|
2 | 2 | "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", |
3 | 3 | "bomFormat": "CycloneDX", |
4 | 4 | "specVersion": "1.6", |
5 | | - "serialNumber": "urn:uuid:78249e2c-ba6b-44f6-bf53-f4428b5dd43d", |
| 5 | + "serialNumber": "urn:uuid:d87a674a-b387-4583-a4d4-bfed4fdfb862", |
6 | 6 | "version": 1, |
7 | 7 | "metadata": { |
8 | | - "timestamp": "2024-08-26T00:35:34Z", |
| 8 | + "timestamp": "2024-09-02T00:36:17Z", |
9 | 9 | "lifecycles": [ |
10 | 10 | { |
11 | 11 | "phase": "build" |
|
31 | 31 | "type": "application", |
32 | 32 | "bom-ref": "1-cve-bin-tool", |
33 | 33 | "name": "cve-bin-tool", |
34 | | - "version": "3.4rc0", |
| 34 | + "version": "3.4rc1", |
35 | 35 | "supplier": { |
36 | 36 | "name": "Terri Oda", |
37 | 37 | "contact": [ |
|
40 | 40 | } |
41 | 41 | ] |
42 | 42 | }, |
43 | | - "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.4rc0:*:*:*:*:*:*:*", |
| 43 | + "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.4rc1:*:*:*:*:*:*:*", |
44 | 44 | "description": "CVE Binary Checker Tool", |
45 | 45 | "licenses": [ |
46 | 46 | { |
|
53 | 53 | ], |
54 | 54 | "externalReferences": [ |
55 | 55 | { |
56 | | - "url": "https://pypi.org/project/cve-bin-tool/3.4rc0", |
| 56 | + "url": "https://pypi.org/project/cve-bin-tool/3.4rc1", |
57 | 57 | "type": "distribution", |
58 | 58 | "comment": "Download location for component" |
59 | 59 | } |
60 | 60 | ], |
61 | | - "purl": "pkg:pypi/cve-bin-tool@3.4rc0", |
| 61 | + "purl": "pkg:pypi/cve-bin-tool@3.4rc1", |
62 | 62 | "properties": [ |
63 | 63 | { |
64 | 64 | "name": "language", |
|
119 | 119 | }, |
120 | 120 | "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.0:*:*:*:*:*:*:*", |
121 | 121 | "description": "Happy Eyeballs for asyncio", |
| 122 | + "hashes": [ |
| 123 | + { |
| 124 | + "alg": "SHA-1", |
| 125 | + "content": "c31b127a69bdcd7895d1a521985d918061955348" |
| 126 | + } |
| 127 | + ], |
122 | 128 | "licenses": [ |
123 | 129 | { |
124 | 130 | "license": { |
|
356 | 362 | "type": "library", |
357 | 363 | "bom-ref": "9-yarl", |
358 | 364 | "name": "yarl", |
359 | | - "version": "1.9.4", |
| 365 | + "version": "1.9.7", |
360 | 366 | "supplier": { |
361 | 367 | "name": "Andrew Svetlov", |
362 | 368 | "contact": [ |
|
365 | 371 | } |
366 | 372 | ] |
367 | 373 | }, |
368 | | - "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.9.4:*:*:*:*:*:*:*", |
| 374 | + "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.9.7:*:*:*:*:*:*:*", |
369 | 375 | "description": "Yet another URL library", |
370 | | - "hashes": [ |
371 | | - { |
372 | | - "alg": "SHA-1", |
373 | | - "content": "6362ff155ba02964a5e773927412f7cf4ca23cd1" |
374 | | - } |
375 | | - ], |
376 | 376 | "licenses": [ |
377 | 377 | { |
378 | 378 | "license": { |
|
384 | 384 | ], |
385 | 385 | "externalReferences": [ |
386 | 386 | { |
387 | | - "url": "https://pypi.org/project/yarl/1.9.4", |
| 387 | + "url": "https://pypi.org/project/yarl/1.9.7", |
388 | 388 | "type": "distribution", |
389 | 389 | "comment": "Download location for component" |
390 | 390 | } |
391 | 391 | ], |
392 | | - "purl": "pkg:pypi/[email protected].4", |
| 392 | + "purl": "pkg:pypi/[email protected].7", |
393 | 393 | "properties": [ |
394 | 394 | { |
395 | 395 | "name": "language", |
|
416 | 416 | }, |
417 | 417 | "cpe": "cpe:2.3:a:kim_davies:idna:3.8:*:*:*:*:*:*:*", |
418 | 418 | "description": "Internationalized Domain Names in Applications (IDNA)", |
| 419 | + "hashes": [ |
| 420 | + { |
| 421 | + "alg": "SHA-1", |
| 422 | + "content": "784c6f45c162db9709588124f2f1def5b70615ff" |
| 423 | + } |
| 424 | + ], |
419 | 425 | "externalReferences": [ |
420 | 426 | { |
421 | 427 | "url": "https://pypi.org/project/idna/3.8", |
|
1886 | 1892 | "type": "library", |
1887 | 1893 | "bom-ref": "43-zipp", |
1888 | 1894 | "name": "zipp", |
1889 | | - "version": "3.20.0", |
| 1895 | + "version": "3.20.1", |
1890 | 1896 | "supplier": { |
1891 | 1897 | "name": "Jason R .", |
1892 | 1898 | "contact": [ |
|
1895 | 1901 | } |
1896 | 1902 | ] |
1897 | 1903 | }, |
1898 | | - "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.0:*:*:*:*:*:*:*", |
| 1904 | + "cpe": "cpe:2.3:a:jason_r.:zipp:3.20.1:*:*:*:*:*:*:*", |
1899 | 1905 | "description": "Backport of pathlib-compatible object wrapper for zip files", |
1900 | 1906 | "externalReferences": [ |
1901 | 1907 | { |
1902 | | - "url": "https://pypi.org/project/zipp/3.20.0", |
| 1908 | + "url": "https://pypi.org/project/zipp/3.20.1", |
1903 | 1909 | "type": "distribution", |
1904 | 1910 | "comment": "Download location for component" |
1905 | 1911 | } |
1906 | 1912 | ], |
1907 | | - "purl": "pkg:pypi/[email protected].0", |
| 1913 | + "purl": "pkg:pypi/[email protected].1", |
1908 | 1914 | "properties": [ |
1909 | 1915 | { |
1910 | 1916 | "name": "language", |
|
2208 | 2214 | "type": "library", |
2209 | 2215 | "bom-ref": "52-lib4sbom", |
2210 | 2216 | "name": "lib4sbom", |
2211 | | - "version": "0.7.3", |
| 2217 | + "version": "0.7.4", |
2212 | 2218 | "supplier": { |
2213 | 2219 | "name": "Anthony Harrison", |
2214 | 2220 | "contact": [ |
|
2217 | 2223 | } |
2218 | 2224 | ] |
2219 | 2225 | }, |
2220 | | - "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.7.3:*:*:*:*:*:*:*", |
| 2226 | + "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.7.4:*:*:*:*:*:*:*", |
2221 | 2227 | "description": "Software Bill of Material (SBOM) generator and consumer library", |
2222 | 2228 | "licenses": [ |
2223 | 2229 | { |
|
2230 | 2236 | ], |
2231 | 2237 | "externalReferences": [ |
2232 | 2238 | { |
2233 | | - "url": "https://pypi.org/project/lib4sbom/0.7.3", |
| 2239 | + "url": "https://pypi.org/project/lib4sbom/0.7.4", |
2234 | 2240 | "type": "distribution", |
2235 | 2241 | "comment": "Download location for component" |
2236 | 2242 | } |
2237 | 2243 | ], |
2238 | | - "purl": "pkg:pypi/[email protected].3", |
| 2244 | + "purl": "pkg:pypi/[email protected].4", |
2239 | 2245 | "properties": [ |
2240 | 2246 | { |
2241 | 2247 | "name": "language", |
|
2343 | 2349 | "type": "library", |
2344 | 2350 | "bom-ref": "55-lib4vex", |
2345 | 2351 | "name": "lib4vex", |
2346 | | - "version": "0.1.0", |
| 2352 | + "version": "0.2.0", |
2347 | 2353 | "supplier": { |
2348 | 2354 | "name": "Anthony Harrison", |
2349 | 2355 | "contact": [ |
|
2352 | 2358 | } |
2353 | 2359 | ] |
2354 | 2360 | }, |
2355 | | - "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.1.0:*:*:*:*:*:*:*", |
| 2361 | + "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*", |
2356 | 2362 | "description": "VEX generator and consumer library", |
2357 | | - "hashes": [ |
2358 | | - { |
2359 | | - "alg": "SHA-1", |
2360 | | - "content": "84229c7770dd95cf887d6874e0203da4c8aa809b" |
2361 | | - } |
2362 | | - ], |
2363 | 2363 | "licenses": [ |
2364 | 2364 | { |
2365 | 2365 | "license": { |
|
2371 | 2371 | ], |
2372 | 2372 | "externalReferences": [ |
2373 | 2373 | { |
2374 | | - "url": "https://pypi.org/project/lib4vex/0.1.0", |
| 2374 | + "url": "https://pypi.org/project/lib4vex/0.2.0", |
2375 | 2375 | "type": "distribution", |
2376 | 2376 | "comment": "Download location for component" |
2377 | 2377 | } |
2378 | 2378 | ], |
2379 | | - "purl": "pkg:pypi/lib4vex@0.1.0", |
| 2379 | + "purl": "pkg:pypi/lib4vex@0.2.0", |
2380 | 2380 | "properties": [ |
2381 | 2381 | { |
2382 | 2382 | "name": "language", |
|
2485 | 2485 | "type": "library", |
2486 | 2486 | "bom-ref": "58-rich", |
2487 | 2487 | "name": "rich", |
2488 | | - "version": "13.7.1", |
| 2488 | + "version": "13.8.0", |
2489 | 2489 | "supplier": { |
2490 | 2490 | "name": "Will McGugan", |
2491 | 2491 | "contact": [ |
|
2494 | 2494 | } |
2495 | 2495 | ] |
2496 | 2496 | }, |
2497 | | - "cpe": "cpe:2.3:a:will_mcgugan:rich:13.7.1:*:*:*:*:*:*:*", |
| 2497 | + "cpe": "cpe:2.3:a:will_mcgugan:rich:13.8.0:*:*:*:*:*:*:*", |
2498 | 2498 | "description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal", |
2499 | 2499 | "licenses": [ |
2500 | 2500 | { |
|
2507 | 2507 | ], |
2508 | 2508 | "externalReferences": [ |
2509 | 2509 | { |
2510 | | - "url": "https://pypi.org/project/rich/13.7.1", |
| 2510 | + "url": "https://pypi.org/project/rich/13.8.0", |
2511 | 2511 | "type": "distribution", |
2512 | 2512 | "comment": "Download location for component" |
2513 | 2513 | } |
2514 | 2514 | ], |
2515 | | - "purl": "pkg:pypi/rich@13.7.1", |
| 2515 | + "purl": "pkg:pypi/rich@13.8.0", |
2516 | 2516 | "properties": [ |
2517 | 2517 | { |
2518 | 2518 | "name": "language", |
|
2725 | 2725 | "type": "library", |
2726 | 2726 | "bom-ref": "64-plotly", |
2727 | 2727 | "name": "plotly", |
2728 | | - "version": "5.23.0", |
| 2728 | + "version": "5.24.0", |
2729 | 2729 | "supplier": { |
2730 | 2730 | "name": "Chris P", |
2731 | 2731 | "contact": [ |
|
2734 | 2734 | } |
2735 | 2735 | ] |
2736 | 2736 | }, |
2737 | | - "cpe": "cpe:2.3:a:chris_p:plotly:5.23.0:*:*:*:*:*:*:*", |
| 2737 | + "cpe": "cpe:2.3:a:chris_p:plotly:5.24.0:*:*:*:*:*:*:*", |
2738 | 2738 | "description": "An open-source, interactive data visualization library for Python", |
2739 | 2739 | "licenses": [ |
2740 | 2740 | { |
|
2747 | 2747 | ], |
2748 | 2748 | "externalReferences": [ |
2749 | 2749 | { |
2750 | | - "url": "https://pypi.org/project/plotly/5.23.0", |
| 2750 | + "url": "https://pypi.org/project/plotly/5.24.0", |
2751 | 2751 | "type": "distribution", |
2752 | 2752 | "comment": "Download location for component" |
2753 | 2753 | } |
2754 | 2754 | ], |
2755 | | - "purl": "pkg:pypi/plotly@5.23.0", |
| 2755 | + "purl": "pkg:pypi/plotly@5.24.0", |
2756 | 2756 | "properties": [ |
2757 | 2757 | { |
2758 | 2758 | "name": "language", |
|
2915 | 2915 | "type": "library", |
2916 | 2916 | "bom-ref": "68-certifi", |
2917 | 2917 | "name": "certifi", |
2918 | | - "version": "2024.7.4", |
| 2918 | + "version": "2024.8.30", |
2919 | 2919 | "supplier": { |
2920 | 2920 | "name": "Kenneth Reitz", |
2921 | 2921 | "contact": [ |
|
2924 | 2924 | } |
2925 | 2925 | ] |
2926 | 2926 | }, |
2927 | | - "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.7.4:*:*:*:*:*:*:*", |
| 2927 | + "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*", |
2928 | 2928 | "description": "Python package for providing Mozilla's CA Bundle.", |
2929 | 2929 | "licenses": [ |
2930 | 2930 | { |
|
2937 | 2937 | ], |
2938 | 2938 | "externalReferences": [ |
2939 | 2939 | { |
2940 | | - "url": "https://pypi.org/project/certifi/2024.7.4", |
| 2940 | + "url": "https://pypi.org/project/certifi/2024.8.30", |
2941 | 2941 | "type": "distribution", |
2942 | 2942 | "comment": "Download location for component" |
2943 | 2943 | } |
2944 | 2944 | ], |
2945 | | - "purl": "pkg:pypi/certifi@2024.7.4", |
| 2945 | + "purl": "pkg:pypi/certifi@2024.8.30", |
2946 | 2946 | "properties": [ |
2947 | 2947 | { |
2948 | 2948 | "name": "language", |
|
3090 | 3090 | "type": "library", |
3091 | 3091 | "bom-ref": "72-setuptools", |
3092 | 3092 | "name": "setuptools", |
3093 | | - "version": "73.0.1", |
| 3093 | + "version": "74.0.0", |
3094 | 3094 | "supplier": { |
3095 | 3095 | "name": "Python Packaging Authority", |
3096 | 3096 | "contact": [ |
|
3099 | 3099 | } |
3100 | 3100 | ] |
3101 | 3101 | }, |
3102 | | - "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:73.0.1:*:*:*:*:*:*:*", |
| 3102 | + "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:74.0.0:*:*:*:*:*:*:*", |
3103 | 3103 | "description": "Easily download, build, install, upgrade, and uninstall Python packages", |
3104 | 3104 | "externalReferences": [ |
3105 | 3105 | { |
3106 | | - "url": "https://pypi.org/project/setuptools/73.0.1", |
| 3106 | + "url": "https://pypi.org/project/setuptools/74.0.0", |
3107 | 3107 | "type": "distribution", |
3108 | 3108 | "comment": "Download location for component" |
3109 | 3109 | } |
3110 | 3110 | ], |
3111 | | - "purl": "pkg:pypi/setuptools@73.0.1", |
| 3111 | + "purl": "pkg:pypi/setuptools@74.0.0", |
3112 | 3112 | "properties": [ |
3113 | 3113 | { |
3114 | 3114 | "name": "language", |
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments