-
-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Populate bom.metadata.component
#391
Comments
tried to reproduce the described behaviour via # clone this repo
# setup the project
poetry install
# generate the sbom of self
poetry run cyclonedx-bom --poetry --format json --output - output: (beautified for readability on debugging){
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuid:4fd5a63a-311f-4490-9d97-3dd8faae8c5b",
"version": 1,
"metadata": {
"timestamp": "2022-07-20T18:33:52.605138+00:00",
"tools": [
{
"vendor": "CycloneDX",
"name": "cyclonedx-bom",
"version": "3.5.0"
},
{
"vendor": "CycloneDX",
"name": "cyclonedx-python-lib",
"version": "2.5.2",
"externalReferences": [
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions",
"type": "build-system"
},
{
"url": "https://pypi.org/project/cyclonedx-python-lib/",
"type": "distribution"
},
{
"url": "https://cyclonedx.github.io/cyclonedx-python-lib/",
"type": "documentation"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues",
"type": "issue-tracker"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE",
"type": "license"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md",
"type": "release-notes"
},
{
"url": "https://github.com/CycloneDX/cyclonedx-python-lib",
"type": "vcs"
},
{
"url": "https://cyclonedx.org",
"type": "website"
}
]
}
]
},
"components": [
{
"type": "library",
"bom-ref": "221e9ebf-637f-42ea-92f9-4d377b718b04",
"name": "attrs",
"version": "21.4.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/attrs/21.4.0",
"comment": "Distribution file: attrs-21.4.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "2d27e3784d7a565d36ab851fe94887c5eccd6a463168875832a1be79c82828b4"
}
]
},
{
"url": "https://pypi.org/project/attrs/21.4.0",
"comment": "Distribution file: attrs-21.4.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd"
}
]
}
]
},
{
"type": "library",
"bom-ref": "9355a3bb-2789-4b11-95f2-e60d3756062d",
"name": "autopep8",
"version": "1.6.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/autopep8/1.6.0",
"comment": "Distribution file: autopep8-1.6.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ed77137193bbac52d029a52c59bec1b0629b5a186c495f1eb21b126ac466083f"
}
]
},
{
"url": "https://pypi.org/project/autopep8/1.6.0",
"comment": "Distribution file: autopep8-1.6.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "44f0932855039d2c15c4510d6df665e4730f2b8582704fa48f9c55bd3e17d979"
}
]
}
]
},
{
"type": "library",
"bom-ref": "1d127a2c-e89d-4d9a-b2fc-0eff17325f4f",
"name": "colorama",
"version": "0.4.4",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/colorama/0.4.4",
"comment": "Distribution file: colorama-0.4.4-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9f47eda37229f68eee03b24b9748937c7dc3868f906e8ba69fbcbdd3bc5dc3e2"
}
]
},
{
"url": "https://pypi.org/project/colorama/0.4.4",
"comment": "Distribution file: colorama-0.4.4.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"
}
]
}
]
},
{
"type": "library",
"bom-ref": "85b55ad5-5988-4cbd-af48-9b5dff125742",
"name": "coverage",
"version": "6.2",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "6dbc1536e105adda7a6312c778f15aaabe583b0e9a0b0a324990334fd458c94b"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "174cf9b4bef0db2e8244f82059a5a72bd47e1d40e71c68ab055425172b16b7d0"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_12_i686.manylinux2010_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "92b8c845527eae547a2a6617d336adc56394050c3ed8a6918683646328fbb6da"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c7912d1526299cb04c88288e148c6c87c0df600eca76efd99d84396cfe00ef1d"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-musllinux_1_1_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d5d2033d5db1d58ae2d62f095e1aefb6988af65b4b12cb8987af409587cc0739"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-musllinux_1_1_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3feac4084291642165c3a0d9eaebedf19ffa505016c4d3db15bfe235718d4971"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-musllinux_1_1_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "276651978c94a8c5672ea60a2656e95a3cce2a3f31e9fb2d5ebd4c215d095840"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-win32.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "f506af4f27def639ba45789fa6fde45f9a217da0be05f8910458e4557eed020c"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp310-cp310-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3f7c17209eef285c86f819ff04a6d4cbee9b33ef05cbcaae4c0b4e8e06b3ec8f"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp311-cp311-macosx_10_14_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "13362889b2d46e8d9f97c421539c97c963e34031ab0cb89e8ca83a10cc71ac76"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "22e60a3ca5acba37d1d4a2ee66e051f5b0e1b9ac950b5b0cf4aa5366eda41d47"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp311-cp311-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "b637c57fdb8be84e91fac60d9325a66a5981f8086c954ea2772efe28425eaf64"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "f467bbb837691ab5a8ca359199d3429a11a01e6dfb3d9dcc676dc035ca93c0a9"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "2641f803ee9f95b1f387f3e8f3bf28d83d9b69a39e9911e5bfee832bea75240d"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_12_i686.manylinux2010_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "1219d760ccfafc03c0822ae2e06e3b1248a8e6d1a70928966bafc6838d3c9e48"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9a2b5b52be0a8626fcbffd7e689781bf8c2ac01613e77feda93d96184949a98e"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-musllinux_1_1_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8e2c35a4c1f269704e90888e56f794e2d9c0262fb0c1b1c8c4ee44d9b9e77b5d"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-musllinux_1_1_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "5d6b09c972ce9200264c35a1d53d43ca55ef61836d9ec60f0d44273a31aa9f17"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-musllinux_1_1_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e3db840a4dee542e37e09f30859f1612da90e1c5239a6a2498c473183a50e781"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-win32.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "4e547122ca2d244f7c090fe3f4b5a5861255ff66b7ab6d98f44a0222aaf8671a"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp36-cp36m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "01774a2c2c729619760320270e42cd9e797427ecfddd32c2a7b639cdc481f3c0"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "fb8b8ee99b3fffe4fd86f4c81b35a6bf7e4462cba019997af2fe679365db0c49"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "619346d57c7126ae49ac95b11b0dc8e36c1dd49d148477461bb66c8cf13bb521"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_12_i686.manylinux2010_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "0a7726f74ff63f41e95ed3a89fef002916c828bb5fcae83b505b49d81a066884"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "cfd9386c1d6f13b37e05a91a8583e802f8059bebfccde61a418c5808dea6bbfa"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-musllinux_1_1_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "17e6c11038d4ed6e8af1407d9e89a2904d573be29d51515f14262d7f10ef0a64"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-musllinux_1_1_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c254b03032d5a06de049ce8bca8338a5185f07fb76600afff3c161e053d88617"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-musllinux_1_1_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "dca38a21e4423f3edb821292e97cec7ad38086f84313462098568baedf4331f8"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-win32.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "600617008aa82032ddeace2535626d1bc212dfff32b43989539deda63b3f36e4"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp37-cp37m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "bf154ba7ee2fd613eb541c2bc03d3d9ac667080a737449d1a3fb342740eb1a74"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "f9afb5b746781fc2abce26193d1c817b7eb0e11459510fba65d2bd77fe161d9e"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "edcada2e24ed68f019175c2b2af2a8b481d3d084798b8c20d15d34f5c733fa58"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_12_i686.manylinux2010_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a9c8c4283e17690ff1a7427123ffb428ad6a52ed720d550e299e8291e33184dc"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "f614fc9956d76d8a88a88bb41ddc12709caa755666f580af3a688899721efecd"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-musllinux_1_1_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9365ed5cce5d0cf2c10afc6add145c5037d3148585b8ae0e77cc1efdd6aa2953"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-musllinux_1_1_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8bdfe9ff3a4ea37d17f172ac0dff1e1c383aec17a636b9b35906babc9f0f5475"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-musllinux_1_1_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "63c424e6f5b4ab1cf1e23a43b12f542b0ec2e54f99ec9f11b75382152981df57"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-win32.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "49dbff64961bc9bdd2289a2bda6a3a5a331964ba5497f694e2cbd540d656dc1c"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp38-cp38-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9a29311bd6429be317c1f3fe4bc06c4c5ee45e2fa61b2a19d4d1d6111cb94af2"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "03b20e52b7d31be571c9c06b74746746d4eb82fc260e594dc662ed48145e9efd"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "215f8afcc02a24c2d9a10d3790b21054b58d71f4b3c6f055d4bb1b15cecce685"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_12_i686.manylinux2010_i686.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a4bdeb0a52d1d04123b41d90a4390b096f3ef38eee35e11f0b22c2d031222c6c"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c332d8f8d448ded473b97fefe4a0983265af21917d8b0cdcb8bb06b2afe632c3"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-win32.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "6e1394d24d5938e561fbeaa0cd3d356207579c28bd1792f25a068743f2d5b282"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-cp39-cp39-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "86f2e78b1eff847609b1ca8050c9e1fa3bd44ce755b2ec30e70f2d3ba3844644"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2-pp36.pp37.pp38-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "5829192582c0ec8ca4a2532407bc14c2f338d9878a10442f5d03804a95fac9de"
}
]
},
{
"url": "https://pypi.org/project/coverage/6.2",
"comment": "Distribution file: coverage-6.2.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e2cad8093172b7d1595b4ad66f24270808658e11acf43a8f95b41276162eb5b8"
}
]
}
]
},
{
"type": "library",
"bom-ref": "71fd7a0e-4121-47d7-88f8-cb3b692167be",
"name": "cyclonedx-python-lib",
"version": "2.5.2",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/cyclonedx-python-lib/2.5.2",
"comment": "Distribution file: cyclonedx-python-lib-2.5.2.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "875c0dac4c8be1da58cef399eb09ceba8668a153d2bfed67b7af8bdbca5bad61"
}
]
},
{
"url": "https://pypi.org/project/cyclonedx-python-lib/2.5.2",
"comment": "Distribution file: cyclonedx_python_lib-2.5.2-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "7a3aebcc1603e2cb0bc13ebf4274d2bd28ee46d199a7c2c05bd9d823ea7143e4"
}
]
}
]
},
{
"type": "library",
"bom-ref": "368e142c-aacc-411b-b2de-61611cc0c07c",
"name": "distlib",
"version": "0.3.4",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/distlib/0.3.4",
"comment": "Distribution file: distlib-0.3.4-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "6564fe0a8f51e734df6333d08b8b94d4ea8ee6b99b5ed50613f731fd4089f34b"
}
]
},
{
"url": "https://pypi.org/project/distlib/0.3.4",
"comment": "Distribution file: distlib-0.3.4.zip",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e4b58818180336dc9c529bfb9a0b58728ffc09ad92027a3f30b7cd91e3458579"
}
]
}
]
},
{
"type": "library",
"bom-ref": "b7821c28-1a71-4acc-8723-fbc9884ca353",
"name": "filelock",
"version": "3.4.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/filelock/3.4.1",
"comment": "Distribution file: filelock-3.4.1-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a4bc51381e01502a30e9f06dd4fa19a1712eab852b6fb0f84fd7cce0793d8ca3"
}
]
},
{
"url": "https://pypi.org/project/filelock/3.4.1",
"comment": "Distribution file: filelock-3.4.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "0f12f552b42b5bf60dba233710bf71337d35494fc8bdd4fd6d9f6d082ad45e06"
}
]
}
]
},
{
"type": "library",
"bom-ref": "fa4bfc98-fd00-4cb7-a820-4b0d0e46eabf",
"name": "flake8",
"version": "4.0.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/flake8/4.0.1",
"comment": "Distribution file: flake8-4.0.1-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "479b1304f72536a55948cb40a32dce8bb0ffe3501e26eaf292c7e60eb5e0428d"
}
]
},
{
"url": "https://pypi.org/project/flake8/4.0.1",
"comment": "Distribution file: flake8-4.0.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "806e034dda44114815e23c16ef92f95c91e4c71100ff52813adf7132a6ad870d"
}
]
}
]
},
{
"type": "library",
"bom-ref": "82f5d4c0-0cd3-4e68-89af-1eb9f375918f",
"name": "flake8-annotations",
"version": "2.7.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/flake8-annotations/2.7.0",
"comment": "Distribution file: flake8-annotations-2.7.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "52e53c05b0c06cac1c2dec192ea2c36e85081238add3bd99421d56f574b9479b"
}
]
},
{
"url": "https://pypi.org/project/flake8-annotations/2.7.0",
"comment": "Distribution file: flake8_annotations-2.7.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3edfbbfb58e404868834fe6ec3eaf49c139f64f0701259f707d043185545151e"
}
]
}
]
},
{
"type": "library",
"bom-ref": "66e202c0-21cb-46e2-b3d8-06f57db16904",
"name": "flake8-bugbear",
"version": "22.7.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/flake8-bugbear/22.7.1",
"comment": "Distribution file: flake8-bugbear-22.7.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e450976a07e4f9d6c043d4f72b17ec1baf717fe37f7997009c8ae58064f88305"
}
]
},
{
"url": "https://pypi.org/project/flake8-bugbear/22.7.1",
"comment": "Distribution file: flake8_bugbear-22.7.1-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "db5d7a831ef4412a224b26c708967ff816818cabae415e76b8c58df156c4b8e5"
}
]
}
]
},
{
"type": "library",
"bom-ref": "64270487-d39e-497f-86ad-ec4ac6a7d3d3",
"name": "flake8-isort",
"version": "4.1.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/flake8-isort/4.1.1",
"comment": "Distribution file: flake8-isort-4.1.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d814304ab70e6e58859bc5c3e221e2e6e71c958e7005239202fee19c24f82717"
}
]
},
{
"url": "https://pypi.org/project/flake8-isort/4.1.1",
"comment": "Distribution file: flake8_isort-4.1.1-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c4e8b6dcb7be9b71a02e6e5d4196cefcef0f3447be51e82730fb336fff164949"
}
]
}
]
},
{
"type": "library",
"bom-ref": "5a15e858-a9a7-449b-a8e7-b028501983a6",
"name": "importlib-metadata",
"version": "4.2.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/importlib-metadata/4.2.0",
"comment": "Distribution file: importlib_metadata-4.2.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "057e92c15bc8d9e8109738a48db0ccb31b4d9d5cfbee5a8670879a30be66304b"
}
]
},
{
"url": "https://pypi.org/project/importlib-metadata/4.2.0",
"comment": "Distribution file: importlib_metadata-4.2.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "b7e52a1f8dec14a75ea73e0891f3060099ca1d8e6a462a4dff11c3e119ea1b31"
}
]
}
]
},
{
"type": "library",
"bom-ref": "a2f9b409-1157-439a-b80a-c774e832dc77",
"name": "importlib-resources",
"version": "5.4.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/importlib-resources/5.4.0",
"comment": "Distribution file: importlib_resources-5.4.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "33a95faed5fc19b4bc16b29a6eeae248a3fe69dd55d4d229d2b480e23eeaad45"
}
]
},
{
"url": "https://pypi.org/project/importlib-resources/5.4.0",
"comment": "Distribution file: importlib_resources-5.4.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d756e2f85dd4de2ba89be0b21dba2a3bbec2e871a42a3a16719258a11f87506b"
}
]
}
]
},
{
"type": "library",
"bom-ref": "c42b266b-6645-4fbb-bc22-30658d1094b6",
"name": "isort",
"version": "5.10.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/isort/5.10.1",
"comment": "Distribution file: isort-5.10.1-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "6f62d78e2f89b4500b080fe3a81690850cd254227f27f75c3a0c491a1f351ba7"
}
]
},
{
"url": "https://pypi.org/project/isort/5.10.1",
"comment": "Distribution file: isort-5.10.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951"
}
]
}
]
},
{
"type": "library",
"bom-ref": "35afcc71-b81a-42a5-811d-54945937c882",
"name": "mccabe",
"version": "0.6.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/mccabe/0.6.1",
"comment": "Distribution file: mccabe-0.6.1-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42"
}
]
},
{
"url": "https://pypi.org/project/mccabe/0.6.1",
"comment": "Distribution file: mccabe-0.6.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
}
]
}
]
},
{
"type": "library",
"bom-ref": "e951705e-30c4-497a-98ef-f9d141136a46",
"name": "mypy",
"version": "0.971",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp310-cp310-macosx_10_9_universal2.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "f2899a3cbd394da157194f913a931edfd4be5f274a88041c9dc2d9cdcb1c315c"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp310-cp310-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "98e02d56ebe93981c41211c05adb630d1d26c14195d04d95e49cd97dbc046dc5"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp310-cp310-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "19830b7dba7d5356d3e26e2427a2ec91c994cd92d983142cbd025ebe81d69cf3"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "02ef476f6dcb86e6f502ae39a16b93285fef97e7f1ff22932b657d1ef1f28655"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp310-cp310-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "25c5750ba5609a0c7550b73a33deb314ecfb559c350bb050b655505e8aed4103"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp36-cp36m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d3348e7eb2eea2472db611486846742d5d52d1290576de99d59edeb7cd4a42ca"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3fa7a477b9900be9b7dd4bab30a12759e5abe9586574ceb944bc29cddf8f0417"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp36-cp36m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "2ad53cf9c3adc43cf3bea0a7d01a2f2e86db9fe7596dfecb4496a5dda63cbb09"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp37-cp37m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "855048b6feb6dfe09d3353466004490b1872887150c5bb5caad7838b57328cc8"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "23488a14a83bca6e54402c2e6435467a4138785df93ec85aeff64c6170077fb0"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp37-cp37m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "4b21e5b1a70dfb972490035128f305c39bc4bc253f34e96a4adf9127cf943eb2"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp38-cp38-macosx_10_9_universal2.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9796a2ba7b4b538649caa5cecd398d873f4022ed2333ffde58eaf604c4d2cb27"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp38-cp38-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "5a361d92635ad4ada1b1b2d3630fc2f53f2127d51cf2def9db83cba32e47c856"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp38-cp38-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "b793b899f7cf563b1e7044a5c97361196b938e92f0a4343a5d27966a53d2ec71"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d1ea5d12c8e2d266b5fb8c7a5d2e9c0219fedfeb493b7ed60cd350322384ac27"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp38-cp38-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "23c7ff43fff4b0df93a186581885c8512bc50fc4d4910e0f838e35d6bb6b5e58"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp39-cp39-macosx_10_9_universal2.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "1f7656b69974a6933e987ee8ffb951d836272d6c0f81d727f1d0e2696074d9e6"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp39-cp39-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d2022bfadb7a5c2ef410d6a7c9763188afdb7f3533f22a0a32be10d571ee4bbe"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp39-cp39-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ef943c72a786b0f8d90fd76e9b39ce81fb7171172daf84bf43eaf937e9f220a9"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "d744f72eb39f69312bc6c2abf8ff6656973120e2eb3f3ec4f758ed47e414a4bf"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-cp39-cp39-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "77a514ea15d3007d33a9e2157b0ba9c267496acf12a7f2b9b9f8446337aac5b0"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "0d054ef16b071149917085f51f89555a576e2618d5d9dd70bd6eea6410af3ac9"
}
]
},
{
"url": "https://pypi.org/project/mypy/0.971",
"comment": "Distribution file: mypy-0.971.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "40b0f21484238269ae6a57200c807d80debc6459d444c0489a102d7c6a75fa56"
}
]
}
]
},
{
"type": "library",
"bom-ref": "d108a2c9-619a-46f1-ba45-bebd6472f7a6",
"name": "mypy-extensions",
"version": "0.4.3",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/mypy-extensions/0.4.3",
"comment": "Distribution file: mypy_extensions-0.4.3-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "090fedd75945a69ae91ce1303b5824f428daf5a028d2f6ab8a299250a846f15d"
}
]
},
{
"url": "https://pypi.org/project/mypy-extensions/0.4.3",
"comment": "Distribution file: mypy_extensions-0.4.3.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "2d82818f5bb3e369420cb3c4060a7970edba416647068eb4c5343488a6c604a8"
}
]
}
]
},
{
"type": "library",
"bom-ref": "bb447ba4-a9ae-4199-b6c9-e9ebb312eb5e",
"name": "packageurl-python",
"version": "0.9.9",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/packageurl-python/0.9.9",
"comment": "Distribution file: packageurl-python-0.9.9.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "872a0434b9a448b3fa97571711f69dd2a3fb72345ad66c90b17d827afea82f09"
}
]
},
{
"url": "https://pypi.org/project/packageurl-python/0.9.9",
"comment": "Distribution file: packageurl_python-0.9.9-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "07aa852d1c48b0e86e625f6a32d83f96427739806b269d0f8142788ee807114b"
}
]
}
]
},
{
"type": "library",
"bom-ref": "2b429360-f6e9-4455-82aa-ed8ee6a04098",
"name": "packaging",
"version": "21.3",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/packaging/21.3",
"comment": "Distribution file: packaging-21.3-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522"
}
]
},
{
"url": "https://pypi.org/project/packaging/21.3",
"comment": "Distribution file: packaging-21.3.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb"
}
]
}
]
},
{
"type": "library",
"bom-ref": "fda0e8b4-7b83-427a-92a8-023f65e7e2e4",
"name": "pip-requirements-parser",
"version": "31.2.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/pip-requirements-parser/31.2.0",
"comment": "Distribution file: pip-requirements-parser-31.2.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8c2a6f8e091ac2693824a5ef4e3b250226e34f74a20a91a87b9ab0714b47788f"
}
]
},
{
"url": "https://pypi.org/project/pip-requirements-parser/31.2.0",
"comment": "Distribution file: pip_requirements_parser-31.2.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "22fa213a987913385b2484d5698ecfa1d9cf4154978cdf929085548af55355b0"
}
]
}
]
},
{
"type": "library",
"bom-ref": "38c1a869-5c65-4990-9a86-8c8e69cdbd62",
"name": "platformdirs",
"version": "2.4.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/platformdirs/2.4.0",
"comment": "Distribution file: platformdirs-2.4.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8868bbe3c3c80d42f20156f22e7131d2fb321f5bc86a2a345375c6481a67021d"
}
]
},
{
"url": "https://pypi.org/project/platformdirs/2.4.0",
"comment": "Distribution file: platformdirs-2.4.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "367a5e80b3d04d2428ffa76d33f124cf11e8fff2acdaa9b43d545f5c7d661ef2"
}
]
}
]
},
{
"type": "library",
"bom-ref": "60bb7c13-b0b5-4056-bc66-7f6edd7f37bc",
"name": "pluggy",
"version": "1.0.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/pluggy/1.0.0",
"comment": "Distribution file: pluggy-1.0.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"
}
]
},
{
"url": "https://pypi.org/project/pluggy/1.0.0",
"comment": "Distribution file: pluggy-1.0.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159"
}
]
}
]
},
{
"type": "library",
"bom-ref": "ab557d79-4499-4a92-843d-8363433a5401",
"name": "py",
"version": "1.11.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/py/1.11.0",
"comment": "Distribution file: py-1.11.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"
}
]
},
{
"url": "https://pypi.org/project/py/1.11.0",
"comment": "Distribution file: py-1.11.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719"
}
]
}
]
},
{
"type": "library",
"bom-ref": "673a9d4c-524d-421b-98e9-d854a0f0dc2f",
"name": "pycodestyle",
"version": "2.8.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/pycodestyle/2.8.0",
"comment": "Distribution file: pycodestyle-2.8.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "720f8b39dde8b293825e7ff02c475f3077124006db4f440dcbc9a20b76548a20"
}
]
},
{
"url": "https://pypi.org/project/pycodestyle/2.8.0",
"comment": "Distribution file: pycodestyle-2.8.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "eddd5847ef438ea1c7870ca7eb78a9d47ce0cdb4851a5523949f2601d0cbbe7f"
}
]
}
]
},
{
"type": "library",
"bom-ref": "df4d3aab-bee3-40a0-86d5-31db7b16d9d7",
"name": "pyflakes",
"version": "2.4.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/pyflakes/2.4.0",
"comment": "Distribution file: pyflakes-2.4.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3bb3a3f256f4b7968c9c788781e4ff07dce46bdf12339dcda61053375426ee2e"
}
]
},
{
"url": "https://pypi.org/project/pyflakes/2.4.0",
"comment": "Distribution file: pyflakes-2.4.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "05a85c2872edf37a4ed30b0cce2f6093e1d0581f8c19d7393122da7e25b2b24c"
}
]
}
]
},
{
"type": "library",
"bom-ref": "d877b06b-0bcd-4eb2-9f4a-8b0877fac6bd",
"name": "pyparsing",
"version": "3.0.7",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/pyparsing/3.0.7",
"comment": "Distribution file: pyparsing-3.0.7-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a6c06a88f252e6c322f65faf8f418b16213b51bdfaece0524c1c1bc30c63c484"
}
]
},
{
"url": "https://pypi.org/project/pyparsing/3.0.7",
"comment": "Distribution file: pyparsing-3.0.7.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "18ee9022775d270c55187733956460083db60b37d0d0fb357445f3094eed3eea"
}
]
}
]
},
{
"type": "library",
"bom-ref": "9d435103-af5b-4877-a66d-ebcc5e57b092",
"name": "six",
"version": "1.16.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/six/1.16.0",
"comment": "Distribution file: six-1.16.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"
}
]
},
{
"url": "https://pypi.org/project/six/1.16.0",
"comment": "Distribution file: six-1.16.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"
}
]
}
]
},
{
"type": "library",
"bom-ref": "7db59f1b-697f-4f80-bb60-1f9d112e6949",
"name": "sortedcontainers",
"version": "2.4.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/sortedcontainers/2.4.0",
"comment": "Distribution file: sortedcontainers-2.4.0-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a163dcaede0f1c021485e957a39245190e74249897e2ae4b2aa38595db237ee0"
}
]
},
{
"url": "https://pypi.org/project/sortedcontainers/2.4.0",
"comment": "Distribution file: sortedcontainers-2.4.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "25caa5a06cc30b6b83d11423433f65d1f9d76c4c6a0c90e3379eaa43b9bfdb88"
}
]
}
]
},
{
"type": "library",
"bom-ref": "f0380402-642a-4b0b-9b05-3a5585919a7d",
"name": "testfixtures",
"version": "6.18.5",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/testfixtures/6.18.5",
"comment": "Distribution file: testfixtures-6.18.5-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "7de200e24f50a4a5d6da7019fb1197aaf5abd475efb2ec2422fdcf2f2eb98c1d"
}
]
},
{
"url": "https://pypi.org/project/testfixtures/6.18.5",
"comment": "Distribution file: testfixtures-6.18.5.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "02dae883f567f5b70fd3ad3c9eefb95912e78ac90be6c7444b5e2f46bf572c84"
}
]
}
]
},
{
"type": "library",
"bom-ref": "4253c94a-ce2a-48e7-b25a-604c8b02bedf",
"name": "toml",
"version": "0.10.2",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/toml/0.10.2",
"comment": "Distribution file: toml-0.10.2-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b"
}
]
},
{
"url": "https://pypi.org/project/toml/0.10.2",
"comment": "Distribution file: toml-0.10.2.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
}
]
}
]
},
{
"type": "library",
"bom-ref": "c0876443-31cb-44dc-b8fe-5e26f777b750",
"name": "tomli",
"version": "1.2.3",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/tomli/1.2.3",
"comment": "Distribution file: tomli-1.2.3-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e3069e4be3ead9668e21cb9b074cd948f7b3113fd9c8bba083f48247aab8b11c"
}
]
},
{
"url": "https://pypi.org/project/tomli/1.2.3",
"comment": "Distribution file: tomli-1.2.3.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "05b6166bff487dc068d322585c7ea4ef78deed501cc124060e0f238e89a9231f"
}
]
}
]
},
{
"type": "library",
"bom-ref": "d6eafd24-e736-4241-891d-7645e7fe64c8",
"name": "tox",
"version": "3.25.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/tox/3.25.1",
"comment": "Distribution file: tox-3.25.1-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c38e15f4733683a9cc0129fba078633e07eb0961f550a010ada879e95fb32632"
}
]
},
{
"url": "https://pypi.org/project/tox/3.25.1",
"comment": "Distribution file: tox-3.25.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c138327815f53bc6da4fe56baec5f25f00622ae69ef3fe4e1e385720e22486f9"
}
]
}
]
},
{
"type": "library",
"bom-ref": "6e6a75ee-367c-4d00-8a0a-484baac296a1",
"name": "typed-ast",
"version": "1.5.4",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp310-cp310-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "669dd0c4167f6f2cd9f57041e03c3c2ebf9063d0757dc89f79ba1daa2bfca9d4"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp310-cp310-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "211260621ab1cd7324e0798d6be953d00b74e0428382991adfddb352252f1d62"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "267e3f78697a6c00c689c03db4876dd1efdfea2f251a5ad6555e82a26847b4ac"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "c542eeda69212fa10a7ada75e668876fdec5f856cd3d06829e6aa64ad17c8dfe"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp310-cp310-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a9916d2bb8865f973824fb47436fa45e1ebf2efd920f2b9f99342cb7fab93f72"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp36-cp36m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "79b1e0869db7c830ba6a981d58711c88b6677506e648496b1f64ac7d15633aec"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "a94d55d142c9265f4ea46fab70977a1944ecae359ae867397757d836ea5a3f47"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "183afdf0ec5b1b211724dfef3d2cad2d767cbefac291f24d69b00546c1837fb6"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp36-cp36m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "639c5f0b21776605dd6c9dbe592d5228f021404dafd377e2b7ac046b0349b1a1"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp37-cp37m-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "cf4afcfac006ece570e32d6fa90ab74a17245b83dfd6655a6f68568098345ff6"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ed855bbe3eb3715fca349c80174cfcfd699c2f9de574d40527b8429acae23a66"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "6778e1b2f81dfc7bc58e4b259363b83d2e509a65198e85d5700dfae4c6c8ff1c"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp37-cp37m-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "0261195c2062caf107831e92a76764c81227dae162c4f75192c0d489faf751a2"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp38-cp38-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "2efae9db7a8c05ad5547d522e7dbe62c83d838d3906a3716d1478b6c1d61388d"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp38-cp38-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "7d5d014b7daa8b0bf2eaef684295acae12b036d79f54178b92a2b6a56f92278f"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "370788a63915e82fd6f212865a596a0fefcbb7d408bbbb13dea723d971ed8bdc"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "4e964b4ff86550a7a7d56345c7864b18f403f5bd7380edf44a3c1fb4ee7ac6c6"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp38-cp38-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "683407d92dc953c8a7347119596f0b0e6c55eb98ebebd9b23437501b28dcbb8e"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp39-cp39-macosx_10_9_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "4879da6c9b73443f97e731b617184a596ac1235fe91f98d279a7af36c796da35"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp39-cp39-macosx_11_0_arm64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "3e123d878ba170397916557d31c8f589951e353cc95fb7f24f6bb69adc1a8a97"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ebd9d7f80ccf7a82ac5f88c521115cc55d84e35bf8b446fcd7836eb6b98929a3"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "98f80dee3c03455e92796b58b98ff6ca0b2a6f652120c263efdba4d6c5e58f72"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4-cp39-cp39-win_amd64.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "0fdbcf2fef0ca421a3f5912555804296f0b0960f0418c440f5d6d3abb549f3e1"
}
]
},
{
"url": "https://pypi.org/project/typed-ast/1.5.4",
"comment": "Distribution file: typed_ast-1.5.4.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "39e21ceb7388e4bb37f4c679d72707ed46c2fbf2a5609b8b8ebc4b067d977df2"
}
]
}
]
},
{
"type": "library",
"bom-ref": "88aadb10-ffa3-4c50-9440-f98ad9c2ab26",
"name": "types-setuptools",
"version": "57.4.17",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/types-setuptools/57.4.17",
"comment": "Distribution file: types-setuptools-57.4.17.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9d556fcaf6808a1cead4aaa41e5c07a61f0152a875811e1239738eba4e0b7b16"
}
]
},
{
"url": "https://pypi.org/project/types-setuptools/57.4.17",
"comment": "Distribution file: types_setuptools-57.4.17-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9c7cdaf0d55113e24ac17103bde2d434472abf1dbf444238e989fe4e798ffa26"
}
]
}
]
},
{
"type": "library",
"bom-ref": "aaab3317-0523-4f0e-b1b2-444f19f7c483",
"name": "types-toml",
"version": "0.10.8",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/types-toml/0.10.8",
"comment": "Distribution file: types-toml-0.10.8.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "b7e7ea572308b1030dc86c3ba825c5210814c2825612ec679eb7814f8dd9295a"
}
]
},
{
"url": "https://pypi.org/project/types-toml/0.10.8",
"comment": "Distribution file: types_toml-0.10.8-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "8300fd093e5829eb9c1fba69cee38130347d4b74ddf32d0a7df650ae55c2b599"
}
]
}
]
},
{
"type": "library",
"bom-ref": "5dd42711-1a84-4dfd-b70e-09f21cc887af",
"name": "typing-extensions",
"version": "4.1.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/typing-extensions/4.1.1",
"comment": "Distribution file: typing_extensions-4.1.1-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "21c85e0fe4b9a155d0799430b0ad741cdce7e359660ccbd8b530613e8df88ce2"
}
]
},
{
"url": "https://pypi.org/project/typing-extensions/4.1.1",
"comment": "Distribution file: typing_extensions-4.1.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "1a9462dcc3347a79b1f1c0271fbe79e844580bb598bafa1ed208b94da3cdcd42"
}
]
}
]
},
{
"type": "library",
"bom-ref": "4607d050-b6b4-4b01-b8b7-ed0167f71683",
"name": "virtualenv",
"version": "20.14.1",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/virtualenv/20.14.1",
"comment": "Distribution file: virtualenv-20.14.1-py2.py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "e617f16e25b42eb4f6e74096b9c9e37713cf10bf30168fb4a739f3fa8f898a3a"
}
]
},
{
"url": "https://pypi.org/project/virtualenv/20.14.1",
"comment": "Distribution file: virtualenv-20.14.1.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "ef589a79795589aada0c1c5b319486797c03b67ac3984c48c669c0e4f50df3a5"
}
]
}
]
},
{
"type": "library",
"bom-ref": "da8e5a6f-d5a9-47c0-bc3c-c1059d18e6a4",
"name": "zipp",
"version": "3.6.0",
"purl": "pkg:pypi/[email protected]",
"externalReferences": [
{
"url": "https://pypi.org/project/zipp/3.6.0",
"comment": "Distribution file: zipp-3.6.0-py3-none-any.whl",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc"
}
]
},
{
"url": "https://pypi.org/project/zipp/3.6.0",
"comment": "Distribution file: zipp-3.6.0.tar.gz",
"type": "distribution",
"hashes": [
{
"alg": "SHA-256",
"content": "71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832"
}
]
}
]
}
],
"dependencies": [
{
"ref": "221e9ebf-637f-42ea-92f9-4d377b718b04",
"dependsOn": []
},
{
"ref": "9355a3bb-2789-4b11-95f2-e60d3756062d",
"dependsOn": []
},
{
"ref": "1d127a2c-e89d-4d9a-b2fc-0eff17325f4f",
"dependsOn": []
},
{
"ref": "85b55ad5-5988-4cbd-af48-9b5dff125742",
"dependsOn": []
},
{
"ref": "71fd7a0e-4121-47d7-88f8-cb3b692167be",
"dependsOn": []
},
{
"ref": "368e142c-aacc-411b-b2de-61611cc0c07c",
"dependsOn": []
},
{
"ref": "b7821c28-1a71-4acc-8723-fbc9884ca353",
"dependsOn": []
},
{
"ref": "fa4bfc98-fd00-4cb7-a820-4b0d0e46eabf",
"dependsOn": []
},
{
"ref": "82f5d4c0-0cd3-4e68-89af-1eb9f375918f",
"dependsOn": []
},
{
"ref": "66e202c0-21cb-46e2-b3d8-06f57db16904",
"dependsOn": []
},
{
"ref": "64270487-d39e-497f-86ad-ec4ac6a7d3d3",
"dependsOn": []
},
{
"ref": "5a15e858-a9a7-449b-a8e7-b028501983a6",
"dependsOn": []
},
{
"ref": "a2f9b409-1157-439a-b80a-c774e832dc77",
"dependsOn": []
},
{
"ref": "c42b266b-6645-4fbb-bc22-30658d1094b6",
"dependsOn": []
},
{
"ref": "35afcc71-b81a-42a5-811d-54945937c882",
"dependsOn": []
},
{
"ref": "e951705e-30c4-497a-98ef-f9d141136a46",
"dependsOn": []
},
{
"ref": "d108a2c9-619a-46f1-ba45-bebd6472f7a6",
"dependsOn": []
},
{
"ref": "bb447ba4-a9ae-4199-b6c9-e9ebb312eb5e",
"dependsOn": []
},
{
"ref": "2b429360-f6e9-4455-82aa-ed8ee6a04098",
"dependsOn": []
},
{
"ref": "fda0e8b4-7b83-427a-92a8-023f65e7e2e4",
"dependsOn": []
},
{
"ref": "38c1a869-5c65-4990-9a86-8c8e69cdbd62",
"dependsOn": []
},
{
"ref": "60bb7c13-b0b5-4056-bc66-7f6edd7f37bc",
"dependsOn": []
},
{
"ref": "ab557d79-4499-4a92-843d-8363433a5401",
"dependsOn": []
},
{
"ref": "673a9d4c-524d-421b-98e9-d854a0f0dc2f",
"dependsOn": []
},
{
"ref": "df4d3aab-bee3-40a0-86d5-31db7b16d9d7",
"dependsOn": []
},
{
"ref": "d877b06b-0bcd-4eb2-9f4a-8b0877fac6bd",
"dependsOn": []
},
{
"ref": "9d435103-af5b-4877-a66d-ebcc5e57b092",
"dependsOn": []
},
{
"ref": "7db59f1b-697f-4f80-bb60-1f9d112e6949",
"dependsOn": []
},
{
"ref": "f0380402-642a-4b0b-9b05-3a5585919a7d",
"dependsOn": []
},
{
"ref": "4253c94a-ce2a-48e7-b25a-604c8b02bedf",
"dependsOn": []
},
{
"ref": "c0876443-31cb-44dc-b8fe-5e26f777b750",
"dependsOn": []
},
{
"ref": "d6eafd24-e736-4241-891d-7645e7fe64c8",
"dependsOn": []
},
{
"ref": "6e6a75ee-367c-4d00-8a0a-484baac296a1",
"dependsOn": []
},
{
"ref": "88aadb10-ffa3-4c50-9440-f98ad9c2ab26",
"dependsOn": []
},
{
"ref": "aaab3317-0523-4f0e-b1b2-444f19f7c483",
"dependsOn": []
},
{
"ref": "5dd42711-1a84-4dfd-b70e-09f21cc887af",
"dependsOn": []
},
{
"ref": "4607d050-b6b4-4b01-b8b7-ed0167f71683",
"dependsOn": []
},
{
"ref": "da8e5a6f-d5a9-47c0-bc3c-c1059d18e6a4",
"dependsOn": []
}
]
} |
Thanks for the (confirmed) report, @SaberStrat . Do you want to give it a try and provide a fix/feature/PR? |
could try to evaluate the following files, to gather the requested information:
and additionally we could allow CLI options/switches/arguments to set the data like
any thoughts, @madpah , @SaberStrat ? |
Thanks for the quick response. The additional data sounds good, though If absolutely no one else is in dire need of an issue to work on, I could tackle it. But can't provide an ETA. |
This is an interesting idea - thanks for raising @SaberStrat. Being able to accurately populate |
metatype.component
metatype.component
bom.metadata.component
As far as I know, we don't even use a Python-specific build tool/system. Just plain conda. So for me, as of right now, CLI options would cover my use cases. If the build config files allow for a definition of the metadata.components, then for consistency sake that should be supported as well ofc. |
bom.metadata.component
bom.metadata.component
This is a big issue for us. Hierarchical merge requires a component to exist and working around it is a big hack. Would it be possible to at least have cli options to give component information to this tool and populate the field. |
sure, it is possible. :-) We are currently in a feature-freeze phase for v1-v3, |
@jkowalleck Any plans on supporting |
re: #391 (comment) |
fixed by #605 |
This feature will be part of the next/upcoming major release. |
As of 3.5.0, the SBOM resulting from running e.g.
cyclonedx-bom --format json --output bom.json -e
does not come with ametadata.component
object.Sure, one is able to modify the SBOM by hand.
But to align the Python SBOM creator tool more with CycloneDX's own plugins for other languages/build tools - like Gradle or NPM -, it'd be neat if it came with the optional setting, along with a default value, for the project's/parent component's type.
The text was updated successfully, but these errors were encountered: