diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json
index e305d488e0..ae2eb1c894 100644
--- a/sbom/cve-bin-tool-py3.8.json
+++ b/sbom/cve-bin-tool-py3.8.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
- "serialNumber": "urn:uuidb9b09cec-54df-4f21-b7b2-20fe19b3b8bd",
+ "serialNumber": "urn:uuid76ec96fe-82ee-4b65-9c9a-2e26de0ada5e",
"version": 1,
"metadata": {
- "timestamp": "2023-05-29T00:27:22Z",
+ "timestamp": "2023-06-05T00:30:24Z",
"tools": [
{
"name": "sbom4python",
@@ -23,7 +23,7 @@
"type": "application",
"bom-ref": "1-cve-bin-tool",
"name": "cve-bin-tool",
- "version": "3.2.1",
+ "version": "3.2.2.dev0",
"supplier": {
"name": "Terri Oda",
"contact": [
@@ -32,7 +32,7 @@
}
]
},
- "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.2.2.dev0:*:*:*:*:*:*:*",
"description": "CVE Binary Checker Tool",
"licenses": [
{
@@ -49,12 +49,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/cve-bin-tool/3.2.1",
+ "url": "https://pypi.org/project/cve-bin-tool/3.2.2.dev0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/cve-bin-tool@3.2.1"
+ "purl": "pkg:pypi/cve-bin-tool@3.2.2.dev0"
},
{
"type": "library",
@@ -1138,7 +1138,7 @@
"type": "library",
"bom-ref": "31-pyopenssl",
"name": "pyopenssl",
- "version": "23.1.1",
+ "version": "23.2.0",
"supplier": {
"name": "The pyOpenSSL developers",
"contact": [
@@ -1147,7 +1147,7 @@
}
]
},
- "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.1.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.2.0:*:*:*:*:*:*:*",
"description": "Python wrapper module around the OpenSSL library",
"licenses": [
{
@@ -1164,12 +1164,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/pyOpenSSL/23.1.1",
+ "url": "https://pypi.org/project/pyOpenSSL/23.2.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyopenssl@23.1.1",
+ "purl": "pkg:pypi/pyopenssl@23.2.0",
"properties": [
{
"name": "License Comments",
@@ -1181,7 +1181,7 @@
"type": "library",
"bom-ref": "32-cryptography",
"name": "cryptography",
- "version": "40.0.2",
+ "version": "41.0.1",
"supplier": {
"name": "The Python Cryptographic Authority and individual contributors",
"contact": [
@@ -1190,28 +1190,23 @@
}
]
},
- "cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:40.0.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:41.0.1:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
"license": {
- "expression": "(Apache-2.0 OR BSD-3-Clause) AND PSF-2.0"
+ "expression": "Apache-2.0 OR BSD-3-Clause"
}
}
],
"externalReferences": [
{
- "url": "https://github.com/pyca/cryptography",
- "type": "website",
- "comment": "Home page for project"
- },
- {
- "url": "https://pypi.org/project/cryptography/40.0.2",
+ "url": "https://pypi.org/project/cryptography/41.0.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/cryptography@40.0.2"
+ "purl": "pkg:pypi/cryptography@41.0.1"
},
{
"type": "library",
@@ -1377,7 +1372,7 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
- "version": "2.19.0",
+ "version": "2.19.1",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
@@ -1386,7 +1381,7 @@
}
]
},
- "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.19.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.19.1:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
@@ -1403,12 +1398,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/google-auth/2.19.0",
+ "url": "https://pypi.org/project/google-auth/2.19.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/google-auth@2.19.0",
+ "purl": "pkg:pypi/google-auth@2.19.1",
"properties": [
{
"name": "License Comments",
@@ -1661,16 +1656,7 @@
"type": "library",
"bom-ref": "45-markupsafe",
"name": "markupsafe",
- "version": "2.1.2",
- "supplier": {
- "name": "Armin Ronacher",
- "contact": [
- {
- "email": "armin.ronacher@active-4.com"
- }
- ]
- },
- "cpe": "cpe:2.3:a:armin_ronacher:markupsafe:2.1.2:*:*:*:*:*:*:*",
+ "version": "2.1.3",
"description": "Safely add untrusted strings to HTML/XML markup.",
"licenses": [
{
@@ -1687,12 +1673,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/MarkupSafe/2.1.2",
+ "url": "https://pypi.org/project/MarkupSafe/2.1.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/markupsafe@2.1.2"
+ "purl": "pkg:pypi/markupsafe@2.1.3"
},
{
"type": "library",
@@ -2028,7 +2014,50 @@
},
{
"type": "library",
- "bom-ref": "55-requests",
+ "bom-ref": "55-python-gnupg",
+ "name": "python-gnupg",
+ "version": "0.5.0",
+ "supplier": {
+ "name": "Vinay Sajip",
+ "contact": [
+ {
+ "email": "vinay_sajip@yahoo.co.uk"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:vinay_sajip:python-gnupg:0.5.0:*:*:*:*:*:*:*",
+ "description": "A wrapper for the Gnu Privacy Guard (GPG or GnuPG)",
+ "licenses": [
+ {
+ "license": {
+ "id": "BSD-3-Clause",
+ "url": "https://opensource.org/licenses/BSD-3-Clause"
+ }
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://github.com/vsajip/python-gnupg",
+ "type": "website",
+ "comment": "Home page for project"
+ },
+ {
+ "url": "https://pypi.org/project/python-gnupg/0.5.0",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/python-gnupg@0.5.0",
+ "properties": [
+ {
+ "name": "License Comments",
+ "value": "python-gnupg declares BSD which is not currently a valid SPDX License identifier or expression."
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "56-requests",
"name": "requests",
"version": "2.31.0",
"supplier": {
@@ -2071,7 +2100,7 @@
},
{
"type": "library",
- "bom-ref": "56-certifi",
+ "bom-ref": "57-certifi",
"name": "certifi",
"version": "2023.5.7",
"supplier": {
@@ -2108,9 +2137,9 @@
},
{
"type": "library",
- "bom-ref": "57-rich",
+ "bom-ref": "58-rich",
"name": "rich",
- "version": "13.3.5",
+ "version": "13.4.1",
"supplier": {
"name": "Will McGugan",
"contact": [
@@ -2119,7 +2148,7 @@
}
]
},
- "cpe": "cpe:2.3:a:will_mcgugan:rich:13.3.5:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:will_mcgugan:rich:13.4.1:*:*:*:*:*:*:*",
"description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal",
"licenses": [
{
@@ -2136,16 +2165,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/rich/13.3.5",
+ "url": "https://pypi.org/project/rich/13.4.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/rich@13.3.5"
+ "purl": "pkg:pypi/rich@13.4.1"
},
{
"type": "library",
- "bom-ref": "58-markdown-it-py",
+ "bom-ref": "59-markdown-it-py",
"name": "markdown-it-py",
"version": "2.2.0",
"supplier": {
@@ -2169,7 +2198,7 @@
},
{
"type": "library",
- "bom-ref": "59-mdurl",
+ "bom-ref": "60-mdurl",
"name": "mdurl",
"version": "0.1.2",
"supplier": {
@@ -2193,7 +2222,7 @@
},
{
"type": "library",
- "bom-ref": "60-pygments",
+ "bom-ref": "61-pygments",
"name": "pygments",
"version": "2.15.1",
"supplier": {
@@ -2225,9 +2254,9 @@
},
{
"type": "library",
- "bom-ref": "61-typing-extensions",
+ "bom-ref": "62-typing-extensions",
"name": "typing-extensions",
- "version": "4.6.2",
+ "version": "4.6.3",
"supplier": {
"name": "Guido van Jukka ukasz Michael",
"contact": [
@@ -2236,20 +2265,20 @@
}
]
},
- "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.6.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.6.3:*:*:*:*:*:*:*",
"description": "Backported and Experimental Type Hints for Python 3.7+",
"externalReferences": [
{
- "url": "https://pypi.org/project/typing_extensions/4.6.2",
+ "url": "https://pypi.org/project/typing_extensions/4.6.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/typing-extensions@4.6.2"
+ "purl": "pkg:pypi/typing-extensions@4.6.3"
},
{
"type": "library",
- "bom-ref": "62-rpmfile",
+ "bom-ref": "63-rpmfile",
"name": "rpmfile",
"version": "1.1.1",
"supplier": {
@@ -2286,7 +2315,7 @@
},
{
"type": "library",
- "bom-ref": "63-toml",
+ "bom-ref": "64-toml",
"name": "toml",
"version": "0.10.2",
"supplier": {
@@ -2323,7 +2352,7 @@
},
{
"type": "library",
- "bom-ref": "64-xmlschema",
+ "bom-ref": "65-xmlschema",
"name": "xmlschema",
"version": "2.3.0",
"supplier": {
@@ -2360,7 +2389,7 @@
},
{
"type": "library",
- "bom-ref": "65-elementpath",
+ "bom-ref": "66-elementpath",
"name": "elementpath",
"version": "4.1.2",
"supplier": {
@@ -2397,7 +2426,7 @@
},
{
"type": "library",
- "bom-ref": "66-zstandard",
+ "bom-ref": "67-zstandard",
"name": "zstandard",
"version": "0.21.0",
"supplier": {
@@ -2462,14 +2491,15 @@
"49-lib4sbom",
"52-packaging",
"53-plotly",
+ "55-python-gnupg",
"50-pyyaml",
- "55-requests",
- "57-rich",
- "62-rpmfile",
- "63-toml",
+ "56-requests",
+ "58-rich",
+ "63-rpmfile",
+ "64-toml",
"39-urllib3",
- "64-xmlschema",
- "66-zstandard"
+ "65-xmlschema",
+ "67-zstandard"
]
},
{
@@ -2658,32 +2688,32 @@
]
},
{
- "ref": "55-requests",
+ "ref": "56-requests",
"dependsOn": [
- "56-certifi",
+ "57-certifi",
"7-charset-normalizer",
"10-idna",
"39-urllib3"
]
},
{
- "ref": "57-rich",
+ "ref": "58-rich",
"dependsOn": [
- "58-markdown-it-py",
- "60-pygments",
- "61-typing-extensions"
+ "59-markdown-it-py",
+ "61-pygments",
+ "62-typing-extensions"
]
},
{
- "ref": "58-markdown-it-py",
+ "ref": "59-markdown-it-py",
"dependsOn": [
- "59-mdurl"
+ "60-mdurl"
]
},
{
- "ref": "64-xmlschema",
+ "ref": "65-xmlschema",
"dependsOn": [
- "65-elementpath"
+ "66-elementpath"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx
index 3ca3d0aa65..e1542fe7c4 100644
--- a/sbom/cve-bin-tool-py3.8.spdx
+++ b/sbom/cve-bin-tool-py3.8.spdx
@@ -2,27 +2,27 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-24d84485-8943-44a4-9776-b41bfc9b7686
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-a27f50fd-261a-4e13-8f04-cfb8ff5e9991
LicenseListVersion: 3.20
Creator: Tool: sbom4python-0.9.1
-Created: 2023-05-29T00:25:56Z
+Created: 2023-06-05T00:28:49Z
CreatorComment: This document has been automatically generated.
#####
PackageName: cve-bin-tool
SPDXID: SPDXRef-Package-1-cve-bin-tool
-PackageVersion: 3.2.1
+PackageVersion: 3.2.2.dev0
PrimaryPackagePurpose: APPLICATION
PackageSupplier: Person: Terri Oda (terri.oda@intel.com)
-PackageDownloadLocation: https://pypi.org/project/cve-bin-tool/3.2.1
+PackageDownloadLocation: https://pypi.org/project/cve-bin-tool/3.2.2.dev0
FilesAnalyzed: false
PackageHomePage: https://github.com/intel/cve-bin-tool
PackageLicenseDeclared: GPL-3.0-or-later
PackageLicenseConcluded: GPL-3.0-or-later
PackageCopyrightText: NOASSERTION
PackageSummary: CVE Binary Checker Tool
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cve-bin-tool@3.2.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cve-bin-tool@3.2.2.dev0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:terri_oda:cve-bin-tool:3.2.2.dev0:*:*:*:*:*:*:*
#####
PackageName: aiohttp
@@ -500,10 +500,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*
PackageName: pyopenssl
SPDXID: SPDXRef-Package-31-pyopenssl
-PackageVersion: 23.1.1
+PackageVersion: 23.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org)
-PackageDownloadLocation: https://pypi.org/project/pyOpenSSL/23.1.1
+PackageDownloadLocation: https://pypi.org/project/pyOpenSSL/23.2.0
FilesAnalyzed: false
PackageHomePage: https://pyopenssl.org/
PackageLicenseDeclared: NOASSERTION
@@ -511,24 +511,23 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: pyOpenSSL declares Apache License, Version 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Python wrapper module around the OpenSSL library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyopenssl@23.1.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.1.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyopenssl@23.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.2.0:*:*:*:*:*:*:*
#####
PackageName: cryptography
SPDXID: SPDXRef-Package-32-cryptography
-PackageVersion: 40.0.2
+PackageVersion: 41.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
-PackageDownloadLocation: https://pypi.org/project/cryptography/40.0.2
+PackageDownloadLocation: https://pypi.org/project/cryptography/41.0.1
FilesAnalyzed: false
-PackageHomePage: https://github.com/pyca/cryptography
-PackageLicenseDeclared: (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0
-PackageLicenseConcluded: (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0
+PackageLicenseDeclared: Apache-2.0 OR BSD-3-Clause
+PackageLicenseConcluded: Apache-2.0 OR BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@40.0.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:40.0.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cryptography@41.0.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:41.0.1:*:*:*:*:*:*:*
#####
PackageName: cffi
@@ -599,10 +598,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
PackageName: google-auth
SPDXID: SPDXRef-Package-37-google-auth
-PackageVersion: 2.19.0
+PackageVersion: 2.19.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
-PackageDownloadLocation: https://pypi.org/project/google-auth/2.19.0
+PackageDownloadLocation: https://pypi.org/project/google-auth/2.19.1
FilesAnalyzed: false
PackageHomePage: https://github.com/googleapis/google-auth-library-python
PackageLicenseDeclared: NOASSERTION
@@ -610,8 +609,8 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: google-auth declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.19.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.19.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.19.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.19.1:*:*:*:*:*:*:*
#####
PackageName: cachetools
@@ -729,18 +728,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:jinja2:3.1.2:*:*:*:*:*:
PackageName: markupsafe
SPDXID: SPDXRef-Package-45-markupsafe
-PackageVersion: 2.1.2
+PackageVersion: 2.1.3
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Armin Ronacher (armin.ronacher@active-4.com)
-PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.2
+PackageSupplier: NOASSERTION
+PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.3
FilesAnalyzed: false
PackageHomePage: https://palletsprojects.com/p/markupsafe/
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: Safely add untrusted strings to HTML/XML markup.
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markupsafe@2.1.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_ronacher:markupsafe:2.1.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markupsafe@2.1.3
#####
PackageName: jsonschema
@@ -889,8 +887,25 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@8.2.2
ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.2:*:*:*:*:*:*:*
#####
+PackageName: python-gnupg
+SPDXID: SPDXRef-Package-55-python-gnupg
+PackageVersion: 0.5.0
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
+PackageDownloadLocation: https://pypi.org/project/python-gnupg/0.5.0
+FilesAnalyzed: false
+PackageHomePage: https://github.com/vsajip/python-gnupg
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: BSD-3-Clause
+PackageLicenseComments: python-gnupg declares BSD which is not currently a valid SPDX License identifier or expression.
+PackageCopyrightText: NOASSERTION
+PackageSummary: A wrapper for the Gnu Privacy Guard (GPG or GnuPG)
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/python-gnupg@0.5.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.0:*:*:*:*:*:*:*
+#####
+
PackageName: requests
-SPDXID: SPDXRef-Package-55-requests
+SPDXID: SPDXRef-Package-56-requests
PackageVersion: 2.31.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -907,7 +922,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.31.0:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-Package-56-certifi
+SPDXID: SPDXRef-Package-57-certifi
PackageVersion: 2023.5.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -923,23 +938,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*
#####
PackageName: rich
-SPDXID: SPDXRef-Package-57-rich
-PackageVersion: 13.3.5
+SPDXID: SPDXRef-Package-58-rich
+PackageVersion: 13.4.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/rich/13.3.5
+PackageDownloadLocation: https://pypi.org/project/rich/13.4.1
FilesAnalyzed: false
PackageHomePage: https://github.com/Textualize/rich
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.3.5
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.3.5:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.4.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.4.1:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
-SPDXID: SPDXRef-Package-58-markdown-it-py
+SPDXID: SPDXRef-Package-59-markdown-it-py
PackageVersion: 2.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
@@ -954,7 +969,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:
#####
PackageName: mdurl
-SPDXID: SPDXRef-Package-59-mdurl
+SPDXID: SPDXRef-Package-60-mdurl
PackageVersion: 0.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com)
@@ -969,7 +984,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
#####
PackageName: pygments
-SPDXID: SPDXRef-Package-60-pygments
+SPDXID: SPDXRef-Package-61-pygments
PackageVersion: 2.15.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Georg Brandl (georg@python.org)
@@ -984,22 +999,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.15.1:*:*:*:*:*
#####
PackageName: typing-extensions
-SPDXID: SPDXRef-Package-61-typing-extensions
-PackageVersion: 4.6.2
+SPDXID: SPDXRef-Package-62-typing-extensions
+PackageVersion: 4.6.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/typing_extensions/4.6.2
+PackageDownloadLocation: https://pypi.org/project/typing_extensions/4.6.3
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backported and Experimental Type Hints for Python 3.7+
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.6.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.6.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.6.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.6.3:*:*:*:*:*:*:*
#####
PackageName: rpmfile
-SPDXID: SPDXRef-Package-62-rpmfile
+SPDXID: SPDXRef-Package-63-rpmfile
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Sean Ross (srossross@gmail.com)
@@ -1015,7 +1030,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:1.1.1:*:*:*:*:*:*:*
#####
PackageName: toml
-SPDXID: SPDXRef-Package-63-toml
+SPDXID: SPDXRef-Package-64-toml
PackageVersion: 0.10.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: William Pearson (uiri@xqz.ca)
@@ -1031,7 +1046,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
#####
PackageName: xmlschema
-SPDXID: SPDXRef-Package-64-xmlschema
+SPDXID: SPDXRef-Package-65-xmlschema
PackageVersion: 2.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1047,7 +1062,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.3.0:*:*:*:*
#####
PackageName: elementpath
-SPDXID: SPDXRef-Package-65-elementpath
+SPDXID: SPDXRef-Package-66-elementpath
PackageVersion: 4.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1063,7 +1078,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.1.2:*:*:*
#####
PackageName: zstandard
-SPDXID: SPDXRef-Package-66-zstandard
+SPDXID: SPDXRef-Package-67-zstandard
PackageVersion: 0.21.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com)
@@ -1095,12 +1110,13 @@ Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-49-lib4s
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-pyyaml
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-packaging
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-plotly
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-requests
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-rich
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-rpmfile
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-63-toml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-xmlschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-66-zstandard
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-python-gnupg
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-requests
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-58-rich
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-63-rpmfile
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-64-toml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-65-xmlschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-67-zstandard
Relationship: SPDXRef-Package-11-beautifulsoup4 DEPENDS_ON SPDXRef-Package-12-soupsieve
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-17-argcomplete
Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-18-crcmod
@@ -1164,14 +1180,14 @@ Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-51-semantic
Relationship: SPDXRef-Package-52-packaging DEPENDS_ON SPDXRef-Package-26-pyparsing
Relationship: SPDXRef-Package-53-plotly DEPENDS_ON SPDXRef-Package-52-packaging
Relationship: SPDXRef-Package-53-plotly DEPENDS_ON SPDXRef-Package-54-tenacity
-Relationship: SPDXRef-Package-55-requests DEPENDS_ON SPDXRef-Package-10-idna
-Relationship: SPDXRef-Package-55-requests DEPENDS_ON SPDXRef-Package-39-urllib3
-Relationship: SPDXRef-Package-55-requests DEPENDS_ON SPDXRef-Package-56-certifi
-Relationship: SPDXRef-Package-55-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
-Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-58-markdown-it-py
-Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-60-pygments
-Relationship: SPDXRef-Package-57-rich DEPENDS_ON SPDXRef-Package-61-typing-extensions
-Relationship: SPDXRef-Package-58-markdown-it-py DEPENDS_ON SPDXRef-Package-59-mdurl
-Relationship: SPDXRef-Package-64-xmlschema DEPENDS_ON SPDXRef-Package-65-elementpath
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-10-idna
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-39-urllib3
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-57-certifi
+Relationship: SPDXRef-Package-56-requests DEPENDS_ON SPDXRef-Package-7-charset-normalizer
+Relationship: SPDXRef-Package-58-rich DEPENDS_ON SPDXRef-Package-59-markdown-it-py
+Relationship: SPDXRef-Package-58-rich DEPENDS_ON SPDXRef-Package-61-pygments
+Relationship: SPDXRef-Package-58-rich DEPENDS_ON SPDXRef-Package-62-typing-extensions
+Relationship: SPDXRef-Package-59-markdown-it-py DEPENDS_ON SPDXRef-Package-60-mdurl
+Relationship: SPDXRef-Package-65-xmlschema DEPENDS_ON SPDXRef-Package-66-elementpath
Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-10-idna
Relationship: SPDXRef-Package-9-yarl DEPENDS_ON SPDXRef-Package-8-multidict