chore: update SBOM for Python 3.9

web-flow · github-actions[bot] · commit 096a7461db58 · 2024-02-12T00:27:20.000Z
diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:570b5dab-b52f-4d7a-ad5e-b1f57e27bde8",
+  "serialNumber": "urn:uuid:0d5bb44b-9fae-490b-8e5b-632e576a6f30",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-02-05T00:27:53Z",
+    "timestamp": "2024-02-12T00:27:19Z",
     "tools": {
       "components": [
         {
@@ -1791,6 +1791,12 @@
       },
       "cpe": "cpe:2.3:a:jason_r._coombs:importlib-metadata:7.0.1:*:*:*:*:*:*:*",
       "description": "Read metadata from Python packages",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "f2e84e3fb5a240b054e8669e5162914bb4a4e68b"
+        }
+      ],
       "externalReferences": [
         {
           "url": "https://pypi.org/project/importlib-metadata/7.0.1",
@@ -1856,6 +1862,12 @@
       "name": "jinja2",
       "version": "3.1.3",
       "description": "A very fast and expressive template engine.",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "d9de4bb215fd1cc8092a410fb834c7c4060b1fc1"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -2935,7 +2947,7 @@
       "type": "library",
       "bom-ref": "66-elementpath",
       "name": "elementpath",
-      "version": "4.2.0",
+      "version": "4.2.1",
       "supplier": {
         "name": "Davide Brunato",
         "contact": [
@@ -2944,8 +2956,14 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.2.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.2.1:*:*:*:*:*:*:*",
       "description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "6795c9d5691f56d5f2548f45dc188706bf038675"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -2956,12 +2974,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/elementpath/4.2.0",
+          "url": "https://pypi.org/project/elementpath/4.2.1",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/elementpath@4.2.0",
+      "purl": "pkg:pypi/elementpath@4.2.1",
       "properties": [
         {
           "name": "language",
diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-5c4390c3-0924-402b-a03d-c04ed11babe7
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-2c351609-c615-4661-9111-b4af6df5821a
 LicenseListVersion: 3.22
 Creator: Tool: sbom4python-0.10.3
-Created: 2024-02-05T00:26:07Z
+Created: 2024-02-12T00:25:34Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -627,6 +627,7 @@ PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
 PackageDownloadLocation: https://pypi.org/project/importlib-metadata/7.0.1
 FilesAnalyzed: false
+PackageChecksum: SHA1: f2e84e3fb5a240b054e8669e5162914bb4a4e68b
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: NOASSERTION
 PackageCopyrightText: NOASSERTION
@@ -658,6 +659,7 @@ PrimaryPackagePurpose: LIBRARY
 PackageSupplier: NOASSERTION
 PackageDownloadLocation: https://pypi.org/project/Jinja2/3.1.3
 FilesAnalyzed: false
+PackageChecksum: SHA1: d9de4bb215fd1cc8092a410fb834c7c4060b1fc1
 PackageLicenseDeclared: BSD-3-Clause
 PackageLicenseConcluded: BSD-3-Clause
 PackageCopyrightText: NOASSERTION
@@ -1045,17 +1047,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:xmlschema:3.0.1:*:*:*:*
 
 PackageName: elementpath
 SPDXID: SPDXRef-Package-66-elementpath
-PackageVersion: 4.2.0
+PackageVersion: 4.2.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
-PackageDownloadLocation: https://pypi.org/project/elementpath/4.2.0
+PackageDownloadLocation: https://pypi.org/project/elementpath/4.2.1
 FilesAnalyzed: false
+PackageChecksum: SHA1: 6795c9d5691f56d5f2548f45dc188706bf038675
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml</text>
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.2.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.2.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/elementpath@4.2.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:davide_brunato:elementpath:4.2.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: zstandard
