diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
index c3c78c21e8..006ab84a4b 100644
--- a/sbom/cve-bin-tool-py3.9.json
+++ b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
- "serialNumber": "urn:uuid4896c353-cdb2-4955-91d4-8a485398879d",
+ "serialNumber": "urn:uuid93f9738b-4ebb-4fb8-9bff-f3b17dc60da2",
"version": 1,
"metadata": {
- "timestamp": "2023-07-03T00:31:59Z",
+ "timestamp": "2023-07-10T00:43:44Z",
"tools": [
{
"name": "sbom4python",
@@ -203,7 +203,7 @@
"type": "library",
"bom-ref": "7-charset-normalizer",
"name": "charset-normalizer",
- "version": "3.1.0",
+ "version": "3.2.0",
"supplier": {
"name": "Ahmed TAHRI",
"contact": [
@@ -212,7 +212,7 @@
}
]
},
- "cpe": "cpe:2.3:a:ahmed_tahri:charset-normalizer:3.1.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:ahmed_tahri:charset-normalizer:3.2.0:*:*:*:*:*:*:*",
"description": "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.",
"licenses": [
{
@@ -224,12 +224,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/charset-normalizer/3.1.0",
+ "url": "https://pypi.org/project/charset-normalizer/3.2.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/charset-normalizer@3.1.0"
+ "purl": "pkg:pypi/charset-normalizer@3.2.0"
},
{
"type": "library",
@@ -1361,7 +1361,7 @@
"type": "library",
"bom-ref": "41-importlib-metadata",
"name": "importlib-metadata",
- "version": "6.7.0",
+ "version": "6.8.0",
"supplier": {
"name": "Jason R. Coombs",
"contact": [
@@ -1370,22 +1370,22 @@
}
]
},
- "cpe": "cpe:2.3:a:jason_r._coombs:importlib-metadata:6.7.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r._coombs:importlib-metadata:6.8.0:*:*:*:*:*:*:*",
"description": "Read metadata from Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/importlib-metadata/6.7.0",
+ "url": "https://pypi.org/project/importlib-metadata/6.8.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/importlib-metadata@6.7.0"
+ "purl": "pkg:pypi/importlib-metadata@6.8.0"
},
{
"type": "library",
"bom-ref": "42-zipp",
"name": "zipp",
- "version": "3.15.0",
+ "version": "3.16.0",
"supplier": {
"name": "Jason R. Coombs",
"contact": [
@@ -1394,16 +1394,16 @@
}
]
},
- "cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.15.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.16.0:*:*:*:*:*:*:*",
"description": "Backport of pathlib-compatible object wrapper for zip files",
"externalReferences": [
{
- "url": "https://pypi.org/project/zipp/3.15.0",
+ "url": "https://pypi.org/project/zipp/3.16.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/zipp@3.15.0"
+ "purl": "pkg:pypi/zipp@3.16.0"
},
{
"type": "library",
@@ -1464,11 +1464,11 @@
"type": "library",
"bom-ref": "45-jsonschema",
"name": "jsonschema",
- "version": "4.17.3",
+ "version": "4.18.0",
"supplier": {
"name": "Julian Berman"
},
- "cpe": "cpe:2.3:a:julian_berman:jsonschema:4.17.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:julian_berman:jsonschema:4.18.0:*:*:*:*:*:*:*",
"description": "An implementation of JSON Schema validation for Python",
"licenses": [
{
@@ -1480,28 +1480,50 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/jsonschema/4.17.3",
+ "url": "https://pypi.org/project/jsonschema/4.18.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/jsonschema@4.17.3"
+ "purl": "pkg:pypi/jsonschema@4.18.0"
},
{
"type": "library",
- "bom-ref": "46-pyrsistent",
- "name": "pyrsistent",
- "version": "0.19.3",
+ "bom-ref": "46-jsonschema-specifications",
+ "name": "jsonschema-specifications",
+ "version": "2023.6.1",
"supplier": {
- "name": "Tobias Gustafsson",
- "contact": [
- {
- "email": "tobias.l.gustafsson@gmail.com"
+ "name": "Julian Berman"
+ },
+ "cpe": "cpe:2.3:a:julian_berman:jsonschema-specifications:2023.6.1:*:*:*:*:*:*:*",
+ "description": "The JSON Schema meta-schemas and vocabularies, exposed as a Registry",
+ "licenses": [
+ {
+ "license": {
+ "id": "MIT",
+ "url": "https://opensource.org/licenses/MIT"
}
- ]
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/jsonschema-specifications/2023.6.1",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/jsonschema-specifications@2023.6.1"
+ },
+ {
+ "type": "library",
+ "bom-ref": "47-referencing",
+ "name": "referencing",
+ "version": "0.29.1",
+ "supplier": {
+ "name": "Julian Berman"
},
- "cpe": "cpe:2.3:a:tobias_gustafsson:pyrsistent:0.19.3:*:*:*:*:*:*:*",
- "description": "Persistent/Functional/Immutable data structures",
+ "cpe": "cpe:2.3:a:julian_berman:referencing:0.29.1:*:*:*:*:*:*:*",
+ "description": "JSON Referencing + Python",
"licenses": [
{
"license": {
@@ -1512,16 +1534,43 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/pyrsistent/0.19.3",
+ "url": "https://pypi.org/project/referencing/0.29.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyrsistent@0.19.3"
+ "purl": "pkg:pypi/referencing@0.29.1"
},
{
"type": "library",
- "bom-ref": "47-lib4sbom",
+ "bom-ref": "48-rpds-py",
+ "name": "rpds-py",
+ "version": "0.8.10",
+ "supplier": {
+ "name": "Julian Berman"
+ },
+ "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.8.10:*:*:*:*:*:*:*",
+ "description": "Python bindings to Rust's persistent data structures (rpds)",
+ "licenses": [
+ {
+ "license": {
+ "id": "MIT",
+ "url": "https://opensource.org/licenses/MIT"
+ }
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/rpds-py/0.8.10",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/rpds-py@0.8.10"
+ },
+ {
+ "type": "library",
+ "bom-ref": "49-lib4sbom",
"name": "lib4sbom",
"version": "0.3.1",
"supplier": {
@@ -1553,7 +1602,7 @@
},
{
"type": "library",
- "bom-ref": "48-pyyaml",
+ "bom-ref": "50-pyyaml",
"name": "pyyaml",
"version": "6.0",
"supplier": {
@@ -1585,7 +1634,7 @@
},
{
"type": "library",
- "bom-ref": "49-semantic-version",
+ "bom-ref": "51-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
@@ -1623,7 +1672,7 @@
},
{
"type": "library",
- "bom-ref": "50-packaging",
+ "bom-ref": "52-packaging",
"name": "packaging",
"version": "21.3",
"supplier": {
@@ -1660,7 +1709,7 @@
},
{
"type": "library",
- "bom-ref": "51-plotly",
+ "bom-ref": "53-plotly",
"name": "plotly",
"version": "5.15.0",
"supplier": {
@@ -1692,7 +1741,7 @@
},
{
"type": "library",
- "bom-ref": "52-tenacity",
+ "bom-ref": "54-tenacity",
"name": "tenacity",
"version": "8.2.2",
"supplier": {
@@ -1730,7 +1779,7 @@
},
{
"type": "library",
- "bom-ref": "53-python-gnupg",
+ "bom-ref": "55-python-gnupg",
"name": "python-gnupg",
"version": "0.5.0",
"supplier": {
@@ -1768,7 +1817,7 @@
},
{
"type": "library",
- "bom-ref": "54-requests",
+ "bom-ref": "56-requests",
"name": "requests",
"version": "2.31.0",
"supplier": {
@@ -1806,7 +1855,7 @@
},
{
"type": "library",
- "bom-ref": "55-certifi",
+ "bom-ref": "57-certifi",
"name": "certifi",
"version": "2023.5.7",
"supplier": {
@@ -1838,7 +1887,7 @@
},
{
"type": "library",
- "bom-ref": "56-rich",
+ "bom-ref": "58-rich",
"name": "rich",
"version": "13.4.2",
"supplier": {
@@ -1870,7 +1919,7 @@
},
{
"type": "library",
- "bom-ref": "57-markdown-it-py",
+ "bom-ref": "59-markdown-it-py",
"name": "markdown-it-py",
"version": "3.0.0",
"supplier": {
@@ -1894,7 +1943,7 @@
},
{
"type": "library",
- "bom-ref": "58-mdurl",
+ "bom-ref": "60-mdurl",
"name": "mdurl",
"version": "0.1.2",
"supplier": {
@@ -1918,7 +1967,7 @@
},
{
"type": "library",
- "bom-ref": "59-pygments",
+ "bom-ref": "61-pygments",
"name": "pygments",
"version": "2.15.1",
"supplier": {
@@ -1950,7 +1999,7 @@
},
{
"type": "library",
- "bom-ref": "60-rpmfile",
+ "bom-ref": "62-rpmfile",
"name": "rpmfile",
"version": "1.1.1",
"supplier": {
@@ -1982,7 +2031,7 @@
},
{
"type": "library",
- "bom-ref": "61-toml",
+ "bom-ref": "63-toml",
"name": "toml",
"version": "0.10.2",
"supplier": {
@@ -2014,7 +2063,7 @@
},
{
"type": "library",
- "bom-ref": "62-xmlschema",
+ "bom-ref": "64-xmlschema",
"name": "xmlschema",
"version": "2.3.1",
"supplier": {
@@ -2046,7 +2095,7 @@
},
{
"type": "library",
- "bom-ref": "63-elementpath",
+ "bom-ref": "65-elementpath",
"name": "elementpath",
"version": "4.1.4",
"supplier": {
@@ -2078,7 +2127,7 @@
},
{
"type": "library",
- "bom-ref": "64-zstandard",
+ "bom-ref": "66-zstandard",
"name": "zstandard",
"version": "0.21.0",
"supplier": {
@@ -2134,18 +2183,18 @@
"41-importlib-metadata",
"43-jinja2",
"45-jsonschema",
- "47-lib4sbom",
- "50-packaging",
- "51-plotly",
- "53-python-gnupg",
- "48-pyyaml",
- "54-requests",
- "56-rich",
- "60-rpmfile",
- "61-toml",
+ "49-lib4sbom",
+ "52-packaging",
+ "53-plotly",
+ "55-python-gnupg",
+ "50-pyyaml",
+ "56-requests",
+ "58-rich",
+ "62-rpmfile",
+ "63-toml",
"39-urllib3",
- "62-xmlschema",
- "64-zstandard"
+ "64-xmlschema",
+ "66-zstandard"
]
},
{
@@ -2302,55 +2351,70 @@
"ref": "45-jsonschema",
"dependsOn": [
"6-attrs",
- "46-pyrsistent"
+ "46-jsonschema-specifications",
+ "47-referencing",
+ "48-rpds-py"
+ ]
+ },
+ {
+ "ref": "46-jsonschema-specifications",
+ "dependsOn": [
+ "47-referencing"
+ ]
+ },
+ {
+ "ref": "47-referencing",
+ "dependsOn": [
+ "6-attrs",
+ "48-rpds-py"
]
},
{
- "ref": "47-lib4sbom",
+ "ref": "49-lib4sbom",
"dependsOn": [
- "48-pyyaml",
- "49-semantic-version"
+ "50-pyyaml",
+ "51-semantic-version"
]
},
{
- "ref": "50-packaging",
+ "ref": "52-packaging",
"dependsOn": [
"26-pyparsing"
]
},
{
- "ref": "51-plotly",
+ "ref": "53-plotly",
"dependsOn": [
- "50-packaging",
- "52-tenacity"
+ "52-packaging",
+ "54-tenacity"
]
},
{
- "ref": "54-requests",
+ "ref": "56-requests",
"dependsOn": [
- "55-certifi",
+ "57-certifi",
"7-charset-normalizer",
"10-idna",
"39-urllib3"
]
},
{
- "ref": "56-rich",
+ "ref": "58-rich",
"dependsOn": [
- "57-markdown-it-py",
- "59-pygments"
+ "59-markdown-it-py",
+ "61-pygments"
]
},
{
- "ref": "57-markdown-it-py",
+ "ref": "59-markdown-it-py",
"dependsOn": [
- "58-mdurl"
+ "60-mdurl"
]
},
{
- "ref": "62-xmlschema",
+ "ref": "64-xmlschema",
"dependsOn": [
- "63-elementpath"
+ "65-elementpath"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
index 0009e93ac9..8db1845bab 100644
--- a/sbom/cve-bin-tool-py3.9.spdx
+++ b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-af9a95b3-a1fb-4ae3-a50f-291674e85085
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-2d318abf-e201-4978-8cf4-4ddfde4f43ff
LicenseListVersion: 3.20
Creator: Tool: sbom4python-0.9.2
-Created: 2023-07-03T00:30:46Z
+Created: 2023-07-10T00:42:20Z
CreatorComment: This document has been automatically generated.
#####
@@ -101,17 +101,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:23.1.0:*:*:*:*:*
PackageName: charset-normalizer
SPDXID: SPDXRef-Package-7-charset-normalizer
-PackageVersion: 3.1.0
+PackageVersion: 3.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev)
-PackageDownloadLocation: https://pypi.org/project/charset-normalizer/3.1.0
+PackageDownloadLocation: https://pypi.org/project/charset-normalizer/3.2.0
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.1.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.1.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.2.0:*:*:*:*:*:*:*
#####
PackageName: multidict
@@ -629,32 +629,32 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
PackageName: importlib-metadata
SPDXID: SPDXRef-Package-41-importlib-metadata
-PackageVersion: 6.7.0
+PackageVersion: 6.8.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/importlib-metadata/6.7.0
+PackageDownloadLocation: https://pypi.org/project/importlib-metadata/6.8.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Read metadata from Python packages
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-metadata@6.7.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:6.7.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-metadata@6.8.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:6.8.0:*:*:*:*:*:*:*
#####
PackageName: zipp
SPDXID: SPDXRef-Package-42-zipp
-PackageVersion: 3.15.0
+PackageVersion: 3.16.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/zipp/3.15.0
+PackageDownloadLocation: https://pypi.org/project/zipp/3.16.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backport of pathlib-compatible object wrapper for zip files
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.15.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.15.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.16.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.16.0:*:*:*:*:*:*:*
#####
PackageName: jinja2
@@ -688,36 +688,66 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markupsafe@2.1.3
PackageName: jsonschema
SPDXID: SPDXRef-Package-45-jsonschema
-PackageVersion: 4.17.3
+PackageVersion: 4.18.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
-PackageDownloadLocation: https://pypi.org/project/jsonschema/4.17.3
+PackageDownloadLocation: https://pypi.org/project/jsonschema/4.18.0
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An implementation of JSON Schema validation for Python
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jsonschema@4.17.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.17.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jsonschema@4.18.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.18.0:*:*:*:*:*:*:*
+#####
+
+PackageName: jsonschema-specifications
+SPDXID: SPDXRef-Package-46-jsonschema-specifications
+PackageVersion: 2023.6.1
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Julian Berman
+PackageDownloadLocation: https://pypi.org/project/jsonschema-specifications/2023.6.1
+FilesAnalyzed: false
+PackageLicenseDeclared: MIT
+PackageLicenseConcluded: MIT
+PackageCopyrightText: NOASSERTION
+PackageSummary: The JSON Schema meta-schemas and vocabularies, exposed as a Registry
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jsonschema-specifications@2023.6.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specifications:2023.6.1:*:*:*:*:*:*:*
#####
-PackageName: pyrsistent
-SPDXID: SPDXRef-Package-46-pyrsistent
-PackageVersion: 0.19.3
+PackageName: referencing
+SPDXID: SPDXRef-Package-47-referencing
+PackageVersion: 0.29.1
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Tobias Gustafsson (tobias.l.gustafsson@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyrsistent/0.19.3
+PackageSupplier: Person: Julian Berman
+PackageDownloadLocation: https://pypi.org/project/referencing/0.29.1
+FilesAnalyzed: false
+PackageLicenseDeclared: MIT
+PackageLicenseConcluded: MIT
+PackageCopyrightText: NOASSERTION
+PackageSummary: JSON Referencing + Python
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.29.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.29.1:*:*:*:*:*:*:*
+#####
+
+PackageName: rpds-py
+SPDXID: SPDXRef-Package-48-rpds-py
+PackageVersion: 0.8.10
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Julian Berman
+PackageDownloadLocation: https://pypi.org/project/rpds-py/0.8.10
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
-PackageSummary: Persistent/Functional/Immutable data structures
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyrsistent@0.19.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:tobias_gustafsson:pyrsistent:0.19.3:*:*:*:*:*:*:*
+PackageSummary: Python bindings to Rust's persistent data structures (rpds)
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.8.10
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.8.10:*:*:*:*:*:*:*
#####
PackageName: lib4sbom
-SPDXID: SPDXRef-Package-47-lib4sbom
+SPDXID: SPDXRef-Package-49-lib4sbom
PackageVersion: 0.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -732,7 +762,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.3.1:*:*:*:
#####
PackageName: pyyaml
-SPDXID: SPDXRef-Package-48-pyyaml
+SPDXID: SPDXRef-Package-50-pyyaml
PackageVersion: 6.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kirill Simonov (xi@resolvent.net)
@@ -747,7 +777,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0:*:*:*:*:*:*:
#####
PackageName: semantic-version
-SPDXID: SPDXRef-Package-49-semantic-version
+SPDXID: SPDXRef-Package-51-semantic-version
PackageVersion: 2.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org)
@@ -763,7 +793,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
#####
PackageName: packaging
-SPDXID: SPDXRef-Package-50-packaging
+SPDXID: SPDXRef-Package-52-packaging
PackageVersion: 21.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Donald Stufft and individual contributors (donald@stufft.io)
@@ -779,7 +809,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut
#####
PackageName: plotly
-SPDXID: SPDXRef-Package-51-plotly
+SPDXID: SPDXRef-Package-53-plotly
PackageVersion: 5.15.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
@@ -794,7 +824,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.15.0:*:*:*:*:*:*:*
#####
PackageName: tenacity
-SPDXID: SPDXRef-Package-52-tenacity
+SPDXID: SPDXRef-Package-54-tenacity
PackageVersion: 8.2.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julien Danjou (julien@danjou.info)
@@ -810,7 +840,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.2:*:*:*:*:*
#####
PackageName: python-gnupg
-SPDXID: SPDXRef-Package-53-python-gnupg
+SPDXID: SPDXRef-Package-55-python-gnupg
PackageVersion: 0.5.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
@@ -826,7 +856,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.0:*:*:*:*
#####
PackageName: requests
-SPDXID: SPDXRef-Package-54-requests
+SPDXID: SPDXRef-Package-56-requests
PackageVersion: 2.31.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -842,7 +872,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.31.0:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-Package-55-certifi
+SPDXID: SPDXRef-Package-57-certifi
PackageVersion: 2023.5.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -857,7 +887,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*
#####
PackageName: rich
-SPDXID: SPDXRef-Package-56-rich
+SPDXID: SPDXRef-Package-58-rich
PackageVersion: 13.4.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
@@ -872,7 +902,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.4.2:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
-SPDXID: SPDXRef-Package-57-markdown-it-py
+SPDXID: SPDXRef-Package-59-markdown-it-py
PackageVersion: 3.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
@@ -887,7 +917,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:
#####
PackageName: mdurl
-SPDXID: SPDXRef-Package-58-mdurl
+SPDXID: SPDXRef-Package-60-mdurl
PackageVersion: 0.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com)
@@ -902,7 +932,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
#####
PackageName: pygments
-SPDXID: SPDXRef-Package-59-pygments
+SPDXID: SPDXRef-Package-61-pygments
PackageVersion: 2.15.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Georg Brandl (georg@python.org)
@@ -917,7 +947,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.15.1:*:*:*:*:*
#####
PackageName: rpmfile
-SPDXID: SPDXRef-Package-60-rpmfile
+SPDXID: SPDXRef-Package-62-rpmfile
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Sean Ross (srossross@gmail.com)
@@ -932,7 +962,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:1.1.1:*:*:*:*:*:*:*
#####
PackageName: toml
-SPDXID: SPDXRef-Package-61-toml
+SPDXID: SPDXRef-Package-63-toml
PackageVersion: 0.10.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: William Pearson (uiri@xqz.ca)
@@ -947,7 +977,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
#####
PackageName: xmlschema
-SPDXID: SPDXRef-Package-62-xmlschema
+SPDXID: SPDXRef-Package-64-xmlschema
PackageVersion: 2.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -962,7 +992,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.3.1:*:*:*:*
#####
PackageName: elementpath
-SPDXID: SPDXRef-Package-63-elementpath
+SPDXID: SPDXRef-Package-65-elementpath
PackageVersion: 4.1.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -977,7 +1007,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.1.4:*:*:*
#####
PackageName: zstandard
-SPDXID: SPDXRef-Package-64-zstandard
+SPDXID: SPDXRef-Package-66-zstandard
PackageVersion: 0.21.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com)
@@ -1003,17 +1033,17 @@ Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-39-urlli
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-41-importlib-metadata
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-jinja2
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-jsonschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-47-lib4sbom
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-48-pyyaml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-packaging
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-plotly
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-python-gnupg
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-54-requests
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-rich
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-60-rpmfile
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-toml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-xmlschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-zstandard
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-49-lib4sbom
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-pyyaml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-packaging
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-plotly
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-python-gnupg
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-requests
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-58-rich
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-rpmfile
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-63-toml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-xmlschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-66-zstandard
Relationship: SPDXRef-Package-11-beautifulsoup4 DEPENDS_ON SPDXRef-Package-12-soupsieve
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-17-argcomplete
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-18-crcmod
@@ -1067,20 +1097,25 @@ Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-38-cache
Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-39-urllib3
Relationship: SPDXRef-Package-41-importlib-metadata DEPENDS_ON SPDXRef-Package-42-zipp
Relationship: SPDXRef-Package-43-jinja2 DEPENDS_ON SPDXRef-Package-44-markupsafe
-Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-46-pyrsistent
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-46-jsonschema-specifications
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-47-referencing
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-48-rpds-py
Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-6-attrs
-Relationship: SPDXRef-Package-47-lib4sbom DEPENDS_ON SPDXRef-Package-48-pyyaml
-Relationship: SPDXRef-Package-47-lib4sbom DEPENDS_ON SPDXRef-Package-49-semantic-version
-Relationship: SPDXRef-Package-50-packaging DEPENDS_ON SPDXRef-Package-26-pyparsing
-Relationship: SPDXRef-Package-51-plotly DEPENDS_ON SPDXRef-Package-50-packaging
-Relationship: SPDXRef-Package-51-plotly DEPENDS_ON SPDXRef-Package-52-tenacity
-Relationship: SPDXRef-Package-54-requests DEPENDS_ON SPDXRef-Package-10-idna
-Relationship: SPDXRef-Package-54-requests DEPENDS_ON SPDXRef-Package-39-urllib3
-Relationship: SPDXRef-Package-54-requests DEPENDS_ON SPDXRef-Package-55-certifi
-Relationship: SPDXRef-Package-54-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
-Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-57-markdown-it-py
-Relationship: SPDXRef-Package-56-rich DEPENDS_ON SPDXRef-Package-59-pygments
-Relationship: SPDXRef-Package-57-markdown-it-py DEPENDS_ON SPDXRef-Package-58-mdurl
-Relationship: SPDXRef-Package-62-xmlschema DEPENDS_ON SPDXRef-Package-63-elementpath
+Relationship: SPDXRef-Package-46-jsonschema-specifications DEPENDS_ON SPDXRef-Package-47-referencing
+Relationship: SPDXRef-Package-47-referencing DEPENDS_ON SPDXRef-Package-48-rpds-py
+Relationship: SPDXRef-Package-47-referencing DEPENDS_ON SPDXRef-Package-6-attrs
+Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-50-pyyaml
+Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-51-semantic-version
+Relationship: SPDXRef-Package-52-packaging DEPENDS_ON SPDXRef-Package-26-pyparsing
+Relationship: SPDXRef-Package-53-plotly DEPENDS_ON SPDXRef-Package-52-packaging
+Relationship: SPDXRef-Package-53-plotly DEPENDS_ON SPDXRef-Package-54-tenacity
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-10-idna
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-39-urllib3
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-57-certifi
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
+Relationship: SPDXRef-Package-58-rich DEPENDS_ON SPDXRef-Package-59-markdown-it-py
+Relationship: SPDXRef-Package-58-rich DEPENDS_ON SPDXRef-Package-61-pygments
+Relationship: SPDXRef-Package-59-markdown-it-py DEPENDS_ON SPDXRef-Package-60-mdurl
+Relationship: SPDXRef-Package-64-xmlschema DEPENDS_ON SPDXRef-Package-65-elementpath
Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-10-idna
Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-8-multidict