From 78ec745f125deb2c81920823641fd6ad3eca3ffb Mon Sep 17 00:00:00 2001 From: GitHub Date: Mon, 1 Dec 2025 00:49:23 +0000 Subject: [PATCH] chore: update SBOM for Python 3.10 --- sbom/cve-bin-tool-py3.10.json | 90 ++++++++++++++++------------------- sbom/cve-bin-tool-py3.10.spdx | 85 ++++++++++++++++----------------- 2 files changed, 84 insertions(+), 91 deletions(-) diff --git a/sbom/cve-bin-tool-py3.10.json b/sbom/cve-bin-tool-py3.10.json index 9358ecfc9b..90752a9040 100644 --- a/sbom/cve-bin-tool-py3.10.json +++ b/sbom/cve-bin-tool-py3.10.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.7.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.7", - "serialNumber": "urn:uuid:3afa9eb1-4948-472a-bffc-204138519a06", + "serialNumber": "urn:uuid:cd22d31c-b615-423e-852f-a2bc53d2c9b3", "version": 1, "metadata": { - "timestamp": "2025-11-10T00:43:04Z", + "timestamp": "2025-12-01T00:49:21Z", "lifecycles": [ { "phase": "build" @@ -948,7 +948,7 @@ "type": "library", "bom-ref": "13-beautifulsoup4", "name": "beautifulsoup4", - "version": "4.14.2", + "version": "4.14.3", "supplier": { "name": "Leonard Richardson", "contact": [ @@ -957,14 +957,8 @@ } ] }, - "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.3:*:*:*:*:*:*:*", "description": "Screen-scraping library", - "hashes": [ - { - "alg": "SHA-256", - "content": "5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515" - } - ], "licenses": [ { "license": { @@ -981,7 +975,7 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/beautifulsoup4/4.14.2/#files", + "url": "https://pypi.org/project/beautifulsoup4/4.14.3/#files", "type": "distribution", "comment": "Download location for component" }, @@ -990,11 +984,11 @@ "type": "other" } ], - "purl": "pkg:pypi/beautifulsoup4@4.14.2", + "purl": "pkg:pypi/beautifulsoup4@4.14.3", "properties": [ { "name": "release_date", - "value": "2025-09-29T10:05:43Z" + "value": "2025-10-12T14:55:18Z" }, { "name": "language", @@ -3219,7 +3213,7 @@ "type": "library", "bom-ref": "49-rpds-py", "name": "rpds-py", - "version": "0.28.0", + "version": "0.30.0", "supplier": { "name": "Julian Berman", "contact": [ @@ -3228,12 +3222,12 @@ } ] }, - "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.28.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.30.0:*:*:*:*:*:*:*", "description": "Python bindings to Rust's persistent data structures (rpds)", "hashes": [ { "alg": "SHA-256", - "content": "7b6013db815417eeb56b2d9d7324e64fcd4fa289caeee6e7a78b2e11fc9b438a" + "content": "679ae98e00c0e8d68a7fda324e16b90fd5260945b45d3b824c892cec9eea3288" } ], "externalReferences": [ @@ -3243,7 +3237,7 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/rpds-py/0.28.0/#files", + "url": "https://pypi.org/project/rpds-py/0.30.0/#files", "type": "distribution", "comment": "Download location for component" }, @@ -3272,11 +3266,11 @@ "type": "other" } ], - "purl": "pkg:pypi/rpds-py@0.28.0", + "purl": "pkg:pypi/rpds-py@0.30.0", "properties": [ { "name": "release_date", - "value": "2025-10-22T22:21:15Z" + "value": "2025-11-30T20:21:33Z" }, { "name": "language", @@ -3292,7 +3286,7 @@ "type": "library", "bom-ref": "50-lib4sbom", "name": "lib4sbom", - "version": "0.9.0", + "version": "0.9.1", "supplier": { "name": "Anthony Harrison", "contact": [ @@ -3301,12 +3295,12 @@ } ] }, - "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.9.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:anthony_harrison:lib4sbom:0.9.1:*:*:*:*:*:*:*", "description": "Software Bill of Material (SBOM) generator and consumer library", "hashes": [ { "alg": "SHA-256", - "content": "78b8584d10fc7fa28fc3c17c0afcb2967f3c2b96974e4bdbb60b3eb3744d01fd" + "content": "f2423d5e06a82f5462b05d0c5b9273d6e3674753ade9f5a0d4abdcf73f799117" } ], "licenses": [ @@ -3325,16 +3319,16 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/lib4sbom/0.9.0/#files", + "url": "https://pypi.org/project/lib4sbom/0.9.1/#files", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/lib4sbom@0.9.0", + "purl": "pkg:pypi/lib4sbom@0.9.1", "properties": [ { "name": "release_date", - "value": "2025-10-28T09:09:40Z" + "value": "2025-11-13T20:07:13Z" }, { "name": "language", @@ -3766,16 +3760,16 @@ "type": "library", "bom-ref": "58-packageurl-python", "name": "packageurl-python", - "version": "0.17.5", + "version": "0.17.6", "supplier": { "name": "the purl authors" }, - "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.17.5:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:the_purl_authors:packageurl-python:0.17.6:*:*:*:*:*:*:*", "description": "A purl aka. Package URL parser and builder", "hashes": [ { "alg": "SHA-256", - "content": "f0e55452ab37b5c192c443de1458e3f3b4d8ac27f747df6e8c48adeab081d321" + "content": "31a85c2717bc41dd818f3c62908685ff9eebcb68588213745b14a6ee9e7df7c9" } ], "licenses": [ @@ -3794,16 +3788,16 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/packageurl-python/0.17.5/#files", + "url": "https://pypi.org/project/packageurl-python/0.17.6/#files", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/packageurl-python@0.17.5", + "purl": "pkg:pypi/packageurl-python@0.17.6", "properties": [ { "name": "release_date", - "value": "2025-08-06T14:08:19Z" + "value": "2025-11-24T15:20:16Z" }, { "name": "language", @@ -4145,7 +4139,7 @@ "type": "library", "bom-ref": "64-plotly", "name": "plotly", - "version": "6.4.0", + "version": "6.5.0", "supplier": { "name": "Chris P", "contact": [ @@ -4154,12 +4148,12 @@ } ] }, - "cpe": "cpe:2.3:a:chris_p:plotly:6.4.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:chris_p:plotly:6.5.0:*:*:*:*:*:*:*", "description": "An open-source interactive data visualization library for Python", "hashes": [ { "alg": "SHA-256", - "content": "a1062eafbdc657976c2eedd276c90e184ccd6c21282a5e9ee8f20efca9c9a4c5" + "content": "5ac851e100367735250206788a2b1325412aa4a4917a4fe3e6f0bc5aa6f3d90a" } ], "externalReferences": [ @@ -4169,7 +4163,7 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/plotly/6.4.0/#files", + "url": "https://pypi.org/project/plotly/6.5.0/#files", "type": "distribution", "comment": "Download location for component" }, @@ -4186,11 +4180,11 @@ "type": "log" } ], - "purl": "pkg:pypi/plotly@6.4.0", + "purl": "pkg:pypi/plotly@6.5.0", "properties": [ { "name": "release_date", - "value": "2025-11-04T17:59:22Z" + "value": "2025-11-17T18:39:20Z" }, { "name": "language", @@ -4210,7 +4204,7 @@ "type": "library", "bom-ref": "65-narwhals", "name": "narwhals", - "version": "2.10.2", + "version": "2.12.0", "supplier": { "name": "Marco Gorelli", "contact": [ @@ -4219,7 +4213,7 @@ } ] }, - "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.10.2:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.12.0:*:*:*:*:*:*:*", "description": "Extremely lightweight compatibility layer between dataframe libraries", "licenses": [ { @@ -4237,7 +4231,7 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/narwhals/2.10.2/#files", + "url": "https://pypi.org/project/narwhals/2.12.0/#files", "type": "distribution", "comment": "Download location for component" }, @@ -4254,11 +4248,11 @@ "type": "issue-tracker" } ], - "purl": "pkg:pypi/narwhals@2.10.2", + "purl": "pkg:pypi/narwhals@2.12.0", "properties": [ { "name": "release_date", - "value": "2025-11-04T17:59:22Z" + "value": "2025-11-17T18:39:20Z" }, { "name": "language", @@ -4547,7 +4541,7 @@ "type": "library", "bom-ref": "70-certifi", "name": "certifi", - "version": "2025.10.5", + "version": "2025.11.12", "supplier": { "name": "Kenneth Reitz", "contact": [ @@ -4556,12 +4550,12 @@ } ] }, - "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.11.12:*:*:*:*:*:*:*", "description": "Python package for providing Mozilla's CA Bundle.", "hashes": [ { "alg": "SHA-256", - "content": "0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de" + "content": "97de8790030bbd5c2d96b7ec782fc2f7820ef8dba6db909ccf95449f2d062d4b" } ], "licenses": [ @@ -4580,7 +4574,7 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/certifi/2025.10.5/#files", + "url": "https://pypi.org/project/certifi/2025.11.12/#files", "type": "distribution", "comment": "Download location for component" }, @@ -4589,11 +4583,11 @@ "type": "vcs" } ], - "purl": "pkg:pypi/certifi@2025.10.5", + "purl": "pkg:pypi/certifi@2025.11.12", "properties": [ { "name": "release_date", - "value": "2025-10-05T04:12:14Z" + "value": "2025-11-12T02:54:49Z" }, { "name": "language", diff --git a/sbom/cve-bin-tool-py3.10.spdx b/sbom/cve-bin-tool-py3.10.spdx index 38e6169d37..e1a75cd3b4 100644 --- a/sbom/cve-bin-tool-py3.10.spdx +++ b/sbom/cve-bin-tool-py3.10.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: Python-cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-c37a6b38-02c7-4b17-a90d-c51629ac5075 +DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-7c60abdb-22f8-4de4-8bd1-9d71bd6c5644 LicenseListVersion: 3.26 Creator: Tool: sbom4python-0.12.4 -Created: 2025-11-10T00:42:54Z +Created: 2025-12-01T00:49:07Z CreatorComment: SBOM Type: Build - This document has been automatically generated. ##### @@ -294,22 +294,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.11:*:*:*:*:*:*:* PackageName: beautifulsoup4 SPDXID: SPDXRef-13-beautifulsoup4 -PackageVersion: 4.14.2 +PackageVersion: 4.14.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org) -PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.2/#files +PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.14.3/#files FilesAnalyzed: false PackageHomePage: https://www.crummy.com/software/BeautifulSoup/bs4/ -PackageChecksum: SHA256: 5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515 PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: MIT PackageLicenseComments: beautifulsoup4 declares MIT License which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: Screen-scraping library -ReleaseDate: 2025-09-29T10:05:43Z +ReleaseDate: 2025-10-12T14:55:18Z ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/ -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.14.3 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.3:*:*:*:*:*:*:* ##### PackageName: soupsieve @@ -1010,44 +1009,44 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.37.0:*:*:* PackageName: rpds-py SPDXID: SPDXRef-49-rpds-py -PackageVersion: 0.28.0 +PackageVersion: 0.30.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Julian Berman (Julian+rpds@GrayVines.com) -PackageDownloadLocation: https://pypi.org/project/rpds-py/0.28.0/#files +PackageDownloadLocation: https://pypi.org/project/rpds-py/0.30.0/#files FilesAnalyzed: false PackageHomePage: https://github.com/crate-py/rpds -PackageChecksum: SHA256: 7b6013db815417eeb56b2d9d7324e64fcd4fa289caeee6e7a78b2e11fc9b438a +PackageChecksum: SHA256: 679ae98e00c0e8d68a7fda324e16b90fd5260945b45d3b824c892cec9eea3288 PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Python bindings to Rust's persistent data structures (rpds) -ReleaseDate: 2025-10-22T22:21:15Z +ReleaseDate: 2025-11-30T20:21:33Z ExternalRef: OTHER documentation https://rpds.readthedocs.io/ ExternalRef: OTHER issue-tracker https://github.com/crate-py/rpds/issues/ ExternalRef: OTHER other https://github.com/sponsors/Julian ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-rpds-py?utm_source=pypi-rpds-py&utm_medium=referral&utm_campaign=pypi-link ExternalRef: OTHER vcs https://github.com/crate-py/rpds ExternalRef: OTHER other https://github.com/orium/rpds -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.28.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.28.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/rpds-py@0.30.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:rpds-py:0.30.0:*:*:*:*:*:*:* ##### PackageName: lib4sbom SPDXID: SPDXRef-50-lib4sbom -PackageVersion: 0.9.0 +PackageVersion: 0.9.1 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Anthony Harrison (anthony.p.harrison@gmail.com) -PackageDownloadLocation: https://pypi.org/project/lib4sbom/0.9.0/#files +PackageDownloadLocation: https://pypi.org/project/lib4sbom/0.9.1/#files FilesAnalyzed: false PackageHomePage: https://github.com/anthonyharrison/lib4sbom -PackageChecksum: SHA256: 78b8584d10fc7fa28fc3c17c0afcb2967f3c2b96974e4bdbb60b3eb3744d01fd +PackageChecksum: SHA256: f2423d5e06a82f5462b05d0c5b9273d6e3674753ade9f5a0d4abdcf73f799117 PackageLicenseDeclared: Apache-2.0 PackageLicenseConcluded: Apache-2.0 PackageCopyrightText: NOASSERTION PackageSummary: Software Bill of Material (SBOM) generator and consumer library -ReleaseDate: 2025-10-28T09:09:40Z -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4sbom@0.9.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.9.0:*:*:*:*:*:*:* +ReleaseDate: 2025-11-13T20:07:13Z +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/lib4sbom@0.9.1 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:lib4sbom:0.9.1:*:*:*:*:*:*:* ##### PackageName: pyyaml @@ -1185,20 +1184,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:* PackageName: packageurl-python SPDXID: SPDXRef-58-packageurl-python -PackageVersion: 0.17.5 +PackageVersion: 0.17.6 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: the purl authors -PackageDownloadLocation: https://pypi.org/project/packageurl-python/0.17.5/#files +PackageDownloadLocation: https://pypi.org/project/packageurl-python/0.17.6/#files FilesAnalyzed: false PackageHomePage: https://github.com/package-url/packageurl-python -PackageChecksum: SHA256: f0e55452ab37b5c192c443de1458e3f3b4d8ac27f747df6e8c48adeab081d321 +PackageChecksum: SHA256: 31a85c2717bc41dd818f3c62908685ff9eebcb68588213745b14a6ee9e7df7c9 PackageLicenseDeclared: MIT PackageLicenseConcluded: MIT PackageCopyrightText: NOASSERTION PackageSummary: A purl aka. Package URL parser and builder -ReleaseDate: 2025-08-06T14:08:19Z -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packageurl-python@0.17.5 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.17.5:*:*:*:*:*:*:* +ReleaseDate: 2025-11-24T15:20:16Z +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/packageurl-python@0.17.6 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_purl_authors:packageurl-python:0.17.6:*:*:*:*:*:*:* ##### PackageName: rich @@ -1303,13 +1302,13 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:25.0:*:*:*:*:* PackageName: plotly SPDXID: SPDXRef-64-plotly -PackageVersion: 6.4.0 +PackageVersion: 6.5.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Chris P (chris@plot.ly) -PackageDownloadLocation: https://pypi.org/project/plotly/6.4.0/#files +PackageDownloadLocation: https://pypi.org/project/plotly/6.5.0/#files FilesAnalyzed: false PackageHomePage: https://plotly.com/python/ -PackageChecksum: SHA256: a1062eafbdc657976c2eedd276c90e184ccd6c21282a5e9ee8f20efca9c9a4c5 +PackageChecksum: SHA256: 5ac851e100367735250206788a2b1325412aa4a4917a4fe3e6f0bc5aa6f3d90a PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseComments: plotly declares MIT License @@ -1336,20 +1335,20 @@ THE SOFTWARE. which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: An open-source interactive data visualization library for Python -ReleaseDate: 2025-11-04T17:59:22Z +ReleaseDate: 2025-11-17T18:39:20Z ExternalRef: OTHER documentation https://plotly.com/python/ ExternalRef: OTHER vcs https://github.com/plotly/plotly.py ExternalRef: OTHER log https://github.com/plotly/plotly.py/blob/main/CHANGELOG.md -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.4.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.4.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.5.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.5.0:*:*:*:*:*:*:* ##### PackageName: narwhals SPDXID: SPDXRef-65-narwhals -PackageVersion: 2.10.2 +PackageVersion: 2.12.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Marco Gorelli (hello_narwhals@proton.me) -PackageDownloadLocation: https://pypi.org/project/narwhals/2.10.2/#files +PackageDownloadLocation: https://pypi.org/project/narwhals/2.12.0/#files FilesAnalyzed: false PackageHomePage: https://github.com/narwhals-dev/narwhals PackageLicenseDeclared: NOASSERTION @@ -1357,12 +1356,12 @@ PackageLicenseConcluded: MIT PackageLicenseComments: narwhals declares MIT License which is not currently a valid SPDX License identifier or expression. PackageCopyrightText: NOASSERTION PackageSummary: Extremely lightweight compatibility layer between dataframe libraries -ReleaseDate: 2025-11-04T17:59:22Z +ReleaseDate: 2025-11-17T18:39:20Z ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/ ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.10.2 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.10.2:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@2.12.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:2.12.0:*:*:*:*:*:*:* ##### PackageName: python-gnupg @@ -1451,21 +1450,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.5.0:*:*:*:*:*: PackageName: certifi SPDXID: SPDXRef-70-certifi -PackageVersion: 2025.10.5 +PackageVersion: 2025.11.12 PrimaryPackagePurpose: LIBRARY PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com) -PackageDownloadLocation: https://pypi.org/project/certifi/2025.10.5/#files +PackageDownloadLocation: https://pypi.org/project/certifi/2025.11.12/#files FilesAnalyzed: false PackageHomePage: https://github.com/certifi/python-certifi -PackageChecksum: SHA256: 0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de +PackageChecksum: SHA256: 97de8790030bbd5c2d96b7ec782fc2f7820ef8dba6db909ccf95449f2d062d4b PackageLicenseDeclared: MPL-2.0 PackageLicenseConcluded: MPL-2.0 PackageCopyrightText: NOASSERTION PackageSummary: Python package for providing Mozilla's CA Bundle. -ReleaseDate: 2025-10-05T04:12:14Z +ReleaseDate: 2025-11-12T02:54:49Z ExternalRef: OTHER vcs https://github.com/certifi/python-certifi -ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.10.5 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.10.5:*:*:*:*:*:*:* +ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.11.12 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.11.12:*:*:*:*:*:*:* ##### PackageName: rpmfile