diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index 9aea1d8516..36c30e1818 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:48a7b2af-77b3-428b-b456-f83adf360c67",
+ "serialNumber": "urn:uuid:ce064af1-f774-4bfd-8905-8644f01ade64",
"version": 1,
"metadata": {
- "timestamp": "2025-09-29T00:43:51Z",
+ "timestamp": "2025-10-06T00:39:06Z",
"lifecycles": [
{
"phase": "build"
@@ -619,7 +619,7 @@
"type": "library",
"bom-ref": "9-propcache",
"name": "propcache",
- "version": "0.3.2",
+ "version": "0.4.0",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -628,12 +628,12 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.3.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.4.0:*:*:*:*:*:*:*",
"description": "Accelerated property cache",
"hashes": [
{
"alg": "SHA-256",
- "content": "22d9962a358aedbb7a2e36187ff273adeaab9743373a272976d2e348d08c7770"
+ "content": "779aaae64089e2f4992e993faea801925395d26bb5de4a47df7ef7f942c14f80"
}
],
"licenses": [
@@ -652,7 +652,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/propcache/0.3.2/#files",
+ "url": "https://pypi.org/project/propcache/0.4.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -693,11 +693,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/propcache@0.3.2",
+ "purl": "pkg:pypi/propcache@0.4.0",
"properties": [
{
"name": "release_date",
- "value": "2025-06-09T22:53:40Z"
+ "value": "2025-10-04T21:54:49Z"
},
{
"name": "language",
@@ -713,7 +713,7 @@
"type": "library",
"bom-ref": "10-yarl",
"name": "yarl",
- "version": "1.20.1",
+ "version": "1.21.0",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -722,14 +722,8 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.20.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.21.0:*:*:*:*:*:*:*",
"description": "Yet another URL library",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "6032e6da6abd41e4acda34d75a816012717000fa6839f37124a47fcefc49bec4"
- }
- ],
"licenses": [
{
"license": {
@@ -746,7 +740,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/yarl/1.20.1/#files",
+ "url": "https://pypi.org/project/yarl/1.21.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -787,11 +781,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/yarl@1.20.1",
+ "purl": "pkg:pypi/yarl@1.21.0",
"properties": [
{
"name": "release_date",
- "value": "2025-06-10T00:42:31Z"
+ "value": "2025-10-04T21:54:49Z"
},
{
"name": "language",
@@ -876,7 +870,7 @@
"type": "library",
"bom-ref": "12-beautifulsoup4",
"name": "beautifulsoup4",
- "version": "4.14.0",
+ "version": "4.14.2",
"supplier": {
"name": "Leonard Richardson",
"contact": [
@@ -885,12 +879,12 @@
}
]
},
- "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:*",
"description": "Screen-scraping library",
"hashes": [
{
"alg": "SHA-256",
- "content": "aee96fbccdf2d2a8d1288b2afa51fc76bb60823b7881a50fb1ed5f711d1a7d73"
+ "content": "5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515"
}
],
"licenses": [
@@ -909,7 +903,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/beautifulsoup4/4.14.0/#files",
+ "url": "https://pypi.org/project/beautifulsoup4/4.14.2/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -918,11 +912,11 @@
"type": "other"
}
],
- "purl": "pkg:pypi/beautifulsoup4@4.14.0",
+ "purl": "pkg:pypi/beautifulsoup4@4.14.2",
"properties": [
{
"name": "release_date",
- "value": "2025-09-27T17:22:16Z"
+ "value": "2025-09-29T10:05:43Z"
},
{
"name": "language",
@@ -3578,7 +3572,7 @@
"type": "library",
"bom-ref": "55-lib4vex",
"name": "lib4vex",
- "version": "0.2.0",
+ "version": "0.2.1",
"supplier": {
"name": "Anthony Harrison",
"contact": [
@@ -3587,12 +3581,12 @@
}
]
},
- "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.2.1:*:*:*:*:*:*:*",
"description": "VEX generator and consumer library",
"hashes": [
{
"alg": "SHA-256",
- "content": "bbe730148c1a7629473067ba9702b673af11e225fcd76e6431b881f0731f52ce"
+ "content": "7277b368807507b2808332954480c968f73a5f51edf0218f13260cbe7110a341"
}
],
"licenses": [
@@ -3611,16 +3605,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/lib4vex/0.2.0/#files",
+ "url": "https://pypi.org/project/lib4vex/0.2.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/lib4vex@0.2.0",
+ "purl": "pkg:pypi/lib4vex@0.2.1",
"properties": [
{
"name": "release_date",
- "value": "2024-08-29T20:36:52Z"
+ "value": "2025-10-02T10:35:09Z"
},
{
"name": "language",
@@ -4073,7 +4067,7 @@
"type": "library",
"bom-ref": "63-plotly",
"name": "plotly",
- "version": "6.3.0",
+ "version": "6.3.1",
"supplier": {
"name": "Chris P",
"contact": [
@@ -4082,12 +4076,12 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:6.3.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:6.3.1:*:*:*:*:*:*:*",
"description": "An open-source interactive data visualization library for Python",
"hashes": [
{
"alg": "SHA-256",
- "content": "7ad806edce9d3cdd882eaebaf97c0c9e252043ed1ed3d382c3e3520ec07806d4"
+ "content": "8b4420d1dcf2b040f5983eed433f95732ed24930e496d36eb70d211923532e64"
}
],
"externalReferences": [
@@ -4097,7 +4091,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/plotly/6.3.0/#files",
+ "url": "https://pypi.org/project/plotly/6.3.1/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4114,11 +4108,11 @@
"type": "log"
}
],
- "purl": "pkg:pypi/plotly@6.3.0",
+ "purl": "pkg:pypi/plotly@6.3.1",
"properties": [
{
"name": "release_date",
- "value": "2025-08-12T20:22:09Z"
+ "value": "2025-10-02T16:10:22Z"
},
{
"name": "language",
@@ -4138,7 +4132,7 @@
"type": "library",
"bom-ref": "64-narwhals",
"name": "narwhals",
- "version": "2.5.0",
+ "version": "2.6.0",
"supplier": {
"name": "Marco Gorelli",
"contact": [
@@ -4147,12 +4141,12 @@
}
]
},
- "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.5.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.6.0:*:*:*:*:*:*:*",
"description": "Extremely lightweight compatibility layer between dataframe libraries",
"hashes": [
{
"alg": "SHA-256",
- "content": "7e213f9ca7db3f8bf6f7eff35eaee6a1cf80902997e1b78d49b7755775d8f423"
+ "content": "3215ea42afb452c6c8527e79cefbe542b674aa08d7e2e99d46b2c9708870e0d4"
}
],
"licenses": [
@@ -4171,7 +4165,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/narwhals/2.5.0/#files",
+ "url": "https://pypi.org/project/narwhals/2.6.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4188,11 +4182,11 @@
"type": "issue-tracker"
}
],
- "purl": "pkg:pypi/narwhals@2.5.0",
+ "purl": "pkg:pypi/narwhals@2.6.0",
"properties": [
{
"name": "release_date",
- "value": "2025-09-12T10:04:22Z"
+ "value": "2025-09-29T09:08:54Z"
},
{
"name": "language",
@@ -4481,7 +4475,7 @@
"type": "library",
"bom-ref": "69-certifi",
"name": "certifi",
- "version": "2025.8.3",
+ "version": "2025.10.5",
"supplier": {
"name": "Kenneth Reitz",
"contact": [
@@ -4490,12 +4484,12 @@
}
]
},
- "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.8.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:*",
"description": "Python package for providing Mozilla's CA Bundle.",
"hashes": [
{
"alg": "SHA-256",
- "content": "f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5"
+ "content": "0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de"
}
],
"licenses": [
@@ -4514,7 +4508,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/certifi/2025.8.3/#files",
+ "url": "https://pypi.org/project/certifi/2025.10.5/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4523,11 +4517,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/certifi@2025.8.3",
+ "purl": "pkg:pypi/certifi@2025.10.5",
"properties": [
{
"name": "release_date",
- "value": "2025-08-03T03:07:45Z"
+ "value": "2025-10-05T04:12:14Z"
},
{
"name": "language",
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index 9013790d32..2e9e3b1914 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-ec2b913b-afa9-4075-a187-01dcd3f13188
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-47618edc-9bc0-45bb-95a4-25f83995a803
LicenseListVersion: 3.26
Creator: Tool: sbom4python-0.12.4
-Created: 2025-09-29T00:43:41Z
+Created: 2025-10-06T00:38:52Z
CreatorComment: SBOM Type: Build - This document has been automatically generated.
#####
@@ -196,18 +196,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.6.4:*:*:*:*
PackageName: propcache
SPDXID: SPDXRef-9-propcache
-PackageVersion: 0.3.2
+PackageVersion: 0.4.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/propcache/0.3.2/#files
+PackageDownloadLocation: https://pypi.org/project/propcache/0.4.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/propcache
-PackageChecksum: SHA256: 22d9962a358aedbb7a2e36187ff273adeaab9743373a272976d2e348d08c7770
+PackageChecksum: SHA256: 779aaae64089e2f4992e993faea801925395d26bb5de4a47df7ef7f942c14f80
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Accelerated property cache
-ReleaseDate: 2025-06-09T22:53:40Z
+ReleaseDate: 2025-10-04T21:54:49Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER other https://github.com/aio-libs/propcache/actions?query=branch:master
@@ -217,24 +217,23 @@ ExternalRef: OTHER log https://propcache.readthedocs.io/en/latest/changes/
ExternalRef: OTHER other https://propcache.readthedocs.io
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/propcache/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/propcache
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.4.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.4.0:*:*:*:*:*:*:*
#####
PackageName: yarl
SPDXID: SPDXRef-10-yarl
-PackageVersion: 1.20.1
+PackageVersion: 1.21.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/yarl/1.20.1/#files
+PackageDownloadLocation: https://pypi.org/project/yarl/1.21.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/yarl
-PackageChecksum: SHA256: 6032e6da6abd41e4acda34d75a816012717000fa6839f37124a47fcefc49bec4
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Yet another URL library
-ReleaseDate: 2025-06-10T00:42:31Z
+ReleaseDate: 2025-10-04T21:54:49Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER other https://github.com/aio-libs/yarl/actions?query=branch:master
@@ -244,8 +243,8 @@ ExternalRef: OTHER log https://yarl.aio-libs.org/en/latest/changes/
ExternalRef: OTHER other https://yarl.aio-libs.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/yarl/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/yarl
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/yarl@1.20.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.20.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/yarl@1.21.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.21.0:*:*:*:*:*:*:*
#####
PackageName: idna
@@ -271,22 +270,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
PackageName: beautifulsoup4
SPDXID: SPDXRef-12-beautifulsoup4
-PackageVersion: 4.14.0
+PackageVersion: 4.14.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
-PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.0/#files
+PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.2/#files
FilesAnalyzed: false
PackageHomePage: https://www.crummy.com/software/BeautifulSoup/bs4/
-PackageChecksum: SHA256: aee96fbccdf2d2a8d1288b2afa51fc76bb60823b7881a50fb1ed5f711d1a7d73
+PackageChecksum: SHA256: 5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: beautifulsoup4 declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Screen-scraping library
-ReleaseDate: 2025-09-27T17:22:16Z
+ReleaseDate: 2025-09-29T10:05:43Z
ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:*
#####
PackageName: soupsieve
@@ -1126,20 +1125,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:5.0.4:*:*:*
PackageName: lib4vex
SPDXID: SPDXRef-55-lib4vex
-PackageVersion: 0.2.0
+PackageVersion: 0.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/lib4vex/0.2.0/#files
+PackageDownloadLocation: https://pypi.org/project/lib4vex/0.2.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/anthonyharrison/lib4vex
-PackageChecksum: SHA256: bbe730148c1a7629473067ba9702b673af11e225fcd76e6431b881f0731f52ce
+PackageChecksum: SHA256: 7277b368807507b2808332954480c968f73a5f51edf0218f13260cbe7110a341
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: VEX generator and consumer library
-ReleaseDate: 2024-08-29T20:36:52Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4vex@0.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+ReleaseDate: 2025-10-02T10:35:09Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4vex@0.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.1:*:*:*:*:*:*:*
#####
PackageName: csaf-tool
@@ -1280,13 +1279,13 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:25.0:*:*:*:*:*
PackageName: plotly
SPDXID: SPDXRef-63-plotly
-PackageVersion: 6.3.0
+PackageVersion: 6.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/6.3.0/#files
+PackageDownloadLocation: https://pypi.org/project/plotly/6.3.1/#files
FilesAnalyzed: false
PackageHomePage: https://plotly.com/python/
-PackageChecksum: SHA256: 7ad806edce9d3cdd882eaebaf97c0c9e252043ed1ed3d382c3e3520ec07806d4
+PackageChecksum: SHA256: 8b4420d1dcf2b040f5983eed433f95732ed24930e496d36eb70d211923532e64
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageLicenseComments: plotly declares MIT License
@@ -1313,34 +1312,34 @@ THE SOFTWARE.
which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source interactive data visualization library for Python
-ReleaseDate: 2025-08-12T20:22:09Z
+ReleaseDate: 2025-10-02T16:10:22Z
ExternalRef: OTHER documentation https://plotly.com/python/
ExternalRef: OTHER vcs https://github.com/plotly/plotly.py
ExternalRef: OTHER log https://github.com/plotly/plotly.py/blob/main/CHANGELOG.md
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.3.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.3.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.3.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.3.1:*:*:*:*:*:*:*
#####
PackageName: narwhals
SPDXID: SPDXRef-64-narwhals
-PackageVersion: 2.5.0
+PackageVersion: 2.6.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Marco Gorelli (hello_narwhals@proton.me)
-PackageDownloadLocation: https://pypi.org/project/narwhals/2.5.0/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/2.6.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/narwhals-dev/narwhals
-PackageChecksum: SHA256: 7e213f9ca7db3f8bf6f7eff35eaee6a1cf80902997e1b78d49b7755775d8f423
+PackageChecksum: SHA256: 3215ea42afb452c6c8527e79cefbe542b674aa08d7e2e99d46b2c9708870e0d4
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: narwhals declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Extremely lightweight compatibility layer between dataframe libraries
-ReleaseDate: 2025-09-12T10:04:22Z
+ReleaseDate: 2025-09-29T09:08:54Z
ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.5.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.5.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.6.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.6.0:*:*:*:*:*:*:*
#####
PackageName: python-gnupg
@@ -1429,21 +1428,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.5.0:*:*:*:*:*:
PackageName: certifi
SPDXID: SPDXRef-69-certifi
-PackageVersion: 2025.8.3
+PackageVersion: 2025.10.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
-PackageDownloadLocation: https://pypi.org/project/certifi/2025.8.3/#files
+PackageDownloadLocation: https://pypi.org/project/certifi/2025.10.5/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/certifi/python-certifi
-PackageChecksum: SHA256: f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5
+PackageChecksum: SHA256: 0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de
PackageLicenseDeclared: MPL-2.0
PackageLicenseConcluded: MPL-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Python package for providing Mozilla's CA Bundle.
-ReleaseDate: 2025-08-03T03:07:45Z
+ReleaseDate: 2025-10-05T04:12:14Z
ExternalRef: OTHER vcs https://github.com/certifi/python-certifi
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.8.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.8.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.10.5
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:*
#####
PackageName: rpmfile