diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json
index 72a9a26332..f479b4073c 100644
--- a/sbom/cve-bin-tool-py3.10.json
+++ b/sbom/cve-bin-tool-py3.10.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:6e552fed-4009-40c8-963a-a1103b9e34b5",
+ "serialNumber": "urn:uuid:a5e0c026-91a3-4855-9af9-1ce110a8c7a6",
"version": 1,
"metadata": {
- "timestamp": "2024-10-07T00:38:19Z",
+ "timestamp": "2024-10-14T00:37:59Z",
"lifecycles": [
{
"phase": "build"
@@ -79,7 +79,7 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
- "version": "3.10.9",
+ "version": "3.10.10",
"description": "Async http client/server framework (asyncio)",
"licenses": [
{
@@ -97,12 +97,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/aiohttp/3.10.9/#files",
+ "url": "https://pypi.org/project/aiohttp/3.10.10/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/aiohttp@3.10.9",
+ "purl": "pkg:pypi/aiohttp@3.10.10",
"properties": [
{
"name": "language",
@@ -432,7 +432,7 @@
"type": "library",
"bom-ref": "10-yarl",
"name": "yarl",
- "version": "1.13.1",
+ "version": "1.15.2",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -441,7 +441,7 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.13.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*",
"description": "Yet another URL library",
"licenses": [
{
@@ -459,12 +459,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/yarl/1.13.1/#files",
+ "url": "https://pypi.org/project/yarl/1.15.2/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/yarl@1.13.1",
+ "purl": "pkg:pypi/yarl@1.15.2",
"properties": [
{
"name": "language",
@@ -512,7 +512,55 @@
},
{
"type": "library",
- "bom-ref": "12-beautifulsoup4",
+ "bom-ref": "12-propcache",
+ "name": "propcache",
+ "version": "0.2.0",
+ "supplier": {
+ "name": "Andrew Svetlov",
+ "contact": [
+ {
+ "email": "andrew.svetlov@gmail.com"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*",
+ "description": "Accelerated property cache",
+ "licenses": [
+ {
+ "license": {
+ "id": "Apache-2.0",
+ "url": "https://www.apache.org/licenses/LICENSE-2.0",
+ "acknowledgement": "concluded"
+ }
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://github.com/aio-libs/propcache",
+ "type": "website",
+ "comment": "Home page for project"
+ },
+ {
+ "url": "https://pypi.org/project/propcache/0.2.0/#files",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/propcache@0.2.0",
+ "properties": [
+ {
+ "name": "language",
+ "value": "Python"
+ },
+ {
+ "name": "python_version",
+ "value": "3.10.15"
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "13-beautifulsoup4",
"name": "beautifulsoup4",
"version": "4.12.3",
"supplier": {
@@ -564,7 +612,7 @@
},
{
"type": "library",
- "bom-ref": "13-soupsieve",
+ "bom-ref": "14-soupsieve",
"name": "soupsieve",
"version": "2.6",
"supplier": {
@@ -603,7 +651,7 @@
},
{
"type": "library",
- "bom-ref": "14-cvss",
+ "bom-ref": "15-cvss",
"name": "cvss",
"version": "3.2",
"supplier": {
@@ -651,7 +699,7 @@
},
{
"type": "library",
- "bom-ref": "15-defusedxml",
+ "bom-ref": "16-defusedxml",
"name": "defusedxml",
"version": "0.7.1",
"supplier": {
@@ -709,7 +757,7 @@
},
{
"type": "library",
- "bom-ref": "16-distro",
+ "bom-ref": "17-distro",
"name": "distro",
"version": "1.9.0",
"supplier": {
@@ -761,7 +809,7 @@
},
{
"type": "library",
- "bom-ref": "17-filetype",
+ "bom-ref": "18-filetype",
"name": "filetype",
"version": "1.2.0",
"supplier": {
@@ -819,9 +867,9 @@
},
{
"type": "library",
- "bom-ref": "18-gsutil",
+ "bom-ref": "19-gsutil",
"name": "gsutil",
- "version": "5.30",
+ "version": "5.31",
"supplier": {
"name": "Google Inc .",
"contact": [
@@ -830,7 +878,7 @@
}
]
},
- "cpe": "cpe:2.3:a:google_inc.:gsutil:5.30:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*",
"description": "A command line tool for interacting with cloud storage services.",
"licenses": [
{
@@ -848,12 +896,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/gsutil/5.30/#files",
+ "url": "https://pypi.org/project/gsutil/5.31/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/gsutil@5.30",
+ "purl": "pkg:pypi/gsutil@5.31",
"properties": [
{
"name": "language",
@@ -867,9 +915,9 @@
},
{
"type": "library",
- "bom-ref": "19-argcomplete",
+ "bom-ref": "20-argcomplete",
"name": "argcomplete",
- "version": "3.5.0",
+ "version": "3.5.1",
"supplier": {
"name": "Andrey Kislyuk",
"contact": [
@@ -878,7 +926,7 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*",
"description": "Bash tab completion for argparse",
"licenses": [
{
@@ -896,12 +944,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/argcomplete/3.5.0/#files",
+ "url": "https://pypi.org/project/argcomplete/3.5.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/argcomplete@3.5.0",
+ "purl": "pkg:pypi/argcomplete@3.5.1",
"properties": [
{
"name": "language",
@@ -915,7 +963,7 @@
},
{
"type": "library",
- "bom-ref": "20-crcmod",
+ "bom-ref": "21-crcmod",
"name": "crcmod",
"version": "1.7",
"supplier": {
@@ -963,7 +1011,7 @@
},
{
"type": "library",
- "bom-ref": "21-fasteners",
+ "bom-ref": "22-fasteners",
"name": "fasteners",
"version": "0.19",
"supplier": {
@@ -1012,7 +1060,7 @@
},
{
"type": "library",
- "bom-ref": "22-gcs-oauth2-boto-plugin",
+ "bom-ref": "23-gcs-oauth2-boto-plugin",
"name": "gcs-oauth2-boto-plugin",
"version": "3.2",
"supplier": {
@@ -1070,7 +1118,7 @@
},
{
"type": "library",
- "bom-ref": "23-boto",
+ "bom-ref": "24-boto",
"name": "boto",
"version": "2.49.0",
"supplier": {
@@ -1128,7 +1176,7 @@
},
{
"type": "library",
- "bom-ref": "24-google-auth",
+ "bom-ref": "25-google-auth",
"name": "google-auth",
"version": "2.17.0",
"supplier": {
@@ -1182,7 +1230,7 @@
},
{
"type": "library",
- "bom-ref": "25-cachetools",
+ "bom-ref": "26-cachetools",
"name": "cachetools",
"version": "5.5.0",
"supplier": {
@@ -1230,7 +1278,7 @@
},
{
"type": "library",
- "bom-ref": "26-pyasn1-modules",
+ "bom-ref": "27-pyasn1-modules",
"name": "pyasn1-modules",
"version": "0.4.1",
"supplier": {
@@ -1278,7 +1326,7 @@
},
{
"type": "library",
- "bom-ref": "27-pyasn1",
+ "bom-ref": "28-pyasn1",
"name": "pyasn1",
"version": "0.6.1",
"supplier": {
@@ -1326,7 +1374,7 @@
},
{
"type": "library",
- "bom-ref": "28-rsa",
+ "bom-ref": "29-rsa",
"name": "rsa",
"version": "4.7.2",
"supplier": {
@@ -1384,7 +1432,7 @@
},
{
"type": "library",
- "bom-ref": "29-six",
+ "bom-ref": "30-six",
"name": "six",
"version": "1.16.0",
"supplier": {
@@ -1442,7 +1490,7 @@
},
{
"type": "library",
- "bom-ref": "30-google-auth-httplib2",
+ "bom-ref": "31-google-auth-httplib2",
"name": "google-auth-httplib2",
"version": "0.2.0",
"supplier": {
@@ -1500,7 +1548,7 @@
},
{
"type": "library",
- "bom-ref": "31-httplib2",
+ "bom-ref": "32-httplib2",
"name": "httplib2",
"version": "0.20.4",
"supplier": {
@@ -1554,9 +1602,9 @@
},
{
"type": "library",
- "bom-ref": "32-pyparsing",
+ "bom-ref": "33-pyparsing",
"name": "pyparsing",
- "version": "3.1.4",
+ "version": "3.2.0",
"supplier": {
"name": "Paul McGuire",
"contact": [
@@ -1565,7 +1613,7 @@
}
]
},
- "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*",
"description": "pyparsing module - Classes and methods to define and execute parsing grammars",
"externalReferences": [
{
@@ -1574,12 +1622,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/pyparsing/3.1.4/#files",
+ "url": "https://pypi.org/project/pyparsing/3.2.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyparsing@3.1.4",
+ "purl": "pkg:pypi/pyparsing@3.2.0",
"properties": [
{
"name": "language",
@@ -1593,7 +1641,7 @@
},
{
"type": "library",
- "bom-ref": "33-google-reauth",
+ "bom-ref": "34-google-reauth",
"name": "google-reauth",
"version": "0.1.1",
"supplier": {
@@ -1651,7 +1699,7 @@
},
{
"type": "library",
- "bom-ref": "34-pyu2f",
+ "bom-ref": "35-pyu2f",
"name": "pyu2f",
"version": "0.1.5",
"supplier": {
@@ -1709,7 +1757,7 @@
},
{
"type": "library",
- "bom-ref": "35-oauth2client",
+ "bom-ref": "36-oauth2client",
"name": "oauth2client",
"version": "4.1.3",
"supplier": {
@@ -1767,7 +1815,7 @@
},
{
"type": "library",
- "bom-ref": "36-pyopenssl",
+ "bom-ref": "37-pyopenssl",
"name": "pyopenssl",
"version": "24.2.1",
"supplier": {
@@ -1815,7 +1863,7 @@
},
{
"type": "library",
- "bom-ref": "37-cryptography",
+ "bom-ref": "38-cryptography",
"name": "cryptography",
"version": "43.0.1",
"supplier": {
@@ -1859,7 +1907,7 @@
},
{
"type": "library",
- "bom-ref": "38-cffi",
+ "bom-ref": "39-cffi",
"name": "cffi",
"version": "1.17.1",
"supplier": {
@@ -1907,7 +1955,7 @@
},
{
"type": "library",
- "bom-ref": "39-pycparser",
+ "bom-ref": "40-pycparser",
"name": "pycparser",
"version": "2.22",
"supplier": {
@@ -1965,7 +2013,7 @@
},
{
"type": "library",
- "bom-ref": "40-retry-decorator",
+ "bom-ref": "41-retry-decorator",
"name": "retry-decorator",
"version": "1.1.1",
"supplier": {
@@ -2023,7 +2071,7 @@
},
{
"type": "library",
- "bom-ref": "41-google-apitools",
+ "bom-ref": "42-google-apitools",
"name": "google-apitools",
"version": "0.5.32",
"supplier": {
@@ -2081,7 +2129,7 @@
},
{
"type": "library",
- "bom-ref": "42-monotonic",
+ "bom-ref": "43-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
@@ -2139,7 +2187,7 @@
},
{
"type": "library",
- "bom-ref": "43-jinja2",
+ "bom-ref": "44-jinja2",
"name": "jinja2",
"version": "3.1.4",
"description": "A very fast and expressive template engine.",
@@ -2174,38 +2222,18 @@
},
{
"type": "library",
- "bom-ref": "44-markupsafe",
+ "bom-ref": "45-markupsafe",
"name": "markupsafe",
- "version": "2.1.5",
+ "version": "3.0.1",
"description": "Safely add untrusted strings to HTML/XML markup.",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "fbba4acd0312826cec9cfe18371c7df07962cb65"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "BSD-3-Clause",
- "url": "https://opensource.org/licenses/BSD-3-Clause",
- "acknowledgement": "concluded"
- }
- }
- ],
"externalReferences": [
{
- "url": "https://palletsprojects.com/p/markupsafe/",
- "type": "website",
- "comment": "Home page for project"
- },
- {
- "url": "https://pypi.org/project/markupsafe/2.1.5/#files",
+ "url": "https://pypi.org/project/markupsafe/3.0.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/markupsafe@2.1.5",
+ "purl": "pkg:pypi/markupsafe@3.0.1",
"properties": [
{
"name": "language",
@@ -2214,16 +2242,12 @@
{
"name": "python_version",
"value": "3.10.15"
- },
- {
- "name": "package_release_date",
- "value": "2024-02-02T16:30:04.000Z"
}
]
},
{
"type": "library",
- "bom-ref": "45-jsonschema",
+ "bom-ref": "46-jsonschema",
"name": "jsonschema",
"version": "4.23.0",
"supplier": {
@@ -2271,9 +2295,9 @@
},
{
"type": "library",
- "bom-ref": "46-jsonschema-specifications",
+ "bom-ref": "47-jsonschema-specifications",
"name": "jsonschema-specifications",
- "version": "2023.12.1",
+ "version": "2024.10.1",
"supplier": {
"name": "Julian Berman",
"contact": [
@@ -2282,21 +2306,12 @@
}
]
},
- "cpe": "cpe:2.3:a:julian_berman:jsonschema-specifications:2023.12.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*",
"description": "The JSON Schema meta-schemas and vocabularies, exposed as a Registry",
"hashes": [
{
"alg": "SHA-1",
- "content": "544e0ff86850af1c6d9e533c4b58b76c59542a76"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "MIT",
- "url": "https://opensource.org/licenses/MIT",
- "acknowledgement": "concluded"
- }
+ "content": "09f6f17a46ecf03e314df0e6fa14d57db210a549"
}
],
"externalReferences": [
@@ -2306,12 +2321,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/jsonschema-specifications/2023.12.1/#files",
+ "url": "https://pypi.org/project/jsonschema-specifications/2024.10.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/jsonschema-specifications@2023.12.1",
+ "purl": "pkg:pypi/jsonschema-specifications@2024.10.1",
"properties": [
{
"name": "language",
@@ -2320,16 +2335,12 @@
{
"name": "python_version",
"value": "3.10.15"
- },
- {
- "name": "package_release_date",
- "value": "2023-12-25T15:16:51.000Z"
}
]
},
{
"type": "library",
- "bom-ref": "47-referencing",
+ "bom-ref": "48-referencing",
"name": "referencing",
"version": "0.35.1",
"supplier": {
@@ -2378,7 +2389,7 @@
},
{
"type": "library",
- "bom-ref": "48-rpds-py",
+ "bom-ref": "49-rpds-py",
"name": "rpds-py",
"version": "0.20.0",
"supplier": {
@@ -2432,7 +2443,7 @@
},
{
"type": "library",
- "bom-ref": "49-lib4sbom",
+ "bom-ref": "50-lib4sbom",
"name": "lib4sbom",
"version": "0.7.5",
"supplier": {
@@ -2480,7 +2491,7 @@
},
{
"type": "library",
- "bom-ref": "50-pyyaml",
+ "bom-ref": "51-pyyaml",
"name": "pyyaml",
"version": "6.0.2",
"supplier": {
@@ -2528,7 +2539,7 @@
},
{
"type": "library",
- "bom-ref": "51-semantic-version",
+ "bom-ref": "52-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
@@ -2586,7 +2597,7 @@
},
{
"type": "library",
- "bom-ref": "52-lib4vex",
+ "bom-ref": "53-lib4vex",
"name": "lib4vex",
"version": "0.2.0",
"supplier": {
@@ -2640,7 +2651,7 @@
},
{
"type": "library",
- "bom-ref": "53-csaf-tool",
+ "bom-ref": "54-csaf-tool",
"name": "csaf-tool",
"version": "0.3.2",
"supplier": {
@@ -2694,7 +2705,7 @@
},
{
"type": "library",
- "bom-ref": "54-packageurl-python",
+ "bom-ref": "55-packageurl-python",
"name": "packageurl-python",
"version": "0.15.6",
"supplier": {
@@ -2743,7 +2754,7 @@
},
{
"type": "library",
- "bom-ref": "55-rich",
+ "bom-ref": "56-rich",
"name": "rich",
"version": "13.9.2",
"supplier": {
@@ -2791,7 +2802,7 @@
},
{
"type": "library",
- "bom-ref": "56-markdown-it-py",
+ "bom-ref": "57-markdown-it-py",
"name": "markdown-it-py",
"version": "3.0.0",
"supplier": {
@@ -2840,7 +2851,7 @@
},
{
"type": "library",
- "bom-ref": "57-mdurl",
+ "bom-ref": "58-mdurl",
"name": "mdurl",
"version": "0.1.2",
"supplier": {
@@ -2889,7 +2900,7 @@
},
{
"type": "library",
- "bom-ref": "58-pygments",
+ "bom-ref": "59-pygments",
"name": "pygments",
"version": "2.18.0",
"supplier": {
@@ -2947,7 +2958,7 @@
},
{
"type": "library",
- "bom-ref": "59-packaging",
+ "bom-ref": "60-packaging",
"name": "packaging",
"version": "24.1",
"supplier": {
@@ -2981,7 +2992,7 @@
},
{
"type": "library",
- "bom-ref": "60-plotly",
+ "bom-ref": "61-plotly",
"name": "plotly",
"version": "5.24.1",
"supplier": {
@@ -3029,7 +3040,7 @@
},
{
"type": "library",
- "bom-ref": "61-tenacity",
+ "bom-ref": "62-tenacity",
"name": "tenacity",
"version": "9.0.0",
"supplier": {
@@ -3083,7 +3094,7 @@
},
{
"type": "library",
- "bom-ref": "62-python-gnupg",
+ "bom-ref": "63-python-gnupg",
"name": "python-gnupg",
"version": "0.5.3",
"supplier": {
@@ -3131,7 +3142,7 @@
},
{
"type": "library",
- "bom-ref": "63-requests",
+ "bom-ref": "64-requests",
"name": "requests",
"version": "2.32.3",
"supplier": {
@@ -3185,7 +3196,7 @@
},
{
"type": "library",
- "bom-ref": "64-certifi",
+ "bom-ref": "65-certifi",
"name": "certifi",
"version": "2024.8.30",
"supplier": {
@@ -3233,25 +3244,19 @@
},
{
"type": "library",
- "bom-ref": "65-charset-normalizer",
+ "bom-ref": "66-charset-normalizer",
"name": "charset-normalizer",
- "version": "3.3.2",
+ "version": "3.4.0",
"supplier": {
"name": "Ahmed TAHRI",
"contact": [
{
- "email": "ahmed.tahri@cloudnursery.dev"
+ "email": "tahri.ahmed@proton.me"
}
]
},
- "cpe": "cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*",
"description": "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "79dce4857914fead2ffe55eb787cad6d5cf14643"
- }
- ],
"licenses": [
{
"license": {
@@ -3268,12 +3273,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/charset-normalizer/3.3.2/#files",
+ "url": "https://pypi.org/project/charset-normalizer/3.4.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/charset-normalizer@3.3.2",
+ "purl": "pkg:pypi/charset-normalizer@3.4.0",
"properties": [
{
"name": "language",
@@ -3282,16 +3287,12 @@
{
"name": "python_version",
"value": "3.10.15"
- },
- {
- "name": "package_release_date",
- "value": "2023-11-01T04:02:29.000Z"
}
]
},
{
"type": "library",
- "bom-ref": "66-urllib3",
+ "bom-ref": "67-urllib3",
"name": "urllib3",
"version": "2.2.3",
"supplier": {
@@ -3325,7 +3326,7 @@
},
{
"type": "library",
- "bom-ref": "67-rpmfile",
+ "bom-ref": "68-rpmfile",
"name": "rpmfile",
"version": "2.1.0",
"supplier": {
@@ -3379,7 +3380,7 @@
},
{
"type": "library",
- "bom-ref": "68-setuptools",
+ "bom-ref": "69-setuptools",
"name": "setuptools",
"version": "75.1.0",
"supplier": {
@@ -3413,7 +3414,7 @@
},
{
"type": "library",
- "bom-ref": "69-toml",
+ "bom-ref": "70-toml",
"name": "toml",
"version": "0.10.2",
"supplier": {
@@ -3471,7 +3472,7 @@
},
{
"type": "library",
- "bom-ref": "70-xmlschema",
+ "bom-ref": "71-xmlschema",
"name": "xmlschema",
"version": "3.4.2",
"supplier": {
@@ -3519,7 +3520,7 @@
},
{
"type": "library",
- "bom-ref": "71-elementpath",
+ "bom-ref": "72-elementpath",
"name": "elementpath",
"version": "4.5.0",
"supplier": {
@@ -3567,7 +3568,7 @@
},
{
"type": "library",
- "bom-ref": "72-zipp",
+ "bom-ref": "73-zipp",
"name": "zipp",
"version": "3.20.2",
"supplier": {
@@ -3601,7 +3602,7 @@
},
{
"type": "library",
- "bom-ref": "73-zstandard",
+ "bom-ref": "74-zstandard",
"name": "zstandard",
"version": "0.23.0",
"supplier": {
@@ -3659,30 +3660,30 @@
"ref": "1-cve-bin-tool",
"dependsOn": [
"2-aiohttp",
- "12-beautifulsoup4",
- "14-cvss",
- "15-defusedxml",
- "16-distro",
- "17-filetype",
- "18-gsutil",
- "43-jinja2",
- "45-jsonschema",
- "49-lib4sbom",
- "52-lib4vex",
- "54-packageurl-python",
- "59-packaging",
- "60-plotly",
- "62-python-gnupg",
- "50-pyyaml",
- "63-requests",
- "55-rich",
- "67-rpmfile",
- "68-setuptools",
- "69-toml",
- "66-urllib3",
- "70-xmlschema",
- "72-zipp",
- "73-zstandard"
+ "13-beautifulsoup4",
+ "15-cvss",
+ "16-defusedxml",
+ "17-distro",
+ "18-filetype",
+ "19-gsutil",
+ "44-jinja2",
+ "46-jsonschema",
+ "50-lib4sbom",
+ "53-lib4vex",
+ "55-packageurl-python",
+ "60-packaging",
+ "61-plotly",
+ "63-python-gnupg",
+ "51-pyyaml",
+ "64-requests",
+ "56-rich",
+ "68-rpmfile",
+ "69-setuptools",
+ "70-toml",
+ "67-urllib3",
+ "71-xmlschema",
+ "73-zipp",
+ "74-zstandard"
]
},
{
@@ -3713,216 +3714,217 @@
"ref": "10-yarl",
"dependsOn": [
"11-idna",
- "8-multidict"
+ "8-multidict",
+ "12-propcache"
]
},
{
- "ref": "12-beautifulsoup4",
+ "ref": "13-beautifulsoup4",
"dependsOn": [
- "13-soupsieve"
+ "14-soupsieve"
]
},
{
- "ref": "18-gsutil",
+ "ref": "19-gsutil",
"dependsOn": [
- "19-argcomplete",
- "20-crcmod",
- "21-fasteners",
- "22-gcs-oauth2-boto-plugin",
- "41-google-apitools",
- "24-google-auth",
- "30-google-auth-httplib2",
- "33-google-reauth",
- "31-httplib2",
- "42-monotonic",
- "36-pyopenssl",
- "40-retry-decorator",
- "29-six"
- ]
- },
- {
- "ref": "22-gcs-oauth2-boto-plugin",
+ "20-argcomplete",
+ "21-crcmod",
+ "22-fasteners",
+ "23-gcs-oauth2-boto-plugin",
+ "42-google-apitools",
+ "25-google-auth",
+ "31-google-auth-httplib2",
+ "34-google-reauth",
+ "32-httplib2",
+ "43-monotonic",
+ "37-pyopenssl",
+ "41-retry-decorator",
+ "30-six"
+ ]
+ },
+ {
+ "ref": "23-gcs-oauth2-boto-plugin",
"dependsOn": [
- "23-boto",
- "24-google-auth",
- "30-google-auth-httplib2",
- "33-google-reauth",
- "31-httplib2",
- "35-oauth2client",
- "36-pyopenssl",
- "40-retry-decorator",
- "28-rsa",
- "29-six"
+ "24-boto",
+ "25-google-auth",
+ "31-google-auth-httplib2",
+ "34-google-reauth",
+ "32-httplib2",
+ "36-oauth2client",
+ "37-pyopenssl",
+ "41-retry-decorator",
+ "29-rsa",
+ "30-six"
]
},
{
- "ref": "24-google-auth",
+ "ref": "25-google-auth",
"dependsOn": [
- "25-cachetools",
- "26-pyasn1-modules",
- "28-rsa",
- "29-six"
+ "26-cachetools",
+ "27-pyasn1-modules",
+ "29-rsa",
+ "30-six"
]
},
{
- "ref": "26-pyasn1-modules",
+ "ref": "27-pyasn1-modules",
"dependsOn": [
- "27-pyasn1"
+ "28-pyasn1"
]
},
{
- "ref": "28-rsa",
+ "ref": "29-rsa",
"dependsOn": [
- "27-pyasn1"
+ "28-pyasn1"
]
},
{
- "ref": "30-google-auth-httplib2",
+ "ref": "31-google-auth-httplib2",
"dependsOn": [
- "24-google-auth",
- "31-httplib2"
+ "25-google-auth",
+ "32-httplib2"
]
},
{
- "ref": "31-httplib2",
+ "ref": "32-httplib2",
"dependsOn": [
- "32-pyparsing"
+ "33-pyparsing"
]
},
{
- "ref": "33-google-reauth",
+ "ref": "34-google-reauth",
"dependsOn": [
- "34-pyu2f"
+ "35-pyu2f"
]
},
{
- "ref": "34-pyu2f",
+ "ref": "35-pyu2f",
"dependsOn": [
- "29-six"
+ "30-six"
]
},
{
- "ref": "35-oauth2client",
+ "ref": "36-oauth2client",
"dependsOn": [
- "31-httplib2",
- "27-pyasn1",
- "26-pyasn1-modules",
- "28-rsa",
- "29-six"
+ "32-httplib2",
+ "28-pyasn1",
+ "27-pyasn1-modules",
+ "29-rsa",
+ "30-six"
]
},
{
- "ref": "36-pyopenssl",
+ "ref": "37-pyopenssl",
"dependsOn": [
- "37-cryptography"
+ "38-cryptography"
]
},
{
- "ref": "37-cryptography",
+ "ref": "38-cryptography",
"dependsOn": [
- "38-cffi"
+ "39-cffi"
]
},
{
- "ref": "38-cffi",
+ "ref": "39-cffi",
"dependsOn": [
- "39-pycparser"
+ "40-pycparser"
]
},
{
- "ref": "41-google-apitools",
+ "ref": "42-google-apitools",
"dependsOn": [
- "21-fasteners",
- "31-httplib2",
- "35-oauth2client",
- "29-six"
+ "22-fasteners",
+ "32-httplib2",
+ "36-oauth2client",
+ "30-six"
]
},
{
- "ref": "43-jinja2",
+ "ref": "44-jinja2",
"dependsOn": [
- "44-markupsafe"
+ "45-markupsafe"
]
},
{
- "ref": "45-jsonschema",
+ "ref": "46-jsonschema",
"dependsOn": [
"7-attrs",
- "46-jsonschema-specifications",
- "47-referencing",
- "48-rpds-py"
+ "47-jsonschema-specifications",
+ "48-referencing",
+ "49-rpds-py"
]
},
{
- "ref": "46-jsonschema-specifications",
+ "ref": "47-jsonschema-specifications",
"dependsOn": [
- "47-referencing"
+ "48-referencing"
]
},
{
- "ref": "47-referencing",
+ "ref": "48-referencing",
"dependsOn": [
"7-attrs",
- "48-rpds-py"
+ "49-rpds-py"
]
},
{
- "ref": "49-lib4sbom",
+ "ref": "50-lib4sbom",
"dependsOn": [
- "15-defusedxml",
- "50-pyyaml",
- "51-semantic-version"
+ "16-defusedxml",
+ "51-pyyaml",
+ "52-semantic-version"
]
},
{
- "ref": "52-lib4vex",
+ "ref": "53-lib4vex",
"dependsOn": [
- "53-csaf-tool",
- "49-lib4sbom",
- "54-packageurl-python"
+ "54-csaf-tool",
+ "50-lib4sbom",
+ "55-packageurl-python"
]
},
{
- "ref": "53-csaf-tool",
+ "ref": "54-csaf-tool",
"dependsOn": [
- "54-packageurl-python",
- "55-rich"
+ "55-packageurl-python",
+ "56-rich"
]
},
{
- "ref": "55-rich",
+ "ref": "56-rich",
"dependsOn": [
- "56-markdown-it-py",
- "58-pygments",
+ "57-markdown-it-py",
+ "59-pygments",
"9-typing-extensions"
]
},
{
- "ref": "56-markdown-it-py",
+ "ref": "57-markdown-it-py",
"dependsOn": [
- "57-mdurl"
+ "58-mdurl"
]
},
{
- "ref": "60-plotly",
+ "ref": "61-plotly",
"dependsOn": [
- "59-packaging",
- "61-tenacity"
+ "60-packaging",
+ "62-tenacity"
]
},
{
- "ref": "63-requests",
+ "ref": "64-requests",
"dependsOn": [
- "64-certifi",
- "65-charset-normalizer",
+ "65-certifi",
+ "66-charset-normalizer",
"11-idna",
- "66-urllib3"
+ "67-urllib3"
]
},
{
- "ref": "70-xmlschema",
+ "ref": "71-xmlschema",
"dependsOn": [
- "71-elementpath"
+ "72-elementpath"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx
index b6e3cbd95c..0f2e589a44 100644
--- a/sbom/cve-bin-tool-py3.10.spdx
+++ b/sbom/cve-bin-tool-py3.10.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-f342fd75-77a2-483b-8170-2340b13d2867
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ff67aa04-d128-488e-a249-c4c783ec6756
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.11.3
-Created: 2024-10-07T00:37:22Z
+Created: 2024-10-14T00:36:51Z
CreatorComment: This document has been automatically generated.
#####
@@ -27,10 +27,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*
PackageName: aiohttp
SPDXID: SPDXRef-2-aiohttp
-PackageVersion: 3.10.9
+PackageVersion: 3.10.10
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiohttp/3.10.9/#files
+PackageDownloadLocation: https://pypi.org/project/aiohttp/3.10.10/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/aiohttp
PackageLicenseDeclared: NOASSERTION
@@ -38,7 +38,7 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: aiohttp declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Async http client/server framework (asyncio)
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.10.9
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.10.10
#####
PackageName: aiohappyeyeballs
@@ -157,18 +157,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-e
PackageName: yarl
SPDXID: SPDXRef-10-yarl
-PackageVersion: 1.13.1
+PackageVersion: 1.15.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/yarl/1.13.1/#files
+PackageDownloadLocation: https://pypi.org/project/yarl/1.15.2/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/yarl
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Yet another URL library
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.13.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.13.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.15.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*
#####
PackageName: idna
@@ -186,8 +186,24 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.10
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
#####
+PackageName: propcache
+SPDXID: SPDXRef-12-propcache
+PackageVersion: 0.2.0
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
+PackageDownloadLocation: https://pypi.org/project/propcache/0.2.0/#files
+FilesAnalyzed: false
+PackageHomePage: https://github.com/aio-libs/propcache
+PackageLicenseDeclared: Apache-2.0
+PackageLicenseConcluded: Apache-2.0
+PackageCopyrightText: NOASSERTION
+PackageSummary: Accelerated property cache
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/propcache@0.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+#####
+
PackageName: beautifulsoup4
-SPDXID: SPDXRef-12-beautifulsoup4
+SPDXID: SPDXRef-13-beautifulsoup4
PackageVersion: 4.12.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
@@ -204,7 +220,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12
#####
PackageName: soupsieve
-SPDXID: SPDXRef-13-soupsieve
+SPDXID: SPDXRef-14-soupsieve
PackageVersion: 2.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Isaac Muse (Isaac.Muse@gmail.com)
@@ -220,7 +236,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
#####
PackageName: cvss
-SPDXID: SPDXRef-14-cvss
+SPDXID: SPDXRef-15-cvss
PackageVersion: 3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Stanislav Red Hat Product Security (skontar@redhat.com)
@@ -237,7 +253,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvs
#####
PackageName: defusedxml
-SPDXID: SPDXRef-15-defusedxml
+SPDXID: SPDXRef-16-defusedxml
PackageVersion: 0.7.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Christian Heimes (christian@python.org)
@@ -255,7 +271,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:
#####
PackageName: distro
-SPDXID: SPDXRef-16-distro
+SPDXID: SPDXRef-17-distro
PackageVersion: 1.9.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Nir Cohen (nir36g@gmail.com)
@@ -272,7 +288,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
#####
PackageName: filetype
-SPDXID: SPDXRef-17-filetype
+SPDXID: SPDXRef-18-filetype
PackageVersion: 1.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Tomas Aparicio (tomas@aparicio.me)
@@ -289,11 +305,11 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:
#####
PackageName: gsutil
-SPDXID: SPDXRef-18-gsutil
-PackageVersion: 5.30
+SPDXID: SPDXRef-19-gsutil
+PackageVersion: 5.31
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com)
-PackageDownloadLocation: https://pypi.org/project/gsutil/5.30/#files
+PackageDownloadLocation: https://pypi.org/project/gsutil/5.31/#files
FilesAnalyzed: false
PackageHomePage: https://cloud.google.com/storage/docs/gsutil
PackageLicenseDeclared: NOASSERTION
@@ -301,16 +317,16 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: gsutil declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: A command line tool for interacting with cloud storage services.
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/gsutil@5.30
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.30:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/gsutil@5.31
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
#####
PackageName: argcomplete
-SPDXID: SPDXRef-19-argcomplete
-PackageVersion: 3.5.0
+SPDXID: SPDXRef-20-argcomplete
+PackageVersion: 3.5.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/argcomplete/3.5.0/#files
+PackageDownloadLocation: https://pypi.org/project/argcomplete/3.5.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/kislyuk/argcomplete
PackageLicenseDeclared: NOASSERTION
@@ -318,12 +334,12 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: argcomplete declares Apache Software License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Bash tab completion for argparse
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/argcomplete@3.5.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/argcomplete@3.5.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
#####
PackageName: crcmod
-SPDXID: SPDXRef-20-crcmod
+SPDXID: SPDXRef-21-crcmod
PackageVersion: 1.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ray Buvel (rlbuvel@gmail.com)
@@ -339,7 +355,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
#####
PackageName: fasteners
-SPDXID: SPDXRef-21-fasteners
+SPDXID: SPDXRef-22-fasteners
PackageVersion: 0.19
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joshua Harlow
@@ -356,7 +372,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*
#####
PackageName: gcs-oauth2-boto-plugin
-SPDXID: SPDXRef-22-gcs-oauth2-boto-plugin
+SPDXID: SPDXRef-23-gcs-oauth2-boto-plugin
PackageVersion: 3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (gs-team@google.com)
@@ -374,7 +390,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2
#####
PackageName: boto
-SPDXID: SPDXRef-23-boto
+SPDXID: SPDXRef-24-boto
PackageVersion: 2.49.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Mitch Garnaat (mitch@garnaat.com)
@@ -391,7 +407,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:
#####
PackageName: google-auth
-SPDXID: SPDXRef-24-google-auth
+SPDXID: SPDXRef-25-google-auth
PackageVersion: 2.17.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -409,7 +425,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17
#####
PackageName: cachetools
-SPDXID: SPDXRef-25-cachetools
+SPDXID: SPDXRef-26-cachetools
PackageVersion: 5.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
@@ -425,7 +441,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*
#####
PackageName: pyasn1-modules
-SPDXID: SPDXRef-26-pyasn1-modules
+SPDXID: SPDXRef-27-pyasn1-modules
PackageVersion: 0.4.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -442,7 +458,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:
#####
PackageName: pyasn1
-SPDXID: SPDXRef-27-pyasn1
+SPDXID: SPDXRef-28-pyasn1
PackageVersion: 0.6.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -458,7 +474,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:
#####
PackageName: rsa
-SPDXID: SPDXRef-28-rsa
+SPDXID: SPDXRef-29-rsa
PackageVersion: 4.7.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Sybren A. Stuvel (sybren@stuvel.eu)
@@ -476,7 +492,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*
#####
PackageName: six
-SPDXID: SPDXRef-29-six
+SPDXID: SPDXRef-30-six
PackageVersion: 1.16.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Benjamin Peterson (benjamin@python.org)
@@ -493,7 +509,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*
#####
PackageName: google-auth-httplib2
-SPDXID: SPDXRef-30-google-auth-httplib2
+SPDXID: SPDXRef-31-google-auth-httplib2
PackageVersion: 0.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -511,7 +527,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth-http
#####
PackageName: httplib2
-SPDXID: SPDXRef-31-httplib2
+SPDXID: SPDXRef-32-httplib2
PackageVersion: 0.20.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joe Gregorio (joe@bitworking.org)
@@ -528,23 +544,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*
#####
PackageName: pyparsing
-SPDXID: SPDXRef-32-pyparsing
-PackageVersion: 3.1.4
+SPDXID: SPDXRef-33-pyparsing
+PackageVersion: 3.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyparsing/3.1.4/#files
+PackageDownloadLocation: https://pypi.org/project/pyparsing/3.2.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/pyparsing/pyparsing/
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: pyparsing module - Classes and methods to define and execute parsing grammars
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyparsing@3.1.4
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyparsing@3.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
#####
PackageName: google-reauth
-SPDXID: SPDXRef-33-google-reauth
+SPDXID: SPDXRef-34-google-reauth
PackageVersion: 0.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google (googleapis-publisher@google.com)
@@ -562,7 +578,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*
#####
PackageName: pyu2f
-SPDXID: SPDXRef-34-pyu2f
+SPDXID: SPDXRef-35-pyu2f
PackageVersion: 0.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (pyu2f-team@google.com)
@@ -580,7 +596,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
#####
PackageName: oauth2client
-SPDXID: SPDXRef-35-oauth2client
+SPDXID: SPDXRef-36-oauth2client
PackageVersion: 4.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (jonwayne+oauth2client@google.com)
@@ -598,7 +614,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*
#####
PackageName: pyopenssl
-SPDXID: SPDXRef-36-pyopenssl
+SPDXID: SPDXRef-37-pyopenssl
PackageVersion: 24.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org)
@@ -615,7 +631,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.
#####
PackageName: cryptography
-SPDXID: SPDXRef-37-cryptography
+SPDXID: SPDXRef-38-cryptography
PackageVersion: 43.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
@@ -631,7 +647,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python
#####
PackageName: cffi
-SPDXID: SPDXRef-38-cffi
+SPDXID: SPDXRef-39-cffi
PackageVersion: 1.17.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Armin Maciej Fijalkowski (python-cffi@googlegroups.com)
@@ -647,7 +663,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*
#####
PackageName: pycparser
-SPDXID: SPDXRef-39-pycparser
+SPDXID: SPDXRef-40-pycparser
PackageVersion: 2.22
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Eli Bendersky (eliben@gmail.com)
@@ -664,7 +680,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*
#####
PackageName: retry-decorator
-SPDXID: SPDXRef-40-retry-decorator
+SPDXID: SPDXRef-41-retry-decorator
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Patrick Ng (pn.appdev@gmail.com)
@@ -681,7 +697,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*
#####
PackageName: google-apitools
-SPDXID: SPDXRef-41-google-apitools
+SPDXID: SPDXRef-42-google-apitools
PackageVersion: 0.5.32
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Craig Citro (craigcitro@google.com)
@@ -699,7 +715,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
#####
PackageName: monotonic
-SPDXID: SPDXRef-42-monotonic
+SPDXID: SPDXRef-43-monotonic
PackageVersion: 1.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ori Livneh (ori@wikimedia.org)
@@ -717,7 +733,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
#####
PackageName: jinja2
-SPDXID: SPDXRef-43-jinja2
+SPDXID: SPDXRef-44-jinja2
PackageVersion: 3.1.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
@@ -732,23 +748,22 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jinja2@3.1.4
#####
PackageName: markupsafe
-SPDXID: SPDXRef-44-markupsafe
-PackageVersion: 2.1.5
+SPDXID: SPDXRef-45-markupsafe
+PackageVersion: 3.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/markupsafe/2.1.5/#files
+PackageDownloadLocation: https://pypi.org/project/markupsafe/3.0.1/#files
FilesAnalyzed: false
-PackageHomePage: https://palletsprojects.com/p/markupsafe/
-PackageChecksum: SHA1: fbba4acd0312826cec9cfe18371c7df07962cb65
-PackageLicenseDeclared: BSD-3-Clause
-PackageLicenseConcluded: BSD-3-Clause
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
+PackageLicenseComments: markupsafe declares Copyright 2010 Pallets which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Safely add untrusted strings to HTML/XML markup.
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markupsafe@2.1.5
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markupsafe@3.0.1
#####
PackageName: jsonschema
-SPDXID: SPDXRef-45-jsonschema
+SPDXID: SPDXRef-46-jsonschema
PackageVersion: 4.23.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman (Julian+jsonschema@GrayVines.com)
@@ -764,24 +779,24 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:
#####
PackageName: jsonschema-specifications
-SPDXID: SPDXRef-46-jsonschema-specifications
-PackageVersion: 2023.12.1
+SPDXID: SPDXRef-47-jsonschema-specifications
+PackageVersion: 2024.10.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman (Julian+jsonschema-specifications@GrayVines.com)
-PackageDownloadLocation: https://pypi.org/project/jsonschema-specifications/2023.12.1/#files
+PackageDownloadLocation: https://pypi.org/project/jsonschema-specifications/2024.10.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/python-jsonschema/jsonschema-specifications
-PackageChecksum: SHA1: 544e0ff86850af1c6d9e533c4b58b76c59542a76
-PackageLicenseDeclared: MIT
-PackageLicenseConcluded: MIT
+PackageChecksum: SHA1: 09f6f17a46ecf03e314df0e6fa14d57db210a549
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: The JSON Schema meta-schemas and vocabularies, exposed as a Registry
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jsonschema-specifications@2023.12.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specifications:2023.12.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jsonschema-specifications@2024.10.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
#####
PackageName: referencing
-SPDXID: SPDXRef-47-referencing
+SPDXID: SPDXRef-48-referencing
PackageVersion: 0.35.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman (Julian+referencing@GrayVines.com)
@@ -798,7 +813,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*
#####
PackageName: rpds-py
-SPDXID: SPDXRef-48-rpds-py
+SPDXID: SPDXRef-49-rpds-py
PackageVersion: 0.20.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman (Julian+rpds@GrayVines.com)
@@ -815,7 +830,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.20.0:*:*:*:*:*
#####
PackageName: lib4sbom
-SPDXID: SPDXRef-49-lib4sbom
+SPDXID: SPDXRef-50-lib4sbom
PackageVersion: 0.7.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -831,7 +846,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:
#####
PackageName: pyyaml
-SPDXID: SPDXRef-50-pyyaml
+SPDXID: SPDXRef-51-pyyaml
PackageVersion: 6.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kirill Simonov (xi@resolvent.net)
@@ -847,7 +862,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:
#####
PackageName: semantic-version
-SPDXID: SPDXRef-51-semantic-version
+SPDXID: SPDXRef-52-semantic-version
PackageVersion: 2.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org)
@@ -865,7 +880,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
#####
PackageName: lib4vex
-SPDXID: SPDXRef-52-lib4vex
+SPDXID: SPDXRef-53-lib4vex
PackageVersion: 0.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -882,7 +897,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*
#####
PackageName: csaf-tool
-SPDXID: SPDXRef-53-csaf-tool
+SPDXID: SPDXRef-54-csaf-tool
PackageVersion: 0.3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -899,7 +914,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*
#####
PackageName: packageurl-python
-SPDXID: SPDXRef-54-packageurl-python
+SPDXID: SPDXRef-55-packageurl-python
PackageVersion: 0.15.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: the purl authors
@@ -916,7 +931,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.1
#####
PackageName: rich
-SPDXID: SPDXRef-55-rich
+SPDXID: SPDXRef-56-rich
PackageVersion: 13.9.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
@@ -932,7 +947,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.9.2:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
-SPDXID: SPDXRef-56-markdown-it-py
+SPDXID: SPDXRef-57-markdown-it-py
PackageVersion: 3.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
@@ -949,7 +964,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:
#####
PackageName: mdurl
-SPDXID: SPDXRef-57-mdurl
+SPDXID: SPDXRef-58-mdurl
PackageVersion: 0.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com)
@@ -966,7 +981,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
#####
PackageName: pygments
-SPDXID: SPDXRef-58-pygments
+SPDXID: SPDXRef-59-pygments
PackageVersion: 2.18.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Georg Brandl (georg@python.org)
@@ -983,7 +998,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*
#####
PackageName: packaging
-SPDXID: SPDXRef-59-packaging
+SPDXID: SPDXRef-60-packaging
PackageVersion: 24.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Donald Stufft (donald@stufft.io)
@@ -998,7 +1013,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.1:*:*:*:*:*
#####
PackageName: plotly
-SPDXID: SPDXRef-60-plotly
+SPDXID: SPDXRef-61-plotly
PackageVersion: 5.24.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
@@ -1014,7 +1029,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
#####
PackageName: tenacity
-SPDXID: SPDXRef-61-tenacity
+SPDXID: SPDXRef-62-tenacity
PackageVersion: 9.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julien Danjou (julien@danjou.info)
@@ -1032,7 +1047,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*
#####
PackageName: python-gnupg
-SPDXID: SPDXRef-62-python-gnupg
+SPDXID: SPDXRef-63-python-gnupg
PackageVersion: 0.5.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
@@ -1049,7 +1064,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*
#####
PackageName: requests
-SPDXID: SPDXRef-63-requests
+SPDXID: SPDXRef-64-requests
PackageVersion: 2.32.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -1066,7 +1081,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-64-certifi
+SPDXID: SPDXRef-65-certifi
PackageVersion: 2024.8.30
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -1082,24 +1097,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:
#####
PackageName: charset-normalizer
-SPDXID: SPDXRef-65-charset-normalizer
-PackageVersion: 3.3.2
+SPDXID: SPDXRef-66-charset-normalizer
+PackageVersion: 3.4.0
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev)
-PackageDownloadLocation: https://pypi.org/project/charset-normalizer/3.3.2/#files
+PackageSupplier: Person: Ahmed TAHRI (tahri.ahmed@proton.me)
+PackageDownloadLocation: https://pypi.org/project/charset-normalizer/3.4.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/Ousret/charset_normalizer
-PackageChecksum: SHA1: 79dce4857914fead2ffe55eb787cad6d5cf14643
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/charset-normalizer@3.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/charset-normalizer@3.4.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
#####
PackageName: urllib3
-SPDXID: SPDXRef-66-urllib3
+SPDXID: SPDXRef-67-urllib3
PackageVersion: 2.2.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
@@ -1114,7 +1128,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:
#####
PackageName: rpmfile
-SPDXID: SPDXRef-67-rpmfile
+SPDXID: SPDXRef-68-rpmfile
PackageVersion: 2.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Sean Ross (srossross@gmail.com)
@@ -1131,7 +1145,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
#####
PackageName: setuptools
-SPDXID: SPDXRef-68-setuptools
+SPDXID: SPDXRef-69-setuptools
PackageVersion: 75.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Python Packaging Authority (distutils-sig@python.org)
@@ -1146,7 +1160,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:
#####
PackageName: toml
-SPDXID: SPDXRef-69-toml
+SPDXID: SPDXRef-70-toml
PackageVersion: 0.10.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: William Pearson (uiri@xqz.ca)
@@ -1163,7 +1177,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
#####
PackageName: xmlschema
-SPDXID: SPDXRef-70-xmlschema
+SPDXID: SPDXRef-71-xmlschema
PackageVersion: 3.4.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1179,7 +1193,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.4.2:*:*:*:*
#####
PackageName: elementpath
-SPDXID: SPDXRef-71-elementpath
+SPDXID: SPDXRef-72-elementpath
PackageVersion: 4.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1195,7 +1209,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.5.0:*:*:*
#####
PackageName: zipp
-SPDXID: SPDXRef-72-zipp
+SPDXID: SPDXRef-73-zipp
PackageVersion: 3.20.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
@@ -1210,7 +1224,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:*
#####
PackageName: zstandard
-SPDXID: SPDXRef-73-zstandard
+SPDXID: SPDXRef-74-zstandard
PackageVersion: 0.23.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com)
@@ -1226,47 +1240,48 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zstandard@0.23.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
#####
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-12-beautifulsoup4
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-14-cvss
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-15-defusedxml
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-16-distro
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-17-filetype
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-18-gsutil
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-13-beautifulsoup4
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-15-cvss
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-16-defusedxml
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-17-distro
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-18-filetype
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-19-gsutil
Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-2-aiohttp
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-43-jinja2
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-45-jsonschema
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-49-lib4sbom
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-50-pyyaml
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-52-lib4vex
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-54-packageurl-python
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-55-rich
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-59-packaging
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-60-plotly
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-62-python-gnupg
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-63-requests
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-66-urllib3
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-67-rpmfile
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-68-setuptools
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-69-toml
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-70-xmlschema
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-72-zipp
-Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-73-zstandard
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-44-jinja2
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-46-jsonschema
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-50-lib4sbom
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-51-pyyaml
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-53-lib4vex
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-55-packageurl-python
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-56-rich
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-60-packaging
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-61-plotly
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-63-python-gnupg
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-64-requests
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-67-urllib3
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-68-rpmfile
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-69-setuptools
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-70-toml
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-71-xmlschema
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-73-zipp
+Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-74-zstandard
Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-11-idna
+Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-12-propcache
Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-8-multidict
-Relationship: SPDXRef-12-beautifulsoup4 DEPENDS_ON SPDXRef-13-soupsieve
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-19-argcomplete
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-20-crcmod
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-21-fasteners
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-22-gcs-oauth2-boto-plugin
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-24-google-auth
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-30-google-auth-httplib2
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-31-httplib2
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-33-google-reauth
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-36-pyopenssl
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-40-retry-decorator
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-41-google-apitools
-Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-42-monotonic
+Relationship: SPDXRef-13-beautifulsoup4 DEPENDS_ON SPDXRef-14-soupsieve
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-20-argcomplete
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-21-crcmod
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-22-fasteners
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-23-gcs-oauth2-boto-plugin
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-25-google-auth
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-31-google-auth-httplib2
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-32-httplib2
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-34-google-reauth
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-37-pyopenssl
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-41-retry-decorator
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-42-google-apitools
+Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-43-monotonic
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-10-yarl
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-3-aiohappyeyeballs
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-4-aiosignal
@@ -1274,66 +1289,66 @@ Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-5-frozenlist
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-6-async-timeout
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-7-attrs
Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-8-multidict
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-23-boto
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-24-google-auth
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-28-rsa
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-30-google-auth-httplib2
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-31-httplib2
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-33-google-reauth
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-35-oauth2client
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-36-pyopenssl
-Relationship: SPDXRef-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-40-retry-decorator
-Relationship: SPDXRef-24-google-auth DEPENDS_ON SPDXRef-25-cachetools
-Relationship: SPDXRef-24-google-auth DEPENDS_ON SPDXRef-26-pyasn1-modules
-Relationship: SPDXRef-24-google-auth DEPENDS_ON SPDXRef-28-rsa
-Relationship: SPDXRef-24-google-auth DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-26-pyasn1-modules DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-28-rsa DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-30-google-auth-httplib2 DEPENDS_ON SPDXRef-24-google-auth
-Relationship: SPDXRef-30-google-auth-httplib2 DEPENDS_ON SPDXRef-31-httplib2
-Relationship: SPDXRef-31-httplib2 DEPENDS_ON SPDXRef-32-pyparsing
-Relationship: SPDXRef-33-google-reauth DEPENDS_ON SPDXRef-34-pyu2f
-Relationship: SPDXRef-34-pyu2f DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-35-oauth2client DEPENDS_ON SPDXRef-26-pyasn1-modules
-Relationship: SPDXRef-35-oauth2client DEPENDS_ON SPDXRef-27-pyasn1
-Relationship: SPDXRef-35-oauth2client DEPENDS_ON SPDXRef-28-rsa
-Relationship: SPDXRef-35-oauth2client DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-35-oauth2client DEPENDS_ON SPDXRef-31-httplib2
-Relationship: SPDXRef-36-pyopenssl DEPENDS_ON SPDXRef-37-cryptography
-Relationship: SPDXRef-37-cryptography DEPENDS_ON SPDXRef-38-cffi
-Relationship: SPDXRef-38-cffi DEPENDS_ON SPDXRef-39-pycparser
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-24-boto
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-25-google-auth
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-29-rsa
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-31-google-auth-httplib2
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-32-httplib2
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-34-google-reauth
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-36-oauth2client
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-37-pyopenssl
+Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-41-retry-decorator
+Relationship: SPDXRef-25-google-auth DEPENDS_ON SPDXRef-26-cachetools
+Relationship: SPDXRef-25-google-auth DEPENDS_ON SPDXRef-27-pyasn1-modules
+Relationship: SPDXRef-25-google-auth DEPENDS_ON SPDXRef-29-rsa
+Relationship: SPDXRef-25-google-auth DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-27-pyasn1-modules DEPENDS_ON SPDXRef-28-pyasn1
+Relationship: SPDXRef-29-rsa DEPENDS_ON SPDXRef-28-pyasn1
+Relationship: SPDXRef-31-google-auth-httplib2 DEPENDS_ON SPDXRef-25-google-auth
+Relationship: SPDXRef-31-google-auth-httplib2 DEPENDS_ON SPDXRef-32-httplib2
+Relationship: SPDXRef-32-httplib2 DEPENDS_ON SPDXRef-33-pyparsing
+Relationship: SPDXRef-34-google-reauth DEPENDS_ON SPDXRef-35-pyu2f
+Relationship: SPDXRef-35-pyu2f DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-36-oauth2client DEPENDS_ON SPDXRef-27-pyasn1-modules
+Relationship: SPDXRef-36-oauth2client DEPENDS_ON SPDXRef-28-pyasn1
+Relationship: SPDXRef-36-oauth2client DEPENDS_ON SPDXRef-29-rsa
+Relationship: SPDXRef-36-oauth2client DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-36-oauth2client DEPENDS_ON SPDXRef-32-httplib2
+Relationship: SPDXRef-37-pyopenssl DEPENDS_ON SPDXRef-38-cryptography
+Relationship: SPDXRef-38-cryptography DEPENDS_ON SPDXRef-39-cffi
+Relationship: SPDXRef-39-cffi DEPENDS_ON SPDXRef-40-pycparser
Relationship: SPDXRef-4-aiosignal DEPENDS_ON SPDXRef-5-frozenlist
-Relationship: SPDXRef-41-google-apitools DEPENDS_ON SPDXRef-21-fasteners
-Relationship: SPDXRef-41-google-apitools DEPENDS_ON SPDXRef-29-six
-Relationship: SPDXRef-41-google-apitools DEPENDS_ON SPDXRef-31-httplib2
-Relationship: SPDXRef-41-google-apitools DEPENDS_ON SPDXRef-35-oauth2client
-Relationship: SPDXRef-43-jinja2 DEPENDS_ON SPDXRef-44-markupsafe
-Relationship: SPDXRef-45-jsonschema DEPENDS_ON SPDXRef-46-jsonschema-specifications
-Relationship: SPDXRef-45-jsonschema DEPENDS_ON SPDXRef-47-referencing
-Relationship: SPDXRef-45-jsonschema DEPENDS_ON SPDXRef-48-rpds-py
-Relationship: SPDXRef-45-jsonschema DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-46-jsonschema-specifications DEPENDS_ON SPDXRef-47-referencing
-Relationship: SPDXRef-47-referencing DEPENDS_ON SPDXRef-48-rpds-py
-Relationship: SPDXRef-47-referencing DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-49-lib4sbom DEPENDS_ON SPDXRef-15-defusedxml
-Relationship: SPDXRef-49-lib4sbom DEPENDS_ON SPDXRef-50-pyyaml
-Relationship: SPDXRef-49-lib4sbom DEPENDS_ON SPDXRef-51-semantic-version
-Relationship: SPDXRef-52-lib4vex DEPENDS_ON SPDXRef-49-lib4sbom
-Relationship: SPDXRef-52-lib4vex DEPENDS_ON SPDXRef-53-csaf-tool
-Relationship: SPDXRef-52-lib4vex DEPENDS_ON SPDXRef-54-packageurl-python
-Relationship: SPDXRef-53-csaf-tool DEPENDS_ON SPDXRef-54-packageurl-python
-Relationship: SPDXRef-53-csaf-tool DEPENDS_ON SPDXRef-55-rich
-Relationship: SPDXRef-55-rich DEPENDS_ON SPDXRef-56-markdown-it-py
-Relationship: SPDXRef-55-rich DEPENDS_ON SPDXRef-58-pygments
-Relationship: SPDXRef-55-rich DEPENDS_ON SPDXRef-9-typing-extensions
-Relationship: SPDXRef-56-markdown-it-py DEPENDS_ON SPDXRef-57-mdurl
-Relationship: SPDXRef-60-plotly DEPENDS_ON SPDXRef-59-packaging
-Relationship: SPDXRef-60-plotly DEPENDS_ON SPDXRef-61-tenacity
-Relationship: SPDXRef-63-requests DEPENDS_ON SPDXRef-11-idna
-Relationship: SPDXRef-63-requests DEPENDS_ON SPDXRef-64-certifi
-Relationship: SPDXRef-63-requests DEPENDS_ON SPDXRef-65-charset-normalizer
-Relationship: SPDXRef-63-requests DEPENDS_ON SPDXRef-66-urllib3
-Relationship: SPDXRef-70-xmlschema DEPENDS_ON SPDXRef-71-elementpath
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-22-fasteners
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-30-six
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-32-httplib2
+Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-36-oauth2client
+Relationship: SPDXRef-44-jinja2 DEPENDS_ON SPDXRef-45-markupsafe
+Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-47-jsonschema-specifications
+Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-48-referencing
+Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-49-rpds-py
+Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-7-attrs
+Relationship: SPDXRef-47-jsonschema-specifications DEPENDS_ON SPDXRef-48-referencing
+Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-49-rpds-py
+Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-7-attrs
+Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-16-defusedxml
+Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-51-pyyaml
+Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-52-semantic-version
+Relationship: SPDXRef-53-lib4vex DEPENDS_ON SPDXRef-50-lib4sbom
+Relationship: SPDXRef-53-lib4vex DEPENDS_ON SPDXRef-54-csaf-tool
+Relationship: SPDXRef-53-lib4vex DEPENDS_ON SPDXRef-55-packageurl-python
+Relationship: SPDXRef-54-csaf-tool DEPENDS_ON SPDXRef-55-packageurl-python
+Relationship: SPDXRef-54-csaf-tool DEPENDS_ON SPDXRef-56-rich
+Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-57-markdown-it-py
+Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-59-pygments
+Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-9-typing-extensions
+Relationship: SPDXRef-57-markdown-it-py DEPENDS_ON SPDXRef-58-mdurl
+Relationship: SPDXRef-61-plotly DEPENDS_ON SPDXRef-60-packaging
+Relationship: SPDXRef-61-plotly DEPENDS_ON SPDXRef-62-tenacity
+Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-11-idna
+Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-65-certifi
+Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-66-charset-normalizer
+Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-67-urllib3
+Relationship: SPDXRef-71-xmlschema DEPENDS_ON SPDXRef-72-elementpath
Relationship: SPDXRef-8-multidict DEPENDS_ON SPDXRef-9-typing-extensions
Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-1-cve-bin-tool