intel · terriko · Jan 7, 2025 · Jan 6, 2025
diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:87831e64-85c1-45e9-9472-7a45e7a76c9e",
+  "serialNumber": "urn:uuid:3ac59c73-875e-4d32-9a5a-2cacfe629cdd",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-12-30T00:36:12Z",
+    "timestamp": "2025-01-06T00:36:19Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -1368,7 +1368,7 @@
       "type": "library",
       "bom-ref": "20-argcomplete",
       "name": "argcomplete",
-      "version": "3.5.2",
+      "version": "3.5.3",
       "supplier": {
         "name": "Andrey Kislyuk",
         "contact": [
@@ -1377,12 +1377,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.3:*:*:*:*:*:*:*",
       "description": "Bash tab completion for argparse",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "036d020d79048a5d525bc63880d7a4b8d1668566b8a76daf1144c0bbe0f63472"
+          "content": "2ab2c4a215c59fd6caaff41a869480a23e8f6a5f910b266c1808037f4e375b61"
         }
       ],
       "licenses": [
@@ -1401,7 +1401,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/argcomplete/3.5.2/#files",
+          "url": "https://pypi.org/project/argcomplete/3.5.3/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -1422,11 +1422,11 @@
           "type": "log"
         }
       ],
-      "purl": "pkg:pypi/[email protected].2",
+      "purl": "pkg:pypi/[email protected].3",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-06T18:24:27Z"
+          "value": "2024-12-31T19:22:54Z"
         },
         {
           "name": "language",
@@ -2033,7 +2033,7 @@
       "type": "library",
       "bom-ref": "31-pyparsing",
       "name": "pyparsing",
-      "version": "3.2.0",
+      "version": "3.2.1",
       "supplier": {
         "name": "Paul McGuire",
         "contact": [
@@ -2042,12 +2042,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.2.1:*:*:*:*:*:*:*",
       "description": "pyparsing module - Classes and methods to define and execute parsing grammars",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "93d9577b88da0bbea8cc8334ee8b918ed014968fd2ec383e868fb8afb1ccef84"
+          "content": "506ff4f4386c4cec0590ec19e6302d3aedb992fdc02c761e90416f158dacf8e1"
         }
       ],
       "externalReferences": [
@@ -2057,16 +2057,16 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/pyparsing/3.2.0/#files",
+          "url": "https://pypi.org/project/pyparsing/3.2.1/#files",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].0",
+      "purl": "pkg:pypi/[email protected].1",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-10-13T10:01:13Z"
+          "value": "2024-12-31T20:59:42Z"
         },
         {
           "name": "language",
@@ -3860,7 +3860,7 @@
       "type": "library",
       "bom-ref": "61-pygments",
       "name": "pygments",
-      "version": "2.18.0",
+      "version": "2.19.0",
       "supplier": {
         "name": "Georg Brandl",
         "contact": [
@@ -3869,12 +3869,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:georg_brandl:pygments:2.19.0:*:*:*:*:*:*:*",
       "description": "Pygments is a syntax highlighting package written in Python.",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "b8e6aca0523f3ab76fee51799c488e38782ac06eafcf95e7ba832985c8e7b13a"
+          "content": "4755e6e64d22161d5b61432c0600c923c5927214e7c956e31c23923c89251a9b"
         }
       ],
       "licenses": [
@@ -3893,7 +3893,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/pygments/2.18.0/#files",
+          "url": "https://pypi.org/project/pygments/2.19.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -3914,11 +3914,11 @@
           "type": "log"
         }
       ],
-      "purl": "pkg:pypi/pygments@2.18.0",
+      "purl": "pkg:pypi/pygments@2.19.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-05-04T13:41:57Z"
+          "value": "2025-01-05T14:11:12Z"
         },
         {
           "name": "language",
@@ -4499,7 +4499,7 @@
       "type": "library",
       "bom-ref": "71-setuptools",
       "name": "setuptools",
-      "version": "75.6.0",
+      "version": "75.7.0",
       "supplier": {
         "name": "Python Packaging Authority",
         "contact": [
@@ -4508,17 +4508,17 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.6.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.7.0:*:*:*:*:*:*:*",
       "description": "Easily download, build, install, upgrade, and uninstall Python packages",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "ce74b49e8f7110f9bf04883b730f4765b774ef3ef28f722cce7c273d253aaf7d"
+          "content": "84fb203f278ebcf5cd08f97d3fb96d3fbed4b629d500b29ad60d11e00769b183"
         }
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/setuptools/75.6.0/#files",
+          "url": "https://pypi.org/project/setuptools/75.7.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4535,11 +4535,11 @@
           "type": "log"
         }
       ],
-      "purl": "pkg:pypi/setuptools@75.6.0",
+      "purl": "pkg:pypi/setuptools@75.7.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-11-20T18:16:10Z"
+          "value": "2025-01-05T16:31:09Z"
         },
         {
           "name": "language",

diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-54455086-24da-47c7-91c0-f4b9302e303a
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-5be38161-3148-45bb-a7af-20ff2c08631c
 LicenseListVersion: 3.25
 Creator: Tool: sbom4python-0.12.1
-Created: 2024-12-30T00:36:05Z
+Created: 2025-01-06T00:36:11Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -434,25 +434,25 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.33:*:*:*:*:*:*:*
 
 PackageName: argcomplete
 SPDXID: SPDXRef-20-argcomplete
-PackageVersion: 3.5.2
+PackageVersion: 3.5.3
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Andrey Kislyuk ([email protected])
-PackageDownloadLocation: https://pypi.org/project/argcomplete/3.5.2/#files
+PackageDownloadLocation: https://pypi.org/project/argcomplete/3.5.3/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/kislyuk/argcomplete
-PackageChecksum: SHA256: 036d020d79048a5d525bc63880d7a4b8d1668566b8a76daf1144c0bbe0f63472
+PackageChecksum: SHA256: 2ab2c4a215c59fd6caaff41a869480a23e8f6a5f910b266c1808037f4e375b61
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseComments: <text>argcomplete declares Apache Software License which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Bash tab completion for argparse</text>
-ReleaseDate: 2024-12-06T18:24:27Z
+ReleaseDate: 2024-12-31T19:22:54Z
 ExternalRef: OTHER documentation https://kislyuk.github.io/argcomplete
 ExternalRef: OTHER vcs https://github.com/kislyuk/argcomplete
 ExternalRef: OTHER issue-tracker https://github.com/kislyuk/argcomplete/issues
 ExternalRef: OTHER log https://github.com/kislyuk/argcomplete/blob/develop/Changes.rst
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.3:*:*:*:*:*:*:*
 ##### 
 
 PackageName: crcmod
@@ -645,20 +645,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*
 
 PackageName: pyparsing
 SPDXID: SPDXRef-31-pyparsing
-PackageVersion: 3.2.0
+PackageVersion: 3.2.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Paul McGuire ([email protected])
-PackageDownloadLocation: https://pypi.org/project/pyparsing/3.2.0/#files
+PackageDownloadLocation: https://pypi.org/project/pyparsing/3.2.1/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/pyparsing/pyparsing/
-PackageChecksum: SHA256: 93d9577b88da0bbea8cc8334ee8b918ed014968fd2ec383e868fb8afb1ccef84
+PackageChecksum: SHA256: 506ff4f4386c4cec0590ec19e6302d3aedb992fdc02c761e90416f158dacf8e1
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: NOASSERTION
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>pyparsing module - Classes and methods to define and execute parsing grammars</text>
-ReleaseDate: 2024-10-13T10:01:13Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
+ReleaseDate: 2024-12-31T20:59:42Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.2.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: oauth2client
@@ -1272,24 +1272,24 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
 
 PackageName: pygments
 SPDXID: SPDXRef-61-pygments
-PackageVersion: 2.18.0
+PackageVersion: 2.19.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Georg Brandl ([email protected])
-PackageDownloadLocation: https://pypi.org/project/pygments/2.18.0/#files
+PackageDownloadLocation: https://pypi.org/project/pygments/2.19.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://pygments.org
-PackageChecksum: SHA256: b8e6aca0523f3ab76fee51799c488e38782ac06eafcf95e7ba832985c8e7b13a
+PackageChecksum: SHA256: 4755e6e64d22161d5b61432c0600c923c5927214e7c956e31c23923c89251a9b
 PackageLicenseDeclared: BSD-2-Clause
 PackageLicenseConcluded: BSD-2-Clause
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Pygments is a syntax highlighting package written in Python.</text>
-ReleaseDate: 2024-05-04T13:41:57Z
+ReleaseDate: 2025-01-05T14:11:12Z
 ExternalRef: OTHER documentation https://pygments.org/docs
 ExternalRef: OTHER vcs https://github.com/pygments/pygments
 ExternalRef: OTHER issue-tracker https://github.com/pygments/pygments/issues
 ExternalRef: OTHER log https://github.com/pygments/pygments/blob/master/CHANGES
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pygments@2.18.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pygments@2.19.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.19.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: python-gnupg
@@ -1474,22 +1474,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
 
 PackageName: setuptools
 SPDXID: SPDXRef-71-setuptools
-PackageVersion: 75.6.0
+PackageVersion: 75.7.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: Python Packaging Authority ([email protected])
-PackageDownloadLocation: https://pypi.org/project/setuptools/75.6.0/#files
+PackageDownloadLocation: https://pypi.org/project/setuptools/75.7.0/#files
 FilesAnalyzed: false
-PackageChecksum: SHA256: ce74b49e8f7110f9bf04883b730f4765b774ef3ef28f722cce7c273d253aaf7d
+PackageChecksum: SHA256: 84fb203f278ebcf5cd08f97d3fb96d3fbed4b629d500b29ad60d11e00769b183
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: NOASSERTION
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Easily download, build, install, upgrade, and uninstall Python packages</text>
-ReleaseDate: 2024-11-20T18:16:10Z
+ReleaseDate: 2025-01-05T16:31:09Z
 ExternalRef: OTHER vcs https://github.com/pypa/setuptools
 ExternalRef: OTHER documentation https://setuptools.pypa.io/
 ExternalRef: OTHER log https://setuptools.pypa.io/en/stable/history.html
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/setuptools@75.6.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.6.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/setuptools@75.7.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.7.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: toml