From b6cbed09ee6a4f0b5dcc8ba9210137e08c32f475 Mon Sep 17 00:00:00 2001 From: GitHub Date: Mon, 16 Sep 2024 00:40:08 +0000 Subject: [PATCH] chore: update SBOM for Python 3.9 --- sbom/cve-bin-tool-py3.9.json | 710 ++++++++++++++++++----------------- sbom/cve-bin-tool-py3.9.spdx | 462 ++++++++++++----------- 2 files changed, 600 insertions(+), 572 deletions(-) diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json index 1ec35b037b..7c1a55d311 100644 --- a/sbom/cve-bin-tool-py3.9.json +++ b/sbom/cve-bin-tool-py3.9.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", - "serialNumber": "urn:uuid:0a0bcda1-346d-4839-a756-ecfcabd5a9f1", + "serialNumber": "urn:uuid:be399f6a-789b-4487-93d6-0227dbf439e9", "version": 1, "metadata": { - "timestamp": "2024-09-09T00:38:05Z", + "timestamp": "2024-09-16T00:40:06Z", "lifecycles": [ { "phase": "build" @@ -66,7 +66,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -100,7 +100,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -149,7 +149,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -188,7 +188,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -222,7 +222,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -271,7 +271,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -305,7 +305,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, @@ -313,7 +313,7 @@ "type": "library", "bom-ref": "8-multidict", "name": "multidict", - "version": "6.0.5", + "version": "6.1.0", "supplier": { "name": "Andrew Svetlov", "contact": [ @@ -322,14 +322,8 @@ } ] }, - "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.0.5:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*", "description": "multidict implementation", - "hashes": [ - { - "alg": "SHA-1", - "content": "a9b281b2ef4ab25d95d6b268aa88c428e75c3696" - } - ], "licenses": [ { "license": { @@ -341,12 +335,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/multidict/6.0.5", + "url": "https://pypi.org/project/multidict/6.1.0", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/multidict@6.0.5", + "purl": "pkg:pypi/multidict@6.1.0", "properties": [ { "name": "language", @@ -354,15 +348,49 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "9-yarl", + "bom-ref": "9-typing-extensions", + "name": "typing-extensions", + "version": "4.12.2", + "supplier": { + "name": "Guido van Jukka ukasz Michael", + "contact": [ + { + "email": "levkivskyi@gmail.com" + } + ] + }, + "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*", + "description": "Backported and Experimental Type Hints for Python 3.8+", + "externalReferences": [ + { + "url": "https://pypi.org/project/typing-extensions/4.12.2", + "type": "distribution", + "comment": "Download location for component" + } + ], + "purl": "pkg:pypi/typing-extensions@4.12.2", + "properties": [ + { + "name": "language", + "value": "Python" + }, + { + "name": "python_version", + "value": "3.9.20" + } + ] + }, + { + "type": "library", + "bom-ref": "10-yarl", "name": "yarl", - "version": "1.11.0", + "version": "1.11.1", "supplier": { "name": "Andrew Svetlov", "contact": [ @@ -371,7 +399,7 @@ } ] }, - "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.11.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.11.1:*:*:*:*:*:*:*", "description": "Yet another URL library", "licenses": [ { @@ -384,12 +412,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/yarl/1.11.0", + "url": "https://pypi.org/project/yarl/1.11.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/yarl@1.11.0", + "purl": "pkg:pypi/yarl@1.11.1", "properties": [ { "name": "language", @@ -397,15 +425,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "10-idna", + "bom-ref": "11-idna", "name": "idna", - "version": "3.8", + "version": "3.10", "supplier": { "name": "Kim Davies", "contact": [ @@ -414,22 +442,16 @@ } ] }, - "cpe": "cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*", "description": "Internationalized Domain Names in Applications (IDNA)", - "hashes": [ - { - "alg": "SHA-1", - "content": "784c6f45c162db9709588124f2f1def5b70615ff" - } - ], "externalReferences": [ { - "url": "https://pypi.org/project/idna/3.8", + "url": "https://pypi.org/project/idna/3.10", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/idna@3.8", + "purl": "pkg:pypi/idna@3.10", "properties": [ { "name": "language", @@ -437,13 +459,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "11-beautifulsoup4", + "bom-ref": "12-beautifulsoup4", "name": "beautifulsoup4", "version": "4.12.3", "supplier": { @@ -480,13 +502,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "12-soupsieve", + "bom-ref": "13-soupsieve", "name": "soupsieve", "version": "2.6", "supplier": { @@ -514,13 +536,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "13-cvss", + "bom-ref": "14-cvss", "name": "cvss", "version": "3.2", "supplier": { @@ -557,13 +579,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "14-defusedxml", + "bom-ref": "15-defusedxml", "name": "defusedxml", "version": "0.7.1", "supplier": { @@ -606,13 +628,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "15-distro", + "bom-ref": "16-distro", "name": "distro", "version": "1.9.0", "supplier": { @@ -649,13 +671,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "16-filetype", + "bom-ref": "17-filetype", "name": "filetype", "version": "1.2.0", "supplier": { @@ -698,13 +720,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "17-gsutil", + "bom-ref": "18-gsutil", "name": "gsutil", "version": "5.30", "supplier": { @@ -741,13 +763,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "18-argcomplete", + "bom-ref": "19-argcomplete", "name": "argcomplete", "version": "3.5.0", "supplier": { @@ -784,13 +806,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "19-crcmod", + "bom-ref": "20-crcmod", "name": "crcmod", "version": "1.7", "supplier": { @@ -827,13 +849,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "20-fasteners", + "bom-ref": "21-fasteners", "name": "fasteners", "version": "0.19", "supplier": { @@ -871,13 +893,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "21-gcs-oauth2-boto-plugin", + "bom-ref": "22-gcs-oauth2-boto-plugin", "name": "gcs-oauth2-boto-plugin", "version": "3.2", "supplier": { @@ -920,13 +942,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "22-boto", + "bom-ref": "23-boto", "name": "boto", "version": "2.49.0", "supplier": { @@ -969,13 +991,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "23-google-auth", + "bom-ref": "24-google-auth", "name": "google-auth", "version": "2.17.0", "supplier": { @@ -1018,13 +1040,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "24-cachetools", + "bom-ref": "25-cachetools", "name": "cachetools", "version": "5.5.0", "supplier": { @@ -1061,15 +1083,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "25-pyasn1-modules", + "bom-ref": "26-pyasn1-modules", "name": "pyasn1-modules", - "version": "0.4.0", + "version": "0.4.1", "supplier": { "name": "Ilya Etingof", "contact": [ @@ -1078,7 +1100,7 @@ } ] }, - "cpe": "cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*", "description": "A collection of ASN.1-based protocols modules", "licenses": [ { @@ -1091,12 +1113,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/pyasn1-modules/0.4.0", + "url": "https://pypi.org/project/pyasn1-modules/0.4.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/pyasn1-modules@0.4.0", + "purl": "pkg:pypi/pyasn1-modules@0.4.1", "properties": [ { "name": "language", @@ -1104,15 +1126,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "26-pyasn1", + "bom-ref": "27-pyasn1", "name": "pyasn1", - "version": "0.6.0", + "version": "0.6.1", "supplier": { "name": "Ilya Etingof", "contact": [ @@ -1121,7 +1143,7 @@ } ] }, - "cpe": "cpe:2.3:a:ilya_etingof:pyasn1:0.6.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*", "description": "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)", "licenses": [ { @@ -1134,12 +1156,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/pyasn1/0.6.0", + "url": "https://pypi.org/project/pyasn1/0.6.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/pyasn1@0.6.0", + "purl": "pkg:pypi/pyasn1@0.6.1", "properties": [ { "name": "language", @@ -1147,13 +1169,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "27-rsa", + "bom-ref": "28-rsa", "name": "rsa", "version": "4.7.2", "supplier": { @@ -1196,13 +1218,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "28-six", + "bom-ref": "29-six", "name": "six", "version": "1.16.0", "supplier": { @@ -1245,13 +1267,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "29-google-auth-httplib2", + "bom-ref": "30-google-auth-httplib2", "name": "google-auth-httplib2", "version": "0.2.0", "supplier": { @@ -1293,13 +1315,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "30-httplib2", + "bom-ref": "31-httplib2", "name": "httplib2", "version": "0.20.4", "supplier": { @@ -1342,13 +1364,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "31-pyparsing", + "bom-ref": "32-pyparsing", "name": "pyparsing", "version": "3.1.4", "supplier": { @@ -1376,13 +1398,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "32-google-reauth", + "bom-ref": "33-google-reauth", "name": "google-reauth", "version": "0.1.1", "supplier": { @@ -1425,13 +1447,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "33-pyu2f", + "bom-ref": "34-pyu2f", "name": "pyu2f", "version": "0.1.5", "supplier": { @@ -1474,13 +1496,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "34-oauth2client", + "bom-ref": "35-oauth2client", "name": "oauth2client", "version": "4.1.3", "supplier": { @@ -1523,13 +1545,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "35-pyopenssl", + "bom-ref": "36-pyopenssl", "name": "pyopenssl", "version": "24.2.1", "supplier": { @@ -1566,13 +1588,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "36-cryptography", + "bom-ref": "37-cryptography", "name": "cryptography", "version": "43.0.1", "supplier": { @@ -1605,13 +1627,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "37-cffi", + "bom-ref": "38-cffi", "name": "cffi", "version": "1.17.1", "supplier": { @@ -1648,13 +1670,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "38-pycparser", + "bom-ref": "39-pycparser", "name": "pycparser", "version": "2.22", "supplier": { @@ -1697,13 +1719,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "39-retry-decorator", + "bom-ref": "40-retry-decorator", "name": "retry-decorator", "version": "1.1.1", "supplier": { @@ -1746,13 +1768,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "40-google-apitools", + "bom-ref": "41-google-apitools", "name": "google-apitools", "version": "0.5.32", "supplier": { @@ -1795,13 +1817,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "41-monotonic", + "bom-ref": "42-monotonic", "name": "monotonic", "version": "1.6", "supplier": { @@ -1844,15 +1866,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "42-importlib-metadata", + "bom-ref": "43-importlib-metadata", "name": "importlib-metadata", - "version": "8.4.0", + "version": "8.5.0", "supplier": { "name": "Jason R .", "contact": [ @@ -1861,16 +1883,16 @@ } ] }, - "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.4.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*", "description": "Read metadata from Python packages", "externalReferences": [ { - "url": "https://pypi.org/project/importlib-metadata/8.4.0", + "url": "https://pypi.org/project/importlib-metadata/8.5.0", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/importlib-metadata@8.4.0", + "purl": "pkg:pypi/importlib-metadata@8.5.0", "properties": [ { "name": "language", @@ -1878,15 +1900,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "43-zipp", + "bom-ref": "44-zipp", "name": "zipp", - "version": "3.20.1", + "version": "3.20.2", "supplier": { "name": "Jason R .", "contact": [ @@ -1895,16 +1917,16 @@ } ] }, - "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.1:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:*", "description": "Backport of pathlib-compatible object wrapper for zip files", "externalReferences": [ { - "url": "https://pypi.org/project/zipp/3.20.1", + "url": "https://pypi.org/project/zipp/3.20.2", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/zipp@3.20.1", + "purl": "pkg:pypi/zipp@3.20.2", "properties": [ { "name": "language", @@ -1912,13 +1934,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "44-jinja2", + "bom-ref": "45-jinja2", "name": "jinja2", "version": "3.1.4", "description": "A very fast and expressive template engine.", @@ -1943,13 +1965,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "45-markupsafe", + "bom-ref": "46-markupsafe", "name": "markupsafe", "version": "2.1.5", "description": "Safely add untrusted strings to HTML/XML markup.", @@ -1983,13 +2005,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "46-jsonschema", + "bom-ref": "47-jsonschema", "name": "jsonschema", "version": "4.23.0", "supplier": { @@ -2021,13 +2043,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "47-jsonschema-specifications", + "bom-ref": "48-jsonschema-specifications", "name": "jsonschema-specifications", "version": "2023.12.1", "supplier": { @@ -2065,13 +2087,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "48-referencing", + "bom-ref": "49-referencing", "name": "referencing", "version": "0.35.1", "supplier": { @@ -2094,13 +2116,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "49-rpds-py", + "bom-ref": "50-rpds-py", "name": "rpds-py", "version": "0.20.0", "supplier": { @@ -2132,13 +2154,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "50-lib4sbom", + "bom-ref": "51-lib4sbom", "name": "lib4sbom", "version": "0.7.4", "supplier": { @@ -2175,13 +2197,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "51-pyyaml", + "bom-ref": "52-pyyaml", "name": "pyyaml", "version": "6.0.2", "supplier": { @@ -2218,13 +2240,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "52-semantic-version", + "bom-ref": "53-semantic-version", "name": "semantic-version", "version": "2.10.0", "supplier": { @@ -2267,13 +2289,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "53-lib4vex", + "bom-ref": "54-lib4vex", "name": "lib4vex", "version": "0.2.0", "supplier": { @@ -2310,13 +2332,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "54-csaf-tool", + "bom-ref": "55-csaf-tool", "name": "csaf-tool", "version": "0.3.2", "supplier": { @@ -2359,13 +2381,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "55-packageurl-python", + "bom-ref": "56-packageurl-python", "name": "packageurl-python", "version": "0.15.6", "supplier": { @@ -2403,15 +2425,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "56-rich", + "bom-ref": "57-rich", "name": "rich", - "version": "13.8.0", + "version": "13.8.1", "supplier": { "name": "Will McGugan", "contact": [ @@ -2420,7 +2442,7 @@ } ] }, - "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:*", "description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal", "licenses": [ { @@ -2433,12 +2455,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/rich/13.8.0", + "url": "https://pypi.org/project/rich/13.8.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/rich@13.8.0", + "purl": "pkg:pypi/rich@13.8.1", "properties": [ { "name": "language", @@ -2446,13 +2468,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "57-markdown-it-py", + "bom-ref": "58-markdown-it-py", "name": "markdown-it-py", "version": "3.0.0", "supplier": { @@ -2486,13 +2508,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "58-mdurl", + "bom-ref": "59-mdurl", "name": "mdurl", "version": "0.1.2", "supplier": { @@ -2526,13 +2548,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "59-pygments", + "bom-ref": "60-pygments", "name": "pygments", "version": "2.18.0", "supplier": { @@ -2575,13 +2597,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "60-packaging", + "bom-ref": "61-packaging", "name": "packaging", "version": "24.1", "supplier": { @@ -2609,15 +2631,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "61-plotly", + "bom-ref": "62-plotly", "name": "plotly", - "version": "5.24.0", + "version": "5.24.1", "supplier": { "name": "Chris P", "contact": [ @@ -2626,7 +2648,7 @@ } ] }, - "cpe": "cpe:2.3:a:chris_p:plotly:5.24.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*", "description": "An open-source, interactive data visualization library for Python", "licenses": [ { @@ -2639,12 +2661,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/plotly/5.24.0", + "url": "https://pypi.org/project/plotly/5.24.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/plotly@5.24.0", + "purl": "pkg:pypi/plotly@5.24.1", "properties": [ { "name": "language", @@ -2652,13 +2674,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "62-tenacity", + "bom-ref": "63-tenacity", "name": "tenacity", "version": "9.0.0", "supplier": { @@ -2701,13 +2723,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "63-python-gnupg", + "bom-ref": "64-python-gnupg", "name": "python-gnupg", "version": "0.5.2", "supplier": { @@ -2750,13 +2772,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "64-requests", + "bom-ref": "65-requests", "name": "requests", "version": "2.32.3", "supplier": { @@ -2799,13 +2821,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "65-certifi", + "bom-ref": "66-certifi", "name": "certifi", "version": "2024.8.30", "supplier": { @@ -2842,13 +2864,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "66-charset-normalizer", + "bom-ref": "67-charset-normalizer", "name": "charset-normalizer", "version": "3.3.2", "supplier": { @@ -2891,15 +2913,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "67-urllib3", + "bom-ref": "68-urllib3", "name": "urllib3", - "version": "2.2.2", + "version": "2.2.3", "supplier": { "name": "Andrey Petrov", "contact": [ @@ -2908,16 +2930,16 @@ } ] }, - "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.2:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*", "description": "HTTP library with thread-safe connection pooling, file post, and more.", "externalReferences": [ { - "url": "https://pypi.org/project/urllib3/2.2.2", + "url": "https://pypi.org/project/urllib3/2.2.3", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/urllib3@2.2.2", + "purl": "pkg:pypi/urllib3@2.2.3", "properties": [ { "name": "language", @@ -2925,13 +2947,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "68-rpmfile", + "bom-ref": "69-rpmfile", "name": "rpmfile", "version": "2.1.0", "supplier": { @@ -2974,15 +2996,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "69-setuptools", + "bom-ref": "70-setuptools", "name": "setuptools", - "version": "74.1.2", + "version": "75.0.0", "supplier": { "name": "Python Packaging Authority", "contact": [ @@ -2991,16 +3013,16 @@ } ] }, - "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:74.1.2:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.0.0:*:*:*:*:*:*:*", "description": "Easily download, build, install, upgrade, and uninstall Python packages", "externalReferences": [ { - "url": "https://pypi.org/project/setuptools/74.1.2", + "url": "https://pypi.org/project/setuptools/75.0.0", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/setuptools@74.1.2", + "purl": "pkg:pypi/setuptools@75.0.0", "properties": [ { "name": "language", @@ -3008,13 +3030,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "70-toml", + "bom-ref": "71-toml", "name": "toml", "version": "0.10.2", "supplier": { @@ -3057,15 +3079,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "71-xmlschema", + "bom-ref": "72-xmlschema", "name": "xmlschema", - "version": "3.3.2", + "version": "3.4.1", "supplier": { "name": "Davide Brunato", "contact": [ @@ -3074,14 +3096,8 @@ } ] }, - "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.3.2:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.4.1:*:*:*:*:*:*:*", "description": "An XML Schema validator and decoder", - "hashes": [ - { - "alg": "SHA-1", - "content": "90a7233292cfe5d877110fe369869996a3a25928" - } - ], "licenses": [ { "license": { @@ -3093,12 +3109,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/xmlschema/3.3.2", + "url": "https://pypi.org/project/xmlschema/3.4.1", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/xmlschema@3.3.2", + "purl": "pkg:pypi/xmlschema@3.4.1", "properties": [ { "name": "language", @@ -3106,15 +3122,15 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "72-elementpath", + "bom-ref": "73-elementpath", "name": "elementpath", - "version": "4.4.0", + "version": "4.5.0", "supplier": { "name": "Davide Brunato", "contact": [ @@ -3123,14 +3139,8 @@ } ] }, - "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.4.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.5.0:*:*:*:*:*:*:*", "description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml", - "hashes": [ - { - "alg": "SHA-1", - "content": "004fca18366974c34193176bd3a356f711330ca0" - } - ], "licenses": [ { "license": { @@ -3142,12 +3152,12 @@ ], "externalReferences": [ { - "url": "https://pypi.org/project/elementpath/4.4.0", + "url": "https://pypi.org/project/elementpath/4.5.0", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/elementpath@4.4.0", + "purl": "pkg:pypi/elementpath@4.5.0", "properties": [ { "name": "language", @@ -3155,13 +3165,13 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] }, { "type": "library", - "bom-ref": "73-zstandard", + "bom-ref": "74-zstandard", "name": "zstandard", "version": "0.23.0", "supplier": { @@ -3198,7 +3208,7 @@ }, { "name": "python_version", - "value": "3.9.19" + "value": "3.9.20" } ] } @@ -3214,31 +3224,31 @@ "ref": "1-cve-bin-tool", "dependsOn": [ "2-aiohttp", - "11-beautifulsoup4", - "13-cvss", - "14-defusedxml", - "15-distro", - "16-filetype", - "17-gsutil", - "42-importlib-metadata", - "44-jinja2", - "46-jsonschema", - "50-lib4sbom", - "53-lib4vex", - "55-packageurl-python", - "60-packaging", - "61-plotly", - "63-python-gnupg", - "51-pyyaml", - "64-requests", - "56-rich", - "68-rpmfile", - "69-setuptools", - "70-toml", - "67-urllib3", - "71-xmlschema", - "43-zipp", - "73-zstandard" + "12-beautifulsoup4", + "14-cvss", + "15-defusedxml", + "16-distro", + "17-filetype", + "18-gsutil", + "43-importlib-metadata", + "45-jinja2", + "47-jsonschema", + "51-lib4sbom", + "54-lib4vex", + "56-packageurl-python", + "61-packaging", + "62-plotly", + "64-python-gnupg", + "52-pyyaml", + "65-requests", + "57-rich", + "69-rpmfile", + "70-setuptools", + "71-toml", + "68-urllib3", + "72-xmlschema", + "44-zipp", + "74-zstandard" ] }, { @@ -3250,7 +3260,7 @@ "7-attrs", "5-frozenlist", "8-multidict", - "9-yarl" + "10-yarl" ] }, { @@ -3260,224 +3270,230 @@ ] }, { - "ref": "9-yarl", + "ref": "8-multidict", + "dependsOn": [ + "9-typing-extensions" + ] + }, + { + "ref": "10-yarl", "dependsOn": [ - "10-idna", + "11-idna", "8-multidict" ] }, { - "ref": "11-beautifulsoup4", + "ref": "12-beautifulsoup4", "dependsOn": [ - "12-soupsieve" + "13-soupsieve" ] }, { - "ref": "17-gsutil", + "ref": "18-gsutil", "dependsOn": [ - "18-argcomplete", - "19-crcmod", - "20-fasteners", - "21-gcs-oauth2-boto-plugin", - "40-google-apitools", - "23-google-auth", - "29-google-auth-httplib2", - "32-google-reauth", - "30-httplib2", - "41-monotonic", - "35-pyopenssl", - "39-retry-decorator", - "28-six" - ] - }, - { - "ref": "21-gcs-oauth2-boto-plugin", + "19-argcomplete", + "20-crcmod", + "21-fasteners", + "22-gcs-oauth2-boto-plugin", + "41-google-apitools", + "24-google-auth", + "30-google-auth-httplib2", + "33-google-reauth", + "31-httplib2", + "42-monotonic", + "36-pyopenssl", + "40-retry-decorator", + "29-six" + ] + }, + { + "ref": "22-gcs-oauth2-boto-plugin", "dependsOn": [ - "22-boto", - "23-google-auth", - "29-google-auth-httplib2", - "32-google-reauth", - "30-httplib2", - "34-oauth2client", - "35-pyopenssl", - "39-retry-decorator", - "27-rsa", - "28-six" + "23-boto", + "24-google-auth", + "30-google-auth-httplib2", + "33-google-reauth", + "31-httplib2", + "35-oauth2client", + "36-pyopenssl", + "40-retry-decorator", + "28-rsa", + "29-six" ] }, { - "ref": "23-google-auth", + "ref": "24-google-auth", "dependsOn": [ - "24-cachetools", - "25-pyasn1-modules", - "27-rsa", - "28-six" + "25-cachetools", + "26-pyasn1-modules", + "28-rsa", + "29-six" ] }, { - "ref": "25-pyasn1-modules", + "ref": "26-pyasn1-modules", "dependsOn": [ - "26-pyasn1" + "27-pyasn1" ] }, { - "ref": "27-rsa", + "ref": "28-rsa", "dependsOn": [ - "26-pyasn1" + "27-pyasn1" ] }, { - "ref": "29-google-auth-httplib2", + "ref": "30-google-auth-httplib2", "dependsOn": [ - "23-google-auth", - "30-httplib2" + "24-google-auth", + "31-httplib2" ] }, { - "ref": "30-httplib2", + "ref": "31-httplib2", "dependsOn": [ - "31-pyparsing" + "32-pyparsing" ] }, { - "ref": "32-google-reauth", + "ref": "33-google-reauth", "dependsOn": [ - "33-pyu2f" + "34-pyu2f" ] }, { - "ref": "33-pyu2f", + "ref": "34-pyu2f", "dependsOn": [ - "28-six" + "29-six" ] }, { - "ref": "34-oauth2client", + "ref": "35-oauth2client", "dependsOn": [ - "30-httplib2", - "26-pyasn1", - "25-pyasn1-modules", - "27-rsa", - "28-six" + "31-httplib2", + "27-pyasn1", + "26-pyasn1-modules", + "28-rsa", + "29-six" ] }, { - "ref": "35-pyopenssl", + "ref": "36-pyopenssl", "dependsOn": [ - "36-cryptography" + "37-cryptography" ] }, { - "ref": "36-cryptography", + "ref": "37-cryptography", "dependsOn": [ - "37-cffi" + "38-cffi" ] }, { - "ref": "37-cffi", + "ref": "38-cffi", "dependsOn": [ - "38-pycparser" + "39-pycparser" ] }, { - "ref": "40-google-apitools", + "ref": "41-google-apitools", "dependsOn": [ - "20-fasteners", - "30-httplib2", - "34-oauth2client", - "28-six" + "21-fasteners", + "31-httplib2", + "35-oauth2client", + "29-six" ] }, { - "ref": "42-importlib-metadata", + "ref": "43-importlib-metadata", "dependsOn": [ - "43-zipp" + "44-zipp" ] }, { - "ref": "44-jinja2", + "ref": "45-jinja2", "dependsOn": [ - "45-markupsafe" + "46-markupsafe" ] }, { - "ref": "46-jsonschema", + "ref": "47-jsonschema", "dependsOn": [ "7-attrs", - "47-jsonschema-specifications", - "48-referencing", - "49-rpds-py" + "48-jsonschema-specifications", + "49-referencing", + "50-rpds-py" ] }, { - "ref": "47-jsonschema-specifications", + "ref": "48-jsonschema-specifications", "dependsOn": [ - "48-referencing" + "49-referencing" ] }, { - "ref": "48-referencing", + "ref": "49-referencing", "dependsOn": [ "7-attrs", - "49-rpds-py" + "50-rpds-py" ] }, { - "ref": "50-lib4sbom", + "ref": "51-lib4sbom", "dependsOn": [ - "14-defusedxml", - "51-pyyaml", - "52-semantic-version" + "15-defusedxml", + "52-pyyaml", + "53-semantic-version" ] }, { - "ref": "53-lib4vex", + "ref": "54-lib4vex", "dependsOn": [ - "54-csaf-tool", - "50-lib4sbom", - "55-packageurl-python" + "55-csaf-tool", + "51-lib4sbom", + "56-packageurl-python" ] }, { - "ref": "54-csaf-tool", + "ref": "55-csaf-tool", "dependsOn": [ - "55-packageurl-python", - "56-rich" + "56-packageurl-python", + "57-rich" ] }, { - "ref": "56-rich", + "ref": "57-rich", "dependsOn": [ - "57-markdown-it-py", - "59-pygments" + "58-markdown-it-py", + "60-pygments" ] }, { - "ref": "57-markdown-it-py", + "ref": "58-markdown-it-py", "dependsOn": [ - "58-mdurl" + "59-mdurl" ] }, { - "ref": "61-plotly", + "ref": "62-plotly", "dependsOn": [ - "60-packaging", - "62-tenacity" + "61-packaging", + "63-tenacity" ] }, { - "ref": "64-requests", + "ref": "65-requests", "dependsOn": [ - "65-certifi", - "66-charset-normalizer", - "10-idna", - "67-urllib3" + "66-certifi", + "67-charset-normalizer", + "11-idna", + "68-urllib3" ] }, { - "ref": "71-xmlschema", + "ref": "72-xmlschema", "dependsOn": [ - "72-elementpath" + "73-elementpath" ] } ] diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx index e22991478c..fe3dc60928 100644 --- a/sbom/cve-bin-tool-py3.9.spdx +++ b/sbom/cve-bin-tool-py3.9.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: Python-cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ff8dab3a-6076-4661-ade3-e48762928525 +DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-6ff17090-5ad7-41de-bcf2-1e195a0e48fa LicenseListVersion: 3.22 Creator: Tool: sbom4python-0.11.1 -Created: 2024-09-09T00:36:57Z +Created: 2024-09-16T00:38:46Z CreatorComment: This document has been automatically generated. ##### @@ -119,54 +119,67 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:* PackageName: multidict SPDXID: SPDXRef-Package-8-multidict -PackageVersion: 6.0.5 +PackageVersion: 6.1.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com) -PackageDownloadLocation: https://pypi.org/project/multidict/6.0.5 +PackageDownloadLocation: https://pypi.org/project/multidict/6.1.0 FilesAnalyzed: false -PackageChecksum: SHA1: a9b281b2ef4ab25d95d6b268aa88c428e75c3696 PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: Apache-2.0 PackageLicenseComments: multidict declares Apache 2 which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: multidict implementation -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/multidict@6.0.5 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.0.5:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/multidict@6.1.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:* +##### + +PackageName: typing-extensions +SPDXID: SPDXRef-Package-9-typing-extensions +PackageVersion: 4.12.2 +PrimaryPackagePurpose: LIBRARY +PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com) +PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.12.2 +FilesAnalyzed: false +PackageLicenseDeclared: NOASSERTION +PackageLicenseConcluded: NOASSERTION +PackageCopyrightText: NOASSERTION +PackageSummary: Backported and Experimental Type Hints for Python 3.8+ +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/typing-extensions@4.12.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:* ##### PackageName: yarl -SPDXID: SPDXRef-Package-9-yarl -PackageVersion: 1.11.0 +SPDXID: SPDXRef-Package-10-yarl +PackageVersion: 1.11.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com) -PackageDownloadLocation: https://pypi.org/project/yarl/1.11.0 +PackageDownloadLocation: https://pypi.org/project/yarl/1.11.1 FilesAnalyzed: false PackageLicenseDeclared: Apache-2.0 PackageLicenseConcluded: Apache-2.0 PackageCopyrightText: NOASSERTION PackageSummary: Yet another URL library -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.11.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.11.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/yarl@1.11.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.11.1:*:*:*:*:*:*:* ##### PackageName: idna -SPDXID: SPDXRef-Package-10-idna -PackageVersion: 3.8 +SPDXID: SPDXRef-Package-11-idna +PackageVersion: 3.10 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Kim Davies (kim+pypi@gumleaf.org) -PackageDownloadLocation: https://pypi.org/project/idna/3.8 +PackageDownloadLocation: https://pypi.org/project/idna/3.10 FilesAnalyzed: false -PackageChecksum: SHA1: 784c6f45c162db9709588124f2f1def5b70615ff PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Internationalized Domain Names in Applications (IDNA) -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.8 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/idna@3.10 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:* ##### PackageName: beautifulsoup4 -SPDXID: SPDXRef-Package-11-beautifulsoup4 +SPDXID: SPDXRef-Package-12-beautifulsoup4 PackageVersion: 4.12.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org) @@ -182,7 +195,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12 ##### PackageName: soupsieve -SPDXID: SPDXRef-Package-12-soupsieve +SPDXID: SPDXRef-Package-13-soupsieve PackageVersion: 2.6 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Isaac Muse (use@gmail.com) @@ -197,7 +210,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:* ##### PackageName: cvss -SPDXID: SPDXRef-Package-13-cvss +SPDXID: SPDXRef-Package-14-cvss PackageVersion: 3.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Stanislav Red Hat Product Security (skontar@redhat.com) @@ -213,7 +226,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvs ##### PackageName: defusedxml -SPDXID: SPDXRef-Package-14-defusedxml +SPDXID: SPDXRef-Package-15-defusedxml PackageVersion: 0.7.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Christian Heimes (christian@python.org) @@ -230,7 +243,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*: ##### PackageName: distro -SPDXID: SPDXRef-Package-15-distro +SPDXID: SPDXRef-Package-16-distro PackageVersion: 1.9.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Nir Cohen (nir36g@gmail.com) @@ -246,7 +259,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:* ##### PackageName: filetype -SPDXID: SPDXRef-Package-16-filetype +SPDXID: SPDXRef-Package-17-filetype PackageVersion: 1.2.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Tomas Aparicio (tomas@aparicio.me) @@ -262,7 +275,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*: ##### PackageName: gsutil -SPDXID: SPDXRef-Package-17-gsutil +SPDXID: SPDXRef-Package-18-gsutil PackageVersion: 5.30 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com) @@ -278,7 +291,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.30:*:*:*:*:*:*:* ##### PackageName: argcomplete -SPDXID: SPDXRef-Package-18-argcomplete +SPDXID: SPDXRef-Package-19-argcomplete PackageVersion: 3.5.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com) @@ -294,7 +307,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.0:*:*:* ##### PackageName: crcmod -SPDXID: SPDXRef-Package-19-crcmod +SPDXID: SPDXRef-Package-20-crcmod PackageVersion: 1.7 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Ray Buvel (rlbuvel@gmail.com) @@ -309,7 +322,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:* ##### PackageName: fasteners -SPDXID: SPDXRef-Package-20-fasteners +SPDXID: SPDXRef-Package-21-fasteners PackageVersion: 0.19 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Joshua Harlow @@ -325,7 +338,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:* ##### PackageName: gcs-oauth2-boto-plugin -SPDXID: SPDXRef-Package-21-gcs-oauth2-boto-plugin +SPDXID: SPDXRef-Package-22-gcs-oauth2-boto-plugin PackageVersion: 3.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google Inc. (gs-team@google.com) @@ -342,7 +355,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2 ##### PackageName: boto -SPDXID: SPDXRef-Package-22-boto +SPDXID: SPDXRef-Package-23-boto PackageVersion: 2.49.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Mitch Garnaat (mitch@garnaat.com) @@ -358,7 +371,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*: ##### PackageName: google-auth -SPDXID: SPDXRef-Package-23-google-auth +SPDXID: SPDXRef-Package-24-google-auth PackageVersion: 2.17.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com) @@ -375,7 +388,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17 ##### PackageName: cachetools -SPDXID: SPDXRef-Package-24-cachetools +SPDXID: SPDXRef-Package-25-cachetools PackageVersion: 5.5.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org) @@ -390,38 +403,38 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:* ##### PackageName: pyasn1-modules -SPDXID: SPDXRef-Package-25-pyasn1-modules -PackageVersion: 0.4.0 +SPDXID: SPDXRef-Package-26-pyasn1-modules +PackageVersion: 0.4.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Ilya Etingof (etingof@gmail.com) -PackageDownloadLocation: https://pypi.org/project/pyasn1-modules/0.4.0 +PackageDownloadLocation: https://pypi.org/project/pyasn1-modules/0.4.1 FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: BSD-3-Clause PackageLicenseComments: pyasn1-modules declares BSD which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: A collection of ASN.1-based protocols modules -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1-modules@0.4.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1-modules@0.4.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:* ##### PackageName: pyasn1 -SPDXID: SPDXRef-Package-26-pyasn1 -PackageVersion: 0.6.0 +SPDXID: SPDXRef-Package-27-pyasn1 +PackageVersion: 0.6.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Ilya Etingof (etingof@gmail.com) -PackageDownloadLocation: https://pypi.org/project/pyasn1/0.6.0 +PackageDownloadLocation: https://pypi.org/project/pyasn1/0.6.1 FilesAnalyzed: false PackageLicenseDeclared: BSD-2-Clause PackageLicenseConcluded: BSD-2-Clause PackageCopyrightText: NOASSERTION PackageSummary: Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208) -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1@0.6.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/pyasn1@0.6.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:* ##### PackageName: rsa -SPDXID: SPDXRef-Package-27-rsa +SPDXID: SPDXRef-Package-28-rsa PackageVersion: 4.7.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Sybren A. Stuvel (sybren@stuvel.eu) @@ -438,7 +451,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:* ##### PackageName: six -SPDXID: SPDXRef-Package-28-six +SPDXID: SPDXRef-Package-29-six PackageVersion: 1.16.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Benjamin Peterson (benjamin@python.org) @@ -454,7 +467,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:* ##### PackageName: google-auth-httplib2 -SPDXID: SPDXRef-Package-29-google-auth-httplib2 +SPDXID: SPDXRef-Package-30-google-auth-httplib2 PackageVersion: 0.2.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com) @@ -470,7 +483,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth-http ##### PackageName: httplib2 -SPDXID: SPDXRef-Package-30-httplib2 +SPDXID: SPDXRef-Package-31-httplib2 PackageVersion: 0.20.4 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Joe Gregorio (joe@bitworking.org) @@ -486,7 +499,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:* ##### PackageName: pyparsing -SPDXID: SPDXRef-Package-31-pyparsing +SPDXID: SPDXRef-Package-32-pyparsing PackageVersion: 3.1.4 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com) @@ -501,7 +514,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:* ##### PackageName: google-reauth -SPDXID: SPDXRef-Package-32-google-reauth +SPDXID: SPDXRef-Package-33-google-reauth PackageVersion: 0.1.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google (googleapis-publisher@google.com) @@ -518,7 +531,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:* ##### PackageName: pyu2f -SPDXID: SPDXRef-Package-33-pyu2f +SPDXID: SPDXRef-Package-34-pyu2f PackageVersion: 0.1.5 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google Inc. (pyu2f-team@google.com) @@ -535,7 +548,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:* ##### PackageName: oauth2client -SPDXID: SPDXRef-Package-34-oauth2client +SPDXID: SPDXRef-Package-35-oauth2client PackageVersion: 4.1.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google Inc. (jonwayne+oauth2client@google.com) @@ -552,7 +565,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:* ##### PackageName: pyopenssl -SPDXID: SPDXRef-Package-35-pyopenssl +SPDXID: SPDXRef-Package-36-pyopenssl PackageVersion: 24.2.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org) @@ -568,7 +581,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24. ##### PackageName: cryptography -SPDXID: SPDXRef-Package-36-cryptography +SPDXID: SPDXRef-Package-37-cryptography PackageVersion: 43.0.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) @@ -583,7 +596,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python ##### PackageName: cffi -SPDXID: SPDXRef-Package-37-cffi +SPDXID: SPDXRef-Package-38-cffi PackageVersion: 1.17.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Armin Maciej Fijalkowski (python-cffi@googlegroups.com) @@ -598,7 +611,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:* ##### PackageName: pycparser -SPDXID: SPDXRef-Package-38-pycparser +SPDXID: SPDXRef-Package-39-pycparser PackageVersion: 2.22 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Eli Bendersky (eliben@gmail.com) @@ -614,7 +627,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:* ##### PackageName: retry-decorator -SPDXID: SPDXRef-Package-39-retry-decorator +SPDXID: SPDXRef-Package-40-retry-decorator PackageVersion: 1.1.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Patrick Ng (pn.appdev@gmail.com) @@ -630,7 +643,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:* ##### PackageName: google-apitools -SPDXID: SPDXRef-Package-40-google-apitools +SPDXID: SPDXRef-Package-41-google-apitools PackageVersion: 0.5.32 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Craig Citro (craigcitro@google.com) @@ -647,7 +660,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:* ##### PackageName: monotonic -SPDXID: SPDXRef-Package-41-monotonic +SPDXID: SPDXRef-Package-42-monotonic PackageVersion: 1.6 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Ori Livneh (ori@wikimedia.org) @@ -664,37 +677,37 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:* ##### PackageName: importlib-metadata -SPDXID: SPDXRef-Package-42-importlib-metadata -PackageVersion: 8.4.0 +SPDXID: SPDXRef-Package-43-importlib-metadata +PackageVersion: 8.5.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Jason R. (jaraco@jaraco.com) -PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.4.0 +PackageDownloadLocation: https://pypi.org/project/importlib-metadata/8.5.0 FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Read metadata from Python packages -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/importlib-metadata@8.4.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.4.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/importlib-metadata@8.5.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:* ##### PackageName: zipp -SPDXID: SPDXRef-Package-43-zipp -PackageVersion: 3.20.1 +SPDXID: SPDXRef-Package-44-zipp +PackageVersion: 3.20.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Jason R. (jaraco@jaraco.com) -PackageDownloadLocation: https://pypi.org/project/zipp/3.20.1 +PackageDownloadLocation: https://pypi.org/project/zipp/3.20.2 FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Backport of pathlib-compatible object wrapper for zip files -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.20.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.20.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.20.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:* ##### PackageName: jinja2 -SPDXID: SPDXRef-Package-44-jinja2 +SPDXID: SPDXRef-Package-45-jinja2 PackageVersion: 3.1.4 PrimaryPackagePurpose: LIBRARY PackageSupplier: NOASSERTION @@ -709,7 +722,7 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/jinja2@3.1.4 ##### PackageName: markupsafe -SPDXID: SPDXRef-Package-45-markupsafe +SPDXID: SPDXRef-Package-46-markupsafe PackageVersion: 2.1.5 PrimaryPackagePurpose: LIBRARY PackageSupplier: NOASSERTION @@ -724,7 +737,7 @@ ExternalRef: PACKAGE_MANAGER purl pkg:pypi/markupsafe@2.1.5 ##### PackageName: jsonschema -SPDXID: SPDXRef-Package-46-jsonschema +SPDXID: SPDXRef-Package-47-jsonschema PackageVersion: 4.23.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julian Berman @@ -739,7 +752,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*: ##### PackageName: jsonschema-specifications -SPDXID: SPDXRef-Package-47-jsonschema-specifications +SPDXID: SPDXRef-Package-48-jsonschema-specifications PackageVersion: 2023.12.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julian Berman @@ -755,7 +768,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specification ##### PackageName: referencing -SPDXID: SPDXRef-Package-48-referencing +SPDXID: SPDXRef-Package-49-referencing PackageVersion: 0.35.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julian Berman @@ -770,7 +783,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:* ##### PackageName: rpds-py -SPDXID: SPDXRef-Package-49-rpds-py +SPDXID: SPDXRef-Package-50-rpds-py PackageVersion: 0.20.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julian Berman @@ -785,7 +798,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.20.0:*:*:*:*:* ##### PackageName: lib4sbom -SPDXID: SPDXRef-Package-50-lib4sbom +SPDXID: SPDXRef-Package-51-lib4sbom PackageVersion: 0.7.4 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com) @@ -800,7 +813,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.7.4:*:*:*: ##### PackageName: pyyaml -SPDXID: SPDXRef-Package-51-pyyaml +SPDXID: SPDXRef-Package-52-pyyaml PackageVersion: 6.0.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Kirill Simonov (xi@resolvent.net) @@ -815,7 +828,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*: ##### PackageName: semantic-version -SPDXID: SPDXRef-Package-52-semantic-version +SPDXID: SPDXRef-Package-53-semantic-version PackageVersion: 2.10.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org) @@ -832,7 +845,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10. ##### PackageName: lib4vex -SPDXID: SPDXRef-Package-53-lib4vex +SPDXID: SPDXRef-Package-54-lib4vex PackageVersion: 0.2.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com) @@ -847,7 +860,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:* ##### PackageName: csaf-tool -SPDXID: SPDXRef-Package-54-csaf-tool +SPDXID: SPDXRef-Package-55-csaf-tool PackageVersion: 0.3.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com) @@ -863,7 +876,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:* ##### PackageName: packageurl-python -SPDXID: SPDXRef-Package-55-packageurl-python +SPDXID: SPDXRef-Package-56-packageurl-python PackageVersion: 0.15.6 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: the purl authors @@ -879,22 +892,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.1 ##### PackageName: rich -SPDXID: SPDXRef-Package-56-rich -PackageVersion: 13.8.0 +SPDXID: SPDXRef-Package-57-rich +PackageVersion: 13.8.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com) -PackageDownloadLocation: https://pypi.org/project/rich/13.8.0 +PackageDownloadLocation: https://pypi.org/project/rich/13.8.1 FilesAnalyzed: false PackageLicenseDeclared: MIT PackageLicenseConcluded: MIT PackageCopyrightText: NOASSERTION PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.8.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.8.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/rich@13.8.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.8.1:*:*:*:*:*:*:* ##### PackageName: markdown-it-py -SPDXID: SPDXRef-Package-57-markdown-it-py +SPDXID: SPDXRef-Package-58-markdown-it-py PackageVersion: 3.0.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com) @@ -910,7 +923,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*: ##### PackageName: mdurl -SPDXID: SPDXRef-Package-58-mdurl +SPDXID: SPDXRef-Package-59-mdurl PackageVersion: 0.1.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com) @@ -926,7 +939,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*: ##### PackageName: pygments -SPDXID: SPDXRef-Package-59-pygments +SPDXID: SPDXRef-Package-60-pygments PackageVersion: 2.18.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Georg Brandl (georg@python.org) @@ -942,7 +955,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:* ##### PackageName: packaging -SPDXID: SPDXRef-Package-60-packaging +SPDXID: SPDXRef-Package-61-packaging PackageVersion: 24.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Donald Stufft (donald@stufft.io) @@ -957,22 +970,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.1:*:*:*:*:* ##### PackageName: plotly -SPDXID: SPDXRef-Package-61-plotly -PackageVersion: 5.24.0 +SPDXID: SPDXRef-Package-62-plotly +PackageVersion: 5.24.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Chris P (chris@plot.ly) -PackageDownloadLocation: https://pypi.org/project/plotly/5.24.0 +PackageDownloadLocation: https://pypi.org/project/plotly/5.24.1 FilesAnalyzed: false PackageLicenseDeclared: MIT PackageLicenseConcluded: MIT PackageCopyrightText: NOASSERTION PackageSummary: An open-source, interactive data visualization library for Python -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.24.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.24.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:* ##### PackageName: tenacity -SPDXID: SPDXRef-Package-62-tenacity +SPDXID: SPDXRef-Package-63-tenacity PackageVersion: 9.0.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julien Danjou (julien@danjou.info) @@ -989,7 +1002,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:* ##### PackageName: python-gnupg -SPDXID: SPDXRef-Package-63-python-gnupg +SPDXID: SPDXRef-Package-64-python-gnupg PackageVersion: 0.5.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk) @@ -1006,7 +1019,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.2:*:*:*:* ##### PackageName: requests -SPDXID: SPDXRef-Package-64-requests +SPDXID: SPDXRef-Package-65-requests PackageVersion: 2.32.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org) @@ -1022,7 +1035,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*: ##### PackageName: certifi -SPDXID: SPDXRef-Package-65-certifi +SPDXID: SPDXRef-Package-66-certifi PackageVersion: 2024.8.30 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com) @@ -1037,7 +1050,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*: ##### PackageName: charset-normalizer -SPDXID: SPDXRef-Package-66-charset-normalizer +SPDXID: SPDXRef-Package-67-charset-normalizer PackageVersion: 3.3.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev) @@ -1053,22 +1066,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:* ##### PackageName: urllib3 -SPDXID: SPDXRef-Package-67-urllib3 -PackageVersion: 2.2.2 +SPDXID: SPDXRef-Package-68-urllib3 +PackageVersion: 2.2.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net) -PackageDownloadLocation: https://pypi.org/project/urllib3/2.2.2 +PackageDownloadLocation: https://pypi.org/project/urllib3/2.2.3 FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: HTTP library with thread-safe connection pooling, file post, and more. -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/urllib3@2.2.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/urllib3@2.2.3 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:* ##### PackageName: rpmfile -SPDXID: SPDXRef-Package-68-rpmfile +SPDXID: SPDXRef-Package-69-rpmfile PackageVersion: 2.1.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Sean Ross (srossross@gmail.com) @@ -1084,22 +1097,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:* ##### PackageName: setuptools -SPDXID: SPDXRef-Package-69-setuptools -PackageVersion: 74.1.2 +SPDXID: SPDXRef-Package-70-setuptools +PackageVersion: 75.0.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Python Packaging Authority (distutils-sig@python.org) -PackageDownloadLocation: https://pypi.org/project/setuptools/74.1.2 +PackageDownloadLocation: https://pypi.org/project/setuptools/75.0.0 FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Easily download, build, install, upgrade, and uninstall Python packages -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@74.1.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:74.1.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.0.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.0.0:*:*:*:*:*:*:* ##### PackageName: toml -SPDXID: SPDXRef-Package-70-toml +SPDXID: SPDXRef-Package-71-toml PackageVersion: 0.10.2 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: William Pearson (uiri@xqz.ca) @@ -1115,39 +1128,37 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*: ##### PackageName: xmlschema -SPDXID: SPDXRef-Package-71-xmlschema -PackageVersion: 3.3.2 +SPDXID: SPDXRef-Package-72-xmlschema +PackageVersion: 3.4.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageDownloadLocation: https://pypi.org/project/xmlschema/3.3.2 +PackageDownloadLocation: https://pypi.org/project/xmlschema/3.4.1 FilesAnalyzed: false -PackageChecksum: SHA1: 90a7233292cfe5d877110fe369869996a3a25928 PackageLicenseDeclared: MIT PackageLicenseConcluded: MIT PackageCopyrightText: NOASSERTION PackageSummary: An XML Schema validator and decoder -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.3.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.3.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.4.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.4.1:*:*:*:*:*:*:* ##### PackageName: elementpath -SPDXID: SPDXRef-Package-72-elementpath -PackageVersion: 4.4.0 +SPDXID: SPDXRef-Package-73-elementpath +PackageVersion: 4.5.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageDownloadLocation: https://pypi.org/project/elementpath/4.4.0 +PackageDownloadLocation: https://pypi.org/project/elementpath/4.5.0 FilesAnalyzed: false -PackageChecksum: SHA1: 004fca18366974c34193176bd3a356f711330ca0 PackageLicenseDeclared: MIT PackageLicenseConcluded: MIT PackageCopyrightText: NOASSERTION PackageSummary: XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/elementpath@4.4.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.4.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/elementpath@4.5.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.5.0:*:*:*:*:*:*:* ##### PackageName: zstandard -SPDXID: SPDXRef-Package-73-zstandard +SPDXID: SPDXRef-Package-74-zstandard PackageVersion: 0.23.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com) @@ -1163,113 +1174,114 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:* ##### Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-Package-1-cve-bin-tool -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-11-beautifulsoup4 -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-13-cvss -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-defusedxml -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-distro -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-filetype -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-17-gsutil +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-12-beautifulsoup4 +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-cvss +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-defusedxml +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-distro +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-17-filetype +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-18-gsutil Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-2-aiohttp -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-42-importlib-metadata -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-zipp -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-jinja2 -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-46-jsonschema -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-lib4sbom -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-pyyaml -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-lib4vex -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-packageurl-python -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-rich -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-60-packaging -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-plotly -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-63-python-gnupg -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-requests -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-67-urllib3 -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-rpmfile -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-69-setuptools -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-70-toml -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-71-xmlschema -Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-73-zstandard -Relationship: SPDXRef-Package-11-beautifulsoup4 DEPENDS_ON SPDXRef-Package-12-soupsieve -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-18-argcomplete -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-19-crcmod -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-20-fasteners -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-21-gcs-oauth2-boto-plugin -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-23-google-auth -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-29-google-auth-httplib2 -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-30-httplib2 -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-32-google-reauth -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-35-pyopenssl -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-39-retry-decorator -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-40-google-apitools -Relationship: SPDXRef-Package-17-gsutil DEPENDS_ON SPDXRef-Package-41-monotonic +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-importlib-metadata +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-zipp +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-jinja2 +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-47-jsonschema +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-lib4sbom +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-pyyaml +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-54-lib4vex +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-packageurl-python +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-rich +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-packaging +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-plotly +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-python-gnupg +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-65-requests +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-urllib3 +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-69-rpmfile +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-70-setuptools +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-71-toml +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-72-xmlschema +Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-74-zstandard +Relationship: SPDXRef-Package-10-yarl DEPENDS_ON SPDXRef-Package-11-idna +Relationship: SPDXRef-Package-10-yarl DEPENDS_ON SPDXRef-Package-8-multidict +Relationship: SPDXRef-Package-12-beautifulsoup4 DEPENDS_ON SPDXRef-Package-13-soupsieve +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-19-argcomplete +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-20-crcmod +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-21-fasteners +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-22-gcs-oauth2-boto-plugin +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-24-google-auth +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-30-google-auth-httplib2 +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-31-httplib2 +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-33-google-reauth +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-36-pyopenssl +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-40-retry-decorator +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-41-google-apitools +Relationship: SPDXRef-Package-18-gsutil DEPENDS_ON SPDXRef-Package-42-monotonic +Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-10-yarl Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-3-aiohappyeyeballs Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-4-aiosignal Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-5-frozenlist Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-6-async-timeout Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-7-attrs Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-8-multidict -Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-9-yarl -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-22-boto -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-23-google-auth -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-27-rsa -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-29-google-auth-httplib2 -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-httplib2 -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-32-google-reauth -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-34-oauth2client -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-35-pyopenssl -Relationship: SPDXRef-Package-21-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-39-retry-decorator -Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-24-cachetools -Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-25-pyasn1-modules -Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-27-rsa -Relationship: SPDXRef-Package-23-google-auth DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-25-pyasn1-modules DEPENDS_ON SPDXRef-Package-26-pyasn1 -Relationship: SPDXRef-Package-27-rsa DEPENDS_ON SPDXRef-Package-26-pyasn1 -Relationship: SPDXRef-Package-29-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-23-google-auth -Relationship: SPDXRef-Package-29-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-30-httplib2 -Relationship: SPDXRef-Package-30-httplib2 DEPENDS_ON SPDXRef-Package-31-pyparsing -Relationship: SPDXRef-Package-32-google-reauth DEPENDS_ON SPDXRef-Package-33-pyu2f -Relationship: SPDXRef-Package-33-pyu2f DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-25-pyasn1-modules -Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-26-pyasn1 -Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-27-rsa -Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-34-oauth2client DEPENDS_ON SPDXRef-Package-30-httplib2 -Relationship: SPDXRef-Package-35-pyopenssl DEPENDS_ON SPDXRef-Package-36-cryptography -Relationship: SPDXRef-Package-36-cryptography DEPENDS_ON SPDXRef-Package-37-cffi -Relationship: SPDXRef-Package-37-cffi DEPENDS_ON SPDXRef-Package-38-pycparser +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-23-boto +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-24-google-auth +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-28-rsa +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-google-auth-httplib2 +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-31-httplib2 +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-33-google-reauth +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-35-oauth2client +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-36-pyopenssl +Relationship: SPDXRef-Package-22-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-40-retry-decorator +Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-25-cachetools +Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-26-pyasn1-modules +Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-28-rsa +Relationship: SPDXRef-Package-24-google-auth DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-26-pyasn1-modules DEPENDS_ON SPDXRef-Package-27-pyasn1 +Relationship: SPDXRef-Package-28-rsa DEPENDS_ON SPDXRef-Package-27-pyasn1 +Relationship: SPDXRef-Package-30-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-24-google-auth +Relationship: SPDXRef-Package-30-google-auth-httplib2 DEPENDS_ON SPDXRef-Package-31-httplib2 +Relationship: SPDXRef-Package-31-httplib2 DEPENDS_ON SPDXRef-Package-32-pyparsing +Relationship: SPDXRef-Package-33-google-reauth DEPENDS_ON SPDXRef-Package-34-pyu2f +Relationship: SPDXRef-Package-34-pyu2f DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-26-pyasn1-modules +Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-27-pyasn1 +Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-28-rsa +Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-35-oauth2client DEPENDS_ON SPDXRef-Package-31-httplib2 +Relationship: SPDXRef-Package-36-pyopenssl DEPENDS_ON SPDXRef-Package-37-cryptography +Relationship: SPDXRef-Package-37-cryptography DEPENDS_ON SPDXRef-Package-38-cffi +Relationship: SPDXRef-Package-38-cffi DEPENDS_ON SPDXRef-Package-39-pycparser Relationship: SPDXRef-Package-4-aiosignal DEPENDS_ON SPDXRef-Package-5-frozenlist -Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-20-fasteners -Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-28-six -Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-30-httplib2 -Relationship: SPDXRef-Package-40-google-apitools DEPENDS_ON SPDXRef-Package-34-oauth2client -Relationship: SPDXRef-Package-42-importlib-metadata DEPENDS_ON SPDXRef-Package-43-zipp -Relationship: SPDXRef-Package-44-jinja2 DEPENDS_ON SPDXRef-Package-45-markupsafe -Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-47-jsonschema-specifications -Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-48-referencing -Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-49-rpds-py -Relationship: SPDXRef-Package-46-jsonschema DEPENDS_ON SPDXRef-Package-7-attrs -Relationship: SPDXRef-Package-47-jsonschema-specifications DEPENDS_ON SPDXRef-Package-48-referencing -Relationship: SPDXRef-Package-48-referencing DEPENDS_ON SPDXRef-Package-49-rpds-py -Relationship: SPDXRef-Package-48-referencing DEPENDS_ON SPDXRef-Package-7-attrs -Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-14-defusedxml -Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-51-pyyaml -Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-52-semantic-version -Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-50-lib4sbom -Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-54-csaf-tool -Relationship: SPDXRef-Package-53-lib4vex DEPENDS_ON SPDXRef-Package-55-packageurl-python -Relationship: SPDXRef-Package-54-csaf-tool DEPENDS_ON SPDXRef-Package-55-packageurl-python -Relationship: SPDXRef-Package-54-csaf-tool DEPENDS_ON SPDXRef-Package-56-rich -Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-57-markdown-it-py -Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-59-pygments -Relationship: SPDXRef-Package-57-markdown-it-py DEPENDS_ON SPDXRef-Package-58-mdurl -Relationship: SPDXRef-Package-61-plotly DEPENDS_ON SPDXRef-Package-60-packaging -Relationship: SPDXRef-Package-61-plotly DEPENDS_ON SPDXRef-Package-62-tenacity -Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-10-idna -Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-65-certifi -Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-66-charset-normalizer -Relationship: SPDXRef-Package-64-requests DEPENDS_ON SPDXRef-Package-67-urllib3 -Relationship: SPDXRef-Package-71-xmlschema DEPENDS_ON SPDXRef-Package-72-elementpath -Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-10-idna -Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-8-multidict +Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-21-fasteners +Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-29-six +Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-31-httplib2 +Relationship: SPDXRef-Package-41-google-apitools DEPENDS_ON SPDXRef-Package-35-oauth2client +Relationship: SPDXRef-Package-43-importlib-metadata DEPENDS_ON SPDXRef-Package-44-zipp +Relationship: SPDXRef-Package-45-jinja2 DEPENDS_ON SPDXRef-Package-46-markupsafe +Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-48-jsonschema-specifications +Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-49-referencing +Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-50-rpds-py +Relationship: SPDXRef-Package-47-jsonschema DEPENDS_ON SPDXRef-Package-7-attrs +Relationship: SPDXRef-Package-48-jsonschema-specifications DEPENDS_ON SPDXRef-Package-49-referencing +Relationship: SPDXRef-Package-49-referencing DEPENDS_ON SPDXRef-Package-50-rpds-py +Relationship: SPDXRef-Package-49-referencing DEPENDS_ON SPDXRef-Package-7-attrs +Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-15-defusedxml +Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-52-pyyaml +Relationship: SPDXRef-Package-51-lib4sbom DEPENDS_ON SPDXRef-Package-53-semantic-version +Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-51-lib4sbom +Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-55-csaf-tool +Relationship: SPDXRef-Package-54-lib4vex DEPENDS_ON SPDXRef-Package-56-packageurl-python +Relationship: SPDXRef-Package-55-csaf-tool DEPENDS_ON SPDXRef-Package-56-packageurl-python +Relationship: SPDXRef-Package-55-csaf-tool DEPENDS_ON SPDXRef-Package-57-rich +Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-58-markdown-it-py +Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-60-pygments +Relationship: SPDXRef-Package-58-markdown-it-py DEPENDS_ON SPDXRef-Package-59-mdurl +Relationship: SPDXRef-Package-62-plotly DEPENDS_ON SPDXRef-Package-61-packaging +Relationship: SPDXRef-Package-62-plotly DEPENDS_ON SPDXRef-Package-63-tenacity +Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-11-idna +Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-66-certifi +Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-67-charset-normalizer +Relationship: SPDXRef-Package-65-requests DEPENDS_ON SPDXRef-Package-68-urllib3 +Relationship: SPDXRef-Package-72-xmlschema DEPENDS_ON SPDXRef-Package-73-elementpath +Relationship: SPDXRef-Package-8-multidict DEPENDS_ON SPDXRef-Package-9-typing-extensions