chore: update SBOM for Python 3.9

Author: web-flow

sbom/cve-bin-tool-py3.9.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:315f2a51-50c8-4ce3-85a6-4d80347c618d",
+  "serialNumber": "urn:uuid:166cc978-28f5-43a1-be48-ea7d2c683d92",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-07-01T00:32:36Z",
+    "timestamp": "2024-07-22T00:30:13Z",
     "tools": {
       "components": [
         {
@@ -965,7 +965,7 @@
       "type": "library",
       "bom-ref": "23-cachetools",
       "name": "cachetools",
-      "version": "5.3.3",
+      "version": "5.4.0",
       "supplier": {
         "name": "Thomas Kemmer",
         "contact": [
@@ -974,7 +974,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.3.3:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.4.0:*:*:*:*:*:*:*",
       "description": "Extensible memoizing collections and decorators",
       "licenses": [
         {
@@ -986,12 +986,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/cachetools/5.3.3",
+          "url": "https://pypi.org/project/cachetools/5.4.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/cachetools@5.3.3",
+      "purl": "pkg:pypi/cachetools@5.4.0",
       "properties": [
         {
           "name": "language",
@@ -1466,7 +1466,7 @@
       "type": "library",
       "bom-ref": "34-pyopenssl",
       "name": "pyopenssl",
-      "version": "24.1.0",
+      "version": "24.2.1",
       "supplier": {
         "name": "The pyOpenSSL developers",
         "contact": [
@@ -1475,14 +1475,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.1.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*",
       "description": "Python wrapper module around the OpenSSL library",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "d9f2c46de70c1aee20a4309424d9f506b7aae68e"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -1493,12 +1487,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/pyOpenSSL/24.1.0",
+          "url": "https://pypi.org/project/pyOpenSSL/24.2.1",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/pyopenssl@24.1.0",
+      "purl": "pkg:pypi/pyopenssl@24.2.1",
       "properties": [
         {
           "name": "language",
@@ -1514,16 +1508,16 @@
       "type": "library",
       "bom-ref": "35-cryptography",
       "name": "cryptography",
-      "version": "42.0.8",
+      "version": "43.0.0",
       "supplier": {
-        "name": "The Python Cryptographic Authority and individual contributors",
+        "name": "The cryptography developers The Python Cryptographic Authority and individual contributors",
         "contact": [
           {
             "email": "[email protected]"
           }
         ]
       },
-      "cpe": "cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:42.0.8:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.0:*:*:*:*:*:*:*",
       "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
       "licenses": [
         {
@@ -1532,12 +1526,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/cryptography/42.0.8",
+          "url": "https://pypi.org/project/cryptography/43.0.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/cryptography@42.0.8",
+      "purl": "pkg:pypi/cryptography@43.0.0",
       "properties": [
         {
           "name": "language",
@@ -1925,11 +1919,11 @@
       "type": "library",
       "bom-ref": "45-jsonschema",
       "name": "jsonschema",
-      "version": "4.22.0",
+      "version": "4.23.0",
       "supplier": {
         "name": "Julian Berman"
       },
-      "cpe": "cpe:2.3:a:julian_berman:jsonschema:4.22.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*",
       "description": "An implementation of JSON Schema validation for Python",
       "licenses": [
         {
@@ -1941,12 +1935,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/jsonschema/4.22.0",
+          "url": "https://pypi.org/project/jsonschema/4.23.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/jsonschema@4.22.0",
+      "purl": "pkg:pypi/jsonschema@4.23.0",
       "properties": [
         {
           "name": "language",
@@ -2034,11 +2028,11 @@
       "type": "library",
       "bom-ref": "48-rpds-py",
       "name": "rpds-py",
-      "version": "0.18.1",
+      "version": "0.19.0",
       "supplier": {
         "name": "Julian Berman"
       },
-      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.18.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.19.0:*:*:*:*:*:*:*",
       "description": "Python bindings to Rust's persistent data structures (rpds)",
       "licenses": [
         {
@@ -2050,12 +2044,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/rpds-py/0.18.1",
+          "url": "https://pypi.org/project/rpds-py/0.19.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/rpds-py@0.18.1",
+      "purl": "pkg:pypi/rpds-py@0.19.0",
       "properties": [
         {
           "name": "language",
@@ -2311,18 +2305,12 @@
       "type": "library",
       "bom-ref": "54-packageurl-python",
       "name": "packageurl-python",
-      "version": "0.15.1",
+      "version": "0.15.4",
       "supplier": {
         "name": "the purl authors"
       },
-      "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.15.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.15.4:*:*:*:*:*:*:*",
       "description": "A purl aka. Package URL parser and builder",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "b744d07798b8aa1454f949e17d89791a18d85b0e"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -2333,12 +2321,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/packageurl-python/0.15.1",
+          "url": "https://pypi.org/project/packageurl-python/0.15.4",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/[email protected].1",
+      "purl": "pkg:pypi/[email protected].4",
       "properties": [
         {
           "name": "language",
@@ -2600,7 +2588,7 @@
       "type": "library",
       "bom-ref": "61-tenacity",
       "name": "tenacity",
-      "version": "8.4.2",
+      "version": "8.5.0",
       "supplier": {
         "name": "Julien Danjou",
         "contact": [
@@ -2609,7 +2597,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julien_danjou:tenacity:8.4.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julien_danjou:tenacity:8.5.0:*:*:*:*:*:*:*",
       "description": "Retry code until it succeeds",
       "licenses": [
         {
@@ -2621,12 +2609,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/tenacity/8.4.2",
+          "url": "https://pypi.org/project/tenacity/8.5.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/tenacity@8.4.2",
+      "purl": "pkg:pypi/tenacity@8.5.0",
       "properties": [
         {
           "name": "language",
@@ -2738,7 +2726,7 @@
       "type": "library",
       "bom-ref": "64-certifi",
       "name": "certifi",
-      "version": "2024.6.2",
+      "version": "2024.7.4",
       "supplier": {
         "name": "Kenneth Reitz",
         "contact": [
@@ -2747,7 +2735,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.6.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.7.4:*:*:*:*:*:*:*",
       "description": "Python package for providing Mozilla's CA Bundle.",
       "licenses": [
         {
@@ -2759,12 +2747,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/certifi/2024.6.2",
+          "url": "https://pypi.org/project/certifi/2024.7.4",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/certifi@2024.6.2",
+      "purl": "pkg:pypi/certifi@2024.7.4",
       "properties": [
         {
           "name": "language",
@@ -3048,7 +3036,7 @@
       "type": "library",
       "bom-ref": "71-zstandard",
       "name": "zstandard",
-      "version": "0.22.0",
+      "version": "0.23.0",
       "supplier": {
         "name": "Gregory Szorc",
         "contact": [
@@ -3057,14 +3045,8 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:gregory_szorc:zstandard:0.22.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*",
       "description": "Zstandard bindings for Python",
-      "hashes": [
-        {
-          "alg": "SHA-1",
-          "content": "255b579735f26c2d0e08257f632de75d2ab882cf"
-        }
-      ],
       "licenses": [
         {
           "license": {
@@ -3075,12 +3057,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/zstandard/0.22.0",
+          "url": "https://pypi.org/project/zstandard/0.23.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/zstandard@0.22.0",
+      "purl": "pkg:pypi/zstandard@0.23.0",
       "properties": [
         {
           "name": "language",