diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index de37a2be56..2fe669fab7 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
- "serialNumber": "urn:uuid114dbdc2-8f81-43cf-89d4-691fe353ae23",
+ "serialNumber": "urn:uuid04f5514f-73c5-4303-bf0e-424535b96a39",
"version": 1,
"metadata": {
- "timestamp": "2023-05-08T01:12:36Z",
+ "timestamp": "2023-05-15T00:57:08Z",
"tools": [
{
"name": "sbom4python",
@@ -1377,7 +1377,7 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
- "version": "2.17.3",
+ "version": "2.18.0",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
@@ -1386,7 +1386,7 @@
}
]
},
- "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.17.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.18.0:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
@@ -1403,12 +1403,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/google-auth/2.17.3",
+ "url": "https://pypi.org/project/google-auth/2.18.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/google-auth@2.17.3",
+ "purl": "pkg:pypi/google-auth@2.18.0",
"properties": [
{
"name": "License Comments",
@@ -1455,7 +1455,44 @@
},
{
"type": "library",
- "bom-ref": "39-monotonic",
+ "bom-ref": "39-urllib3",
+ "name": "urllib3",
+ "version": "1.26.15",
+ "supplier": {
+ "name": "Andrey Petrov",
+ "contact": [
+ {
+ "email": "andrey.petrov@shazow.net"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:andrey_petrov:urllib3:1.26.15:*:*:*:*:*:*:*",
+ "description": "HTTP library with thread-safe connection pooling, file post, and more.",
+ "licenses": [
+ {
+ "license": {
+ "id": "MIT",
+ "url": "https://opensource.org/licenses/MIT"
+ }
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://urllib3.readthedocs.io/",
+ "type": "website",
+ "comment": "Home page for project"
+ },
+ {
+ "url": "https://pypi.org/project/urllib3/1.26.15",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/urllib3@1.26.15"
+ },
+ {
+ "type": "library",
+ "bom-ref": "40-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
@@ -1498,7 +1535,7 @@
},
{
"type": "library",
- "bom-ref": "40-jinja2",
+ "bom-ref": "41-jinja2",
"name": "jinja2",
"version": "3.1.2",
"supplier": {
@@ -1535,7 +1572,7 @@
},
{
"type": "library",
- "bom-ref": "41-markupsafe",
+ "bom-ref": "42-markupsafe",
"name": "markupsafe",
"version": "2.1.2",
"supplier": {
@@ -1572,7 +1609,7 @@
},
{
"type": "library",
- "bom-ref": "42-jsonschema",
+ "bom-ref": "43-jsonschema",
"name": "jsonschema",
"version": "4.17.3",
"supplier": {
@@ -1599,7 +1636,7 @@
},
{
"type": "library",
- "bom-ref": "43-pyrsistent",
+ "bom-ref": "44-pyrsistent",
"name": "pyrsistent",
"version": "0.19.3",
"supplier": {
@@ -1636,7 +1673,7 @@
},
{
"type": "library",
- "bom-ref": "44-lib4sbom",
+ "bom-ref": "45-lib4sbom",
"name": "lib4sbom",
"version": "0.3.1",
"supplier": {
@@ -1673,7 +1710,7 @@
},
{
"type": "library",
- "bom-ref": "45-pyyaml",
+ "bom-ref": "46-pyyaml",
"name": "pyyaml",
"version": "6.0",
"supplier": {
@@ -1710,7 +1747,7 @@
},
{
"type": "library",
- "bom-ref": "46-semantic-version",
+ "bom-ref": "47-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
@@ -1753,7 +1790,7 @@
},
{
"type": "library",
- "bom-ref": "47-packaging",
+ "bom-ref": "48-packaging",
"name": "packaging",
"version": "21.3",
"supplier": {
@@ -1795,7 +1832,7 @@
},
{
"type": "library",
- "bom-ref": "48-plotly",
+ "bom-ref": "49-plotly",
"name": "plotly",
"version": "5.14.1",
"supplier": {
@@ -1832,7 +1869,7 @@
},
{
"type": "library",
- "bom-ref": "49-tenacity",
+ "bom-ref": "50-tenacity",
"name": "tenacity",
"version": "8.2.2",
"supplier": {
@@ -1875,7 +1912,7 @@
},
{
"type": "library",
- "bom-ref": "50-requests",
+ "bom-ref": "51-requests",
"name": "requests",
"version": "2.30.0",
"supplier": {
@@ -1918,7 +1955,7 @@
},
{
"type": "library",
- "bom-ref": "51-certifi",
+ "bom-ref": "52-certifi",
"name": "certifi",
"version": "2023.5.7",
"supplier": {
@@ -1953,30 +1990,6 @@
],
"purl": "pkg:pypi/certifi@2023.5.7"
},
- {
- "type": "library",
- "bom-ref": "52-urllib3",
- "name": "urllib3",
- "version": "2.0.2",
- "supplier": {
- "name": "Andrey Petrov",
- "contact": [
- {
- "email": "andrey.petrov@shazow.net"
- }
- ]
- },
- "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.0.2:*:*:*:*:*:*:*",
- "description": "HTTP library with thread-safe connection pooling, file post, and more.",
- "externalReferences": [
- {
- "url": "https://pypi.org/project/urllib3/2.0.2",
- "type": "distribution",
- "comment": "Download location for component"
- }
- ],
- "purl": "pkg:pypi/urllib3@2.0.2"
- },
{
"type": "library",
"bom-ref": "53-rich",
@@ -2302,17 +2315,17 @@
"14-defusedxml",
"15-distro",
"16-gsutil",
- "40-jinja2",
- "42-jsonschema",
- "44-lib4sbom",
- "47-packaging",
- "48-plotly",
- "45-pyyaml",
- "50-requests",
+ "41-jinja2",
+ "43-jsonschema",
+ "45-lib4sbom",
+ "48-packaging",
+ "49-plotly",
+ "46-pyyaml",
+ "51-requests",
"53-rich",
"57-rpmfile",
"58-toml",
- "52-urllib3",
+ "39-urllib3",
"59-xmlschema",
"61-zstandard"
]
@@ -2359,7 +2372,7 @@
"37-google-auth",
"22-google-reauth",
"25-httplib2",
- "39-monotonic",
+ "40-monotonic",
"31-pyopenssl",
"35-retry-decorator",
"24-six"
@@ -2451,49 +2464,50 @@
"38-cachetools",
"29-pyasn1-modules",
"30-rsa",
- "24-six"
+ "24-six",
+ "39-urllib3"
]
},
{
- "ref": "40-jinja2",
+ "ref": "41-jinja2",
"dependsOn": [
- "41-markupsafe"
+ "42-markupsafe"
]
},
{
- "ref": "42-jsonschema",
+ "ref": "43-jsonschema",
"dependsOn": [
"6-attrs",
- "43-pyrsistent"
+ "44-pyrsistent"
]
},
{
- "ref": "44-lib4sbom",
+ "ref": "45-lib4sbom",
"dependsOn": [
- "45-pyyaml",
- "46-semantic-version"
+ "46-pyyaml",
+ "47-semantic-version"
]
},
{
- "ref": "47-packaging",
+ "ref": "48-packaging",
"dependsOn": [
"26-pyparsing"
]
},
{
- "ref": "48-plotly",
+ "ref": "49-plotly",
"dependsOn": [
- "47-packaging",
- "49-tenacity"
+ "48-packaging",
+ "50-tenacity"
]
},
{
- "ref": "50-requests",
+ "ref": "51-requests",
"dependsOn": [
- "51-certifi",
+ "52-certifi",
"7-charset-normalizer",
"10-idna",
- "52-urllib3"
+ "39-urllib3"
]
},
{
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index c1fa61ee93..30e51b47fe 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ea2dc7e2-85c7-461e-9e1c-fad732819d21
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-999e2c55-cada-4296-8921-29f157f5a05f
LicenseListVersion: 3.20
Creator: Tool: sbom4python-0.9.1
-Created: 2023-05-08T01:11:29Z
+Created: 2023-05-15T00:55:50Z
CreatorComment: This document has been automatically generated.
#####
@@ -599,10 +599,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
PackageName: google-auth
SPDXID: SPDXRef-Package-37-google-auth
-PackageVersion: 2.17.3
+PackageVersion: 2.18.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
-PackageDownloadLocation: https://pypi.org/project/google-auth/2.17.3
+PackageDownloadLocation: https://pypi.org/project/google-auth/2.18.0
FilesAnalyzed: false
PackageHomePage: https://github.com/googleapis/google-auth-library-python
PackageLicenseDeclared: NOASSERTION
@@ -610,8 +610,8 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: google-auth declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.17.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.18.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.18.0:*:*:*:*:*:*:*
#####
PackageName: cachetools
@@ -630,8 +630,24 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.3.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.3.0:*:*:*:*:*:*:*
#####
+PackageName: urllib3
+SPDXID: SPDXRef-Package-39-urllib3
+PackageVersion: 1.26.15
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
+PackageDownloadLocation: https://pypi.org/project/urllib3/1.26.15
+FilesAnalyzed: false
+PackageHomePage: https://urllib3.readthedocs.io/
+PackageLicenseDeclared: MIT
+PackageLicenseConcluded: MIT
+PackageCopyrightText: NOASSERTION
+PackageSummary: HTTP library with thread-safe connection pooling, file post, and more.
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/urllib3@1.26.15
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:1.26.15:*:*:*:*:*:*:*
+#####
+
PackageName: monotonic
-SPDXID: SPDXRef-Package-39-monotonic
+SPDXID: SPDXRef-Package-40-monotonic
PackageVersion: 1.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ori Livneh (ori@wikimedia.org)
@@ -648,7 +664,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
#####
PackageName: jinja2
-SPDXID: SPDXRef-Package-40-jinja2
+SPDXID: SPDXRef-Package-41-jinja2
PackageVersion: 3.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher (armin.ronacher@active-4.com)
@@ -664,7 +680,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:jinja2:3.1.2:*:*:*:*:*:
#####
PackageName: markupsafe
-SPDXID: SPDXRef-Package-41-markupsafe
+SPDXID: SPDXRef-Package-42-markupsafe
PackageVersion: 2.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Armin Ronacher (armin.ronacher@active-4.com)
@@ -680,7 +696,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:markupsafe:2.1.2:*:*:*:
#####
PackageName: jsonschema
-SPDXID: SPDXRef-Package-42-jsonschema
+SPDXID: SPDXRef-Package-43-jsonschema
PackageVersion: 4.17.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -695,7 +711,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.17.3:*:*:*:
#####
PackageName: pyrsistent
-SPDXID: SPDXRef-Package-43-pyrsistent
+SPDXID: SPDXRef-Package-44-pyrsistent
PackageVersion: 0.19.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Tobias Gustafsson (tobias.l.gustafsson@gmail.com)
@@ -711,7 +727,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:tobias_gustafsson:pyrsistent:0.19.3:*:
#####
PackageName: lib4sbom
-SPDXID: SPDXRef-Package-44-lib4sbom
+SPDXID: SPDXRef-Package-45-lib4sbom
PackageVersion: 0.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -727,7 +743,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.3.1:*:*:*:
#####
PackageName: pyyaml
-SPDXID: SPDXRef-Package-45-pyyaml
+SPDXID: SPDXRef-Package-46-pyyaml
PackageVersion: 6.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kirill Simonov (xi@resolvent.net)
@@ -743,7 +759,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0:*:*:*:*:*:*:
#####
PackageName: semantic-version
-SPDXID: SPDXRef-Package-46-semantic-version
+SPDXID: SPDXRef-Package-47-semantic-version
PackageVersion: 2.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org)
@@ -760,7 +776,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
#####
PackageName: packaging
-SPDXID: SPDXRef-Package-47-packaging
+SPDXID: SPDXRef-Package-48-packaging
PackageVersion: 21.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Donald Stufft and individual contributors (donald@stufft.io)
@@ -777,7 +793,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut
#####
PackageName: plotly
-SPDXID: SPDXRef-Package-48-plotly
+SPDXID: SPDXRef-Package-49-plotly
PackageVersion: 5.14.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
@@ -793,7 +809,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.14.1:*:*:*:*:*:*:*
#####
PackageName: tenacity
-SPDXID: SPDXRef-Package-49-tenacity
+SPDXID: SPDXRef-Package-50-tenacity
PackageVersion: 8.2.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julien Danjou (julien@danjou.info)
@@ -810,7 +826,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.2:*:*:*:*:*
#####
PackageName: requests
-SPDXID: SPDXRef-Package-50-requests
+SPDXID: SPDXRef-Package-51-requests
PackageVersion: 2.30.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -827,7 +843,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.30.0:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-Package-51-certifi
+SPDXID: SPDXRef-Package-52-certifi
PackageVersion: 2023.5.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -842,21 +858,6 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2023.5.7
ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*:*:*:*
#####
-PackageName: urllib3
-SPDXID: SPDXRef-Package-52-urllib3
-PackageVersion: 2.0.2
-PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
-PackageDownloadLocation: https://pypi.org/project/urllib3/2.0.2
-FilesAnalyzed: false
-PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: NOASSERTION
-PackageCopyrightText: NOASSERTION
-PackageSummary: HTTP library with thread-safe connection pooling, file post, and more.
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/urllib3@2.0.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.0.2:*:*:*:*:*:*:*
-#####
-
PackageName: rich
SPDXID: SPDXRef-Package-53-rich
PackageVersion: 13.3.5
@@ -1006,14 +1007,14 @@ Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-defus
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-distro
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-gsutil
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-2-aiohttp
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-40-jinja2
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-42-jsonschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-lib4sbom
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-pyyaml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-47-packaging
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-48-plotly
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-requests
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-urllib3
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-39-urllib3
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-41-jinja2
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-jsonschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-lib4sbom
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-46-pyyaml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-48-packaging
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-49-plotly
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-requests
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-rich
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-rpmfile
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-58-toml
@@ -1031,7 +1032,7 @@ Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-31-pyopenssl
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-35-retry-decorator
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-36-google-apitools
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-37-google-auth
-Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-39-monotonic
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-40-monotonic
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-3-aiosignal
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-4-frozenlist
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-5-async-timeout
@@ -1069,18 +1070,19 @@ Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-24-six
Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-29-pyasn1-modules
Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-30-rsa
Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-38-cachetools
-Relationship: SPDXRef-Package-40-jinja2 DEPENDS_ON SPDXRef-Package-41-markupsafe
-Relationship: SPDXRef-Package-42-jsonschema DEPENDS_ON SPDXRef-Package-43-pyrsistent
-Relationship: SPDXRef-Package-42-jsonschema DEPENDS_ON SPDXRef-Package-6-attrs
-Relationship: SPDXRef-Package-44-lib4sbom DEPENDS_ON SPDXRef-Package-45-pyyaml
-Relationship: SPDXRef-Package-44-lib4sbom DEPENDS_ON SPDXRef-Package-46-semantic-version
-Relationship: SPDXRef-Package-47-packaging DEPENDS_ON SPDXRef-Package-26-pyparsing
-Relationship: SPDXRef-Package-48-plotly DEPENDS_ON SPDXRef-Package-47-packaging
-Relationship: SPDXRef-Package-48-plotly DEPENDS_ON SPDXRef-Package-49-tenacity
-Relationship: SPDXRef-Package-50-requests DEPENDS_ON SPDXRef-Package-10-idna
-Relationship: SPDXRef-Package-50-requests DEPENDS_ON SPDXRef-Package-51-certifi
-Relationship: SPDXRef-Package-50-requests DEPENDS_ON SPDXRef-Package-52-urllib3
-Relationship: SPDXRef-Package-50-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
+Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-39-urllib3
+Relationship: SPDXRef-Package-41-jinja2 DEPENDS_ON SPDXRef-Package-42-markupsafe
+Relationship: SPDXRef-Package-43-jsonschema DEPENDS_ON SPDXRef-Package-44-pyrsistent
+Relationship: SPDXRef-Package-43-jsonschema DEPENDS_ON SPDXRef-Package-6-attrs
+Relationship: SPDXRef-Package-45-lib4sbom DEPENDS_ON SPDXRef-Package-46-pyyaml
+Relationship: SPDXRef-Package-45-lib4sbom DEPENDS_ON SPDXRef-Package-47-semantic-version
+Relationship: SPDXRef-Package-48-packaging DEPENDS_ON SPDXRef-Package-26-pyparsing
+Relationship: SPDXRef-Package-49-plotly DEPENDS_ON SPDXRef-Package-48-packaging
+Relationship: SPDXRef-Package-49-plotly DEPENDS_ON SPDXRef-Package-50-tenacity
+Relationship: SPDXRef-Package-51-requests DEPENDS_ON SPDXRef-Package-10-idna
+Relationship: SPDXRef-Package-51-requests DEPENDS_ON SPDXRef-Package-39-urllib3
+Relationship: SPDXRef-Package-51-requests DEPENDS_ON SPDXRef-Package-52-certifi
+Relationship: SPDXRef-Package-51-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
Relationship: SPDXRef-Package-53-rich DEPENDS_ON SPDXRef-Package-54-markdown-it-py
Relationship: SPDXRef-Package-53-rich DEPENDS_ON SPDXRef-Package-56-pygments
Relationship: SPDXRef-Package-54-markdown-it-py DEPENDS_ON SPDXRef-Package-55-mdurl