From 0b19926841bd57c6af02c77e6d0b1d1de14c51fd Mon Sep 17 00:00:00 2001
From: GitHub <noreply@github.com>
Date: Mon, 4 Mar 2024 00:26:58 +0000
Subject: [PATCH] chore: update SBOM for Python 3.11

---
 sbom/cve-bin-tool-py3.11.json | 28 ++++++++++++++--------------
 sbom/cve-bin-tool-py3.11.spdx | 28 ++++++++++++++--------------
 2 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index 88caf18de9..2f642c924b 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:10e08bb0-5663-41cc-a2a4-d425c73ac4e7",
+  "serialNumber": "urn:uuid:f8bcd705-2c81-42d8-83ff-c4e4db6d001d",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-02-26T00:27:51Z",
+    "timestamp": "2024-03-04T00:26:57Z",
     "tools": {
       "components": [
         {
@@ -1508,7 +1508,7 @@
       "type": "library",
       "bom-ref": "36-cachetools",
       "name": "cachetools",
-      "version": "5.3.2",
+      "version": "5.3.3",
       "supplier": {
         "name": "Thomas Kemmer",
         "contact": [
@@ -1517,7 +1517,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.3.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.3.3:*:*:*:*:*:*:*",
       "description": "Extensible memoizing collections and decorators",
       "licenses": [
         {
@@ -1529,12 +1529,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/cachetools/5.3.2",
+          "url": "https://pypi.org/project/cachetools/5.3.3",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/cachetools@5.3.2",
+      "purl": "pkg:pypi/cachetools@5.3.3",
       "properties": [
         {
           "name": "language",
@@ -1940,11 +1940,11 @@
       "type": "library",
       "bom-ref": "47-packageurl-python",
       "name": "packageurl-python",
-      "version": "0.13.4",
+      "version": "0.14.0",
       "supplier": {
         "name": "the purl authors"
       },
-      "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.13.4:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.14.0:*:*:*:*:*:*:*",
       "description": "A purl aka. Package URL parser and builder",
       "licenses": [
         {
@@ -1956,12 +1956,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/packageurl-python/0.13.4",
+          "url": "https://pypi.org/project/packageurl-python/0.14.0",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/packageurl-python@0.13.4",
+      "purl": "pkg:pypi/packageurl-python@0.14.0",
       "properties": [
         {
           "name": "language",
@@ -2309,7 +2309,7 @@
       "type": "library",
       "bom-ref": "56-rich",
       "name": "rich",
-      "version": "13.7.0",
+      "version": "13.7.1",
       "supplier": {
         "name": "Will McGugan",
         "contact": [
@@ -2318,7 +2318,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:will_mcgugan:rich:13.7.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:will_mcgugan:rich:13.7.1:*:*:*:*:*:*:*",
       "description": "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal",
       "licenses": [
         {
@@ -2330,12 +2330,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/rich/13.7.0",
+          "url": "https://pypi.org/project/rich/13.7.1",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/rich@13.7.0",
+      "purl": "pkg:pypi/rich@13.7.1",
       "properties": [
         {
           "name": "language",
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index 2f1bfc6575..8c934757c6 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-940c064e-414e-4c09-b423-b3cd23c0b81e
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-35396493-d109-41f9-a42e-b8d506c2a89a
 LicenseListVersion: 3.22
 Creator: Tool: sbom4python-0.10.3
-Created: 2024-02-26T00:26:21Z
+Created: 2024-03-04T00:25:30Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -552,17 +552,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.28
 
 PackageName: cachetools
 SPDXID: SPDXRef-Package-36-cachetools
-PackageVersion: 5.3.2
+PackageVersion: 5.3.3
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
-PackageDownloadLocation: https://pypi.org/project/cachetools/5.3.2
+PackageDownloadLocation: https://pypi.org/project/cachetools/5.3.3
 FilesAnalyzed: false
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Extensible memoizing collections and decorators</text>
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.3.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.3.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.3.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.3.3:*:*:*:*:*:*:*
 ##### 
 
 PackageName: monotonic
@@ -717,17 +717,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:raphael_barrois:semantic-version:2.10.
 
 PackageName: packageurl-python
 SPDXID: SPDXRef-Package-47-packageurl-python
-PackageVersion: 0.13.4
+PackageVersion: 0.14.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: the purl authors
-PackageDownloadLocation: https://pypi.org/project/packageurl-python/0.13.4
+PackageDownloadLocation: https://pypi.org/project/packageurl-python/0.14.0
 FilesAnalyzed: false
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>A purl aka. Package URL parser and builder</text>
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packageurl-python@0.13.4
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.13.4:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packageurl-python@0.14.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.14.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: packaging
@@ -855,17 +855,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.2.1:*:*:*:*:*:
 
 PackageName: rich
 SPDXID: SPDXRef-Package-56-rich
-PackageVersion: 13.7.0
+PackageVersion: 13.7.1
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Will McGugan (willmcgugan@gmail.com)
-PackageDownloadLocation: https://pypi.org/project/rich/13.7.0
+PackageDownloadLocation: https://pypi.org/project/rich/13.7.1
 FilesAnalyzed: false
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal</text>
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.7.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.7.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rich@13.7.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:will_mcgugan:rich:13.7.1:*:*:*:*:*:*:*
 ##### 
 
 PackageName: markdown-it-py