diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json
index e8015eac99..ae3a5baa9e 100644
--- a/sbom/cve-bin-tool-py3.8.json
+++ b/sbom/cve-bin-tool-py3.8.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:3178e3ea-d027-4327-a88b-1a6f2c9f1925",
+ "serialNumber": "urn:uuid:f53f9e27-e6db-4127-9e63-6435bf1f921e",
"version": 1,
"metadata": {
- "timestamp": "2024-05-13T00:29:26Z",
+ "timestamp": "2024-05-20T00:29:17Z",
"tools": {
"components": [
{
@@ -1839,31 +1839,31 @@
"type": "library",
"bom-ref": "42-zipp",
"name": "zipp",
- "version": "3.18.1",
+ "version": "3.18.2",
"supplier": {
- "name": "Jason R . Coombs",
+ "name": "Jason R .",
"contact": [
{
"email": "jaraco@jaraco.com"
}
]
},
- "cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:*",
"description": "Backport of pathlib-compatible object wrapper for zip files",
"hashes": [
{
"alg": "SHA-1",
- "content": "bfae83474a730e8cc9b8a71027fb859b46b3875c"
+ "content": "051250eb0e3024d75e7de09921e4efab074f0112"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/zipp/3.18.1",
+ "url": "https://pypi.org/project/zipp/3.18.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/zipp@3.18.1",
+ "purl": "pkg:pypi/zipp@3.18.2",
"properties": [
{
"name": "language",
@@ -1946,6 +1946,12 @@
"name": "markupsafe",
"version": "2.1.5",
"description": "Safely add untrusted strings to HTML/XML markup.",
+ "hashes": [
+ {
+ "alg": "SHA-1",
+ "content": "fbba4acd0312826cec9cfe18371c7df07962cb65"
+ }
+ ],
"licenses": [
{
"license": {
diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx
index 43ded4abd6..e729f4f788 100644
--- a/sbom/cve-bin-tool-py3.8.spdx
+++ b/sbom/cve-bin-tool-py3.8.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-43ca30d9-07f7-4748-a669-8136d177492c
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-21bd54f8-a7dd-4a2c-8575-f6ff48205e56
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.10.4
-Created: 2024-05-13T00:27:42Z
+Created: 2024-05-20T00:27:33Z
CreatorComment: This document has been automatically generated.
#####
@@ -671,18 +671,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:7.1
PackageName: zipp
SPDXID: SPDXRef-Package-42-zipp
-PackageVersion: 3.18.1
+PackageVersion: 3.18.2
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/zipp/3.18.1
+PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
+PackageDownloadLocation: https://pypi.org/project/zipp/3.18.2
FilesAnalyzed: false
-PackageChecksum: SHA1: bfae83474a730e8cc9b8a71027fb859b46b3875c
+PackageChecksum: SHA1: 051250eb0e3024d75e7de09921e4efab074f0112
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backport of pathlib-compatible object wrapper for zip files
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:*
#####
PackageName: importlib-resources
@@ -722,6 +722,7 @@ PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.5
FilesAnalyzed: false
+PackageChecksum: SHA1: fbba4acd0312826cec9cfe18371c7df07962cb65
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION