From ad07a4a72a30245c005b7432dafa4d80da172659 Mon Sep 17 00:00:00 2001 From: GitHub Date: Mon, 27 Feb 2023 01:51:08 +0000 Subject: [PATCH] chore: update SBOM for Python 3.7 --- sbom/cve-bin-tool-py3.7.json | 100 +++++++++++++++++------------------ sbom/cve-bin-tool-py3.7.spdx | 100 +++++++++++++++++------------------ 2 files changed, 100 insertions(+), 100 deletions(-) diff --git a/sbom/cve-bin-tool-py3.7.json b/sbom/cve-bin-tool-py3.7.json index 079eac9b38..620c3c0552 100644 --- a/sbom/cve-bin-tool-py3.7.json +++ b/sbom/cve-bin-tool-py3.7.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.4", - "serialNumber": "urn:uuid69d552e0-dae3-429f-9ee6-864c1f737fed", + "serialNumber": "urn:uuidf20f3b04-a0df-40b3-9da9-605d2962cfc2", "version": 1, "metadata": { - "timestamp": "2023-01-30T00:30:29Z", + "timestamp": "2023-02-27T01:51:07Z", "tools": [ { "name": "sbom4python", @@ -35,7 +35,7 @@ "type": "library", "bom-ref": "2-aiohttp", "name": "aiohttp", - "version": "3.8.3", + "version": "3.8.4", "licenses": [ { "license": { @@ -44,7 +44,7 @@ } } ], - "purl": "pkg:pypi/aiohttp@3.8.3" + "purl": "pkg:pypi/aiohttp@3.8.4" }, { "type": "library", @@ -97,10 +97,10 @@ "type": "library", "bom-ref": "6-typing-extensions", "name": "typing-extensions", - "version": "4.4.0", + "version": "4.5.0", "author": "Guido van Jukka ukasz Michael", - "cpe": "cpe:/a:guido_van_jukka_ukasz_michael:typing-extensions:4.4.0", - "purl": "pkg:pypi/typing-extensions@4.4.0" + "cpe": "cpe:/a:guido_van_jukka_ukasz_michael:typing-extensions:4.5.0", + "purl": "pkg:pypi/typing-extensions@4.5.0" }, { "type": "library", @@ -140,9 +140,9 @@ "type": "library", "bom-ref": "9-charset-normalizer", "name": "charset-normalizer", - "version": "2.1.1", - "author": "Ahmed TAHRI Ousret", - "cpe": "cpe:/a:ahmed_tahri_ousret:charset-normalizer:2.1.1", + "version": "3.0.1", + "author": "Ahmed TAHRI", + "cpe": "cpe:/a:ahmed_tahri:charset-normalizer:3.0.1", "licenses": [ { "license": { @@ -151,7 +151,7 @@ } } ], - "purl": "pkg:pypi/charset-normalizer@2.1.1" + "purl": "pkg:pypi/charset-normalizer@3.0.1" }, { "type": "library", @@ -200,9 +200,9 @@ "type": "library", "bom-ref": "13-beautifulsoup4", "name": "beautifulsoup4", - "version": "4.11.1", + "version": "4.11.2", "author": "Leonard Richardson", - "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.1", + "cpe": "cpe:/a:leonard_richardson:beautifulsoup4:4.11.2", "licenses": [ { "license": { @@ -211,16 +211,16 @@ } } ], - "purl": "pkg:pypi/beautifulsoup4@4.11.1" + "purl": "pkg:pypi/beautifulsoup4@4.11.2" }, { "type": "library", "bom-ref": "14-soupsieve", "name": "soupsieve", - "version": "2.3.2.post1", + "version": "2.4", "author": "Isaac Muse", - "cpe": "cpe:/a:isaac_muse:soupsieve:2.3.2.post1", - "purl": "pkg:pypi/soupsieve@2.3.2.post1" + "cpe": "cpe:/a:isaac_muse:soupsieve:2.4", + "purl": "pkg:pypi/soupsieve@2.4" }, { "type": "library", @@ -261,9 +261,9 @@ "type": "library", "bom-ref": "18-gsutil", "name": "gsutil", - "version": "5.19", + "version": "5.20", "author": "Google Inc.", - "cpe": "cpe:/a:google_inc.:gsutil:5.19", + "cpe": "cpe:/a:google_inc.:gsutil:5.20", "licenses": [ { "license": { @@ -272,7 +272,7 @@ } } ], - "purl": "pkg:pypi/gsutil@5.19" + "purl": "pkg:pypi/gsutil@5.20" }, { "type": "library", @@ -304,10 +304,10 @@ "type": "library", "bom-ref": "21-zipp", "name": "zipp", - "version": "3.12.0", + "version": "3.15.0", "author": "Jason R. Coombs", - "cpe": "cpe:/a:jason_r._coombs:zipp:3.12.0", - "purl": "pkg:pypi/zipp@3.12.0" + "cpe": "cpe:/a:jason_r._coombs:zipp:3.15.0", + "purl": "pkg:pypi/zipp@3.15.0" }, { "type": "library", @@ -519,10 +519,10 @@ "type": "library", "bom-ref": "36-cryptography", "name": "cryptography", - "version": "39.0.0", + "version": "39.0.1", "author": "The Python Cryptographic Authority and individual contributors", - "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0", - "purl": "pkg:pypi/cryptography@39.0.0" + "cpe": "cpe:/a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.1", + "purl": "pkg:pypi/cryptography@39.0.1" }, { "type": "library", @@ -588,9 +588,9 @@ "type": "library", "bom-ref": "41-google-auth", "name": "google-auth", - "version": "2.16.0", + "version": "2.16.1", "author": "Google Cloud Platform", - "cpe": "cpe:/a:google_cloud_platform:google-auth:2.16.0", + "cpe": "cpe:/a:google_cloud_platform:google-auth:2.16.1", "licenses": [ { "license": { @@ -599,7 +599,7 @@ } } ], - "purl": "pkg:pypi/google-auth@2.16.0" + "purl": "pkg:pypi/google-auth@2.16.1" }, { "type": "library", @@ -631,10 +631,10 @@ "type": "library", "bom-ref": "44-importlib-resources", "name": "importlib-resources", - "version": "5.10.2", + "version": "5.12.0", "author": "Barry Warsaw", - "cpe": "cpe:/a:barry_warsaw:importlib-resources:5.10.2", - "purl": "pkg:pypi/importlib-resources@5.10.2" + "cpe": "cpe:/a:barry_warsaw:importlib-resources:5.12.0", + "purl": "pkg:pypi/importlib-resources@5.12.0" }, { "type": "library", @@ -726,9 +726,9 @@ "type": "library", "bom-ref": "51-plotly", "name": "plotly", - "version": "5.13.0", + "version": "5.13.1", "author": "Chris P", - "cpe": "cpe:/a:chris_p:plotly:5.13.0", + "cpe": "cpe:/a:chris_p:plotly:5.13.1", "licenses": [ { "license": { @@ -737,15 +737,15 @@ } } ], - "purl": "pkg:pypi/plotly@5.13.0" + "purl": "pkg:pypi/plotly@5.13.1" }, { "type": "library", "bom-ref": "52-tenacity", "name": "tenacity", - "version": "8.1.0", + "version": "8.2.1", "author": "Julien Danjou", - "cpe": "cpe:/a:julien_danjou:tenacity:8.1.0", + "cpe": "cpe:/a:julien_danjou:tenacity:8.2.1", "licenses": [ { "license": { @@ -754,7 +754,7 @@ } } ], - "purl": "pkg:pypi/tenacity@8.1.0" + "purl": "pkg:pypi/tenacity@8.2.1" }, { "type": "library", @@ -845,10 +845,10 @@ "type": "library", "bom-ref": "58-markdown-it-py", "name": "markdown-it-py", - "version": "2.1.0", + "version": "2.2.0", "author": "Chris Sewell", - "cpe": "cpe:/a:chris_sewell:markdown-it-py:2.1.0", - "purl": "pkg:pypi/markdown-it-py@2.1.0" + "cpe": "cpe:/a:chris_sewell:markdown-it-py:2.2.0", + "purl": "pkg:pypi/markdown-it-py@2.2.0" }, { "type": "library", @@ -914,9 +914,9 @@ "type": "library", "bom-ref": "63-xmlschema", "name": "xmlschema", - "version": "2.1.1", + "version": "2.2.1", "author": "Davide Brunato", - "cpe": "cpe:/a:davide_brunato:xmlschema:2.1.1", + "cpe": "cpe:/a:davide_brunato:xmlschema:2.2.1", "licenses": [ { "license": { @@ -925,15 +925,15 @@ } } ], - "purl": "pkg:pypi/xmlschema@2.1.1" + "purl": "pkg:pypi/xmlschema@2.2.1" }, { "type": "library", "bom-ref": "64-elementpath", "name": "elementpath", - "version": "3.0.2", + "version": "4.0.1", "author": "Davide Brunato", - "cpe": "cpe:/a:davide_brunato:elementpath:3.0.2", + "cpe": "cpe:/a:davide_brunato:elementpath:4.0.1", "licenses": [ { "license": { @@ -942,16 +942,16 @@ } } ], - "purl": "pkg:pypi/elementpath@3.0.2" + "purl": "pkg:pypi/elementpath@4.0.1" }, { "type": "library", "bom-ref": "65-zstandard", "name": "zstandard", - "version": "0.19.0", + "version": "0.20.0", "author": "Gregory Szorc", - "cpe": "cpe:/a:gregory_szorc:zstandard:0.19.0", - "purl": "pkg:pypi/zstandard@0.19.0" + "cpe": "cpe:/a:gregory_szorc:zstandard:0.20.0", + "purl": "pkg:pypi/zstandard@0.20.0" } ], "dependencies": [ diff --git a/sbom/cve-bin-tool-py3.7.spdx b/sbom/cve-bin-tool-py3.7.spdx index 22844b00ff..19372f69cc 100644 --- a/sbom/cve-bin-tool-py3.7.spdx +++ b/sbom/cve-bin-tool-py3.7.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-92f90c95-1e13-4d19-8a0a-7fcc95cf4327 +DocumentNamespace: http://spdx.org/spdxdocs/cve-bin-tool-054bea40-c8a9-4dbf-a43c-b4b225b5710f LicenseListVersion: 3.18 Creator: Tool: sbom4python-0.7.0 -Created: 2023-01-30T00:29:00Z +Created: 2023-02-27T01:49:37Z CreatorComment: This document has been automatically generated. ##### @@ -26,14 +26,14 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1.dev0:*:*: PackageName: aiohttp SPDXID: SPDXRef-Package-2-aiohttp PackageSupplier: NOASSERTION -PackageVersion: 3.8.3 +PackageVersion: 3.8.4 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.3 +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiohttp@3.8.4 ##### PackageName: aiosignal @@ -79,15 +79,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:async-timeout:4.0.2:*:* PackageName: typing-extensions SPDXID: SPDXRef-Package-6-typing-extensions PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com) -PackageVersion: 4.4.0 +PackageVersion: 4.5.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.4.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.4.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.5.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.5.0:*:*:*:*:*:*:* ##### PackageName: asynctest @@ -120,16 +120,16 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:22.2.0:*:*:*:*:* PackageName: charset-normalizer SPDXID: SPDXRef-Package-9-charset-normalizer -PackageSupplier: Organization: Ahmed TAHRI Ousret (ahmed.tahri@cloudnursery.dev) -PackageVersion: 2.1.1 +PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev) +PackageVersion: 3.0.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@2.1.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri_ousret:charset-normalizer:2.1.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/charset-normalizer@3.0.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.0.1:*:*:*:*:*:*:* ##### PackageName: multidict @@ -177,29 +177,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.4:*:*:*:*:*:*:* PackageName: beautifulsoup4 SPDXID: SPDXRef-Package-13-beautifulsoup4 PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org) -PackageVersion: 4.11.1 +PackageVersion: 4.11.2 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.11.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.11.2 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.11.2:*:*:*:*:*:*:* ##### PackageName: soupsieve SPDXID: SPDXRef-Package-14-soupsieve PackageSupplier: Person: Isaac Muse (use@gmail.com) -PackageVersion: 2.3.2.post1 +PackageVersion: 2.4 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/soupsieve@2.3.2.post1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.3.2.post1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/soupsieve@2.4 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.4:*:*:*:*:*:*:* ##### PackageName: cvss @@ -247,15 +247,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:* PackageName: gsutil SPDXID: SPDXRef-Package-18-gsutil PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com) -PackageVersion: 5.19 +PackageVersion: 5.20 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.19 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.19:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/gsutil@5.20 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.20:*:*:*:*:*:*:* ##### PackageName: argcomplete @@ -289,15 +289,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:4.1 PackageName: zipp SPDXID: SPDXRef-Package-21-zipp PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com) -PackageVersion: 3.12.0 +PackageVersion: 3.15.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.12.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.12.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zipp@3.15.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.15.0:*:*:*:*:*:*:* ##### PackageName: crcmod @@ -499,15 +499,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23. PackageName: cryptography SPDXID: SPDXRef-Package-36-cryptography PackageSupplier: Organization: The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) -PackageVersion: 39.0.0 +PackageVersion: 39.0.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0 PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@39.0.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:39.0.1:*:*:*:*:*:*:* ##### PackageName: cffi @@ -569,15 +569,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:* PackageName: google-auth SPDXID: SPDXRef-Package-41-google-auth PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com) -PackageVersion: 2.16.0 +PackageVersion: 2.16.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.16.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.16.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.16.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.16.1:*:*:*:*:*:*:* ##### PackageName: cachetools @@ -611,15 +611,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:* PackageName: importlib-resources SPDXID: SPDXRef-Package-44-importlib-resources PackageSupplier: Person: Barry Warsaw (barry@python.org) -PackageVersion: 5.10.2 +PackageVersion: 5.12.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-resources@5.10.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:barry_warsaw:importlib-resources:5.10.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-resources@5.12.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:barry_warsaw:importlib-resources:5.12.0:*:*:*:*:*:*:* ##### PackageName: jinja2 @@ -709,29 +709,29 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut PackageName: plotly SPDXID: SPDXRef-Package-51-plotly PackageSupplier: Person: Chris P (chris@plot.ly) -PackageVersion: 5.13.0 +PackageVersion: 5.13.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.13.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.13.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.13.1:*:*:*:*:*:*:* ##### PackageName: tenacity SPDXID: SPDXRef-Package-52-tenacity PackageSupplier: Person: Julien Danjou (julien@danjou.info) -PackageVersion: 8.1.0 +PackageVersion: 8.2.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license Apache 2.0 PackageLicenseConcluded: Apache-2.0 PackageLicenseDeclared: Apache-2.0 PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.1.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.1.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.2.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.1:*:*:*:*:*:*:* ##### PackageName: pyyaml @@ -807,15 +807,15 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.3.1:*:*:*:*:*:*:* PackageName: markdown-it-py SPDXID: SPDXRef-Package-58-markdown-it-py PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com) -PackageVersion: 2.1.0 +PackageVersion: 2.2.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@2.1.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.1.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@2.2.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:*:*:*:*:* ##### PackageName: mdurl @@ -877,43 +877,43 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*: PackageName: xmlschema SPDXID: SPDXRef-Package-63-xmlschema PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageVersion: 2.1.1 +PackageVersion: 2.2.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.1.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.1.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.2.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.2.1:*:*:*:*:*:*:* ##### PackageName: elementpath SPDXID: SPDXRef-Package-64-elementpath PackageSupplier: Person: Davide Brunato (brunato@sissa.it) -PackageVersion: 3.0.2 +PackageVersion: 4.0.1 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license MIT PackageLicenseConcluded: MIT PackageLicenseDeclared: MIT PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@3.0.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:3.0.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.0.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.0.1:*:*:*:*:*:*:* ##### PackageName: zstandard SPDXID: SPDXRef-Package-65-zstandard PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com) -PackageVersion: 0.19.0 +PackageVersion: 0.20.0 PackageDownloadLocation: NOASSERTION FilesAnalyzed: false ##### Reported license BSD PackageLicenseConcluded: NOASSERTION PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NOASSERTION -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zstandard@0.19.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.19.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/zstandard@0.20.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:gregory_szorc:zstandard:0.20.0:*:*:*:*:*:*:* Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-Package-1-cve-bin-tool Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-13-beautifulsoup4 Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-cvss