From 2977e9d82126ddcd6e83816cfa15f8ebe5bdd1b0 Mon Sep 17 00:00:00 2001 From: GitHub Date: Mon, 6 Mar 2023 01:52:04 +0000 Subject: [PATCH] chore: update SBOM for Python 3.10 --- sbom/cve-bin-tool-py3.10.json | 94 +++++++++++++++++------------------ sbom/cve-bin-tool-py3.10.spdx | 94 +++++++++++++++++------------------ 2 files changed, 94 insertions(+), 94 deletions(-) diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json index e4de9c86d6..2bc1a74392 100644 --- a/sbom/cve-bin-tool-py3.10.json +++ b/sbom/cve-bin-tool-py3.10.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.4", - "serialNumber": "urn:uuidfff932c0-06ef-485f-b571-b427b750b70e", + "serialNumber": "urn:uuidac44f3e3-d78d-4521-b02d-92d540aee8c7", "version": 1, "metadata": { - "timestamp": "2023-01-30T00:24:01Z", + "timestamp": "2023-03-06T01:52:02Z", "tools": [ { "name": "sbom4python", @@ -35,7 +35,7 @@ "type": "library", "bom-ref": "2-aiohttp", "name": "aiohttp", - "version": "3.8.3", + "version": "3.8.4", "licenses": [ { "license": { @@ -44,7 +44,7 @@ } } ], - "purl": "pkg:pypi/aiohttp@3.8.3" + "purl": "pkg:pypi/aiohttp@3.8.4" }, { "type": "library", @@ -114,9 +114,9 @@ "type": "library", "bom-ref": "7-charset-normalizer", "name": "charset-normalizer", - "version": "2.1.1", - "author": "Ahmed TAHRI Ousret", - "cpe": "cpe:/a:ahmed_tahri_ousret:charset-normalizer:2.1.1", + "version": "3.0.1", + "author": "Ahmed TAHRI", + "cpe": "cpe:/a:ahmed_tahri:charset-normalizer:3.0.1", "licenses": [ { "license": { @@ -125,7 +125,7 @@ } } ], - "purl": "pkg:pypi/charset-normalizer@2.1.1" + "purl": "pkg:pypi/charset-normalizer@3.0.1" }, { "type": "library", @@ -174,9 +174,9 @@ "type": "library", "bom-ref": "11-beautifulsoup4", "name": "beautifulsoup4", - "version": "4.11.1", + "version": "4.11.2", "author": "Leonard Richardson", - "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.1", + "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.2", "licenses": [ { "license": { @@ -185,16 +185,16 @@ } } ], - "purl": "pkg:pypi/beautifulsoup4@4.11.1" + "purl": "pkg:pypi/beautifulsoup4@4.11.2" }, { "type": "library", "bom-ref": "12-soupsieve", "name": "soupsieve", - "version": "2.3.2.post1", + "version": "2.4", "author": "Isaac Muse", - "cpe": "cpe:/a:isaac_muse:soupsieve:2.3.2.post1", - "purl": "pkg:pypi/soupsieve@2.3.2.post1" + "cpe": "cpe:/a:isaac_muse:soupsieve:2.4", + "purl": "pkg:pypi/soupsieve@2.4" }, { "type": "library", @@ -235,9 +235,9 @@ "type": "library", "bom-ref": "16-gsutil", "name": "gsutil", - "version": "5.19", + "version": "5.21", "author": "Google Inc.", - "cpe": "cpe:/a:google_inc.:gsutil:5.19", + "cpe": "cpe:/a:google_inc.:gsutil:5.21", "licenses": [ { "license": { @@ -246,15 +246,15 @@ } } ], - "purl": "pkg:pypi/gsutil@5.19" + "purl": "pkg:pypi/gsutil@5.21" }, { "type": "library", "bom-ref": "17-argcomplete", "name": "argcomplete", - "version": "2.0.0", + "version": "2.0.5", "author": "Andrey Kislyuk", - "cpe": "cpe:/a:andrey_kislyuk:argcomplete:2.0.0", + "cpe": "cpe:/a:andrey_kislyuk:argcomplete:2.0.5", "licenses": [ { "license": { @@ -263,7 +263,7 @@ } } ], - "purl": "pkg:pypi/argcomplete@2.0.0" + "purl": "pkg:pypi/argcomplete@2.0.5" }, { "type": "library", @@ -475,10 +475,10 @@ "type": "library", "bom-ref": "32-cryptography", "name": "cryptography", - "version": "39.0.0", + "version": "39.0.2", "author": "The Python Cryptographic Authority and individual contributors", - "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0", - "purl": "pkg:pypi/cryptography@39.0.0" + "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.2", + "purl": "pkg:pypi/cryptography@39.0.2" }, { "type": "library", @@ -544,9 +544,9 @@ "type": "library", "bom-ref": "37-google-auth", "name": "google-auth", - "version": "2.16.0", + "version": "2.16.2", "author": "Google Cloud Platform", - "cpe": "cpe:/a:google_cloud_platform:google-auth:2.16.0", + "cpe": "cpe:/a:google_cloud_platform:google-auth:2.16.2", "licenses": [ { "license": { @@ -555,7 +555,7 @@ } } ], - "purl": "pkg:pypi/google-auth@2.16.0" + "purl": "pkg:pypi/google-auth@2.16.2" }, { "type": "library", @@ -664,9 +664,9 @@ "type": "library", "bom-ref": "45-plotly", "name": "plotly", - "version": "5.13.0", + "version": "5.13.1", "author": "Chris P", - "cpe": "cpe:/a:chris_p:plotly:5.13.0", + "cpe": "cpe:/a:chris_p:plotly:5.13.1", "licenses": [ { "license": { @@ -675,15 +675,15 @@ } } ], - "purl": "pkg:pypi/plotly@5.13.0" + "purl": "pkg:pypi/plotly@5.13.1" }, { "type": "library", "bom-ref": "46-tenacity", "name": "tenacity", - "version": "8.1.0", + "version": "8.2.2", "author": "Julien Danjou", - "cpe": "cpe:/a:julien_danjou:tenacity:8.1.0", + "cpe": "cpe:/a:julien_danjou:tenacity:8.2.2", "licenses": [ { "license": { @@ -692,7 +692,7 @@ } } ], - "purl": "pkg:pypi/tenacity@8.1.0" + "purl": "pkg:pypi/tenacity@8.2.2" }, { "type": "library", @@ -766,9 +766,9 @@ "type": "library", "bom-ref": "51-rich", "name": "rich", - "version": "13.3.1", + "version": "13.3.2", "author": "Will McGugan", - "cpe": "cpe:/a:will_mcgugan:rich:13.3.1", + "cpe": "cpe:/a:will_mcgugan:rich:13.3.2", "licenses": [ { "license": { @@ -777,16 +777,16 @@ } } ], - "purl": "pkg:pypi/rich@13.3.1" + "purl": "pkg:pypi/rich@13.3.2" }, { "type": "library", "bom-ref": "52-markdown-it-py", "name": "markdown-it-py", - "version": "2.1.0", + "version": "2.2.0", "author": "Chris Sewell", - "cpe": "cpe:/a:chris_sewell:markdown-it-py:2.1.0", - "purl": "pkg:pypi/markdown-it-py@2.1.0" + "cpe": "cpe:/a:chris_sewell:markdown-it-py:2.2.0", + "purl": "pkg:pypi/markdown-it-py@2.2.0" }, { "type": "library", @@ -852,9 +852,9 @@ "type": "library", "bom-ref": "57-xmlschema", "name": "xmlschema", - "version": "2.1.1", + "version": "2.2.2", "author": "Davide Brunato", - "cpe": "cpe:/a:davide_brunato:xmlschema:2.1.1", + "cpe": "cpe:/a:davide_brunato:xmlschema:2.2.2", "licenses": [ { "license": { @@ -863,15 +863,15 @@ } } ], - "purl": "pkg:pypi/xmlschema@2.1.1" + "purl": "pkg:pypi/xmlschema@2.2.2" }, { "type": "library", "bom-ref": "58-elementpath", "name": "elementpath", - "version": "3.0.2", + "version": "4.0.1", "author": "Davide Brunato", - "cpe": "cpe:/a:davide_brunato:elementpath:3.0.2", + "cpe": "cpe:/a:davide_brunato:elementpath:4.0.1", "licenses": [ { "license": { @@ -880,16 +880,16 @@ } } ], - "purl": "pkg:pypi/elementpath@3.0.2" + "purl": "pkg:pypi/elementpath@4.0.1" }, { "type": "library", "bom-ref": "59-zstandard", "name": "zstandard", - "version": "0.19.0", + "version": "0.20.0", "author": "Gregory Szorc", - "cpe": "cpe:/a:gregory_szorc:zstandard:0.19.0", - "purl": "pkg:pypi/zstandard@0.19.0" + "cpe": "cpe:/a:gregory_szorc:zstandard:0.20.0", + "purl": "pkg:pypi/zstandard@0.20.0" } ], "dependencies": [ diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx index 84d770fd06..0701cdac9d 100644 --- a/sbom/cve-bin-tool-py3.10.spdx +++ b/sbom/cve-bin-tool-py3.10.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-4348ce8a-c0db-4e46-a2ad-09ec503018f0 +DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-7a1a0227-6e1d-4b1d-8dc3-4d28284d9fb4 LicenseListVersion: 3.18 Creator: Tool: sbom4python-0.7.0 -Created: 2023-01-30T00:22:56Z +Created: 2023-03-06T01:50:57Z CreatorComment: This document has been automatically generated. ##### @@ -26,14 +26,14 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1.dev0:*:*: PackageName: aiohttp SPDXID: SPDXRef-Package-2-aiohttp PackageSupplier: NOASSERTION -PackageVersion: 3.8.3 +PackageVersion: 3.8.4 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.3 +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.4 ##### PackageName: aiosignal @@ -92,16 +92,16 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:22.2.0:*:*:*:*:* PackageName: charset-normalizer SPDXID: SPDXRef-Package-7-charset-normalizer -PackageSupplier: Organization: Ahmed TAHRI Ousret (ahmed.tahri@cloudnursery.dev) -PackageVersion: 2.1.1 +PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev) +PackageVersion: 3.0.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@2.1.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri_ousret:charset-normalizer:2.1.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.0.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.0.1:*:*:*:*:*:*:* ##### PackageName: multidict @@ -149,29 +149,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.4:*:*:*:*:*:*:* PackageName: beautifulsoup4 SPDXID: SPDXRef-Package-11-beautifulsoup4 PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org) -PackageVersion: 4.11.1 +PackageVersion: 4.11.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.11.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.11.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.2:*:*:*:*:*:*:* ##### PackageName: soupsieve SPDXID: SPDXRef-Package-12-soupsieve PackageSupplier: Person: Isaac Muse (use@gmail.com) -PackageVersion: 2.3.2.post1 +PackageVersion: 2.4 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/soupsieve@2.3.2.post1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.3.2.post1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/soupsieve@2.4 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.4:*:*:*:*:*:*:* ##### PackageName: cvss @@ -219,29 +219,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:* PackageName: gsutil SPDXID: SPDXRef-Package-16-gsutil PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com) -PackageVersion: 5.19 +PackageVersion: 5.21 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.19 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.19:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.21 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.21:*:*:*:*:*:*:* ##### PackageName: argcomplete SPDXID: SPDXRef-Package-17-argcomplete PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com) -PackageVersion: 2.0.0 +PackageVersion: 2.0.5 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache Software License PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@2.0.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:2.0.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@2.0.5 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:2.0.5:*:*:*:*:*:*:* ##### PackageName: crcmod @@ -443,15 +443,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23. PackageName: cryptography SPDXID: SPDXRef-Package-32-cryptography PackageSupplier: Organization: The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) -PackageVersion: 39.0.0 +PackageVersion: 39.0.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0 PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.2:*:*:*:*:*:*:* ##### PackageName: cffi @@ -513,15 +513,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:* PackageName: google-auth SPDXID: SPDXRef-Package-37-google-auth PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com) -PackageVersion: 2.16.0 +PackageVersion: 2.16.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.16.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.16.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.16.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.16.2:*:*:*:*:*:*:* ##### PackageName: cachetools @@ -625,29 +625,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut PackageName: plotly SPDXID: SPDXRef-Package-45-plotly PackageSupplier: Person: Chris P (chris@plot.ly) -PackageVersion: 5.13.0 +PackageVersion: 5.13.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.13.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.13.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.1:*:*:*:*:*:*:* ##### PackageName: tenacity SPDXID: SPDXRef-Package-46-tenacity PackageSupplier: Person: Julien Danjou (julien@danjou.info) -PackageVersion: 8.1.0 +PackageVersion: 8.2.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.1.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.1.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.2.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.2:*:*:*:*:*:*:* ##### PackageName: pyyaml @@ -709,29 +709,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:1.26.14:*:*:*:*: PackageName: rich SPDXID: SPDXRef-Package-51-rich PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com) -PackageVersion: 13.3.1 +PackageVersion: 13.3.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.3.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.3.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.3.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.3.2:*:*:*:*:*:*:* ##### PackageName: markdown-it-py SPDXID: SPDXRef-Package-52-markdown-it-py PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com) -PackageVersion: 2.1.0 +PackageVersion: 2.2.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@2.1.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.1.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@2.2.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:*:*:*:*:* ##### PackageName: mdurl @@ -793,43 +793,43 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*: PackageName: xmlschema SPDXID: SPDXRef-Package-57-xmlschema PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageVersion: 2.1.1 +PackageVersion: 2.2.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.1.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.1.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.2.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.2.2:*:*:*:*:*:*:* ##### PackageName: elementpath SPDXID: SPDXRef-Package-58-elementpath PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageVersion: 3.0.2 +PackageVersion: 4.0.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@3.0.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:3.0.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.0.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.0.1:*:*:*:*:*:*:* ##### PackageName: zstandard SPDXID: SPDXRef-Package-59-zstandard PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com) -PackageVersion: 0.19.0 +PackageVersion: 0.20.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license BSD PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zstandard@0.19.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.19.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zstandard@0.20.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.20.0:*:*:*:*:*:*:* Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-Package-1-cve-bin-tool Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-11-beautifulsoup4 Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-13-cvss