diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json
index 88105b5323..3d8c46b755 100644
--- a/sbom/cve-bin-tool-py3.10.json
+++ b/sbom/cve-bin-tool-py3.10.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:be712b38-b12d-4fda-ad6b-691f2ded015d",
+ "serialNumber": "urn:uuid:d1cb08d7-d436-4c83-9b43-2425f88fbf8b",
"version": 1,
"metadata": {
- "timestamp": "2025-09-29T00:38:37Z",
+ "timestamp": "2025-10-06T00:39:17Z",
"lifecycles": [
{
"phase": "build"
@@ -701,7 +701,7 @@
"type": "library",
"bom-ref": "10-propcache",
"name": "propcache",
- "version": "0.3.2",
+ "version": "0.4.0",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -710,12 +710,12 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.3.2:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:propcache:0.4.0:*:*:*:*:*:*:*",
"description": "Accelerated property cache",
"hashes": [
{
"alg": "SHA-256",
- "content": "22d9962a358aedbb7a2e36187ff273adeaab9743373a272976d2e348d08c7770"
+ "content": "779aaae64089e2f4992e993faea801925395d26bb5de4a47df7ef7f942c14f80"
}
],
"licenses": [
@@ -734,7 +734,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/propcache/0.3.2/#files",
+ "url": "https://pypi.org/project/propcache/0.4.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -775,11 +775,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/propcache@0.3.2",
+ "purl": "pkg:pypi/propcache@0.4.0",
"properties": [
{
"name": "release_date",
- "value": "2025-06-09T22:53:40Z"
+ "value": "2025-10-04T21:54:49Z"
},
{
"name": "language",
@@ -795,7 +795,7 @@
"type": "library",
"bom-ref": "11-yarl",
"name": "yarl",
- "version": "1.20.1",
+ "version": "1.21.0",
"supplier": {
"name": "Andrew Svetlov",
"contact": [
@@ -804,14 +804,8 @@
}
]
},
- "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.20.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:andrew_svetlov:yarl:1.21.0:*:*:*:*:*:*:*",
"description": "Yet another URL library",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "6032e6da6abd41e4acda34d75a816012717000fa6839f37124a47fcefc49bec4"
- }
- ],
"licenses": [
{
"license": {
@@ -828,7 +822,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/yarl/1.20.1/#files",
+ "url": "https://pypi.org/project/yarl/1.21.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -869,11 +863,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/yarl@1.20.1",
+ "purl": "pkg:pypi/yarl@1.21.0",
"properties": [
{
"name": "release_date",
- "value": "2025-06-10T00:42:31Z"
+ "value": "2025-10-04T21:54:49Z"
},
{
"name": "language",
@@ -958,7 +952,7 @@
"type": "library",
"bom-ref": "13-beautifulsoup4",
"name": "beautifulsoup4",
- "version": "4.14.0",
+ "version": "4.14.2",
"supplier": {
"name": "Leonard Richardson",
"contact": [
@@ -967,12 +961,12 @@
}
]
},
- "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:*",
"description": "Screen-scraping library",
"hashes": [
{
"alg": "SHA-256",
- "content": "aee96fbccdf2d2a8d1288b2afa51fc76bb60823b7881a50fb1ed5f711d1a7d73"
+ "content": "5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515"
}
],
"licenses": [
@@ -991,7 +985,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/beautifulsoup4/4.14.0/#files",
+ "url": "https://pypi.org/project/beautifulsoup4/4.14.2/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -1000,11 +994,11 @@
"type": "other"
}
],
- "purl": "pkg:pypi/beautifulsoup4@4.14.0",
+ "purl": "pkg:pypi/beautifulsoup4@4.14.2",
"properties": [
{
"name": "release_date",
- "value": "2025-09-27T17:22:16Z"
+ "value": "2025-09-29T10:05:43Z"
},
{
"name": "language",
@@ -3660,7 +3654,7 @@
"type": "library",
"bom-ref": "56-lib4vex",
"name": "lib4vex",
- "version": "0.2.0",
+ "version": "0.2.1",
"supplier": {
"name": "Anthony Harrison",
"contact": [
@@ -3669,12 +3663,12 @@
}
]
},
- "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:anthony_harrison:lib4vex:0.2.1:*:*:*:*:*:*:*",
"description": "VEX generator and consumer library",
"hashes": [
{
"alg": "SHA-256",
- "content": "bbe730148c1a7629473067ba9702b673af11e225fcd76e6431b881f0731f52ce"
+ "content": "7277b368807507b2808332954480c968f73a5f51edf0218f13260cbe7110a341"
}
],
"licenses": [
@@ -3693,16 +3687,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/lib4vex/0.2.0/#files",
+ "url": "https://pypi.org/project/lib4vex/0.2.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/lib4vex@0.2.0",
+ "purl": "pkg:pypi/lib4vex@0.2.1",
"properties": [
{
"name": "release_date",
- "value": "2024-08-29T20:36:52Z"
+ "value": "2025-10-02T10:35:09Z"
},
{
"name": "language",
@@ -4155,7 +4149,7 @@
"type": "library",
"bom-ref": "64-plotly",
"name": "plotly",
- "version": "6.3.0",
+ "version": "6.3.1",
"supplier": {
"name": "Chris P",
"contact": [
@@ -4164,12 +4158,12 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:6.3.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:6.3.1:*:*:*:*:*:*:*",
"description": "An open-source interactive data visualization library for Python",
"hashes": [
{
"alg": "SHA-256",
- "content": "7ad806edce9d3cdd882eaebaf97c0c9e252043ed1ed3d382c3e3520ec07806d4"
+ "content": "8b4420d1dcf2b040f5983eed433f95732ed24930e496d36eb70d211923532e64"
}
],
"externalReferences": [
@@ -4179,7 +4173,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/plotly/6.3.0/#files",
+ "url": "https://pypi.org/project/plotly/6.3.1/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4196,11 +4190,11 @@
"type": "log"
}
],
- "purl": "pkg:pypi/plotly@6.3.0",
+ "purl": "pkg:pypi/plotly@6.3.1",
"properties": [
{
"name": "release_date",
- "value": "2025-08-12T20:22:09Z"
+ "value": "2025-10-02T16:10:22Z"
},
{
"name": "language",
@@ -4220,7 +4214,7 @@
"type": "library",
"bom-ref": "65-narwhals",
"name": "narwhals",
- "version": "2.5.0",
+ "version": "2.6.0",
"supplier": {
"name": "Marco Gorelli",
"contact": [
@@ -4229,12 +4223,12 @@
}
]
},
- "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.5.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.6.0:*:*:*:*:*:*:*",
"description": "Extremely lightweight compatibility layer between dataframe libraries",
"hashes": [
{
"alg": "SHA-256",
- "content": "7e213f9ca7db3f8bf6f7eff35eaee6a1cf80902997e1b78d49b7755775d8f423"
+ "content": "3215ea42afb452c6c8527e79cefbe542b674aa08d7e2e99d46b2c9708870e0d4"
}
],
"licenses": [
@@ -4253,7 +4247,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/narwhals/2.5.0/#files",
+ "url": "https://pypi.org/project/narwhals/2.6.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4270,11 +4264,11 @@
"type": "issue-tracker"
}
],
- "purl": "pkg:pypi/narwhals@2.5.0",
+ "purl": "pkg:pypi/narwhals@2.6.0",
"properties": [
{
"name": "release_date",
- "value": "2025-09-12T10:04:22Z"
+ "value": "2025-09-29T09:08:54Z"
},
{
"name": "language",
@@ -4563,7 +4557,7 @@
"type": "library",
"bom-ref": "70-certifi",
"name": "certifi",
- "version": "2025.8.3",
+ "version": "2025.10.5",
"supplier": {
"name": "Kenneth Reitz",
"contact": [
@@ -4572,12 +4566,12 @@
}
]
},
- "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.8.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:*",
"description": "Python package for providing Mozilla's CA Bundle.",
"hashes": [
{
"alg": "SHA-256",
- "content": "f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5"
+ "content": "0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de"
}
],
"licenses": [
@@ -4596,7 +4590,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/certifi/2025.8.3/#files",
+ "url": "https://pypi.org/project/certifi/2025.10.5/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4605,11 +4599,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/certifi@2025.8.3",
+ "purl": "pkg:pypi/certifi@2025.10.5",
"properties": [
{
"name": "release_date",
- "value": "2025-08-03T03:07:45Z"
+ "value": "2025-10-05T04:12:14Z"
},
{
"name": "language",
diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx
index c34edbe56f..ddd32a7df9 100644
--- a/sbom/cve-bin-tool-py3.10.spdx
+++ b/sbom/cve-bin-tool-py3.10.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-b4d96fdd-5043-4abe-aff0-ecab2aa0b7e7
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-2d0277f3-dce3-4684-8bfa-ae71a1eee092
LicenseListVersion: 3.26
Creator: Tool: sbom4python-0.12.4
-Created: 2025-09-29T00:38:26Z
+Created: 2025-10-06T00:39:06Z
CreatorComment: SBOM Type: Build - This document has been automatically generated.
#####
@@ -220,18 +220,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:multidict:6.6.4:*:*:*:*
PackageName: propcache
SPDXID: SPDXRef-10-propcache
-PackageVersion: 0.3.2
+PackageVersion: 0.4.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/propcache/0.3.2/#files
+PackageDownloadLocation: https://pypi.org/project/propcache/0.4.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/propcache
-PackageChecksum: SHA256: 22d9962a358aedbb7a2e36187ff273adeaab9743373a272976d2e348d08c7770
+PackageChecksum: SHA256: 779aaae64089e2f4992e993faea801925395d26bb5de4a47df7ef7f942c14f80
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Accelerated property cache
-ReleaseDate: 2025-06-09T22:53:40Z
+ReleaseDate: 2025-10-04T21:54:49Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER other https://github.com/aio-libs/propcache/actions?query=branch:master
@@ -241,24 +241,23 @@ ExternalRef: OTHER log https://propcache.readthedocs.io/en/latest/changes/
ExternalRef: OTHER other https://propcache.readthedocs.io
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/propcache/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/propcache
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/propcache@0.4.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:propcache:0.4.0:*:*:*:*:*:*:*
#####
PackageName: yarl
SPDXID: SPDXRef-11-yarl
-PackageVersion: 1.20.1
+PackageVersion: 1.21.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Andrew Svetlov (andrew.svetlov@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/yarl/1.20.1/#files
+PackageDownloadLocation: https://pypi.org/project/yarl/1.21.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/aio-libs/yarl
-PackageChecksum: SHA256: 6032e6da6abd41e4acda34d75a816012717000fa6839f37124a47fcefc49bec4
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Yet another URL library
-ReleaseDate: 2025-06-10T00:42:31Z
+ReleaseDate: 2025-10-04T21:54:49Z
ExternalRef: OTHER other https://matrix.to/#/#aio-libs:matrix.org
ExternalRef: OTHER other https://matrix.to/#/#aio-libs-space:matrix.org
ExternalRef: OTHER other https://github.com/aio-libs/yarl/actions?query=branch:master
@@ -268,8 +267,8 @@ ExternalRef: OTHER log https://yarl.aio-libs.org/en/latest/changes/
ExternalRef: OTHER other https://yarl.aio-libs.org
ExternalRef: OTHER issue-tracker https://github.com/aio-libs/yarl/issues
ExternalRef: OTHER vcs https://github.com/aio-libs/yarl
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/yarl@1.20.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.20.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/yarl@1.21.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrew_svetlov:yarl:1.21.0:*:*:*:*:*:*:*
#####
PackageName: idna
@@ -295,22 +294,22 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
PackageName: beautifulsoup4
SPDXID: SPDXRef-13-beautifulsoup4
-PackageVersion: 4.14.0
+PackageVersion: 4.14.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
-PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.0/#files
+PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.2/#files
FilesAnalyzed: false
PackageHomePage: https://www.crummy.com/software/BeautifulSoup/bs4/
-PackageChecksum: SHA256: aee96fbccdf2d2a8d1288b2afa51fc76bb60823b7881a50fb1ed5f711d1a7d73
+PackageChecksum: SHA256: 5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: beautifulsoup4 declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Screen-scraping library
-ReleaseDate: 2025-09-27T17:22:16Z
+ReleaseDate: 2025-09-29T10:05:43Z
ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:*
#####
PackageName: soupsieve
@@ -1150,20 +1149,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:5.0.4:*:*:*
PackageName: lib4vex
SPDXID: SPDXRef-56-lib4vex
-PackageVersion: 0.2.0
+PackageVersion: 0.2.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/lib4vex/0.2.0/#files
+PackageDownloadLocation: https://pypi.org/project/lib4vex/0.2.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/anthonyharrison/lib4vex
-PackageChecksum: SHA256: bbe730148c1a7629473067ba9702b673af11e225fcd76e6431b881f0731f52ce
+PackageChecksum: SHA256: 7277b368807507b2808332954480c968f73a5f51edf0218f13260cbe7110a341
PackageLicenseDeclared: Apache-2.0
PackageLicenseConcluded: Apache-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: VEX generator and consumer library
-ReleaseDate: 2024-08-29T20:36:52Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4vex@0.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+ReleaseDate: 2025-10-02T10:35:09Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4vex@0.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4vex:0.2.1:*:*:*:*:*:*:*
#####
PackageName: csaf-tool
@@ -1304,13 +1303,13 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:25.0:*:*:*:*:*
PackageName: plotly
SPDXID: SPDXRef-64-plotly
-PackageVersion: 6.3.0
+PackageVersion: 6.3.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/6.3.0/#files
+PackageDownloadLocation: https://pypi.org/project/plotly/6.3.1/#files
FilesAnalyzed: false
PackageHomePage: https://plotly.com/python/
-PackageChecksum: SHA256: 7ad806edce9d3cdd882eaebaf97c0c9e252043ed1ed3d382c3e3520ec07806d4
+PackageChecksum: SHA256: 8b4420d1dcf2b040f5983eed433f95732ed24930e496d36eb70d211923532e64
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageLicenseComments: plotly declares MIT License
@@ -1337,34 +1336,34 @@ THE SOFTWARE.
which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source interactive data visualization library for Python
-ReleaseDate: 2025-08-12T20:22:09Z
+ReleaseDate: 2025-10-02T16:10:22Z
ExternalRef: OTHER documentation https://plotly.com/python/
ExternalRef: OTHER vcs https://github.com/plotly/plotly.py
ExternalRef: OTHER log https://github.com/plotly/plotly.py/blob/main/CHANGELOG.md
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.3.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.3.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.3.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.3.1:*:*:*:*:*:*:*
#####
PackageName: narwhals
SPDXID: SPDXRef-65-narwhals
-PackageVersion: 2.5.0
+PackageVersion: 2.6.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Marco Gorelli (hello_narwhals@proton.me)
-PackageDownloadLocation: https://pypi.org/project/narwhals/2.5.0/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/2.6.0/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/narwhals-dev/narwhals
-PackageChecksum: SHA256: 7e213f9ca7db3f8bf6f7eff35eaee6a1cf80902997e1b78d49b7755775d8f423
+PackageChecksum: SHA256: 3215ea42afb452c6c8527e79cefbe542b674aa08d7e2e99d46b2c9708870e0d4
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: narwhals declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Extremely lightweight compatibility layer between dataframe libraries
-ReleaseDate: 2025-09-12T10:04:22Z
+ReleaseDate: 2025-09-29T09:08:54Z
ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.5.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.5.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.6.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.6.0:*:*:*:*:*:*:*
#####
PackageName: python-gnupg
@@ -1453,21 +1452,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.5.0:*:*:*:*:*:
PackageName: certifi
SPDXID: SPDXRef-70-certifi
-PackageVersion: 2025.8.3
+PackageVersion: 2025.10.5
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
-PackageDownloadLocation: https://pypi.org/project/certifi/2025.8.3/#files
+PackageDownloadLocation: https://pypi.org/project/certifi/2025.10.5/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/certifi/python-certifi
-PackageChecksum: SHA256: f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5
+PackageChecksum: SHA256: 0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de
PackageLicenseDeclared: MPL-2.0
PackageLicenseConcluded: MPL-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Python package for providing Mozilla's CA Bundle.
-ReleaseDate: 2025-08-03T03:07:45Z
+ReleaseDate: 2025-10-05T04:12:14Z
ExternalRef: OTHER vcs https://github.com/certifi/python-certifi
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.8.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.8.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.10.5
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:*
#####
PackageName: rpmfile