chore: update SBOM for Python 3.9

sbom/cve-bin-tool-py3.9.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
-  "serialNumber": "urn:uuid420758eb-303d-4b6e-b6f5-56f0d3b08666",
+  "serialNumber": "urn:uuid6088ff29-52a3-431b-8259-f5b73cee4e1e",
   "version": 1,
   "metadata": {
-    "timestamp": "2023-02-06T00:26:51Z",
+    "timestamp": "2023-02-13T01:00:46Z",
     "tools": [
       {
         "name": "sbom4python",
@@ -35,7 +35,7 @@
       "type": "library",
       "bom-ref": "2-aiohttp",
       "name": "aiohttp",
-      "version": "3.8.3",
+      "version": "3.8.4",
       "licenses": [
         {
           "license": {
@@ -44,7 +44,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/aiohttp@3.8.3"
+      "purl": "pkg:pypi/aiohttp@3.8.4"
     },
     {
       "type": "library",
@@ -114,9 +114,9 @@
       "type": "library",
       "bom-ref": "7-charset-normalizer",
       "name": "charset-normalizer",
-      "version": "2.1.1",
-      "author": "Ahmed TAHRI Ousret",
-      "cpe": "cpe:/a:ahmed_tahri_ousret:charset-normalizer:2.1.1",
+      "version": "3.0.1",
+      "author": "Ahmed TAHRI",
+      "cpe": "cpe:/a:ahmed_tahri:charset-normalizer:3.0.1",
       "licenses": [
         {
           "license": {
@@ -125,7 +125,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/charset-normalizer@2.1.1"
+      "purl": "pkg:pypi/charset-normalizer@3.0.1"
     },
     {
       "type": "library",
@@ -475,10 +475,10 @@
       "type": "library",
       "bom-ref": "32-cryptography",
       "name": "cryptography",
-      "version": "39.0.0",
+      "version": "39.0.1",
       "author": "The Python Cryptographic Authority and individual contributors",
-      "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0",
-      "purl": "pkg:pypi/cryptography@39.0.0"
+      "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.1",
+      "purl": "pkg:pypi/cryptography@39.0.1"
     },
     {
       "type": "library",
@@ -596,10 +596,10 @@
       "type": "library",
       "bom-ref": "41-zipp",
       "name": "zipp",
-      "version": "3.12.1",
+      "version": "3.13.0",
       "author": "Jason R. Coombs",
-      "cpe": "cpe:/a:jason_r._coombs:zipp:3.12.1",
-      "purl": "pkg:pypi/zipp@3.12.1"
+      "cpe": "cpe:/a:jason_r._coombs:zipp:3.13.0",
+      "purl": "pkg:pypi/zipp@3.13.0"
     },
     {
       "type": "library",
@@ -699,9 +699,9 @@
       "type": "library",
       "bom-ref": "48-tenacity",
       "name": "tenacity",
-      "version": "8.1.0",
+      "version": "8.2.1",
       "author": "Julien Danjou",
-      "cpe": "cpe:/a:julien_danjou:tenacity:8.1.0",
+      "cpe": "cpe:/a:julien_danjou:tenacity:8.2.1",
       "licenses": [
         {
           "license": {
@@ -710,7 +710,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/tenacity@8.1.0"
+      "purl": "pkg:pypi/tenacity@8.2.1"
     },
     {
       "type": "library",
@@ -870,9 +870,9 @@
       "type": "library",
       "bom-ref": "59-xmlschema",
       "name": "xmlschema",
-      "version": "2.1.1",
+      "version": "2.2.1",
       "author": "Davide Brunato",
-      "cpe": "cpe:/a:davide_brunato:xmlschema:2.1.1",
+      "cpe": "cpe:/a:davide_brunato:xmlschema:2.2.1",
       "licenses": [
         {
           "license": {
@@ -881,15 +881,15 @@
           }
         }
       ],
-      "purl": "pkg:pypi/xmlschema@2.1.1"
+      "purl": "pkg:pypi/xmlschema@2.2.1"
     },
     {
       "type": "library",
       "bom-ref": "60-elementpath",
       "name": "elementpath",
-      "version": "3.0.2",
+      "version": "4.0.1",
       "author": "Davide Brunato",
-      "cpe": "cpe:/a:davide_brunato:elementpath:3.0.2",
+      "cpe": "cpe:/a:davide_brunato:elementpath:4.0.1",
       "licenses": [
         {
           "license": {
@@ -898,7 +898,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/elementpath@3.0.2"
+      "purl": "pkg:pypi/elementpath@4.0.1"
     },
     {
       "type": "library",

sbom/cve-bin-tool-py3.9.spdx

@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.2
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-c2edac70-8076-4601-a5f4-d473b6112cbb
+DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-524b6208-1edb-47bd-9d25-d61e744be887
 LicenseListVersion: 3.18
 Creator: Tool: sbom4python-0.7.0
-Created: 2023-02-06T00:25:18Z
+Created: 2023-02-13T00:59:34Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -26,14 +26,14 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1.dev0:*:*:
 PackageName: aiohttp
 SPDXID: SPDXRef-Package-2-aiohttp
 PackageSupplier: NOASSERTION
-PackageVersion: 3.8.3
+PackageVersion: 3.8.4
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license Apache 2
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseDeclared: Apache-2.0
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.3
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.4
 ##### 
 
 PackageName: aiosignal
@@ -92,16 +92,16 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:22.2.0:*:*:*:*:*
 
 PackageName: charset-normalizer
 SPDXID: SPDXRef-Package-7-charset-normalizer
-PackageSupplier: Organization: Ahmed TAHRI Ousret (ahmed.tahri@cloudnursery.dev)
-PackageVersion: 2.1.1
+PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev)
+PackageVersion: 3.0.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license MIT
 PackageLicenseConcluded: MIT
 PackageLicenseDeclared: MIT
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@2.1.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri_ousret:charset-normalizer:2.1.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.0.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.0.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: multidict
@@ -443,15 +443,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.
 PackageName: cryptography
 SPDXID: SPDXRef-Package-32-cryptography
 PackageSupplier: Organization: The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
-PackageVersion: 39.0.0
+PackageVersion: 39.0.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: NOASSERTION
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: cffi
@@ -569,15 +569,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:6.0
 PackageName: zipp
 SPDXID: SPDXRef-Package-41-zipp
 PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageVersion: 3.12.1
+PackageVersion: 3.13.0
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license 
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: NOASSERTION
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.12.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.12.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.13.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.13.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: jinja2
@@ -667,15 +667,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.0:*:*:*:*:*:*:*
 PackageName: tenacity
 SPDXID: SPDXRef-Package-48-tenacity
 PackageSupplier: Person: Julien Danjou (julien@danjou.info)
-PackageVersion: 8.1.0
+PackageVersion: 8.2.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license Apache 2.0
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseDeclared: Apache-2.0
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.1.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.1.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: pyyaml
@@ -821,29 +821,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
 PackageName: xmlschema
 SPDXID: SPDXRef-Package-59-xmlschema
 PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageVersion: 2.1.1
+PackageVersion: 2.2.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license MIT
 PackageLicenseConcluded: MIT
 PackageLicenseDeclared: MIT
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.1.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.1.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.2.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: elementpath
 SPDXID: SPDXRef-Package-60-elementpath
 PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageVersion: 3.0.2
+PackageVersion: 4.0.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license MIT
 PackageLicenseConcluded: MIT
 PackageLicenseDeclared: MIT
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@3.0.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:3.0.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.0.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.0.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: zstandard