diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
index 1ec35b037b..7c1a55d311 100644
--- a/sbom/cve-bin-tool-py3.9.json
+++ b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:0a0bcda1-346d-4839-a756-ecfcabd5a9f1",
+ "serialNumber": "urn:uuid:be399f6a-789b-4487-93d6-0227dbf439e9",
"version": 1,
"metadata": {
- "timestamp": "2024-09-09T00:38:05Z",
+ "timestamp": "2024-09-16T00:40:06Z",
"lifecycles": [
{
"phase": "build"
@@ -66,7 +66,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -100,7 +100,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -149,7 +149,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -188,7 +188,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -222,7 +222,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -271,7 +271,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -305,7 +305,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
@@ -313,7 +313,7 @@
"type": "library",
"bom-ref": "8-multidict",
"name": "multidict",
- "version": "6.0.5",
+ "version": "6.1.0",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -322,14 +322,8 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.0.5:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*",
"description": "multidict implementation",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "a9b281b2ef4ab25d95d6b268aa88c428e75c3696"
- }
- ],
"licenses": [
{
"license": {
@@ -341,12 +335,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/multidict/6.0.5",
+ "url": "https://pypi.org/project/multidict/6.1.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/multidict@6.0.5",
+ "purl": "pkg:pypi/multidict@6.1.0",
"properties": [
{
"name": "language",
@@ -354,15 +348,49 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "9-yarl",
+ "bom-ref": "9-typing-extensions",
+ "name": "typing-extensions",
+ "version": "4.12.2",
+ "supplier": {
+ "name": "Guido van Jukka ukasz Michael",
+ "contact": [
+ {
+ "email": "levkivskyi@gmail.com"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*",
+ "description": "Backported and Experimental Type Hints for Python 3.8+",
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/typing-extensions/4.12.2",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/typing-extensions@4.12.2",
+ "properties": [
+ {
+ "name": "language",
+ "value": "Python"
+ },
+ {
+ "name": "python_version",
+ "value": "3.9.20"
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "10-yarl",
"name": "yarl",
- "version": "1.11.0",
+ "version": "1.11.1",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -371,7 +399,7 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.11.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.11.1:*:*:*:*:*:*:*",
"description": "Yet another URL library",
"licenses": [
{
@@ -384,12 +412,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/yarl/1.11.0",
+ "url": "https://pypi.org/project/yarl/1.11.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/yarl@1.11.0",
+ "purl": "pkg:pypi/yarl@1.11.1",
"properties": [
{
"name": "language",
@@ -397,15 +425,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "10-idna",
+ "bom-ref": "11-idna",
"name": "idna",
- "version": "3.8",
+ "version": "3.10",
"supplier": {
"name": "Kim Davies",
"contact": [
@@ -414,22 +442,16 @@
}
]
},
- "cpe": "cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*",
"description": "Internationalized Domain Names in Applications (IDNA)",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "784c6f45c162db9709588124f2f1def5b70615ff"
- }
- ],
"externalReferences": [
{
- "url": "https://pypi.org/project/idna/3.8",
+ "url": "https://pypi.org/project/idna/3.10",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/idna@3.8",
+ "purl": "pkg:pypi/idna@3.10",
"properties": [
{
"name": "language",
@@ -437,13 +459,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "11-beautifulsoup4",
+ "bom-ref": "12-beautifulsoup4",
"name": "beautifulsoup4",
"version": "4.12.3",
"supplier": {
@@ -480,13 +502,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "12-soupsieve",
+ "bom-ref": "13-soupsieve",
"name": "soupsieve",
"version": "2.6",
"supplier": {
@@ -514,13 +536,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "13-cvss",
+ "bom-ref": "14-cvss",
"name": "cvss",
"version": "3.2",
"supplier": {
@@ -557,13 +579,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "14-defusedxml",
+ "bom-ref": "15-defusedxml",
"name": "defusedxml",
"version": "0.7.1",
"supplier": {
@@ -606,13 +628,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "15-distro",
+ "bom-ref": "16-distro",
"name": "distro",
"version": "1.9.0",
"supplier": {
@@ -649,13 +671,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "16-filetype",
+ "bom-ref": "17-filetype",
"name": "filetype",
"version": "1.2.0",
"supplier": {
@@ -698,13 +720,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "17-gsutil",
+ "bom-ref": "18-gsutil",
"name": "gsutil",
"version": "5.30",
"supplier": {
@@ -741,13 +763,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "18-argcomplete",
+ "bom-ref": "19-argcomplete",
"name": "argcomplete",
"version": "3.5.0",
"supplier": {
@@ -784,13 +806,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "19-crcmod",
+ "bom-ref": "20-crcmod",
"name": "crcmod",
"version": "1.7",
"supplier": {
@@ -827,13 +849,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "20-fasteners",
+ "bom-ref": "21-fasteners",
"name": "fasteners",
"version": "0.19",
"supplier": {
@@ -871,13 +893,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "21-gcs-oauth2-boto-plugin",
+ "bom-ref": "22-gcs-oauth2-boto-plugin",
"name": "gcs-oauth2-boto-plugin",
"version": "3.2",
"supplier": {
@@ -920,13 +942,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "22-boto",
+ "bom-ref": "23-boto",
"name": "boto",
"version": "2.49.0",
"supplier": {
@@ -969,13 +991,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "23-google-auth",
+ "bom-ref": "24-google-auth",
"name": "google-auth",
"version": "2.17.0",
"supplier": {
@@ -1018,13 +1040,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "24-cachetools",
+ "bom-ref": "25-cachetools",
"name": "cachetools",
"version": "5.5.0",
"supplier": {
@@ -1061,15 +1083,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "25-pyasn1-modules",
+ "bom-ref": "26-pyasn1-modules",
"name": "pyasn1-modules",
- "version": "0.4.0",
+ "version": "0.4.1",
"supplier": {
"name": "Ilya Etingof",
"contact": [
@@ -1078,7 +1100,7 @@
}
]
},
- "cpe": "cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*",
"description": "A collection of ASN.1-based protocols modules",
"licenses": [
{
@@ -1091,12 +1113,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/pyasn1-modules/0.4.0",
+ "url": "https://pypi.org/project/pyasn1-modules/0.4.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyasn1-modules@0.4.0",
+ "purl": "pkg:pypi/pyasn1-modules@0.4.1",
"properties": [
{
"name": "language",
@@ -1104,15 +1126,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "26-pyasn1",
+ "bom-ref": "27-pyasn1",
"name": "pyasn1",
- "version": "0.6.0",
+ "version": "0.6.1",
"supplier": {
"name": "Ilya Etingof",
"contact": [
@@ -1121,7 +1143,7 @@
}
]
},
- "cpe": "cpe:2.3:a:ilya_etingof:pyasn1:0.6.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*",
"description": "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)",
"licenses": [
{
@@ -1134,12 +1156,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/pyasn1/0.6.0",
+ "url": "https://pypi.org/project/pyasn1/0.6.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyasn1@0.6.0",
+ "purl": "pkg:pypi/pyasn1@0.6.1",
"properties": [
{
"name": "language",
@@ -1147,13 +1169,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "27-rsa",
+ "bom-ref": "28-rsa",
"name": "rsa",
"version": "4.7.2",
"supplier": {
@@ -1196,13 +1218,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "28-six",
+ "bom-ref": "29-six",
"name": "six",
"version": "1.16.0",
"supplier": {
@@ -1245,13 +1267,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "29-google-auth-httplib2",
+ "bom-ref": "30-google-auth-httplib2",
"name": "google-auth-httplib2",
"version": "0.2.0",
"supplier": {
@@ -1293,13 +1315,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "30-httplib2",
+ "bom-ref": "31-httplib2",
"name": "httplib2",
"version": "0.20.4",
"supplier": {
@@ -1342,13 +1364,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "31-pyparsing",
+ "bom-ref": "32-pyparsing",
"name": "pyparsing",
"version": "3.1.4",
"supplier": {
@@ -1376,13 +1398,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "32-google-reauth",
+ "bom-ref": "33-google-reauth",
"name": "google-reauth",
"version": "0.1.1",
"supplier": {
@@ -1425,13 +1447,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "33-pyu2f",
+ "bom-ref": "34-pyu2f",
"name": "pyu2f",
"version": "0.1.5",
"supplier": {
@@ -1474,13 +1496,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "34-oauth2client",
+ "bom-ref": "35-oauth2client",
"name": "oauth2client",
"version": "4.1.3",
"supplier": {
@@ -1523,13 +1545,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "35-pyopenssl",
+ "bom-ref": "36-pyopenssl",
"name": "pyopenssl",
"version": "24.2.1",
"supplier": {
@@ -1566,13 +1588,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "36-cryptography",
+ "bom-ref": "37-cryptography",
"name": "cryptography",
"version": "43.0.1",
"supplier": {
@@ -1605,13 +1627,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "37-cffi",
+ "bom-ref": "38-cffi",
"name": "cffi",
"version": "1.17.1",
"supplier": {
@@ -1648,13 +1670,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "38-pycparser",
+ "bom-ref": "39-pycparser",
"name": "pycparser",
"version": "2.22",
"supplier": {
@@ -1697,13 +1719,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "39-retry-decorator",
+ "bom-ref": "40-retry-decorator",
"name": "retry-decorator",
"version": "1.1.1",
"supplier": {
@@ -1746,13 +1768,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "40-google-apitools",
+ "bom-ref": "41-google-apitools",
"name": "google-apitools",
"version": "0.5.32",
"supplier": {
@@ -1795,13 +1817,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "41-monotonic",
+ "bom-ref": "42-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
@@ -1844,15 +1866,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "42-importlib-metadata",
+ "bom-ref": "43-importlib-metadata",
"name": "importlib-metadata",
- "version": "8.4.0",
+ "version": "8.5.0",
"supplier": {
"name": "Jason R .",
"contact": [
@@ -1861,16 +1883,16 @@
}
]
},
- "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.4.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*",
"description": "Read metadata from Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/importlib-metadata/8.4.0",
+ "url": "https://pypi.org/project/importlib-metadata/8.5.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/importlib-metadata@8.4.0",
+ "purl": "pkg:pypi/importlib-metadata@8.5.0",
"properties": [
{
"name": "language",
@@ -1878,15 +1900,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "43-zipp",
+ "bom-ref": "44-zipp",
"name": "zipp",
- "version": "3.20.1",
+ "version": "3.20.2",
"supplier": {
"name": "Jason R .",
"contact": [
@@ -1895,16 +1917,16 @@
}
]
},
- "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:*",
"description": "Backport of pathlib-compatible object wrapper for zip files",
"externalReferences": [
{
- "url": "https://pypi.org/project/zipp/3.20.1",
+ "url": "https://pypi.org/project/zipp/3.20.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/zipp@3.20.1",
+ "purl": "pkg:pypi/zipp@3.20.2",
"properties": [
{
"name": "language",
@@ -1912,13 +1934,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "44-jinja2",
+ "bom-ref": "45-jinja2",
"name": "jinja2",
"version": "3.1.4",
"description": "A very fast and expressive template engine.",
@@ -1943,13 +1965,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "45-markupsafe",
+ "bom-ref": "46-markupsafe",
"name": "markupsafe",
"version": "2.1.5",
"description": "Safely add untrusted strings to HTML/XML markup.",
@@ -1983,13 +2005,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "46-jsonschema",
+ "bom-ref": "47-jsonschema",
"name": "jsonschema",
"version": "4.23.0",
"supplier": {
@@ -2021,13 +2043,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "47-jsonschema-specifications",
+ "bom-ref": "48-jsonschema-specifications",
"name": "jsonschema-specifications",
"version": "2023.12.1",
"supplier": {
@@ -2065,13 +2087,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "48-referencing",
+ "bom-ref": "49-referencing",
"name": "referencing",
"version": "0.35.1",
"supplier": {
@@ -2094,13 +2116,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "49-rpds-py",
+ "bom-ref": "50-rpds-py",
"name": "rpds-py",
"version": "0.20.0",
"supplier": {
@@ -2132,13 +2154,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "50-lib4sbom",
+ "bom-ref": "51-lib4sbom",
"name": "lib4sbom",
"version": "0.7.4",
"supplier": {
@@ -2175,13 +2197,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "51-pyyaml",
+ "bom-ref": "52-pyyaml",
"name": "pyyaml",
"version": "6.0.2",
"supplier": {
@@ -2218,13 +2240,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "52-semantic-version",
+ "bom-ref": "53-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
@@ -2267,13 +2289,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "53-lib4vex",
+ "bom-ref": "54-lib4vex",
"name": "lib4vex",
"version": "0.2.0",
"supplier": {
@@ -2310,13 +2332,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "54-csaf-tool",
+ "bom-ref": "55-csaf-tool",
"name": "csaf-tool",
"version": "0.3.2",
"supplier": {
@@ -2359,13 +2381,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "55-packageurl-python",
+ "bom-ref": "56-packageurl-python",
"name": "packageurl-python",
"version": "0.15.6",
"supplier": {
@@ -2403,15 +2425,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "56-rich",
+ "bom-ref": "57-rich",
"name": "rich",
- "version": "13.8.0",
+ "version": "13.8.1",
"supplier": {
"name": "Will McGugan",
"contact": [
@@ -2420,7 +2442,7 @@
}
]
},
- "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:*",
"description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal",
"licenses": [
{
@@ -2433,12 +2455,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/rich/13.8.0",
+ "url": "https://pypi.org/project/rich/13.8.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/rich@13.8.0",
+ "purl": "pkg:pypi/rich@13.8.1",
"properties": [
{
"name": "language",
@@ -2446,13 +2468,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "57-markdown-it-py",
+ "bom-ref": "58-markdown-it-py",
"name": "markdown-it-py",
"version": "3.0.0",
"supplier": {
@@ -2486,13 +2508,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "58-mdurl",
+ "bom-ref": "59-mdurl",
"name": "mdurl",
"version": "0.1.2",
"supplier": {
@@ -2526,13 +2548,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "59-pygments",
+ "bom-ref": "60-pygments",
"name": "pygments",
"version": "2.18.0",
"supplier": {
@@ -2575,13 +2597,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "60-packaging",
+ "bom-ref": "61-packaging",
"name": "packaging",
"version": "24.1",
"supplier": {
@@ -2609,15 +2631,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "61-plotly",
+ "bom-ref": "62-plotly",
"name": "plotly",
- "version": "5.24.0",
+ "version": "5.24.1",
"supplier": {
"name": "Chris P",
"contact": [
@@ -2626,7 +2648,7 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:5.24.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*",
"description": "An open-source, interactive data visualization library for Python",
"licenses": [
{
@@ -2639,12 +2661,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/plotly/5.24.0",
+ "url": "https://pypi.org/project/plotly/5.24.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/plotly@5.24.0",
+ "purl": "pkg:pypi/plotly@5.24.1",
"properties": [
{
"name": "language",
@@ -2652,13 +2674,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "62-tenacity",
+ "bom-ref": "63-tenacity",
"name": "tenacity",
"version": "9.0.0",
"supplier": {
@@ -2701,13 +2723,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "63-python-gnupg",
+ "bom-ref": "64-python-gnupg",
"name": "python-gnupg",
"version": "0.5.2",
"supplier": {
@@ -2750,13 +2772,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "64-requests",
+ "bom-ref": "65-requests",
"name": "requests",
"version": "2.32.3",
"supplier": {
@@ -2799,13 +2821,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "65-certifi",
+ "bom-ref": "66-certifi",
"name": "certifi",
"version": "2024.8.30",
"supplier": {
@@ -2842,13 +2864,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "66-charset-normalizer",
+ "bom-ref": "67-charset-normalizer",
"name": "charset-normalizer",
"version": "3.3.2",
"supplier": {
@@ -2891,15 +2913,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "67-urllib3",
+ "bom-ref": "68-urllib3",
"name": "urllib3",
- "version": "2.2.2",
+ "version": "2.2.3",
"supplier": {
"name": "Andrey Petrov",
"contact": [
@@ -2908,16 +2930,16 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*",
"description": "HTTP library with thread-safe connection pooling, file post, and more.",
"externalReferences": [
{
- "url": "https://pypi.org/project/urllib3/2.2.2",
+ "url": "https://pypi.org/project/urllib3/2.2.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/urllib3@2.2.2",
+ "purl": "pkg:pypi/urllib3@2.2.3",
"properties": [
{
"name": "language",
@@ -2925,13 +2947,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "68-rpmfile",
+ "bom-ref": "69-rpmfile",
"name": "rpmfile",
"version": "2.1.0",
"supplier": {
@@ -2974,15 +2996,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "69-setuptools",
+ "bom-ref": "70-setuptools",
"name": "setuptools",
- "version": "74.1.2",
+ "version": "75.0.0",
"supplier": {
"name": "Python Packaging Authority",
"contact": [
@@ -2991,16 +3013,16 @@
}
]
},
- "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:74.1.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.0.0:*:*:*:*:*:*:*",
"description": "Easily download, build, install, upgrade, and uninstall Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/setuptools/74.1.2",
+ "url": "https://pypi.org/project/setuptools/75.0.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/setuptools@74.1.2",
+ "purl": "pkg:pypi/setuptools@75.0.0",
"properties": [
{
"name": "language",
@@ -3008,13 +3030,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "70-toml",
+ "bom-ref": "71-toml",
"name": "toml",
"version": "0.10.2",
"supplier": {
@@ -3057,15 +3079,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "71-xmlschema",
+ "bom-ref": "72-xmlschema",
"name": "xmlschema",
- "version": "3.3.2",
+ "version": "3.4.1",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -3074,14 +3096,8 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.3.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.4.1:*:*:*:*:*:*:*",
"description": "An XML Schema validator and decoder",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "90a7233292cfe5d877110fe369869996a3a25928"
- }
- ],
"licenses": [
{
"license": {
@@ -3093,12 +3109,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/xmlschema/3.3.2",
+ "url": "https://pypi.org/project/xmlschema/3.4.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/xmlschema@3.3.2",
+ "purl": "pkg:pypi/xmlschema@3.4.1",
"properties": [
{
"name": "language",
@@ -3106,15 +3122,15 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "72-elementpath",
+ "bom-ref": "73-elementpath",
"name": "elementpath",
- "version": "4.4.0",
+ "version": "4.5.0",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -3123,14 +3139,8 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.4.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.5.0:*:*:*:*:*:*:*",
"description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "004fca18366974c34193176bd3a356f711330ca0"
- }
- ],
"licenses": [
{
"license": {
@@ -3142,12 +3152,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/elementpath/4.4.0",
+ "url": "https://pypi.org/project/elementpath/4.5.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/elementpath@4.4.0",
+ "purl": "pkg:pypi/elementpath@4.5.0",
"properties": [
{
"name": "language",
@@ -3155,13 +3165,13 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
},
{
"type": "library",
- "bom-ref": "73-zstandard",
+ "bom-ref": "74-zstandard",
"name": "zstandard",
"version": "0.23.0",
"supplier": {
@@ -3198,7 +3208,7 @@
},
{
"name": "python_version",
- "value": "3.9.19"
+ "value": "3.9.20"
}
]
}
@@ -3214,31 +3224,31 @@
"ref": "1-cve-bin-tool",
"dependsOn": [
"2-aiohttp",
- "11-beautifulsoup4",
- "13-cvss",
- "14-defusedxml",
- "15-distro",
- "16-filetype",
- "17-gsutil",
- "42-importlib-metadata",
- "44-jinja2",
- "46-jsonschema",
- "50-lib4sbom",
- "53-lib4vex",
- "55-packageurl-python",
- "60-packaging",
- "61-plotly",
- "63-python-gnupg",
- "51-pyyaml",
- "64-requests",
- "56-rich",
- "68-rpmfile",
- "69-setuptools",
- "70-toml",
- "67-urllib3",
- "71-xmlschema",
- "43-zipp",
- "73-zstandard"
+ "12-beautifulsoup4",
+ "14-cvss",
+ "15-defusedxml",
+ "16-distro",
+ "17-filetype",
+ "18-gsutil",
+ "43-importlib-metadata",
+ "45-jinja2",
+ "47-jsonschema",
+ "51-lib4sbom",
+ "54-lib4vex",
+ "56-packageurl-python",
+ "61-packaging",
+ "62-plotly",
+ "64-python-gnupg",
+ "52-pyyaml",
+ "65-requests",
+ "57-rich",
+ "69-rpmfile",
+ "70-setuptools",
+ "71-toml",
+ "68-urllib3",
+ "72-xmlschema",
+ "44-zipp",
+ "74-zstandard"
]
},
{
@@ -3250,7 +3260,7 @@
"7-attrs",
"5-frozenlist",
"8-multidict",
- "9-yarl"
+ "10-yarl"
]
},
{
@@ -3260,224 +3270,230 @@
]
},
{
- "ref": "9-yarl",
+ "ref": "8-multidict",
+ "dependsOn": [
+ "9-typing-extensions"
+ ]
+ },
+ {
+ "ref": "10-yarl",
"dependsOn": [
- "10-idna",
+ "11-idna",
"8-multidict"
]
},
{
- "ref": "11-beautifulsoup4",
+ "ref": "12-beautifulsoup4",
"dependsOn": [
- "12-soupsieve"
+ "13-soupsieve"
]
},
{
- "ref": "17-gsutil",
+ "ref": "18-gsutil",
"dependsOn": [
- "18-argcomplete",
- "19-crcmod",
- "20-fasteners",
- "21-gcs-oauth2-boto-plugin",
- "40-google-apitools",
- "23-google-auth",
- "29-google-auth-httplib2",
- "32-google-reauth",
- "30-httplib2",
- "41-monotonic",
- "35-pyopenssl",
- "39-retry-decorator",
- "28-six"
- ]
- },
- {
- "ref": "21-gcs-oauth2-boto-plugin",
+ "19-argcomplete",
+ "20-crcmod",
+ "21-fasteners",
+ "22-gcs-oauth2-boto-plugin",
+ "41-google-apitools",
+ "24-google-auth",
+ "30-google-auth-httplib2",
+ "33-google-reauth",
+ "31-httplib2",
+ "42-monotonic",
+ "36-pyopenssl",
+ "40-retry-decorator",
+ "29-six"
+ ]
+ },
+ {
+ "ref": "22-gcs-oauth2-boto-plugin",
"dependsOn": [
- "22-boto",
- "23-google-auth",
- "29-google-auth-httplib2",
- "32-google-reauth",
- "30-httplib2",
- "34-oauth2client",
- "35-pyopenssl",
- "39-retry-decorator",
- "27-rsa",
- "28-six"
+ "23-boto",
+ "24-google-auth",
+ "30-google-auth-httplib2",
+ "33-google-reauth",
+ "31-httplib2",
+ "35-oauth2client",
+ "36-pyopenssl",
+ "40-retry-decorator",
+ "28-rsa",
+ "29-six"
]
},
{
- "ref": "23-google-auth",
+ "ref": "24-google-auth",
"dependsOn": [
- "24-cachetools",
- "25-pyasn1-modules",
- "27-rsa",
- "28-six"
+ "25-cachetools",
+ "26-pyasn1-modules",
+ "28-rsa",
+ "29-six"
]
},
{
- "ref": "25-pyasn1-modules",
+ "ref": "26-pyasn1-modules",
"dependsOn": [
- "26-pyasn1"
+ "27-pyasn1"
]
},
{
- "ref": "27-rsa",
+ "ref": "28-rsa",
"dependsOn": [
- "26-pyasn1"
+ "27-pyasn1"
]
},
{
- "ref": "29-google-auth-httplib2",
+ "ref": "30-google-auth-httplib2",
"dependsOn": [
- "23-google-auth",
- "30-httplib2"
+ "24-google-auth",
+ "31-httplib2"
]
},
{
- "ref": "30-httplib2",
+ "ref": "31-httplib2",
"dependsOn": [
- "31-pyparsing"
+ "32-pyparsing"
]
},
{
- "ref": "32-google-reauth",
+ "ref": "33-google-reauth",
"dependsOn": [
- "33-pyu2f"
+ "34-pyu2f"
]
},
{
- "ref": "33-pyu2f",
+ "ref": "34-pyu2f",
"dependsOn": [
- "28-six"
+ "29-six"
]
},
{
- "ref": "34-oauth2client",
+ "ref": "35-oauth2client",
"dependsOn": [
- "30-httplib2",
- "26-pyasn1",
- "25-pyasn1-modules",
- "27-rsa",
- "28-six"
+ "31-httplib2",
+ "27-pyasn1",
+ "26-pyasn1-modules",
+ "28-rsa",
+ "29-six"
]
},
{
- "ref": "35-pyopenssl",
+ "ref": "36-pyopenssl",
"dependsOn": [
- "36-cryptography"
+ "37-cryptography"
]
},
{
- "ref": "36-cryptography",
+ "ref": "37-cryptography",
"dependsOn": [
- "37-cffi"
+ "38-cffi"
]
},
{
- "ref": "37-cffi",
+ "ref": "38-cffi",
"dependsOn": [
- "38-pycparser"
+ "39-pycparser"
]
},
{
- "ref": "40-google-apitools",
+ "ref": "41-google-apitools",
"dependsOn": [
- "20-fasteners",
- "30-httplib2",
- "34-oauth2client",
- "28-six"
+ "21-fasteners",
+ "31-httplib2",
+ "35-oauth2client",
+ "29-six"
]
},
{
- "ref": "42-importlib-metadata",
+ "ref": "43-importlib-metadata",
"dependsOn": [
- "43-zipp"
+ "44-zipp"
]
},
{
- "ref": "44-jinja2",
+ "ref": "45-jinja2",
"dependsOn": [
- "45-markupsafe"
+ "46-markupsafe"
]
},
{
- "ref": "46-jsonschema",
+ "ref": "47-jsonschema",
"dependsOn": [
"7-attrs",
- "47-jsonschema-specifications",
- "48-referencing",
- "49-rpds-py"
+ "48-jsonschema-specifications",
+ "49-referencing",
+ "50-rpds-py"
]
},
{
- "ref": "47-jsonschema-specifications",
+ "ref": "48-jsonschema-specifications",
"dependsOn": [
- "48-referencing"
+ "49-referencing"
]
},
{
- "ref": "48-referencing",
+ "ref": "49-referencing",
"dependsOn": [
"7-attrs",
- "49-rpds-py"
+ "50-rpds-py"
]
},
{
- "ref": "50-lib4sbom",
+ "ref": "51-lib4sbom",
"dependsOn": [
- "14-defusedxml",
- "51-pyyaml",
- "52-semantic-version"
+ "15-defusedxml",
+ "52-pyyaml",
+ "53-semantic-version"
]
},
{
- "ref": "53-lib4vex",
+ "ref": "54-lib4vex",
"dependsOn": [
- "54-csaf-tool",
- "50-lib4sbom",
- "55-packageurl-python"
+ "55-csaf-tool",
+ "51-lib4sbom",
+ "56-packageurl-python"
]
},
{
- "ref": "54-csaf-tool",
+ "ref": "55-csaf-tool",
"dependsOn": [
- "55-packageurl-python",
- "56-rich"
+ "56-packageurl-python",
+ "57-rich"
]
},
{
- "ref": "56-rich",
+ "ref": "57-rich",
"dependsOn": [
- "57-markdown-it-py",
- "59-pygments"
+ "58-markdown-it-py",
+ "60-pygments"
]
},
{
- "ref": "57-markdown-it-py",
+ "ref": "58-markdown-it-py",
"dependsOn": [
- "58-mdurl"
+ "59-mdurl"
]
},
{
- "ref": "61-plotly",
+ "ref": "62-plotly",
"dependsOn": [
- "60-packaging",
- "62-tenacity"
+ "61-packaging",
+ "63-tenacity"
]
},
{
- "ref": "64-requests",
+ "ref": "65-requests",
"dependsOn": [
- "65-certifi",
- "66-charset-normalizer",
- "10-idna",
- "67-urllib3"
+ "66-certifi",
+ "67-charset-normalizer",
+ "11-idna",
+ "68-urllib3"
]
},
{
- "ref": "71-xmlschema",
+ "ref": "72-xmlschema",
"dependsOn": [
- "72-elementpath"
+ "73-elementpath"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
index e22991478c..fe3dc60928 100644
--- a/sbom/cve-bin-tool-py3.9.spdx
+++ b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ff8dab3a-6076-4661-ade3-e48762928525
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-6ff17090-5ad7-41de-bcf2-1e195a0e48fa
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.11.1
-Created: 2024-09-09T00:36:57Z
+Created: 2024-09-16T00:38:46Z
CreatorComment: This document has been automatically generated.
#####
@@ -119,54 +119,67 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*
PackageName: multidict
SPDXID: SPDXRef-Package-8-multidict
-PackageVersion: 6.0.5
+PackageVersion: 6.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/multidict/6.0.5
+PackageDownloadLocation: https://pypi.org/project/multidict/6.1.0
FilesAnalyzed: false
-PackageChecksum: SHA1: a9b281b2ef4ab25d95d6b268aa88c428e75c3696
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: multidict declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: multidict implementation
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/multidict@6.0.5
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.0.5:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/multidict@6.1.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+#####
+
+PackageName: typing-extensions
+SPDXID: SPDXRef-Package-9-typing-extensions
+PackageVersion: 4.12.2
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
+PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.12.2
+FilesAnalyzed: false
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
+PackageCopyrightText: NOASSERTION
+PackageSummary: Backported and Experimental Type Hints for Python 3.8+
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/typing-extensions@4.12.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*
#####
PackageName: yarl
-SPDXID: SPDXRef-Package-9-yarl
-PackageVersion: 1.11.0
+SPDXID: SPDXRef-Package-10-yarl
+PackageVersion: 1.11.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/yarl/1.11.0
+PackageDownloadLocation: https://pypi.org/project/yarl/1.11.1
FilesAnalyzed: false
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Yet another URL library
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.11.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.11.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.11.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.11.1:*:*:*:*:*:*:*
#####
PackageName: idna
-SPDXID: SPDXRef-Package-10-idna
-PackageVersion: 3.8
+SPDXID: SPDXRef-Package-11-idna
+PackageVersion: 3.10
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kim Davies (kim+pypi@gumleaf.org)
-PackageDownloadLocation: https://pypi.org/project/idna/3.8
+PackageDownloadLocation: https://pypi.org/project/idna/3.10
FilesAnalyzed: false
-PackageChecksum: SHA1: 784c6f45c162db9709588124f2f1def5b70615ff
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Internationalized Domain Names in Applications (IDNA)
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.8
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.10
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
#####
PackageName: beautifulsoup4
-SPDXID: SPDXRef-Package-11-beautifulsoup4
+SPDXID: SPDXRef-Package-12-beautifulsoup4
PackageVersion: 4.12.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
@@ -182,7 +195,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12
#####
PackageName: soupsieve
-SPDXID: SPDXRef-Package-12-soupsieve
+SPDXID: SPDXRef-Package-13-soupsieve
PackageVersion: 2.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Isaac Muse (use@gmail.com)
@@ -197,7 +210,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
#####
PackageName: cvss
-SPDXID: SPDXRef-Package-13-cvss
+SPDXID: SPDXRef-Package-14-cvss
PackageVersion: 3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Stanislav Red Hat Product Security (skontar@redhat.com)
@@ -213,7 +226,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvs
#####
PackageName: defusedxml
-SPDXID: SPDXRef-Package-14-defusedxml
+SPDXID: SPDXRef-Package-15-defusedxml
PackageVersion: 0.7.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Christian Heimes (christian@python.org)
@@ -230,7 +243,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:
#####
PackageName: distro
-SPDXID: SPDXRef-Package-15-distro
+SPDXID: SPDXRef-Package-16-distro
PackageVersion: 1.9.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Nir Cohen (nir36g@gmail.com)
@@ -246,7 +259,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
#####
PackageName: filetype
-SPDXID: SPDXRef-Package-16-filetype
+SPDXID: SPDXRef-Package-17-filetype
PackageVersion: 1.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Tomas Aparicio (tomas@aparicio.me)
@@ -262,7 +275,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:
#####
PackageName: gsutil
-SPDXID: SPDXRef-Package-17-gsutil
+SPDXID: SPDXRef-Package-18-gsutil
PackageVersion: 5.30
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com)
@@ -278,7 +291,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.30:*:*:*:*:*:*:*
#####
PackageName: argcomplete
-SPDXID: SPDXRef-Package-18-argcomplete
+SPDXID: SPDXRef-Package-19-argcomplete
PackageVersion: 3.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com)
@@ -294,7 +307,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.0:*:*:*
#####
PackageName: crcmod
-SPDXID: SPDXRef-Package-19-crcmod
+SPDXID: SPDXRef-Package-20-crcmod
PackageVersion: 1.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ray Buvel (rlbuvel@gmail.com)
@@ -309,7 +322,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
#####
PackageName: fasteners
-SPDXID: SPDXRef-Package-20-fasteners
+SPDXID: SPDXRef-Package-21-fasteners
PackageVersion: 0.19
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joshua Harlow
@@ -325,7 +338,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*
#####
PackageName: gcs-oauth2-boto-plugin
-SPDXID: SPDXRef-Package-21-gcs-oauth2-boto-plugin
+SPDXID: SPDXRef-Package-22-gcs-oauth2-boto-plugin
PackageVersion: 3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (gs-team@google.com)
@@ -342,7 +355,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2
#####
PackageName: boto
-SPDXID: SPDXRef-Package-22-boto
+SPDXID: SPDXRef-Package-23-boto
PackageVersion: 2.49.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Mitch Garnaat (mitch@garnaat.com)
@@ -358,7 +371,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:
#####
PackageName: google-auth
-SPDXID: SPDXRef-Package-23-google-auth
+SPDXID: SPDXRef-Package-24-google-auth
PackageVersion: 2.17.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -375,7 +388,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17
#####
PackageName: cachetools
-SPDXID: SPDXRef-Package-24-cachetools
+SPDXID: SPDXRef-Package-25-cachetools
PackageVersion: 5.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
@@ -390,38 +403,38 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*
#####
PackageName: pyasn1-modules
-SPDXID: SPDXRef-Package-25-pyasn1-modules
-PackageVersion: 0.4.0
+SPDXID: SPDXRef-Package-26-pyasn1-modules
+PackageVersion: 0.4.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyasn1-modules/0.4.0
+PackageDownloadLocation: https://pypi.org/project/pyasn1-modules/0.4.1
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: BSD-3-Clause
PackageLicenseComments: pyasn1-modules declares BSD which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: A collection of ASN.1-based protocols modules
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1-modules@0.4.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1-modules@0.4.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
#####
PackageName: pyasn1
-SPDXID: SPDXRef-Package-26-pyasn1
-PackageVersion: 0.6.0
+SPDXID: SPDXRef-Package-27-pyasn1
+PackageVersion: 0.6.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyasn1/0.6.0
+PackageDownloadLocation: https://pypi.org/project/pyasn1/0.6.1
FilesAnalyzed: false
PackageLicenseDeclared: BSD-2-Clause
PackageLicenseConcluded: BSD-2-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1@0.6.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1@0.6.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
#####
PackageName: rsa
-SPDXID: SPDXRef-Package-27-rsa
+SPDXID: SPDXRef-Package-28-rsa
PackageVersion: 4.7.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Sybren A. Stuvel (sybren@stuvel.eu)
@@ -438,7 +451,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*
#####
PackageName: six
-SPDXID: SPDXRef-Package-28-six
+SPDXID: SPDXRef-Package-29-six
PackageVersion: 1.16.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Benjamin Peterson (benjamin@python.org)
@@ -454,7 +467,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*
#####
PackageName: google-auth-httplib2
-SPDXID: SPDXRef-Package-29-google-auth-httplib2
+SPDXID: SPDXRef-Package-30-google-auth-httplib2
PackageVersion: 0.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
@@ -470,7 +483,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth-http
#####
PackageName: httplib2
-SPDXID: SPDXRef-Package-30-httplib2
+SPDXID: SPDXRef-Package-31-httplib2
PackageVersion: 0.20.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joe Gregorio (joe@bitworking.org)
@@ -486,7 +499,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*
#####
PackageName: pyparsing
-SPDXID: SPDXRef-Package-31-pyparsing
+SPDXID: SPDXRef-Package-32-pyparsing
PackageVersion: 3.1.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com)
@@ -501,7 +514,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:*
#####
PackageName: google-reauth
-SPDXID: SPDXRef-Package-32-google-reauth
+SPDXID: SPDXRef-Package-33-google-reauth
PackageVersion: 0.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google (googleapis-publisher@google.com)
@@ -518,7 +531,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*
#####
PackageName: pyu2f
-SPDXID: SPDXRef-Package-33-pyu2f
+SPDXID: SPDXRef-Package-34-pyu2f
PackageVersion: 0.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (pyu2f-team@google.com)
@@ -535,7 +548,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
#####
PackageName: oauth2client
-SPDXID: SPDXRef-Package-34-oauth2client
+SPDXID: SPDXRef-Package-35-oauth2client
PackageVersion: 4.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (jonwayne+oauth2client@google.com)
@@ -552,7 +565,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*
#####
PackageName: pyopenssl
-SPDXID: SPDXRef-Package-35-pyopenssl
+SPDXID: SPDXRef-Package-36-pyopenssl
PackageVersion: 24.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org)
@@ -568,7 +581,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.
#####
PackageName: cryptography
-SPDXID: SPDXRef-Package-36-cryptography
+SPDXID: SPDXRef-Package-37-cryptography
PackageVersion: 43.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
@@ -583,7 +596,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python
#####
PackageName: cffi
-SPDXID: SPDXRef-Package-37-cffi
+SPDXID: SPDXRef-Package-38-cffi
PackageVersion: 1.17.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Armin Maciej Fijalkowski (python-cffi@googlegroups.com)
@@ -598,7 +611,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*
#####
PackageName: pycparser
-SPDXID: SPDXRef-Package-38-pycparser
+SPDXID: SPDXRef-Package-39-pycparser
PackageVersion: 2.22
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Eli Bendersky (eliben@gmail.com)
@@ -614,7 +627,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*
#####
PackageName: retry-decorator
-SPDXID: SPDXRef-Package-39-retry-decorator
+SPDXID: SPDXRef-Package-40-retry-decorator
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Patrick Ng (pn.appdev@gmail.com)
@@ -630,7 +643,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*
#####
PackageName: google-apitools
-SPDXID: SPDXRef-Package-40-google-apitools
+SPDXID: SPDXRef-Package-41-google-apitools
PackageVersion: 0.5.32
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Craig Citro (craigcitro@google.com)
@@ -647,7 +660,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
#####
PackageName: monotonic
-SPDXID: SPDXRef-Package-41-monotonic
+SPDXID: SPDXRef-Package-42-monotonic
PackageVersion: 1.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ori Livneh (ori@wikimedia.org)
@@ -664,37 +677,37 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
#####
PackageName: importlib-metadata
-SPDXID: SPDXRef-Package-42-importlib-metadata
-PackageVersion: 8.4.0
+SPDXID: SPDXRef-Package-43-importlib-metadata
+PackageVersion: 8.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.4.0
+PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.5.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Read metadata from Python packages
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/importlib-metadata@8.4.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.4.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/importlib-metadata@8.5.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*
#####
PackageName: zipp
-SPDXID: SPDXRef-Package-43-zipp
-PackageVersion: 3.20.1
+SPDXID: SPDXRef-Package-44-zipp
+PackageVersion: 3.20.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/zipp/3.20.1
+PackageDownloadLocation: https://pypi.org/project/zipp/3.20.2
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backport of pathlib-compatible object wrapper for zip files
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.20.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.20.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.20.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:*
#####
PackageName: jinja2
-SPDXID: SPDXRef-Package-44-jinja2
+SPDXID: SPDXRef-Package-45-jinja2
PackageVersion: 3.1.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
@@ -709,7 +722,7 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jinja2@3.1.4
#####
PackageName: markupsafe
-SPDXID: SPDXRef-Package-45-markupsafe
+SPDXID: SPDXRef-Package-46-markupsafe
PackageVersion: 2.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
@@ -724,7 +737,7 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markupsafe@2.1.5
#####
PackageName: jsonschema
-SPDXID: SPDXRef-Package-46-jsonschema
+SPDXID: SPDXRef-Package-47-jsonschema
PackageVersion: 4.23.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -739,7 +752,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:
#####
PackageName: jsonschema-specifications
-SPDXID: SPDXRef-Package-47-jsonschema-specifications
+SPDXID: SPDXRef-Package-48-jsonschema-specifications
PackageVersion: 2023.12.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -755,7 +768,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specification
#####
PackageName: referencing
-SPDXID: SPDXRef-Package-48-referencing
+SPDXID: SPDXRef-Package-49-referencing
PackageVersion: 0.35.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -770,7 +783,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*
#####
PackageName: rpds-py
-SPDXID: SPDXRef-Package-49-rpds-py
+SPDXID: SPDXRef-Package-50-rpds-py
PackageVersion: 0.20.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -785,7 +798,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.20.0:*:*:*:*:*
#####
PackageName: lib4sbom
-SPDXID: SPDXRef-Package-50-lib4sbom
+SPDXID: SPDXRef-Package-51-lib4sbom
PackageVersion: 0.7.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -800,7 +813,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.7.4:*:*:*:
#####
PackageName: pyyaml
-SPDXID: SPDXRef-Package-51-pyyaml
+SPDXID: SPDXRef-Package-52-pyyaml
PackageVersion: 6.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kirill Simonov (xi@resolvent.net)
@@ -815,7 +828,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:
#####
PackageName: semantic-version
-SPDXID: SPDXRef-Package-52-semantic-version
+SPDXID: SPDXRef-Package-53-semantic-version
PackageVersion: 2.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org)
@@ -832,7 +845,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
#####
PackageName: lib4vex
-SPDXID: SPDXRef-Package-53-lib4vex
+SPDXID: SPDXRef-Package-54-lib4vex
PackageVersion: 0.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -847,7 +860,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*
#####
PackageName: csaf-tool
-SPDXID: SPDXRef-Package-54-csaf-tool
+SPDXID: SPDXRef-Package-55-csaf-tool
PackageVersion: 0.3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -863,7 +876,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*
#####
PackageName: packageurl-python
-SPDXID: SPDXRef-Package-55-packageurl-python
+SPDXID: SPDXRef-Package-56-packageurl-python
PackageVersion: 0.15.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: the purl authors
@@ -879,22 +892,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.1
#####
PackageName: rich
-SPDXID: SPDXRef-Package-56-rich
-PackageVersion: 13.8.0
+SPDXID: SPDXRef-Package-57-rich
+PackageVersion: 13.8.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/rich/13.8.0
+PackageDownloadLocation: https://pypi.org/project/rich/13.8.1
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.8.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.8.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.8.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
-SPDXID: SPDXRef-Package-57-markdown-it-py
+SPDXID: SPDXRef-Package-58-markdown-it-py
PackageVersion: 3.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
@@ -910,7 +923,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:
#####
PackageName: mdurl
-SPDXID: SPDXRef-Package-58-mdurl
+SPDXID: SPDXRef-Package-59-mdurl
PackageVersion: 0.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com)
@@ -926,7 +939,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
#####
PackageName: pygments
-SPDXID: SPDXRef-Package-59-pygments
+SPDXID: SPDXRef-Package-60-pygments
PackageVersion: 2.18.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Georg Brandl (georg@python.org)
@@ -942,7 +955,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*
#####
PackageName: packaging
-SPDXID: SPDXRef-Package-60-packaging
+SPDXID: SPDXRef-Package-61-packaging
PackageVersion: 24.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Donald Stufft (donald@stufft.io)
@@ -957,22 +970,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.1:*:*:*:*:*
#####
PackageName: plotly
-SPDXID: SPDXRef-Package-61-plotly
-PackageVersion: 5.24.0
+SPDXID: SPDXRef-Package-62-plotly
+PackageVersion: 5.24.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/5.24.0
+PackageDownloadLocation: https://pypi.org/project/plotly/5.24.1
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source, interactive data visualization library for Python
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.24.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.24.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
#####
PackageName: tenacity
-SPDXID: SPDXRef-Package-62-tenacity
+SPDXID: SPDXRef-Package-63-tenacity
PackageVersion: 9.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julien Danjou (julien@danjou.info)
@@ -989,7 +1002,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*
#####
PackageName: python-gnupg
-SPDXID: SPDXRef-Package-63-python-gnupg
+SPDXID: SPDXRef-Package-64-python-gnupg
PackageVersion: 0.5.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
@@ -1006,7 +1019,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.2:*:*:*:*
#####
PackageName: requests
-SPDXID: SPDXRef-Package-64-requests
+SPDXID: SPDXRef-Package-65-requests
PackageVersion: 2.32.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -1022,7 +1035,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-Package-65-certifi
+SPDXID: SPDXRef-Package-66-certifi
PackageVersion: 2024.8.30
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -1037,7 +1050,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:
#####
PackageName: charset-normalizer
-SPDXID: SPDXRef-Package-66-charset-normalizer
+SPDXID: SPDXRef-Package-67-charset-normalizer
PackageVersion: 3.3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev)
@@ -1053,22 +1066,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:*
#####
PackageName: urllib3
-SPDXID: SPDXRef-Package-67-urllib3
-PackageVersion: 2.2.2
+SPDXID: SPDXRef-Package-68-urllib3
+PackageVersion: 2.2.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
-PackageDownloadLocation: https://pypi.org/project/urllib3/2.2.2
+PackageDownloadLocation: https://pypi.org/project/urllib3/2.2.3
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: HTTP library with thread-safe connection pooling, file post, and more.
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/urllib3@2.2.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/urllib3@2.2.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
#####
PackageName: rpmfile
-SPDXID: SPDXRef-Package-68-rpmfile
+SPDXID: SPDXRef-Package-69-rpmfile
PackageVersion: 2.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Sean Ross (srossross@gmail.com)
@@ -1084,22 +1097,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
#####
PackageName: setuptools
-SPDXID: SPDXRef-Package-69-setuptools
-PackageVersion: 74.1.2
+SPDXID: SPDXRef-Package-70-setuptools
+PackageVersion: 75.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Python Packaging Authority (distutils-sig@python.org)
-PackageDownloadLocation: https://pypi.org/project/setuptools/74.1.2
+PackageDownloadLocation: https://pypi.org/project/setuptools/75.0.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Easily download, build, install, upgrade, and uninstall Python packages
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@74.1.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:74.1.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.0.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.0.0:*:*:*:*:*:*:*
#####
PackageName: toml
-SPDXID: SPDXRef-Package-70-toml
+SPDXID: SPDXRef-Package-71-toml
PackageVersion: 0.10.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: William Pearson (uiri@xqz.ca)
@@ -1115,39 +1128,37 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
#####
PackageName: xmlschema
-SPDXID: SPDXRef-Package-71-xmlschema
-PackageVersion: 3.3.2
+SPDXID: SPDXRef-Package-72-xmlschema
+PackageVersion: 3.4.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/xmlschema/3.3.2
+PackageDownloadLocation: https://pypi.org/project/xmlschema/3.4.1
FilesAnalyzed: false
-PackageChecksum: SHA1: 90a7233292cfe5d877110fe369869996a3a25928
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An XML Schema validator and decoder
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.4.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.4.1:*:*:*:*:*:*:*
#####
PackageName: elementpath
-SPDXID: SPDXRef-Package-72-elementpath
-PackageVersion: 4.4.0
+SPDXID: SPDXRef-Package-73-elementpath
+PackageVersion: 4.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/elementpath/4.4.0
+PackageDownloadLocation: https://pypi.org/project/elementpath/4.5.0
FilesAnalyzed: false
-PackageChecksum: SHA1: 004fca18366974c34193176bd3a356f711330ca0
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/elementpath@4.4.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.4.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/elementpath@4.5.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.5.0:*:*:*:*:*:*:*
#####
PackageName: zstandard
-SPDXID: SPDXRef-Package-73-zstandard
+SPDXID: SPDXRef-Package-74-zstandard
PackageVersion: 0.23.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com)
@@ -1163,113 +1174,114 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*
#####
Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-Package-1-cve-bin-tool
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-11-beautifulsoup4
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-13-cvss
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-defusedxml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-distro
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-filetype
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-17-gsutil
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-12-beautifulsoup4
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-cvss
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-defusedxml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-distro
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-17-filetype
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-18-gsutil
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-2-aiohttp
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-42-importlib-metadata
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-zipp
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-jinja2
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-46-jsonschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-lib4sbom
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-pyyaml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-lib4vex
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-packageurl-python
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-rich
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-60-packaging
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-plotly
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-63-python-gnupg
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-requests
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-67-urllib3
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-rpmfile
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-69-setuptools
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-70-toml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-71-xmlschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-73-zstandard
-Relationship: SPDXRef-Package-11-beautifulsoup4 DEPENDS_ON SPDXRef-Package-12-soupsieve
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-18-argcomplete
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-19-crcmod
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-20-fasteners
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-21-gcs-oauth2-boto-plugin
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-23-google-auth
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-29-google-auth-httplib2
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-30-httplib2
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-32-google-reauth
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-35-pyopenssl
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-39-retry-decorator
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-40-google-apitools
-Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-41-monotonic
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-importlib-metadata
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-zipp
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-jinja2
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-47-jsonschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-lib4sbom
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-pyyaml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-54-lib4vex
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-packageurl-python
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-rich
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-packaging
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-plotly
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-python-gnupg
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-65-requests
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-urllib3
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-69-rpmfile
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-70-setuptools
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-71-toml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-72-xmlschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-74-zstandard
+Relationship: SPDXRef-Package-10-yarl DEPENDS_ON SPDXRef-Package-11-idna
+Relationship: SPDXRef-Package-10-yarl DEPENDS_ON SPDXRef-Package-8-multidict
+Relationship: SPDXRef-Package-12-beautifulsoup4 DEPENDS_ON SPDXRef-Package-13-soupsieve
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-19-argcomplete
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-20-crcmod
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-21-fasteners
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-22-gcs-oauth2-boto-plugin
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-24-google-auth
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-30-google-auth-httplib2
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-31-httplib2
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-33-google-reauth
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-36-pyopenssl
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-40-retry-decorator
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-41-google-apitools
+Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-42-monotonic
+Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-10-yarl
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-3-aiohappyeyeballs
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-4-aiosignal
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-5-frozenlist
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-6-async-timeout
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-7-attrs
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-8-multidict
-Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-9-yarl
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-22-boto
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-23-google-auth
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-27-rsa
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-29-google-auth-httplib2
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-httplib2
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-32-google-reauth
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-34-oauth2client
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-35-pyopenssl
-Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-39-retry-decorator
-Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-24-cachetools
-Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-25-pyasn1-modules
-Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-27-rsa
-Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-25-pyasn1-modules DEPENDS_ON SPDXRef-Package-26-pyasn1
-Relationship: SPDXRef-Package-27-rsa DEPENDS_ON SPDXRef-Package-26-pyasn1
-Relationship: SPDXRef-Package-29-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-23-google-auth
-Relationship: SPDXRef-Package-29-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-30-httplib2
-Relationship: SPDXRef-Package-30-httplib2 DEPENDS_ON SPDXRef-Package-31-pyparsing
-Relationship: SPDXRef-Package-32-google-reauth DEPENDS_ON SPDXRef-Package-33-pyu2f
-Relationship: SPDXRef-Package-33-pyu2f DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-25-pyasn1-modules
-Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-26-pyasn1
-Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-27-rsa
-Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-30-httplib2
-Relationship: SPDXRef-Package-35-pyopenssl DEPENDS_ON SPDXRef-Package-36-cryptography
-Relationship: SPDXRef-Package-36-cryptography DEPENDS_ON SPDXRef-Package-37-cffi
-Relationship: SPDXRef-Package-37-cffi DEPENDS_ON SPDXRef-Package-38-pycparser
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-23-boto
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-24-google-auth
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-28-rsa
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-google-auth-httplib2
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-31-httplib2
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-33-google-reauth
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-35-oauth2client
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-36-pyopenssl
+Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-40-retry-decorator
+Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-25-cachetools
+Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-26-pyasn1-modules
+Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-28-rsa
+Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-26-pyasn1-modules DEPENDS_ON SPDXRef-Package-27-pyasn1
+Relationship: SPDXRef-Package-28-rsa DEPENDS_ON SPDXRef-Package-27-pyasn1
+Relationship: SPDXRef-Package-30-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-24-google-auth
+Relationship: SPDXRef-Package-30-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-31-httplib2
+Relationship: SPDXRef-Package-31-httplib2 DEPENDS_ON SPDXRef-Package-32-pyparsing
+Relationship: SPDXRef-Package-33-google-reauth DEPENDS_ON SPDXRef-Package-34-pyu2f
+Relationship: SPDXRef-Package-34-pyu2f DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-26-pyasn1-modules
+Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-27-pyasn1
+Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-28-rsa
+Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-31-httplib2
+Relationship: SPDXRef-Package-36-pyopenssl DEPENDS_ON SPDXRef-Package-37-cryptography
+Relationship: SPDXRef-Package-37-cryptography DEPENDS_ON SPDXRef-Package-38-cffi
+Relationship: SPDXRef-Package-38-cffi DEPENDS_ON SPDXRef-Package-39-pycparser
Relationship: SPDXRef-Package-4-aiosignal DEPENDS_ON SPDXRef-Package-5-frozenlist
-Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-20-fasteners
-Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-28-six
-Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-30-httplib2
-Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-34-oauth2client
-Relationship: SPDXRef-Package-42-importlib-metadata DEPENDS_ON SPDXRef-Package-43-zipp
-Relationship: SPDXRef-Package-44-jinja2 DEPENDS_ON SPDXRef-Package-45-markupsafe
-Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-47-jsonschema-specifications
-Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-48-referencing
-Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-49-rpds-py
-Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-7-attrs
-Relationship: SPDXRef-Package-47-jsonschema-specifications DEPENDS_ON SPDXRef-Package-48-referencing
-Relationship: SPDXRef-Package-48-referencing DEPENDS_ON SPDXRef-Package-49-rpds-py
-Relationship: SPDXRef-Package-48-referencing DEPENDS_ON SPDXRef-Package-7-attrs
-Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-14-defusedxml
-Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-51-pyyaml
-Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-52-semantic-version
-Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-50-lib4sbom
-Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-54-csaf-tool
-Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-55-packageurl-python
-Relationship: SPDXRef-Package-54-csaf-tool DEPENDS_ON SPDXRef-Package-55-packageurl-python
-Relationship: SPDXRef-Package-54-csaf-tool DEPENDS_ON SPDXRef-Package-56-rich
-Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-57-markdown-it-py
-Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-59-pygments
-Relationship: SPDXRef-Package-57-markdown-it-py DEPENDS_ON SPDXRef-Package-58-mdurl
-Relationship: SPDXRef-Package-61-plotly DEPENDS_ON SPDXRef-Package-60-packaging
-Relationship: SPDXRef-Package-61-plotly DEPENDS_ON SPDXRef-Package-62-tenacity
-Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-10-idna
-Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-65-certifi
-Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-66-charset-normalizer
-Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-67-urllib3
-Relationship: SPDXRef-Package-71-xmlschema DEPENDS_ON SPDXRef-Package-72-elementpath
-Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-10-idna
-Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-8-multidict
+Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-21-fasteners
+Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-29-six
+Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-31-httplib2
+Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-35-oauth2client
+Relationship: SPDXRef-Package-43-importlib-metadata DEPENDS_ON SPDXRef-Package-44-zipp
+Relationship: SPDXRef-Package-45-jinja2 DEPENDS_ON SPDXRef-Package-46-markupsafe
+Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-48-jsonschema-specifications
+Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-49-referencing
+Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-50-rpds-py
+Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-7-attrs
+Relationship: SPDXRef-Package-48-jsonschema-specifications DEPENDS_ON SPDXRef-Package-49-referencing
+Relationship: SPDXRef-Package-49-referencing DEPENDS_ON SPDXRef-Package-50-rpds-py
+Relationship: SPDXRef-Package-49-referencing DEPENDS_ON SPDXRef-Package-7-attrs
+Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-15-defusedxml
+Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-52-pyyaml
+Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-53-semantic-version
+Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-51-lib4sbom
+Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-55-csaf-tool
+Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-56-packageurl-python
+Relationship: SPDXRef-Package-55-csaf-tool DEPENDS_ON SPDXRef-Package-56-packageurl-python
+Relationship: SPDXRef-Package-55-csaf-tool DEPENDS_ON SPDXRef-Package-57-rich
+Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-58-markdown-it-py
+Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-60-pygments
+Relationship: SPDXRef-Package-58-markdown-it-py DEPENDS_ON SPDXRef-Package-59-mdurl
+Relationship: SPDXRef-Package-62-plotly DEPENDS_ON SPDXRef-Package-61-packaging
+Relationship: SPDXRef-Package-62-plotly DEPENDS_ON SPDXRef-Package-63-tenacity
+Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-11-idna
+Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-66-certifi
+Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-67-charset-normalizer
+Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-68-urllib3
+Relationship: SPDXRef-Package-72-xmlschema DEPENDS_ON SPDXRef-Package-73-elementpath
+Relationship: SPDXRef-Package-8-multidict DEPENDS_ON SPDXRef-Package-9-typing-extensions