diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index e7087da983..daaa90ca86 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:17f70096-0b7b-431d-be85-859dff9fe279",
+ "serialNumber": "urn:uuid:1b8b2761-7ca6-4060-91ca-7f37128643a0",
"version": 1,
"metadata": {
- "timestamp": "2025-04-07T00:38:38Z",
+ "timestamp": "2025-04-14T00:41:12Z",
"lifecycles": [
{
"phase": "build"
@@ -81,7 +81,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -156,7 +156,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -225,7 +225,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -298,7 +298,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -383,7 +383,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -447,7 +447,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -455,7 +455,7 @@
"type": "library",
"bom-ref": "7-multidict",
"name": "multidict",
- "version": "6.3.2",
+ "version": "6.4.3",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -464,12 +464,12 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.3.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.4.3:*:*:*:*:*:*:*",
"description": "multidict implementation",
"hashes": [
{
"alg": "SHA-256",
- "content": "8b3dc0eec9304fa04d84a51ea13b0ec170bace5b7ddeaac748149efd316f1504"
+ "content": "32a998bd8a64ca48616eac5a8c1cc4fa38fb244a3facf2eeb14abe186e0f6cc5"
}
],
"licenses": [
@@ -488,7 +488,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/multidict/6.3.2/#files",
+ "url": "https://pypi.org/project/multidict/6.4.3/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -529,11 +529,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/multidict@6.3.2",
+ "purl": "pkg:pypi/multidict@6.4.3",
"properties": [
{
"name": "release_date",
- "value": "2025-04-03T19:41:19Z"
+ "value": "2025-04-10T22:17:32Z"
},
{
"name": "language",
@@ -541,7 +541,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -549,7 +549,7 @@
"type": "library",
"bom-ref": "8-typing-extensions",
"name": "typing-extensions",
- "version": "4.13.1",
+ "version": "4.13.2",
"supplier": {
"name": "Guido van Jukka ukasz Michael",
"contact": [
@@ -558,12 +558,12 @@
}
]
},
- "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.13.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.13.2:*:*:*:*:*:*:*",
"description": "Backported and Experimental Type Hints for Python 3.8+",
"hashes": [
{
"alg": "SHA-256",
- "content": "4b6cf02909eb5495cfbc3f6e8fd49217e6cc7944e145cdda8caa3734777f9e69"
+ "content": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c"
}
],
"externalReferences": [
@@ -573,7 +573,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/typing-extensions/4.13.1/#files",
+ "url": "https://pypi.org/project/typing-extensions/4.13.2/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -598,11 +598,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/typing-extensions@4.13.1",
+ "purl": "pkg:pypi/typing-extensions@4.13.2",
"properties": [
{
"name": "release_date",
- "value": "2025-04-03T16:11:19Z"
+ "value": "2025-04-10T14:19:03Z"
},
{
"name": "language",
@@ -610,7 +610,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -704,7 +704,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -798,7 +798,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -863,7 +863,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -925,7 +925,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -983,7 +983,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1057,7 +1057,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1115,7 +1115,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1173,7 +1173,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1231,7 +1231,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1289,7 +1289,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1363,7 +1363,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1421,7 +1421,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1474,7 +1474,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1532,7 +1532,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1590,7 +1590,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1664,7 +1664,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1722,7 +1722,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1780,7 +1780,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1838,7 +1838,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1896,7 +1896,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -1954,7 +1954,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2012,7 +2012,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2070,7 +2070,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2140,7 +2140,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2202,7 +2202,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2272,7 +2272,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2354,7 +2354,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2412,7 +2412,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2470,7 +2470,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2528,7 +2528,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2586,7 +2586,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2644,7 +2644,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2702,7 +2702,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2760,7 +2760,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2817,7 +2817,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2874,7 +2874,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2938,7 +2938,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -2993,7 +2993,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3075,7 +3075,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3153,7 +3153,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3226,7 +3226,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3308,7 +3308,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3366,7 +3366,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3444,7 +3444,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3502,7 +3502,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3560,7 +3560,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3618,7 +3618,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3671,7 +3671,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3733,7 +3733,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3795,7 +3795,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3853,7 +3853,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3927,7 +3927,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -3997,7 +3997,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4054,7 +4054,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4115,7 +4115,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4123,7 +4123,7 @@
"type": "library",
"bom-ref": "64-narwhals",
"name": "narwhals",
- "version": "1.33.0",
+ "version": "1.34.1",
"supplier": {
"name": "Marco Gorelli",
"contact": [
@@ -4132,8 +4132,14 @@
}
]
},
- "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.33.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.34.1:*:*:*:*:*:*:*",
"description": "Extremely lightweight compatibility layer between dataframe libraries",
+ "hashes": [
+ {
+ "alg": "SHA-256",
+ "content": "aee49a30d1624371ad975ede2bab16cd125ab5df0fd185e2f4757e103b074d27"
+ }
+ ],
"licenses": [
{
"license": {
@@ -4150,7 +4156,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/narwhals/1.33.0/#files",
+ "url": "https://pypi.org/project/narwhals/1.34.1/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4167,11 +4173,11 @@
"type": "issue-tracker"
}
],
- "purl": "pkg:pypi/narwhals@1.33.0",
+ "purl": "pkg:pypi/narwhals@1.34.1",
"properties": [
{
"name": "release_date",
- "value": "2025-03-17T15:02:18Z"
+ "value": "2025-04-09T09:03:39Z"
},
{
"name": "language",
@@ -4179,7 +4185,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4245,7 +4251,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4314,7 +4320,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4322,7 +4328,7 @@
"type": "library",
"bom-ref": "67-urllib3",
"name": "urllib3",
- "version": "2.3.0",
+ "version": "2.4.0",
"supplier": {
"name": "Andrey Petrov",
"contact": [
@@ -4331,26 +4337,17 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.3.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.4.0:*:*:*:*:*:*:*",
"description": "HTTP library with thread-safe connection pooling, file post, and more.",
"hashes": [
{
"alg": "SHA-256",
- "content": "1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "MIT",
- "url": "https://opensource.org/license/mit/",
- "acknowledgement": "concluded"
- }
+ "content": "4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/urllib3/2.3.0/#files",
+ "url": "https://pypi.org/project/urllib3/2.4.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4371,11 +4368,11 @@
"type": "issue-tracker"
}
],
- "purl": "pkg:pypi/urllib3@2.3.0",
+ "purl": "pkg:pypi/urllib3@2.4.0",
"properties": [
{
"name": "release_date",
- "value": "2024-12-22T07:47:28Z"
+ "value": "2025-04-10T15:23:37Z"
},
{
"name": "language",
@@ -4383,7 +4380,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4445,7 +4442,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4503,7 +4500,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4568,7 +4565,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4576,7 +4573,7 @@
"type": "library",
"bom-ref": "71-xmlschema",
"name": "xmlschema",
- "version": "3.4.5",
+ "version": "4.0.1",
"supplier": {
"name": "Davide Brunato",
"contact": [
@@ -4585,21 +4582,12 @@
}
]
},
- "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.4.5:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:davide_brunato:xmlschema:4.0.1:*:*:*:*:*:*:*",
"description": "An XML Schema validator and decoder",
"hashes": [
{
"alg": "SHA-256",
- "content": "c91a2fca387dc4e8a2f2cb4a411ed23bef9da539968e5d858a3fe7f76a65464e"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "MIT",
- "url": "https://opensource.org/license/mit/",
- "acknowledgement": "concluded"
- }
+ "content": "cf94d3380c5005fc027532ec4760b4bec414d6b4ead425285fa5bf8eb6c515c6"
}
],
"externalReferences": [
@@ -4609,16 +4597,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/xmlschema/3.4.5/#files",
+ "url": "https://pypi.org/project/xmlschema/4.0.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/xmlschema@3.4.5",
+ "purl": "pkg:pypi/xmlschema@4.0.1",
"properties": [
{
"name": "release_date",
- "value": "2025-03-22T07:56:15Z"
+ "value": "2025-04-13T20:41:21Z"
},
{
"name": "language",
@@ -4626,7 +4614,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4684,7 +4672,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
},
@@ -4742,7 +4730,7 @@
},
{
"name": "python_version",
- "value": "3.11.11"
+ "value": "3.11.12"
}
]
}
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index 0cc19e9266..6c177e3fd4 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-0e8865af-433e-4fd2-8386-9e9a5478fe45
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-8bc7e2b0-efe5-49ed-8c4e-975f521a7511
LicenseListVersion: 3.25
Creator: Tool: sbom4python-0.12.3
-Created: 2025-04-07T00:38:32Z
+Created: 2025-04-14T00:41:05Z
CreatorComment: This document has been automatically generated.
#####
@@ -147,19 +147,19 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:25.3.0:*:*:*:*:*
PackageName: multidict
SPDXID: SPDXRef-7-multidict
-PackageVersion: 6.3.2
+PackageVersion: 6.4.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/multidict/6.3.2/#files
+PackageDownloadLocation: https://pypi.org/project/multidict/6.4.3/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/multidict
-PackageChecksum: SHA256: 8b3dc0eec9304fa04d84a51ea13b0ec170bace5b7ddeaac748149efd316f1504
+PackageChecksum: SHA256: 32a998bd8a64ca48616eac5a8c1cc4fa38fb244a3facf2eeb14abe186e0f6cc5
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: multidict declares Apache 2 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: multidict implementation
-ReleaseDate: 2025-04-03T19:41:19Z
+ReleaseDate: 2025-04-10T22:17:32Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER build-system https://github.com/aio-libs/multidict/actions
@@ -169,31 +169,31 @@ ExternalRef: OTHER log https://multidict.aio-libs.org/en/latest/changes/
ExternalRef: OTHER other https://multidict.aio-libs.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/multidict/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/multidict
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/multidict@6.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/multidict@6.4.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.4.3:*:*:*:*:*:*:*
#####
PackageName: typing-extensions
SPDXID: SPDXRef-8-typing-extensions
-PackageVersion: 4.13.1
+PackageVersion: 4.13.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.13.1/#files
+PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.13.2/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/python/typing_extensions
-PackageChecksum: SHA256: 4b6cf02909eb5495cfbc3f6e8fd49217e6cc7944e145cdda8caa3734777f9e69
+PackageChecksum: SHA256: a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backported and Experimental Type Hints for Python 3.8+
-ReleaseDate: 2025-04-03T16:11:19Z
+ReleaseDate: 2025-04-10T14:19:03Z
ExternalRef: OTHER issue-tracker https://github.com/python/typing_extensions/issues
ExternalRef: OTHER log https://github.com/python/typing_extensions/blob/main/CHANGELOG.md
ExternalRef: OTHER documentation https://typing-extensions.readthedocs.io/
ExternalRef: OTHER other https://github.com/python/typing/discussions
ExternalRef: OTHER vcs https://github.com/python/typing_extensions
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.13.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.13.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/typing-extensions@4.13.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.13.2:*:*:*:*:*:*:*
#####
PackageName: propcache
@@ -1362,23 +1362,24 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.0.1:*:*:*:*:*:*:*
PackageName: narwhals
SPDXID: SPDXRef-64-narwhals
-PackageVersion: 1.33.0
+PackageVersion: 1.34.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Marco Gorelli (33491632+MarcoGorelli@users.noreply.github.com)
-PackageDownloadLocation: https://pypi.org/project/narwhals/1.33.0/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.34.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/narwhals-dev/narwhals
+PackageChecksum: SHA256: aee49a30d1624371ad975ede2bab16cd125ab5df0fd185e2f4757e103b074d27
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: narwhals declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Extremely lightweight compatibility layer between dataframe libraries
-ReleaseDate: 2025-03-17T15:02:18Z
+ReleaseDate: 2025-04-09T09:03:39Z
ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.33.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.33.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.34.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.34.1:*:*:*:*:*:*:*
#####
PackageName: requests
@@ -1424,24 +1425,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_r.:charset-normalizer:3.4.1:*:*:
PackageName: urllib3
SPDXID: SPDXRef-67-urllib3
-PackageVersion: 2.3.0
+PackageVersion: 2.4.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
-PackageDownloadLocation: https://pypi.org/project/urllib3/2.3.0/#files
+PackageDownloadLocation: https://pypi.org/project/urllib3/2.4.0/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: 1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df
+PackageChecksum: SHA256: 4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813
PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: MIT
-PackageLicenseComments: urllib3 declares MIT License which is not currently a valid SPDX License identifier or expression.
+PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: HTTP library with thread-safe connection pooling, file post, and more.
-ReleaseDate: 2024-12-22T07:47:28Z
+ReleaseDate: 2025-04-10T15:23:37Z
ExternalRef: OTHER log https://github.com/urllib3/urllib3/blob/main/CHANGES.rst
ExternalRef: OTHER documentation https://urllib3.readthedocs.io
ExternalRef: OTHER vcs https://github.com/urllib3/urllib3
ExternalRef: OTHER issue-tracker https://github.com/urllib3/urllib3/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/urllib3@2.3.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.3.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/urllib3@2.4.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.4.0:*:*:*:*:*:*:*
#####
PackageName: certifi
@@ -1504,20 +1504,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:
PackageName: xmlschema
SPDXID: SPDXRef-71-xmlschema
-PackageVersion: 3.4.5
+PackageVersion: 4.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/xmlschema/3.4.5/#files
+PackageDownloadLocation: https://pypi.org/project/xmlschema/4.0.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/sissaschool/xmlschema
-PackageChecksum: SHA256: c91a2fca387dc4e8a2f2cb4a411ed23bef9da539968e5d858a3fe7f76a65464e
-PackageLicenseDeclared: MIT
-PackageLicenseConcluded: MIT
+PackageChecksum: SHA256: cf94d3380c5005fc027532ec4760b4bec414d6b4ead425285fa5bf8eb6c515c6
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: An XML Schema validator and decoder
-ReleaseDate: 2025-03-22T07:56:15Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@3.4.5
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.4.5:*:*:*:*:*:*:*
+ReleaseDate: 2025-04-13T20:41:21Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/xmlschema@4.0.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:4.0.1:*:*:*:*:*:*:*
#####
PackageName: elementpath