chore: update SBOM for Python 3.11

Author: web-flow

sbom/cve-bin-tool-py3.11.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:40e44969-b259-4931-9ea1-0af3fe41c424",
+  "serialNumber": "urn:uuid:6651a745-49a2-4885-9df4-d4583c676a0e",
   "version": 1,
   "metadata": {
-    "timestamp": "2025-02-17T00:37:07Z",
+    "timestamp": "2025-02-24T00:37:35Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -624,7 +624,7 @@
       "type": "library",
       "bom-ref": "9-propcache",
       "name": "propcache",
-      "version": "0.2.1",
+      "version": "0.3.0",
       "supplier": {
         "name": "Andrew Svetlov",
         "contact": [
@@ -633,14 +633,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.2.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.3.0:*:*:*:*:*:*:*",
       "description": "Accelerated property cache",
-      "hashes": [
-        {
-          "alg": "SHA-256",
-          "content": "6b3f39a85d671436ee3d12c017f8fdea38509e4f25b28eb25877293c98c243f6"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -657,7 +651,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/propcache/0.2.1/#files",
+          "url": "https://pypi.org/project/propcache/0.3.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -698,11 +692,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/propcache@0.2.1",
+      "purl": "pkg:pypi/propcache@0.3.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-01T18:27:02Z"
+          "value": "2024-06-07T18:52:13Z"
         },
         {
           "name": "language",
@@ -2515,7 +2509,7 @@
       "type": "library",
       "bom-ref": "39-cachetools",
       "name": "cachetools",
-      "version": "5.5.1",
+      "version": "5.5.2",
       "supplier": {
         "name": "Thomas Kemmer",
         "contact": [
@@ -2524,12 +2518,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.2:*:*:*:*:*:*:*",
       "description": "Extensible memoizing collections and decorators",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "b76651fdc3b24ead3c648bbdeeb940c1b04d365b38b4af66788f9ec4a81d42bb"
+          "content": "d26a22bcc62eb95c3beabd9f1ee5e820d3d2704fe2967cbe350e20c8ffcd3f0a"
         }
       ],
       "licenses": [
@@ -2548,16 +2542,16 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/cachetools/5.5.1/#files",
+          "url": "https://pypi.org/project/cachetools/5.5.2/#files",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].1",
+      "purl": "pkg:pypi/[email protected].2",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-01-21T21:27:54Z"
+          "value": "2025-02-20T21:01:16Z"
         },
         {
           "name": "language",
@@ -3177,7 +3171,7 @@
       "type": "library",
       "bom-ref": "50-rpds-py",
       "name": "rpds-py",
-      "version": "0.22.3",
+      "version": "0.23.1",
       "supplier": {
         "name": "Julian Berman",
         "contact": [
@@ -3186,12 +3180,15 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.22.3:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.23.1:*:*:*:*:*:*:*",
       "description": "Python bindings to Rust's persistent data structures (rpds)",
-      "hashes": [
+      "licenses": [
         {
-          "alg": "SHA-256",
-          "content": "6c7b99ca52c2c1752b544e310101b98a659b720b21db00e65edca34483259967"
+          "license": {
+            "id": "MIT",
+            "url": "https://opensource.org/license/mit/",
+            "acknowledgement": "concluded"
+          }
         }
       ],
       "externalReferences": [
@@ -3201,7 +3198,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/rpds-py/0.22.3/#files",
+          "url": "https://pypi.org/project/rpds-py/0.23.1/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -3230,11 +3227,11 @@
           "type": "other"
         }
       ],
-      "purl": "pkg:pypi/rpds-py@0.22.3",
+      "purl": "pkg:pypi/rpds-py@0.23.1",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-12-04T15:31:31Z"
+          "value": "2025-01-25T08:48:14Z"
         },
         {
           "name": "language",
@@ -4043,7 +4040,7 @@
       "type": "library",
       "bom-ref": "64-narwhals",
       "name": "narwhals",
-      "version": "1.26.0",
+      "version": "1.27.1",
       "supplier": {
         "name": "Marco Gorelli",
         "contact": [
@@ -4052,7 +4049,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.26.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.27.1:*:*:*:*:*:*:*",
       "description": "Extremely lightweight compatibility layer between dataframe libraries",
       "externalReferences": [
         {
@@ -4061,7 +4058,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/narwhals/1.26.0/#files",
+          "url": "https://pypi.org/project/narwhals/1.27.1/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4078,7 +4075,7 @@
           "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/narwhals@1.26.0",
+      "purl": "pkg:pypi/narwhals@1.27.1",
       "properties": [
         {
           "name": "release_date",

sbom/cve-bin-tool-py3.11.spdx

@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-5f160352-36eb-4d91-b842-36f9c32fd09d
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-da3c03f4-11e8-4169-9feb-c7b342c61cc2
 LicenseListVersion: 3.25
 Creator: Tool: sbom4python-0.12.1
-Created: 2025-02-17T00:37:00Z
+Created: 2025-02-24T00:37:23Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -199,18 +199,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-e
 
 PackageName: propcache
 SPDXID: SPDXRef-9-propcache
-PackageVersion: 0.2.1
+PackageVersion: 0.3.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Andrew Svetlov ([email protected])
-PackageDownloadLocation: https://pypi.org/project/propcache/0.2.1/#files
+PackageDownloadLocation: https://pypi.org/project/propcache/0.3.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/aio-libs/propcache
-PackageChecksum: SHA256: 6b3f39a85d671436ee3d12c017f8fdea38509e4f25b28eb25877293c98c243f6
 PackageLicenseDeclared: Apache-2.0
 PackageLicenseConcluded: Apache-2.0
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Accelerated property cache</text>
-ReleaseDate: 2024-12-01T18:27:02Z
+ReleaseDate: 2024-06-07T18:52:13Z
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
 ExternalRef: OTHER other https://github.com/aio-libs/propcache/actions?query=branch:master
@@ -220,8 +219,8 @@ ExternalRef: OTHER log https://propcache.readthedocs.io/en/latest/changes/
 ExternalRef: OTHER other https://propcache.readthedocs.io
 ExternalRef: OTHER issue-tracker https://github.com/aio-libs/propcache/issues
 ExternalRef: OTHER vcs https://github.com/aio-libs/propcache
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.2.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.2.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.3.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.3.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: yarl
@@ -800,20 +799,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17
 
 PackageName: cachetools
 SPDXID: SPDXRef-39-cachetools
-PackageVersion: 5.5.1
+PackageVersion: 5.5.2
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Thomas Kemmer ([email protected])
-PackageDownloadLocation: https://pypi.org/project/cachetools/5.5.1/#files
+PackageDownloadLocation: https://pypi.org/project/cachetools/5.5.2/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/tkem/cachetools/
-PackageChecksum: SHA256: b76651fdc3b24ead3c648bbdeeb940c1b04d365b38b4af66788f9ec4a81d42bb
+PackageChecksum: SHA256: d26a22bcc62eb95c3beabd9f1ee5e820d3d2704fe2967cbe350e20c8ffcd3f0a
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Extensible memoizing collections and decorators</text>
-ReleaseDate: 2025-01-21T21:27:54Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.1:*:*:*:*:*:*:*
+ReleaseDate: 2025-02-20T21:01:16Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected].2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.2:*:*:*:*:*:*:*
 ##### 
 
 PackageName: google-auth-httplib2
@@ -1053,26 +1052,25 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*
 
 PackageName: rpds-py
 SPDXID: SPDXRef-50-rpds-py
-PackageVersion: 0.22.3
+PackageVersion: 0.23.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Julian Berman ([email protected])
-PackageDownloadLocation: https://pypi.org/project/rpds-py/0.22.3/#files
+PackageDownloadLocation: https://pypi.org/project/rpds-py/0.23.1/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/crate-py/rpds
-PackageChecksum: SHA256: 6c7b99ca52c2c1752b544e310101b98a659b720b21db00e65edca34483259967
-PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: NOASSERTION
+PackageLicenseDeclared: MIT
+PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Python bindings to Rust's persistent data structures (rpds)</text>
-ReleaseDate: 2024-12-04T15:31:31Z
+ReleaseDate: 2025-01-25T08:48:14Z
 ExternalRef: OTHER documentation https://rpds.readthedocs.io/
 ExternalRef: OTHER issue-tracker https://github.com/crate-py/rpds/issues/
 ExternalRef: OTHER other https://github.com/sponsors/Julian
 ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-rpds-py?utm_source=pypi-rpds-py&utm_medium=referral&utm_campaign=pypi-link
 ExternalRef: OTHER vcs https://github.com/crate-py/rpds
 ExternalRef: OTHER other https://github.com/orium/rpds
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.22.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.22.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.23.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.23.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: lib4sbom
@@ -1331,10 +1329,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*
 
 PackageName: narwhals
 SPDXID: SPDXRef-64-narwhals
-PackageVersion: 1.26.0
+PackageVersion: 1.27.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Marco Gorelli ([email protected])
-PackageDownloadLocation: https://pypi.org/project/narwhals/1.26.0/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.27.1/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/narwhals-dev/narwhals
 PackageLicenseDeclared: NOASSERTION
@@ -1345,8 +1343,8 @@ ReleaseDate: 2025-01-28T19:33:47Z
 ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
 ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
 ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.26.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.26.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.27.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.27.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: requests