intel
diff --git a/‎sbom/cve-bin-tool-py3.11.json
Lines changed: 60 additions & 103 deletions b/‎sbom/cve-bin-tool-py3.11.json
Lines changed: 60 additions & 103 deletions
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:02495323-7eae-48c7-b120-c85429d63669",
+  "serialNumber": "urn:uuid:2c51a0ce-1204-4492-9e3d-37c313400a75",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-01-29T00:27:03Z",
+    "timestamp": "2024-02-06T18:37:48Z",
     "tools": {
       "components": [
         {
@@ -37,6 +37,12 @@
       },
       "cpe": "cpe:2.3:a:terri_oda:cve-bin-tool:3.3rc2:*:*:*:*:*:*:*",
       "description": "CVE Binary Checker Tool",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "c491590aeea36235930d1c6b8480d2489a470ece"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -68,7 +74,7 @@
       "type": "library",
       "bom-ref": "2-aiohttp",
       "name": "aiohttp",
-      "version": "3.9.2",
+      "version": "3.9.3",
       "description": "Async http client/server framework (asyncio)",
       "licenses": [
         {
@@ -80,12 +86,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/aiohttp/3.9.2",
+          "url": "https://pypi.org/project/aiohttp/3.9.3",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].2",
+      "purl": "pkg:pypi/[email protected].3",
       "properties": [
         {
           "name": "language",
@@ -218,7 +224,7 @@
       "type": "library",
       "bom-ref": "6-multidict",
       "name": "multidict",
-      "version": "6.0.4",
+      "version": "6.0.5",
       "supplier": {
         "name": "Andrew Svetlov",
         "contact": [
@@ -227,14 +233,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.0.4:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:andrew_svetlov:multidict:6.0.5:*:*:*:*:*:*:*",
       "description": "multidict implementation",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "47ac8a18ccfee3578c0a92a2651325fc9dd3ae72"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -245,12 +245,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/multidict/6.0.4",
+          "url": "https://pypi.org/project/multidict/6.0.5",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].4",
+      "purl": "pkg:pypi/[email protected].5",
       "properties": [
         {
           "name": "language",
@@ -1343,7 +1343,7 @@
       "type": "library",
       "bom-ref": "30-cryptography",
       "name": "cryptography",
-      "version": "42.0.1",
+      "version": "42.0.2",
       "supplier": {
         "name": "The Python Cryptographic Authority and individual contributors",
         "contact": [
@@ -1352,7 +1352,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:42.0.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:42.0.2:*:*:*:*:*:*:*",
       "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
       "licenses": [
         {
@@ -1361,12 +1361,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/cryptography/42.0.1",
+          "url": "https://pypi.org/project/cryptography/42.0.2",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].1",
+      "purl": "pkg:pypi/[email protected].2",
       "properties": [
         {
           "name": "language",
@@ -1730,6 +1730,12 @@
       "name": "jinja2",
       "version": "3.1.3",
       "description": "A very fast and expressive template engine.",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "d9de4bb215fd1cc8092a410fb834c7c4060b1fc1"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -1761,12 +1767,12 @@
       "type": "library",
       "bom-ref": "39-markupsafe",
       "name": "markupsafe",
-      "version": "2.1.4",
+      "version": "2.1.5",
       "description": "Safely add untrusted strings to HTML/XML markup.",
       "hashes": [
         {
           "alg": "SHA-1",
-          "content": "b7cd6523579ea5a08d89799f2a64ec2c2bc45eca"
+          "content": "fbba4acd0312826cec9cfe18371c7df07962cb65"
         }
       ],
       "licenses": [
@@ -1779,12 +1785,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/MarkupSafe/2.1.4",
+          "url": "https://pypi.org/project/MarkupSafe/2.1.5",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].4",
+      "purl": "pkg:pypi/[email protected].5",
       "properties": [
         {
           "name": "language",
@@ -1965,6 +1971,12 @@
       },
       "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.6.1:*:*:*:*:*:*:*",
       "description": "Software Bill of Material (SBOM) generator and consumer library",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "45c891cb64148f16f722fbc39b12b7f1fb253a57"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -2377,7 +2389,7 @@
       "type": "library",
       "bom-ref": "53-certifi",
       "name": "certifi",
-      "version": "2023.11.17",
+      "version": "2024.2.2",
       "supplier": {
         "name": "Kenneth Reitz",
         "contact": [
@@ -2386,14 +2398,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2023.11.17:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.2.2:*:*:*:*:*:*:*",
       "description": "Python package for providing Mozilla's CA Bundle.",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "515962b01a24501c912c26ccced7ef8b47f81553"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -2404,12 +2410,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/certifi/2023.11.17",
+          "url": "https://pypi.org/project/certifi/2024.2.2",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/certifi@2023.11.17",
+      "purl": "pkg:pypi/certifi@2024.2.2",
       "properties": [
         {
           "name": "language",
@@ -2436,6 +2442,12 @@
       },
       "cpe": "cpe:2.3:a:ahmed_tahri:charset-normalizer:3.3.2:*:*:*:*:*:*:*",
       "description": "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "79dce4857914fead2ffe55eb787cad6d5cf14643"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -2467,7 +2479,7 @@
       "type": "library",
       "bom-ref": "55-urllib3",
       "name": "urllib3",
-      "version": "2.1.0",
+      "version": "2.2.0",
       "supplier": {
         "name": "Andrey Petrov",
         "contact": [
@@ -2476,22 +2488,16 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.1.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:andrey_petrov:urllib3:2.2.0:*:*:*:*:*:*:*",
       "description": "HTTP library with thread-safe connection pooling, file post, and more.",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "69be2992f8a25a1f27e49f339e4d5b98dec07462"
-        }
-      ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/urllib3/2.1.0",
+          "url": "https://pypi.org/project/urllib3/2.2.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/urllib3@2.1.0",
+      "purl": "pkg:pypi/urllib3@2.2.0",
       "properties": [
         {
           "name": "language",
@@ -2717,55 +2723,7 @@
     },
     {
       "type": "library",
-      "bom-ref": "61-toml",
-      "name": "toml",
-      "version": "0.10.2",
-      "supplier": {
-        "name": "William Pearson",
-        "contact": [
-          {
-            "email": "[email protected]"
-          }
-        ]
-      },
-      "cpe": "cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*",
-      "description": "Python Library for Tom's Obvious, Minimal Language",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "3f637dba5f68db63d4b30967fedda51c82459471"
-        }
-      ],
-      "licenses": [
-        {
-          "license": {
-            "id": "MIT",
-            "url": "https://opensource.org/licenses/MIT"
-          }
-        }
-      ],
-      "externalReferences": [
-        {
-          "url": "https://pypi.org/project/toml/0.10.2",
-          "type": "distribution",
-          "comment": "Download location for component"
-        }
-      ],
-      "purl": "pkg:pypi/[email protected]",
-      "properties": [
-        {
-          "name": "language",
-          "value": "Python"
-        },
-        {
-          "name": "python_version",
-          "value": "3.11.7"
-        }
-      ]
-    },
-    {
-      "type": "library",
-      "bom-ref": "62-xmlschema",
+      "bom-ref": "61-xmlschema",
       "name": "xmlschema",
       "version": "3.0.1",
       "supplier": {
@@ -2807,9 +2765,9 @@
     },
     {
       "type": "library",
-      "bom-ref": "63-elementpath",
+      "bom-ref": "62-elementpath",
       "name": "elementpath",
-      "version": "4.1.5",
+      "version": "4.2.0",
       "supplier": {
         "name": "Davide Brunato",
         "contact": [
@@ -2818,7 +2776,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.1.5:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.2.0:*:*:*:*:*:*:*",
       "description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
       "licenses": [
         {
@@ -2830,12 +2788,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/elementpath/4.1.5",
+          "url": "https://pypi.org/project/elementpath/4.2.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/elementpath@4.1.5",
+      "purl": "pkg:pypi/elementpath@4.2.0",
       "properties": [
         {
           "name": "language",
@@ -2849,7 +2807,7 @@
     },
     {
       "type": "library",
-      "bom-ref": "64-zstandard",
+      "bom-ref": "63-zstandard",
       "name": "zstandard",
       "version": "0.22.0",
       "supplier": {
@@ -2921,10 +2879,9 @@
         "52-requests",
         "56-rich",
         "60-rpmfile",
-        "61-toml",
         "55-urllib3",
-        "62-xmlschema",
-        "64-zstandard"
+        "61-xmlschema",
+        "63-zstandard"
       ]
     },
     {
@@ -3127,9 +3084,9 @@
       ]
     },
     {
-      "ref": "62-xmlschema",
+      "ref": "61-xmlschema",
       "dependsOn": [
-        "63-elementpath"
+        "62-elementpath"
       ]
     }
   ]