|
2 | 2 | "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", |
3 | 3 | "bomFormat": "CycloneDX", |
4 | 4 | "specVersion": "1.6", |
5 | | - "serialNumber": "urn:uuid:a7c4e360-1ac7-4f5a-b5f9-e86512a3016c", |
| 5 | + "serialNumber": "urn:uuid:d9b39d3b-6c3f-40c2-92f5-0cb2db8e77c6", |
6 | 6 | "version": 1, |
7 | 7 | "metadata": { |
8 | | - "timestamp": "2024-08-19T00:37:24Z", |
| 8 | + "timestamp": "2024-08-26T00:36:59Z", |
9 | 9 | "lifecycles": [ |
10 | 10 | { |
11 | 11 | "phase": "build" |
|
31 | 31 | "type": "application", |
32 | 32 | "bom-ref": "1-cve-bin-tool", |
33 | 33 | "name": "cve-bin-tool", |
34 | | - "version": "3.3.1.dev0", |
| 34 | + "version": "3.4rc0", |
35 | 35 | "supplier": { |
36 | 36 | "name": "Terri Oda", |
37 | 37 | "contact": [ |
|
40 | 40 | } |
41 | 41 | ] |
42 | 42 | }, |
43 | | - "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.3.1.dev0:*:*:*:*:*:*:*", |
| 43 | + "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.4rc0:*:*:*:*:*:*:*", |
44 | 44 | "description": "CVE Binary Checker Tool", |
45 | 45 | "licenses": [ |
46 | 46 | { |
|
53 | 53 | ], |
54 | 54 | "externalReferences": [ |
55 | 55 | { |
56 | | - "url": "https://pypi.org/project/cve-bin-tool/3.3.1.dev0", |
| 56 | + "url": "https://pypi.org/project/cve-bin-tool/3.4rc0", |
57 | 57 | "type": "distribution", |
58 | 58 | "comment": "Download location for component" |
59 | 59 | } |
60 | 60 | ], |
61 | | - "purl": "pkg:pypi/cve-bin-tool@3.3.1.dev0", |
| 61 | + "purl": "pkg:pypi/cve-bin-tool@3.4rc0", |
62 | 62 | "properties": [ |
63 | 63 | { |
64 | 64 | "name": "language", |
|
74 | 74 | "type": "library", |
75 | 75 | "bom-ref": "2-aiohttp", |
76 | 76 | "name": "aiohttp", |
77 | | - "version": "3.10.4", |
| 77 | + "version": "3.10.5", |
78 | 78 | "description": "Async http client/server framework (asyncio)", |
79 | 79 | "licenses": [ |
80 | 80 | { |
|
87 | 87 | ], |
88 | 88 | "externalReferences": [ |
89 | 89 | { |
90 | | - "url": "https://pypi.org/project/aiohttp/3.10.4", |
| 90 | + "url": "https://pypi.org/project/aiohttp/3.10.5", |
91 | 91 | "type": "distribution", |
92 | 92 | "comment": "Download location for component" |
93 | 93 | } |
94 | 94 | ], |
95 | | - "purl": "pkg:pypi/[email protected].4", |
| 95 | + "purl": "pkg:pypi/[email protected].5", |
96 | 96 | "properties": [ |
97 | 97 | { |
98 | 98 | "name": "language", |
|
108 | 108 | "type": "library", |
109 | 109 | "bom-ref": "3-aiohappyeyeballs", |
110 | 110 | "name": "aiohappyeyeballs", |
111 | | - "version": "2.3.7", |
| 111 | + "version": "2.4.0", |
112 | 112 | "supplier": { |
113 | 113 | "name": "J. Nick Koston", |
114 | 114 | "contact": [ |
|
117 | 117 | } |
118 | 118 | ] |
119 | 119 | }, |
120 | | - "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.3.7:*:*:*:*:*:*:*", |
| 120 | + "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.0:*:*:*:*:*:*:*", |
121 | 121 | "description": "Happy Eyeballs for asyncio", |
122 | 122 | "licenses": [ |
123 | 123 | { |
|
130 | 130 | ], |
131 | 131 | "externalReferences": [ |
132 | 132 | { |
133 | | - "url": "https://pypi.org/project/aiohappyeyeballs/2.3.7", |
| 133 | + "url": "https://pypi.org/project/aiohappyeyeballs/2.4.0", |
134 | 134 | "type": "distribution", |
135 | 135 | "comment": "Download location for component" |
136 | 136 | } |
137 | 137 | ], |
138 | | - "purl": "pkg:pypi/aiohappyeyeballs@2.3.7", |
| 138 | + "purl": "pkg:pypi/aiohappyeyeballs@2.4.0", |
139 | 139 | "properties": [ |
140 | 140 | { |
141 | 141 | "name": "language", |
|
405 | 405 | "type": "library", |
406 | 406 | "bom-ref": "10-idna", |
407 | 407 | "name": "idna", |
408 | | - "version": "3.7", |
| 408 | + "version": "3.8", |
409 | 409 | "supplier": { |
410 | 410 | "name": "Kim Davies", |
411 | 411 | "contact": [ |
|
414 | 414 | } |
415 | 415 | ] |
416 | 416 | }, |
417 | | - "cpe": "cpe:2.3:a:kim_davies:idna:3.7:*:*:*:*:*:*:*", |
| 417 | + "cpe": "cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:*", |
418 | 418 | "description": "Internationalized Domain Names in Applications (IDNA)", |
419 | | - "hashes": [ |
420 | | - { |
421 | | - "alg": "SHA-1", |
422 | | - "content": "1d365e17e10d72d0b7876316fc7b9ca0eebdd38d" |
423 | | - } |
424 | | - ], |
425 | 419 | "externalReferences": [ |
426 | 420 | { |
427 | | - "url": "https://pypi.org/project/idna/3.7", |
| 421 | + "url": "https://pypi.org/project/idna/3.8", |
428 | 422 | "type": "distribution", |
429 | 423 | "comment": "Download location for component" |
430 | 424 | } |
431 | 425 | ], |
432 | | - "purl": "pkg:pypi/idna@3.7", |
| 426 | + "purl": "pkg:pypi/idna@3.8", |
433 | 427 | "properties": [ |
434 | 428 | { |
435 | 429 | "name": "language", |
|
896 | 890 | }, |
897 | 891 | "cpe": "cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*", |
898 | 892 | "description": "Auth plugin allowing use the use of OAuth 2.0 credentials for Google Cloud Storage in the Boto library.", |
| 893 | + "hashes": [ |
| 894 | + { |
| 895 | + "alg": "SHA-1", |
| 896 | + "content": "7dfa0149811e5617fe1428f692a18ab8b8c31ddb" |
| 897 | + } |
| 898 | + ], |
899 | 899 | "licenses": [ |
900 | 900 | { |
901 | 901 | "license": { |
|
1350 | 1350 | "type": "library", |
1351 | 1351 | "bom-ref": "31-pyparsing", |
1352 | 1352 | "name": "pyparsing", |
1353 | | - "version": "3.1.2", |
| 1353 | + "version": "3.1.4", |
1354 | 1354 | "supplier": { |
1355 | 1355 | "name": "Paul McGuire", |
1356 | 1356 | "contact": [ |
|
1359 | 1359 | } |
1360 | 1360 | ] |
1361 | 1361 | }, |
1362 | | - "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.2:*:*:*:*:*:*:*", |
| 1362 | + "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:*:*:*", |
1363 | 1363 | "description": "pyparsing module - Classes and methods to define and execute parsing grammars", |
1364 | | - "hashes": [ |
1365 | | - { |
1366 | | - "alg": "SHA-1", |
1367 | | - "content": "7d4bda2743ebc04f68d2594bc4fffc70cd65848f" |
1368 | | - } |
1369 | | - ], |
1370 | 1364 | "externalReferences": [ |
1371 | 1365 | { |
1372 | | - "url": "https://pypi.org/project/pyparsing/3.1.2", |
| 1366 | + "url": "https://pypi.org/project/pyparsing/3.1.4", |
1373 | 1367 | "type": "distribution", |
1374 | 1368 | "comment": "Download location for component" |
1375 | 1369 | } |
1376 | 1370 | ], |
1377 | | - "purl": "pkg:pypi/[email protected].2", |
| 1371 | + "purl": "pkg:pypi/[email protected].4", |
1378 | 1372 | "properties": [ |
1379 | 1373 | { |
1380 | 1374 | "name": "language", |
|
1858 | 1852 | "type": "library", |
1859 | 1853 | "bom-ref": "42-importlib-metadata", |
1860 | 1854 | "name": "importlib-metadata", |
1861 | | - "version": "8.2.0", |
| 1855 | + "version": "8.4.0", |
1862 | 1856 | "supplier": { |
1863 | 1857 | "name": "Jason R .", |
1864 | 1858 | "contact": [ |
|
1867 | 1861 | } |
1868 | 1862 | ] |
1869 | 1863 | }, |
1870 | | - "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.2.0:*:*:*:*:*:*:*", |
| 1864 | + "cpe": "cpe:2.3:a:jason_r.:importlib-metadata:8.4.0:*:*:*:*:*:*:*", |
1871 | 1865 | "description": "Read metadata from Python packages", |
1872 | 1866 | "externalReferences": [ |
1873 | 1867 | { |
1874 | | - "url": "https://pypi.org/project/importlib-metadata/8.2.0", |
| 1868 | + "url": "https://pypi.org/project/importlib-metadata/8.4.0", |
1875 | 1869 | "type": "distribution", |
1876 | 1870 | "comment": "Download location for component" |
1877 | 1871 | } |
1878 | 1872 | ], |
1879 | | - "purl": "pkg:pypi/importlib-metadata@8.2.0", |
| 1873 | + "purl": "pkg:pypi/importlib-metadata@8.4.0", |
1880 | 1874 | "properties": [ |
1881 | 1875 | { |
1882 | 1876 | "name": "language", |
|
1928 | 1922 | "name": "jinja2", |
1929 | 1923 | "version": "3.1.4", |
1930 | 1924 | "description": "A very fast and expressive template engine.", |
| 1925 | + "hashes": [ |
| 1926 | + { |
| 1927 | + "alg": "SHA-1", |
| 1928 | + "content": "dd4a8b5466d8790540c181590b14db4d4d889d57" |
| 1929 | + } |
| 1930 | + ], |
1931 | 1931 | "externalReferences": [ |
1932 | 1932 | { |
1933 | 1933 | "url": "https://pypi.org/project/jinja2/3.1.4", |
|
2677 | 2677 | }, |
2678 | 2678 | "cpe": "cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*", |
2679 | 2679 | "description": "Retry code until it succeeds", |
| 2680 | + "hashes": [ |
| 2681 | + { |
| 2682 | + "alg": "SHA-1", |
| 2683 | + "content": "a662bbb487cd6d34541824589f8e8c7a1f7791bb" |
| 2684 | + } |
| 2685 | + ], |
2680 | 2686 | "licenses": [ |
2681 | 2687 | { |
2682 | 2688 | "license": { |
|
2982 | 2988 | "type": "library", |
2983 | 2989 | "bom-ref": "69-setuptools", |
2984 | 2990 | "name": "setuptools", |
2985 | | - "version": "72.2.0", |
| 2991 | + "version": "73.0.1", |
2986 | 2992 | "supplier": { |
2987 | 2993 | "name": "Python Packaging Authority", |
2988 | 2994 | "contact": [ |
|
2991 | 2997 | } |
2992 | 2998 | ] |
2993 | 2999 | }, |
2994 | | - "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:72.2.0:*:*:*:*:*:*:*", |
| 3000 | + "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:73.0.1:*:*:*:*:*:*:*", |
2995 | 3001 | "description": "Easily download, build, install, upgrade, and uninstall Python packages", |
2996 | 3002 | "externalReferences": [ |
2997 | 3003 | { |
2998 | | - "url": "https://pypi.org/project/setuptools/72.2.0", |
| 3004 | + "url": "https://pypi.org/project/setuptools/73.0.1", |
2999 | 3005 | "type": "distribution", |
3000 | 3006 | "comment": "Download location for component" |
3001 | 3007 | } |
3002 | 3008 | ], |
3003 | | - "purl": "pkg:pypi/setuptools@72.2.0", |
| 3009 | + "purl": "pkg:pypi/setuptools@73.0.1", |
3004 | 3010 | "properties": [ |
3005 | 3011 | { |
3006 | 3012 | "name": "language", |
|
3076 | 3082 | }, |
3077 | 3083 | "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.3.2:*:*:*:*:*:*:*", |
3078 | 3084 | "description": "An XML Schema validator and decoder", |
| 3085 | + "hashes": [ |
| 3086 | + { |
| 3087 | + "alg": "SHA-1", |
| 3088 | + "content": "90a7233292cfe5d877110fe369869996a3a25928" |
| 3089 | + } |
| 3090 | + ], |
3079 | 3091 | "licenses": [ |
3080 | 3092 | { |
3081 | 3093 | "license": { |
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments