Skip to content

Commit

Permalink
chore: update SBOM for Python 3.10
Browse files Browse the repository at this point in the history
  • Loading branch information
@web-flow
web-flow committed May 15, 2023
1 parent e19ee4b commit 70b921a
Show file tree
Hide file tree
Showing 2 changed files with 146 additions and 130 deletions.
156 changes: 85 additions & 71 deletions sbom/cve-bin-tool-py3.10.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuid673325fb-59a0-4fda-8de9-6892bbf3c65a",
"serialNumber": "urn:uuida3d53afb-2d70-4c03-9ecf-07b223bcbea4",
"version": 1,
"metadata": {
"timestamp": "2023-05-08T01:13:28Z",
"timestamp": "2023-05-15T00:31:35Z",
"tools": [
{
"name": "sbom4python",
Expand All @@ -23,7 +23,7 @@
"type": "application",
"bom-ref": "1-cve-bin-tool",
"name": "cve-bin-tool",
"version": "3.2.1.dev0",
"version": "3.2.1rc0",
"supplier": {
"name": "Terri Oda",
"contact": [
Expand All @@ -32,7 +32,7 @@
}
]
},
"cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1.dev0:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.2.1rc0:*:*:*:*:*:*:*",
"description": "CVE Binary Checker Tool",
"licenses": [
{
Expand All @@ -49,12 +49,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/cve-bin-tool/3.2.1.dev0",
"url": "https://pypi.org/project/cve-bin-tool/3.2.1rc0",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/cve-bin-tool@3.2.1.dev0"
"purl": "pkg:pypi/cve-bin-tool@3.2.1rc0"
},
{
"type": "library",
Expand Down Expand Up @@ -1377,7 +1377,7 @@
"type": "library",
"bom-ref": "37-google-auth",
"name": "google-auth",
"version": "2.17.3",
"version": "2.18.0",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
Expand All @@ -1386,7 +1386,7 @@
}
]
},
"cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.17.3:*:*:*:*:*:*:*",
"cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.18.0:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
Expand All @@ -1403,12 +1403,12 @@
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/google-auth/2.17.3",
"url": "https://pypi.org/project/google-auth/2.18.0",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/google-auth@2.17.3",
"purl": "pkg:pypi/google-auth@2.18.0",
"properties": [
{
"name": "License Comments",
Expand Down Expand Up @@ -1455,7 +1455,44 @@
},
{
"type": "library",
"bom-ref": "39-monotonic",
"bom-ref": "39-urllib3",
"name": "urllib3",
"version": "1.26.15",
"supplier": {
"name": "Andrey Petrov",
"contact": [
{
"email": "andrey.petrov@shazow.net"
}
]
},
"cpe": "cpe:2.3:a:andrey_petrov:urllib3:1.26.15:*:*:*:*:*:*:*",
"description": "HTTP library with thread-safe connection pooling, file post, and more.",
"licenses": [
{
"license": {
"id": "MIT",
"url": "https://opensource.org/licenses/MIT"
}
}
],
"externalReferences": [
{
"url": "https://urllib3.readthedocs.io/",
"type": "website",
"comment": "Home page for project"
},
{
"url": "https://pypi.org/project/urllib3/1.26.15",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/urllib3@1.26.15"
},
{
"type": "library",
"bom-ref": "40-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
Expand Down Expand Up @@ -1498,7 +1535,7 @@
},
{
"type": "library",
"bom-ref": "40-jinja2",
"bom-ref": "41-jinja2",
"name": "jinja2",
"version": "3.1.2",
"supplier": {
Expand Down Expand Up @@ -1535,7 +1572,7 @@
},
{
"type": "library",
"bom-ref": "41-markupsafe",
"bom-ref": "42-markupsafe",
"name": "markupsafe",
"version": "2.1.2",
"supplier": {
Expand Down Expand Up @@ -1572,7 +1609,7 @@
},
{
"type": "library",
"bom-ref": "42-jsonschema",
"bom-ref": "43-jsonschema",
"name": "jsonschema",
"version": "4.17.3",
"supplier": {
Expand All @@ -1599,7 +1636,7 @@
},
{
"type": "library",
"bom-ref": "43-pyrsistent",
"bom-ref": "44-pyrsistent",
"name": "pyrsistent",
"version": "0.19.3",
"supplier": {
Expand Down Expand Up @@ -1636,7 +1673,7 @@
},
{
"type": "library",
"bom-ref": "44-lib4sbom",
"bom-ref": "45-lib4sbom",
"name": "lib4sbom",
"version": "0.3.1",
"supplier": {
Expand Down Expand Up @@ -1673,7 +1710,7 @@
},
{
"type": "library",
"bom-ref": "45-pyyaml",
"bom-ref": "46-pyyaml",
"name": "pyyaml",
"version": "6.0",
"supplier": {
Expand Down Expand Up @@ -1710,7 +1747,7 @@
},
{
"type": "library",
"bom-ref": "46-semantic-version",
"bom-ref": "47-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
Expand Down Expand Up @@ -1753,7 +1790,7 @@
},
{
"type": "library",
"bom-ref": "47-packaging",
"bom-ref": "48-packaging",
"name": "packaging",
"version": "21.3",
"supplier": {
Expand Down Expand Up @@ -1795,7 +1832,7 @@
},
{
"type": "library",
"bom-ref": "48-plotly",
"bom-ref": "49-plotly",
"name": "plotly",
"version": "5.14.1",
"supplier": {
Expand Down Expand Up @@ -1832,7 +1869,7 @@
},
{
"type": "library",
"bom-ref": "49-tenacity",
"bom-ref": "50-tenacity",
"name": "tenacity",
"version": "8.2.2",
"supplier": {
Expand Down Expand Up @@ -1875,7 +1912,7 @@
},
{
"type": "library",
"bom-ref": "50-requests",
"bom-ref": "51-requests",
"name": "requests",
"version": "2.30.0",
"supplier": {
Expand Down Expand Up @@ -1918,7 +1955,7 @@
},
{
"type": "library",
"bom-ref": "51-certifi",
"bom-ref": "52-certifi",
"name": "certifi",
"version": "2023.5.7",
"supplier": {
Expand Down Expand Up @@ -1953,30 +1990,6 @@
],
"purl": "pkg:pypi/certifi@2023.5.7"
},
{
"type": "library",
"bom-ref": "52-urllib3",
"name": "urllib3",
"version": "2.0.2",
"supplier": {
"name": "Andrey Petrov",
"contact": [
{
"email": "andrey.petrov@shazow.net"
}
]
},
"cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.0.2:*:*:*:*:*:*:*",
"description": "HTTP library with thread-safe connection pooling, file post, and more.",
"externalReferences": [
{
"url": "https://pypi.org/project/urllib3/2.0.2",
"type": "distribution",
"comment": "Download location for component"
}
],
"purl": "pkg:pypi/urllib3@2.0.2"
},
{
"type": "library",
"bom-ref": "53-rich",
Expand Down Expand Up @@ -2302,17 +2315,17 @@
"14-defusedxml",
"15-distro",
"16-gsutil",
"40-jinja2",
"42-jsonschema",
"44-lib4sbom",
"47-packaging",
"48-plotly",
"45-pyyaml",
"50-requests",
"41-jinja2",
"43-jsonschema",
"45-lib4sbom",
"48-packaging",
"49-plotly",
"46-pyyaml",
"51-requests",
"53-rich",
"57-rpmfile",
"58-toml",
"52-urllib3",
"39-urllib3",
"59-xmlschema",
"61-zstandard"
]
Expand Down Expand Up @@ -2359,7 +2372,7 @@
"37-google-auth",
"22-google-reauth",
"25-httplib2",
"39-monotonic",
"40-monotonic",
"31-pyopenssl",
"35-retry-decorator",
"24-six"
Expand Down Expand Up @@ -2451,49 +2464,50 @@
"38-cachetools",
"29-pyasn1-modules",
"30-rsa",
"24-six"
"24-six",
"39-urllib3"
]
},
{
"ref": "40-jinja2",
"ref": "41-jinja2",
"dependsOn": [
"41-markupsafe"
"42-markupsafe"
]
},
{
"ref": "42-jsonschema",
"ref": "43-jsonschema",
"dependsOn": [
"6-attrs",
"43-pyrsistent"
"44-pyrsistent"
]
},
{
"ref": "44-lib4sbom",
"ref": "45-lib4sbom",
"dependsOn": [
"45-pyyaml",
"46-semantic-version"
"46-pyyaml",
"47-semantic-version"
]
},
{
"ref": "47-packaging",
"ref": "48-packaging",
"dependsOn": [
"26-pyparsing"
]
},
{
"ref": "48-plotly",
"ref": "49-plotly",
"dependsOn": [
"47-packaging",
"49-tenacity"
"48-packaging",
"50-tenacity"
]
},
{
"ref": "50-requests",
"ref": "51-requests",
"dependsOn": [
"51-certifi",
"52-certifi",
"7-charset-normalizer",
"10-idna",
"52-urllib3"
"39-urllib3"
]
},
{
Expand Down
Loading

0 comments on commit 70b921a

Please sign in to comment.