Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update SBOM for Python 3.12 #4703

Merged
merged 1 commit into from
Jan 21, 2025
Merged

chore: update SBOM for Python 3.12 #4703

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 10 additions & 9 deletions sbom/cve-bin-tool-py3.12.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:cbffac4d-bb66-46fa-87d7-12e1dfdd35ed",
"serialNumber": "urn:uuid:632061a2-9026-4d11-97a8-a7159d14ca5f",
"version": 1,
"metadata": {
"timestamp": "2025-01-13T00:37:15Z",
"timestamp": "2025-01-20T00:37:46Z",
"lifecycles": [
{
"phase": "build"
Expand Down Expand Up @@ -3109,7 +3109,7 @@
"type": "library",
"bom-ref": "49-referencing",
"name": "referencing",
"version": "0.35.1",
"version": "0.36.1",
"supplier": {
"name": "Julian Berman",
"contact": [
Expand All @@ -3118,12 +3118,12 @@
}
]
},
"cpe": "cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:julian_berman:referencing:0.36.1:*:*:*:*:*:*:*",
"description": "JSON Referencing + Python",
"hashes": [
{
"alg": "SHA-256",
"content": "eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de"
"content": "363d9c65f080d0d70bc41c721dce3c7f3e77fc09f269cd5c8813da18069a6794"
}
],
"externalReferences": [
Expand All @@ -3133,7 +3133,7 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/referencing/0.35.1/#files",
"url": "https://pypi.org/project/referencing/0.36.1/#files",
"type": "distribution",
"comment": "Download location for component"
},
Expand Down Expand Up @@ -3162,11 +3162,11 @@
"type": "vcs"
}
],
"purl": "pkg:pypi/referencing@0.35.1",
"purl": "pkg:pypi/referencing@0.36.1",
"properties": [
{
"name": "release_date",
"value": "2024-05-01T20:26:02Z"
"value": "2025-01-17T02:22:02Z"
},
{
"name": "language",
Expand Down Expand Up @@ -4864,7 +4864,8 @@
"ref": "49-referencing",
"dependsOn": [
"6-attrs",
"50-rpds-py"
"50-rpds-py",
"8-typing-extensions"
]
},
{
Expand Down
17 changes: 9 additions & 8 deletions sbom/cve-bin-tool-py3.12.spdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-c66c7546-184a-4e83-b762-cfe09cebf66d
DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-5c4f4034-0f8c-4e39-bfdf-40241bd1bedf
LicenseListVersion: 3.25
Creator: Tool: sbom4python-0.12.1
Created: 2025-01-13T00:37:08Z
Created: 2025-01-20T00:37:39Z
CreatorComment: <text>This document has been automatically generated.</text>
#####

Expand Down Expand Up @@ -1030,26 +1030,26 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specification

PackageName: referencing
SPDXID: SPDXRef-49-referencing
PackageVersion: 0.35.1
PackageVersion: 0.36.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman ([email protected])
PackageDownloadLocation: https://pypi.org/project/referencing/0.35.1/#files
PackageDownloadLocation: https://pypi.org/project/referencing/0.36.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/python-jsonschema/referencing
PackageChecksum: SHA256: eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de
PackageChecksum: SHA256: 363d9c65f080d0d70bc41c721dce3c7f3e77fc09f269cd5c8813da18069a6794
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: <text>JSON Referencing + Python</text>
ReleaseDate: 2024-05-01T20:26:02Z
ReleaseDate: 2025-01-17T02:22:02Z
ExternalRef: OTHER documentation https://referencing.readthedocs.io/
ExternalRef: OTHER issue-tracker https://github.com/python-jsonschema/referencing/issues/
ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-referencing?utm_source=pypi-referencing&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER log https://referencing.readthedocs.io/en/stable/changes/
ExternalRef: OTHER vcs https://github.com/python-jsonschema/referencing
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.35.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.36.1
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.36.1:*:*:*:*:*:*:*
#####

PackageName: rpds-py
Expand Down Expand Up @@ -1614,6 +1614,7 @@ Relationship: SPDXRef-47-jsonschema DEPENDS_ON SPDXRef-6-attrs
Relationship: SPDXRef-48-jsonschema-specifications DEPENDS_ON SPDXRef-49-referencing
Relationship: SPDXRef-49-referencing DEPENDS_ON SPDXRef-50-rpds-py
Relationship: SPDXRef-49-referencing DEPENDS_ON SPDXRef-6-attrs
Relationship: SPDXRef-49-referencing DEPENDS_ON SPDXRef-8-typing-extensions
Relationship: SPDXRef-51-lib4sbom DEPENDS_ON SPDXRef-15-defusedxml
Relationship: SPDXRef-51-lib4sbom DEPENDS_ON SPDXRef-52-pyyaml
Relationship: SPDXRef-51-lib4sbom DEPENDS_ON SPDXRef-53-semantic-version
Expand Down