chore: update SBOM for Python 3.7

terriko · Feb 6, 2023 · 3d689d9 · 3d689d9
1 parent 1dddf63
commit 3d689d9
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 22 deletions.
diff --git a/sbom/cve-bin-tool-py3.7.json b/sbom/cve-bin-tool-py3.7.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.4",
-  "serialNumber": "urn:uuid69d552e0-dae3-429f-9ee6-864c1f737fed",
+  "serialNumber": "urn:uuid5cfd5203-ffed-4793-8bf7-baa9ef756302",
   "version": 1,
   "metadata": {
-    "timestamp": "2023-01-30T00:30:29Z",
+    "timestamp": "2023-02-06T01:43:31Z",
     "tools": [
       {
         "name": "sbom4python",
@@ -200,9 +200,9 @@
       "type": "library",
       "bom-ref": "13-beautifulsoup4",
       "name": "beautifulsoup4",
-      "version": "4.11.1",
+      "version": "4.11.2",
       "author": "Leonard Richardson",
-      "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.1",
+      "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.2",
       "licenses": [
         {
           "license": {
@@ -211,7 +211,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/[email protected].1"
+      "purl": "pkg:pypi/[email protected].2"
     },
     {
       "type": "library",
@@ -261,9 +261,9 @@
       "type": "library",
       "bom-ref": "18-gsutil",
       "name": "gsutil",
-      "version": "5.19",
+      "version": "5.20",
       "author": "Google Inc.",
-      "cpe": "cpe:/a:google_inc.:gsutil:5.19",
+      "cpe": "cpe:/a:google_inc.:gsutil:5.20",
       "licenses": [
         {
           "license": {
@@ -272,7 +272,7 @@
           }
         }
       ],
-      "purl": "pkg:pypi/gsutil@5.19"
+      "purl": "pkg:pypi/gsutil@5.20"
     },
     {
       "type": "library",
@@ -304,10 +304,10 @@
       "type": "library",
       "bom-ref": "21-zipp",
       "name": "zipp",
-      "version": "3.12.0",
+      "version": "3.12.1",
       "author": "Jason R. Coombs",
-      "cpe": "cpe:/a:jason_r._coombs:zipp:3.12.0",
-      "purl": "pkg:pypi/[email protected].0"
+      "cpe": "cpe:/a:jason_r._coombs:zipp:3.12.1",
+      "purl": "pkg:pypi/[email protected].1"
     },
     {
       "type": "library",

diff --git a/sbom/cve-bin-tool-py3.7.spdx b/sbom/cve-bin-tool-py3.7.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.2
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-92f90c95-1e13-4d19-8a0a-7fcc95cf4327
+DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-3a5e6fbf-6204-4c17-b72e-f94ce5627648
 LicenseListVersion: 3.18
 Creator: Tool: sbom4python-0.7.0
-Created: 2023-01-30T00:29:00Z
+Created: 2023-02-06T01:42:02Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -177,15 +177,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.4:*:*:*:*:*:*:*
 PackageName: beautifulsoup4
 SPDXID: SPDXRef-Package-13-beautifulsoup4
 PackageSupplier: Person: Leonard Richardson ([email protected])
-PackageVersion: 4.11.1
+PackageVersion: 4.11.2
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license MIT
 PackageLicenseConcluded: MIT
 PackageLicenseDeclared: MIT
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.2:*:*:*:*:*:*:*
 ##### 
 
 PackageName: soupsieve
@@ -247,15 +247,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:*
 PackageName: gsutil
 SPDXID: SPDXRef-Package-18-gsutil
 PackageSupplier: Person: Google Inc. ([email protected])
-PackageVersion: 5.19
+PackageVersion: 5.20
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license Apache 2.0
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseDeclared: Apache-2.0
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.19
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.19:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.20
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.20:*:*:*:*:*:*:*
 ##### 
 
 PackageName: argcomplete
@@ -289,15 +289,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:4.1
 PackageName: zipp
 SPDXID: SPDXRef-Package-21-zipp
 PackageSupplier: Organization: Jason R. Coombs ([email protected])
-PackageVersion: 3.12.0
+PackageVersion: 3.12.1
 PackageDownloadLocation: NOASSERTION
 FilesAnalyzed: false
 ##### Reported license 
 PackageLicenseConcluded: NOASSERTION
 PackageLicenseDeclared: NOASSERTION
 PackageCopyrightText: NOASSERTION
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.12.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.12.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: crcmod