diff --git a/sbom/cve-bin-tool-py3.12.json b/sbom/cve-bin-tool-py3.12.json
index f2c987cdcd..499314a906 100644
--- a/sbom/cve-bin-tool-py3.12.json
+++ b/sbom/cve-bin-tool-py3.12.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:bf21fb68-2cf7-4f4a-a994-4d233e8c5369",
+ "serialNumber": "urn:uuid:1b080187-0b47-47eb-b27c-c519e99e3045",
"version": 1,
"metadata": {
- "timestamp": "2024-09-30T00:38:54Z",
+ "timestamp": "2024-10-07T00:38:16Z",
"lifecycles": [
{
"phase": "build"
@@ -15,7 +15,7 @@
"components": [
{
"name": "sbom4python",
- "version": "0.11.2",
+ "version": "0.11.3",
"type": "application"
}
]
@@ -71,7 +71,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -79,7 +79,7 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
- "version": "3.10.8",
+ "version": "3.10.9",
"description": "Async http client/server framework (asyncio)",
"licenses": [
{
@@ -97,12 +97,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/aiohttp/3.10.8/#files",
+ "url": "https://pypi.org/project/aiohttp/3.10.9/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/aiohttp@3.10.8",
+ "purl": "pkg:pypi/aiohttp@3.10.9",
"properties": [
{
"name": "language",
@@ -110,7 +110,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -118,7 +118,7 @@
"type": "library",
"bom-ref": "3-aiohappyeyeballs",
"name": "aiohappyeyeballs",
- "version": "2.4.2",
+ "version": "2.4.3",
"supplier": {
"name": "J. Nick Koston",
"contact": [
@@ -127,13 +127,13 @@
}
]
},
- "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*",
"description": "Happy Eyeballs for asyncio",
"licenses": [
{
"license": {
- "id": "Python-2.0.1",
- "url": "https://www.python.org/download/releases/2.0.1/license/",
+ "id": "PSF-2.0",
+ "url": "https://opensource.org/licenses/Python-2.0",
"acknowledgement": "concluded"
}
}
@@ -145,12 +145,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/aiohappyeyeballs/2.4.2/#files",
+ "url": "https://pypi.org/project/aiohappyeyeballs/2.4.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/aiohappyeyeballs@2.4.2",
+ "purl": "pkg:pypi/aiohappyeyeballs@2.4.3",
"properties": [
{
"name": "language",
@@ -158,7 +158,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -203,7 +203,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -246,7 +246,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -284,7 +284,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -332,7 +332,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -380,7 +380,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -414,7 +414,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -462,7 +462,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -505,7 +505,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -553,7 +553,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -607,7 +607,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -659,7 +659,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -717,7 +717,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -769,7 +769,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -817,7 +817,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -865,7 +865,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -914,7 +914,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -968,7 +968,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1026,7 +1026,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1084,7 +1084,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1132,7 +1132,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1180,7 +1180,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1228,7 +1228,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1282,7 +1282,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1340,7 +1340,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1398,7 +1398,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1456,7 +1456,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1495,7 +1495,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1549,7 +1549,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1607,7 +1607,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1665,7 +1665,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1717,7 +1717,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1761,7 +1761,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1809,7 +1809,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -1863,7 +1863,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1921,7 +1921,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -1979,7 +1979,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2037,7 +2037,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2072,7 +2072,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2121,7 +2121,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2173,7 +2173,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2227,7 +2227,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2276,7 +2276,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2334,7 +2334,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2382,7 +2382,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2430,7 +2430,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2484,7 +2484,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2542,7 +2542,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2596,7 +2596,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2645,7 +2645,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2653,7 +2653,7 @@
"type": "library",
"bom-ref": "53-rich",
"name": "rich",
- "version": "13.8.1",
+ "version": "13.9.2",
"supplier": {
"name": "Will McGugan",
"contact": [
@@ -2662,7 +2662,7 @@
}
]
},
- "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:will_mcgugan:rich:13.9.2:*:*:*:*:*:*:*",
"description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal",
"licenses": [
{
@@ -2680,12 +2680,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/rich/13.8.1/#files",
+ "url": "https://pypi.org/project/rich/13.9.2/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/rich@13.8.1",
+ "purl": "pkg:pypi/rich@13.9.2",
"properties": [
{
"name": "language",
@@ -2693,7 +2693,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2738,7 +2738,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2787,7 +2787,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2845,7 +2845,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -2883,7 +2883,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2931,7 +2931,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -2985,7 +2985,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3033,7 +3033,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3087,7 +3087,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3135,7 +3135,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3189,7 +3189,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
},
{
"name": "package_release_date",
@@ -3227,7 +3227,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3281,7 +3281,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3315,7 +3315,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3363,7 +3363,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3411,7 +3411,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3445,7 +3445,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
},
@@ -3493,7 +3493,7 @@
},
{
"name": "python_version",
- "value": "3.12.6"
+ "value": "3.12.7"
}
]
}
diff --git a/sbom/cve-bin-tool-py3.12.spdx b/sbom/cve-bin-tool-py3.12.spdx
index 005ec0697e..6fe85a9c3d 100644
--- a/sbom/cve-bin-tool-py3.12.spdx
+++ b/sbom/cve-bin-tool-py3.12.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-2a2565ca-f58a-4d49-8bcf-904e21e8d2f1
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-f02694a3-d5df-4a14-a5a2-1122d7c905f2
LicenseListVersion: 3.22
-Creator: Tool: sbom4python-0.11.2
-Created: 2024-09-30T00:37:42Z
+Creator: Tool: sbom4python-0.11.3
+Created: 2024-10-07T00:37:22Z
CreatorComment: This document has been automatically generated.
#####
@@ -27,10 +27,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*
PackageName: aiohttp
SPDXID: SPDXRef-2-aiohttp
-PackageVersion: 3.10.8
+PackageVersion: 3.10.9
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiohttp/3.10.8/#files
+PackageDownloadLocation: https://pypi.org/project/aiohttp/3.10.9/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/aiohttp
PackageLicenseDeclared: NOASSERTION
@@ -38,23 +38,23 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: aiohttp declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Async http client/server framework (asyncio)
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.10.8
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.10.9
#####
PackageName: aiohappyeyeballs
SPDXID: SPDXRef-3-aiohappyeyeballs
-PackageVersion: 2.4.2
+PackageVersion: 2.4.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: J. Nick Koston (nick@koston.org)
-PackageDownloadLocation: https://pypi.org/project/aiohappyeyeballs/2.4.2/#files
+PackageDownloadLocation: https://pypi.org/project/aiohappyeyeballs/2.4.3/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/aiohappyeyeballs
-PackageLicenseDeclared: Python-2.0.1
-PackageLicenseConcluded: Python-2.0.1
+PackageLicenseDeclared: PSF-2.0
+PackageLicenseConcluded: PSF-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Happy Eyeballs for asyncio
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohappyeyeballs@2.4.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohappyeyeballs@2.4.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
#####
PackageName: aiosignal
@@ -884,18 +884,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.1
PackageName: rich
SPDXID: SPDXRef-53-rich
-PackageVersion: 13.8.1
+PackageVersion: 13.9.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/rich/13.8.1/#files
+PackageDownloadLocation: https://pypi.org/project/rich/13.9.2/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/Textualize/rich
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.8.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.9.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.9.2:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py