chore: update SBOM for Python 3.10

Author: web-flow

sbom/cve-bin-tool-py3.10.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:02457095-edd2-4ba8-903c-d14d6ef3cb7c",
+  "serialNumber": "urn:uuid:e14c6f48-6e1d-4499-bc10-f74b9a469ab7",
   "version": 1,
   "metadata": {
-    "timestamp": "2025-02-03T00:35:26Z",
+    "timestamp": "2025-02-10T00:36:20Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -89,12 +89,12 @@
       "type": "library",
       "bom-ref": "2-aiohttp",
       "name": "aiohttp",
-      "version": "3.11.11",
+      "version": "3.11.12",
       "description": "Async http client/server framework (asyncio)",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "a60804bff28662cbcf340a4d61598891f12eea3a66af48ecfdc975ceec21e3c8"
+          "content": "aa8a8caca81c0a3e765f19c6953416c58e2f4cc1b84829af01dd1c771bb2f91f"
         }
       ],
       "licenses": [
@@ -113,7 +113,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/aiohttp/3.11.11/#files",
+          "url": "https://pypi.org/project/aiohttp/3.11.12/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -150,11 +150,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/[email protected].11",
+      "purl": "pkg:pypi/[email protected].12",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-18T21:17:26Z"
+          "value": "2025-02-06T00:25:21Z"
         },
         {
           "name": "language",
@@ -170,7 +170,7 @@
       "type": "library",
       "bom-ref": "3-aiohappyeyeballs",
       "name": "aiohappyeyeballs",
-      "version": "2.4.4",
+      "version": "2.4.6",
       "supplier": {
         "name": "J. Nick Koston",
         "contact": [
@@ -179,12 +179,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.4:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.6:*:*:*:*:*:*:*",
       "description": "Happy Eyeballs for asyncio",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "a980909d50efcd44795c4afeca523296716d50cd756ddca6af8c65b996e27de8"
+          "content": "147ec992cf873d74f5062644332c539fcd42956dc69453fe5204195e560517e1"
         }
       ],
       "licenses": [
@@ -198,12 +198,7 @@
       ],
       "externalReferences": [
         {
-          "url": "https://github.com/aio-libs/aiohappyeyeballs",
-          "type": "website",
-          "comment": "Home page for project"
-        },
-        {
-          "url": "https://pypi.org/project/aiohappyeyeballs/2.4.4/#files",
+          "url": "https://pypi.org/project/aiohappyeyeballs/2.4.6/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -224,11 +219,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/[email protected].4",
+      "purl": "pkg:pypi/[email protected].6",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-11-30T18:43:39Z"
+          "value": "2025-02-07T17:53:10Z"
         },
         {
           "name": "language",
@@ -951,7 +946,7 @@
       "type": "library",
       "bom-ref": "13-beautifulsoup4",
       "name": "beautifulsoup4",
-      "version": "4.13.0",
+      "version": "4.13.3",
       "supplier": {
         "name": "Leonard Richardson",
         "contact": [
@@ -960,8 +955,14 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.3:*:*:*:*:*:*:*",
       "description": "Screen-scraping library",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "99045d7d3f08f91f0d656bc9b7efbae189426cd913d830294a15eefa0ea4df16"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -978,7 +979,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/beautifulsoup4/4.13.0/#files",
+          "url": "https://pypi.org/project/beautifulsoup4/4.13.3/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -987,11 +988,11 @@
           "type": "other"
         }
       ],
-      "purl": "pkg:pypi/[email protected].0",
+      "purl": "pkg:pypi/[email protected].3",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-09-15T18:07:37Z"
+          "value": "2025-02-04T20:05:03Z"
         },
         {
           "name": "language",
@@ -4120,7 +4121,7 @@
       "type": "library",
       "bom-ref": "65-narwhals",
       "name": "narwhals",
-      "version": "1.24.2",
+      "version": "1.25.2",
       "supplier": {
         "name": "Marco Gorelli",
         "contact": [
@@ -4129,7 +4130,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.24.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.25.2:*:*:*:*:*:*:*",
       "description": "Extremely lightweight compatibility layer between dataframe libraries",
       "externalReferences": [
         {
@@ -4138,7 +4139,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/narwhals/1.24.2/#files",
+          "url": "https://pypi.org/project/narwhals/1.25.2/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4155,7 +4156,7 @@
           "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/narwhals@1.24.2",
+      "purl": "pkg:pypi/narwhals@1.25.2",
       "properties": [
         {
           "name": "release_date",

sbom/cve-bin-tool-py3.10.spdx

@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-1aef587d-f8f0-45d3-b5bf-c611ad560753
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-d53e0a1f-9480-4f44-b321-0f5c9465784d
 LicenseListVersion: 3.25
 Creator: Tool: sbom4python-0.12.1
-Created: 2025-02-03T00:35:18Z
+Created: 2025-02-10T00:36:14Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -29,18 +29,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*
 
 PackageName: aiohttp
 SPDXID: SPDXRef-2-aiohttp
-PackageVersion: 3.11.11
+PackageVersion: 3.11.12
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiohttp/3.11.11/#files
+PackageDownloadLocation: https://pypi.org/project/aiohttp/3.11.12/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/aio-libs/aiohttp
-PackageChecksum: SHA256: a60804bff28662cbcf340a4d61598891f12eea3a66af48ecfdc975ceec21e3c8
+PackageChecksum: SHA256: aa8a8caca81c0a3e765f19c6953416c58e2f4cc1b84829af01dd1c771bb2f91f
 PackageLicenseDeclared: Apache-2.0
 PackageLicenseConcluded: Apache-2.0
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Async http client/server framework (asyncio)</text>
-ReleaseDate: 2024-12-18T21:17:26Z
+ReleaseDate: 2025-02-06T00:25:21Z
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
 ExternalRef: OTHER build-system https://github.com/aio-libs/aiohttp/actions?query=workflow%3ACI
@@ -49,29 +49,28 @@ ExternalRef: OTHER log https://docs.aiohttp.org/en/stable/changes.html
 ExternalRef: OTHER other https://docs.aiohttp.org
 ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiohttp/issues
 ExternalRef: OTHER vcs https://github.com/aio-libs/aiohttp
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].11
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].12
 ##### 
 
 PackageName: aiohappyeyeballs
 SPDXID: SPDXRef-3-aiohappyeyeballs
-PackageVersion: 2.4.4
+PackageVersion: 2.4.6
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: J. Nick Koston ([email protected])
-PackageDownloadLocation: https://pypi.org/project/aiohappyeyeballs/2.4.4/#files
+PackageDownloadLocation: https://pypi.org/project/aiohappyeyeballs/2.4.6/#files
 FilesAnalyzed: false
-PackageHomePage: https://github.com/aio-libs/aiohappyeyeballs
-PackageChecksum: SHA256: a980909d50efcd44795c4afeca523296716d50cd756ddca6af8c65b996e27de8
+PackageChecksum: SHA256: 147ec992cf873d74f5062644332c539fcd42956dc69453fe5204195e560517e1
 PackageLicenseDeclared: PSF-2.0
 PackageLicenseConcluded: PSF-2.0
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Happy Eyeballs for asyncio</text>
-ReleaseDate: 2024-11-30T18:43:39Z
+ReleaseDate: 2025-02-07T17:53:10Z
 ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiohappyeyeballs/issues
 ExternalRef: OTHER log https://github.com/aio-libs/aiohappyeyeballs/blob/main/CHANGELOG.md
 ExternalRef: OTHER documentation https://aiohappyeyeballs.readthedocs.io
 ExternalRef: OTHER vcs https://github.com/aio-libs/aiohappyeyeballs
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].4
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.4:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].6
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.6:*:*:*:*:*:*:*
 ##### 
 
 PackageName: aiosignal
@@ -298,21 +297,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
 
 PackageName: beautifulsoup4
 SPDXID: SPDXRef-13-beautifulsoup4
-PackageVersion: 4.13.0
+PackageVersion: 4.13.3
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Leonard Richardson ([email protected])
-PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.13.0/#files
+PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.13.3/#files
 FilesAnalyzed: false
 PackageHomePage: https://www.crummy.com/software/BeautifulSoup/bs4/
+PackageChecksum: SHA256: 99045d7d3f08f91f0d656bc9b7efbae189426cd913d830294a15eefa0ea4df16
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: MIT
 PackageLicenseComments: <text>beautifulsoup4 declares MIT License which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Screen-scraping library</text>
-ReleaseDate: 2024-09-15T18:07:37Z
+ReleaseDate: 2025-02-04T20:05:03Z
 ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.3:*:*:*:*:*:*:*
 ##### 
 
 PackageName: soupsieve
@@ -1355,10 +1355,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*
 
 PackageName: narwhals
 SPDXID: SPDXRef-65-narwhals
-PackageVersion: 1.24.2
+PackageVersion: 1.25.2
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Marco Gorelli ([email protected])
-PackageDownloadLocation: https://pypi.org/project/narwhals/1.24.2/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.25.2/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/narwhals-dev/narwhals
 PackageLicenseDeclared: NOASSERTION
@@ -1369,8 +1369,8 @@ ReleaseDate: 2025-01-28T19:33:47Z
 ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
 ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
 ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.24.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.24.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.25.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.25.2:*:*:*:*:*:*:*
 ##### 
 
 PackageName: requests