intel
diff --git a/‎sbom/cve-bin-tool-py3.10.json
Lines changed: 108 additions & 119 deletions b/‎sbom/cve-bin-tool-py3.10.json
Lines changed: 108 additions & 119 deletions
diff --git a/‎sbom/cve-bin-tool-py3.10.spdx
Lines changed: 60 additions & 61 deletions b/‎sbom/cve-bin-tool-py3.10.spdx
Lines changed: 60 additions & 61 deletions
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-4d622ac5-fe7f-4daa-86b4-02219a0890ae
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-4fd0947e-d80b-48fb-9b53-f6fc3be425a0
 LicenseListVersion: 3.25
 Creator: Tool: sbom4python-0.12.4
-Created: 2025-06-30T00:43:40Z
+Created: 2025-07-07T00:43:23Z
 CreatorComment: <text>SBOM Type: Build - This document has been automatically generated.</text>
 ##### 
 
@@ -73,26 +73,25 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.6.1:
 
 PackageName: aiosignal
 SPDXID: SPDXRef-4-aiosignal
-PackageVersion: 1.3.2
+PackageVersion: 1.4.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: NOASSERTION
-PackageDownloadLocation: https://pypi.org/project/aiosignal/1.3.2/#files
+PackageDownloadLocation: https://pypi.org/project/aiosignal/1.4.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/aio-libs/aiosignal
-PackageChecksum: SHA256: 45cde58e409a301715980c2b01d0c28bdde3770d8290b5eb2173759d9acb31a5
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseComments: <text>aiosignal declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>aiosignal: a list of registered asynchronous callbacks</text>
-ReleaseDate: 2024-12-13T17:10:38Z
+ReleaseDate: 2025-03-12T01:42:47Z
 ExternalRef: OTHER other https://gitter.im/aio-libs/Lobby
 ExternalRef: OTHER build-system https://github.com/aio-libs/aiosignal/actions
 ExternalRef: OTHER other https://codecov.io/github/aio-libs/aiosignal
 ExternalRef: OTHER other https://docs.aiosignal.org
 ExternalRef: OTHER issue-tracker https://github.com/aio-libs/aiosignal/issues
 ExternalRef: OTHER vcs https://github.com/aio-libs/aiosignal
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiosignal@1.3.2
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/aiosignal@1.4.0
 ##### 
 
 PackageName: frozenlist
@@ -121,8 +120,31 @@ ExternalRef: OTHER vcs https://github.com/aio-libs/frozenlist
 ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
 ##### 
 
+PackageName: typing-extensions
+SPDXID: SPDXRef-6-typing-extensions
+PackageVersion: 4.14.1
+PrimaryPackagePurpose: LIBRARY
+PackageSupplier: Organization: Guido van Jukka ukasz Michael ([email protected])
+PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.14.1/#files
+FilesAnalyzed: false
+PackageHomePage: https://github.com/python/typing_extensions
+PackageChecksum: SHA256: d1e1e3b58374dc93031d6eda2420a48ea44a36c2b4766a4fdeb3710755731d76
+PackageLicenseDeclared: NOASSERTION
+PackageLicenseConcluded: NOASSERTION
+PackageCopyrightText: NOASSERTION
+PackageSummary: <text>Backported and Experimental Type Hints for Python 3.9+</text>
+ReleaseDate: 2025-07-04T13:28:32Z
+ExternalRef: OTHER issue-tracker https://github.com/python/typing_extensions/issues
+ExternalRef: OTHER log https://github.com/python/typing_extensions/blob/main/CHANGELOG.md
+ExternalRef: OTHER documentation https://typing-extensions.readthedocs.io/
+ExternalRef: OTHER other https://github.com/python/typing/discussions
+ExternalRef: OTHER vcs https://github.com/python/typing_extensions
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.14.1:*:*:*:*:*:*:*
+##### 
+
 PackageName: async-timeout
-SPDXID: SPDXRef-6-async-timeout
+SPDXID: SPDXRef-7-async-timeout
 PackageVersion: 5.0.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: Andrew Svetlov ([email protected])
@@ -146,7 +168,7 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:async-timeout:5.0.1:*:*
 ##### 
 
 PackageName: attrs
-SPDXID: SPDXRef-7-attrs
+SPDXID: SPDXRef-8-attrs
 PackageVersion: 25.3.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Hynek Schlawack ([email protected])
@@ -168,20 +190,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:25.3.0:*:*:*:*:*
 ##### 
 
 PackageName: multidict
-SPDXID: SPDXRef-8-multidict
-PackageVersion: 6.6.2
+SPDXID: SPDXRef-9-multidict
+PackageVersion: 6.6.3
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Andrew Svetlov ([email protected])
-PackageDownloadLocation: https://pypi.org/project/multidict/6.6.2/#files
+PackageDownloadLocation: https://pypi.org/project/multidict/6.6.3/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/aio-libs/multidict
-PackageChecksum: SHA256: cfd9c74d337e710d7ee26e72a7dbedbd60e0c58d3df7c5ccbb748857e977783c
+PackageChecksum: SHA256: a2be5b7b35271f7fff1397204ba6708365e3d773579fe2a30625e16c4b4ce817
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseComments: <text>multidict declares Apache License 2.0 which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>multidict implementation</text>
-ReleaseDate: 2025-06-28T14:35:47Z
+ReleaseDate: 2025-06-30T15:50:58Z
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
 ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
 ExternalRef: OTHER build-system https://github.com/aio-libs/multidict/actions
@@ -191,31 +213,8 @@ ExternalRef: OTHER log https://multidict.aio-libs.org/en/latest/changes/
 ExternalRef: OTHER other https://multidict.aio-libs.org
 ExternalRef: OTHER issue-tracker https://github.com/aio-libs/multidict/issues
 ExternalRef: OTHER vcs https://github.com/aio-libs/multidict
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.6.2:*:*:*:*:*:*:*
-##### 
-
-PackageName: typing-extensions
-SPDXID: SPDXRef-9-typing-extensions
-PackageVersion: 4.14.0
-PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Organization: Guido van Jukka ukasz Michael ([email protected])
-PackageDownloadLocation: https://pypi.org/project/typing-extensions/4.14.0/#files
-FilesAnalyzed: false
-PackageHomePage: https://github.com/python/typing_extensions
-PackageChecksum: SHA256: a1514509136dd0b477638fc68d6a91497af5076466ad0fa6c338e44e359944af
-PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: NOASSERTION
-PackageCopyrightText: NOASSERTION
-PackageSummary: <text>Backported and Experimental Type Hints for Python 3.9+</text>
-ReleaseDate: 2025-06-02T14:52:10Z
-ExternalRef: OTHER issue-tracker https://github.com/python/typing_extensions/issues
-ExternalRef: OTHER log https://github.com/python/typing_extensions/blob/main/CHANGELOG.md
-ExternalRef: OTHER documentation https://typing-extensions.readthedocs.io/
-ExternalRef: OTHER other https://github.com/python/typing/discussions
-ExternalRef: OTHER vcs https://github.com/python/typing_extensions
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.14.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/[email protected]
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.6.3:*:*:*:*:*:*:*
 ##### 
 
 PackageName: propcache
@@ -1042,26 +1041,26 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*
 
 PackageName: rpds-py
 SPDXID: SPDXRef-49-rpds-py
-PackageVersion: 0.25.1
+PackageVersion: 0.26.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Julian Berman ([email protected])
-PackageDownloadLocation: https://pypi.org/project/rpds-py/0.25.1/#files
+PackageDownloadLocation: https://pypi.org/project/rpds-py/0.26.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/crate-py/rpds
-PackageChecksum: SHA256: f4ad628b5174d5315761b67f212774a32f5bad5e61396d38108bd801c0a8f5d9
+PackageChecksum: SHA256: 4c70c70f9169692b36307a95f3d8c0a9fcd79f7b4a383aad5eaa0e9718b79b37
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Python bindings to Rust's persistent data structures (rpds)</text>
-ReleaseDate: 2025-05-21T12:42:38Z
+ReleaseDate: 2025-07-01T15:53:40Z
 ExternalRef: OTHER documentation https://rpds.readthedocs.io/
 ExternalRef: OTHER issue-tracker https://github.com/crate-py/rpds/issues/
 ExternalRef: OTHER other https://github.com/sponsors/Julian
 ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-rpds-py?utm_source=pypi-rpds-py&utm_medium=referral&utm_campaign=pypi-link
 ExternalRef: OTHER vcs https://github.com/crate-py/rpds
 ExternalRef: OTHER other https://github.com/orium/rpds
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.25.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.25.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.26.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.26.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: lib4sbom
@@ -1323,24 +1322,23 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.2.0:*:*:*:*:*:*:*
 
 PackageName: narwhals
 SPDXID: SPDXRef-62-narwhals
-PackageVersion: 1.44.0
+PackageVersion: 1.45.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Marco Gorelli ([email protected])
-PackageDownloadLocation: https://pypi.org/project/narwhals/1.44.0/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.45.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/narwhals-dev/narwhals
-PackageChecksum: SHA256: a170ea0bab4cf1f323d9f8bf17f2d7042c3d73802bea321996b39bf075d57de5
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: MIT
 PackageLicenseComments: <text>narwhals declares MIT License which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Extremely lightweight compatibility layer between dataframe libraries</text>
-ReleaseDate: 2025-06-23T08:28:06Z
+ReleaseDate: 2025-06-26T16:20:40Z
 ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
 ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
 ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.44.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.44.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.45.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.45.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: python-gnupg
@@ -1602,9 +1600,9 @@ Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-73-zipp
 Relationship: SPDXRef-1-cve-bin-tool DEPENDS_ON SPDXRef-74-zstandard
 Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-10-propcache
 Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-12-idna
-Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-8-multidict
+Relationship: SPDXRef-11-yarl DEPENDS_ON SPDXRef-9-multidict
 Relationship: SPDXRef-13-beautifulsoup4 DEPENDS_ON SPDXRef-14-soupsieve
-Relationship: SPDXRef-13-beautifulsoup4 DEPENDS_ON SPDXRef-9-typing-extensions
+Relationship: SPDXRef-13-beautifulsoup4 DEPENDS_ON SPDXRef-6-typing-extensions
 Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-20-argcomplete
 Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-21-crcmod
 Relationship: SPDXRef-19-gsutil DEPENDS_ON SPDXRef-22-fasteners
@@ -1623,9 +1621,9 @@ Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-11-yarl
 Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-3-aiohappyeyeballs
 Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-4-aiosignal
 Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-5-frozenlist
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-6-async-timeout
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-8-multidict
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-7-async-timeout
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-8-attrs
+Relationship: SPDXRef-2-aiohttp DEPENDS_ON SPDXRef-9-multidict
 Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-24-rsa
 Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-26-boto
 Relationship: SPDXRef-23-gcs-oauth2-boto-plugin DEPENDS_ON SPDXRef-27-google-reauth
@@ -1653,6 +1651,7 @@ Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-24-rsa
 Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-33-pyasn1-modules
 Relationship: SPDXRef-39-google-auth DEPENDS_ON SPDXRef-40-cachetools
 Relationship: SPDXRef-4-aiosignal DEPENDS_ON SPDXRef-5-frozenlist
+Relationship: SPDXRef-4-aiosignal DEPENDS_ON SPDXRef-6-typing-extensions
 Relationship: SPDXRef-41-google-auth-httplib2 DEPENDS_ON SPDXRef-30-httplib2
 Relationship: SPDXRef-41-google-auth-httplib2 DEPENDS_ON SPDXRef-39-google-auth
 Relationship: SPDXRef-42-google-apitools DEPENDS_ON SPDXRef-22-fasteners
@@ -1663,11 +1662,11 @@ Relationship: SPDXRef-44-jinja2 DEPENDS_ON SPDXRef-45-markupsafe
 Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-47-jsonschema-specifications
 Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-48-referencing
 Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-49-rpds-py
-Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-7-attrs
+Relationship: SPDXRef-46-jsonschema DEPENDS_ON SPDXRef-8-attrs
 Relationship: SPDXRef-47-jsonschema-specifications DEPENDS_ON SPDXRef-48-referencing
 Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-49-rpds-py
-Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-7-attrs
-Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-9-typing-extensions
+Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-6-typing-extensions
+Relationship: SPDXRef-48-referencing DEPENDS_ON SPDXRef-8-attrs
 Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-16-defusedxml
 Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-51-pyyaml
 Relationship: SPDXRef-50-lib4sbom DEPENDS_ON SPDXRef-52-semantic-version
@@ -1678,7 +1677,7 @@ Relationship: SPDXRef-54-csaf-tool DEPENDS_ON SPDXRef-55-packageurl-python
 Relationship: SPDXRef-54-csaf-tool DEPENDS_ON SPDXRef-56-rich
 Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-57-markdown-it-py
 Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-59-pygments
-Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-9-typing-extensions
+Relationship: SPDXRef-56-rich DEPENDS_ON SPDXRef-6-typing-extensions
 Relationship: SPDXRef-57-markdown-it-py DEPENDS_ON SPDXRef-58-mdurl
 Relationship: SPDXRef-61-plotly DEPENDS_ON SPDXRef-60-packaging
 Relationship: SPDXRef-61-plotly DEPENDS_ON SPDXRef-62-narwhals
@@ -1688,5 +1687,5 @@ Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-66-urllib3
 Relationship: SPDXRef-64-requests DEPENDS_ON SPDXRef-67-certifi
 Relationship: SPDXRef-71-xmlschema DEPENDS_ON SPDXRef-72-elementpath
 Relationship: SPDXRef-74-zstandard DEPENDS_ON SPDXRef-36-cffi
-Relationship: SPDXRef-8-multidict DEPENDS_ON SPDXRef-9-typing-extensions
+Relationship: SPDXRef-9-multidict DEPENDS_ON SPDXRef-6-typing-extensions
 Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-1-cve-bin-tool