chore: update SBOM for Python 3.10

Author: web-flow

sbom/cve-bin-tool-py3.10.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:6ce0712e-57c1-4da1-8f57-ae9246ca17c5",
+  "serialNumber": "urn:uuid:6cd8705c-68f2-410a-94eb-f6a8f2e5ac7f",
   "version": 1,
   "metadata": {
-    "timestamp": "2025-10-13T00:45:34Z",
+    "timestamp": "2025-10-27T00:42:37Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -79,12 +79,12 @@
       "type": "library",
       "bom-ref": "2-aiohttp",
       "name": "aiohttp",
-      "version": "3.13.0",
+      "version": "3.13.1",
       "description": "Async http client/server framework (asyncio)",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "ca69ec38adf5cadcc21d0b25e2144f6a25b7db7bea7e730bac25075bc305eff0"
+          "content": "2349a6b642020bf20116a8a5c83bae8ba071acf1461c7cbe45fc7fafd552e7e2"
         }
       ],
       "licenses": [
@@ -100,7 +100,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/aiohttp/3.13.0/#files",
+          "url": "https://pypi.org/project/aiohttp/3.13.1/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -137,11 +137,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/aiohttp@3.13.0",
+      "purl": "pkg:pypi/aiohttp@3.13.1",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-10-06T19:54:40Z"
+          "value": "2025-10-17T13:58:56Z"
         },
         {
           "name": "language",
@@ -305,6 +305,12 @@
       "name": "frozenlist",
       "version": "1.8.0",
       "description": "A list-like structure which implements collections.abc.MutableSequence",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "b37f6d31b3dcea7deb5e9696e529a6aa4a898adc33db82da12e4c60a7c4d2011"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -366,7 +372,7 @@
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-07-03T22:54:42Z"
+          "value": "2025-10-06T05:35:23Z"
         },
         {
           "name": "language",
@@ -894,6 +900,12 @@
       },
       "cpe": "cpe:2.3:a:kim_davies:idna:3.11:*:*:*:*:*:*:*",
       "description": "Internationalized Domain Names in Applications (IDNA)",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "771a87f49d9defaf64091e6e6fe9c18d4833f140bd19464795bc32d966ca37ea"
+        }
+      ],
       "externalReferences": [
         {
           "url": "https://pypi.org/project/idna/3.11/#files",
@@ -917,7 +929,7 @@
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-10-06T14:08:42Z"
+          "value": "2025-10-12T14:55:18Z"
         },
         {
           "name": "language",
@@ -1383,7 +1395,7 @@
       "type": "library",
       "bom-ref": "20-argcomplete",
       "name": "argcomplete",
-      "version": "3.6.2",
+      "version": "3.6.3",
       "supplier": {
         "name": "Andrey Kislyuk",
         "contact": [
@@ -1392,12 +1404,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.6.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:andrey_kislyuk:argcomplete:3.6.3:*:*:*:*:*:*:*",
       "description": "Bash tab completion for argparse",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "65b3133a29ad53fb42c48cf5114752c7ab66c1c38544fdf6460f450c09b42591"
+          "content": "f5007b3a600ccac5d25bbce33089211dfd49eab4a7718da3f10e3082525a92ce"
         }
       ],
       "licenses": [
@@ -1416,7 +1428,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/argcomplete/3.6.2/#files",
+          "url": "https://pypi.org/project/argcomplete/3.6.3/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -1437,11 +1449,11 @@
           "type": "log"
         }
       ],
-      "purl": "pkg:pypi/argcomplete@3.6.2",
+      "purl": "pkg:pypi/argcomplete@3.6.3",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-04-03T04:57:01Z"
+          "value": "2025-10-20T03:33:33Z"
         },
         {
           "name": "language",
@@ -3131,7 +3143,7 @@
       "type": "library",
       "bom-ref": "48-referencing",
       "name": "referencing",
-      "version": "0.36.2",
+      "version": "0.37.0",
       "supplier": {
         "name": "Julian Berman",
         "contact": [
@@ -3140,12 +3152,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julian_berman:referencing:0.36.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:referencing:0.37.0:*:*:*:*:*:*:*",
       "description": "JSON Referencing + Python",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "e8699adbbf8b5c7de96d8ffa0eb5c158b3beafce084968e2ea8bb08c6794dcd0"
+          "content": "381329a9f99628c9069361716891d34ad94af76e461dcb0335825aecc7692231"
         }
       ],
       "externalReferences": [
@@ -3155,7 +3167,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/referencing/0.36.2/#files",
+          "url": "https://pypi.org/project/referencing/0.37.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -3184,11 +3196,11 @@
           "type": "vcs"
         }
       ],
-      "purl": "pkg:pypi/referencing@0.36.2",
+      "purl": "pkg:pypi/referencing@0.37.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-01-25T08:48:14Z"
+          "value": "2025-10-13T15:30:47Z"
         },
         {
           "name": "language",
@@ -3204,7 +3216,7 @@
       "type": "library",
       "bom-ref": "49-rpds-py",
       "name": "rpds-py",
-      "version": "0.27.1",
+      "version": "0.28.0",
       "supplier": {
         "name": "Julian Berman",
         "contact": [
@@ -3213,12 +3225,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.27.1:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:julian_berman:rpds-py:0.28.0:*:*:*:*:*:*:*",
       "description": "Python bindings to Rust's persistent data structures (rpds)",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "68afeec26d42ab3b47e541b272166a0b4400313946871cba3ed3a4fc0cab1cef"
+          "content": "7b6013db815417eeb56b2d9d7324e64fcd4fa289caeee6e7a78b2e11fc9b438a"
         }
       ],
       "externalReferences": [
@@ -3228,7 +3240,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/rpds-py/0.27.1/#files",
+          "url": "https://pypi.org/project/rpds-py/0.28.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -3257,11 +3269,11 @@
           "type": "other"
         }
       ],
-      "purl": "pkg:pypi/rpds-py@0.27.1",
+      "purl": "pkg:pypi/rpds-py@0.28.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-08-27T12:12:25Z"
+          "value": "2025-10-22T22:21:15Z"
         },
         {
           "name": "language",
@@ -3537,7 +3549,7 @@
       "type": "library",
       "bom-ref": "54-xmlschema",
       "name": "xmlschema",
-      "version": "4.1.0",
+      "version": "4.2.0",
       "supplier": {
         "name": "Davide Brunato",
         "contact": [
@@ -3546,12 +3558,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:davide_brunato:xmlschema:4.1.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:davide_brunato:xmlschema:4.2.0:*:*:*:*:*:*:*",
       "description": "An XML Schema validator and decoder",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "eabf610f398a58700bc4ac94380ad9ce558297a3f9ca8b7722ed3f7888eb4498"
+          "content": "82d24a50eea5e7f2d603312813848cd66fddf8fa2b6730839c6aa3d66312e3b6"
         }
       ],
       "externalReferences": [
@@ -3561,16 +3573,16 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/xmlschema/4.1.0/#files",
+          "url": "https://pypi.org/project/xmlschema/4.2.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         }
       ],
-      "purl": "pkg:pypi/xmlschema@4.1.0",
+      "purl": "pkg:pypi/xmlschema@4.2.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-06-05T21:17:35Z"
+          "value": "2025-10-14T09:19:28Z"
         },
         {
           "name": "language",
@@ -4195,7 +4207,7 @@
       "type": "library",
       "bom-ref": "65-narwhals",
       "name": "narwhals",
-      "version": "2.7.0",
+      "version": "2.9.0",
       "supplier": {
         "name": "Marco Gorelli",
         "contact": [
@@ -4204,8 +4216,14 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.7.0:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:2.9.0:*:*:*:*:*:*:*",
       "description": "Extremely lightweight compatibility layer between dataframe libraries",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "c59f7de4763004ae81691ce16df71b4e55aead0ead7ccde8c8f2ef8c9559c765"
+        }
+      ],
       "licenses": [
         {
           "license": {
@@ -4222,7 +4240,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/narwhals/2.7.0/#files",
+          "url": "https://pypi.org/project/narwhals/2.9.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4239,11 +4257,11 @@
           "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/narwhals@2.7.0",
+      "purl": "pkg:pypi/narwhals@2.9.0",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-10-02T16:10:22Z"
+          "value": "2025-10-20T12:19:15Z"
         },
         {
           "name": "language",
@@ -4403,7 +4421,7 @@
       "type": "library",
       "bom-ref": "68-charset-normalizer",
       "name": "charset-normalizer",
-      "version": "3.4.3",
+      "version": "3.4.4",
       "supplier": {
         "name": "Ahmed R .",
         "contact": [
@@ -4412,12 +4430,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:ahmed_r.:charset-normalizer:3.4.3:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:ahmed_r.:charset-normalizer:3.4.4:*:*:*:*:*:*:*",
       "description": "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "fb7f67a1bfa6e40b438170ebdc8158b78dc465a5a67b6dde178a46987b244a72"
+          "content": "e824f1492727fa856dd6eda4f7cee25f8518a12f3c4a56a74e8095695089cf6d"
         }
       ],
       "licenses": [
@@ -4431,7 +4449,7 @@
       ],
       "externalReferences": [
         {
-          "url": "https://pypi.org/project/charset-normalizer/3.4.3/#files",
+          "url": "https://pypi.org/project/charset-normalizer/3.4.4/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4452,11 +4470,11 @@
           "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/charset-normalizer@3.4.3",
+      "purl": "pkg:pypi/charset-normalizer@3.4.4",
       "properties": [
         {
           "name": "release_date",
-          "value": "2025-08-09T07:55:36Z"
+          "value": "2025-10-14T04:40:11Z"
         },
         {
           "name": "language",