From 5dd4b6e9d1b417240b160a2881ec1e80947ff4d2 Mon Sep 17 00:00:00 2001 From: stacknil Date: Thu, 21 May 2026 10:43:54 +0800 Subject: [PATCH] [codex] Bump requests example dependency --- .../examples/requirements_after.txt | 2 +- .../examples/requirements_before.txt | 2 +- .../examples/sample-requirements-report.json | 40 +++++++++---------- .../examples/sample-requirements-report.md | 8 ++-- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/tools/sbom-diff-and-risk/examples/requirements_after.txt b/tools/sbom-diff-and-risk/examples/requirements_after.txt index 11a73af..68b735c 100644 --- a/tools/sbom-diff-and-risk/examples/requirements_after.txt +++ b/tools/sbom-diff-and-risk/examples/requirements_after.txt @@ -1,2 +1,2 @@ -requests==2.32.0 +requests==2.34.2 urllib3==2.7.0 diff --git a/tools/sbom-diff-and-risk/examples/requirements_before.txt b/tools/sbom-diff-and-risk/examples/requirements_before.txt index 2c24336..f5729e0 100644 --- a/tools/sbom-diff-and-risk/examples/requirements_before.txt +++ b/tools/sbom-diff-and-risk/examples/requirements_before.txt @@ -1 +1 @@ -requests==2.31.0 +requests==2.33.0 diff --git a/tools/sbom-diff-and-risk/examples/sample-requirements-report.json b/tools/sbom-diff-and-risk/examples/sample-requirements-report.json index 394fa60..71a084a 100644 --- a/tools/sbom-diff-and-risk/examples/sample-requirements-report.json +++ b/tools/sbom-diff-and-risk/examples/sample-requirements-report.json @@ -43,9 +43,9 @@ "classification": "version_changed", "before": { "name": "requests", - "version": "2.31.0", + "version": "2.33.0", "ecosystem": "pypi", - "purl": "pkg:pypi/requests@2.31.0", + "purl": "pkg:pypi/requests@2.33.0", "license_id": null, "supplier": null, "source_url": null, @@ -54,8 +54,8 @@ "evidence": { "source_format": "requirements-txt", "line_number": 1, - "raw_requirement": "requests==2.31.0", - "specifier": "==2.31.0", + "raw_requirement": "requests==2.33.0", + "specifier": "==2.33.0", "marker": null, "extras": [], "url": null @@ -63,9 +63,9 @@ }, "after": { "name": "requests", - "version": "2.32.0", + "version": "2.34.2", "ecosystem": "pypi", - "purl": "pkg:pypi/requests@2.32.0", + "purl": "pkg:pypi/requests@2.34.2", "license_id": null, "supplier": null, "source_url": null, @@ -74,8 +74,8 @@ "evidence": { "source_format": "requirements-txt", "line_number": 1, - "raw_requirement": "requests==2.32.0", - "specifier": "==2.32.0", + "raw_requirement": "requests==2.34.2", + "specifier": "==2.34.2", "marker": null, "extras": [], "url": null @@ -115,9 +115,9 @@ "component_key": "purl:pkg:pypi/requests", "component": { "name": "requests", - "version": "2.32.0", + "version": "2.34.2", "ecosystem": "pypi", - "purl": "pkg:pypi/requests@2.32.0", + "purl": "pkg:pypi/requests@2.34.2", "license_id": null, "supplier": null, "source_url": null, @@ -126,8 +126,8 @@ "evidence": { "source_format": "requirements-txt", "line_number": 1, - "raw_requirement": "requests==2.32.0", - "specifier": "==2.32.0", + "raw_requirement": "requests==2.34.2", + "specifier": "==2.34.2", "marker": null, "extras": [], "url": null @@ -165,9 +165,9 @@ "component_key": "purl:pkg:pypi/requests", "component": { "name": "requests", - "version": "2.32.0", + "version": "2.34.2", "ecosystem": "pypi", - "purl": "pkg:pypi/requests@2.32.0", + "purl": "pkg:pypi/requests@2.34.2", "license_id": null, "supplier": null, "source_url": null, @@ -176,8 +176,8 @@ "evidence": { "source_format": "requirements-txt", "line_number": 1, - "raw_requirement": "requests==2.32.0", - "specifier": "==2.32.0", + "raw_requirement": "requests==2.34.2", + "specifier": "==2.34.2", "marker": null, "extras": [], "url": null @@ -215,9 +215,9 @@ "component_key": "purl:pkg:pypi/requests", "component": { "name": "requests", - "version": "2.32.0", + "version": "2.34.2", "ecosystem": "pypi", - "purl": "pkg:pypi/requests@2.32.0", + "purl": "pkg:pypi/requests@2.34.2", "license_id": null, "supplier": null, "source_url": null, @@ -226,8 +226,8 @@ "evidence": { "source_format": "requirements-txt", "line_number": 1, - "raw_requirement": "requests==2.32.0", - "specifier": "==2.32.0", + "raw_requirement": "requests==2.34.2", + "specifier": "==2.34.2", "marker": null, "extras": [], "url": null diff --git a/tools/sbom-diff-and-risk/examples/sample-requirements-report.md b/tools/sbom-diff-and-risk/examples/sample-requirements-report.md index 42e1bc1..17f3d36 100644 --- a/tools/sbom-diff-and-risk/examples/sample-requirements-report.md +++ b/tools/sbom-diff-and-risk/examples/sample-requirements-report.md @@ -87,17 +87,17 @@ ## Version changes | name | before | after | classification | risk buckets | |------|--------|-------|----------------|--------------| -| requests | 2.31.0 | 2.32.0 | version_changed | not_evaluated, unknown_license, version_change_unclassified | +| requests | 2.33.0 | 2.34.2 | version_changed | not_evaluated, unknown_license, version_change_unclassified | ## Risk findings | bucket | component | version | rationale | |--------|-----------|---------|-----------| | new_package | urllib3 | 2.7.0 | Component was not present in the before input. | -| not_evaluated | requests | 2.32.0 | stale_package was not evaluated because enrichment mode is disabled. | +| not_evaluated | requests | 2.34.2 | stale_package was not evaluated because enrichment mode is disabled. | | not_evaluated | urllib3 | 2.7.0 | stale_package was not evaluated because enrichment mode is disabled. | -| unknown_license | requests | 2.32.0 | License is missing, empty, UNKNOWN, or NOASSERTION. | +| unknown_license | requests | 2.34.2 | License is missing, empty, UNKNOWN, or NOASSERTION. | | unknown_license | urllib3 | 2.7.0 | License is missing, empty, UNKNOWN, or NOASSERTION. | -| version_change_unclassified | requests | 2.32.0 | Version changed but did not qualify as a parseable SemVer major upgrade. | +| version_change_unclassified | requests | 2.34.2 | Version changed but did not qualify as a parseable SemVer major upgrade. | ## Blocking violations | rule id | component | level | message |