From 456102f3bc037cbabc04abe323996697594b72a9 Mon Sep 17 00:00:00 2001 From: GitHub Date: Mon, 26 Jun 2023 01:09:02 +0000 Subject: [PATCH] chore: update SBOM for Python 3.8 --- sbom/cve-bin-tool-py3.8.json | 12 ++++++------ sbom/cve-bin-tool-py3.8.spdx | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json index d9952e47f2..db2a8fe1be 100644 --- a/sbom/cve-bin-tool-py3.8.json +++ b/sbom/cve-bin-tool-py3.8.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.4", - "serialNumber": "urn:uuid31d60468-ab8e-4f6a-b1d8-3680a07b7e79", + "serialNumber": "urn:uuid7051731f-029b-4785-9ff3-e539cec66c8f", "version": 1, "metadata": { - "timestamp": "2023-06-19T00:30:45Z", + "timestamp": "2023-06-26T01:09:00Z", "tools": [ { "name": "sbom4python", @@ -547,7 +547,7 @@ "type": "library", "bom-ref": "16-gsutil", "name": "gsutil", - "version": "5.24", + "version": "5.25", "supplier": { "name": "Google Inc.", "contact": [ @@ -556,7 +556,7 @@ } ] }, - "cpe": "cpe:2.3:a:google_inc.:gsutil:5.24:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:google_inc.:gsutil:5.25:*:*:*:*:*:*:*", "description": "A command line tool for interacting with cloud storage services.", "licenses": [ { @@ -573,12 +573,12 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/gsutil/5.24", + "url": "https://pypi.org/project/gsutil/5.25", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/gsutil@5.24", + "purl": "pkg:pypi/gsutil@5.25", "properties": [ { "name": "License Comments", diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx index 10c32b0fe5..06123cea04 100644 --- a/sbom/cve-bin-tool-py3.8.spdx +++ b/sbom/cve-bin-tool-py3.8.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: Python-cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-a85c7ee1-86c0-484c-9c0e-fdbfbe2204e8 +DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-4a7fa12d-2978-4c77-90be-fba3f08b0a2d LicenseListVersion: 3.20 Creator: Tool: sbom4python-0.9.1 -Created: 2023-06-19T00:28:55Z +Created: 2023-06-26T01:07:38Z CreatorComment: This document has been automatically generated. ##### @@ -252,10 +252,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:* PackageName: gsutil SPDXID: SPDXRef-Package-16-gsutil -PackageVersion: 5.24 +PackageVersion: 5.25 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com) -PackageDownloadLocation: https://pypi.org/project/gsutil/5.24 +PackageDownloadLocation: https://pypi.org/project/gsutil/5.25 FilesAnalyzed: false PackageHomePage: https://cloud.google.com/storage/docs/gsutil PackageLicenseDeclared: NOASSERTION @@ -263,8 +263,8 @@ PackageLicenseConcluded: Apache-2.0 PackageLicenseComments: gsutil declares Apache 2.0 which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: A command line tool for interacting with cloud storage services. -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.24 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.24:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.25 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.25:*:*:*:*:*:*:* ##### PackageName: argcomplete