diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json
index 1c095c012f..a5160361e6 100644
--- a/sbom/cve-bin-tool-py3.8.json
+++ b/sbom/cve-bin-tool-py3.8.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.5",
- "serialNumber": "urn:uuid:fd3f7700-8c38-4819-b9f7-e36b563a77c9",
+ "serialNumber": "urn:uuid:e16169b7-f104-4782-8d4e-16d6178d75ef",
"version": 1,
"metadata": {
- "timestamp": "2024-03-04T00:28:27Z",
+ "timestamp": "2024-03-11T00:28:18Z",
"tools": {
"components": [
{
@@ -596,7 +596,49 @@
},
{
"type": "library",
- "bom-ref": "15-gsutil",
+ "bom-ref": "15-filetype",
+ "name": "filetype",
+ "version": "1.2.0",
+ "supplier": {
+ "name": "Tomas Aparicio",
+ "contact": [
+ {
+ "email": "tomas@aparicio.me"
+ }
+ ]
+ },
+ "cpe": "cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*",
+ "description": "Infer file type and MIME type of any file/buffer. No external dependencies.",
+ "licenses": [
+ {
+ "license": {
+ "id": "MIT",
+ "url": "https://opensource.org/licenses/MIT"
+ }
+ }
+ ],
+ "externalReferences": [
+ {
+ "url": "https://pypi.org/project/filetype/1.2.0",
+ "type": "distribution",
+ "comment": "Download location for component"
+ }
+ ],
+ "purl": "pkg:pypi/filetype@1.2.0",
+ "properties": [
+ {
+ "name": "language",
+ "value": "Python"
+ },
+ {
+ "name": "python_version",
+ "value": "3.8.18"
+ }
+ ]
+ },
+ {
+ "type": "library",
+ "bom-ref": "16-gsutil",
"name": "gsutil",
"version": "5.27",
"supplier": {
@@ -642,9 +684,9 @@
},
{
"type": "library",
- "bom-ref": "16-argcomplete",
+ "bom-ref": "17-argcomplete",
"name": "argcomplete",
- "version": "3.2.2",
+ "version": "3.2.3",
"supplier": {
"name": "Andrey Kislyuk",
"contact": [
@@ -653,7 +695,7 @@
}
]
},
- "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.2.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.2.3:*:*:*:*:*:*:*",
"description": "Bash tab completion for argparse",
"licenses": [
{
@@ -665,12 +707,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/argcomplete/3.2.2",
+ "url": "https://pypi.org/project/argcomplete/3.2.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/argcomplete@3.2.2",
+ "purl": "pkg:pypi/argcomplete@3.2.3",
"properties": [
{
"name": "language",
@@ -688,7 +730,7 @@
},
{
"type": "library",
- "bom-ref": "17-crcmod",
+ "bom-ref": "18-crcmod",
"name": "crcmod",
"version": "1.7",
"supplier": {
@@ -730,7 +772,7 @@
},
{
"type": "library",
- "bom-ref": "18-fasteners",
+ "bom-ref": "19-fasteners",
"name": "fasteners",
"version": "0.19",
"supplier": {
@@ -767,7 +809,7 @@
},
{
"type": "library",
- "bom-ref": "19-gcs-oauth2-boto-plugin",
+ "bom-ref": "20-gcs-oauth2-boto-plugin",
"name": "gcs-oauth2-boto-plugin",
"version": "3.0",
"supplier": {
@@ -813,7 +855,7 @@
},
{
"type": "library",
- "bom-ref": "20-boto",
+ "bom-ref": "21-boto",
"name": "boto",
"version": "2.49.0",
"supplier": {
@@ -855,7 +897,7 @@
},
{
"type": "library",
- "bom-ref": "21-google-reauth",
+ "bom-ref": "22-google-reauth",
"name": "google-reauth",
"version": "0.1.1",
"supplier": {
@@ -901,7 +943,7 @@
},
{
"type": "library",
- "bom-ref": "22-pyu2f",
+ "bom-ref": "23-pyu2f",
"name": "pyu2f",
"version": "0.1.5",
"supplier": {
@@ -947,7 +989,7 @@
},
{
"type": "library",
- "bom-ref": "23-six",
+ "bom-ref": "24-six",
"name": "six",
"version": "1.16.0",
"supplier": {
@@ -989,7 +1031,7 @@
},
{
"type": "library",
- "bom-ref": "24-httplib2",
+ "bom-ref": "25-httplib2",
"name": "httplib2",
"version": "0.20.4",
"supplier": {
@@ -1031,9 +1073,9 @@
},
{
"type": "library",
- "bom-ref": "25-pyparsing",
+ "bom-ref": "26-pyparsing",
"name": "pyparsing",
- "version": "3.1.1",
+ "version": "3.1.2",
"supplier": {
"name": "Paul McGuire",
"contact": [
@@ -1042,16 +1084,16 @@
}
]
},
- "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:paul_mcguire:pyparsing:3.1.2:*:*:*:*:*:*:*",
"description": "pyparsing module - Classes and methods to define and execute parsing grammars",
"externalReferences": [
{
- "url": "https://pypi.org/project/pyparsing/3.1.1",
+ "url": "https://pypi.org/project/pyparsing/3.1.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyparsing@3.1.1",
+ "purl": "pkg:pypi/pyparsing@3.1.2",
"properties": [
{
"name": "language",
@@ -1065,7 +1107,7 @@
},
{
"type": "library",
- "bom-ref": "26-oauth2client",
+ "bom-ref": "27-oauth2client",
"name": "oauth2client",
"version": "4.1.3",
"supplier": {
@@ -1111,7 +1153,7 @@
},
{
"type": "library",
- "bom-ref": "27-pyasn1",
+ "bom-ref": "28-pyasn1",
"name": "pyasn1",
"version": "0.5.1",
"supplier": {
@@ -1153,7 +1195,7 @@
},
{
"type": "library",
- "bom-ref": "28-pyasn1-modules",
+ "bom-ref": "29-pyasn1-modules",
"name": "pyasn1-modules",
"version": "0.3.0",
"supplier": {
@@ -1199,7 +1241,7 @@
},
{
"type": "library",
- "bom-ref": "29-rsa",
+ "bom-ref": "30-rsa",
"name": "rsa",
"version": "4.7.2",
"supplier": {
@@ -1245,9 +1287,9 @@
},
{
"type": "library",
- "bom-ref": "30-pyopenssl",
+ "bom-ref": "31-pyopenssl",
"name": "pyopenssl",
- "version": "24.0.0",
+ "version": "24.1.0",
"supplier": {
"name": "The pyOpenSSL developers",
"contact": [
@@ -1256,7 +1298,7 @@
}
]
},
- "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.0.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.1.0:*:*:*:*:*:*:*",
"description": "Python wrapper module around the OpenSSL library",
"licenses": [
{
@@ -1268,12 +1310,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/pyOpenSSL/24.0.0",
+ "url": "https://pypi.org/project/pyOpenSSL/24.1.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/pyopenssl@24.0.0",
+ "purl": "pkg:pypi/pyopenssl@24.1.0",
"properties": [
{
"name": "language",
@@ -1291,7 +1333,7 @@
},
{
"type": "library",
- "bom-ref": "31-cryptography",
+ "bom-ref": "32-cryptography",
"name": "cryptography",
"version": "42.0.5",
"supplier": {
@@ -1330,7 +1372,7 @@
},
{
"type": "library",
- "bom-ref": "32-cffi",
+ "bom-ref": "33-cffi",
"name": "cffi",
"version": "1.16.0",
"supplier": {
@@ -1372,7 +1414,7 @@
},
{
"type": "library",
- "bom-ref": "33-pycparser",
+ "bom-ref": "34-pycparser",
"name": "pycparser",
"version": "2.21",
"supplier": {
@@ -1418,7 +1460,7 @@
},
{
"type": "library",
- "bom-ref": "34-retry-decorator",
+ "bom-ref": "35-retry-decorator",
"name": "retry-decorator",
"version": "1.1.1",
"supplier": {
@@ -1460,7 +1502,7 @@
},
{
"type": "library",
- "bom-ref": "35-google-apitools",
+ "bom-ref": "36-google-apitools",
"name": "google-apitools",
"version": "0.5.32",
"supplier": {
@@ -1506,9 +1548,9 @@
},
{
"type": "library",
- "bom-ref": "36-google-auth",
+ "bom-ref": "37-google-auth",
"name": "google-auth",
- "version": "2.28.1",
+ "version": "2.28.2",
"supplier": {
"name": "Google Cloud Platform",
"contact": [
@@ -1517,7 +1559,7 @@
}
]
},
- "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.28.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:google_cloud_platform:google-auth:2.28.2:*:*:*:*:*:*:*",
"description": "Google Authentication Library",
"licenses": [
{
@@ -1529,12 +1571,12 @@
],
"externalReferences": [
{
- "url": "https://pypi.org/project/google-auth/2.28.1",
+ "url": "https://pypi.org/project/google-auth/2.28.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/google-auth@2.28.1",
+ "purl": "pkg:pypi/google-auth@2.28.2",
"properties": [
{
"name": "language",
@@ -1552,7 +1594,7 @@
},
{
"type": "library",
- "bom-ref": "37-cachetools",
+ "bom-ref": "38-cachetools",
"name": "cachetools",
"version": "5.3.3",
"supplier": {
@@ -1594,7 +1636,7 @@
},
{
"type": "library",
- "bom-ref": "38-monotonic",
+ "bom-ref": "39-monotonic",
"name": "monotonic",
"version": "1.6",
"supplier": {
@@ -1640,9 +1682,9 @@
},
{
"type": "library",
- "bom-ref": "39-importlib-metadata",
+ "bom-ref": "40-importlib-metadata",
"name": "importlib-metadata",
- "version": "7.0.1",
+ "version": "7.0.2",
"supplier": {
"name": "Jason R . Coombs",
"contact": [
@@ -1651,16 +1693,16 @@
}
]
},
- "cpe": "cpe:2.3:a:jason_r._coombs:importlib-metadata:7.0.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r._coombs:importlib-metadata:7.0.2:*:*:*:*:*:*:*",
"description": "Read metadata from Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/importlib-metadata/7.0.1",
+ "url": "https://pypi.org/project/importlib_metadata/7.0.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/importlib-metadata@7.0.1",
+ "purl": "pkg:pypi/importlib-metadata@7.0.2",
"properties": [
{
"name": "language",
@@ -1674,7 +1716,7 @@
},
{
"type": "library",
- "bom-ref": "40-zipp",
+ "bom-ref": "41-zipp",
"name": "zipp",
"version": "3.17.0",
"supplier": {
@@ -1708,9 +1750,9 @@
},
{
"type": "library",
- "bom-ref": "41-importlib-resources",
+ "bom-ref": "42-importlib-resources",
"name": "importlib-resources",
- "version": "6.1.2",
+ "version": "6.1.3",
"supplier": {
"name": "Barry Warsaw",
"contact": [
@@ -1719,16 +1761,16 @@
}
]
},
- "cpe": "cpe:2.3:a:barry_warsaw:importlib-resources:6.1.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:barry_warsaw:importlib-resources:6.1.3:*:*:*:*:*:*:*",
"description": "Read resources from Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/importlib_resources/6.1.2",
+ "url": "https://pypi.org/project/importlib_resources/6.1.3",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/importlib-resources@6.1.2",
+ "purl": "pkg:pypi/importlib-resources@6.1.3",
"properties": [
{
"name": "language",
@@ -1742,7 +1784,7 @@
},
{
"type": "library",
- "bom-ref": "42-jinja2",
+ "bom-ref": "43-jinja2",
"name": "jinja2",
"version": "3.1.3",
"description": "A very fast and expressive template engine.",
@@ -1775,7 +1817,7 @@
},
{
"type": "library",
- "bom-ref": "43-markupsafe",
+ "bom-ref": "44-markupsafe",
"name": "markupsafe",
"version": "2.1.5",
"description": "Safely add untrusted strings to HTML/XML markup.",
@@ -1808,7 +1850,7 @@
},
{
"type": "library",
- "bom-ref": "44-jsonschema",
+ "bom-ref": "45-jsonschema",
"name": "jsonschema",
"version": "4.21.1",
"supplier": {
@@ -1845,7 +1887,7 @@
},
{
"type": "library",
- "bom-ref": "45-jsonschema-specifications",
+ "bom-ref": "46-jsonschema-specifications",
"name": "jsonschema-specifications",
"version": "2023.12.1",
"supplier": {
@@ -1882,7 +1924,7 @@
},
{
"type": "library",
- "bom-ref": "46-referencing",
+ "bom-ref": "47-referencing",
"name": "referencing",
"version": "0.33.0",
"supplier": {
@@ -1919,7 +1961,7 @@
},
{
"type": "library",
- "bom-ref": "47-rpds-py",
+ "bom-ref": "48-rpds-py",
"name": "rpds-py",
"version": "0.18.0",
"supplier": {
@@ -1956,7 +1998,7 @@
},
{
"type": "library",
- "bom-ref": "48-pkgutil-resolve-name",
+ "bom-ref": "49-pkgutil-resolve-name",
"name": "pkgutil-resolve-name",
"version": "1.3.10",
"supplier": {
@@ -1990,7 +2032,7 @@
},
{
"type": "library",
- "bom-ref": "49-lib4sbom",
+ "bom-ref": "50-lib4sbom",
"name": "lib4sbom",
"version": "0.6.2",
"supplier": {
@@ -2032,7 +2074,7 @@
},
{
"type": "library",
- "bom-ref": "50-pyyaml",
+ "bom-ref": "51-pyyaml",
"name": "pyyaml",
"version": "6.0.1",
"supplier": {
@@ -2074,7 +2116,7 @@
},
{
"type": "library",
- "bom-ref": "51-semantic-version",
+ "bom-ref": "52-semantic-version",
"name": "semantic-version",
"version": "2.10.0",
"supplier": {
@@ -2120,7 +2162,7 @@
},
{
"type": "library",
- "bom-ref": "52-packageurl-python",
+ "bom-ref": "53-packageurl-python",
"name": "packageurl-python",
"version": "0.14.0",
"supplier": {
@@ -2157,9 +2199,9 @@
},
{
"type": "library",
- "bom-ref": "53-packaging",
+ "bom-ref": "54-packaging",
"name": "packaging",
- "version": "23.2",
+ "version": "24.0",
"supplier": {
"name": "Donald Stufft",
"contact": [
@@ -2168,16 +2210,16 @@
}
]
},
- "cpe": "cpe:2.3:a:donald_stufft:packaging:23.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:donald_stufft:packaging:24.0:*:*:*:*:*:*:*",
"description": "Core utilities for Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/packaging/23.2",
+ "url": "https://pypi.org/project/packaging/24.0",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/packaging@23.2",
+ "purl": "pkg:pypi/packaging@24.0",
"properties": [
{
"name": "language",
@@ -2191,7 +2233,7 @@
},
{
"type": "library",
- "bom-ref": "54-plotly",
+ "bom-ref": "55-plotly",
"name": "plotly",
"version": "5.19.0",
"supplier": {
@@ -2233,7 +2275,7 @@
},
{
"type": "library",
- "bom-ref": "55-tenacity",
+ "bom-ref": "56-tenacity",
"name": "tenacity",
"version": "8.2.3",
"supplier": {
@@ -2279,7 +2321,7 @@
},
{
"type": "library",
- "bom-ref": "56-python-gnupg",
+ "bom-ref": "57-python-gnupg",
"name": "python-gnupg",
"version": "0.5.2",
"supplier": {
@@ -2325,7 +2367,7 @@
},
{
"type": "library",
- "bom-ref": "57-requests",
+ "bom-ref": "58-requests",
"name": "requests",
"version": "2.31.0",
"supplier": {
@@ -2371,7 +2413,7 @@
},
{
"type": "library",
- "bom-ref": "58-certifi",
+ "bom-ref": "59-certifi",
"name": "certifi",
"version": "2024.2.2",
"supplier": {
@@ -2413,7 +2455,7 @@
},
{
"type": "library",
- "bom-ref": "59-charset-normalizer",
+ "bom-ref": "60-charset-normalizer",
"name": "charset-normalizer",
"version": "3.3.2",
"supplier": {
@@ -2455,7 +2497,7 @@
},
{
"type": "library",
- "bom-ref": "60-urllib3",
+ "bom-ref": "61-urllib3",
"name": "urllib3",
"version": "2.2.1",
"supplier": {
@@ -2489,7 +2531,7 @@
},
{
"type": "library",
- "bom-ref": "61-rich",
+ "bom-ref": "62-rich",
"name": "rich",
"version": "13.7.1",
"supplier": {
@@ -2531,7 +2573,7 @@
},
{
"type": "library",
- "bom-ref": "62-markdown-it-py",
+ "bom-ref": "63-markdown-it-py",
"name": "markdown-it-py",
"version": "3.0.0",
"supplier": {
@@ -2565,7 +2607,7 @@
},
{
"type": "library",
- "bom-ref": "63-mdurl",
+ "bom-ref": "64-mdurl",
"name": "mdurl",
"version": "0.1.2",
"supplier": {
@@ -2599,7 +2641,7 @@
},
{
"type": "library",
- "bom-ref": "64-pygments",
+ "bom-ref": "65-pygments",
"name": "pygments",
"version": "2.17.2",
"supplier": {
@@ -2641,7 +2683,7 @@
},
{
"type": "library",
- "bom-ref": "65-typing-extensions",
+ "bom-ref": "66-typing-extensions",
"name": "typing-extensions",
"version": "4.10.0",
"supplier": {
@@ -2675,7 +2717,7 @@
},
{
"type": "library",
- "bom-ref": "66-rpmfile",
+ "bom-ref": "67-rpmfile",
"name": "rpmfile",
"version": "2.0.0",
"supplier": {
@@ -2717,7 +2759,7 @@
},
{
"type": "library",
- "bom-ref": "67-toml",
+ "bom-ref": "68-toml",
"name": "toml",
"version": "0.10.2",
"supplier": {
@@ -2759,7 +2801,7 @@
},
{
"type": "library",
- "bom-ref": "68-xmlschema",
+ "bom-ref": "69-xmlschema",
"name": "xmlschema",
"version": "3.0.2",
"supplier": {
@@ -2801,7 +2843,7 @@
},
{
"type": "library",
- "bom-ref": "69-elementpath",
+ "bom-ref": "70-elementpath",
"name": "elementpath",
"version": "4.3.0",
"supplier": {
@@ -2843,7 +2885,7 @@
},
{
"type": "library",
- "bom-ref": "70-zstandard",
+ "bom-ref": "71-zstandard",
"name": "zstandard",
"version": "0.22.0",
"supplier": {
@@ -2903,24 +2945,25 @@
"12-cvss",
"13-defusedxml",
"14-distro",
- "15-gsutil",
- "39-importlib-metadata",
- "41-importlib-resources",
- "42-jinja2",
- "44-jsonschema",
- "49-lib4sbom",
- "52-packageurl-python",
- "53-packaging",
- "54-plotly",
- "56-python-gnupg",
- "50-pyyaml",
- "57-requests",
- "61-rich",
- "66-rpmfile",
- "67-toml",
- "60-urllib3",
- "68-xmlschema",
- "70-zstandard"
+ "15-filetype",
+ "16-gsutil",
+ "40-importlib-metadata",
+ "42-importlib-resources",
+ "43-jinja2",
+ "45-jsonschema",
+ "50-lib4sbom",
+ "53-packageurl-python",
+ "54-packaging",
+ "55-plotly",
+ "57-python-gnupg",
+ "51-pyyaml",
+ "58-requests",
+ "62-rich",
+ "67-rpmfile",
+ "68-toml",
+ "61-urllib3",
+ "69-xmlschema",
+ "71-zstandard"
]
},
{
@@ -2954,195 +2997,195 @@
]
},
{
- "ref": "15-gsutil",
+ "ref": "16-gsutil",
"dependsOn": [
- "16-argcomplete",
- "17-crcmod",
- "18-fasteners",
- "19-gcs-oauth2-boto-plugin",
- "35-google-apitools",
- "36-google-auth",
- "21-google-reauth",
- "24-httplib2",
- "38-monotonic",
- "30-pyopenssl",
- "34-retry-decorator",
- "23-six"
- ]
- },
- {
- "ref": "19-gcs-oauth2-boto-plugin",
+ "17-argcomplete",
+ "18-crcmod",
+ "19-fasteners",
+ "20-gcs-oauth2-boto-plugin",
+ "36-google-apitools",
+ "37-google-auth",
+ "22-google-reauth",
+ "25-httplib2",
+ "39-monotonic",
+ "31-pyopenssl",
+ "35-retry-decorator",
+ "24-six"
+ ]
+ },
+ {
+ "ref": "20-gcs-oauth2-boto-plugin",
"dependsOn": [
- "20-boto",
- "21-google-reauth",
- "24-httplib2",
- "26-oauth2client",
- "30-pyopenssl",
- "34-retry-decorator",
- "29-rsa",
- "23-six"
+ "21-boto",
+ "22-google-reauth",
+ "25-httplib2",
+ "27-oauth2client",
+ "31-pyopenssl",
+ "35-retry-decorator",
+ "30-rsa",
+ "24-six"
]
},
{
- "ref": "21-google-reauth",
+ "ref": "22-google-reauth",
"dependsOn": [
- "22-pyu2f"
+ "23-pyu2f"
]
},
{
- "ref": "22-pyu2f",
+ "ref": "23-pyu2f",
"dependsOn": [
- "23-six"
+ "24-six"
]
},
{
- "ref": "24-httplib2",
+ "ref": "25-httplib2",
"dependsOn": [
- "25-pyparsing"
+ "26-pyparsing"
]
},
{
- "ref": "26-oauth2client",
+ "ref": "27-oauth2client",
"dependsOn": [
- "24-httplib2",
- "27-pyasn1",
- "28-pyasn1-modules",
- "29-rsa",
- "23-six"
+ "25-httplib2",
+ "28-pyasn1",
+ "29-pyasn1-modules",
+ "30-rsa",
+ "24-six"
]
},
{
- "ref": "28-pyasn1-modules",
+ "ref": "29-pyasn1-modules",
"dependsOn": [
- "27-pyasn1"
+ "28-pyasn1"
]
},
{
- "ref": "29-rsa",
+ "ref": "30-rsa",
"dependsOn": [
- "27-pyasn1"
+ "28-pyasn1"
]
},
{
- "ref": "30-pyopenssl",
+ "ref": "31-pyopenssl",
"dependsOn": [
- "31-cryptography"
+ "32-cryptography"
]
},
{
- "ref": "31-cryptography",
+ "ref": "32-cryptography",
"dependsOn": [
- "32-cffi"
+ "33-cffi"
]
},
{
- "ref": "32-cffi",
+ "ref": "33-cffi",
"dependsOn": [
- "33-pycparser"
+ "34-pycparser"
]
},
{
- "ref": "35-google-apitools",
+ "ref": "36-google-apitools",
"dependsOn": [
- "18-fasteners",
- "24-httplib2",
- "26-oauth2client",
- "23-six"
+ "19-fasteners",
+ "25-httplib2",
+ "27-oauth2client",
+ "24-six"
]
},
{
- "ref": "36-google-auth",
+ "ref": "37-google-auth",
"dependsOn": [
- "37-cachetools",
- "28-pyasn1-modules",
- "29-rsa"
+ "38-cachetools",
+ "29-pyasn1-modules",
+ "30-rsa"
]
},
{
- "ref": "39-importlib-metadata",
+ "ref": "40-importlib-metadata",
"dependsOn": [
- "40-zipp"
+ "41-zipp"
]
},
{
- "ref": "41-importlib-resources",
+ "ref": "42-importlib-resources",
"dependsOn": [
- "40-zipp"
+ "41-zipp"
]
},
{
- "ref": "42-jinja2",
+ "ref": "43-jinja2",
"dependsOn": [
- "43-markupsafe"
+ "44-markupsafe"
]
},
{
- "ref": "44-jsonschema",
+ "ref": "45-jsonschema",
"dependsOn": [
"6-attrs",
- "41-importlib-resources",
- "45-jsonschema-specifications",
- "48-pkgutil-resolve-name",
- "46-referencing",
- "47-rpds-py"
+ "42-importlib-resources",
+ "46-jsonschema-specifications",
+ "49-pkgutil-resolve-name",
+ "47-referencing",
+ "48-rpds-py"
]
},
{
- "ref": "45-jsonschema-specifications",
+ "ref": "46-jsonschema-specifications",
"dependsOn": [
- "41-importlib-resources",
- "46-referencing"
+ "42-importlib-resources",
+ "47-referencing"
]
},
{
- "ref": "46-referencing",
+ "ref": "47-referencing",
"dependsOn": [
"6-attrs",
- "47-rpds-py"
+ "48-rpds-py"
]
},
{
- "ref": "49-lib4sbom",
+ "ref": "50-lib4sbom",
"dependsOn": [
"13-defusedxml",
- "50-pyyaml",
- "51-semantic-version"
+ "51-pyyaml",
+ "52-semantic-version"
]
},
{
- "ref": "54-plotly",
+ "ref": "55-plotly",
"dependsOn": [
- "53-packaging",
- "55-tenacity"
+ "54-packaging",
+ "56-tenacity"
]
},
{
- "ref": "57-requests",
+ "ref": "58-requests",
"dependsOn": [
- "58-certifi",
- "59-charset-normalizer",
+ "59-certifi",
+ "60-charset-normalizer",
"9-idna",
- "60-urllib3"
+ "61-urllib3"
]
},
{
- "ref": "61-rich",
+ "ref": "62-rich",
"dependsOn": [
- "62-markdown-it-py",
- "64-pygments",
- "65-typing-extensions"
+ "63-markdown-it-py",
+ "65-pygments",
+ "66-typing-extensions"
]
},
{
- "ref": "62-markdown-it-py",
+ "ref": "63-markdown-it-py",
"dependsOn": [
- "63-mdurl"
+ "64-mdurl"
]
},
{
- "ref": "68-xmlschema",
+ "ref": "69-xmlschema",
"dependsOn": [
- "69-elementpath"
+ "70-elementpath"
]
}
]
diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx
index ee6d1f257b..c592f9da32 100644
--- a/sbom/cve-bin-tool-py3.8.spdx
+++ b/sbom/cve-bin-tool-py3.8.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-3ad84c1a-1fc2-4000-8ebe-1d84d5df3436
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-1f257da6-f6cb-4cd8-8527-9c9177029396
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.10.3
-Created: 2024-03-04T00:26:23Z
+Created: 2024-03-11T00:26:22Z
CreatorComment: This document has been automatically generated.
#####
@@ -224,8 +224,23 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/distro@1.9.0
ExternalRef: SECURITY cpe23Type cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
#####
+PackageName: filetype
+SPDXID: SPDXRef-Package-15-filetype
+PackageVersion: 1.2.0
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Person: Tomas Aparicio (tomas@aparicio.me)
+PackageDownloadLocation: https://pypi.org/project/filetype/1.2.0
+FilesAnalyzed: false
+PackageLicenseDeclared: MIT
+PackageLicenseConcluded: MIT
+PackageCopyrightText: NOASSERTION
+PackageSummary: Infer file type and MIME type of any file/buffer. No external dependencies.
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/filetype@1.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+#####
+
PackageName: gsutil
-SPDXID: SPDXRef-Package-15-gsutil
+SPDXID: SPDXRef-Package-16-gsutil
PackageVersion: 5.27
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (buganizer-system+187143@google.com)
@@ -241,23 +256,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gsutil:5.27:*:*:*:*:*:*:*
#####
PackageName: argcomplete
-SPDXID: SPDXRef-Package-16-argcomplete
-PackageVersion: 3.2.2
+SPDXID: SPDXRef-Package-17-argcomplete
+PackageVersion: 3.2.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Kislyuk (kislyuk@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/argcomplete/3.2.2
+PackageDownloadLocation: https://pypi.org/project/argcomplete/3.2.3
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: argcomplete declares Apache Software License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Bash tab completion for argparse
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@3.2.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.2.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/argcomplete@3.2.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_kislyuk:argcomplete:3.2.3:*:*:*:*:*:*:*
#####
PackageName: crcmod
-SPDXID: SPDXRef-Package-17-crcmod
+SPDXID: SPDXRef-Package-18-crcmod
PackageVersion: 1.7
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ray Buvel (rlbuvel@gmail.com)
@@ -272,7 +287,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
#####
PackageName: fasteners
-SPDXID: SPDXRef-Package-18-fasteners
+SPDXID: SPDXRef-Package-19-fasteners
PackageVersion: 0.19
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joshua Harlow
@@ -287,7 +302,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*
#####
PackageName: gcs-oauth2-boto-plugin
-SPDXID: SPDXRef-Package-19-gcs-oauth2-boto-plugin
+SPDXID: SPDXRef-Package-20-gcs-oauth2-boto-plugin
PackageVersion: 3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (gs-team@google.com)
@@ -303,7 +318,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.0
#####
PackageName: boto
-SPDXID: SPDXRef-Package-20-boto
+SPDXID: SPDXRef-Package-21-boto
PackageVersion: 2.49.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Mitch Garnaat (mitch@garnaat.com)
@@ -318,7 +333,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:
#####
PackageName: google-reauth
-SPDXID: SPDXRef-Package-21-google-reauth
+SPDXID: SPDXRef-Package-22-google-reauth
PackageVersion: 0.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google (googleapis-publisher@google.com)
@@ -334,7 +349,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*
#####
PackageName: pyu2f
-SPDXID: SPDXRef-Package-22-pyu2f
+SPDXID: SPDXRef-Package-23-pyu2f
PackageVersion: 0.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (pyu2f-team@google.com)
@@ -350,7 +365,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
#####
PackageName: six
-SPDXID: SPDXRef-Package-23-six
+SPDXID: SPDXRef-Package-24-six
PackageVersion: 1.16.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Benjamin Peterson (benjamin@python.org)
@@ -365,7 +380,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*
#####
PackageName: httplib2
-SPDXID: SPDXRef-Package-24-httplib2
+SPDXID: SPDXRef-Package-25-httplib2
PackageVersion: 0.20.4
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Joe Gregorio (joe@bitworking.org)
@@ -380,22 +395,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*
#####
PackageName: pyparsing
-SPDXID: SPDXRef-Package-25-pyparsing
-PackageVersion: 3.1.1
+SPDXID: SPDXRef-Package-26-pyparsing
+PackageVersion: 3.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Paul McGuire (ptmcg.gm+pyparsing@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/pyparsing/3.1.1
+PackageDownloadLocation: https://pypi.org/project/pyparsing/3.1.2
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: pyparsing module - Classes and methods to define and execute parsing grammars
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyparsing@3.1.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyparsing@3.1.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:paul_mcguire:pyparsing:3.1.2:*:*:*:*:*:*:*
#####
PackageName: oauth2client
-SPDXID: SPDXRef-Package-26-oauth2client
+SPDXID: SPDXRef-Package-27-oauth2client
PackageVersion: 4.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Google Inc. (jonwayne+oauth2client@google.com)
@@ -411,7 +426,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*
#####
PackageName: pyasn1
-SPDXID: SPDXRef-Package-27-pyasn1
+SPDXID: SPDXRef-Package-28-pyasn1
PackageVersion: 0.5.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -426,7 +441,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1:0.5.1:*:*:*:*:*:*:
#####
PackageName: pyasn1-modules
-SPDXID: SPDXRef-Package-28-pyasn1-modules
+SPDXID: SPDXRef-Package-29-pyasn1-modules
PackageVersion: 0.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ilya Etingof (etingof@gmail.com)
@@ -442,7 +457,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ilya_etingof:pyasn1-modules:0.3.0:*:*:
#####
PackageName: rsa
-SPDXID: SPDXRef-Package-29-rsa
+SPDXID: SPDXRef-Package-30-rsa
PackageVersion: 4.7.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Sybren A. Stuvel (sybren@stuvel.eu)
@@ -458,23 +473,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*
#####
PackageName: pyopenssl
-SPDXID: SPDXRef-Package-30-pyopenssl
-PackageVersion: 24.0.0
+SPDXID: SPDXRef-Package-31-pyopenssl
+PackageVersion: 24.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The pyOpenSSL developers (cryptography-dev@python.org)
-PackageDownloadLocation: https://pypi.org/project/pyOpenSSL/24.0.0
+PackageDownloadLocation: https://pypi.org/project/pyOpenSSL/24.1.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: pyOpenSSL declares Apache License, Version 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Python wrapper module around the OpenSSL library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyopenssl@24.0.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.0.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/pyopenssl@24.1.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.1.0:*:*:*:*:*:*:*
#####
PackageName: cryptography
-SPDXID: SPDXRef-Package-31-cryptography
+SPDXID: SPDXRef-Package-32-cryptography
PackageVersion: 42.0.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
@@ -489,7 +504,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_python_cryptographic_authority_and
#####
PackageName: cffi
-SPDXID: SPDXRef-Package-32-cffi
+SPDXID: SPDXRef-Package-33-cffi
PackageVersion: 1.16.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Armin Maciej Fijalkowski (python-cffi@googlegroups.com)
@@ -504,7 +519,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.16.0:*
#####
PackageName: pycparser
-SPDXID: SPDXRef-Package-33-pycparser
+SPDXID: SPDXRef-Package-34-pycparser
PackageVersion: 2.21
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Eli Bendersky (eliben@gmail.com)
@@ -520,7 +535,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:eli_bendersky:pycparser:2.21:*:*:*:*:*
#####
PackageName: retry-decorator
-SPDXID: SPDXRef-Package-34-retry-decorator
+SPDXID: SPDXRef-Package-35-retry-decorator
PackageVersion: 1.1.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Patrick Ng (pn.appdev@gmail.com)
@@ -535,7 +550,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*
#####
PackageName: google-apitools
-SPDXID: SPDXRef-Package-35-google-apitools
+SPDXID: SPDXRef-Package-36-google-apitools
PackageVersion: 0.5.32
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Craig Citro (craigcitro@google.com)
@@ -551,23 +566,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*
#####
PackageName: google-auth
-SPDXID: SPDXRef-Package-36-google-auth
-PackageVersion: 2.28.1
+SPDXID: SPDXRef-Package-37-google-auth
+PackageVersion: 2.28.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Google Cloud Platform (googleapis-packages@google.com)
-PackageDownloadLocation: https://pypi.org/project/google-auth/2.28.1
+PackageDownloadLocation: https://pypi.org/project/google-auth/2.28.2
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: Apache-2.0
PackageLicenseComments: google-auth declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Google Authentication Library
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.28.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.28.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/google-auth@2.28.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.28.2:*:*:*:*:*:*:*
#####
PackageName: cachetools
-SPDXID: SPDXRef-Package-37-cachetools
+SPDXID: SPDXRef-Package-38-cachetools
PackageVersion: 5.3.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
@@ -582,7 +597,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.3.3:*:*:*:*
#####
PackageName: monotonic
-SPDXID: SPDXRef-Package-38-monotonic
+SPDXID: SPDXRef-Package-39-monotonic
PackageVersion: 1.6
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ori Livneh (ori@wikimedia.org)
@@ -598,22 +613,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
#####
PackageName: importlib-metadata
-SPDXID: SPDXRef-Package-39-importlib-metadata
-PackageVersion: 7.0.1
+SPDXID: SPDXRef-Package-40-importlib-metadata
+PackageVersion: 7.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/importlib-metadata/7.0.1
+PackageDownloadLocation: https://pypi.org/project/importlib_metadata/7.0.2
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Read metadata from Python packages
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-metadata@7.0.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:7.0.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-metadata@7.0.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:7.0.2:*:*:*:*:*:*:*
#####
PackageName: zipp
-SPDXID: SPDXRef-Package-40-zipp
+SPDXID: SPDXRef-Package-41-zipp
PackageVersion: 3.17.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
@@ -628,22 +643,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.17.0:*:*:*:*:*:
#####
PackageName: importlib-resources
-SPDXID: SPDXRef-Package-41-importlib-resources
-PackageVersion: 6.1.2
+SPDXID: SPDXRef-Package-42-importlib-resources
+PackageVersion: 6.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Barry Warsaw (barry@python.org)
-PackageDownloadLocation: https://pypi.org/project/importlib_resources/6.1.2
+PackageDownloadLocation: https://pypi.org/project/importlib_resources/6.1.3
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Read resources from Python packages
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-resources@6.1.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:barry_warsaw:importlib-resources:6.1.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/importlib-resources@6.1.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:barry_warsaw:importlib-resources:6.1.3:*:*:*:*:*:*:*
#####
PackageName: jinja2
-SPDXID: SPDXRef-Package-42-jinja2
+SPDXID: SPDXRef-Package-43-jinja2
PackageVersion: 3.1.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
@@ -657,7 +672,7 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/jinja2@3.1.3
#####
PackageName: markupsafe
-SPDXID: SPDXRef-Package-43-markupsafe
+SPDXID: SPDXRef-Package-44-markupsafe
PackageVersion: 2.1.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
@@ -671,7 +686,7 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/markupsafe@2.1.5
#####
PackageName: jsonschema
-SPDXID: SPDXRef-Package-44-jsonschema
+SPDXID: SPDXRef-Package-45-jsonschema
PackageVersion: 4.21.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -686,7 +701,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema:4.21.1:*:*:*:
#####
PackageName: jsonschema-specifications
-SPDXID: SPDXRef-Package-45-jsonschema-specifications
+SPDXID: SPDXRef-Package-46-jsonschema-specifications
PackageVersion: 2023.12.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -701,7 +716,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specification
#####
PackageName: referencing
-SPDXID: SPDXRef-Package-46-referencing
+SPDXID: SPDXRef-Package-47-referencing
PackageVersion: 0.33.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -716,7 +731,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.33.0:*:*:*
#####
PackageName: rpds-py
-SPDXID: SPDXRef-Package-47-rpds-py
+SPDXID: SPDXRef-Package-48-rpds-py
PackageVersion: 0.18.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman
@@ -731,7 +746,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.18.0:*:*:*:*:*
#####
PackageName: pkgutil-resolve-name
-SPDXID: SPDXRef-Package-48-pkgutil-resolve-name
+SPDXID: SPDXRef-Package-49-pkgutil-resolve-name
PackageVersion: 1.3.10
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
@@ -746,7 +761,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:pkgutil-resolve-name:1.3.1
#####
PackageName: lib4sbom
-SPDXID: SPDXRef-Package-49-lib4sbom
+SPDXID: SPDXRef-Package-50-lib4sbom
PackageVersion: 0.6.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
@@ -761,7 +776,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.6.2:*:*:*:
#####
PackageName: pyyaml
-SPDXID: SPDXRef-Package-50-pyyaml
+SPDXID: SPDXRef-Package-51-pyyaml
PackageVersion: 6.0.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kirill Simonov (xi@resolvent.net)
@@ -776,7 +791,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kirill_simonov:pyyaml:6.0.1:*:*:*:*:*:
#####
PackageName: semantic-version
-SPDXID: SPDXRef-Package-51-semantic-version
+SPDXID: SPDXRef-Package-52-semantic-version
PackageVersion: 2.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Raphael Barrois (raphael.barrois+semver@polytechnique.org)
@@ -792,7 +807,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
#####
PackageName: packageurl-python
-SPDXID: SPDXRef-Package-52-packageurl-python
+SPDXID: SPDXRef-Package-53-packageurl-python
PackageVersion: 0.14.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: the purl authors
@@ -807,22 +822,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.1
#####
PackageName: packaging
-SPDXID: SPDXRef-Package-53-packaging
-PackageVersion: 23.2
+SPDXID: SPDXRef-Package-54-packaging
+PackageVersion: 24.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Donald Stufft (donald@stufft.io)
-PackageDownloadLocation: https://pypi.org/project/packaging/23.2
+PackageDownloadLocation: https://pypi.org/project/packaging/24.0
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Core utilities for Python packages
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packaging@23.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:23.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packaging@24.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.0:*:*:*:*:*:*:*
#####
PackageName: plotly
-SPDXID: SPDXRef-Package-54-plotly
+SPDXID: SPDXRef-Package-55-plotly
PackageVersion: 5.19.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
@@ -837,7 +852,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.19.0:*:*:*:*:*:*:*
#####
PackageName: tenacity
-SPDXID: SPDXRef-Package-55-tenacity
+SPDXID: SPDXRef-Package-56-tenacity
PackageVersion: 8.2.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julien Danjou (julien@danjou.info)
@@ -853,7 +868,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.2.3:*:*:*:*:*
#####
PackageName: python-gnupg
-SPDXID: SPDXRef-Package-56-python-gnupg
+SPDXID: SPDXRef-Package-57-python-gnupg
PackageVersion: 0.5.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Vinay Sajip (vinay_sajip@yahoo.co.uk)
@@ -869,7 +884,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:vinay_sajip:python-gnupg:0.5.2:*:*:*:*
#####
PackageName: requests
-SPDXID: SPDXRef-Package-57-requests
+SPDXID: SPDXRef-Package-58-requests
PackageVersion: 2.31.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.org)
@@ -885,7 +900,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:requests:2.31.0:*:*:*:*:
#####
PackageName: certifi
-SPDXID: SPDXRef-Package-58-certifi
+SPDXID: SPDXRef-Package-59-certifi
PackageVersion: 2024.2.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
@@ -900,7 +915,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.2.2:*:*:*:*
#####
PackageName: charset-normalizer
-SPDXID: SPDXRef-Package-59-charset-normalizer
+SPDXID: SPDXRef-Package-60-charset-normalizer
PackageVersion: 3.3.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Ahmed TAHRI (ahmed.tahri@cloudnursery.dev)
@@ -915,7 +930,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:*
#####
PackageName: urllib3
-SPDXID: SPDXRef-Package-60-urllib3
+SPDXID: SPDXRef-Package-61-urllib3
PackageVersion: 2.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrey Petrov (andrey.petrov@shazow.net)
@@ -930,7 +945,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.1:*:*:*:*:*:
#####
PackageName: rich
-SPDXID: SPDXRef-Package-61-rich
+SPDXID: SPDXRef-Package-62-rich
PackageVersion: 13.7.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
@@ -945,7 +960,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.7.1:*:*:*:*:*:*:*
#####
PackageName: markdown-it-py
-SPDXID: SPDXRef-Package-62-markdown-it-py
+SPDXID: SPDXRef-Package-63-markdown-it-py
PackageVersion: 3.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris Sewell (chrisj_sewell@hotmail.com)
@@ -960,7 +975,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:
#####
PackageName: mdurl
-SPDXID: SPDXRef-Package-63-mdurl
+SPDXID: SPDXRef-Package-64-mdurl
PackageVersion: 0.1.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Taneli Hukkinen (hukkin@users.noreply.github.com)
@@ -975,7 +990,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:
#####
PackageName: pygments
-SPDXID: SPDXRef-Package-64-pygments
+SPDXID: SPDXRef-Package-65-pygments
PackageVersion: 2.17.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Georg Brandl (georg@python.org)
@@ -990,7 +1005,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.17.2:*:*:*:*:*
#####
PackageName: typing-extensions
-SPDXID: SPDXRef-Package-65-typing-extensions
+SPDXID: SPDXRef-Package-66-typing-extensions
PackageVersion: 4.10.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
@@ -1005,7 +1020,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-e
#####
PackageName: rpmfile
-SPDXID: SPDXRef-Package-66-rpmfile
+SPDXID: SPDXRef-Package-67-rpmfile
PackageVersion: 2.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Sean Ross (srossross@gmail.com)
@@ -1020,7 +1035,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.0.0:*:*:*:*:*:*:*
#####
PackageName: toml
-SPDXID: SPDXRef-Package-67-toml
+SPDXID: SPDXRef-Package-68-toml
PackageVersion: 0.10.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: William Pearson (uiri@xqz.ca)
@@ -1035,7 +1050,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
#####
PackageName: xmlschema
-SPDXID: SPDXRef-Package-68-xmlschema
+SPDXID: SPDXRef-Package-69-xmlschema
PackageVersion: 3.0.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1050,7 +1065,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.0.2:*:*:*:*
#####
PackageName: elementpath
-SPDXID: SPDXRef-Package-69-elementpath
+SPDXID: SPDXRef-Package-70-elementpath
PackageVersion: 4.3.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
@@ -1065,7 +1080,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.3.0:*:*:*
#####
PackageName: zstandard
-SPDXID: SPDXRef-Package-70-zstandard
+SPDXID: SPDXRef-Package-71-zstandard
PackageVersion: 0.22.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Gregory Szorc (gregory.szorc@gmail.com)
@@ -1085,99 +1100,100 @@ Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-10-beaut
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-12-cvss
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-13-defusedxml
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-14-distro
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-gsutil
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-15-filetype
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-16-gsutil
Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-2-aiohttp
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-39-importlib-metadata
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-41-importlib-resources
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-42-jinja2
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-44-jsonschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-49-lib4sbom
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-pyyaml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-52-packageurl-python
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-packaging
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-54-plotly
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-56-python-gnupg
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-requests
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-60-urllib3
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-rich
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-66-rpmfile
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-67-toml
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-xmlschema
-Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-70-zstandard
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-40-importlib-metadata
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-42-importlib-resources
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-43-jinja2
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-45-jsonschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-50-lib4sbom
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-51-pyyaml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-53-packageurl-python
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-54-packaging
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-55-plotly
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-57-python-gnupg
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-58-requests
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-61-urllib3
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-62-rich
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-67-rpmfile
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-68-toml
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-69-xmlschema
+Relationship: SPDXRef-Package-1-cve-bin-tool DEPENDS_ON SPDXRef-Package-71-zstandard
Relationship: SPDXRef-Package-10-beautifulsoup4 DEPENDS_ON SPDXRef-Package-11-soupsieve
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-16-argcomplete
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-17-crcmod
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-18-fasteners
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-19-gcs-oauth2-boto-plugin
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-21-google-reauth
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-23-six
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-24-httplib2
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-30-pyopenssl
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-34-retry-decorator
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-35-google-apitools
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-36-google-auth
-Relationship: SPDXRef-Package-15-gsutil DEPENDS_ON SPDXRef-Package-38-monotonic
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-20-boto
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-21-google-reauth
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-23-six
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-24-httplib2
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-26-oauth2client
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-29-rsa
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-pyopenssl
-Relationship: SPDXRef-Package-19-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-34-retry-decorator
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-17-argcomplete
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-18-crcmod
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-19-fasteners
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-20-gcs-oauth2-boto-plugin
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-22-google-reauth
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-24-six
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-25-httplib2
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-31-pyopenssl
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-35-retry-decorator
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-36-google-apitools
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-37-google-auth
+Relationship: SPDXRef-Package-16-gsutil DEPENDS_ON SPDXRef-Package-39-monotonic
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-3-aiosignal
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-4-frozenlist
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-5-async-timeout
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-6-attrs
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-7-multidict
Relationship: SPDXRef-Package-2-aiohttp DEPENDS_ON SPDXRef-Package-8-yarl
-Relationship: SPDXRef-Package-21-google-reauth DEPENDS_ON SPDXRef-Package-22-pyu2f
-Relationship: SPDXRef-Package-22-pyu2f DEPENDS_ON SPDXRef-Package-23-six
-Relationship: SPDXRef-Package-24-httplib2 DEPENDS_ON SPDXRef-Package-25-pyparsing
-Relationship: SPDXRef-Package-26-oauth2client DEPENDS_ON SPDXRef-Package-23-six
-Relationship: SPDXRef-Package-26-oauth2client DEPENDS_ON SPDXRef-Package-24-httplib2
-Relationship: SPDXRef-Package-26-oauth2client DEPENDS_ON SPDXRef-Package-27-pyasn1
-Relationship: SPDXRef-Package-26-oauth2client DEPENDS_ON SPDXRef-Package-28-pyasn1-modules
-Relationship: SPDXRef-Package-26-oauth2client DEPENDS_ON SPDXRef-Package-29-rsa
-Relationship: SPDXRef-Package-28-pyasn1-modules DEPENDS_ON SPDXRef-Package-27-pyasn1
-Relationship: SPDXRef-Package-29-rsa DEPENDS_ON SPDXRef-Package-27-pyasn1
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-21-boto
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-22-google-reauth
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-24-six
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-25-httplib2
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-27-oauth2client
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-30-rsa
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-31-pyopenssl
+Relationship: SPDXRef-Package-20-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-Package-35-retry-decorator
+Relationship: SPDXRef-Package-22-google-reauth DEPENDS_ON SPDXRef-Package-23-pyu2f
+Relationship: SPDXRef-Package-23-pyu2f DEPENDS_ON SPDXRef-Package-24-six
+Relationship: SPDXRef-Package-25-httplib2 DEPENDS_ON SPDXRef-Package-26-pyparsing
+Relationship: SPDXRef-Package-27-oauth2client DEPENDS_ON SPDXRef-Package-24-six
+Relationship: SPDXRef-Package-27-oauth2client DEPENDS_ON SPDXRef-Package-25-httplib2
+Relationship: SPDXRef-Package-27-oauth2client DEPENDS_ON SPDXRef-Package-28-pyasn1
+Relationship: SPDXRef-Package-27-oauth2client DEPENDS_ON SPDXRef-Package-29-pyasn1-modules
+Relationship: SPDXRef-Package-27-oauth2client DEPENDS_ON SPDXRef-Package-30-rsa
+Relationship: SPDXRef-Package-29-pyasn1-modules DEPENDS_ON SPDXRef-Package-28-pyasn1
Relationship: SPDXRef-Package-3-aiosignal DEPENDS_ON SPDXRef-Package-4-frozenlist
-Relationship: SPDXRef-Package-30-pyopenssl DEPENDS_ON SPDXRef-Package-31-cryptography
-Relationship: SPDXRef-Package-31-cryptography DEPENDS_ON SPDXRef-Package-32-cffi
-Relationship: SPDXRef-Package-32-cffi DEPENDS_ON SPDXRef-Package-33-pycparser
-Relationship: SPDXRef-Package-35-google-apitools DEPENDS_ON SPDXRef-Package-18-fasteners
-Relationship: SPDXRef-Package-35-google-apitools DEPENDS_ON SPDXRef-Package-23-six
-Relationship: SPDXRef-Package-35-google-apitools DEPENDS_ON SPDXRef-Package-24-httplib2
-Relationship: SPDXRef-Package-35-google-apitools DEPENDS_ON SPDXRef-Package-26-oauth2client
-Relationship: SPDXRef-Package-36-google-auth DEPENDS_ON SPDXRef-Package-28-pyasn1-modules
-Relationship: SPDXRef-Package-36-google-auth DEPENDS_ON SPDXRef-Package-29-rsa
-Relationship: SPDXRef-Package-36-google-auth DEPENDS_ON SPDXRef-Package-37-cachetools
-Relationship: SPDXRef-Package-39-importlib-metadata DEPENDS_ON SPDXRef-Package-40-zipp
-Relationship: SPDXRef-Package-41-importlib-resources DEPENDS_ON SPDXRef-Package-40-zipp
-Relationship: SPDXRef-Package-42-jinja2 DEPENDS_ON SPDXRef-Package-43-markupsafe
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-41-importlib-resources
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-45-jsonschema-specifications
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-46-referencing
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-47-rpds-py
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-48-pkgutil-resolve-name
-Relationship: SPDXRef-Package-44-jsonschema DEPENDS_ON SPDXRef-Package-6-attrs
-Relationship: SPDXRef-Package-45-jsonschema-specifications DEPENDS_ON SPDXRef-Package-41-importlib-resources
-Relationship: SPDXRef-Package-45-jsonschema-specifications DEPENDS_ON SPDXRef-Package-46-referencing
-Relationship: SPDXRef-Package-46-referencing DEPENDS_ON SPDXRef-Package-47-rpds-py
-Relationship: SPDXRef-Package-46-referencing DEPENDS_ON SPDXRef-Package-6-attrs
-Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-13-defusedxml
-Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-50-pyyaml
-Relationship: SPDXRef-Package-49-lib4sbom DEPENDS_ON SPDXRef-Package-51-semantic-version
-Relationship: SPDXRef-Package-54-plotly DEPENDS_ON SPDXRef-Package-53-packaging
-Relationship: SPDXRef-Package-54-plotly DEPENDS_ON SPDXRef-Package-55-tenacity
-Relationship: SPDXRef-Package-57-requests DEPENDS_ON SPDXRef-Package-58-certifi
-Relationship: SPDXRef-Package-57-requests DEPENDS_ON SPDXRef-Package-59-charset-normalizer
-Relationship: SPDXRef-Package-57-requests DEPENDS_ON SPDXRef-Package-60-urllib3
-Relationship: SPDXRef-Package-57-requests DEPENDS_ON SPDXRef-Package-9-idna
-Relationship: SPDXRef-Package-61-rich DEPENDS_ON SPDXRef-Package-62-markdown-it-py
-Relationship: SPDXRef-Package-61-rich DEPENDS_ON SPDXRef-Package-64-pygments
-Relationship: SPDXRef-Package-61-rich DEPENDS_ON SPDXRef-Package-65-typing-extensions
-Relationship: SPDXRef-Package-62-markdown-it-py DEPENDS_ON SPDXRef-Package-63-mdurl
-Relationship: SPDXRef-Package-68-xmlschema DEPENDS_ON SPDXRef-Package-69-elementpath
+Relationship: SPDXRef-Package-30-rsa DEPENDS_ON SPDXRef-Package-28-pyasn1
+Relationship: SPDXRef-Package-31-pyopenssl DEPENDS_ON SPDXRef-Package-32-cryptography
+Relationship: SPDXRef-Package-32-cryptography DEPENDS_ON SPDXRef-Package-33-cffi
+Relationship: SPDXRef-Package-33-cffi DEPENDS_ON SPDXRef-Package-34-pycparser
+Relationship: SPDXRef-Package-36-google-apitools DEPENDS_ON SPDXRef-Package-19-fasteners
+Relationship: SPDXRef-Package-36-google-apitools DEPENDS_ON SPDXRef-Package-24-six
+Relationship: SPDXRef-Package-36-google-apitools DEPENDS_ON SPDXRef-Package-25-httplib2
+Relationship: SPDXRef-Package-36-google-apitools DEPENDS_ON SPDXRef-Package-27-oauth2client
+Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-29-pyasn1-modules
+Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-30-rsa
+Relationship: SPDXRef-Package-37-google-auth DEPENDS_ON SPDXRef-Package-38-cachetools
+Relationship: SPDXRef-Package-40-importlib-metadata DEPENDS_ON SPDXRef-Package-41-zipp
+Relationship: SPDXRef-Package-42-importlib-resources DEPENDS_ON SPDXRef-Package-41-zipp
+Relationship: SPDXRef-Package-43-jinja2 DEPENDS_ON SPDXRef-Package-44-markupsafe
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-42-importlib-resources
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-46-jsonschema-specifications
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-47-referencing
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-48-rpds-py
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-49-pkgutil-resolve-name
+Relationship: SPDXRef-Package-45-jsonschema DEPENDS_ON SPDXRef-Package-6-attrs
+Relationship: SPDXRef-Package-46-jsonschema-specifications DEPENDS_ON SPDXRef-Package-42-importlib-resources
+Relationship: SPDXRef-Package-46-jsonschema-specifications DEPENDS_ON SPDXRef-Package-47-referencing
+Relationship: SPDXRef-Package-47-referencing DEPENDS_ON SPDXRef-Package-48-rpds-py
+Relationship: SPDXRef-Package-47-referencing DEPENDS_ON SPDXRef-Package-6-attrs
+Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-13-defusedxml
+Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-51-pyyaml
+Relationship: SPDXRef-Package-50-lib4sbom DEPENDS_ON SPDXRef-Package-52-semantic-version
+Relationship: SPDXRef-Package-55-plotly DEPENDS_ON SPDXRef-Package-54-packaging
+Relationship: SPDXRef-Package-55-plotly DEPENDS_ON SPDXRef-Package-56-tenacity
+Relationship: SPDXRef-Package-58-requests DEPENDS_ON SPDXRef-Package-59-certifi
+Relationship: SPDXRef-Package-58-requests DEPENDS_ON SPDXRef-Package-60-charset-normalizer
+Relationship: SPDXRef-Package-58-requests DEPENDS_ON SPDXRef-Package-61-urllib3
+Relationship: SPDXRef-Package-58-requests DEPENDS_ON SPDXRef-Package-9-idna
+Relationship: SPDXRef-Package-62-rich DEPENDS_ON SPDXRef-Package-63-markdown-it-py
+Relationship: SPDXRef-Package-62-rich DEPENDS_ON SPDXRef-Package-65-pygments
+Relationship: SPDXRef-Package-62-rich DEPENDS_ON SPDXRef-Package-66-typing-extensions
+Relationship: SPDXRef-Package-63-markdown-it-py DEPENDS_ON SPDXRef-Package-64-mdurl
+Relationship: SPDXRef-Package-69-xmlschema DEPENDS_ON SPDXRef-Package-70-elementpath
Relationship: SPDXRef-Package-8-yarl DEPENDS_ON SPDXRef-Package-7-multidict
Relationship: SPDXRef-Package-8-yarl DEPENDS_ON SPDXRef-Package-9-idna