diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json index b096092b02..cce042cddb 100644 --- a/sbom/cve-bin-tool-py3.8.json +++ b/sbom/cve-bin-tool-py3.8.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.4", - "serialNumber": "urn:uuidf529a309-ba7a-475a-9cd4-e2aaf86d518d", + "serialNumber": "urn:uuid501e3c0f-3fa5-43ef-b4d9-59d5f5fb3baf", "version": 1, "metadata": { - "timestamp": "2023-01-23T00:26:15Z", + "timestamp": "2023-01-30T00:55:42Z", "tools": [ { "name": "sbom4python", @@ -200,10 +200,10 @@ "type": "library", "bom-ref": "13-cvss", "name": "cvss", - "version": "2.5", + "version": "2.6", "author": "Stanislav Red Hat Product Security", - "cpe": "cpe:/a:stanislav_red_hat_product_security:cvss:2.5", - "purl": "pkg:pypi/cvss@2.5" + "cpe": "cpe:/a:stanislav_red_hat_product_security:cvss:2.6", + "purl": "pkg:pypi/cvss@2.6" }, { "type": "library", @@ -235,9 +235,9 @@ "type": "library", "bom-ref": "16-gsutil", "name": "gsutil", - "version": "5.18", + "version": "5.19", "author": "Google Inc.", - "cpe": "cpe:/a:google_inc.:gsutil:5.18", + "cpe": "cpe:/a:google_inc.:gsutil:5.19", "licenses": [ { "license": { @@ -246,7 +246,7 @@ } } ], - "purl": "pkg:pypi/gsutil@5.18" + "purl": "pkg:pypi/gsutil@5.19" }, { "type": "library", @@ -596,10 +596,10 @@ "type": "library", "bom-ref": "41-zipp", "name": "zipp", - "version": "3.11.0", + "version": "3.12.0", "author": "Jason R. Coombs", - "cpe": "cpe:/a:jason_r._coombs:zipp:3.11.0", - "purl": "pkg:pypi/zipp@3.11.0" + "cpe": "cpe:/a:jason_r._coombs:zipp:3.12.0", + "purl": "pkg:pypi/zipp@3.12.0" }, { "type": "library", @@ -691,9 +691,9 @@ "type": "library", "bom-ref": "48-plotly", "name": "plotly", - "version": "5.12.0", + "version": "5.13.0", "author": "Chris P", - "cpe": "cpe:/a:chris_p:plotly:5.12.0", + "cpe": "cpe:/a:chris_p:plotly:5.13.0", "licenses": [ { "license": { @@ -702,7 +702,7 @@ } } ], - "purl": "pkg:pypi/plotly@5.12.0" + "purl": "pkg:pypi/plotly@5.13.0" }, { "type": "library", @@ -793,9 +793,9 @@ "type": "library", "bom-ref": "54-rich", "name": "rich", - "version": "13.2.0", + "version": "13.3.1", "author": "Will McGugan", - "cpe": "cpe:/a:will_mcgugan:rich:13.2.0", + "cpe": "cpe:/a:will_mcgugan:rich:13.3.1", "licenses": [ { "license": { @@ -804,7 +804,7 @@ } } ], - "purl": "pkg:pypi/rich@13.2.0" + "purl": "pkg:pypi/rich@13.3.1" }, { "type": "library", diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx index c7a39b9245..5050a6aeda 100644 --- a/sbom/cve-bin-tool-py3.8.spdx +++ b/sbom/cve-bin-tool-py3.8.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-5e8b5b3e-b140-4f19-abd8-d8acc6b4c776 +DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-527447ef-77ab-41ae-9e03-657173f78640 LicenseListVersion: 3.18 Creator: Tool: sbom4python-0.7.0 -Created: 2023-01-23T00:25:03Z +Created: 2023-01-30T00:54:08Z CreatorComment: This document has been automatically generated. ##### @@ -177,15 +177,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.3.2.post1:*:*:* PackageName: cvss SPDXID: SPDXRef-Package-13-cvss PackageSupplier: Organization: Stanislav Red Hat Product Security (skontar@redhat.com) -PackageVersion: 2.5 +PackageVersion: 2.6 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license LGPLv3+ PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cvss@2.5 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvss:2.5:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cvss@2.6 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvss:2.6:*:*:*:*:*:*:* ##### PackageName: defusedxml @@ -219,15 +219,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:* PackageName: gsutil SPDXID: SPDXRef-Package-16-gsutil PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com) -PackageVersion: 5.18 +PackageVersion: 5.19 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.18 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.18:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.19 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.19:*:*:*:*:*:*:* ##### PackageName: argcomplete @@ -569,15 +569,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:barry_warsaw:importlib-resources:5.10. PackageName: zipp SPDXID: SPDXRef-Package-41-zipp PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com) -PackageVersion: 3.11.0 +PackageVersion: 3.12.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.11.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.11.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.12.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.12.0:*:*:*:*:*:*:* ##### PackageName: jinja2 @@ -667,15 +667,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut PackageName: plotly SPDXID: SPDXRef-Package-48-plotly PackageSupplier: Person: Chris P (chris@plot.ly) -PackageVersion: 5.12.0 +PackageVersion: 5.13.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.12.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.12.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.13.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.0:*:*:*:*:*:*:* ##### PackageName: tenacity @@ -751,15 +751,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:1.26.14:*:*:*:*: PackageName: rich SPDXID: SPDXRef-Package-54-rich PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com) -PackageVersion: 13.2.0 +PackageVersion: 13.3.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.2.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.2.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.3.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.3.1:*:*:*:*:*:*:* ##### PackageName: markdown-it-py