Skip to content

Commit

Permalink
chore: update SBOM for Python 3.9
Browse files Browse the repository at this point in the history
  • Loading branch information
@web-flow
web-flow authored Jan 16, 2023
1 parent f627fab commit a811ed0
Show file tree
Hide file tree
Showing 2 changed files with 246 additions and 185 deletions.
72 changes: 39 additions & 33 deletions sbom/cve-bin-tool-py3.9.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuidefe58404-a04b-40a2-afc8-fbfc55c7ccf4",
"serialNumber": "urn:uuid99b5dc7e-f0cd-449d-8015-0ecf17d3e4df",
"version": 1,
"metadata": {
"timestamp": "2023-01-09T00:26:11Z",
"timestamp": "2023-01-16T00:57:44Z",
"tools": [
{
"name": "sbom4python",
"version": "0.4.0"
"version": "0.7.0"
}
]
},
Expand Down Expand Up @@ -81,8 +81,8 @@
"bom-ref": "5-async-timeout",
"name": "async-timeout",
"version": "4.0.2",
"author": "Andrew Svetlov <andrew.svetlov@gmail.com>",
"cpe": "cpe:/a:andrew_svetlov_<andrew.svetlov@gmail.com>:async-timeout:4.0.2",
"author": "Andrew Svetlov",
"cpe": "cpe:/a:andrew_svetlov:async-timeout:4.0.2",
"licenses": [
{
"license": {
Expand Down Expand Up @@ -115,8 +115,8 @@
"bom-ref": "7-charset-normalizer",
"name": "charset-normalizer",
"version": "2.1.1",
"author": "Ahmed TAHRI @Ousret",
"cpe": "cpe:/a:ahmed_tahri_@ousret:charset-normalizer:2.1.1",
"author": "Ahmed TAHRI Ousret",
"cpe": "cpe:/a:ahmed_tahri_ousret:charset-normalizer:2.1.1",
"licenses": [
{
"license": {
Expand Down Expand Up @@ -166,6 +166,8 @@
"bom-ref": "10-idna",
"name": "idna",
"version": "3.4",
"author": "Kim Davies",
"cpe": "cpe:/a:kim_davies:idna:3.4",
"purl": "pkg:pypi/idna@3.4"
},
{
Expand All @@ -190,15 +192,17 @@
"bom-ref": "12-soupsieve",
"name": "soupsieve",
"version": "2.3.2.post1",
"author": "Isaac Muse",
"cpe": "cpe:/a:isaac_muse:soupsieve:2.3.2.post1",
"purl": "pkg:pypi/soupsieve@2.3.2.post1"
},
{
"type": "library",
"bom-ref": "13-cvss",
"name": "cvss",
"version": "2.5",
"author": "Stanislav Kontar, Red Hat Product Security",
"cpe": "cpe:/a:stanislav_kontar,_red_hat_product_security:cvss:2.5",
"author": "Stanislav Red Hat Product Security",
"cpe": "cpe:/a:stanislav_red_hat_product_security:cvss:2.5",
"purl": "pkg:pypi/cvss@2.5"
},
{
Expand Down Expand Up @@ -231,9 +235,9 @@
"type": "library",
"bom-ref": "16-gsutil",
"name": "gsutil",
"version": "5.17",
"version": "5.18",
"author": "Google Inc.",
"cpe": "cpe:/a:google_inc.:gsutil:5.17",
"cpe": "cpe:/a:google_inc.:gsutil:5.18",
"licenses": [
{
"license": {
Expand All @@ -242,7 +246,7 @@
}
}
],
"purl": "pkg:pypi/gsutil@5.17"
"purl": "pkg:pypi/gsutil@5.18"
},
{
"type": "library",
Expand Down Expand Up @@ -394,6 +398,8 @@
"bom-ref": "26-pyparsing",
"name": "pyparsing",
"version": "3.0.9",
"author": "Paul McGuire",
"cpe": "cpe:/a:paul_mcguire:pyparsing:3.0.9",
"purl": "pkg:pypi/pyparsing@3.0.9"
},
{
Expand Down Expand Up @@ -479,8 +485,8 @@
"bom-ref": "33-cffi",
"name": "cffi",
"version": "1.15.1",
"author": "Armin Rigo, Maciej Fijalkowski",
"cpe": "cpe:/a:armin_rigo,_maciej_fijalkowski:cffi:1.15.1",
"author": "Armin Maciej Fijalkowski",
"cpe": "cpe:/a:armin_maciej_fijalkowski:cffi:1.15.1",
"licenses": [
{
"license": {
Expand Down Expand Up @@ -538,9 +544,9 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
"version": "2.15.0",
"version": "2.16.0",
"author": "Google Cloud Platform",
"cpe": "cpe:/a:google_cloud_platform:google-auth:2.15.0",
"cpe": "cpe:/a:google_cloud_platform:google-auth:2.16.0",
"licenses": [
{
"license": {
Expand All @@ -549,7 +555,7 @@
}
}
],
"purl": "pkg:pypi/google-auth@2.15.0"
"purl": "pkg:pypi/google-auth@2.16.0"
},
{
"type": "library",
Expand Down Expand Up @@ -658,9 +664,9 @@
"type": "library",
"bom-ref": "45-plotly",
"name": "plotly",
"version": "5.11.0",
"version": "5.12.0",
"author": "Chris P",
"cpe": "cpe:/a:chris_p:plotly:5.11.0",
"cpe": "cpe:/a:chris_p:plotly:5.12.0",
"licenses": [
{
"license": {
Expand All @@ -669,7 +675,7 @@
}
}
],
"purl": "pkg:pypi/plotly@5.11.0"
"purl": "pkg:pypi/plotly@5.12.0"
},
{
"type": "library",
Expand Down Expand Up @@ -709,9 +715,9 @@
"type": "library",
"bom-ref": "48-requests",
"name": "requests",
"version": "2.28.1",
"version": "2.28.2",
"author": "Kenneth Reitz",
"cpe": "cpe:/a:kenneth_reitz:requests:2.28.1",
"cpe": "cpe:/a:kenneth_reitz:requests:2.28.2",
"licenses": [
{
"license": {
Expand All @@ -720,7 +726,7 @@
}
}
],
"purl": "pkg:pypi/requests@2.28.1"
"purl": "pkg:pypi/requests@2.28.2"
},
{
"type": "library",
Expand All @@ -743,9 +749,9 @@
"type": "library",
"bom-ref": "50-urllib3",
"name": "urllib3",
"version": "1.26.13",
"version": "1.26.14",
"author": "Andrey Petrov",
"cpe": "cpe:/a:andrey_petrov:urllib3:1.26.13",
"cpe": "cpe:/a:andrey_petrov:urllib3:1.26.14",
"licenses": [
{
"license": {
Expand All @@ -754,15 +760,15 @@
}
}
],
"purl": "pkg:pypi/urllib3@1.26.13"
"purl": "pkg:pypi/urllib3@1.26.14"
},
{
"type": "library",
"bom-ref": "51-rich",
"name": "rich",
"version": "13.0.1",
"version": "13.1.0",
"author": "Will McGugan",
"cpe": "cpe:/a:will_mcgugan:rich:13.0.1",
"cpe": "cpe:/a:will_mcgugan:rich:13.1.0",
"licenses": [
{
"license": {
Expand All @@ -771,15 +777,15 @@
}
}
],
"purl": "pkg:pypi/rich@13.0.1"
"purl": "pkg:pypi/rich@13.1.0"
},
{
"type": "library",
"bom-ref": "52-commonmark",
"name": "commonmark",
"version": "0.9.1",
"author": "Bibek Kafle <bkafle662@gmail.com>, Roland Shoemaker <rolandshoemaker@gmail.com>",
"cpe": "cpe:/a:bibek_kafle_<bkafle662@gmail.com>,_roland_shoemaker_<rolandshoemaker@gmail.com>:commonmark:0.9.1",
"author": "Bibek Kafle Roland Shoemaker",
"cpe": "cpe:/a:bibek_kafle_roland_shoemaker:commonmark:0.9.1",
"licenses": [
{
"license": {
Expand Down Expand Up @@ -812,8 +818,8 @@
"bom-ref": "54-rpmfile",
"name": "rpmfile",
"version": "1.0.8",
"author": "Sean Ross-Ross",
"cpe": "cpe:/a:sean_ross-ross:rpmfile:1.0.8",
"author": "Sean Ross",
"cpe": "cpe:/a:sean_ross:rpmfile:1.0.8",
"licenses": [
{
"license": {
Expand Down
Loading

0 comments on commit a811ed0

Please sign in to comment.