From a55c4098992d17ef8d93600d85c2eeac88f73a87 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Jan 2025 14:55:05 +0000 Subject: [PATCH] build(deps-dev): bump cyclonedx-bom from 4.6.1 to 5.1.1 Bumps [cyclonedx-bom](https://github.com/CycloneDX/cyclonedx-python) from 4.6.1 to 5.1.1. - [Release notes](https://github.com/CycloneDX/cyclonedx-python/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-python/blob/main/CHANGELOG.md) - [Commits](https://github.com/CycloneDX/cyclonedx-python/compare/v4.6.1...v5.1.1) --- updated-dependencies: - dependency-name: cyclonedx-bom dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- poetry.lock | 24 ++++++++++++------------ pyproject.toml | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/poetry.lock b/poetry.lock index 6b88c43..18678b0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -320,18 +320,18 @@ toml = ["tomli"] [[package]] name = "cyclonedx-bom" -version = "4.6.1" +version = "5.1.1" description = "CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "cyclonedx_bom-4.6.1-py3-none-any.whl", hash = "sha256:39600cb0fe9231285d9f6c234270e23200f9de28d63a2cc2c50d1f6fab75fe1b"}, - {file = "cyclonedx_bom-4.6.1.tar.gz", hash = "sha256:2fe72daadfd8addd824b235f8ea21ff6045ebe00bbb9da48ec07bfc5a3c39169"}, + {file = "cyclonedx_bom-5.1.1-py3-none-any.whl", hash = "sha256:a2be2578c540298c3c3707db5dbc56ac93b3f2f2c13076b9e7d89a8c58160b08"}, + {file = "cyclonedx_bom-5.1.1.tar.gz", hash = "sha256:32b3686a879700e3cebf8a177187d1c10b5f3fbbb2803ba3011e5f4af3b9d131"}, ] [package.dependencies] chardet = ">=5.1,<6.0" -cyclonedx-python-lib = {version = ">=7.3.0,<7.3.1 || >7.3.1,<8.0.0", extras = ["validation"]} +cyclonedx-python-lib = {version = ">=8.0,<9.0", extras = ["validation"]} packageurl-python = ">=0.11,<2" packaging = ">=22,<25" pip-requirements-parser = ">=32.0,<33.0" @@ -339,13 +339,13 @@ tomli = {version = ">=2.0.1,<3.0.0", markers = "python_version < \"3.11\""} [[package]] name = "cyclonedx-python-lib" -version = "7.6.0" +version = "8.5.0" description = "Python library for CycloneDX" optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "cyclonedx_python_lib-7.6.0-py3-none-any.whl", hash = "sha256:30655e89e5f987dc8d57835919748d71589fafeb33ff1dec45048eb72eda3cf9"}, - {file = "cyclonedx_python_lib-7.6.0.tar.gz", hash = "sha256:fa481d5f0d82728cb6a32e55f8ba9c666ba75a2bd99eb643228e3011c56bb5c4"}, + {file = "cyclonedx_python_lib-8.5.0-py3-none-any.whl", hash = "sha256:a6b6d04295cdbee27c4b8d618ba2c1c7bbd535b9666cc36b05e9d6408751a829"}, + {file = "cyclonedx_python_lib-8.5.0.tar.gz", hash = "sha256:35f7a139042e4df17ff414fa228cec83c7e4e493bdec990847357791ca72f3a5"}, ] [package.dependencies] @@ -353,7 +353,7 @@ jsonschema = {version = ">=4.18,<5.0", extras = ["format"], optional = true, mar license-expression = ">=30,<31" lxml = {version = ">=4,<6", optional = true, markers = "extra == \"validation\" or extra == \"xml-validation\""} packageurl-python = ">=0.11,<2" -py-serializable = ">=1.1.0,<2.0.0" +py-serializable = ">=1.1.1,<2.0.0" sortedcontainers = ">=2.4.0,<3.0.0" [package.extras] @@ -1445,13 +1445,13 @@ files = [ [[package]] name = "py-serializable" -version = "1.1.0" +version = "1.1.2" description = "Library for serializing and deserializing Python Objects to and from JSON and XML." optional = false python-versions = "<4.0,>=3.8" files = [ - {file = "py_serializable-1.1.0-py3-none-any.whl", hash = "sha256:ae7ae4326b0d037b7e710f6e8bb1a97ece4ac2895a1f443a17ffd17f85547d76"}, - {file = "py_serializable-1.1.0.tar.gz", hash = "sha256:3311ab39063b131caca0fb75e2038153682e55576c67f24a2de72d402dccb6e0"}, + {file = "py_serializable-1.1.2-py3-none-any.whl", hash = "sha256:801be61b0a1ba64c3861f7c624f1de5cfbbabf8b458acc9cdda91e8f7e5effa1"}, + {file = "py_serializable-1.1.2.tar.gz", hash = "sha256:89af30bc319047d4aa0d8708af412f6ce73835e18bacf1a080028bb9e2f42bdb"}, ] [package.dependencies] @@ -2212,4 +2212,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = ">3.9,<4.0" -content-hash = "297f164466f20099686008da95db0deb3a07b161998c9247e636f686dd265f30" +content-hash = "93b25453d2c0bbcd072eacff6b16f9cffce5ebc11c97751697c3448f96dce42c" diff --git a/pyproject.toml b/pyproject.toml index f36c68b..4742424 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -26,7 +26,7 @@ dataproduct-apps-collect = "dataproduct_apps.main:collect" dataproduct-apps-persist = "dataproduct_apps.main:persist" [tool.poetry.group.sbom-tools.dependencies] -cyclonedx-bom = "^4.6.1" +cyclonedx-bom = "^5.1.1" [build-system] requires = ["poetry-core>=1.0.0"]