diff --git a/sbom/cve-bin-tool-py3.12.json b/sbom/cve-bin-tool-py3.12.json
index 8a750aa798..34ed0defc2 100644
--- a/sbom/cve-bin-tool-py3.12.json
+++ b/sbom/cve-bin-tool-py3.12.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.5",
- "serialNumber": "urn:uuid:1134ea94-6349-4262-b57f-e37ae9566c26",
+ "serialNumber": "urn:uuid:0acfe7bf-745e-4b5d-b8fe-4730e94a4f6d",
"version": 1,
"metadata": {
- "timestamp": "2024-04-15T02:43:09Z",
+ "timestamp": "2024-04-22T00:27:41Z",
"tools": {
"components": [
{
@@ -26,7 +26,7 @@
"type": "application",
"bom-ref": "1-cve-bin-tool",
"name": "cve-bin-tool",
- "version": "3.3",
+ "version": "3.3.1.dev0",
"supplier": {
"name": "Terri Oda",
"contact": [
@@ -35,14 +35,8 @@
}
]
},
- "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.3.1.dev0:*:*:*:*:*:*:*",
"description": "CVE Binary Checker Tool",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "83e30ee0f640bce7a20d4346c85873d359c05d1f"
- }
- ],
"licenses": [
{
"license": {
@@ -53,12 +47,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/cve-bin-tool/3.3",
+ "url": "https://pypi.org/project/cve-bin-tool/3.3.1.dev0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/cve-bin-tool@3.3",
+ "purl": "pkg:pypi/cve-bin-tool@3.3.1.dev0",
"properties": [
{
"name": "language",
@@ -66,7 +60,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -74,7 +68,7 @@
"type": "library",
"bom-ref": "2-aiohttp",
"name": "aiohttp",
- "version": "3.9.4",
+ "version": "3.9.5",
"description": "Async http client/server framework (asyncio)",
"licenses": [
{
@@ -86,12 +80,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/aiohttp/3.9.4",
+ "url": "https://pypi.org/project/aiohttp/3.9.5",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/aiohttp@3.9.4",
+ "purl": "pkg:pypi/aiohttp@3.9.5",
"properties": [
{
"name": "language",
@@ -99,7 +93,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -137,7 +131,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -170,7 +164,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -204,7 +198,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -252,7 +246,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -300,7 +294,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -334,7 +328,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -376,7 +370,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -416,7 +410,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -458,7 +452,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -506,7 +500,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -548,7 +542,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -596,7 +590,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -638,7 +632,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -680,7 +674,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -722,7 +716,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -765,7 +759,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -807,7 +801,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -855,7 +849,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -903,7 +897,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -951,7 +945,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -999,7 +993,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1047,7 +1041,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1087,7 +1081,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1135,7 +1129,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1177,7 +1171,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1219,7 +1213,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1267,7 +1261,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1315,7 +1309,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1354,7 +1348,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1402,7 +1396,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1444,7 +1438,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1492,7 +1486,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1540,7 +1534,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1582,7 +1576,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1624,7 +1618,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1672,7 +1666,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1711,7 +1705,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1750,7 +1744,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1787,7 +1781,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1830,7 +1824,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1859,7 +1853,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1896,7 +1890,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1938,7 +1932,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -1986,7 +1980,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2034,7 +2028,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2077,7 +2071,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2111,7 +2105,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2119,7 +2113,7 @@
"type": "library",
"bom-ref": "50-plotly",
"name": "plotly",
- "version": "5.20.0",
+ "version": "5.21.0",
"supplier": {
"name": "Chris P",
"contact": [
@@ -2128,14 +2122,8 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:5.20.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:5.21.0:*:*:*:*:*:*:*",
"description": "An open-source, interactive data visualization library for Python",
- "hashes": [
- {
- "alg": "SHA-1",
- "content": "9335a34ca77399a597a72420f73e947217d3d410"
- }
- ],
"licenses": [
{
"license": {
@@ -2146,12 +2134,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/plotly/5.20.0",
+ "url": "https://pypi.org/project/plotly/5.21.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/plotly@5.20.0",
+ "purl": "pkg:pypi/plotly@5.21.0",
"properties": [
{
"name": "language",
@@ -2159,7 +2147,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2207,7 +2195,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2255,7 +2243,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2303,7 +2291,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2345,7 +2333,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2393,7 +2381,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2427,7 +2415,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2469,7 +2457,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2509,7 +2497,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2549,7 +2537,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2597,7 +2585,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2639,7 +2627,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2647,7 +2635,7 @@
"type": "library",
"bom-ref": "62-xmlschema",
"name": "xmlschema",
- "version": "3.2.1",
+ "version": "3.3.0",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -2656,7 +2644,7 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.2.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.3.0:*:*:*:*:*:*:*",
"description": "An XML Schema validator and decoder",
"licenses": [
{
@@ -2668,12 +2656,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/xmlschema/3.2.1",
+ "url": "https://pypi.org/project/xmlschema/3.3.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/xmlschema@3.2.1",
+ "purl": "pkg:pypi/xmlschema@3.3.0",
"properties": [
{
"name": "language",
@@ -2681,7 +2669,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2723,7 +2711,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
},
@@ -2771,7 +2759,7 @@
},
{
"name": "python_version",
- "value": "3.12.2"
+ "value": "3.12.3"
}
]
}
diff --git a/sbom/cve-bin-tool-py3.12.spdx b/sbom/cve-bin-tool-py3.12.spdx
index 986f0bd4d1..0f2a0ba16d 100644
--- a/sbom/cve-bin-tool-py3.12.spdx
+++ b/sbom/cve-bin-tool-py3.12.spdx
@@ -2,42 +2,41 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-54b655be-6b8b-4720-8b97-b17adec09373
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-aaa91dd7-47bb-4ce8-b80c-b04e18631b28
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.10.4
-Created: 2024-04-15T02:41:54Z
+Created: 2024-04-22T00:26:28Z
CreatorComment: This document has been automatically generated.
#####
PackageName: cve-bin-tool
SPDXID: SPDXRef-Package-1-cve-bin-tool
-PackageVersion: 3.3
+PackageVersion: 3.3.1.dev0
PrimaryPackagePurpose: APPLICATION
PackageSupplier: Person: Terri Oda (terri.oda@intel.com)
-PackageDownloadLocation: https://pypi.org/project/cve-bin-tool/3.3
+PackageDownloadLocation: https://pypi.org/project/cve-bin-tool/3.3.1.dev0
FilesAnalyzed: false
-PackageChecksum: SHA1: 83e30ee0f640bce7a20d4346c85873d359c05d1f
PackageLicenseDeclared: GPL-3.0-or-later
PackageLicenseConcluded: GPL-3.0-or-later
PackageCopyrightText: NOASSERTION
PackageSummary: CVE Binary Checker Tool
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cve-bin-tool@3.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cve-bin-tool@3.3.1.dev0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.3.1.dev0:*:*:*:*:*:*:*
#####
PackageName: aiohttp
SPDXID: SPDXRef-Package-2-aiohttp
-PackageVersion: 3.9.4
+PackageVersion: 3.9.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiohttp/3.9.4
+PackageDownloadLocation: https://pypi.org/project/aiohttp/3.9.5
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: aiohttp declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Async http client/server framework (asyncio)
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.9.4
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/aiohttp@3.9.5
#####
PackageName: aiosignal
@@ -788,18 +787,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.0:*:*:*:*:*
PackageName: plotly
SPDXID: SPDXRef-Package-50-plotly
-PackageVersion: 5.20.0
+PackageVersion: 5.21.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/5.20.0
+PackageDownloadLocation: https://pypi.org/project/plotly/5.21.0
FilesAnalyzed: false
-PackageChecksum: SHA1: 9335a34ca77399a597a72420f73e947217d3d410
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source, interactive data visualization library for Python
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.20.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.20.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/plotly@5.21.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.21.0:*:*:*:*:*:*:*
#####
PackageName: tenacity
@@ -979,17 +977,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.0.0:*:*:*:*:*:*:*
PackageName: xmlschema
SPDXID: SPDXRef-Package-62-xmlschema
-PackageVersion: 3.2.1
+PackageVersion: 3.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/xmlschema/3.2.1
+PackageDownloadLocation: https://pypi.org/project/xmlschema/3.3.0
FilesAnalyzed: false
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An XML Schema validator and decoder
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.2.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.2.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.3.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.3.0:*:*:*:*:*:*:*
#####
PackageName: elementpath