrs
SPDXID: SPDXRef-7-attrs
-PackageVersion: 24.2.0
+PackageVersion: 24.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Hynek Schlawack (hs@ox.cx)
-PackageDownloadLocation: https://pypi.org/project/attrs/24.2.0/#files
+PackageDownloadLocation: https://pypi.org/project/attrs/24.3.0/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: 81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2
+PackageChecksum: SHA256: ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Classes Without Boilerplate
-ReleaseDate: 2024-08-06T14:37:36Z
+ReleaseDate: 2024-12-16T06:59:26Z
ExternalRef: OTHER documentation https://www.attrs.org/
ExternalRef: OTHER log https://www.attrs.org/en/stable/changelog.html
ExternalRef: OTHER vcs https://github.com/python-attrs/attrs
ExternalRef: OTHER other https://github.com/sponsors/hynek
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-attrs?utm_source=pypi-attrs&utm_medium=pypi
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/attrs@24.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/attrs@24.3.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:24.3.0:*:*:*:*:*:*:*
#####
-PackageName: importlib-metadata
-SPDXID: SPDXRef-8-importlib-metadata
-PackageVersion: 8.5.0
-PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.5.0/#files
-FilesAnalyzed: false
-PackageChecksum: SHA256: 45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b
-PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: NOASSERTION
-PackageCopyrightText: NOASSERTION
-PackageSummary: Read metadata from Python packages
-ReleaseDate: 2024-09-11T14:56:07Z
-ExternalRef: OTHER vcs https://github.com/python/importlib_metadata
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/importlib-metadata@8.5.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*
-#####
-
-PackageName: zipp
-SPDXID: SPDXRef-9-zipp
-PackageVersion: 3.21.0
+PackageName: multidict
+SPDXID: SPDXRef-8-multidict
+PackageVersion: 6.1.0
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/zipp/3.21.0/#files
+PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
+PackageDownloadLocation: https://pypi.org/project/multidict/6.1.0/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931
+PackageHomePage: https://github.com/aio-libs/multidict
+PackageChecksum: SHA256: 3380252550e372e8511d49481bd836264c009adb826b23fefcc5dd3c69692f60
PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: NOASSERTION
+PackageLicenseConcluded: Apache-2.0
+PackageLicenseComments: multidict declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
-PackageSummary: Backport of pathlib-compatible object wrapper for zip files
-ReleaseDate: 2024-11-10T15:05:19Z
-ExternalRef: OTHER vcs https://github.com/jaraco/zipp
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.21.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+PackageSummary: multidict implementation
+ReleaseDate: 2024-09-09T23:47:18Z
+ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
+ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
+ExternalRef: OTHER build-system https://github.com/aio-libs/multidict/actions
+ExternalRef: OTHER other https://github.com/aio-libs/.github/blob/master/CODE_OF_CONDUCT.md
+ExternalRef: OTHER other https://codecov.io/github/aio-libs/multidict
+ExternalRef: OTHER log https://multidict.aio-libs.org/en/latest/changes/
+ExternalRef: OTHER other https://multidict.aio-libs.org
+ExternalRef: OTHER issue-tracker https://github.com/aio-libs/multidict/issues
+ExternalRef: OTHER vcs https://github.com/aio-libs/multidict
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/multidict@6.1.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
#####
PackageName: typing-extensions
-SPDXID: SPDXRef-10-typing-extensions
+SPDXID: SPDXRef-9-typing-extensions
PackageVersion: 4.12.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
@@ -225,40 +217,12 @@ ExternalRef: OTHER log https://github.com/python/typing_extensions/blob/main/CHA
ExternalRef: OTHER documentation https://typing-extensions.readthedocs.io/
ExternalRef: OTHER other https://github.com/python/typing/discussions
ExternalRef: OTHER vcs https://github.com/python/typing_extensions
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/typing-extensions@4.12.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.12.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*
#####
-PackageName: multidict
-SPDXID: SPDXRef-11-multidict
-PackageVersion: 6.1.0
-PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/multidict/6.1.0/#files
-FilesAnalyzed: false
-PackageHomePage: https://github.com/aio-libs/multidict
-PackageChecksum: SHA256: 3380252550e372e8511d49481bd836264c009adb826b23fefcc5dd3c69692f60
-PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: Apache-2.0
-PackageLicenseComments: multidict declares Apache 2 which is not currently a valid SPDX License identifier or expression.
-PackageCopyrightText: NOASSERTION
-PackageSummary: multidict implementation
-ReleaseDate: 2024-09-09T23:47:18Z
-ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
-ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
-ExternalRef: OTHER build-system https://github.com/aio-libs/multidict/actions
-ExternalRef: OTHER other https://github.com/aio-libs/.github/blob/master/CODE_OF_CONDUCT.md
-ExternalRef: OTHER other https://codecov.io/github/aio-libs/multidict
-ExternalRef: OTHER log https://multidict.aio-libs.org/en/latest/changes/
-ExternalRef: OTHER other https://multidict.aio-libs.org
-ExternalRef: OTHER issue-tracker https://github.com/aio-libs/multidict/issues
-ExternalRef: OTHER vcs https://github.com/aio-libs/multidict
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/multidict@6.1.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
-#####
-
PackageName: propcache
-SPDXID: SPDXRef-12-propcache
+SPDXID: SPDXRef-10-propcache
PackageVersion: 0.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
@@ -280,12 +244,12 @@ ExternalRef: OTHER log https://propcache.readthedocs.io/en/latest/changes/
ExternalRef: OTHER other https://propcache.readthedocs.io
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/propcache/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/propcache
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/propcache@0.2.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.2.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.2.1:*:*:*:*:*:*:*
#####
PackageName: yarl
-SPDXID: SPDXRef-13-yarl
+SPDXID: SPDXRef-11-yarl
PackageVersion: 1.18.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
@@ -307,12 +271,12 @@ ExternalRef: OTHER log https://yarl.aio-libs.org/en/latest/changes/
ExternalRef: OTHER other https://yarl.aio-libs.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/yarl/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/yarl
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.18.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/yarl@1.18.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.18.3:*:*:*:*:*:*:*
#####
PackageName: idna
-SPDXID: SPDXRef-14-idna
+SPDXID: SPDXRef-12-idna
PackageVersion: 3.10
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kim Davies (kim+pypi@gumleaf.org)
@@ -327,12 +291,12 @@ ReleaseDate: 2024-09-15T18:07:37Z
ExternalRef: OTHER log https://github.com/kjd/idna/blob/master/HISTORY.rst
ExternalRef: OTHER issue-tracker https://github.com/kjd/idna/issues
ExternalRef: OTHER vcs https://github.com/kjd/idna
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.10
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/idna@3.10
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
#####
PackageName: beautifulsoup4
-SPDXID: SPDXRef-15-beautifulsoup4
+SPDXID: SPDXRef-13-beautifulsoup4
PackageVersion: 4.12.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
@@ -347,12 +311,12 @@ PackageCopyrightText: NOASSERTION
PackageSummary: Screen-scraping library
ReleaseDate: 2024-01-17T16:53:12Z
ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/beautifulsoup4@4.12.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.12.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
#####
PackageName: soupsieve
-SPDXID: SPDXRef-16-soupsieve
+SPDXID: SPDXRef-14-soupsieve
PackageVersion: 2.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Isaac Muse (Isaac.Muse@gmail.com)
@@ -365,12 +329,12 @@ PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: A modern CSS selector implementation for Beautiful Soup.
ReleaseDate: 2024-08-13T13:39:10Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/soupsieve@2.6
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/soupsieve@2.6
ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
#####
PackageName: cvss
-SPDXID: SPDXRef-17-cvss
+SPDXID: SPDXRef-15-cvss
PackageVersion: 3.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Stanislav Red Hat Product Security (skontar@redhat.com)
@@ -388,12 +352,12 @@ ExternalRef: OTHER other https://github.com/RedHatProductSecurity/cvss/releases
ExternalRef: OTHER vcs https://github.com/RedHatProductSecurity/cvss
ExternalRef: OTHER issue-tracker https://github.com/RedHatProductSecurity/cvss/issues
ExternalRef: OTHER build-system https://github.com/RedHatProductSecurity/cvss/actions
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cvss@3.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cvss@3.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
#####
PackageName: defusedxml
-SPDXID: SPDXRef-18-defusedxml
+SPDXID: SPDXRef-16-defusedxml
PackageVersion: 0.7.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Christian Heimes (christian@python.org)
@@ -407,12 +371,12 @@ PackageLicenseComments: defusedxml declares PSFL which is not currently a
PackageCopyrightText: NOASSERTION
PackageSummary: XML bomb protection for Python stdlib modules
ReleaseDate: 2021-03-08T10:59:24Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/defusedxml@0.7.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/defusedxml@0.7.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
#####
PackageName: distro
-SPDXID: SPDXRef-19-distro
+SPDXID: SPDXRef-17-distro
PackageVersion: 1.9.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Nir Cohen (nir36g@gmail.com)
@@ -426,12 +390,12 @@ PackageLicenseComments: distro declares Apache License, Version 2.0 which
PackageCopyrightText: NOASSERTION
PackageSummary: Distro - an OS platform information API
ReleaseDate: 2023-12-24T09:54:30Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/distro@1.9.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/distro@1.9.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
#####
PackageName: filetype
-SPDXID: SPDXRef-20-filetype
+SPDXID: SPDXRef-18-filetype
PackageVersion: 1.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Tomas Aparicio (tomas@aparicio.me)
@@ -444,12 +408,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Infer file type and MIME type of any file/buffer. No external dependencies.
ReleaseDate: 2022-11-02T17:34:01Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/filetype@1.2.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/filetype@1.2.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
#####
PackageName: gsutil
-SPDXID: SPDXRef-21-gsutil
+SPDXID: SPDXRef-19-gsutil
PackageVersion: 5.33
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com)
@@ -463,12 +427,12 @@ PackageLicenseComments: gsutil declares Apache 2.0 which is not currently
PackageCopyrightText: NOASSERTION
PackageSummary: A command line tool for interacting with cloud storage services.
ReleaseDate: 2024-12-11T09:40:59Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/gsutil@5.33
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.33
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.33:*:*:*:*:*:*:*
#####
PackageName: argcomplete
-SPDXID: SPDXRef-22-argcomplete
+SPDXID: SPDXRef-20-argcomplete
PackageVersion: 3.5.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com)
@@ -486,12 +450,12 @@ ExternalRef: OTHER documentation https://kislyuk.github.io/argcomplete
ExternalRef: OTHER vcs https://github.com/kislyuk/argcomplete
ExternalRef: OTHER issue-tracker https://github.com/kislyuk/argcomplete/issues
ExternalRef: OTHER log https://github.com/kislyuk/argcomplete/blob/develop/Changes.rst
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/argcomplete@3.5.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@3.5.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.2:*:*:*:*:*:*:*
#####
PackageName: crcmod
-SPDXID: SPDXRef-23-crcmod
+SPDXID: SPDXRef-21-crcmod
PackageVersion: 1.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ray Buvel (rlbuvel@gmail.com)
@@ -504,12 +468,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: CRC Generator
ReleaseDate: 2010-06-27T14:35:29Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/crcmod@1.7
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/crcmod@1.7
ExternalRef: SECURITY cpe23Type cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
#####
PackageName: fasteners
-SPDXID: SPDXRef-24-fasteners
+SPDXID: SPDXRef-22-fasteners
PackageVersion: 0.19
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joshua Harlow
@@ -522,12 +486,12 @@ PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: A python package that provides useful locks
ReleaseDate: 2023-09-19T17:11:18Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/fasteners@0.19
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/fasteners@0.19
ExternalRef: SECURITY cpe23Type cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
#####
PackageName: gcs-oauth2-boto-plugin
-SPDXID: SPDXRef-25-gcs-oauth2-boto-plugin
+SPDXID: SPDXRef-23-gcs-oauth2-boto-plugin
PackageVersion: 3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (gs-team@google.com)
@@ -541,12 +505,12 @@ PackageLicenseComments: gcs-oauth2-boto-plugin declares Apache 2.0 which i
PackageCopyrightText: NOASSERTION
PackageSummary: Auth plugin allowing use the use of OAuth 2.0 credentials for Google Cloud Storage in the Boto library.
ReleaseDate: 2024-05-02T14:37:31Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/gcs-oauth2-boto-plugin@3.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gcs-oauth2-boto-plugin@3.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
#####
PackageName: rsa
-SPDXID: SPDXRef-26-rsa
+SPDXID: SPDXRef-24-rsa
PackageVersion: 4.7.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Sybren A. Stuvel (sybren@stuvel.eu)
@@ -560,12 +524,12 @@ PackageLicenseComments: rsa declares ASL 2 which is not currently a valid
PackageCopyrightText: NOASSERTION
PackageSummary: Pure-Python RSA implementation
ReleaseDate: 2021-02-24T10:55:03Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rsa@4.7.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rsa@4.7.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
#####
PackageName: pyasn1
-SPDXID: SPDXRef-27-pyasn1
+SPDXID: SPDXRef-25-pyasn1
PackageVersion: 0.6.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -582,12 +546,12 @@ ExternalRef: OTHER documentation https://pyasn1.readthedocs.io
ExternalRef: OTHER vcs https://github.com/pyasn1/pyasn1
ExternalRef: OTHER issue-tracker https://github.com/pyasn1/pyasn1/issues
ExternalRef: OTHER log https://pyasn1.readthedocs.io/en/latest/changelog.html
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1@0.6.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyasn1@0.6.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
#####
PackageName: boto
-SPDXID: SPDXRef-28-boto
+SPDXID: SPDXRef-26-boto
PackageVersion: 2.49.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Mitch Garnaat (mitch@garnaat.com)
@@ -600,12 +564,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Amazon Web Services Library
ReleaseDate: 2018-07-11T20:58:55Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/boto@2.49.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/boto@2.49.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
#####
PackageName: google-reauth
-SPDXID: SPDXRef-29-google-reauth
+SPDXID: SPDXRef-27-google-reauth
PackageVersion: 0.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google (googleapis-publisher@google.com)
@@ -619,12 +583,12 @@ PackageLicenseComments: google-reauth declares Apache 2.0 which is not cur
PackageCopyrightText: NOASSERTION
PackageSummary: Google Reauth Library
ReleaseDate: 2020-12-01T17:35:45Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/google-reauth@0.1.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-reauth@0.1.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
#####
PackageName: pyu2f
-SPDXID: SPDXRef-30-pyu2f
+SPDXID: SPDXRef-28-pyu2f
PackageVersion: 0.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (pyu2f-team@google.com)
@@ -638,12 +602,12 @@ PackageLicenseComments: pyu2f declares Apache 2.0 which is not currently a
PackageCopyrightText: NOASSERTION
PackageSummary: U2F host library for interacting with a U2F device over USB.
ReleaseDate: 2020-10-30T20:03:07Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyu2f@0.1.5
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyu2f@0.1.5
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
#####
PackageName: six
-SPDXID: SPDXRef-31-six
+SPDXID: SPDXRef-29-six
PackageVersion: 1.17.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Benjamin Peterson (benjamin@python.org)
@@ -656,12 +620,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Python 2 and 3 compatibility utilities
ReleaseDate: 2024-12-04T17:35:26Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/six@1.17.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/six@1.17.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:benjamin_peterson:six:1.17.0:*:*:*:*:*:*:*
#####
PackageName: httplib2
-SPDXID: SPDXRef-32-httplib2
+SPDXID: SPDXRef-30-httplib2
PackageVersion: 0.20.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joe Gregorio (joe@bitworking.org)
@@ -674,12 +638,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: A comprehensive HTTP client library.
ReleaseDate: 2022-02-03T00:00:29Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/httplib2@0.20.4
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/httplib2@0.20.4
ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
#####
PackageName: pyparsing
-SPDXID: SPDXRef-33-pyparsing
+SPDXID: SPDXRef-31-pyparsing
PackageVersion: 3.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com)
@@ -692,12 +656,12 @@ PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: pyparsing module - Classes and methods to define and execute parsing grammars
ReleaseDate: 2024-10-13T10:01:13Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyparsing@3.2.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyparsing@3.2.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
#####
PackageName: oauth2client
-SPDXID: SPDXRef-34-oauth2client
+SPDXID: SPDXRef-32-oauth2client
PackageVersion: 4.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (jonwayne+oauth2client@google.com)
@@ -711,12 +675,12 @@ PackageLicenseComments: oauth2client declares Apache 2.0 which is not curr
PackageCopyrightText: NOASSERTION
PackageSummary: OAuth 2.0 client library
ReleaseDate: 2018-09-07T21:38:16Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/oauth2client@4.1.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/oauth2client@4.1.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
#####
PackageName: pyasn1-modules
-SPDXID: SPDXRef-35-pyasn1-modules
+SPDXID: SPDXRef-33-pyasn1-modules
PackageVersion: 0.4.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -733,12 +697,12 @@ ReleaseDate: 2024-09-10T22:42:08Z
ExternalRef: OTHER vcs https://github.com/pyasn1/pyasn1-modules
ExternalRef: OTHER issue-tracker https://github.com/pyasn1/pyasn1-modules/issues
ExternalRef: OTHER log https://github.com/pyasn1/pyasn1-modules/blob/master/CHANGES.txt
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1-modules@0.4.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyasn1-modules@0.4.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
#####
PackageName: pyopenssl
-SPDXID: SPDXRef-36-pyopenssl
+SPDXID: SPDXRef-34-pyopenssl
PackageVersion: 24.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org)
@@ -753,12 +717,12 @@ PackageCopyrightText: NOASSERTION
PackageSummary: Python wrapper module around the OpenSSL library
ReleaseDate: 2024-07-20T17:26:29Z
ExternalRef: OTHER vcs https://github.com/pyca/pyopenssl
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyopenssl@24.2.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyopenssl@24.2.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
#####
PackageName: cryptography
-SPDXID: SPDXRef-37-cryptography
+SPDXID: SPDXRef-35-cryptography
PackageVersion: 43.0.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
@@ -775,12 +739,12 @@ ExternalRef: OTHER documentation https://cryptography.io/
ExternalRef: OTHER vcs https://github.com/pyca/cryptography/
ExternalRef: OTHER issue-tracker https://github.com/pyca/cryptography/issues
ExternalRef: OTHER log https://cryptography.io/en/latest/changelog/
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cryptography@43.0.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@43.0.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
#####
PackageName: cffi
-SPDXID: SPDXRef-38-cffi
+SPDXID: SPDXRef-36-cffi
PackageVersion: 1.17.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Armin Maciej Fijalkowski (python-cffi@googlegroups.com)
@@ -799,12 +763,12 @@ ExternalRef: OTHER issue-tracker https://github.com/python-cffi/cffi/issues
ExternalRef: OTHER log https://cffi.readthedocs.io/en/latest/whatsnew.html
ExternalRef: OTHER other https://github.com/python-cffi/cffi/releases
ExternalRef: OTHER other https://groups.google.com/forum/#!forum/python-cffi
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cffi@1.17.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cffi@1.17.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
#####
PackageName: pycparser
-SPDXID: SPDXRef-39-pycparser
+SPDXID: SPDXRef-37-pycparser
PackageVersion: 2.22
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Eli Bendersky (eliben@gmail.com)
@@ -817,12 +781,12 @@ PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: C parser in Python
ReleaseDate: 2024-03-30T13:22:20Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pycparser@2.22
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pycparser@2.22
ExternalRef: SECURITY cpe23Type cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
#####
PackageName: retry-decorator
-SPDXID: SPDXRef-40-retry-decorator
+SPDXID: SPDXRef-38-retry-decorator
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Patrick Ng (pn.appdev@gmail.com)
@@ -835,12 +799,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Retry Decorator
ReleaseDate: 2020-03-10T23:56:29Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/retry-decorator@1.1.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/retry-decorator@1.1.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
#####
PackageName: google-auth
-SPDXID: SPDXRef-41-google-auth
+SPDXID: SPDXRef-39-google-auth
PackageVersion: 2.17.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -854,12 +818,12 @@ PackageLicenseComments: google-auth declares Apache 2.0 which is not curre
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library
ReleaseDate: 2023-03-28T19:51:30Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/google-auth@2.17.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.17.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
#####
PackageName: cachetools
-SPDXID: SPDXRef-42-cachetools
+SPDXID: SPDXRef-40-cachetools
PackageVersion: 5.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
@@ -872,12 +836,12 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Extensible memoizing collections and decorators
ReleaseDate: 2024-08-18T20:28:43Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cachetools@5.5.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.5.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
#####
PackageName: google-auth-httplib2
-SPDXID: SPDXRef-43-google-auth-httplib2
+SPDXID: SPDXRef-41-google-auth-httplib2
PackageVersion: 0.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -891,12 +855,12 @@ PackageLicenseComments: google-auth-httplib2 declares Apache 2.0 which is
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library: httplib2 transport
ReleaseDate: 2023-12-12T17:40:13Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/google-auth-httplib2@0.2.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth-httplib2@0.2.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
#####
PackageName: google-apitools
-SPDXID: SPDXRef-44-google-apitools
+SPDXID: SPDXRef-42-google-apitools
PackageVersion: 0.5.32
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Craig Citro (craigcitro@google.com)
@@ -910,12 +874,12 @@ PackageLicenseComments: google-apitools declares Apache 2.0 which is not c
PackageCopyrightText: NOASSERTION
PackageSummary: client libraries for humans
ReleaseDate: 2021-05-05T22:12:58Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/google-apitools@0.5.32
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-apitools@0.5.32
ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
#####
PackageName: monotonic
-SPDXID: SPDXRef-45-monotonic
+SPDXID: SPDXRef-43-monotonic
PackageVersion: 1.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ori Livneh (ori@wikimedia.org)
@@ -929,29 +893,65 @@ PackageLicenseComments: monotonic declares Apache which is not currently a
PackageCopyrightText: NOASSERTION
PackageSummary: An implementation of time.monotonic() for Python 2 & < 3.3
ReleaseDate: 2021-04-09T21:58:05Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/monotonic@1.6
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/monotonic@1.6
ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
#####
+PackageName: importlib-metadata
+SPDXID: SPDXRef-44-importlib-metadata
+PackageVersion: 8.5.0
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
+PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.5.0/#files
+FilesAnalyzed: false
+PackageChecksum: SHA256: 45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
+PackageCopyrightText: NOASSERTION
+PackageSummary: Read metadata from Python packages
+ReleaseDate: 2024-09-11T14:56:07Z
+ExternalRef: OTHER vcs https://github.com/python/importlib_metadata
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-metadata@8.5.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*
+#####
+
+PackageName: zipp
+SPDXID: SPDXRef-45-zipp
+PackageVersion: 3.21.0
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
+PackageDownloadLocation: https://pypi.org/project/zipp/3.21.0/#files
+FilesAnalyzed: false
+PackageChecksum: SHA256: ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
+PackageCopyrightText: NOASSERTION
+PackageSummary: Backport of pathlib-compatible object wrapper for zip files
+ReleaseDate: 2024-11-10T15:05:19Z
+ExternalRef: OTHER vcs https://github.com/jaraco/zipp
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.21.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+#####
+
PackageName: jinja2
SPDXID: SPDXRef-46-jinja2
-PackageVersion: 3.1.4
+PackageVersion: 3.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/jinja2/3.1.4/#files
+PackageDownloadLocation: https://pypi.org/project/jinja2/3.1.5/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d
+PackageChecksum: SHA256: aba0f4dc9ed8013c424088f68a5c226f7d6097ed89b246d7749c2ec4175c6adb
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: A very fast and expressive template engine.
-ReleaseDate: 2024-05-05T23:41:59Z
+ReleaseDate: 2024-12-21T18:30:19Z
ExternalRef: OTHER log https://jinja.palletsprojects.com/changes/
ExternalRef: OTHER chat https://discord.gg/pallets
ExternalRef: OTHER documentation https://jinja.palletsprojects.com/
ExternalRef: OTHER other https://palletsprojects.com/donate
ExternalRef: OTHER vcs https://github.com/pallets/jinja/
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jinja2@3.1.4
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jinja2@3.1.5
#####
PackageName: markupsafe
@@ -1001,7 +1001,7 @@ ExternalRef: OTHER documentation https://markupsafe.palletsprojects.com/
ExternalRef: OTHER log https://markupsafe.palletsprojects.com/changes/
ExternalRef: OTHER vcs https://github.com/pallets/markupsafe/
ExternalRef: OTHER chat https://discord.gg/pallets
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markupsafe@3.0.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markupsafe@3.0.2
#####
PackageName: jsonschema
@@ -1024,7 +1024,7 @@ ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-jsonschema?utm_source=pypi-jsonschema&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER log https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst
ExternalRef: OTHER vcs https://github.com/python-jsonschema/jsonschema
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jsonschema@4.23.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jsonschema@4.23.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
#####
@@ -1047,7 +1047,7 @@ ExternalRef: OTHER issue-tracker https://github.com/python-jsonschema/jsonschema
ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-jsonschema-specifications?utm_source=pypi-jsonschema-specifications&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER vcs https://github.com/python-jsonschema/jsonschema-specifications
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jsonschema-specifications@2024.10.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jsonschema-specifications@2024.10.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
#####
@@ -1071,7 +1071,7 @@ ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-referencing?utm_source=pypi-referencing&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER log https://referencing.readthedocs.io/en/stable/changes/
ExternalRef: OTHER vcs https://github.com/python-jsonschema/referencing
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/referencing@0.35.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.35.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
#####
@@ -1095,26 +1095,26 @@ ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-rpds-py?utm_source=pypi-rpds-py&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER vcs https://github.com/crate-py/rpds
ExternalRef: OTHER other https://github.com/orium/rpds
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rpds-py@0.22.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.22.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.22.3:*:*:*:*:*:*:*
#####
PackageName: lib4sbom
SPDXID: SPDXRef-52-lib4sbom
-PackageVersion: 0.8.0
+PackageVersion: 0.8.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/lib4sbom/0.8.0/#files
+PackageDownloadLocation: https://pypi.org/project/lib4sbom/0.8.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/anthonyharrison/lib4sbom
-PackageChecksum: SHA256: 27f98d2c109b4d91636913302cfaa4e8bf47315b6beb6b35a19ff66380c1e395
+PackageChecksum: SHA256: 7fba7451760c49738911b344fef96a3a274baaef6d34ab61e89284c506f0a343
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Software Bill of Material (SBOM) generator and consumer library
-ReleaseDate: 2024-12-09T20:13:26Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/lib4sbom@0.8.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.8.0:*:*:*:*:*:*:*
+ReleaseDate: 2024-12-18T21:54:27Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4sbom@0.8.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.8.1:*:*:*:*:*:*:*
#####
PackageName: pyyaml
@@ -1136,7 +1136,7 @@ ExternalRef: OTHER build-system https://github.com/yaml/pyyaml/actions
ExternalRef: OTHER documentation https://pyyaml.org/wiki/PyYAMLDocumentation
ExternalRef: OTHER mailing-list http://lists.sourceforge.net/lists/listinfo/yaml-core
ExternalRef: OTHER vcs https://github.com/yaml/pyyaml
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyyaml@6.0.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyyaml@6.0.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
#####
@@ -1155,7 +1155,7 @@ PackageLicenseComments: semantic-version declares BSD which is not current
PackageCopyrightText: NOASSERTION
PackageSummary: A library implementing the 'SemVer' scheme.
ReleaseDate: 2022-05-26T13:35:21Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/semantic-version@2.10.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/semantic-version@2.10.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
#####
@@ -1173,7 +1173,7 @@ PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: VEX generator and consumer library
ReleaseDate: 2024-08-29T20:36:52Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/lib4vex@0.2.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4vex@0.2.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
#####
@@ -1191,7 +1191,7 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: CSAF generator and analyser
ReleaseDate: 2024-06-12T20:10:06Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/csaf-tool@0.3.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/csaf-tool@0.3.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
#####
@@ -1209,7 +1209,7 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: A purl aka. Package URL parser and builder
ReleaseDate: 2024-10-22T05:51:23Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/packageurl-python@0.16.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packageurl-python@0.16.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
#####
@@ -1228,7 +1228,7 @@ PackageCopyrightText: NOASSERTION
PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal
ReleaseDate: 2024-11-01T16:43:55Z
ExternalRef: OTHER documentation https://rich.readthedocs.io/en/latest/
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.9.4
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.9.4
ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
#####
@@ -1247,7 +1247,7 @@ PackageCopyrightText: NOASSERTION
PackageSummary: Python port of markdown-it. Markdown parsing, done right!
ReleaseDate: 2023-06-03T06:41:11Z
ExternalRef: OTHER documentation https://markdown-it-py.readthedocs.io
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markdown-it-py@3.0.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@3.0.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
#####
@@ -1265,7 +1265,7 @@ PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Markdown URL utilities
ReleaseDate: 2022-08-14T12:40:09Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/mdurl@0.1.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/mdurl@0.1.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
#####
@@ -1287,7 +1287,7 @@ ExternalRef: OTHER documentation https://pygments.org/docs
ExternalRef: OTHER vcs https://github.com/pygments/pygments
ExternalRef: OTHER issue-tracker https://github.com/pygments/pygments/issues
ExternalRef: OTHER log https://github.com/pygments/pygments/blob/master/CHANGES
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pygments@2.18.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pygments@2.18.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
#####
@@ -1309,7 +1309,7 @@ ReleaseDate: 2024-09-20T16:43:47Z
ExternalRef: OTHER documentation https://gnupg.readthedocs.io/
ExternalRef: OTHER vcs https://github.com/vsajip/python-gnupg
ExternalRef: OTHER issue-tracker https://github.com/vsajip/python-gnupg/issues
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/python-gnupg@0.5.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/python-gnupg@0.5.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
#####
@@ -1328,7 +1328,7 @@ PackageSummary: Core utilities for Python packages
ReleaseDate: 2024-11-08T09:47:44Z
ExternalRef: OTHER documentation https://packaging.pypa.io/
ExternalRef: OTHER vcs https://github.com/pypa/packaging
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/packaging@24.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packaging@24.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
#####
@@ -1349,7 +1349,7 @@ ReleaseDate: 2024-09-12T15:36:24Z
ExternalRef: OTHER documentation https://plotly.com/python/
ExternalRef: OTHER vcs https://github.com/plotly/plotly.py
ExternalRef: OTHER log https://github.com/plotly/plotly.py/blob/master/CHANGELOG.md
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.24.1
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.24.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
#####
@@ -1368,7 +1368,7 @@ PackageLicenseComments: tenacity declares Apache 2.0 which is not currentl
PackageCopyrightText: NOASSERTION
PackageSummary: Retry code until it succeeds
ReleaseDate: 2024-07-29T12:12:25Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/tenacity@9.0.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@9.0.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
#####
@@ -1388,7 +1388,7 @@ PackageSummary: Python HTTP for Humans.
ReleaseDate: 2024-05-29T15:37:47Z
ExternalRef: OTHER documentation https://requests.readthedocs.io
ExternalRef: OTHER vcs https://github.com/psf/requests
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/requests@2.32.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/requests@2.32.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
#####
@@ -1408,29 +1408,28 @@ PackageSummary: The Real First Universal Charset Detector. Open, modern an
ReleaseDate: 2024-10-09T07:38:02Z
ExternalRef: OTHER issue-tracker https://github.com/Ousret/charset_normalizer/issues
ExternalRef: OTHER documentation https://charset-normalizer.readthedocs.io/en/latest
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/charset-normalizer@3.4.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.4.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
#####
PackageName: urllib3
SPDXID: SPDXRef-68-urllib3
-PackageVersion: 2.2.3
+PackageVersion: 2.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
-PackageDownloadLocation: https://pypi.org/project/urllib3/2.2.3/#files
+PackageDownloadLocation: https://pypi.org/project/urllib3/2.3.0/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: HTTP library with thread-safe connection pooling, file post, and more.
-ReleaseDate: 2024-09-12T10:52:16Z
+ReleaseDate: 2024-10-09T07:38:02Z
ExternalRef: OTHER log https://github.com/urllib3/urllib3/blob/main/CHANGES.rst
ExternalRef: OTHER documentation https://urllib3.readthedocs.io
ExternalRef: OTHER vcs https://github.com/urllib3/urllib3
ExternalRef: OTHER issue-tracker https://github.com/urllib3/urllib3/issues
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/urllib3@2.2.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/urllib3@2.3.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.3.0:*:*:*:*:*:*:*
#####
PackageName: certifi
@@ -1448,7 +1447,7 @@ PackageCopyrightText: NOASSERTION
PackageSummary: Python package for providing Mozilla's CA Bundle.
ReleaseDate: 2024-12-14T13:52:36Z
ExternalRef: OTHER vcs https://github.com/certifi/python-certifi
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/certifi@2024.12.14
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2024.12.14
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.12.14:*:*:*:*:*:*:*
#####
@@ -1466,7 +1465,7 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Read rpm archive files
ReleaseDate: 2024-07-24T21:57:45Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rpmfile@2.1.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpmfile@2.1.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
#####
@@ -1486,7 +1485,7 @@ ReleaseDate: 2024-11-20T18:16:10Z
ExternalRef: OTHER vcs https://github.com/pypa/setuptools
ExternalRef: OTHER documentation https://setuptools.pypa.io/
ExternalRef: OTHER log https://setuptools.pypa.io/en/stable/history.html
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.6.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/setuptools@75.6.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.6.0:*:*:*:*:*:*:*
#####
@@ -1504,7 +1503,7 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Python Library for Tom's Obvious, Minimal Language
ReleaseDate: 2020-11-01T01:40:20Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/toml@0.10.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/toml@0.10.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*
#####
@@ -1522,26 +1521,26 @@ PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An XML Schema validator and decoder
ReleaseDate: 2024-10-31T09:47:12Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.4.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@3.4.3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
#####
PackageName: elementpath
SPDXID: SPDXRef-74-elementpath
-PackageVersion: 4.6.0
+PackageVersion: 4.7.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/elementpath/4.6.0/#files
+PackageDownloadLocation: https://pypi.org/project/elementpath/4.7.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/sissaschool/elementpath
-PackageChecksum: SHA256: e578677f19ccc6ff374c4477c687c547ecbaf7b478d98abb951b7b4b45260a17
+PackageChecksum: SHA256: 607804a1b4250ac448c1e2bfaec4ee1c980b0a07cfdb0d9057b57102038ed480
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml
-ReleaseDate: 2024-10-27T21:52:58Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/elementpath@4.6.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+ReleaseDate: 2024-12-20T13:58:04Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.7.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.7.0:*:*:*:*:*:*:*
#####
PackageName: zstandard
@@ -1559,17 +1558,19 @@ PackageLicenseComments: zstandard declares BSD which is not currently a va
PackageCopyrightText: NOASSERTION
PackageSummary: Zstandard bindings for Python
ReleaseDate: 2024-07-15T00:13:27Z
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zstandard@0.23.0
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zstandard@0.23.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
#####
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-15-beautifulsoup4
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-17-cvss
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-18-defusedxml
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-19-distro
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-13-beautifulsoup4
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-15-cvss
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-16-defusedxml
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-17-distro
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-18-filetype
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-19-gsutil
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-2-aiohttp
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-20-filetype
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-21-gsutil
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-44-importlib-metadata
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-45-zipp
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-46-jinja2
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-48-jsonschema
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-52-lib4sbom
@@ -1587,68 +1588,65 @@ Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-71-setuptools
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-72-toml
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-73-xmlschema
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-75-zstandard
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-8-importlib-metadata
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-9-zipp
-Relationship: SPDXRef-11-multidict DEPENDS_ON SPDXRef-10-typing-extensions
-Relationship: SPDXRef-13-yarl DEPENDS_ON SPDXRef-11-multidict
-Relationship: SPDXRef-13-yarl DEPENDS_ON SPDXRef-12-propcache
-Relationship: SPDXRef-13-yarl DEPENDS_ON SPDXRef-14-idna
-Relationship: SPDXRef-15-beautifulsoup4 DEPENDS_ON SPDXRef-16-soupsieve
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-11-multidict
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-12-propcache
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-13-yarl
+Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-10-propcache
+Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-12-idna
+Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-8-multidict
+Relationship: SPDXRef-13-beautifulsoup4 DEPENDS_ON SPDXRef-14-soupsieve
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-20-argcomplete
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-21-crcmod
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-22-fasteners
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-23-gcs-oauth2-boto-plugin
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-27-google-reauth
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-30-httplib2
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-34-pyopenssl
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-38-retry-decorator
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-39-google-auth
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-41-google-auth-httplib2
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-42-google-apitools
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-43-monotonic
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-10-propcache
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-11-yarl
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-3-aiohappyeyeballs
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-4-aiosignal
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-5-frozenlist
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-6-async-timeout
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-22-argcomplete
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-23-crcmod
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-24-fasteners
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-25-gcs-oauth2-boto-plugin
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-29-google-reauth
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-32-httplib2
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-36-pyopenssl
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-40-retry-decorator
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-41-google-auth
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-43-google-auth-httplib2
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-44-google-apitools
-Relationship: SPDXRef-21-gsutil DEPENDS_ON SPDXRef-45-monotonic
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-26-rsa
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-28-boto
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-29-google-reauth
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-32-httplib2
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-34-oauth2client
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-36-pyopenssl
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-40-retry-decorator
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-41-google-auth
-Relationship: SPDXRef-25-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-43-google-auth-httplib2
-Relationship: SPDXRef-26-rsa DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-29-google-reauth DEPENDS_ON SPDXRef-30-pyu2f
-Relationship: SPDXRef-30-pyu2f DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-32-httplib2 DEPENDS_ON SPDXRef-33-pyparsing
-Relationship: SPDXRef-34-oauth2client DEPENDS_ON SPDXRef-26-rsa
-Relationship: SPDXRef-34-oauth2client DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-34-oauth2client DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-34-oauth2client DEPENDS_ON SPDXRef-32-httplib2
-Relationship: SPDXRef-34-oauth2client DEPENDS_ON SPDXRef-35-pyasn1-modules
-Relationship: SPDXRef-35-pyasn1-modules DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-36-pyopenssl DEPENDS_ON SPDXRef-37-cryptography
-Relationship: SPDXRef-37-cryptography DEPENDS_ON SPDXRef-38-cffi
-Relationship: SPDXRef-38-cffi DEPENDS_ON SPDXRef-39-pycparser
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-8-multidict
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-24-rsa
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-26-boto
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-27-google-reauth
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-30-httplib2
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-32-oauth2client
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-34-pyopenssl
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-38-retry-decorator
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-39-google-auth
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-41-google-auth-httplib2
+Relationship: SPDXRef-24-rsa DEPENDS_ON SPDXRef-25-pyasn1
+Relationship: SPDXRef-27-google-reauth DEPENDS_ON SPDXRef-28-pyu2f
+Relationship: SPDXRef-28-pyu2f DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-30-httplib2 DEPENDS_ON SPDXRef-31-pyparsing
+Relationship: SPDXRef-32-oauth2client DEPENDS_ON SPDXRef-24-rsa
+Relationship: SPDXRef-32-oauth2client DEPENDS_ON SPDXRef-25-pyasn1
+Relationship: SPDXRef-32-oauth2client DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-32-oauth2client DEPENDS_ON SPDXRef-30-httplib2
+Relationship: SPDXRef-32-oauth2client DEPENDS_ON SPDXRef-33-pyasn1-modules
+Relationship: SPDXRef-33-pyasn1-modules DEPENDS_ON SPDXRef-25-pyasn1
+Relationship: SPDXRef-34-pyopenssl DEPENDS_ON SPDXRef-35-cryptography
+Relationship: SPDXRef-35-cryptography DEPENDS_ON SPDXRef-36-cffi
+Relationship: SPDXRef-36-cffi DEPENDS_ON SPDXRef-37-pycparser
+Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-24-rsa
+Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-33-pyasn1-modules
+Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-40-cachetools
Relationship: SPDXRef-4-aiosignal DEPENDS_ON SPDXRef-5-frozenlist
-Relationship: SPDXRef-41-google-auth DEPENDS_ON SPDXRef-26-rsa
-Relationship: SPDXRef-41-google-auth DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-41-google-auth DEPENDS_ON SPDXRef-35-pyasn1-modules
-Relationship: SPDXRef-41-google-auth DEPENDS_ON SPDXRef-42-cachetools
-Relationship: SPDXRef-43-google-auth-httplib2 DEPENDS_ON SPDXRef-32-httplib2
-Relationship: SPDXRef-43-google-auth-httplib2 DEPENDS_ON SPDXRef-41-google-auth
-Relationship: SPDXRef-44-google-apitools DEPENDS_ON SPDXRef-24-fasteners
-Relationship: SPDXRef-44-google-apitools DEPENDS_ON SPDXRef-31-six
-Relationship: SPDXRef-44-google-apitools DEPENDS_ON SPDXRef-32-httplib2
-Relationship: SPDXRef-44-google-apitools DEPENDS_ON SPDXRef-34-oauth2client
+Relationship: SPDXRef-41-google-auth-httplib2 DEPENDS_ON SPDXRef-30-httplib2
+Relationship: SPDXRef-41-google-auth-httplib2 DEPENDS_ON SPDXRef-39-google-auth
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-22-fasteners
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-29-six
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-30-httplib2
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-32-oauth2client
Relationship: SPDXRef-46-jinja2 DEPENDS_ON SPDXRef-47-markupsafe
Relationship: SPDXRef-48-jsonschema DEPENDS_ON SPDXRef-49-jsonschema-specifications
Relationship: SPDXRef-48-jsonschema DEPENDS_ON SPDXRef-50-referencing
@@ -1657,7 +1655,7 @@ Relationship: SPDXRef-48-jsonschema DEPENDS_ON SPDXRef-7-attrs
Relationship: SPDXRef-49-jsonschema-specifications DEPENDS_ON SPDXRef-50-referencing
Relationship: SPDXRef-50-referencing DEPENDS_ON SPDXRef-51-rpds-py
Relationship: SPDXRef-50-referencing DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-52-lib4sbom DEPENDS_ON SPDXRef-18-defusedxml
+Relationship: SPDXRef-52-lib4sbom DEPENDS_ON SPDXRef-16-defusedxml
Relationship: SPDXRef-52-lib4sbom DEPENDS_ON SPDXRef-53-pyyaml
Relationship: SPDXRef-52-lib4sbom DEPENDS_ON SPDXRef-54-semantic-version
Relationship: SPDXRef-55-lib4vex DEPENDS_ON SPDXRef-52-lib4sbom
@@ -1665,19 +1663,17 @@ Relationship: SPDXRef-55-lib4vex DEPENDS_ON SPDXRef-56-csaf-tool
Relationship: SPDXRef-55-lib4vex DEPENDS_ON SPDXRef-57-packageurl-python
Relationship: SPDXRef-56-csaf-tool DEPENDS_ON SPDXRef-57-packageurl-python
Relationship: SPDXRef-56-csaf-tool DEPENDS_ON SPDXRef-58-rich
-Relationship: SPDXRef-58-rich DEPENDS_ON SPDXRef-10-typing-extensions
Relationship: SPDXRef-58-rich DEPENDS_ON SPDXRef-59-markdown-it-py
Relationship: SPDXRef-58-rich DEPENDS_ON SPDXRef-61-pygments
+Relationship: SPDXRef-58-rich DEPENDS_ON SPDXRef-9-typing-extensions
Relationship: SPDXRef-59-markdown-it-py DEPENDS_ON SPDXRef-60-mdurl
Relationship: SPDXRef-64-plotly DEPENDS_ON SPDXRef-63-packaging
Relationship: SPDXRef-64-plotly DEPENDS_ON SPDXRef-65-tenacity
-Relationship: SPDXRef-66-requests DEPENDS_ON SPDXRef-14-idna
+Relationship: SPDXRef-66-requests DEPENDS_ON SPDXRef-12-idna
Relationship: SPDXRef-66-requests DEPENDS_ON SPDXRef-67-charset-normalizer
Relationship: SPDXRef-66-requests DEPENDS_ON SPDXRef-68-urllib3
Relationship: SPDXRef-66-requests DEPENDS_ON SPDXRef-69-certifi
-Relationship: SPDXRef-7-attrs DEPENDS_ON SPDXRef-8-importlib-metadata
Relationship: SPDXRef-73-xmlschema DEPENDS_ON SPDXRef-74-elementpath
-Relationship: SPDXRef-75-zstandard DEPENDS_ON SPDXRef-38-cffi
-Relationship: SPDXRef-8-importlib-metadata DEPENDS_ON SPDXRef-10-typing-extensions
-Relationship: SPDXRef-8-importlib-metadata DEPENDS_ON SPDXRef-9-zipp
+Relationship: SPDXRef-75-zstandard DEPENDS_ON SPDXRef-36-cffi
+Relationship: SPDXRef-8-multidict DEPENDS_ON SPDXRef-9-typing-extensions
Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-1-cve-bin-tool