diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index 40d4815291..3f096fea3b 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
- "serialNumber": "urn:uuid7d8c87ee-5c93-48a0-8c3b-b1ae51633100",
+ "serialNumber": "urn:uuidded89e98-707e-49c9-9c62-8d231861f94c",
"version": 1,
"metadata": {
- "timestamp": "2023-06-05T00:29:14Z",
+ "timestamp": "2023-06-19T00:29:32Z",
"tools": [
{
"name": "sbom4python",
@@ -590,7 +590,7 @@
"type": "library",
"bom-ref": "17-argcomplete",
"name": "argcomplete",
- "version": "3.0.8",
+ "version": "3.1.1",
"supplier": {
"name": "Andrey Kislyuk",
"contact": [
@@ -599,7 +599,7 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.0.8:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.1.1:*:*:*:*:*:*:*",
"description": "Bash tab completion for argparse",
"licenses": [
{
@@ -616,12 +616,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/argcomplete/3.0.8",
+ "url": "https://pypi.org/project/argcomplete/3.1.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/argcomplete@3.0.8",
+ "purl": "pkg:pypi/argcomplete@3.1.1",
"properties": [
{
"name": "License Comments",
@@ -948,7 +948,7 @@
"type": "library",
"bom-ref": "26-pyparsing",
"name": "pyparsing",
- "version": "3.0.9",
+ "version": "3.1.0",
"supplier": {
"name": "Paul McGuire",
"contact": [
@@ -957,16 +957,16 @@
}
]
},
- "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.0.9:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.0:*:*:*:*:*:*:*",
"description": "pyparsing module - Classes and methods to define and execute parsing grammars",
"externalReferences": [
{
- "url": "https://pypi.org/project/pyparsing/3.0.9",
+ "url": "https://pypi.org/project/pyparsing/3.1.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyparsing@3.0.9"
+ "purl": "pkg:pypi/pyparsing@3.1.0"
},
{
"type": "library",
@@ -1372,7 +1372,7 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
- "version": "2.19.1",
+ "version": "2.20.0",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
@@ -1381,7 +1381,7 @@
}
]
},
- "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.19.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.20.0:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
@@ -1398,12 +1398,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/google-auth/2.19.1",
+ "url": "https://pypi.org/project/google-auth/2.20.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/google-auth@2.19.1",
+ "purl": "pkg:pypi/google-auth@2.20.0",
"properties": [
{
"name": "License Comments",
@@ -1820,7 +1820,7 @@
"type": "library",
"bom-ref": "49-plotly",
"name": "plotly",
- "version": "5.14.1",
+ "version": "5.15.0",
"supplier": {
"name": "Chris P",
"contact": [
@@ -1829,7 +1829,7 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:5.14.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:5.15.0:*:*:*:*:*:*:*",
"description": "An open-source, interactive data visualization library for Python",
"licenses": [
{
@@ -1846,12 +1846,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/plotly/5.14.1",
+ "url": "https://pypi.org/project/plotly/5.15.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/plotly@5.14.1"
+ "purl": "pkg:pypi/plotly@5.15.0"
},
{
"type": "library",
@@ -2023,7 +2023,7 @@
"type": "library",
"bom-ref": "54-rich",
"name": "rich",
- "version": "13.4.1",
+ "version": "13.4.2",
"supplier": {
"name": "Will McGugan",
"contact": [
@@ -2032,7 +2032,7 @@
}
]
},
- "cpe": "cpe:2.3:a:will_mcgugan:rich:13.4.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:will_mcgugan:rich:13.4.2:*:*:*:*:*:*:*",
"description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal",
"licenses": [
{
@@ -2049,18 +2049,18 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/rich/13.4.1",
+ "url": "https://pypi.org/project/rich/13.4.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/rich@13.4.1"
+ "purl": "pkg:pypi/rich@13.4.2"
},
{
"type": "library",
"bom-ref": "55-markdown-it-py",
"name": "markdown-it-py",
- "version": "2.2.0",
+ "version": "3.0.0",
"supplier": {
"name": "Chris Sewell",
"contact": [
@@ -2069,16 +2069,16 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*",
"description": "Python port of markdown-it. Markdown parsing, done right!",
"externalReferences": [
{
- "url": "https://pypi.org/project/markdown-it-py/2.2.0",
+ "url": "https://pypi.org/project/markdown-it-py/3.0.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/markdown-it-py@2.2.0"
+ "purl": "pkg:pypi/markdown-it-py@3.0.0"
},
{
"type": "library",
@@ -2214,7 +2214,7 @@
"type": "library",
"bom-ref": "60-xmlschema",
"name": "xmlschema",
- "version": "2.3.0",
+ "version": "2.3.1",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -2223,7 +2223,7 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:xmlschema:2.3.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:xmlschema:2.3.1:*:*:*:*:*:*:*",
"description": "An XML Schema validator and decoder",
"licenses": [
{
@@ -2240,18 +2240,18 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/xmlschema/2.3.0",
+ "url": "https://pypi.org/project/xmlschema/2.3.1",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/xmlschema@2.3.0"
+ "purl": "pkg:pypi/xmlschema@2.3.1"
},
{
"type": "library",
"bom-ref": "61-elementpath",
"name": "elementpath",
- "version": "4.1.2",
+ "version": "4.1.3",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -2260,7 +2260,7 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.1.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.1.3:*:*:*:*:*:*:*",
"description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
"licenses": [
{
@@ -2277,12 +2277,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/elementpath/4.1.2",
+ "url": "https://pypi.org/project/elementpath/4.1.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/elementpath@4.1.2"
+ "purl": "pkg:pypi/elementpath@4.1.3"
},
{
"type": "library",
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index a0f60c8544..a9608e10a6 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-c4fde1a5-cbfd-4a8a-88aa-bac5b95ef80d
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-cfe7889a-4271-4cc4-a7e9-f076946fb1e6
LicenseListVersion: 3.20
Creator: Tool: sbom4python-0.9.1
-Created: 2023-06-05T00:28:03Z
+Created: 2023-06-19T00:28:23Z
CreatorComment: This document has been automatically generated.
#####
@@ -269,10 +269,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.24:*:*:*:*:*:*:*
PackageName: argcomplete
SPDXID: SPDXRef-Package-17-argcomplete
-PackageVersion: 3.0.8
+PackageVersion: 3.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/argcomplete/3.0.8
+PackageDownloadLocation: https://pypi.org/project/argcomplete/3.1.1
FilesAnalyzed: false
PackageHomePage: https://github.com/kislyuk/argcomplete
PackageLicenseDeclared: NOASSERTION
@@ -280,8 +280,8 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: argcomplete declares Apache Software License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Bash tab completion for argparse
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@3.0.8
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.0.8:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@3.1.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.1.1:*:*:*:*:*:*:*
#####
PackageName: crcmod
@@ -418,17 +418,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*
PackageName: pyparsing
SPDXID: SPDXRef-Package-26-pyparsing
-PackageVersion: 3.0.9
+PackageVersion: 3.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyparsing/3.0.9
+PackageDownloadLocation: https://pypi.org/project/pyparsing/3.1.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: pyparsing module - Classes and methods to define and execute parsing grammars
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyparsing@3.0.9
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.0.9:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyparsing@3.1.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.0:*:*:*:*:*:*:*
#####
PackageName: oauth2client
@@ -598,10 +598,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
PackageName: google-auth
SPDXID: SPDXRef-Package-37-google-auth
-PackageVersion: 2.19.1
+PackageVersion: 2.20.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
-PackageDownloadLocation: https://pypi.org/project/google-auth/2.19.1
+PackageDownloadLocation: https://pypi.org/project/google-auth/2.20.0
FilesAnalyzed: false
PackageHomePage: https://github.com/googleapis/google-auth-library-python
PackageLicenseDeclared: NOASSERTION
@@ -609,8 +609,8 @@ PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: google-auth declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.19.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.19.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.20.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.20.0:*:*:*:*:*:*:*
#####
PackageName: cachetools
@@ -792,18 +792,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft_and_individual_contribut
PackageName: plotly
SPDXID: SPDXRef-Package-49-plotly
-PackageVersion: 5.14.1
+PackageVersion: 5.15.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/5.14.1
+PackageDownloadLocation: https://pypi.org/project/plotly/5.15.0
FilesAnalyzed: false
PackageHomePage: https://plotly.com/python/
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source, interactive data visualization library for Python
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.14.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.14.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.15.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.15.0:*:*:*:*:*:*:*
#####
PackageName: tenacity
@@ -875,33 +875,33 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*
PackageName: rich
SPDXID: SPDXRef-Package-54-rich
-PackageVersion: 13.4.1
+PackageVersion: 13.4.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/rich/13.4.1
+PackageDownloadLocation: https://pypi.org/project/rich/13.4.2
FilesAnalyzed: false
PackageHomePage: https://github.com/Textualize/rich
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.4.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.4.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.4.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.4.2:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
SPDXID: SPDXRef-Package-55-markdown-it-py
-PackageVersion: 2.2.0
+PackageVersion: 3.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
-PackageDownloadLocation: https://pypi.org/project/markdown-it-py/2.2.0
+PackageDownloadLocation: https://pypi.org/project/markdown-it-py/3.0.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Python port of markdown-it. Markdown parsing, done right!
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@2.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markdown-it-py@3.0.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
#####
PackageName: mdurl
@@ -968,34 +968,34 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
PackageName: xmlschema
SPDXID: SPDXRef-Package-60-xmlschema
-PackageVersion: 2.3.0
+PackageVersion: 2.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/xmlschema/2.3.0
+PackageDownloadLocation: https://pypi.org/project/xmlschema/2.3.1
FilesAnalyzed: false
PackageHomePage: https://github.com/sissaschool/xmlschema
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An XML Schema validator and decoder
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.3.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.3.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@2.3.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:2.3.1:*:*:*:*:*:*:*
#####
PackageName: elementpath
SPDXID: SPDXRef-Package-61-elementpath
-PackageVersion: 4.1.2
+PackageVersion: 4.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/elementpath/4.1.2
+PackageDownloadLocation: https://pypi.org/project/elementpath/4.1.3
FilesAnalyzed: false
PackageHomePage: https://github.com/sissaschool/elementpath
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.1.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.1.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.1.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.1.3:*:*:*:*:*:*:*
#####
PackageName: zstandard