diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json index 2678572818..305e8c864d 100644 --- a/sbom/cve-bin-tool-py3.9.json +++ b/sbom/cve-bin-tool-py3.9.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", - "serialNumber": "urn:uuid:6b8040ba-91ea-45e2-b48e-cf3f925e08dd", + "serialNumber": "urn:uuid:da25ffa1-1384-461d-a6c5-84dfce937e55", "version": 1, "metadata": { - "timestamp": "2024-05-13T00:29:02Z", + "timestamp": "2024-05-20T00:28:52Z", "tools": { "components": [ { @@ -1839,31 +1839,31 @@ "type": "library", "bom-ref": "42-zipp", "name": "zipp", - "version": "3.18.1", + "version": "3.18.2", "supplier": { - "name": "Jason R . Coombs", + "name": "Jason R .", "contact": [ { "email": "jaraco@jaraco.com" } ] }, - "cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:*", "description": "Backport of pathlib-compatible object wrapper for zip files", "hashes": [ { "alg": "SHA-1", - "content": "bfae83474a730e8cc9b8a71027fb859b46b3875c" + "content": "051250eb0e3024d75e7de09921e4efab074f0112" } ], "externalReferences": [ { - "url": "https://pypi.org/project/zipp/3.18.1", + "url": "https://pypi.org/project/zipp/3.18.2", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/zipp@3.18.1", + "purl": "pkg:pypi/zipp@3.18.2", "properties": [ { "name": "language", @@ -1906,6 +1906,12 @@ "name": "markupsafe", "version": "2.1.5", "description": "Safely add untrusted strings to HTML/XML markup.", + "hashes": [ + { + "alg": "SHA-1", + "content": "fbba4acd0312826cec9cfe18371c7df07962cb65" + } + ], "licenses": [ { "license": { diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx index 956a22ea55..51f4d38c58 100644 --- a/sbom/cve-bin-tool-py3.9.spdx +++ b/sbom/cve-bin-tool-py3.9.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: Python-cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-f75310d1-b81b-40c2-930d-22699181394d +DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-3138d3f8-dc63-447a-b0be-cca4b60da110 LicenseListVersion: 3.22 Creator: Tool: sbom4python-0.10.4 -Created: 2024-05-13T00:27:25Z +Created: 2024-05-20T00:27:19Z CreatorComment: This document has been automatically generated. ##### @@ -671,18 +671,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:7.1 PackageName: zipp SPDXID: SPDXRef-Package-42-zipp -PackageVersion: 3.18.1 +PackageVersion: 3.18.2 PrimaryPackagePurpose: LIBRARY -PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com) -PackageDownloadLocation: https://pypi.org/project/zipp/3.18.1 +PackageSupplier: Organization: Jason R. (jaraco@jaraco.com) +PackageDownloadLocation: https://pypi.org/project/zipp/3.18.2 FilesAnalyzed: false -PackageChecksum: SHA1: bfae83474a730e8cc9b8a71027fb859b46b3875c +PackageChecksum: SHA1: 051250eb0e3024d75e7de09921e4efab074f0112 PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Backport of pathlib-compatible object wrapper for zip files -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:* ##### PackageName: jinja2 @@ -706,6 +706,7 @@ PrimaryPackagePurpose: LIBRARY PackageSupplier: NOASSERTION PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.5 FilesAnalyzed: false +PackageChecksum: SHA1: fbba4acd0312826cec9cfe18371c7df07962cb65 PackageLicenseDeclared: BSD-3-Clause PackageLicenseConcluded: BSD-3-Clause PackageCopyrightText: NOASSERTION