chore: Update SBOM (#2623)

github-actions[bot] · blink1073 · web-flow · commit 1a434c7c5958 · 2025-11-24T10:34:44.000-06:00
Co-authored-by: blink1073 &lt;2096628+blink1073@users.noreply.github.com&gt;
diff --git a/sbom.json b/sbom.json
@@ -1,159 +1,202 @@
 {
-  "bomFormat": "CycloneDX",
-  "specVersion": "1.5",
-  "serialNumber": "urn:uuid:f91a87bf-a37f-4c1e-805f-142f60b2c960",
-  "version": 1,
-  "metadata": {
-    "timestamp": "2025-11-20T21:30:34Z",
-    "tools": {
-      "components": [
+  "components": [
+    {
+      "bom-ref": "dnspython==2.8.0",
+      "description": "DNS toolkit",
+      "externalReferences": [
         {
-          "group": "@cyclonedx",
-          "name": "cdxgen",
-          "version": "11.11.0",
-          "purl": "pkg:npm/%40cyclonedx/cdxgen@11.11.0",
-          "type": "application",
-          "bom-ref": "pkg:npm/@cyclonedx/cdxgen@11.11.0",
-          "author": "OWASP Foundation",
-          "publisher": "OWASP Foundation"
-        }
-      ]
-    },
-    "authors": [
-      {
-        "name": "OWASP Foundation"
-      }
-    ],
-    "lifecycles": [
-      {
-        "phase": "build"
-      }
-    ],
-    "component": {
-      "name": "pymongo",
-      "description": "PyMongo - the Official MongoDB Python driver",
-      "authors": [
+          "comment": "from packaging metadata Project-URL: documentation",
+          "type": "documentation",
+          "url": "https://dnspython.readthedocs.io/en/stable/"
+        },
         {
-          "name": "The MongoDB Python Team"
-        }
-      ],
-      "tags": [
-        "bson",
-        "gridfs",
-        "mongo",
-        "mongodb",
-        "pymongo"
-      ],
-      "properties": [
+          "comment": "from packaging metadata Project-URL: issues",
+          "type": "issue-tracker",
+          "url": "https://github.com/rthalley/dnspython/issues"
+        },
         {
-          "name": "cdx:pypi:requiresPython",
-          "value": ">=3.9"
+          "comment": "from packaging metadata Project-URL: repository",
+          "type": "vcs",
+          "url": "https://github.com/rthalley/dnspython.git"
         },
         {
-          "name": "SrcFile",
-          "value": "/home/runner/work/mongo-python-driver/mongo-python-driver/pyproject.toml"
+          "comment": "from packaging metadata Project-URL: homepage",
+          "type": "website",
+          "url": "https://www.dnspython.org"
         }
       ],
-      "type": "application",
-      "bom-ref": "pkg:pypi/pymongo@latest",
-      "purl": "pkg:pypi/pymongo@latest",
-      "version": "latest",
       "licenses": [
         {
           "license": {
-            "id": "Apache-2.0",
-            "url": "https://opensource.org/licenses/Apache-2.0"
+            "id": "ISC"
           }
         }
-      ]
+      ],
+      "name": "dnspython",
+      "purl": "pkg:pypi/dnspython@2.8.0",
+      "type": "library",
+      "version": "2.8.0"
     },
-    "properties": [
-      {
-        "name": "cdx:bom:componentTypes",
-        "value": "pypi"
-      },
-      {
-        "name": "cdx:bom:componentSrcFiles",
-        "value": "pyproject.toml"
-      }
-    ]
-  },
-  "components": [
     {
-      "group": "",
-      "name": "pymongo",
-      "version": "latest",
-      "purl": "pkg:pypi/pymongo@latest",
-      "type": "library",
-      "bom-ref": "pkg:pypi/pymongo@latest",
-      "properties": [
+      "bom-ref": "pymongo==4.16.0.dev0",
+      "description": "PyMongo - the Official MongoDB Python driver",
+      "externalReferences": [
+        {
+          "comment": "PackageSource: Local",
+          "type": "distribution",
+          "url": "file:///home/runner/work/mongo-python-driver/mongo-python-driver"
+        },
+        {
+          "comment": "from packaging metadata Project-URL: Documentation",
+          "type": "documentation",
+          "url": "https://www.mongodb.com/docs/languages/python/pymongo-driver/current/"
+        },
         {
-          "name": "SrcFile",
-          "value": "pyproject.toml"
+          "comment": "from packaging metadata Project-URL: Tracker",
+          "type": "issue-tracker",
+          "url": "https://jira.mongodb.org/projects/PYTHON/issues"
+        },
+        {
+          "comment": "from packaging metadata Project-URL: Source",
+          "type": "other",
+          "url": "https://github.com/mongodb/mongo-python-driver"
+        },
+        {
+          "comment": "from packaging metadata Project-URL: Homepage",
+          "type": "website",
+          "url": "https://www.mongodb.org"
         }
       ],
-      "evidence": {
-        "identity": {
-          "field": "purl",
-          "confidence": 1,
-          "methods": [
-            {
-              "technique": "instrumentation",
-              "confidence": 1,
-              "value": "/home/runner/work/mongo-python-driver/mongo-python-driver/.venv"
-            }
-          ]
-        }
-      }
-    },
-    {
-      "author": "Bob Halley <halley@dnspython.org>",
-      "group": "",
-      "name": "dnspython",
-      "version": "2.8.0",
-      "description": "DNS toolkit",
       "licenses": [
         {
           "license": {
-            "id": "ISC",
-            "url": "https://opensource.org/licenses/ISC"
+            "id": "Apache-2.0"
           }
         }
       ],
-      "purl": "pkg:pypi/dnspython@2.8.0",
+      "name": "pymongo",
       "type": "library",
-      "bom-ref": "pkg:pypi/dnspython@2.8.0",
-      "properties": [
-        {
-          "name": "SrcFile",
-          "value": "pyproject.toml"
-        }
-      ],
-      "evidence": {
-        "identity": {
-          "field": "purl",
-          "confidence": 1,
-          "methods": [
-            {
-              "technique": "instrumentation",
-              "confidence": 1,
-              "value": "/home/runner/work/mongo-python-driver/mongo-python-driver/.venv"
-            }
-          ]
-        }
-      }
+      "version": "4.16.0.dev0",
+      "purl": "pkg:pypi/pymongo@4.16.0.dev0"
     }
   ],
   "dependencies": [
     {
-      "ref": "pkg:pypi/dnspython@2.8.0",
-      "dependsOn": []
+      "ref": "dnspython==2.8.0"
     },
     {
-      "ref": "pkg:pypi/pymongo@latest",
       "dependsOn": [
-        "pkg:pypi/dnspython@2.8.0"
+        "dnspython==2.8.0"
+      ],
+      "ref": "pymongo==4.16.0.dev0"
+    }
+  ],
+  "metadata": {
+    "timestamp": "2025-11-24T16:21:47.249880+00:00",
+    "tools": {
+      "components": [
+        {
+          "description": "CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments",
+          "externalReferences": [
+            {
+              "type": "build-system",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/actions"
+            },
+            {
+              "type": "distribution",
+              "url": "https://pypi.org/project/cyclonedx-bom/"
+            },
+            {
+              "type": "documentation",
+              "url": "https://cyclonedx-bom-tool.readthedocs.io/"
+            },
+            {
+              "type": "issue-tracker",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/issues"
+            },
+            {
+              "type": "license",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/blob/main/LICENSE"
+            },
+            {
+              "type": "release-notes",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/blob/main/CHANGELOG.md"
+            },
+            {
+              "type": "vcs",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/"
+            },
+            {
+              "type": "website",
+              "url": "https://github.com/CycloneDX/cyclonedx-python/#readme"
+            }
+          ],
+          "group": "CycloneDX",
+          "licenses": [
+            {
+              "license": {
+                "id": "Apache-2.0"
+              }
+            }
+          ],
+          "name": "cyclonedx-py",
+          "type": "application",
+          "version": "7.2.1"
+        },
+        {
+          "description": "Python library for CycloneDX",
+          "externalReferences": [
+            {
+              "type": "build-system",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions"
+            },
+            {
+              "type": "distribution",
+              "url": "https://pypi.org/project/cyclonedx-python-lib/"
+            },
+            {
+              "type": "documentation",
+              "url": "https://cyclonedx-python-library.readthedocs.io/"
+            },
+            {
+              "type": "issue-tracker",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues"
+            },
+            {
+              "type": "license",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE"
+            },
+            {
+              "type": "release-notes",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md"
+            },
+            {
+              "type": "vcs",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib"
+            },
+            {
+              "type": "website",
+              "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme"
+            }
+          ],
+          "group": "CycloneDX",
+          "licenses": [
+            {
+              "license": {
+                "id": "Apache-2.0"
+              }
+            }
+          ],
+          "name": "cyclonedx-python-lib",
+          "type": "library",
+          "version": "11.5.0"
+        }
       ]
     }
-  ]
-}
+  },
+  "serialNumber": "urn:uuid:7a19d697-d41e-4e88-b953-4bccb5d79937",
+  "version": 1,
+  "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.5"
+}
