From fbe2d138321d99fc89702797c8fde6e12423822e Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Tue, 2 Jul 2024 10:26:52 -0700
Subject: [PATCH] chore: update SBOM for Python 3.10 (#4229)

Co-authored-by: GitHub <noreply@github.com>
---
 sbom/cve-bin-tool-py3.10.json | 18 ++++++++++++------
 sbom/cve-bin-tool-py3.10.spdx | 13 +++++++------
 2 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json
index 1e2b21ef51..54842ea0e3 100644
--- a/sbom/cve-bin-tool-py3.10.json
+++ b/sbom/cve-bin-tool-py3.10.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:b44cf216-911d-4108-a644-baac334f4065",
+  "serialNumber": "urn:uuid:ffa389b8-77a3-45cc-af52-28b1c8cda666",
   "version": 1,
   "metadata": {
-    "timestamp": "2024-06-24T00:29:18Z",
+    "timestamp": "2024-07-01T00:32:05Z",
     "tools": {
       "components": [
         {
@@ -2532,7 +2532,7 @@
       "type": "library",
       "bom-ref": "59-tenacity",
       "name": "tenacity",
-      "version": "8.4.1",
+      "version": "8.4.2",
       "supplier": {
         "name": "Julien Danjou",
         "contact": [
@@ -2541,7 +2541,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julien_danjou:tenacity:8.4.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julien_danjou:tenacity:8.4.2:*:*:*:*:*:*:*",
       "description": "Retry code until it succeeds",
       "licenses": [
         {
@@ -2553,12 +2553,12 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/tenacity/8.4.1",
+          "url": "https://pypi.org/project/tenacity/8.4.2",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/tenacity@8.4.1",
+      "purl": "pkg:pypi/tenacity@8.4.2",
       "properties": [
         {
           "name": "language",
@@ -2943,6 +2943,12 @@
       },
       "cpe": "cpe:2.3:a:davide_brunato:elementpath:4.4.0:*:*:*:*:*:*:*",
       "description": "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml",
+      "hashes": [
+        {
+          "alg": "SHA-1",
+          "content": "004fca18366974c34193176bd3a356f711330ca0"
+        }
+      ],
       "licenses": [
         {
           "license": {
diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx
index 6a49da22dd..ffded9684e 100644
--- a/sbom/cve-bin-tool-py3.10.spdx
+++ b/sbom/cve-bin-tool-py3.10.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-0d31b14c-cf19-487e-bf40-0fee61c13105
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-b0fe606b-c617-4d22-be78-af0167648fc4
 LicenseListVersion: 3.22
 Creator: Tool: sbom4python-0.10.4
-Created: 2024-06-24T00:28:21Z
+Created: 2024-07-01T00:31:12Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -934,18 +934,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.22.0:*:*:*:*:*:*:*
 
 PackageName: tenacity
 SPDXID: SPDXRef-Package-59-tenacity
-PackageVersion: 8.4.1
+PackageVersion: 8.4.2
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Julien Danjou (julien@danjou.info)
-PackageDownloadLocation: https://pypi.org/project/tenacity/8.4.1
+PackageDownloadLocation: https://pypi.org/project/tenacity/8.4.2
 FilesAnalyzed: false
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: Apache-2.0
 PackageLicenseComments: <text>tenacity declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>Retry code until it succeeds</text>
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/tenacity@8.4.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.4.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/tenacity@8.4.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:8.4.2:*:*:*:*:*:*:*
 ##### 
 
 PackageName: python-gnupg
@@ -1081,6 +1081,7 @@ PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Davide Brunato (brunato@sissa.it)
 PackageDownloadLocation: https://pypi.org/project/elementpath/4.4.0
 FilesAnalyzed: false
+PackageChecksum: SHA1: 004fca18366974c34193176bd3a356f711330ca0
 PackageLicenseDeclared: MIT
 PackageLicenseConcluded: MIT
 PackageCopyrightText: NOASSERTION