chore: update SBOM for Python 3.11

Author: web-flow

sbom/cve-bin-tool-py3.11.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:885f3a82-ae54-4f86-8648-534e88d262bf",
+  "serialNumber": "urn:uuid:a87ad4e8-6fda-4f66-b0d5-185a98726c29",
   "version": 1,
   "metadata": {
-    "timestamp": "2025-01-20T00:37:48Z",
+    "timestamp": "2025-02-03T00:35:26Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -402,7 +402,7 @@
       "type": "library",
       "bom-ref": "6-attrs",
       "name": "attrs",
-      "version": "24.3.0",
+      "version": "25.1.0",
       "supplier": {
         "name": "Hynek Schlawack",
         "contact": [
@@ -411,17 +411,17 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:hynek_schlawack:attrs:24.3.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:hynek_schlawack:attrs:25.1.0:*:*:*:*:*:*:*",
       "description": "Classes Without Boilerplate",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308"
+          "content": "c75a69e28a550a7e93789579c22aa26b0f5b83b75dc4e08fe092980051e1090a"
         }
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/attrs/24.3.0/#files",
+          "url": "https://pypi.org/project/attrs/25.1.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -446,11 +446,11 @@
           "type": "other"
         }
       ],
-      "purl": "pkg:pypi/attrs@24.3.0",
+      "purl": "pkg:pypi/attrs@25.1.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-16T06:59:26Z"
+          "value": "2025-01-25T11:30:10Z"
         },
         {
           "name": "language",
@@ -873,7 +873,7 @@
       "type": "library",
       "bom-ref": "12-beautifulsoup4",
       "name": "beautifulsoup4",
-      "version": "4.12.3",
+      "version": "4.13.0",
       "supplier": {
         "name": "Leonard Richardson",
         "contact": [
@@ -882,14 +882,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.0:*:*:*:*:*:*:*",
       "description": "Screen-scraping library",
-      "hashes": [
-        {
-          "alg": "SHA-256",
-          "content": "b80878c9f40111313e55da8ba20bdba06d8fa3969fc68304167741bbf9e082ed"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -906,7 +900,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/beautifulsoup4/4.12.3/#files",
+          "url": "https://pypi.org/project/beautifulsoup4/4.13.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -915,11 +909,11 @@
           "type": "other"
         }
       ],
-      "purl": "pkg:pypi/beautifulsoup4@4.12.3",
+      "purl": "pkg:pypi/beautifulsoup4@4.13.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-01-17T16:53:12Z"
+          "value": "2024-09-15T18:07:37Z"
         },
         {
           "name": "language",
@@ -2520,7 +2514,7 @@
       "type": "library",
       "bom-ref": "39-cachetools",
       "name": "cachetools",
-      "version": "5.5.0",
+      "version": "5.5.1",
       "supplier": {
         "name": "Thomas Kemmer",
         "contact": [
@@ -2529,12 +2523,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.1:*:*:*:*:*:*:*",
       "description": "Extensible memoizing collections and decorators",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "02134e8439cdc2ffb62023ce1debca2944c3f289d66bb17ead3ab3dede74b292"
+          "content": "b76651fdc3b24ead3c648bbdeeb940c1b04d365b38b4af66788f9ec4a81d42bb"
         }
       ],
       "licenses": [
@@ -2553,16 +2547,16 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/cachetools/5.5.0/#files",
+          "url": "https://pypi.org/project/cachetools/5.5.1/#files",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].0",
+      "purl": "pkg:pypi/[email protected].1",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-08-18T20:28:43Z"
+          "value": "2025-01-21T21:27:54Z"
         },
         {
           "name": "language",
@@ -3109,7 +3103,7 @@
       "type": "library",
       "bom-ref": "49-referencing",
       "name": "referencing",
-      "version": "0.36.1",
+      "version": "0.36.2",
       "supplier": {
         "name": "Julian Berman",
         "contact": [
@@ -3118,12 +3112,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julian_berman:referencing:0.36.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*:*:*:*:*",
       "description": "JSON Referencing + Python",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "363d9c65f080d0d70bc41c721dce3c7f3e77fc09f269cd5c8813da18069a6794"
+          "content": "e8699adbbf8b5c7de96d8ffa0eb5c158b3beafce084968e2ea8bb08c6794dcd0"
         }
       ],
       "externalReferences": [
@@ -3133,7 +3127,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/referencing/0.36.1/#files",
+          "url": "https://pypi.org/project/referencing/0.36.2/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -3162,11 +3156,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/[email protected].1",
+      "purl": "pkg:pypi/[email protected].2",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-01-17T02:22:02Z"
+          "value": "2025-01-25T08:48:14Z"
         },
         {
           "name": "language",
@@ -3978,7 +3972,7 @@
       "type": "library",
       "bom-ref": "63-plotly",
       "name": "plotly",
-      "version": "5.24.1",
+      "version": "6.0.0",
       "supplier": {
         "name": "Chris P",
         "contact": [
@@ -3987,12 +3981,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*",
       "description": "An open-source, interactive data visualization library for Python",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "f67073a1e637eb0dc3e46324d9d51e2fe76e9727c892dde64ddf1e1b51f29089"
+          "content": "f708871c3a9349a68791ff943a5781b1ec04de7769ea69068adcd9202e57653a"
         }
       ],
       "licenses": [
@@ -4011,7 +4005,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/plotly/5.24.1/#files",
+          "url": "https://pypi.org/project/plotly/6.0.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4028,11 +4022,11 @@
           "type": "log"
         }
       ],
-      "purl": "pkg:pypi/plotly@5.24.1",
+      "purl": "pkg:pypi/plotly@6.0.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-09-12T15:36:24Z"
+          "value": "2025-01-28T19:33:47Z"
         },
         {
           "name": "language",
@@ -4046,51 +4040,48 @@
     },
     {
       "type": "library",
-      "bom-ref": "64-tenacity",
-      "name": "tenacity",
-      "version": "9.0.0",
+      "bom-ref": "64-narwhals",
+      "name": "narwhals",
+      "version": "1.24.2",
       "supplier": {
-        "name": "Julien Danjou",
+        "name": "Marco Gorelli",
         "contact": [
           {
-            "email": "[email protected]"
+            "email": "[email protected]"
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*",
-      "description": "Retry code until it succeeds",
-      "hashes": [
-        {
-          "alg": "SHA-256",
-          "content": "93de0c98785b27fcf659856aa9f54bfbd399e29969b0621bc7f762bd441b4539"
-        }
-      ],
-      "licenses": [
-        {
-          "license": {
-            "id": "Apache-2.0",
-            "url": "https://www.apache.org/licenses/LICENSE-2.0",
-            "acknowledgement": "concluded"
-          }
-        }
-      ],
+      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.24.2:*:*:*:*:*:*:*",
+      "description": "Extremely lightweight compatibility layer between dataframe libraries",
       "externalReferences": [
         {
-          "url": "https://github.com/jd/tenacity",
+          "url": "https://github.com/narwhals-dev/narwhals",
           "type": "website",
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/tenacity/9.0.0/#files",
+          "url": "https://pypi.org/project/narwhals/1.24.2/#files",
           "type": "distribution",
           "comment": "Download location for component"
+        },
+        {
+          "url": "https://narwhals-dev.github.io/narwhals/",
+          "type": "documentation"
+        },
+        {
+          "url": "https://github.com/narwhals-dev/narwhals",
+          "type": "vcs"
+        },
+        {
+          "url": "https://github.com/narwhals-dev/narwhals/issues",
+          "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/[email protected]",
+      "purl": "pkg:pypi/[email protected]",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-07-29T12:12:25Z"
+          "value": "2025-01-28T19:33:47Z"
         },
         {
           "name": "language",
@@ -4301,7 +4292,7 @@
       "type": "library",
       "bom-ref": "68-certifi",
       "name": "certifi",
-      "version": "2024.12.14",
+      "version": "2025.1.31",
       "supplier": {
         "name": "Kenneth Reitz",
         "contact": [
@@ -4310,12 +4301,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.12.14:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.1.31:*:*:*:*:*:*:*",
       "description": "Python package for providing Mozilla's CA Bundle.",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56"
+          "content": "ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"
         }
       ],
       "licenses": [
@@ -4334,7 +4325,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/certifi/2024.12.14/#files",
+          "url": "https://pypi.org/project/certifi/2025.1.31/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4343,11 +4334,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/certifi@2024.12.14",
+      "purl": "pkg:pypi/certifi@2025.1.31",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-14T13:52:36Z"
+          "value": "2025-01-31T02:16:45Z"
         },
         {
           "name": "language",
@@ -4720,7 +4711,8 @@
     {
       "ref": "12-beautifulsoup4",
       "dependsOn": [
-        "13-soupsieve"
+        "13-soupsieve",
+        "8-typing-extensions"
       ]
     },
     {
@@ -4908,7 +4900,7 @@
     {
       "ref": "63-plotly",
       "dependsOn": [
-        "64-tenacity",
+        "64-narwhals",
         "62-packaging"
       ]
     },