Skip to content

Commit

Permalink
Merge branch 'main' into basic_execution_test_for_EPSS
Browse files Browse the repository at this point in the history
  • Loading branch information
weichslgartner authored Oct 24, 2024
2 parents a7de5d6 + 17dd101 commit 0dfb6a5
Show file tree
Hide file tree
Showing 10 changed files with 156 additions and 156 deletions.
34 changes: 17 additions & 17 deletions sbom/cve-bin-tool-py3.10.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:a5e0c026-91a3-4855-9af9-1ce110a8c7a6",
"serialNumber": "urn:uuid:56360034-11b1-4e31-8643-843d5a966243",
"version": 1,
"metadata": {
"timestamp": "2024-10-14T00:37:59Z",
"timestamp": "2024-10-21T00:38:03Z",
"lifecycles": [
{
"phase": "build"
Expand Down Expand Up @@ -432,7 +432,7 @@
"type": "library",
"bom-ref": "10-yarl",
"name": "yarl",
"version": "1.15.2",
"version": "1.15.5",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
Expand All @@ -441,7 +441,7 @@
}
]
},
"cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.15.5:*:*:*:*:*:*:*",
"description": "Yet another URL library",
"licenses": [
{
Expand All @@ -459,12 +459,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/yarl/1.15.2/#files",
"url": "https://pypi.org/project/yarl/1.15.5/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].2",
"purl": "pkg:pypi/[email protected].5",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -1865,7 +1865,7 @@
"type": "library",
"bom-ref": "38-cryptography",
"name": "cryptography",
"version": "43.0.1",
"version": "43.0.3",
"supplier": {
"name": "The cryptography developers The Python Cryptographic Authority and individual contributors",
"contact": [
Expand All @@ -1874,7 +1874,7 @@
}
]
},
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
Expand All @@ -1888,12 +1888,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/cryptography/43.0.1/#files",
"url": "https://pypi.org/project/cryptography/43.0.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].1",
"purl": "pkg:pypi/[email protected].3",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -2224,16 +2224,16 @@
"type": "library",
"bom-ref": "45-markupsafe",
"name": "markupsafe",
"version": "3.0.1",
"version": "3.0.2",
"description": "Safely add untrusted strings to HTML/XML markup.",
"externalReferences": [
{
"url": "https://pypi.org/project/markupsafe/3.0.1/#files",
"url": "https://pypi.org/project/markupsafe/3.0.2/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].1",
"purl": "pkg:pypi/[email protected].2",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -3382,7 +3382,7 @@
"type": "library",
"bom-ref": "69-setuptools",
"name": "setuptools",
"version": "75.1.0",
"version": "75.2.0",
"supplier": {
"name": "Python Packaging Authority",
"contact": [
Expand All @@ -3391,16 +3391,16 @@
}
]
},
"cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*",
"description": "Easily download, build, install, upgrade, and uninstall Python packages",
"externalReferences": [
{
"url": "https://pypi.org/project/setuptools/75.1.0/#files",
"url": "https://pypi.org/project/setuptools/75.2.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/setuptools@75.1.0",
"purl": "pkg:pypi/setuptools@75.2.0",
"properties": [
{
"name": "language",
Expand Down
34 changes: 17 additions & 17 deletions sbom/cve-bin-tool-py3.10.spdx
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ff67aa04-d128-488e-a249-c4c783ec6756
DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-31c41ad2-71db-4400-b6a9-3897d659df61
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.11.3
Created: 2024-10-14T00:36:51Z
Created: 2024-10-21T00:37:15Z
CreatorComment: <text>This document has been automatically generated.</text>
#####

Expand Down Expand Up @@ -157,18 +157,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-e

PackageName: yarl
SPDXID: SPDXRef-10-yarl
PackageVersion: 1.15.2
PackageVersion: 1.15.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov ([email protected])
PackageDownloadLocation: https://pypi.org/project/yarl/1.15.2/#files
PackageDownloadLocation: https://pypi.org/project/yarl/1.15.5/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/yarl
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: <text>Yet another URL library</text>
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].5
ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.15.5:*:*:*:*:*:*:*
#####

PackageName: idna
Expand Down Expand Up @@ -632,18 +632,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.

PackageName: cryptography
SPDXID: SPDXRef-38-cryptography
PackageVersion: 43.0.1
PackageVersion: 43.0.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors ([email protected])
PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.1/#files
PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.3/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/pyca/cryptography
PackageLicenseDeclared: Apache-2.0 OR BSD-3-Clause
PackageLicenseConcluded: Apache-2.0 OR BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: <text>cryptography is a package which provides cryptographic recipes and primitives to Python developers.</text>
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].3
ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
#####

PackageName: cffi
Expand Down Expand Up @@ -749,17 +749,17 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected]

PackageName: markupsafe
SPDXID: SPDXRef-45-markupsafe
PackageVersion: 3.0.1
PackageVersion: 3.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
PackageDownloadLocation: https://pypi.org/project/markupsafe/3.0.1/#files
PackageDownloadLocation: https://pypi.org/project/markupsafe/3.0.2/#files
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageLicenseComments: <text>markupsafe declares Copyright 2010 Pallets which is not currently a valid SPDX License identifier or expression.</text>
PackageCopyrightText: NOASSERTION
PackageSummary: <text>Safely add untrusted strings to HTML/XML markup.</text>
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].1
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/[email protected].2
#####

PackageName: jsonschema
Expand Down Expand Up @@ -1146,17 +1146,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*

PackageName: setuptools
SPDXID: SPDXRef-69-setuptools
PackageVersion: 75.1.0
PackageVersion: 75.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Python Packaging Authority ([email protected])
PackageDownloadLocation: https://pypi.org/project/setuptools/75.1.0/#files
PackageDownloadLocation: https://pypi.org/project/setuptools/75.2.0/#files
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: <text>Easily download, build, install, upgrade, and uninstall Python packages</text>
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.1.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*
ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.2.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*
#####

PackageName: toml
Expand Down
34 changes: 17 additions & 17 deletions sbom/cve-bin-tool-py3.11.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:5f8b0ff8-2835-4eef-868a-1d5a08b3d324",
"serialNumber": "urn:uuid:d5e538e5-15fc-467b-9af5-fdbadcd9bc9e",
"version": 1,
"metadata": {
"timestamp": "2024-10-14T00:37:17Z",
"timestamp": "2024-10-21T00:38:07Z",
"lifecycles": [
{
"phase": "build"
Expand Down Expand Up @@ -340,7 +340,7 @@
"type": "library",
"bom-ref": "8-yarl",
"name": "yarl",
"version": "1.15.2",
"version": "1.15.5",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
Expand All @@ -349,7 +349,7 @@
}
]
},
"cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.15.5:*:*:*:*:*:*:*",
"description": "Yet another URL library",
"licenses": [
{
Expand All @@ -367,12 +367,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/yarl/1.15.2/#files",
"url": "https://pypi.org/project/yarl/1.15.5/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].2",
"purl": "pkg:pypi/[email protected].5",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -1773,7 +1773,7 @@
"type": "library",
"bom-ref": "36-cryptography",
"name": "cryptography",
"version": "43.0.1",
"version": "43.0.3",
"supplier": {
"name": "The cryptography developers The Python Cryptographic Authority and individual contributors",
"contact": [
Expand All @@ -1782,7 +1782,7 @@
}
]
},
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
Expand All @@ -1796,12 +1796,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/cryptography/43.0.1/#files",
"url": "https://pypi.org/project/cryptography/43.0.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].1",
"purl": "pkg:pypi/[email protected].3",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -2132,16 +2132,16 @@
"type": "library",
"bom-ref": "43-markupsafe",
"name": "markupsafe",
"version": "3.0.1",
"version": "3.0.2",
"description": "Safely add untrusted strings to HTML/XML markup.",
"externalReferences": [
{
"url": "https://pypi.org/project/markupsafe/3.0.1/#files",
"url": "https://pypi.org/project/markupsafe/3.0.2/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].1",
"purl": "pkg:pypi/[email protected].2",
"properties": [
{
"name": "language",
Expand Down Expand Up @@ -3290,7 +3290,7 @@
"type": "library",
"bom-ref": "67-setuptools",
"name": "setuptools",
"version": "75.1.0",
"version": "75.2.0",
"supplier": {
"name": "Python Packaging Authority",
"contact": [
Expand All @@ -3299,16 +3299,16 @@
}
]
},
"cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*",
"description": "Easily download, build, install, upgrade, and uninstall Python packages",
"externalReferences": [
{
"url": "https://pypi.org/project/setuptools/75.1.0/#files",
"url": "https://pypi.org/project/setuptools/75.2.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/setuptools@75.1.0",
"purl": "pkg:pypi/setuptools@75.2.0",
"properties": [
{
"name": "language",
Expand Down
Loading

0 comments on commit 0dfb6a5

Please sign in to comment.