Skip to content

Commit

Permalink
chore: update SBOM for Python 3.9
Browse files Browse the repository at this point in the history
  • Loading branch information
@web-flow
web-flow authored Jul 24, 2023
1 parent 5edf325 commit 763b709
Show file tree
Hide file tree
Showing 2 changed files with 96 additions and 96 deletions.
96 changes: 48 additions & 48 deletions sbom/cve-bin-tool-py3.9.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuid93f9738b-4ebb-4fb8-9bff-f3b17dc60da2",
"serialNumber": "urn:uuide5365fa2-de05-43d0-a018-fda815a5092c",
"version": 1,
"metadata": {
"timestamp": "2023-07-10T00:43:44Z",
"timestamp": "2023-07-24T00:30:14Z",
"tools": [
{
"name": "sbom4python",
Expand Down Expand Up @@ -55,7 +55,7 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
"version": "3.8.4",
"version": "3.8.5",
"description": "Async http client/server framework (asyncio)",
"licenses": [
{
Expand All @@ -67,12 +67,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/aiohttp/3.8.4",
"url": "https://pypi.org/project/aiohttp/3.8.5",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].4",
"purl": "pkg:pypi/[email protected].5",
"properties": [
{
"name": "License Comments",
Expand Down Expand Up @@ -112,7 +112,7 @@
"type": "library",
"bom-ref": "4-frozenlist",
"name": "frozenlist",
"version": "1.3.3",
"version": "1.4.0",
"description": "A list-like structure which implements collections.abc.MutableSequence",
"licenses": [
{
Expand All @@ -124,12 +124,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/frozenlist/1.3.3",
"url": "https://pypi.org/project/frozenlist/1.4.0",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/frozenlist@1.3.3",
"purl": "pkg:pypi/frozenlist@1.4.0",
"properties": [
{
"name": "License Comments",
Expand Down Expand Up @@ -1050,7 +1050,7 @@
"type": "library",
"bom-ref": "32-cryptography",
"name": "cryptography",
"version": "41.0.1",
"version": "41.0.2",
"supplier": {
"name": "The Python Cryptographic Authority and individual contributors",
"contact": [
Expand All @@ -1059,7 +1059,7 @@
}
]
},
"cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:41.0.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:41.0.2:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
Expand All @@ -1070,12 +1070,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/cryptography/41.0.1",
"url": "https://pypi.org/project/cryptography/41.0.2",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].1"
"purl": "pkg:pypi/[email protected].2"
},
{
"type": "library",
Expand Down Expand Up @@ -1221,7 +1221,7 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
"version": "2.21.0",
"version": "2.22.0",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
Expand All @@ -1230,7 +1230,7 @@
}
]
},
"cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.21.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.22.0:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
Expand All @@ -1242,12 +1242,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/google-auth/2.21.0",
"url": "https://pypi.org/project/google-auth/2.22.0",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/google-auth@2.21.0",
"purl": "pkg:pypi/google-auth@2.22.0",
"properties": [
{
"name": "License Comments",
Expand Down Expand Up @@ -1385,7 +1385,7 @@
"type": "library",
"bom-ref": "42-zipp",
"name": "zipp",
"version": "3.16.0",
"version": "3.16.2",
"supplier": {
"name": "Jason R. Coombs",
"contact": [
Expand All @@ -1394,16 +1394,16 @@
}
]
},
"cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.16.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.16.2:*:*:*:*:*:*:*",
"description": "Backport of pathlib-compatible object wrapper for zip files",
"externalReferences": [
{
"url": "https://pypi.org/project/zipp/3.16.0",
"url": "https://pypi.org/project/zipp/3.16.2",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].0"
"purl": "pkg:pypi/[email protected].2"
},
{
"type": "library",
Expand Down Expand Up @@ -1464,11 +1464,11 @@
"type": "library",
"bom-ref": "45-jsonschema",
"name": "jsonschema",
"version": "4.18.0",
"version": "4.18.4",
"supplier": {
"name": "Julian Berman"
},
"cpe": "cpe:2.3:a:julian_berman:jsonschema:4.18.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:jsonschema:4.18.4:*:*:*:*:*:*:*",
"description": "An implementation of JSON Schema validation for Python",
"licenses": [
{
Expand All @@ -1480,22 +1480,22 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/jsonschema/4.18.0",
"url": "https://pypi.org/project/jsonschema/4.18.4",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].0"
"purl": "pkg:pypi/[email protected].4"
},
{
"type": "library",
"bom-ref": "46-jsonschema-specifications",
"name": "jsonschema-specifications",
"version": "2023.6.1",
"version": "2023.7.1",
"supplier": {
"name": "Julian Berman"
},
"cpe": "cpe:2.3:a:julian_berman:jsonschema-specifications:2023.6.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:jsonschema-specifications:2023.7.1:*:*:*:*:*:*:*",
"description": "The JSON Schema meta-schemas and vocabularies, exposed as a Registry",
"licenses": [
{
Expand All @@ -1507,22 +1507,22 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/jsonschema-specifications/2023.6.1",
"url": "https://pypi.org/project/jsonschema-specifications/2023.7.1",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/jsonschema-specifications@2023.6.1"
"purl": "pkg:pypi/jsonschema-specifications@2023.7.1"
},
{
"type": "library",
"bom-ref": "47-referencing",
"name": "referencing",
"version": "0.29.1",
"version": "0.30.0",
"supplier": {
"name": "Julian Berman"
},
"cpe": "cpe:2.3:a:julian_berman:referencing:0.29.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:referencing:0.30.0:*:*:*:*:*:*:*",
"description": "JSON Referencing + Python",
"licenses": [
{
Expand All @@ -1534,22 +1534,22 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/referencing/0.29.1",
"url": "https://pypi.org/project/referencing/0.30.0",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/referencing@0.29.1"
"purl": "pkg:pypi/referencing@0.30.0"
},
{
"type": "library",
"bom-ref": "48-rpds-py",
"name": "rpds-py",
"version": "0.8.10",
"version": "0.9.2",
"supplier": {
"name": "Julian Berman"
},
"cpe": "cpe:2.3:a:julian_berman:rpds-py:0.8.10:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:rpds-py:0.9.2:*:*:*:*:*:*:*",
"description": "Python bindings to Rust's persistent data structures (rpds)",
"licenses": [
{
Expand All @@ -1561,12 +1561,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/rpds-py/0.8.10",
"url": "https://pypi.org/project/rpds-py/0.9.2",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/rpds-py@0.8.10"
"purl": "pkg:pypi/rpds-py@0.9.2"
},
{
"type": "library",
Expand Down Expand Up @@ -1604,7 +1604,7 @@
"type": "library",
"bom-ref": "50-pyyaml",
"name": "pyyaml",
"version": "6.0",
"version": "6.0.1",
"supplier": {
"name": "Kirill Simonov",
"contact": [
Expand All @@ -1613,7 +1613,7 @@
}
]
},
"cpe": "cpe:2.3:a:kirill_simonov:pyyaml:6.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:kirill_simonov:pyyaml:6.0.1:*:*:*:*:*:*:*",
"description": "YAML parser and emitter for Python",
"licenses": [
{
Expand All @@ -1625,12 +1625,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/PyYAML/6.0",
"url": "https://pypi.org/project/PyYAML/6.0.1",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected]"
"purl": "pkg:pypi/[email protected].1"
},
{
"type": "library",
Expand Down Expand Up @@ -1781,7 +1781,7 @@
"type": "library",
"bom-ref": "55-python-gnupg",
"name": "python-gnupg",
"version": "0.5.0",
"version": "0.5.1",
"supplier": {
"name": "Vinay Sajip",
"contact": [
Expand All @@ -1790,7 +1790,7 @@
}
]
},
"cpe": "cpe:2.3:a:vinay_sajip:python-gnupg:0.5.0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:vinay_sajip:python-gnupg:0.5.1:*:*:*:*:*:*:*",
"description": "A wrapper for the Gnu Privacy Guard (GPG or GnuPG)",
"licenses": [
{
Expand All @@ -1802,12 +1802,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/python-gnupg/0.5.0",
"url": "https://pypi.org/project/python-gnupg/0.5.1",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/[email protected].0",
"purl": "pkg:pypi/[email protected].1",
"properties": [
{
"name": "License Comments",
Expand Down Expand Up @@ -1857,7 +1857,7 @@
"type": "library",
"bom-ref": "57-certifi",
"name": "certifi",
"version": "2023.5.7",
"version": "2023.7.22",
"supplier": {
"name": "Kenneth Reitz",
"contact": [
Expand All @@ -1866,7 +1866,7 @@
}
]
},
"cpe": "cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:kenneth_reitz:certifi:2023.7.22:*:*:*:*:*:*:*",
"description": "Python package for providing Mozilla's CA Bundle.",
"licenses": [
{
Expand All @@ -1878,12 +1878,12 @@
],
"externalReferences": [
{
"url": "https://pypi.org/project/certifi/2023.5.7",
"url": "https://pypi.org/project/certifi/2023.7.22",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/certifi@2023.5.7"
"purl": "pkg:pypi/certifi@2023.7.22"
},
{
"type": "library",
Expand Down
Loading

0 comments on commit 763b709

Please sign in to comment.