diff --git a/sbom/cve-bin-tool-py3.11.json b/sbom/cve-bin-tool-py3.11.json
index 0893e929de..2376ffce3a 100644
--- a/sbom/cve-bin-tool-py3.11.json
+++ b/sbom/cve-bin-tool-py3.11.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:885f3a82-ae54-4f86-8648-534e88d262bf",
+ "serialNumber": "urn:uuid:a87ad4e8-6fda-4f66-b0d5-185a98726c29",
"version": 1,
"metadata": {
- "timestamp": "2025-01-20T00:37:48Z",
+ "timestamp": "2025-02-03T00:35:26Z",
"lifecycles": [
{
"phase": "build"
@@ -402,7 +402,7 @@
"type": "library",
"bom-ref": "6-attrs",
"name": "attrs",
- "version": "24.3.0",
+ "version": "25.1.0",
"supplier": {
"name": "Hynek Schlawack",
"contact": [
@@ -411,17 +411,17 @@
}
]
},
- "cpe": "cpe:2.3:a:hynek_schlawack:attrs:24.3.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:hynek_schlawack:attrs:25.1.0:*:*:*:*:*:*:*",
"description": "Classes Without Boilerplate",
"hashes": [
{
"alg": "SHA-256",
- "content": "ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308"
+ "content": "c75a69e28a550a7e93789579c22aa26b0f5b83b75dc4e08fe092980051e1090a"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/attrs/24.3.0/#files",
+ "url": "https://pypi.org/project/attrs/25.1.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -446,11 +446,11 @@
"type": "other"
}
],
- "purl": "pkg:pypi/attrs@24.3.0",
+ "purl": "pkg:pypi/attrs@25.1.0",
"properties": [
{
"name": "release_date",
- "value": "2024-12-16T06:59:26Z"
+ "value": "2025-01-25T11:30:10Z"
},
{
"name": "language",
@@ -873,7 +873,7 @@
"type": "library",
"bom-ref": "12-beautifulsoup4",
"name": "beautifulsoup4",
- "version": "4.12.3",
+ "version": "4.13.0",
"supplier": {
"name": "Leonard Richardson",
"contact": [
@@ -882,14 +882,8 @@
}
]
},
- "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.0:*:*:*:*:*:*:*",
"description": "Screen-scraping library",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "b80878c9f40111313e55da8ba20bdba06d8fa3969fc68304167741bbf9e082ed"
- }
- ],
"licenses": [
{
"license": {
@@ -906,7 +900,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/beautifulsoup4/4.12.3/#files",
+ "url": "https://pypi.org/project/beautifulsoup4/4.13.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -915,11 +909,11 @@
"type": "other"
}
],
- "purl": "pkg:pypi/beautifulsoup4@4.12.3",
+ "purl": "pkg:pypi/beautifulsoup4@4.13.0",
"properties": [
{
"name": "release_date",
- "value": "2024-01-17T16:53:12Z"
+ "value": "2024-09-15T18:07:37Z"
},
{
"name": "language",
@@ -2520,7 +2514,7 @@
"type": "library",
"bom-ref": "39-cachetools",
"name": "cachetools",
- "version": "5.5.0",
+ "version": "5.5.1",
"supplier": {
"name": "Thomas Kemmer",
"contact": [
@@ -2529,12 +2523,12 @@
}
]
},
- "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:thomas_kemmer:cachetools:5.5.1:*:*:*:*:*:*:*",
"description": "Extensible memoizing collections and decorators",
"hashes": [
{
"alg": "SHA-256",
- "content": "02134e8439cdc2ffb62023ce1debca2944c3f289d66bb17ead3ab3dede74b292"
+ "content": "b76651fdc3b24ead3c648bbdeeb940c1b04d365b38b4af66788f9ec4a81d42bb"
}
],
"licenses": [
@@ -2553,16 +2547,16 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/cachetools/5.5.0/#files",
+ "url": "https://pypi.org/project/cachetools/5.5.1/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/cachetools@5.5.0",
+ "purl": "pkg:pypi/cachetools@5.5.1",
"properties": [
{
"name": "release_date",
- "value": "2024-08-18T20:28:43Z"
+ "value": "2025-01-21T21:27:54Z"
},
{
"name": "language",
@@ -3109,7 +3103,7 @@
"type": "library",
"bom-ref": "49-referencing",
"name": "referencing",
- "version": "0.36.1",
+ "version": "0.36.2",
"supplier": {
"name": "Julian Berman",
"contact": [
@@ -3118,12 +3112,12 @@
}
]
},
- "cpe": "cpe:2.3:a:julian_berman:referencing:0.36.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*:*:*:*:*",
"description": "JSON Referencing + Python",
"hashes": [
{
"alg": "SHA-256",
- "content": "363d9c65f080d0d70bc41c721dce3c7f3e77fc09f269cd5c8813da18069a6794"
+ "content": "e8699adbbf8b5c7de96d8ffa0eb5c158b3beafce084968e2ea8bb08c6794dcd0"
}
],
"externalReferences": [
@@ -3133,7 +3127,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/referencing/0.36.1/#files",
+ "url": "https://pypi.org/project/referencing/0.36.2/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -3162,11 +3156,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/referencing@0.36.1",
+ "purl": "pkg:pypi/referencing@0.36.2",
"properties": [
{
"name": "release_date",
- "value": "2025-01-17T02:22:02Z"
+ "value": "2025-01-25T08:48:14Z"
},
{
"name": "language",
@@ -3978,7 +3972,7 @@
"type": "library",
"bom-ref": "63-plotly",
"name": "plotly",
- "version": "5.24.1",
+ "version": "6.0.0",
"supplier": {
"name": "Chris P",
"contact": [
@@ -3987,12 +3981,12 @@
}
]
},
- "cpe": "cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*",
"description": "An open-source, interactive data visualization library for Python",
"hashes": [
{
"alg": "SHA-256",
- "content": "f67073a1e637eb0dc3e46324d9d51e2fe76e9727c892dde64ddf1e1b51f29089"
+ "content": "f708871c3a9349a68791ff943a5781b1ec04de7769ea69068adcd9202e57653a"
}
],
"licenses": [
@@ -4011,7 +4005,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/plotly/5.24.1/#files",
+ "url": "https://pypi.org/project/plotly/6.0.0/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4028,11 +4022,11 @@
"type": "log"
}
],
- "purl": "pkg:pypi/plotly@5.24.1",
+ "purl": "pkg:pypi/plotly@6.0.0",
"properties": [
{
"name": "release_date",
- "value": "2024-09-12T15:36:24Z"
+ "value": "2025-01-28T19:33:47Z"
},
{
"name": "language",
@@ -4046,51 +4040,48 @@
},
{
"type": "library",
- "bom-ref": "64-tenacity",
- "name": "tenacity",
- "version": "9.0.0",
+ "bom-ref": "64-narwhals",
+ "name": "narwhals",
+ "version": "1.24.2",
"supplier": {
- "name": "Julien Danjou",
+ "name": "Marco Gorelli",
"contact": [
{
- "email": "julien@danjou.info"
+ "email": "33491632+MarcoGorelli@users.noreply.github.com"
}
]
},
- "cpe": "cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*",
- "description": "Retry code until it succeeds",
- "hashes": [
- {
- "alg": "SHA-256",
- "content": "93de0c98785b27fcf659856aa9f54bfbd399e29969b0621bc7f762bd441b4539"
- }
- ],
- "licenses": [
- {
- "license": {
- "id": "Apache-2.0",
- "url": "https://www.apache.org/licenses/LICENSE-2.0",
- "acknowledgement": "concluded"
- }
- }
- ],
+ "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.24.2:*:*:*:*:*:*:*",
+ "description": "Extremely lightweight compatibility layer between dataframe libraries",
"externalReferences": [
{
- "url": "https://github.com/jd/tenacity",
+ "url": "https://github.com/narwhals-dev/narwhals",
"type": "website",
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/tenacity/9.0.0/#files",
+ "url": "https://pypi.org/project/narwhals/1.24.2/#files",
"type": "distribution",
"comment": "Download location for component"
+ },
+ {
+ "url": "https://narwhals-dev.github.io/narwhals/",
+ "type": "documentation"
+ },
+ {
+ "url": "https://github.com/narwhals-dev/narwhals",
+ "type": "vcs"
+ },
+ {
+ "url": "https://github.com/narwhals-dev/narwhals/issues",
+ "type": "issue-tracker"
}
],
- "purl": "pkg:pypi/tenacity@9.0.0",
+ "purl": "pkg:pypi/narwhals@1.24.2",
"properties": [
{
"name": "release_date",
- "value": "2024-07-29T12:12:25Z"
+ "value": "2025-01-28T19:33:47Z"
},
{
"name": "language",
@@ -4301,7 +4292,7 @@
"type": "library",
"bom-ref": "68-certifi",
"name": "certifi",
- "version": "2024.12.14",
+ "version": "2025.1.31",
"supplier": {
"name": "Kenneth Reitz",
"contact": [
@@ -4310,12 +4301,12 @@
}
]
},
- "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2024.12.14:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:kenneth_reitz:certifi:2025.1.31:*:*:*:*:*:*:*",
"description": "Python package for providing Mozilla's CA Bundle.",
"hashes": [
{
"alg": "SHA-256",
- "content": "1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56"
+ "content": "ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"
}
],
"licenses": [
@@ -4334,7 +4325,7 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/certifi/2024.12.14/#files",
+ "url": "https://pypi.org/project/certifi/2025.1.31/#files",
"type": "distribution",
"comment": "Download location for component"
},
@@ -4343,11 +4334,11 @@
"type": "vcs"
}
],
- "purl": "pkg:pypi/certifi@2024.12.14",
+ "purl": "pkg:pypi/certifi@2025.1.31",
"properties": [
{
"name": "release_date",
- "value": "2024-12-14T13:52:36Z"
+ "value": "2025-01-31T02:16:45Z"
},
{
"name": "language",
@@ -4720,7 +4711,8 @@
{
"ref": "12-beautifulsoup4",
"dependsOn": [
- "13-soupsieve"
+ "13-soupsieve",
+ "8-typing-extensions"
]
},
{
@@ -4908,7 +4900,7 @@
{
"ref": "63-plotly",
"dependsOn": [
- "64-tenacity",
+ "64-narwhals",
"62-packaging"
]
},
diff --git a/sbom/cve-bin-tool-py3.11.spdx b/sbom/cve-bin-tool-py3.11.spdx
index f7e0032b32..dce9f4b448 100644
--- a/sbom/cve-bin-tool-py3.11.spdx
+++ b/sbom/cve-bin-tool-py3.11.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-04ad04db-6cad-44ea-9add-250b579f36b9
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-99f38991-75b1-4eb8-a2c3-13f7d4b92d88
LicenseListVersion: 3.25
Creator: Tool: sbom4python-0.12.1
-Created: 2025-01-20T00:37:40Z
+Created: 2025-02-03T00:35:18Z
CreatorComment: This document has been automatically generated.
#####
@@ -127,24 +127,24 @@ ExternalRef: PACKAGE-MANAGER purl pkg:pypi/frozenlist@1.5.0
PackageName: attrs
SPDXID: SPDXRef-6-attrs
-PackageVersion: 24.3.0
+PackageVersion: 25.1.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Hynek Schlawack (hs@ox.cx)
-PackageDownloadLocation: https://pypi.org/project/attrs/24.3.0/#files
+PackageDownloadLocation: https://pypi.org/project/attrs/25.1.0/#files
FilesAnalyzed: false
-PackageChecksum: SHA256: ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308
+PackageChecksum: SHA256: c75a69e28a550a7e93789579c22aa26b0f5b83b75dc4e08fe092980051e1090a
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Classes Without Boilerplate
-ReleaseDate: 2024-12-16T06:59:26Z
+ReleaseDate: 2025-01-25T11:30:10Z
ExternalRef: OTHER documentation https://www.attrs.org/
ExternalRef: OTHER log https://www.attrs.org/en/stable/changelog.html
ExternalRef: OTHER vcs https://github.com/python-attrs/attrs
ExternalRef: OTHER other https://github.com/sponsors/hynek
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-attrs?utm_source=pypi-attrs&utm_medium=pypi
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/attrs@24.3.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:24.3.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/attrs@25.1.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:hynek_schlawack:attrs:25.1.0:*:*:*:*:*:*:*
#####
PackageName: multidict
@@ -274,22 +274,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
PackageName: beautifulsoup4
SPDXID: SPDXRef-12-beautifulsoup4
-PackageVersion: 4.12.3
+PackageVersion: 4.13.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Leonard Richardson (leonardr@segfault.org)
-PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.12.3/#files
+PackageDownloadLocation: https://pypi.org/project/beautifulsoup4/4.13.0/#files
FilesAnalyzed: false
PackageHomePage: https://www.crummy.com/software/BeautifulSoup/bs4/
-PackageChecksum: SHA256: b80878c9f40111313e55da8ba20bdba06d8fa3969fc68304167741bbf9e082ed
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: MIT
PackageLicenseComments: beautifulsoup4 declares MIT License which is not currently a valid SPDX License identifier or expression.
PackageCopyrightText: NOASSERTION
PackageSummary: Screen-scraping library
-ReleaseDate: 2024-01-17T16:53:12Z
+ReleaseDate: 2024-09-15T18:07:37Z
ExternalRef: OTHER other https://www.crummy.com/software/BeautifulSoup/bs4/download/
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.12.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/beautifulsoup4@4.13.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:leonard_richardson:beautifulsoup4:4.13.0:*:*:*:*:*:*:*
#####
PackageName: soupsieve
@@ -801,20 +800,20 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:google_cloud_platform:google-auth:2.17
PackageName: cachetools
SPDXID: SPDXRef-39-cachetools
-PackageVersion: 5.5.0
+PackageVersion: 5.5.1
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Thomas Kemmer (tkemmer@computer.org)
-PackageDownloadLocation: https://pypi.org/project/cachetools/5.5.0/#files
+PackageDownloadLocation: https://pypi.org/project/cachetools/5.5.1/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/tkem/cachetools/
-PackageChecksum: SHA256: 02134e8439cdc2ffb62023ce1debca2944c3f289d66bb17ead3ab3dede74b292
+PackageChecksum: SHA256: b76651fdc3b24ead3c648bbdeeb940c1b04d365b38b4af66788f9ec4a81d42bb
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: Extensible memoizing collections and decorators
-ReleaseDate: 2024-08-18T20:28:43Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.5.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+ReleaseDate: 2025-01-21T21:27:54Z
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cachetools@5.5.1
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:thomas_kemmer:cachetools:5.5.1:*:*:*:*:*:*:*
#####
PackageName: google-auth-httplib2
@@ -1030,26 +1029,26 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:jsonschema-specification
PackageName: referencing
SPDXID: SPDXRef-49-referencing
-PackageVersion: 0.36.1
+PackageVersion: 0.36.2
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Julian Berman (Julian+referencing@GrayVines.com)
-PackageDownloadLocation: https://pypi.org/project/referencing/0.36.1/#files
+PackageDownloadLocation: https://pypi.org/project/referencing/0.36.2/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/python-jsonschema/referencing
-PackageChecksum: SHA256: 363d9c65f080d0d70bc41c721dce3c7f3e77fc09f269cd5c8813da18069a6794
+PackageChecksum: SHA256: e8699adbbf8b5c7de96d8ffa0eb5c158b3beafce084968e2ea8bb08c6794dcd0
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: JSON Referencing + Python
-ReleaseDate: 2025-01-17T02:22:02Z
+ReleaseDate: 2025-01-25T08:48:14Z
ExternalRef: OTHER documentation https://referencing.readthedocs.io/
ExternalRef: OTHER issue-tracker https://github.com/python-jsonschema/referencing/issues/
ExternalRef: OTHER other https://github.com/sponsors/Julian
ExternalRef: OTHER other https://tidelift.com/subscription/pkg/pypi-referencing?utm_source=pypi-referencing&utm_medium=referral&utm_campaign=pypi-link
ExternalRef: OTHER log https://referencing.readthedocs.io/en/stable/changes/
ExternalRef: OTHER vcs https://github.com/python-jsonschema/referencing
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.36.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.36.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/referencing@0.36.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*:*:*:*:*
#####
PackageName: rpds-py
@@ -1311,42 +1310,43 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*
PackageName: plotly
SPDXID: SPDXRef-63-plotly
-PackageVersion: 5.24.1
+PackageVersion: 6.0.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Chris P (chris@plot.ly)
-PackageDownloadLocation: https://pypi.org/project/plotly/5.24.1/#files
+PackageDownloadLocation: https://pypi.org/project/plotly/6.0.0/#files
FilesAnalyzed: false
PackageHomePage: https://plotly.com/python/
-PackageChecksum: SHA256: f67073a1e637eb0dc3e46324d9d51e2fe76e9727c892dde64ddf1e1b51f29089
+PackageChecksum: SHA256: f708871c3a9349a68791ff943a5781b1ec04de7769ea69068adcd9202e57653a
PackageLicenseDeclared: MIT
PackageLicenseConcluded: MIT
PackageCopyrightText: NOASSERTION
PackageSummary: An open-source, interactive data visualization library for Python
-ReleaseDate: 2024-09-12T15:36:24Z
+ReleaseDate: 2025-01-28T19:33:47Z
ExternalRef: OTHER documentation https://plotly.com/python/
ExternalRef: OTHER vcs https://github.com/plotly/plotly.py
ExternalRef: OTHER log https://github.com/plotly/plotly.py/blob/master/CHANGELOG.md
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@5.24.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/plotly@6.0.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*
#####
-PackageName: tenacity
-SPDXID: SPDXRef-64-tenacity
-PackageVersion: 9.0.0
+PackageName: narwhals
+SPDXID: SPDXRef-64-narwhals
+PackageVersion: 1.24.2
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Person: Julien Danjou (julien@danjou.info)
-PackageDownloadLocation: https://pypi.org/project/tenacity/9.0.0/#files
+PackageSupplier: Person: Marco Gorelli (33491632+MarcoGorelli@users.noreply.github.com)
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.24.2/#files
FilesAnalyzed: false
-PackageHomePage: https://github.com/jd/tenacity
-PackageChecksum: SHA256: 93de0c98785b27fcf659856aa9f54bfbd399e29969b0621bc7f762bd441b4539
+PackageHomePage: https://github.com/narwhals-dev/narwhals
PackageLicenseDeclared: NOASSERTION
-PackageLicenseConcluded: Apache-2.0
-PackageLicenseComments: tenacity declares Apache 2.0 which is not currently a valid SPDX License identifier or expression.
+PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
-PackageSummary: Retry code until it succeeds
-ReleaseDate: 2024-07-29T12:12:25Z
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/tenacity@9.0.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+PackageSummary: Extremely lightweight compatibility layer between dataframe libraries
+ReleaseDate: 2025-01-28T19:33:47Z
+ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
+ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
+ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.24.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.24.2:*:*:*:*:*:*:*
#####
PackageName: requests
@@ -1413,21 +1413,21 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:andrey_petrov:urllib3:2.3.0:*:*:*:*:*:
PackageName: certifi
SPDXID: SPDXRef-68-certifi
-PackageVersion: 2024.12.14
+PackageVersion: 2025.1.31
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Person: Kenneth Reitz (me@kennethreitz.com)
-PackageDownloadLocation: https://pypi.org/project/certifi/2024.12.14/#files
+PackageDownloadLocation: https://pypi.org/project/certifi/2025.1.31/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/certifi/python-certifi
-PackageChecksum: SHA256: 1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56
+PackageChecksum: SHA256: ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe
PackageLicenseDeclared: MPL-2.0
PackageLicenseConcluded: MPL-2.0
PackageCopyrightText: NOASSERTION
PackageSummary: Python package for providing Mozilla's CA Bundle.
-ReleaseDate: 2024-12-14T13:52:36Z
+ReleaseDate: 2025-01-31T02:16:45Z
ExternalRef: OTHER vcs https://github.com/certifi/python-certifi
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2024.12.14
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2024.12.14:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/certifi@2025.1.31
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:kenneth_reitz:certifi:2025.1.31:*:*:*:*:*:*:*
#####
PackageName: rpmfile
@@ -1552,6 +1552,7 @@ Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-11-idna
Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-7-multidict
Relationship: SPDXRef-10-yarl DEPENDS_ON SPDXRef-9-propcache
Relationship: SPDXRef-12-beautifulsoup4 DEPENDS_ON SPDXRef-13-soupsieve
+Relationship: SPDXRef-12-beautifulsoup4 DEPENDS_ON SPDXRef-8-typing-extensions
Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-19-argcomplete
Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-20-crcmod
Relationship: SPDXRef-18-gsutil DEPENDS_ON SPDXRef-21-fasteners
@@ -1628,7 +1629,7 @@ Relationship: SPDXRef-57-rich DEPENDS_ON SPDXRef-60-pygments
Relationship: SPDXRef-57-rich DEPENDS_ON SPDXRef-8-typing-extensions
Relationship: SPDXRef-58-markdown-it-py DEPENDS_ON SPDXRef-59-mdurl
Relationship: SPDXRef-63-plotly DEPENDS_ON SPDXRef-62-packaging
-Relationship: SPDXRef-63-plotly DEPENDS_ON SPDXRef-64-tenacity
+Relationship: SPDXRef-63-plotly DEPENDS_ON SPDXRef-64-narwhals
Relationship: SPDXRef-65-requests DEPENDS_ON SPDXRef-11-idna
Relationship: SPDXRef-65-requests DEPENDS_ON SPDXRef-66-charset-normalizer
Relationship: SPDXRef-65-requests DEPENDS_ON SPDXRef-67-urllib3