chore: update SBOM for Python 3.8 (#4009)

github-actions[bot] · web-flow · web-flow · commit 3f4581607921 · 2024-04-08T14:04:52.000-07:00
Co-authored-by: GitHub &lt;noreply@github.com&gt;
diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:92d57349-21cb-4df6-8619-bf73673c69ad",
+  "serialNumber": "urn:uuid:5c954ebf-4bb9-4c1c-a196-01f5616d7939",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-04-01T00:29:58Z",
+    "timestamp": "2024-04-08T00:27:58Z",
     "tools": {
       "components": [
         {
@@ -2795,7 +2795,7 @@
       "type": "library",
       "bom-ref": "66-typing-extensions",
       "name": "typing-extensions",
-      "version": "4.10.0",
+      "version": "4.11.0",
       "supplier": {
         "name": "Guido van Jukka ukasz Michael",
         "contact": [
@@ -2804,22 +2804,16 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.10.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.11.0:*:*:*:*:*:*:*",
       "description": "Backported and Experimental Type Hints for Python 3.8+",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "06b23e3f05fd0f929dbaea17ae51621dcc8434ab"
-        }
-      ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/typing_extensions/4.10.0",
+          "url": "https://pypi.org/project/typing_extensions/4.11.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/typing-extensions@4.10.0",
+      "purl": "pkg:pypi/typing-extensions@4.11.0",
       "properties": [
         {
           "name": "language",
@@ -2925,7 +2919,7 @@
       "type": "library",
       "bom-ref": "69-xmlschema",
       "name": "xmlschema",
-      "version": "3.2.0",
+      "version": "3.2.1",
       "supplier": {
         "name": "Davide Brunato",
         "contact": [
@@ -2934,7 +2928,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.2.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:davide_brunato:xmlschema:3.2.1:*:*:*:*:*:*:*",
       "description": "An XML Schema validator and decoder",
       "licenses": [
         {
@@ -2946,12 +2940,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/xmlschema/3.2.0",
+          "url": "https://pypi.org/project/xmlschema/3.2.1",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/xmlschema@3.2.0",
+      "purl": "pkg:pypi/xmlschema@3.2.1",
       "properties": [
         {
           "name": "language",
diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-4c83f10e-5529-4cc8-95c9-409f552f3d19
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-a228b5bf-0565-4e04-b688-0865d0c12357
 LicenseListVersion: 3.22
 Creator: Tool: sbom4python-0.10.4
-Created: 2024-04-01T00:28:30Z
+Created: 2024-04-08T00:26:37Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -1042,18 +1042,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:georg_brandl:pygments:2.17.2:*:*:*:*:*
 
 PackageName: typing-extensions
 SPDXID: SPDXRef-Package-66-typing-extensions
-PackageVersion: 4.10.0
+PackageVersion: 4.11.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: Guido van Jukka ukasz Michael (levkivskyi@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/typing_extensions/4.10.0
+PackageDownloadLocation: https://pypi.org/project/typing_extensions/4.11.0
 FilesAnalyzed: false
-PackageChecksum: SHA1: 06b23e3f05fd0f929dbaea17ae51621dcc8434ab
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: NOASSERTION
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Backported and Experimental Type Hints for Python 3.8+</text>
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/typing-extensions@4.10.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.10.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/typing-extensions@4.11.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.11.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: rpmfile
@@ -1089,17 +1088,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:
 
 PackageName: xmlschema
 SPDXID: SPDXRef-Package-69-xmlschema
-PackageVersion: 3.2.0
+PackageVersion: 3.2.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/xmlschema/3.2.0
+PackageDownloadLocation: https://pypi.org/project/xmlschema/3.2.1
 FilesAnalyzed: false
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>An XML Schema validator and decoder</text>
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.2.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/xmlschema@3.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.2.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: elementpath
