From 61b41fcccdd3c85b97cc3e601ec64aa440ffcdd2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 17 Nov 2024 22:27:41 +0100 Subject: [PATCH 01/14] fix(deps): update dependency pyjwt to v2.10.0 (#2214) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- backend/poetry.lock | 10 +++++----- backend/pyproject.toml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/backend/poetry.lock b/backend/poetry.lock index bbaff8a12..c5185ee91 100644 --- a/backend/poetry.lock +++ b/backend/poetry.lock @@ -1913,13 +1913,13 @@ windows-terminal = ["colorama (>=0.4.6)"] [[package]] name = "pyjwt" -version = "2.9.0" +version = "2.10.0" description = "JSON Web Token implementation in Python" optional = false -python-versions = ">=3.8" +python-versions = ">=3.9" files = [ - {file = "PyJWT-2.9.0-py3-none-any.whl", hash = "sha256:3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850"}, - {file = "pyjwt-2.9.0.tar.gz", hash = "sha256:7e1e5b56cc735432a7369cbfa0efe50fa113ebecdc04ae6922deba8b84582d0c"}, + {file = "PyJWT-2.10.0-py3-none-any.whl", hash = "sha256:543b77207db656de204372350926bed5a86201c4cbff159f623f79c7bb487a15"}, + {file = "pyjwt-2.10.0.tar.gz", hash = "sha256:7628a7eb7938959ac1b26e819a1df0fd3259505627b575e4bad6d08f76db695c"}, ] [package.extras] @@ -2514,4 +2514,4 @@ unittests = ["coverage", "django-coverage-plugin", "django-extensions"] [metadata] lock-version = "2.0" python-versions = ">= 3.10, < 3.13" -content-hash = "56268e02676c9c990d12038d891b904f49c486216f7dd3eeca584733a2dcf8ab" +content-hash = "5d536e3e82478f21e54951965cef9fa95a00778d07152ff3746676b73ea4feda" diff --git a/backend/pyproject.toml b/backend/pyproject.toml index 13cbc7c63..122703495 100644 --- a/backend/pyproject.toml +++ b/backend/pyproject.toml @@ -30,7 +30,7 @@ drf-spectacular = "0.27.2" # https://github.com/tfranzel/drf-spectacular drf-spectacular-sidecar = "2024.11.1" # https://github.com/tfranzel/drf-spectacular-sidecar # Token authentication # ------------------------------------------------------------------------------ -PyJWT = "2.9.0" # https://github.com/jpadilla/pyjwt +PyJWT = "2.10.0" # https://github.com/jpadilla/pyjwt # HTTP requests # ------------------------------------------------------------------------------ requests = "2.32.3" # https://github.com/psf/requests From 79bd2798a212de6078c2af7a3034447d90cd2f4e Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Mon, 18 Nov 2024 07:09:28 +0000 Subject: [PATCH 02/14] chore: remove i18n as it is not used anyway (#2220) --- frontend/package-lock.json | 2 -- frontend/package.json | 2 -- frontend/src/App.tsx | 7 ----- frontend/src/commons/i18n/en.ts | 55 --------------------------------- 4 files changed, 66 deletions(-) delete mode 100644 frontend/src/commons/i18n/en.ts diff --git a/frontend/package-lock.json b/frontend/package-lock.json index 16c7a0599..b785c60a3 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -23,9 +23,7 @@ "oidc-client-ts": "3.1.0", "prop-types": "15.8.1", "query-string": "9.1.1", - "ra-i18n-polyglot": "5.3.4", "ra-input-rich-text": "5.3.4", - "ra-language-english": "5.3.4", "react": "18.3.1", "react-admin": "5.3.4", "react-chartjs-2": "5.2.0", diff --git a/frontend/package.json b/frontend/package.json index d612f2364..78238dd41 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -19,9 +19,7 @@ "oidc-client-ts": "3.1.0", "prop-types": "15.8.1", "query-string": "9.1.1", - "ra-i18n-polyglot": "5.3.4", "ra-input-rich-text": "5.3.4", - "ra-language-english": "5.3.4", "react": "18.3.1", "react-admin": "5.3.4", "react-chartjs-2": "5.2.0", diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index 81628260d..c4d2a7011 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -1,4 +1,3 @@ -import polyglotI18nProvider from "ra-i18n-polyglot"; import { Admin, CustomRoutes, Resource } from "react-admin"; import { AuthProvider } from "react-oidc-context"; import { Route } from "react-router"; @@ -9,7 +8,6 @@ import authProvider from "./access_control/authProvider"; import { oidcConfig } from "./access_control/authProvider"; import authorization_groups from "./access_control/authorization_groups"; import users from "./access_control/users"; -import englishMessages from "./commons/i18n/en"; import { Layout } from "./commons/layout"; import { darkTheme, lightTheme } from "./commons/layout/themes"; import notifications from "./commons/notifications"; @@ -38,10 +36,6 @@ import vex_counters from "./vex/vex_counters"; import vex_documents from "./vex/vex_documents"; import vex_statements from "./vex/vex_statements"; -const i18nProvider = polyglotI18nProvider(() => { - return englishMessages; -}, "en"); - const App = () => { return ( { dashboard={Dashboard} loginPage={Login} layout={Layout} - i18nProvider={i18nProvider} disableTelemetry lightTheme={lightTheme} darkTheme={darkTheme} diff --git a/frontend/src/commons/i18n/en.ts b/frontend/src/commons/i18n/en.ts deleted file mode 100644 index 361508b8c..000000000 --- a/frontend/src/commons/i18n/en.ts +++ /dev/null @@ -1,55 +0,0 @@ -import englishMessages from "ra-language-english"; -import { TranslationMessages } from "react-admin"; - -const customEnglishMessages: TranslationMessages = { - ...englishMessages, - pos: { - search: "Search", - configuration: "Configuration", - language: "Language", - theme: { - name: "Theme", - light: "Light", - dark: "Dark", - }, - dashboard: {}, - menu: { - sales: "Sales", - catalog: "Catalog", - customers: "Customers", - }, - }, - resources: { - products: { - name: "Product |||| Products", - fields: { - name: "Name", - description: "Description", - }, - page: { - delete: "Delete Product", - }, - }, - observations: { - name: "Observation |||| Observations", - fields: { - name: "Title", - }, - page: { - delete: "Delete Observation", - }, - }, - parsers: { - name: "Parser |||| Parsers", - fields: { - name: "Name", - type: "Type", - }, - page: { - delete: "Delete Parser", - }, - }, - }, -}; - -export default customEnglishMessages; From eda0dd6e20e7199dd91f8a96eeb74ddf97eefecc Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Mon, 18 Nov 2024 07:39:36 +0000 Subject: [PATCH 03/14] chore: remove search fields from filters (#2221) * chore: remove search fields from filters * chore: isort --- backend/application/access_control/api/filters.py | 9 +-------- backend/application/access_control/api/views.py | 6 ++++++ backend/application/licenses/api/filters.py | 6 ------ backend/application/rules/api/filters.py | 8 -------- backend/application/rules/api/views.py | 6 ++++++ 5 files changed, 13 insertions(+), 22 deletions(-) diff --git a/backend/application/access_control/api/filters.py b/backend/application/access_control/api/filters.py index 105ed95b1..159f6f8a7 100644 --- a/backend/application/access_control/api/filters.py +++ b/backend/application/access_control/api/filters.py @@ -14,9 +14,6 @@ class UserFilter(FilterSet): full_name = CharFilter(field_name="full_name", lookup_expr="icontains") authorization_group = NumberFilter(field_name="authorization_groups") - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="full_name", lookup_expr="icontains") - ordering = OrderingFilter( # tuple-mapping retains order fields=( @@ -38,7 +35,6 @@ class Meta: "is_active", "is_superuser", "is_external", - "search", ] def __init__(self, data=None, queryset=None, *, request=None, prefix=None): @@ -61,9 +57,6 @@ class AuthorizationGroupFilter(FilterSet): oidc_group = CharFilter(field_name="oidc_group", lookup_expr="icontains") user = NumberFilter(field_name="users") - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="name", lookup_expr="icontains") - ordering = OrderingFilter( # tuple-mapping retains order fields=(("name", "name"), ("oidc_group", "oidc_group")), @@ -71,7 +64,7 @@ class AuthorizationGroupFilter(FilterSet): class Meta: model = Authorization_Group - fields = ["name", "oidc_group", "search"] + fields = ["name", "oidc_group"] def get_user(self, queryset, name, value): # pylint: disable=unused-argument # field_name is used as a positional argument diff --git a/backend/application/access_control/api/views.py b/backend/application/access_control/api/views.py index 6b52f7b02..9029696ba 100644 --- a/backend/application/access_control/api/views.py +++ b/backend/application/access_control/api/views.py @@ -12,10 +12,12 @@ validate_password, ) from django.core.exceptions import ValidationError as DjangoValidationError +from django_filters.rest_framework import DjangoFilterBackend from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework import status from rest_framework.decorators import action from rest_framework.exceptions import PermissionDenied, ValidationError +from rest_framework.filters import SearchFilter from rest_framework.mixins import ListModelMixin from rest_framework.permissions import IsAdminUser, IsAuthenticated from rest_framework.response import Response @@ -91,6 +93,8 @@ class UserViewSet(ModelViewSet): filterset_class = UserFilter queryset = User.objects.none() permission_classes = (IsAuthenticated, UserHasSuperuserPermission) + filter_backends = [SearchFilter, DjangoFilterBackend] + search_fields = ["full_name"] def get_queryset(self): if self.action == "list": @@ -234,6 +238,8 @@ class AuthorizationGroupViewSet(ModelViewSet): filterset_class = AuthorizationGroupFilter queryset = Authorization_Group.objects.none() permission_classes = (IsAuthenticated, UserHasAuthorizationGroupPermission) + filter_backends = [SearchFilter, DjangoFilterBackend] + search_fields = ["name"] def get_queryset(self): return get_authorization_groups() diff --git a/backend/application/licenses/api/filters.py b/backend/application/licenses/api/filters.py index 66f6a51c1..e495b40b7 100644 --- a/backend/application/licenses/api/filters.py +++ b/backend/application/licenses/api/filters.py @@ -114,9 +114,6 @@ class LicenseGroupFilter(FilterSet): ), ) - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="name", lookup_expr="icontains") - class Meta: model = License_Group fields = ["name", "is_public", "licenses"] @@ -176,9 +173,6 @@ class LicensePolicyFilter(FilterSet): ), ) - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="name", lookup_expr="icontains") - class Meta: model = License_Policy fields = ["name", "is_public"] diff --git a/backend/application/rules/api/filters.py b/backend/application/rules/api/filters.py index 9e2fbb4bd..3f5acb2c7 100644 --- a/backend/application/rules/api/filters.py +++ b/backend/application/rules/api/filters.py @@ -6,9 +6,6 @@ class GeneralRuleFilter(FilterSet): name = CharFilter(field_name="name", lookup_expr="icontains") - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="name", lookup_expr="icontains") - ordering = OrderingFilter( # tuple-mapping retains order fields=( @@ -27,7 +24,6 @@ class Meta: model = Rule fields = [ "name", - "search", "parser", "scanner_prefix", "title", @@ -39,9 +35,6 @@ class Meta: class ProductRuleFilter(FilterSet): name = CharFilter(field_name="name", lookup_expr="icontains") - # search is needed for the ReferenceArrayInput field of react-admin - search = CharFilter(field_name="name", lookup_expr="icontains") - ordering = OrderingFilter( # tuple-mapping retains order fields=( @@ -61,7 +54,6 @@ class Meta: model = Rule fields = [ "name", - "search", "product", "parser", "scanner_prefix", diff --git a/backend/application/rules/api/views.py b/backend/application/rules/api/views.py index afe7bfde9..008f8fde3 100644 --- a/backend/application/rules/api/views.py +++ b/backend/application/rules/api/views.py @@ -1,7 +1,9 @@ +from django_filters.rest_framework import DjangoFilterBackend from drf_spectacular.utils import extend_schema from rest_framework import status from rest_framework.decorators import action from rest_framework.exceptions import NotFound, ValidationError +from rest_framework.filters import SearchFilter from rest_framework.permissions import IsAuthenticated from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet @@ -33,6 +35,8 @@ class GeneralRuleViewSet(ModelViewSet): filterset_class = GeneralRuleFilter queryset = Rule.objects.none() permission_classes = (IsAuthenticated, UserHasGeneralRulePermission) + filter_backends = [SearchFilter, DjangoFilterBackend] + search_fields = ["name"] def get_queryset(self): return get_general_rules() @@ -66,6 +70,8 @@ class ProductRuleViewSet(ModelViewSet): filterset_class = ProductRuleFilter queryset = Rule.objects.none() permission_classes = (IsAuthenticated, UserHasProductRulePermission) + filter_backends = [SearchFilter, DjangoFilterBackend] + search_fields = ["name"] def get_queryset(self): return get_product_rules() From ff0eb50d82ee883da8366f331d470131da65eb1f Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Mon, 18 Nov 2024 08:55:23 +0000 Subject: [PATCH 04/14] chore: remove superfluous filter for license policies (#2222) * chore: remove superfluous filter for license policies * chore: isort --- backend/application/licenses/api/filters.py | 24 +-------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/backend/application/licenses/api/filters.py b/backend/application/licenses/api/filters.py index e495b40b7..b5054f2c9 100644 --- a/backend/application/licenses/api/filters.py +++ b/backend/application/licenses/api/filters.py @@ -1,13 +1,7 @@ from datetime import timedelta from django.utils import timezone -from django_filters import ( - CharFilter, - ChoiceFilter, - FilterSet, - NumberFilter, - OrderingFilter, -) +from django_filters import CharFilter, ChoiceFilter, FilterSet, OrderingFilter from application.commons.api.extended_ordering_filter import ExtendedOrderingFilter from application.commons.types import Age_Choices @@ -158,12 +152,6 @@ class Meta: class LicensePolicyFilter(FilterSet): name = CharFilter(field_name="name", lookup_expr="icontains") - licenses = NumberFilter( - field_name="licenses", method="get_license_policies_with_license" - ) - license_groups = NumberFilter( - field_name="license_groups", method="get_license_policies_with_license_group" - ) ordering = OrderingFilter( # tuple-mapping retains order @@ -177,16 +165,6 @@ class Meta: model = License_Policy fields = ["name", "is_public"] - def get_license_policies_with_license( - self, queryset, field_name, value # pylint: disable=unused-argument - ) -> bool: - return queryset.filter(license_policy_items__license=value) - - def get_license_policies_with_license_group( - self, queryset, field_name, value # pylint: disable=unused-argument - ) -> bool: - return queryset.filter(license_policy_items__license_group=value) - class LicensePolicyItemFilter(FilterSet): license_group_name = CharFilter( From 829f8157de275ed0d2a20ba3dfcd8dd3b47445f7 Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Mon, 18 Nov 2024 11:32:41 +0000 Subject: [PATCH 05/14] feat: exclude existing items in add dialogs (#2223) * feat: exclude existing items in add dialogs * fix: exlude authorization_group_members in Product serializers * chore: black --- .../application/access_control/api/filters.py | 71 +++++++++++++++++++ .../core/api/serializers_product.py | 11 ++- ...055_product_authorization_group_members.py | 24 +++++++ backend/application/core/models.py | 7 ++ backend/application/licenses/api/filters.py | 38 +++++++++- .../AuthorizationGroupMemberAdd.tsx | 1 + .../ProductAuthorizationGroupMemberAdd.tsx | 1 + .../core/product_members/ProductMemberAdd.tsx | 1 + ...icenseGroupAuthorizationGroupMemberAdd.tsx | 1 + .../LicenseGroupLicenseAdd.tsx | 1 + .../LicenseGroupMemberAdd.tsx | 1 + ...censePolicyAuthorizationGroupMemberAdd.tsx | 1 + .../LicensePolicyItemAdd.tsx | 2 + .../LicensePolicyItemEdit.tsx | 11 ++- .../LicensePolicyItemEmbeddedList.tsx | 5 +- .../LicensePolicyMemberAdd.tsx | 1 + 16 files changed, 170 insertions(+), 7 deletions(-) create mode 100644 backend/application/core/migrations/0055_product_authorization_group_members.py diff --git a/backend/application/access_control/api/filters.py b/backend/application/access_control/api/filters.py index 159f6f8a7..babc20719 100644 --- a/backend/application/access_control/api/filters.py +++ b/backend/application/access_control/api/filters.py @@ -13,6 +13,47 @@ class UserFilter(FilterSet): username = CharFilter(field_name="username", lookup_expr="icontains") full_name = CharFilter(field_name="full_name", lookup_expr="icontains") authorization_group = NumberFilter(field_name="authorization_groups") + exclude_authorization_group = NumberFilter( + field_name="exclude_authorization_group", + method="get_exclude_authorization_group", + ) + exclude_license_group = NumberFilter( + field_name="exclude_license_group", method="get_exclude_license_group" + ) + exclude_license_policy = NumberFilter( + field_name="exclude_license_policy", method="get_exclude_license_policy" + ) + exclude_product = NumberFilter( + field_name="exclude_product", method="get_exclude_product" + ) + + def get_exclude_authorization_group( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(authorization_groups__id=value) + return queryset + + def get_exclude_license_group( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_groups__id=value) + return queryset + + def get_exclude_license_policy( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_policies__id=value) + return queryset + + def get_exclude_product( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(product_members__id=value) + return queryset ordering = OrderingFilter( # tuple-mapping retains order @@ -56,6 +97,36 @@ class AuthorizationGroupFilter(FilterSet): name = CharFilter(field_name="name", lookup_expr="icontains") oidc_group = CharFilter(field_name="oidc_group", lookup_expr="icontains") user = NumberFilter(field_name="users") + exclude_license_group = NumberFilter( + field_name="exclude_license_group", method="get_exclude_license_group" + ) + exclude_license_policy = NumberFilter( + field_name="exclude_license_policy", method="get_exclude_license_policy" + ) + exclude_product = NumberFilter( + field_name="exclude_product", method="get_exclude_product" + ) + + def get_exclude_license_group( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_groups__id=value) + return queryset + + def get_exclude_license_policy( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_policies__id=value) + return queryset + + def get_exclude_product( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(authorization_groups__id=value) + return queryset ordering = OrderingFilter( # tuple-mapping retains order diff --git a/backend/application/core/api/serializers_product.py b/backend/application/core/api/serializers_product.py index 78fbf6ea6..f0a1fb810 100644 --- a/backend/application/core/api/serializers_product.py +++ b/backend/application/core/api/serializers_product.py @@ -229,7 +229,7 @@ class ProductSerializer( class Meta: model = Product - exclude = ["is_product_group", "members"] + exclude = ["is_product_group", "members", "authorization_group_members"] def get_product_group_name(self, obj: Product) -> str: if not obj.product_group: @@ -406,7 +406,7 @@ class NestedProductSerializer(ModelSerializer): class Meta: model = Product - exclude = ["members"] + exclude = ["members", "authorization_group_members"] def get_permissions(self, product: Product) -> list[Permissions]: return get_permissions_for_role(get_highest_user_role(product)) @@ -438,7 +438,12 @@ class NestedProductListSerializer(ModelSerializer): class Meta: model = Product - exclude = ["members", "is_product_group", "new_observations_in_review"] + exclude = [ + "members", + "authorization_group_members", + "is_product_group", + "new_observations_in_review", + ] def get_product_group_name(self, obj: Product) -> str: if not obj.product_group: diff --git a/backend/application/core/migrations/0055_product_authorization_group_members.py b/backend/application/core/migrations/0055_product_authorization_group_members.py new file mode 100644 index 000000000..b92aa636b --- /dev/null +++ b/backend/application/core/migrations/0055_product_authorization_group_members.py @@ -0,0 +1,24 @@ +# Generated by Django 5.1.3 on 2024-11-18 11:04 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("access_control", "0010_authorization_group_member_and_more"), + ("core", "0054_convert_unknown_data"), + ] + + operations = [ + migrations.AddField( + model_name="product", + name="authorization_group_members", + field=models.ManyToManyField( + blank=True, + related_name="authorization_groups", + through="core.Product_Authorization_Group_Member", + to="access_control.authorization_group", + ), + ), + ] diff --git a/backend/application/core/models.py b/backend/application/core/models.py index f539f2cb7..1156afbd5 100644 --- a/backend/application/core/models.py +++ b/backend/application/core/models.py @@ -81,6 +81,13 @@ class Product(Model): members: ManyToManyField = ManyToManyField( User, through="Product_Member", related_name="product_members", blank=True ) + authorization_group_members: ManyToManyField = ManyToManyField( + Authorization_Group, + through="Product_Authorization_Group_Member", + related_name="authorization_groups", + blank=True, + ) + apply_general_rules = BooleanField(default=True) notification_ms_teams_webhook = CharField(max_length=255, blank=True) diff --git a/backend/application/licenses/api/filters.py b/backend/application/licenses/api/filters.py index b5054f2c9..32476c5aa 100644 --- a/backend/application/licenses/api/filters.py +++ b/backend/application/licenses/api/filters.py @@ -1,7 +1,13 @@ from datetime import timedelta from django.utils import timezone -from django_filters import CharFilter, ChoiceFilter, FilterSet, OrderingFilter +from django_filters import ( + CharFilter, + ChoiceFilter, + FilterSet, + NumberFilter, + OrderingFilter, +) from application.commons.api.extended_ordering_filter import ExtendedOrderingFilter from application.commons.types import Age_Choices @@ -75,6 +81,26 @@ def get_age(self, queryset, field_name, value): # pylint: disable=unused-argume class LicenseFilter(FilterSet): spdx_id = CharFilter(field_name="spdx_id", lookup_expr="icontains") name = CharFilter(field_name="name", lookup_expr="icontains") + exclude_license_group = NumberFilter( + field_name="exclude_license_group", method="get_exclude_license_group" + ) + exclude_license_policy = NumberFilter( + field_name="exclude_license_policy", method="get_exclude_license_policy" + ) + + def get_exclude_license_group( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_groups__id=value) + return queryset + + def get_exclude_license_policy( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_policy_items__license_policy__id=value) + return queryset ordering = OrderingFilter( # tuple-mapping retains order @@ -99,6 +125,16 @@ class Meta: class LicenseGroupFilter(FilterSet): name = CharFilter(field_name="name", lookup_expr="icontains") + exclude_license_policy = NumberFilter( + field_name="exclude_license_policy", method="get_exclude_license_policy" + ) + + def get_exclude_license_policy( + self, queryset, field_name, value + ): # pylint: disable=unused-argument + if value is not None: + return queryset.exclude(license_policy_items__license_policy__id=value) + return queryset ordering = OrderingFilter( # tuple-mapping retains order diff --git a/frontend/src/access_control/authorization_group_members/AuthorizationGroupMemberAdd.tsx b/frontend/src/access_control/authorization_group_members/AuthorizationGroupMemberAdd.tsx index 234ce066f..31a897906 100644 --- a/frontend/src/access_control/authorization_group_members/AuthorizationGroupMemberAdd.tsx +++ b/frontend/src/access_control/authorization_group_members/AuthorizationGroupMemberAdd.tsx @@ -126,6 +126,7 @@ const AuthorizationGroupMemberAdd = ({ id }: AuthorizationGroupMemberAddProps) = source="user" reference="users" label="User" + filter={{ exclude_authorization_group: id }} sort={{ field: "full_name", order: "ASC" }} > { source="user" reference="users" label="User" + filter={{ exclude_product: id }} sort={{ field: "full_name", order: "ASC" }} > { source="license" reference="licenses" label="License" + filter={{ exclude_license_group: id }} sort={{ field: "spdx_id", order: "ASC" }} > { source="user" reference="users" label="User" + filter={{ exclude_license_group: id }} sort={{ field: "full_name", order: "ASC" }} > { source="license_group" reference="license_groups" label="License group" + filter={{ exclude_license_policy: id }} sort={{ field: "name", order: "ASC" }} > setLicenseGroup(e)} /> @@ -146,6 +147,7 @@ const LicensePolicyItemAdd = ({ id }: LicensePolicyItemAddProps) => { source="license" reference="licenses" label="License" + filter={{ exclude_license_policy: id }} sort={{ field: "spdx_id", order: "ASC" }} > setLicense(e)} /> diff --git a/frontend/src/licenses/license_policy_items/LicensePolicyItemEdit.tsx b/frontend/src/licenses/license_policy_items/LicensePolicyItemEdit.tsx index ce49f9793..8df8fe5cd 100644 --- a/frontend/src/licenses/license_policy_items/LicensePolicyItemEdit.tsx +++ b/frontend/src/licenses/license_policy_items/LicensePolicyItemEdit.tsx @@ -8,7 +8,12 @@ import { validate_255, validate_required } from "../../commons/custom_validators import { AutocompleteInputExtraWide, AutocompleteInputMedium, TextInputExtraWide } from "../../commons/layout/themes"; import { EVALUATION_RESULT_CHOICES } from "../types"; -const LicensePolicyItemEdit = () => { +export type LicensePolicyItemEditProps = { + license_policy_id: any; + license_policy_item_id: any; +}; + +const LicensePolicyItemEdit = ({ license_policy_id, license_policy_item_id }: LicensePolicyItemEditProps) => { const [open, setOpen] = useState(false); const [update] = useUpdate(); const refresh = useRefresh(); @@ -35,7 +40,7 @@ const LicensePolicyItemEdit = () => { "license_policy_items", { - id: data.id, + id: license_policy_item_id, data: patch, }, { @@ -96,6 +101,7 @@ const LicensePolicyItemEdit = () => { source="license_group" reference="license_groups" label="License group" + filter={{ exclude_license_policy: license_policy_id }} sort={{ field: "name", order: "ASC" }} > @@ -104,6 +110,7 @@ const LicensePolicyItemEdit = () => { source="license" reference="licenses" label="License" + filter={{ exclude_license_policy: license_policy_id }} sort={{ field: "spdx_id", order: "ASC" }} > diff --git a/frontend/src/licenses/license_policy_items/LicensePolicyItemEmbeddedList.tsx b/frontend/src/licenses/license_policy_items/LicensePolicyItemEmbeddedList.tsx index 3d8bc9f39..2481c9844 100644 --- a/frontend/src/licenses/license_policy_items/LicensePolicyItemEmbeddedList.tsx +++ b/frontend/src/licenses/license_policy_items/LicensePolicyItemEmbeddedList.tsx @@ -103,7 +103,10 @@ const LicensePolicyItemEmbeddedList = ({ license_policy }: LicensePolicyItemEmbe ( - + )} diff --git a/frontend/src/licenses/license_policy_members/LicensePolicyMemberAdd.tsx b/frontend/src/licenses/license_policy_members/LicensePolicyMemberAdd.tsx index 8593d6efa..c2eab516d 100644 --- a/frontend/src/licenses/license_policy_members/LicensePolicyMemberAdd.tsx +++ b/frontend/src/licenses/license_policy_members/LicensePolicyMemberAdd.tsx @@ -136,6 +136,7 @@ const LicensePolicyMemberAdd = ({ id }: LicensePolicyMemberAddProps) => { source="user" reference="users" label="User" + filter={{ exclude_license_policy: id }} sort={{ field: "full_name", order: "ASC" }} > Date: Mon, 18 Nov 2024 20:05:27 +0100 Subject: [PATCH 06/14] chore(deps): update eslint monorepo to v9.15.0 (#2211) * chore(deps): update eslint monorepo to v9.15.0 * fix: update typescript-eslint --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Stefan Fleckenstein --- frontend/package-lock.json | 168 +++++++++++++++++++++---------------- frontend/package.json | 8 +- 2 files changed, 98 insertions(+), 78 deletions(-) diff --git a/frontend/package-lock.json b/frontend/package-lock.json index b785c60a3..8685ea16a 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -35,7 +35,7 @@ "devDependencies": { "@eslint/compat": "1.2.3", "@eslint/eslintrc": "3.2.0", - "@eslint/js": "9.14.0", + "@eslint/js": "9.15.0", "@microsoft/eslint-formatter-sarif": "3.1.0", "@trivago/prettier-plugin-sort-imports": "4.3.0", "@types/inflection": "1.13.2", @@ -44,10 +44,10 @@ "@types/react": "18.3.12", "@types/react-dom": "18.3.1", "@types/recharts": "1.8.29", - "@typescript-eslint/eslint-plugin": "8.14.0", - "@typescript-eslint/parser": "8.14.0", + "@typescript-eslint/eslint-plugin": "8.15.0", + "@typescript-eslint/parser": "8.15.0", "@vitejs/plugin-react": "4.3.3", - "eslint": "9.14.0", + "eslint": "9.15.0", "eslint-plugin-react": "7.37.2", "eslint-plugin-react-hooks": "rc", "eslint-plugin-security": "3.0.1", @@ -1098,9 +1098,9 @@ } }, "node_modules/@eslint/config-array": { - "version": "0.18.0", - "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.18.0.tgz", - "integrity": "sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw==", + "version": "0.19.0", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.0.tgz", + "integrity": "sha512-zdHg2FPIFNKPdcHWtiNT+jEFCHYVplAXRDlQDyqy0zGx/q2parwh7brGJSiTxRk/TSMkbM//zt/f5CHgyTyaSQ==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -1113,9 +1113,9 @@ } }, "node_modules/@eslint/core": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.7.0.tgz", - "integrity": "sha512-xp5Jirz5DyPYlPiKat8jaq0EmYvDXKKpzTbxXMpT9eqlRJkRKIz9AGMdlvYjih+im+QlhWrpvVjl8IPC/lHlUw==", + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.0.tgz", + "integrity": "sha512-7ATR9F0e4W85D/0w7cU0SNj7qkAexMG+bAHEZOjo9akvGuhHE2m7umzWzfnpa0XAg5Kxc1BWmtPMV67jJ+9VUg==", "dev": true, "license": "Apache-2.0", "engines": { @@ -1160,9 +1160,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.14.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.14.0.tgz", - "integrity": "sha512-pFoEtFWCPyDOl+C6Ift+wC7Ro89otjigCf5vcuWqWgqNSQbRrpjSvdeE6ofLz4dHmyxD5f7gIdGT4+p36L6Twg==", + "version": "9.15.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.15.0.tgz", + "integrity": "sha512-tMTqrY+EzbXmKJR5ToI8lxu7jaN5EdmrBFJpQk5JmSlyLsx6o4t27r883K5xsLuCYCpfKBCGswMSWXsM+jB7lg==", "dev": true, "license": "MIT", "engines": { @@ -1180,9 +1180,9 @@ } }, "node_modules/@eslint/plugin-kit": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.2.tgz", - "integrity": "sha512-CXtq5nR4Su+2I47WPOlWud98Y5Lv8Kyxp2ukhgFx/eW6Blm18VXJO5WuQylPugRo8nbluoi6GvvxBLqHcvqUUw==", + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.3.tgz", + "integrity": "sha512-2b/g5hRmpbb1o4GnTZax9N9m0FXzz9OV42ZzI4rDDMDuHUqigAiQCEWChBWCY4ztAGVRjoWT19v0yMmc5/L5kA==", "dev": true, "license": "Apache-2.0", "dependencies": { @@ -3261,17 +3261,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.14.0.tgz", - "integrity": "sha512-tqp8H7UWFaZj0yNO6bycd5YjMwxa6wIHOLZvWPkidwbgLCsBMetQoGj7DPuAlWa2yGO3H48xmPwjhsSPPCGU5w==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.15.0.tgz", + "integrity": "sha512-+zkm9AR1Ds9uLWN3fkoeXgFppaQ+uEVtfOV62dDmsy9QCNqlRHWNEck4yarvRNrvRcHQLGfqBNui3cimoz8XAg==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.14.0", - "@typescript-eslint/type-utils": "8.14.0", - "@typescript-eslint/utils": "8.14.0", - "@typescript-eslint/visitor-keys": "8.14.0", + "@typescript-eslint/scope-manager": "8.15.0", + "@typescript-eslint/type-utils": "8.15.0", + "@typescript-eslint/utils": "8.15.0", + "@typescript-eslint/visitor-keys": "8.15.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -3295,16 +3295,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.14.0.tgz", - "integrity": "sha512-2p82Yn9juUJq0XynBXtFCyrBDb6/dJombnz6vbo6mgQEtWHfvHbQuEa9kAOVIt1c9YFwi7H6WxtPj1kg+80+RA==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.15.0.tgz", + "integrity": "sha512-7n59qFpghG4uazrF9qtGKBZXn7Oz4sOMm8dwNWDQY96Xlm2oX67eipqcblDj+oY1lLCbf1oltMZFpUso66Kl1A==", "dev": true, "license": "BSD-2-Clause", "dependencies": { - "@typescript-eslint/scope-manager": "8.14.0", - "@typescript-eslint/types": "8.14.0", - "@typescript-eslint/typescript-estree": "8.14.0", - "@typescript-eslint/visitor-keys": "8.14.0", + "@typescript-eslint/scope-manager": "8.15.0", + "@typescript-eslint/types": "8.15.0", + "@typescript-eslint/typescript-estree": "8.15.0", + "@typescript-eslint/visitor-keys": "8.15.0", "debug": "^4.3.4" }, "engines": { @@ -3324,14 +3324,14 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.14.0.tgz", - "integrity": "sha512-aBbBrnW9ARIDn92Zbo7rguLnqQ/pOrUguVpbUwzOhkFg2npFDwTgPGqFqE0H5feXcOoJOfX3SxlJaKEVtq54dw==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.15.0.tgz", + "integrity": "sha512-QRGy8ADi4J7ii95xz4UoiymmmMd/zuy9azCaamnZ3FM8T5fZcex8UfJcjkiEZjJSztKfEBe3dZ5T/5RHAmw2mA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.14.0", - "@typescript-eslint/visitor-keys": "8.14.0" + "@typescript-eslint/types": "8.15.0", + "@typescript-eslint/visitor-keys": "8.15.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3342,14 +3342,14 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.14.0.tgz", - "integrity": "sha512-Xcz9qOtZuGusVOH5Uk07NGs39wrKkf3AxlkK79RBK6aJC1l03CobXjJbwBPSidetAOV+5rEVuiT1VSBUOAsanQ==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.15.0.tgz", + "integrity": "sha512-UU6uwXDoI3JGSXmcdnP5d8Fffa2KayOhUUqr/AiBnG1Gl7+7ut/oyagVeSkh7bxQ0zSXV9ptRh/4N15nkCqnpw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/typescript-estree": "8.14.0", - "@typescript-eslint/utils": "8.14.0", + "@typescript-eslint/typescript-estree": "8.15.0", + "@typescript-eslint/utils": "8.15.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -3360,6 +3360,9 @@ "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" }, + "peerDependencies": { + "eslint": "^8.57.0 || ^9.0.0" + }, "peerDependenciesMeta": { "typescript": { "optional": true @@ -3367,9 +3370,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.14.0.tgz", - "integrity": "sha512-yjeB9fnO/opvLJFAsPNYlKPnEM8+z4og09Pk504dkqonT02AyL5Z9SSqlE0XqezS93v6CXn49VHvB2G7XSsl0g==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.15.0.tgz", + "integrity": "sha512-n3Gt8Y/KyJNe0S3yDCD2RVKrHBC4gTUcLTebVBXacPy091E6tNspFLKRXlk3hwT4G55nfr1n2AdFqi/XMxzmPQ==", "dev": true, "license": "MIT", "engines": { @@ -3381,14 +3384,14 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.14.0.tgz", - "integrity": "sha512-OPXPLYKGZi9XS/49rdaCbR5j/S14HazviBlUQFvSKz3npr3NikF+mrgK7CFVur6XEt95DZp/cmke9d5i3vtVnQ==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.15.0.tgz", + "integrity": "sha512-1eMp2JgNec/niZsR7ioFBlsh/Fk0oJbhaqO0jRyQBMgkz7RrFfkqF9lYYmBoGBaSiLnu8TAPQTwoTUiSTUW9dg==", "dev": true, "license": "BSD-2-Clause", "dependencies": { - "@typescript-eslint/types": "8.14.0", - "@typescript-eslint/visitor-keys": "8.14.0", + "@typescript-eslint/types": "8.15.0", + "@typescript-eslint/visitor-keys": "8.15.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -3436,16 +3439,16 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.14.0.tgz", - "integrity": "sha512-OGqj6uB8THhrHj0Fk27DcHPojW7zKwKkPmHXHvQ58pLYp4hy8CSUdTKykKeh+5vFqTTVmjz0zCOOPKRovdsgHA==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.15.0.tgz", + "integrity": "sha512-k82RI9yGhr0QM3Dnq+egEpz9qB6Un+WLYhmoNcvl8ltMEededhh7otBVVIDDsEEttauwdY/hQoSsOv13lxrFzQ==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.14.0", - "@typescript-eslint/types": "8.14.0", - "@typescript-eslint/typescript-estree": "8.14.0" + "@typescript-eslint/scope-manager": "8.15.0", + "@typescript-eslint/types": "8.15.0", + "@typescript-eslint/typescript-estree": "8.15.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3456,17 +3459,22 @@ }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.14.0.tgz", - "integrity": "sha512-vG0XZo8AdTH9OE6VFRwAZldNc7qtJ/6NLGWak+BtENuEUXGZgFpihILPiBvKXvJ2nFu27XNGC6rKiwuaoMbYzQ==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.15.0.tgz", + "integrity": "sha512-h8vYOulWec9LhpwfAdZf2bjr8xIp0KNKnpgqSz0qqYYKAW/QZKw3ktRndbiAtUz4acH4QLQavwZBYCc0wulA/Q==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.14.0", - "eslint-visitor-keys": "^3.4.3" + "@typescript-eslint/types": "8.15.0", + "eslint-visitor-keys": "^4.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3476,6 +3484,19 @@ "url": "https://opencollective.com/typescript-eslint" } }, + "node_modules/@typescript-eslint/visitor-keys/node_modules/eslint-visitor-keys": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", + "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", + "dev": true, + "license": "Apache-2.0", + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, "node_modules/@ungap/structured-clone": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", @@ -4065,9 +4086,9 @@ "license": "MIT" }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", + "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", "dev": true, "license": "MIT", "dependencies": { @@ -5033,27 +5054,27 @@ } }, "node_modules/eslint": { - "version": "9.14.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.14.0.tgz", - "integrity": "sha512-c2FHsVBr87lnUtjP4Yhvk4yEhKrQavGafRA/Se1ouse8PfbfC/Qh9Mxa00yWsZRlqeUB9raXip0aiiUZkgnr9g==", + "version": "9.15.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.15.0.tgz", + "integrity": "sha512-7CrWySmIibCgT1Os28lUU6upBshZ+GxybLOrmRzi08kS8MBuO8QA7pXEgYgY5W8vK3e74xv0lpjo9DbaGU9Rkw==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", - "@eslint/config-array": "^0.18.0", - "@eslint/core": "^0.7.0", - "@eslint/eslintrc": "^3.1.0", - "@eslint/js": "9.14.0", - "@eslint/plugin-kit": "^0.2.0", + "@eslint/config-array": "^0.19.0", + "@eslint/core": "^0.9.0", + "@eslint/eslintrc": "^3.2.0", + "@eslint/js": "9.15.0", + "@eslint/plugin-kit": "^0.2.3", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", - "@humanwhocodes/retry": "^0.4.0", + "@humanwhocodes/retry": "^0.4.1", "@types/estree": "^1.0.6", "@types/json-schema": "^7.0.15", "ajv": "^6.12.4", "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", + "cross-spawn": "^7.0.5", "debug": "^4.3.2", "escape-string-regexp": "^4.0.0", "eslint-scope": "^8.2.0", @@ -5072,8 +5093,7 @@ "lodash.merge": "^4.6.2", "minimatch": "^3.1.2", "natural-compare": "^1.4.0", - "optionator": "^0.9.3", - "text-table": "^0.2.0" + "optionator": "^0.9.3" }, "bin": { "eslint": "bin/eslint.js" diff --git a/frontend/package.json b/frontend/package.json index 78238dd41..53f583e7f 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -44,7 +44,7 @@ "devDependencies": { "@eslint/compat": "1.2.3", "@eslint/eslintrc": "3.2.0", - "@eslint/js": "9.14.0", + "@eslint/js": "9.15.0", "@microsoft/eslint-formatter-sarif": "3.1.0", "@trivago/prettier-plugin-sort-imports": "4.3.0", "@types/inflection": "1.13.2", @@ -53,10 +53,10 @@ "@types/react": "18.3.12", "@types/react-dom": "18.3.1", "@types/recharts": "1.8.29", - "@typescript-eslint/eslint-plugin": "8.14.0", - "@typescript-eslint/parser": "8.14.0", + "@typescript-eslint/eslint-plugin": "8.15.0", + "@typescript-eslint/parser": "8.15.0", "@vitejs/plugin-react": "4.3.3", - "eslint": "9.14.0", + "eslint": "9.15.0", "eslint-plugin-react": "7.37.2", "eslint-plugin-react-hooks": "rc", "eslint-plugin-security": "3.0.1", From ac35d7d39bc76f42bf9f8192e58be40f75c4cb0c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 07:21:59 +0100 Subject: [PATCH 07/14] fix(deps): update font awesome to v6.7.0 (#2227) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- frontend/package-lock.json | 36 ++++++++++++++++++------------------ frontend/package.json | 6 +++--- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/frontend/package-lock.json b/frontend/package-lock.json index 8685ea16a..092dc38af 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -11,9 +11,9 @@ "dependencies": { "@emotion/react": "11.13.3", "@emotion/styled": "11.13.0", - "@fortawesome/fontawesome-svg-core": "6.6.0", - "@fortawesome/free-brands-svg-icons": "6.6.0", - "@fortawesome/free-solid-svg-icons": "6.6.0", + "@fortawesome/fontawesome-svg-core": "6.7.0", + "@fortawesome/free-brands-svg-icons": "6.7.0", + "@fortawesome/free-solid-svg-icons": "6.7.0", "@fortawesome/react-fontawesome": "0.2.2", "@textea/json-viewer": "3.5.0", "axios": "1.7.7", @@ -1193,45 +1193,45 @@ } }, "node_modules/@fortawesome/fontawesome-common-types": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-6.6.0.tgz", - "integrity": "sha512-xyX0X9mc0kyz9plIyryrRbl7ngsA9jz77mCZJsUkLl+ZKs0KWObgaEBoSgQiYWAsSmjz/yjl0F++Got0Mdp4Rw==", + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-6.7.0.tgz", + "integrity": "sha512-AUetZXU6cQdAe21p8j3mg2aD40MMDKfFNUNgq/G7gR3HMDp0BsQskAudLDSgq6d0SbCY0QKP0g4s5Y02S1kkhw==", "license": "MIT", "engines": { "node": ">=6" } }, "node_modules/@fortawesome/fontawesome-svg-core": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-svg-core/-/fontawesome-svg-core-6.6.0.tgz", - "integrity": "sha512-KHwPkCk6oRT4HADE7smhfsKudt9N/9lm6EJ5BVg0tD1yPA5hht837fB87F8pn15D8JfTqQOjhKTktwmLMiD7Kg==", + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-svg-core/-/fontawesome-svg-core-6.7.0.tgz", + "integrity": "sha512-v6YZjSPuxriC7lYxCzKFbgZ1iaf60AVX2CsfZXSc0U9+mqVd8VGVtMEqDqz5GxDpNUQ8bMDfW+gspVMYGlRpUA==", "license": "MIT", "dependencies": { - "@fortawesome/fontawesome-common-types": "6.6.0" + "@fortawesome/fontawesome-common-types": "6.7.0" }, "engines": { "node": ">=6" } }, "node_modules/@fortawesome/free-brands-svg-icons": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/@fortawesome/free-brands-svg-icons/-/free-brands-svg-icons-6.6.0.tgz", - "integrity": "sha512-1MPD8lMNW/earme4OQi1IFHtmHUwAKgghXlNwWi9GO7QkTfD+IIaYpIai4m2YJEzqfEji3jFHX1DZI5pbY/biQ==", + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/@fortawesome/free-brands-svg-icons/-/free-brands-svg-icons-6.7.0.tgz", + "integrity": "sha512-O/9/yKlN4T0bsYCBcx0NKq7YOr/512Yfpk8wZhOhaxg9/OxWLipDKXlP1hfEFE3I26mfYtsqLkbpz1CNu6KYqw==", "license": "(CC-BY-4.0 AND MIT)", "dependencies": { - "@fortawesome/fontawesome-common-types": "6.6.0" + "@fortawesome/fontawesome-common-types": "6.7.0" }, "engines": { "node": ">=6" } }, "node_modules/@fortawesome/free-solid-svg-icons": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/@fortawesome/free-solid-svg-icons/-/free-solid-svg-icons-6.6.0.tgz", - "integrity": "sha512-IYv/2skhEDFc2WGUcqvFJkeK39Q+HyPf5GHUrT/l2pKbtgEIv1al1TKd6qStR5OIwQdN1GZP54ci3y4mroJWjA==", + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/@fortawesome/free-solid-svg-icons/-/free-solid-svg-icons-6.7.0.tgz", + "integrity": "sha512-9ww5hQ3OzEehUrSXAlPTJ73xDub73fnxr+se5PU0MFQor2nZBO0m7HNm5Q4KD9XMYjwRqh2BnBNR2/9EFbGqmg==", "license": "(CC-BY-4.0 AND MIT)", "dependencies": { - "@fortawesome/fontawesome-common-types": "6.6.0" + "@fortawesome/fontawesome-common-types": "6.7.0" }, "engines": { "node": ">=6" diff --git a/frontend/package.json b/frontend/package.json index 53f583e7f..7c38d1408 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -7,9 +7,9 @@ "dependencies": { "@emotion/react": "11.13.3", "@emotion/styled": "11.13.0", - "@fortawesome/fontawesome-svg-core": "6.6.0", - "@fortawesome/free-brands-svg-icons": "6.6.0", - "@fortawesome/free-solid-svg-icons": "6.6.0", + "@fortawesome/fontawesome-svg-core": "6.7.0", + "@fortawesome/free-brands-svg-icons": "6.7.0", + "@fortawesome/free-solid-svg-icons": "6.7.0", "@fortawesome/react-fontawesome": "0.2.2", "@textea/json-viewer": "3.5.0", "axios": "1.7.7", From 2ebf7ed3f2404c08c5984b86e3fa10cbdfa0648c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 08:07:09 +0100 Subject: [PATCH 08/14] chore(deps): update mcr.microsoft.com/playwright docker tag to v1.49.0 (#2226) * chore(deps): update mcr.microsoft.com/playwright docker tag to v1.49.0 * chore: update library --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Stefan Fleckenstein --- docker-compose-playwright.yml | 2 +- end_to_end_tests/package-lock.json | 24 ++++++++++++------------ end_to_end_tests/package.json | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/docker-compose-playwright.yml b/docker-compose-playwright.yml index 05481e35c..359ec09a3 100644 --- a/docker-compose-playwright.yml +++ b/docker-compose-playwright.yml @@ -58,7 +58,7 @@ services: playwright: - image: mcr.microsoft.com/playwright:v1.48.2 + image: mcr.microsoft.com/playwright:v1.49.0 depends_on: - frontend environment: diff --git a/end_to_end_tests/package-lock.json b/end_to_end_tests/package-lock.json index c776d7c43..8e5a6d901 100644 --- a/end_to_end_tests/package-lock.json +++ b/end_to_end_tests/package-lock.json @@ -8,18 +8,18 @@ "name": "end_to_end_tests", "version": "1.22.2", "devDependencies": { - "@playwright/test": "1.48.2", + "@playwright/test": "1.49.0", "@types/node": "22.9.0" } }, "node_modules/@playwright/test": { - "version": "1.48.2", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.48.2.tgz", - "integrity": "sha512-54w1xCWfXuax7dz4W2M9uw0gDyh+ti/0K/MxcCUxChFh37kkdxPdfZDw5QBbuPUJHr1CiHJ1hXgSs+GgeQc5Zw==", + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.49.0.tgz", + "integrity": "sha512-DMulbwQURa8rNIQrf94+jPJQ4FmOVdpE5ZppRNvWVjvhC+6sOeo28r8MgIpQRYouXRtt/FCCXU7zn20jnHR4Qw==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright": "1.48.2" + "playwright": "1.49.0" }, "bin": { "playwright": "cli.js" @@ -54,13 +54,13 @@ } }, "node_modules/playwright": { - "version": "1.48.2", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.48.2.tgz", - "integrity": "sha512-NjYvYgp4BPmiwfe31j4gHLa3J7bD2WiBz8Lk2RoSsmX38SVIARZ18VYjxLjAcDsAhA+F4iSEXTSGgjua0rrlgQ==", + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.49.0.tgz", + "integrity": "sha512-eKpmys0UFDnfNb3vfsf8Vx2LEOtflgRebl0Im2eQQnYMA4Aqd+Zw8bEOB+7ZKvN76901mRnqdsiOGKxzVTbi7A==", "dev": true, "license": "Apache-2.0", "dependencies": { - "playwright-core": "1.48.2" + "playwright-core": "1.49.0" }, "bin": { "playwright": "cli.js" @@ -73,9 +73,9 @@ } }, "node_modules/playwright-core": { - "version": "1.48.2", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.48.2.tgz", - "integrity": "sha512-sjjw+qrLFlriJo64du+EK0kJgZzoQPsabGF4lBvsid+3CNIZIYLgnMj9V6JY5VhM2Peh20DJWIVpVljLLnlawA==", + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.49.0.tgz", + "integrity": "sha512-R+3KKTQF3npy5GTiKH/T+kdhoJfJojjHESR1YEWhYuEKRVfVaxH3+4+GvXE5xyCngCxhxnykk0Vlah9v8fs3jA==", "dev": true, "license": "Apache-2.0", "bin": { diff --git a/end_to_end_tests/package.json b/end_to_end_tests/package.json index 9984a6237..da30e17fc 100644 --- a/end_to_end_tests/package.json +++ b/end_to_end_tests/package.json @@ -8,7 +8,7 @@ "keywords": [], "author": "", "devDependencies": { - "@playwright/test": "1.48.2", + "@playwright/test": "1.49.0", "@types/node": "22.9.0" } } From d260b45ae6efbec1946a09018e5e53f67c145414 Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Tue, 19 Nov 2024 12:50:19 +0000 Subject: [PATCH 09/14] chore: use useEffect to initialize data in components (#2228) * chore: use useEffect to initialize data in components * chore: prettier and eslint --- frontend/src/access_control/Login.tsx | 19 ++++++++----------- .../users/UserChangePassword.tsx | 12 +++++------- frontend/src/metrics/MetricsHeader.tsx | 12 +++++------- .../src/metrics/MetricsSeveritiesCurrent.tsx | 12 +++++------- .../src/metrics/MetricsSeveritiesTimeLine.tsx | 12 +++++------- frontend/src/metrics/MetricsStatusCurrent.tsx | 12 +++++------- 6 files changed, 33 insertions(+), 46 deletions(-) diff --git a/frontend/src/access_control/Login.tsx b/frontend/src/access_control/Login.tsx index 07a86a5c3..515f1a920 100644 --- a/frontend/src/access_control/Login.tsx +++ b/frontend/src/access_control/Login.tsx @@ -3,7 +3,7 @@ import PersonIcon from "@mui/icons-material/Person"; import { Avatar, Button, Card, CardActions, CircularProgress, Stack } from "@mui/material"; import Box from "@mui/material/Box"; import PropTypes from "prop-types"; -import { Fragment, useState } from "react"; +import { Fragment, useEffect, useState } from "react"; import { Form, TextInput, required, useLogin, useNotify, useTheme } from "react-admin"; import { useAuth } from "react-oidc-context"; import { Navigate, useLocation } from "react-router-dom"; @@ -16,15 +16,19 @@ const Login = () => { const [loading, setLoading] = useState(false); const [, setTheme] = useTheme(); const auth = useAuth(); - - const [feature_loaded, setFeatureLoaded] = useState(false); const [feature_disable_user_login, setFeatureDisableUserLogin] = useState(false); - const notify = useNotify(); const login = useLogin(); const location = useLocation(); + const isAuthenticated = jwt_signed_in() || auth.isAuthenticated; + useEffect(() => { + if (window.__RUNTIME_CONFIG__.OIDC_ENABLE == "true") { + get_disable_login_feature(); + } + }, []); + function get_disable_login_feature() { const request = new Request(window.__RUNTIME_CONFIG__.API_BASE_URL + "/status/settings/", { method: "GET", @@ -46,13 +50,6 @@ const Login = () => { }); } - if (!feature_loaded) { - if (window.__RUNTIME_CONFIG__.OIDC_ENABLE == "true") { - get_disable_login_feature(); - } - setFeatureLoaded(true); - } - const handleSubmit = (auth: FormValues) => { setLoading(true); login(auth, location.state ? (location.state as any).nextPathname : "/") diff --git a/frontend/src/access_control/users/UserChangePassword.tsx b/frontend/src/access_control/users/UserChangePassword.tsx index 34ce71582..df8364a20 100644 --- a/frontend/src/access_control/users/UserChangePassword.tsx +++ b/frontend/src/access_control/users/UserChangePassword.tsx @@ -1,7 +1,7 @@ import CancelIcon from "@mui/icons-material/Cancel"; import PasswordIcon from "@mui/icons-material/Password"; import { Button, Dialog, DialogContent, DialogTitle, Typography } from "@mui/material"; -import { Fragment, useState } from "react"; +import { Fragment, useEffect, useState } from "react"; import { SaveButton, SimpleForm, Toolbar, WithRecord, useNotify, useRefresh } from "react-admin"; import { validate_required_255 } from "../../commons/custom_validators"; @@ -12,20 +12,18 @@ const UserChangePassword = () => { const refresh = useRefresh(); const [open, setOpen] = useState(false); const notify = useNotify(); - const [loaded, setLoaded] = useState(false); const [password_rules, setPasswordRules] = useState(""); + useEffect(() => { + get_password_rules(); + }, []); + function get_password_rules() { httpClient(window.__RUNTIME_CONFIG__.API_BASE_URL + "/users/password_rules/", { method: "GET", }).then((result) => { setPasswordRules(result.json.password_rules); }); - setLoaded(true); - } - - if (!loaded) { - get_password_rules(); } const changePassword = async (data: any) => { diff --git a/frontend/src/metrics/MetricsHeader.tsx b/frontend/src/metrics/MetricsHeader.tsx index 0c03c8c49..55c88fe66 100644 --- a/frontend/src/metrics/MetricsHeader.tsx +++ b/frontend/src/metrics/MetricsHeader.tsx @@ -1,6 +1,6 @@ import { Paper } from "@mui/material"; import { Fragment } from "react"; -import { useState } from "react"; +import { useEffect, useState } from "react"; import { Labeled, useNotify } from "react-admin"; import LabeledTextField from "../commons/custom_fields/LabeledTextField"; @@ -17,10 +17,13 @@ const MetricsHeader = (props: MetricsHeaderProps) => { last_calculated: new Date("2023-07-10T19:37:34.750324Z"), calculation_interval: 0, }); - const [loaded, setLoaded] = useState(false); const [loading, setLoading] = useState(false); const notify = useNotify(); + useEffect(() => { + get_data(); + }, []); // eslint-disable-line react-hooks/exhaustive-deps + function get_data() { setLoading(true); @@ -41,7 +44,6 @@ const MetricsHeader = (props: MetricsHeaderProps) => { }); } }); - setLoaded(true); setLoading(false); } @@ -61,10 +63,6 @@ const MetricsHeader = (props: MetricsHeaderProps) => { return 0; }; - if (!loaded) { - get_data(); - } - return ( { const [data, setData] = useState([]); - const [loaded, setLoaded] = useState(false); const [loading, setLoading] = useState(false); const notify = useNotify(); @@ -52,6 +51,10 @@ const MetricsSeveritiesCurrent = (props: MetricsSeveritiesCurrentProps) => { ], }; + useEffect(() => { + get_data(); + }, []); // eslint-disable-line react-hooks/exhaustive-deps + function get_data() { setLoading(true); @@ -85,14 +88,9 @@ const MetricsSeveritiesCurrent = (props: MetricsSeveritiesCurrentProps) => { }); } }); - setLoaded(true); setLoading(false); } - if (!loaded) { - get_data(); - } - ChartJS.register(Title, Legend, RadialLinearScale, ArcElement, Tooltip); return ( diff --git a/frontend/src/metrics/MetricsSeveritiesTimeLine.tsx b/frontend/src/metrics/MetricsSeveritiesTimeLine.tsx index 4662c1e36..c6889e5d2 100644 --- a/frontend/src/metrics/MetricsSeveritiesTimeLine.tsx +++ b/frontend/src/metrics/MetricsSeveritiesTimeLine.tsx @@ -10,7 +10,7 @@ import { Title, Tooltip, } from "chart.js"; -import { useState } from "react"; +import { useEffect, useState } from "react"; import { Identifier, useNotify } from "react-admin"; import { Line } from "react-chartjs-2"; @@ -33,7 +33,6 @@ interface MetricsSeveritiesTimelineProps { const MetricsSeveritiesTimeline = (props: MetricsSeveritiesTimelineProps) => { const [datasets, setDatasets] = useState([]); - const [loaded, setLoaded] = useState(false); const [loading, setLoading] = useState(false); const notify = useNotify(); @@ -69,6 +68,10 @@ const MetricsSeveritiesTimeline = (props: MetricsSeveritiesTimelineProps) => { datasets: datasets, }; + useEffect(() => { + get_data(); + }, []); // eslint-disable-line react-hooks/exhaustive-deps + function get_data() { setLoading(true); @@ -207,14 +210,9 @@ const MetricsSeveritiesTimeline = (props: MetricsSeveritiesTimelineProps) => { }); } }); - setLoaded(true); setLoading(false); } - if (!loaded) { - get_data(); - } - ChartJS.register(CategoryScale, LinearScale, PointElement, LineElement, Title, Tooltip, Filler, Legend); return ( diff --git a/frontend/src/metrics/MetricsStatusCurrent.tsx b/frontend/src/metrics/MetricsStatusCurrent.tsx index 1b86551f4..729b674b6 100644 --- a/frontend/src/metrics/MetricsStatusCurrent.tsx +++ b/frontend/src/metrics/MetricsStatusCurrent.tsx @@ -1,6 +1,6 @@ import { Paper } from "@mui/material"; import { ArcElement, Chart as ChartJS, Legend, RadialLinearScale, Title, Tooltip } from "chart.js"; -import { useState } from "react"; +import { useEffect, useState } from "react"; import { Identifier, useNotify } from "react-admin"; import { PolarArea } from "react-chartjs-2"; @@ -24,7 +24,6 @@ interface MetricsStatusCurrentProps { const MetricsStatusCurrent = (props: MetricsStatusCurrentProps) => { const [data, setData] = useState([]); - const [loaded, setLoaded] = useState(false); const [loading, setLoading] = useState(false); const notify = useNotify(); @@ -57,6 +56,10 @@ const MetricsStatusCurrent = (props: MetricsStatusCurrentProps) => { ], }; + useEffect(() => { + get_data(); + }, []); // eslint-disable-line react-hooks/exhaustive-deps + function get_data() { setLoading(true); @@ -92,14 +95,9 @@ const MetricsStatusCurrent = (props: MetricsStatusCurrentProps) => { }); } }); - setLoaded(true); setLoading(false); } - if (!loaded) { - get_data(); - } - ChartJS.register(Title, Legend, RadialLinearScale, ArcElement, Tooltip); return ( From 64522b32cde9c3bdca7dd81ed3184eade41316ee Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Tue, 19 Nov 2024 19:33:24 +0000 Subject: [PATCH 10/14] feat: evidences for license components (#2230) * feat: evidences for license components * chore: mypy * chore: black * chore: pylint * chore: documentation --- .../parsers/cyclone_dx/parser.py | 11 ++ backend/application/licenses/api/filters.py | 14 +++ .../application/licenses/api/serializers.py | 37 ++++++ backend/application/licenses/api/views.py | 19 +++ ...007_license_component_evidence_and_more.py | 47 ++++++++ backend/application/licenses/models.py | 20 ++++ .../queries/license_component_evidence.py | 63 ++++++++++ .../licenses/services/license_component.py | 65 ++++++---- backend/config/api_router.py | 6 + .../access_control/api/test_authentication.py | 3 + ...thorization_license_component_evidences.py | 111 ++++++++++++++++++ .../test_authorization_license_components.py | 6 +- .../fixtures/unittests_license_fixtures.json | 18 +++ docs/getting_started/data_model.md | 5 + frontend/src/App.tsx | 6 + .../observations/ObservationShowAside.tsx | 3 +- .../LicenseComponentEvidenceShow.tsx | 80 +++++++++++++ .../license_component_evidences/index.ts | 8 ++ .../LicenseComponentShowAside.tsx | 49 +++++++- 19 files changed, 543 insertions(+), 28 deletions(-) create mode 100644 backend/application/licenses/migrations/0007_license_component_evidence_and_more.py create mode 100644 backend/application/licenses/queries/license_component_evidence.py create mode 100644 backend/unittests/access_control/api/test_authorization_license_component_evidences.py create mode 100644 frontend/src/licenses/license_component_evidences/LicenseComponentEvidenceShow.tsx create mode 100644 frontend/src/licenses/license_component_evidences/index.ts diff --git a/backend/application/import_observations/parsers/cyclone_dx/parser.py b/backend/application/import_observations/parsers/cyclone_dx/parser.py index 87be061be..71f99c4e2 100644 --- a/backend/application/import_observations/parsers/cyclone_dx/parser.py +++ b/backend/application/import_observations/parsers/cyclone_dx/parser.py @@ -78,10 +78,21 @@ def get_license_components(self, data) -> list[License_Component]: dependencies=observation_component_dependencies, ) model_component.unsaved_license = component.unknown_license + self._add_license_component_evidence(component, model_component) components.append(model_component) return components + def _add_license_component_evidence( + self, + component: Component, + license_component: License_Component, + ) -> None: + evidence = [] + evidence.append("Component") + evidence.append(dumps(component.json)) + license_component.unsaved_evidences.append(evidence) + def _get_components(self, data: dict) -> dict[str, Component]: components_dict = {} components_list: list[Component] = [] diff --git a/backend/application/licenses/api/filters.py b/backend/application/licenses/api/filters.py index 32476c5aa..ab64e2e31 100644 --- a/backend/application/licenses/api/filters.py +++ b/backend/application/licenses/api/filters.py @@ -14,6 +14,7 @@ from application.licenses.models import ( License, License_Component, + License_Component_Evidence, License_Group, License_Group_Authorization_Group_Member, License_Group_Member, @@ -78,6 +79,19 @@ def get_age(self, queryset, field_name, value): # pylint: disable=unused-argume return queryset.filter(last_change__gte=time_threshold) +class LicenseComponentEvidenceFilter(FilterSet): + name = CharFilter(field_name="name", lookup_expr="icontains") + + ordering = OrderingFilter( + # tuple-mapping retains order + fields=(("name", "name"), ("license_component", "license_component")), + ) + + class Meta: + model = License_Component_Evidence + fields = ["name", "license_component"] + + class LicenseFilter(FilterSet): spdx_id = CharFilter(field_name="spdx_id", lookup_expr="icontains") name = CharFilter(field_name="name", lookup_expr="icontains") diff --git a/backend/application/licenses/api/serializers.py b/backend/application/licenses/api/serializers.py index b0c04244c..ae5364da7 100644 --- a/backend/application/licenses/api/serializers.py +++ b/backend/application/licenses/api/serializers.py @@ -21,6 +21,7 @@ from application.licenses.models import ( License, License_Component, + License_Component_Evidence, License_Group, License_Group_Authorization_Group_Member, License_Group_Member, @@ -62,6 +63,30 @@ def get_is_in_license_policy(self, obj: License) -> bool: return License_Policy_Item.objects.filter(license=obj).exists() +class LicenseComponentEvidenceSerializer(ModelSerializer): + product = SerializerMethodField() + + def get_product(self, evidence: License_Component_Evidence) -> int: + return evidence.license_component.product.pk + + def get_license_component_title(self, evidence: License_Component_Evidence) -> str: + if evidence.license_component.license: + return f"{evidence.license_component.license.spdx_id} ({evidence.license_component.license.name})" + if evidence.license_component.unknown_license: + return evidence.license_component.unknown_license + return "No license" + + class Meta: + model = License_Component_Evidence + fields = "__all__" + + +class NestedLicenseComponentEvidenceSerializer(ModelSerializer): + class Meta: + model = License_Component_Evidence + exclude = ["license_component", "evidence"] + + class LicenseComponentSerializer(ModelSerializer): license_data = LicenseSerializer( source="license", @@ -71,6 +96,10 @@ class LicenseComponentSerializer(ModelSerializer): branch_name = SerializerMethodField() license_policy_name: Optional[SerializerMethodField] = SerializerMethodField() license_policy_id: Optional[SerializerMethodField] = SerializerMethodField() + evidences: Optional[NestedLicenseComponentEvidenceSerializer] = ( + NestedLicenseComponentEvidenceSerializer(many=True) + ) + title = SerializerMethodField() class Meta: model = License_Component @@ -107,10 +136,18 @@ def get_license_policy_id(self, obj: License_Component) -> int: return 0 + def get_title(self, obj: License_Component) -> str: + if obj.license: + return f"{obj.license.spdx_id} ({obj.license.name})" + if obj.unknown_license: + return obj.unknown_license + return "No license" + class LicenseComponentListSerializer(LicenseComponentSerializer): license_policy_id = None license_policy_name = None + evidences = None class Meta: model = License_Component diff --git a/backend/application/licenses/api/views.py b/backend/application/licenses/api/views.py index 9be7d96de..d4b0945f6 100644 --- a/backend/application/licenses/api/views.py +++ b/backend/application/licenses/api/views.py @@ -10,6 +10,7 @@ from rest_framework.viewsets import GenericViewSet, ModelViewSet from application.licenses.api.filters import ( + LicenseComponentEvidenceFilter, LicenseComponentFilter, LicenseFilter, LicenseGroupAuthorizationGroupFilter, @@ -29,6 +30,7 @@ UserHasLicensePolicyPermission, ) from application.licenses.api.serializers import ( + LicenseComponentEvidenceSerializer, LicenseComponentIdSerializer, LicenseComponentListSerializer, LicenseComponentSerializer, @@ -47,6 +49,7 @@ from application.licenses.models import ( License, License_Component, + License_Component_Evidence, License_Group, License_Group_Authorization_Group_Member, License_Group_Member, @@ -57,6 +60,9 @@ ) from application.licenses.queries.license import get_license from application.licenses.queries.license_component import get_license_components +from application.licenses.queries.license_component_evidence import ( + get_license_component_evidences, +) from application.licenses.queries.license_group import ( get_license_group, get_license_groups, @@ -114,6 +120,19 @@ def get_queryset(self): return get_license_components() +class LicenseComponentEvidenceViewSet( + GenericViewSet, ListModelMixin, RetrieveModelMixin +): + serializer_class = LicenseComponentEvidenceSerializer + filterset_class = LicenseComponentEvidenceFilter + queryset = License_Component_Evidence.objects.none() + + def get_queryset(self): + return get_license_component_evidences().select_related( + "license_component__product" + ) + + class LicenseViewSet(GenericViewSet, ListModelMixin, RetrieveModelMixin): serializer_class = LicenseSerializer filterset_class = LicenseFilter diff --git a/backend/application/licenses/migrations/0007_license_component_evidence_and_more.py b/backend/application/licenses/migrations/0007_license_component_evidence_and_more.py new file mode 100644 index 000000000..61ed6d6d5 --- /dev/null +++ b/backend/application/licenses/migrations/0007_license_component_evidence_and_more.py @@ -0,0 +1,47 @@ +# Generated by Django 5.1.3 on 2024-11-19 15:03 + +import django.db.models.deletion +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("licenses", "0006_license_group_authorization_group_member_and_more"), + ] + + operations = [ + migrations.CreateModel( + name="License_Component_Evidence", + fields=[ + ( + "id", + models.BigAutoField( + auto_created=True, + primary_key=True, + serialize=False, + verbose_name="ID", + ), + ), + ("name", models.CharField(max_length=255)), + ("evidence", models.TextField()), + ], + ), + migrations.AddIndex( + model_name="license", + index=models.Index(fields=["name"], name="licenses_li_name_32bac3_idx"), + ), + migrations.AddField( + model_name="license_component_evidence", + name="license_component", + field=models.ForeignKey( + on_delete=django.db.models.deletion.CASCADE, + related_name="evidences", + to="licenses.license_component", + ), + ), + migrations.AddIndex( + model_name="license_component_evidence", + index=models.Index(fields=["name"], name="licenses_li_name_1eb60b_idx"), + ), + ] diff --git a/backend/application/licenses/models.py b/backend/application/licenses/models.py index 16f036c97..a79ccb112 100644 --- a/backend/application/licenses/models.py +++ b/backend/application/licenses/models.py @@ -6,6 +6,7 @@ CharField, DateTimeField, ForeignKey, + Index, IntegerField, ManyToManyField, Model, @@ -25,6 +26,11 @@ class License(Model): is_osi_approved = BooleanField(null=True) is_deprecated = BooleanField(null=True) + class Meta: + indexes = [ + Index(fields=["name"]), + ] + def __str__(self): return self.spdx_id @@ -133,6 +139,7 @@ def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.unsaved_license = "" + self.unsaved_evidences = [] def __str__(self): return self.name_version @@ -146,6 +153,19 @@ def save(self, *args, **kwargs) -> None: return super().save(*args, **kwargs) +class License_Component_Evidence(Model): + license_component = ForeignKey( + License_Component, related_name="evidences", on_delete=CASCADE + ) + name = CharField(max_length=255) + evidence = TextField() + + class Meta: + indexes = [ + Index(fields=["name"]), + ] + + class License_Policy(Model): name = CharField(max_length=255, unique=True) description = TextField(max_length=2048, blank=True) diff --git a/backend/application/licenses/queries/license_component_evidence.py b/backend/application/licenses/queries/license_component_evidence.py new file mode 100644 index 000000000..b10fd1da0 --- /dev/null +++ b/backend/application/licenses/queries/license_component_evidence.py @@ -0,0 +1,63 @@ +from django.db.models import Exists, OuterRef, Q +from django.db.models.query import QuerySet + +from application.commons.services.global_request import get_current_user +from application.core.models import Product_Authorization_Group_Member, Product_Member +from application.licenses.models import License_Component_Evidence + + +def get_license_component_evidences() -> QuerySet[License_Component_Evidence]: + user = get_current_user() + + if user is None: + return License_Component_Evidence.objects.none() + + components = License_Component_Evidence.objects.all() + + if not user.is_superuser: + product_members = Product_Member.objects.filter( + product=OuterRef("license_component__product_id"), + user=user, + ) + product_group_members = Product_Member.objects.filter( + product=OuterRef("license_component__product__product_group"), + user=user, + ) + + product_authorization_group_members = ( + Product_Authorization_Group_Member.objects.filter( + product=OuterRef("license_component__product_id"), + authorization_group__users=user, + ) + ) + + product_group_authorization_group_members = ( + Product_Authorization_Group_Member.objects.filter( + product=OuterRef("license_component__product__product_group"), + authorization_group__users=user, + ) + ) + + components = components.annotate( + license_component__product__member=Exists(product_members), + license_component__product__product_group__member=Exists( + product_group_members + ), + license_component__product__authorization_group_member=Exists( + product_authorization_group_members + ), + license_component__product__product_group_authorization_group_member=Exists( + product_group_authorization_group_members + ), + ) + + components = components.filter( + Q(license_component__product__member=True) + | Q(license_component__product__product_group__member=True) + | Q(license_component__product__authorization_group_member=True) + | Q( + license_component__product__product_group_authorization_group_member=True + ) + ) + + return components diff --git a/backend/application/licenses/services/license_component.py b/backend/application/licenses/services/license_component.py index acb6cfe7a..1e49feeb8 100644 --- a/backend/application/licenses/services/license_component.py +++ b/backend/application/licenses/services/license_component.py @@ -9,7 +9,7 @@ from application.commons.services.functions import clip_fields from application.core.models import Product from application.import_observations.models import Vulnerability_Check -from application.licenses.models import License_Component +from application.licenses.models import License_Component, License_Component_Evidence from application.licenses.queries.license import get_license_by_spdx_id from application.licenses.services.license_policy import ( apply_license_policy_to_component, @@ -67,21 +67,23 @@ def process_license_components( else [] ) - for component in license_components: - _prepare_component(component) - existing_component = existing_components_dict.get(component.identity_hash) + for unsaved_component in license_components: + _prepare_component(unsaved_component) + existing_component = existing_components_dict.get( + unsaved_component.identity_hash + ) if existing_component: license_before = existing_component.license unknown_license_before = existing_component.unknown_license evaluation_result_before = existing_component.evaluation_result - existing_component.name = component.name - existing_component.version = component.version - existing_component.purl = component.purl - existing_component.purl_type = component.purl_type - existing_component.cpe = component.cpe - existing_component.dependencies = component.dependencies - existing_component.license = component.license - existing_component.unknown_license = component.unknown_license + existing_component.name = unsaved_component.name + existing_component.version = unsaved_component.version + existing_component.purl = unsaved_component.purl + existing_component.purl_type = unsaved_component.purl_type + existing_component.cpe = unsaved_component.cpe + existing_component.dependencies = unsaved_component.dependencies + existing_component.license = unsaved_component.license + existing_component.unknown_license = unsaved_component.unknown_license apply_license_policy_to_component( existing_component, license_evaluation_results, @@ -96,22 +98,29 @@ def process_license_components( existing_component.last_change = timezone.now() clip_fields("licenses", "License_Component", existing_component) existing_component.save() - existing_components_dict.pop(component.identity_hash) + + existing_component.evidences.all().delete() + _process_evidences(unsaved_component, existing_component) + + existing_components_dict.pop(unsaved_component.identity_hash) components_updated += 1 else: - component.product = vulnerability_check.product - component.branch = vulnerability_check.branch - component.upload_filename = vulnerability_check.filename + unsaved_component.product = vulnerability_check.product + unsaved_component.branch = vulnerability_check.branch + unsaved_component.upload_filename = vulnerability_check.filename apply_license_policy_to_component( - component, + unsaved_component, license_evaluation_results, ignore_component_types, ) - component.import_last_seen = timezone.now() - component.last_change = timezone.now() - clip_fields("licenses", "License_Component", component) - component.save() + unsaved_component.import_last_seen = timezone.now() + unsaved_component.last_change = timezone.now() + clip_fields("licenses", "License_Component", unsaved_component) + unsaved_component.save() + + _process_evidences(unsaved_component, unsaved_component) + components_new += 1 components_deleted = len(existing_components_dict) @@ -121,6 +130,20 @@ def process_license_components( return components_new, components_updated, components_deleted +def _process_evidences( + source_component: License_Component, target_component: License_Component +) -> None: + if source_component.unsaved_evidences: + for evidence in source_component.unsaved_evidences: + evidence = License_Component_Evidence( + license_component=target_component, + name=evidence[0], + evidence=evidence[1], + ) + clip_fields("licenses", "License_Component_Evidence", evidence) + evidence.save() + + def _prepare_component(component: License_Component) -> None: _prepare_name_version(component) diff --git a/backend/config/api_router.py b/backend/config/api_router.py index 1c7647598..b49c99fcd 100644 --- a/backend/config/api_router.py +++ b/backend/config/api_router.py @@ -30,6 +30,7 @@ VulnerabilityCheckViewSet, ) from application.licenses.api.views import ( + LicenseComponentEvidenceViewSet, LicenseComponentIdViewSet, LicenseComponentViewSet, LicenseGroupAuthorizationGroupMemberViewSet, @@ -129,6 +130,11 @@ router.register( "license_component_ids", LicenseComponentIdViewSet, basename="license_component_ids" ) +router.register( + "license_component_evidences", + LicenseComponentEvidenceViewSet, + basename="license_component_evidences", +) router.register("licenses", LicenseViewSet, basename="licenses") router.register("license_groups", LicenseGroupViewSet, basename="license_groups") router.register( diff --git a/backend/unittests/access_control/api/test_authentication.py b/backend/unittests/access_control/api/test_authentication.py index 466053e99..842bada4c 100644 --- a/backend/unittests/access_control/api/test_authentication.py +++ b/backend/unittests/access_control/api/test_authentication.py @@ -318,6 +318,9 @@ def test_authentication(self, mock_user): self._check_authentication(["get"], "/api/license_components/") self._check_authentication(["get"], "/api/license_components/1/") + self._check_authentication(["get"], "/api/license_component_evidences/") + self._check_authentication(["get"], "/api/license_component_evidences/1/") + self._check_authentication(["get", "post"], "/api/license_groups/") self._check_authentication( ["delete", "get", "put", "patch"], "/api/license_groups/1/" diff --git a/backend/unittests/access_control/api/test_authorization_license_component_evidences.py b/backend/unittests/access_control/api/test_authorization_license_component_evidences.py new file mode 100644 index 000000000..9dc0a9e79 --- /dev/null +++ b/backend/unittests/access_control/api/test_authorization_license_component_evidences.py @@ -0,0 +1,111 @@ +from unittests.access_control.api.test_authorization import ( + APITest, + TestAuthorizationBase, +) +from unittests.access_control.services.test_authorization import ( + prepare_authorization_groups, +) + + +class TestAuthorizationLicenseComponentEvidences(TestAuthorizationBase): + def test_authorization_license_component_evidences_product_member(self): + self._test_authorization_license_component_evidences() + + def test_authorization_license_component_evidences_product_authorization_group_member( + self, + ): + prepare_authorization_groups() + self._test_authorization_license_component_evidences() + + def _test_authorization_license_component_evidences(self): + expected_data = "{'count': 2, 'next': None, 'previous': None, 'results': [{'id': 1, 'product': 1, 'name': 'internal_license_evidence_name', 'evidence': 'internal license evidence', 'license_component': 1}, {'id': 2, 'product': 2, 'name': 'external_license_evidence_name', 'evidence': 'external license evidence', 'license_component': 2}]}" + self._test_api( + APITest( + "db_admin", + "get", + "/api/license_component_evidences/", + None, + 200, + expected_data, + ) + ) + + expected_data = "{'count': 1, 'next': None, 'previous': None, 'results': [{'id': 1, 'product': 1, 'name': 'internal_license_evidence_name', 'evidence': 'internal license evidence', 'license_component': 1}]}" + self._test_api( + APITest( + "db_internal_write", + "get", + "/api/license_component_evidences/", + None, + 200, + expected_data, + ) + ) + expected_data = "{'id': 1, 'product': 1, 'name': 'internal_license_evidence_name', 'evidence': 'internal license evidence', 'license_component': 1}" + self._test_api( + APITest( + "db_internal_write", + "get", + "/api/license_component_evidences/1/", + None, + 200, + expected_data, + ) + ) + expected_data = ( + "{'message': 'No License_Component_Evidence matches the given query.'}" + ) + self._test_api( + APITest( + "db_internal_write", + "get", + "/api/license_component_evidences/2/", + None, + 404, + expected_data, + ) + ) + self._test_api( + APITest( + "db_internal_write", + "get", + "/api/license_component_evidences/99999/", + None, + 404, + expected_data, + ) + ) + + post_data = {"product": 1} + self._test_api( + APITest( + "db_internal_write", + "post", + "/api/license_component_evidences/", + post_data, + 405, + None, + ) + ) + + self._test_api( + APITest( + "db_internal_write", + "patch", + "/api/license_component_evidences/1/", + {"title": "changed"}, + 405, + None, + ) + ) + + self._test_api( + APITest( + "db_internal_write", + "delete", + "/api/license_component_evidences/1/", + None, + 405, + None, + ) + ) diff --git a/backend/unittests/access_control/api/test_authorization_license_components.py b/backend/unittests/access_control/api/test_authorization_license_components.py index 558225302..47d223ee5 100644 --- a/backend/unittests/access_control/api/test_authorization_license_components.py +++ b/backend/unittests/access_control/api/test_authorization_license_components.py @@ -16,14 +16,14 @@ def test_authorization_license_components_product_authorization_group_member(sel self._test_authorization_license_components() def _test_authorization_license_components(self): - expected_data = "{'count': 2, 'next': None, 'previous': None, 'results': [{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}, {'id': 2, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'identity_hash': 'bc8e59b7687fe3533616b3914c636389c131eac3bdbda1b67d8d26f890a74007', 'upload_filename': '', 'name': 'external_component', 'version': '2.0.0', 'name_version': 'external_component:2.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'external license', 'evaluation_result': 'Review required', 'numerical_evaluation_result': 2, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 2, 'branch': None, 'license': None}]}" + expected_data = "{'count': 2, 'next': None, 'previous': None, 'results': [{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'title': 'internal license', 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}, {'id': 2, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'title': 'external license', 'identity_hash': 'bc8e59b7687fe3533616b3914c636389c131eac3bdbda1b67d8d26f890a74007', 'upload_filename': '', 'name': 'external_component', 'version': '2.0.0', 'name_version': 'external_component:2.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'external license', 'evaluation_result': 'Review required', 'numerical_evaluation_result': 2, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 2, 'branch': None, 'license': None}]}" self._test_api( APITest( "db_admin", "get", "/api/license_components/", None, 200, expected_data ) ) - expected_data = "{'count': 1, 'next': None, 'previous': None, 'results': [{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}]}" + expected_data = "{'count': 1, 'next': None, 'previous': None, 'results': [{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'title': 'internal license', 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}]}" self._test_api( APITest( "db_internal_write", @@ -34,7 +34,7 @@ def _test_authorization_license_components(self): expected_data, ) ) - expected_data = "{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'license_policy_name': '', 'license_policy_id': 0, 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'dependencies': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}" + expected_data = "{'id': 1, 'license_data': None, 'purl_namespace': '', 'branch_name': '', 'license_policy_name': '', 'license_policy_id': 0, 'evidences': [{'id': 1, 'name': 'internal_license_evidence_name'}], 'title': 'internal license', 'identity_hash': '6eef8088480aa2523aeeb64ad35f876a942cc3172cfb36752f3a052a4f88642c', 'upload_filename': '', 'name': 'internal_component', 'version': '1.0.0', 'name_version': 'internal_component:1.0.0', 'purl': '', 'purl_type': '', 'cpe': '', 'dependencies': '', 'unknown_license': 'internal license', 'evaluation_result': 'Allowed', 'numerical_evaluation_result': 1, 'created': '2022-12-15T17:10:35.513000+01:00', 'import_last_seen': '2022-12-15T17:10:35.513000+01:00', 'last_change': '2022-12-15T17:10:35.513000+01:00', 'product': 1, 'branch': None, 'license': None}" self._test_api( APITest( "db_internal_write", diff --git a/backend/unittests/fixtures/unittests_license_fixtures.json b/backend/unittests/fixtures/unittests_license_fixtures.json index eeb754ffd..f1cd02ae4 100644 --- a/backend/unittests/fixtures/unittests_license_fixtures.json +++ b/backend/unittests/fixtures/unittests_license_fixtures.json @@ -44,6 +44,24 @@ } }, + { + "model": "licenses.license_component_evidence", + "pk": 1, + "fields": { + "license_component": 1, + "name": "internal_license_evidence_name", + "evidence": "internal license evidence" + } + }, + { + "model": "licenses.license_component_evidence", + "pk": 2, + "fields": { + "license_component": 2, + "name": "external_license_evidence_name", + "evidence": "external license evidence" + } + }, { "model": "licenses.license_group", "pk": 1000, diff --git a/docs/getting_started/data_model.md b/docs/getting_started/data_model.md index 78b090afe..53881df81 100644 --- a/docs/getting_started/data_model.md +++ b/docs/getting_started/data_model.md @@ -90,6 +90,7 @@ erDiagram Product }o--o| License_Policy : references Product_Group }o--o| License_Policy : references License_Component }o--o| License : references + License_Component ||--|{ License_Component_Evidence : has License_Policy ||--o{ License_Policy_Item : has License_Policy ||--o{ License_Policy_Member : has License_Policy ||--o{ License_Policy_Authorization_Group_Member : has @@ -107,6 +108,10 @@ The [Linux Foundation](https://www.linuxfoundation.org/) gathers a list of commo A `License Component` is a library or package used in a product that is licensed under a specific license and has an evaluation of the license according to a license policy. +#### License Component Evidence + +`License Component Evidences` are extracts from the scan reports showing the basis on which the license component was created. + #### License Policy A `License Policy` defines the rules for the usage of licenses in a product. It can define which licenses are allowed, which are forbidden, and which need a review. diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index c4d2a7011..5e9b376a5 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -24,6 +24,7 @@ import products from "./core/products"; import { Dashboard } from "./dashboard"; import parsers from "./import_observations/parsers"; import LicenseAdministration from "./licenses/license_administration/LicenseAdministration"; +import license_component_evidences from "./licenses/license_component_evidences"; import license_components from "./licenses/license_components"; import license_groups from "./licenses/license_groups"; import license_policies from "./licenses/license_policies"; @@ -168,6 +169,11 @@ const App = () => { {...license_components} // nosemgrep: typescript.react.best-practice.react-props-spreading.react-props-spreading // nosemgrep because the props are well defined in the import /> + { + const evidence = useRecordContext(); + return ( + + {evidence && ( + + )} + + ); +}; + +const LicenseComponentEvidenceShow = () => { + const { classes } = useStyles(); + return ( + }> + + License Component Evidence + `/${reference}/${record.id}/show/licenses`} + sx={{ "& a": { textDecoration: "none" } }} + > + + + + + + + ( + + + + )} + /> + + + ); +}; + +export default LicenseComponentEvidenceShow; diff --git a/frontend/src/licenses/license_component_evidences/index.ts b/frontend/src/licenses/license_component_evidences/index.ts new file mode 100644 index 000000000..6141ada80 --- /dev/null +++ b/frontend/src/licenses/license_component_evidences/index.ts @@ -0,0 +1,8 @@ +import LicenseComponentEvidenceIcon from "@mui/icons-material/Fingerprint"; + +import LicenseComponentEvidenceShow from "./LicenseComponentEvidenceShow"; + +export default { + show: LicenseComponentEvidenceShow, + icon: LicenseComponentEvidenceIcon, +}; diff --git a/frontend/src/licenses/license_components/LicenseComponentShowAside.tsx b/frontend/src/licenses/license_components/LicenseComponentShowAside.tsx index 20b08fc8b..d10c76519 100644 --- a/frontend/src/licenses/license_components/LicenseComponentShowAside.tsx +++ b/frontend/src/licenses/license_components/LicenseComponentShowAside.tsx @@ -1,12 +1,17 @@ -import { Box, Paper, Stack, Typography } from "@mui/material"; -import { DateField, Labeled, ReferenceField, TextField, WithRecord } from "react-admin"; +import { Box, Paper, Stack, TableHead, Typography } from "@mui/material"; +import { Fragment } from "react"; +import { ArrayField, Datagrid, DateField, Labeled, ReferenceField, TextField, WithRecord } from "react-admin"; +import { Link } from "react-router-dom"; import TextUrlField from "../../commons/custom_fields/TextUrlField"; +import { useLinkStyles } from "../../commons/layout/themes"; +import { getSettingTheme } from "../../commons/user_settings/functions"; const LicenseComponentShowAside = () => { return ( + ); }; @@ -62,4 +67,44 @@ const MetaData = () => { ); }; +const EmptyDatagridHeader = () => ; + +const Evidences = () => { + const { classes } = useLinkStyles({ setting_theme: getSettingTheme() }); + return ( + ( + + {license_component.evidences && license_component.evidences.length > 0 && ( + + + Evidences + + + + ( + + {evidence.name} + + )} + /> + + + + )} + + )} + /> + ); +}; + export default LicenseComponentShowAside; From d8493f4ad54c5289c4423c394429dd772e261493 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 20:42:39 +0100 Subject: [PATCH 11/14] chore(deps): update dependency @types/node to v22.9.1 (#2229) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- end_to_end_tests/package-lock.json | 8 ++++---- end_to_end_tests/package.json | 2 +- frontend/package-lock.json | 8 ++++---- frontend/package.json | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/end_to_end_tests/package-lock.json b/end_to_end_tests/package-lock.json index 8e5a6d901..f9ba18061 100644 --- a/end_to_end_tests/package-lock.json +++ b/end_to_end_tests/package-lock.json @@ -9,7 +9,7 @@ "version": "1.22.2", "devDependencies": { "@playwright/test": "1.49.0", - "@types/node": "22.9.0" + "@types/node": "22.9.1" } }, "node_modules/@playwright/test": { @@ -29,9 +29,9 @@ } }, "node_modules/@types/node": { - "version": "22.9.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.9.0.tgz", - "integrity": "sha512-vuyHg81vvWA1Z1ELfvLko2c8f34gyA0zaic0+Rllc5lbCnbSyuvb2Oxpm6TAUAC/2xZN3QGqxBNggD1nNR2AfQ==", + "version": "22.9.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.9.1.tgz", + "integrity": "sha512-p8Yy/8sw1caA8CdRIQBG5tiLHmxtQKObCijiAa9Ez+d4+PRffM4054xbju0msf+cvhJpnFEeNjxmVT/0ipktrg==", "dev": true, "license": "MIT", "dependencies": { diff --git a/end_to_end_tests/package.json b/end_to_end_tests/package.json index da30e17fc..93da92cc9 100644 --- a/end_to_end_tests/package.json +++ b/end_to_end_tests/package.json @@ -9,6 +9,6 @@ "author": "", "devDependencies": { "@playwright/test": "1.49.0", - "@types/node": "22.9.0" + "@types/node": "22.9.1" } } diff --git a/frontend/package-lock.json b/frontend/package-lock.json index 092dc38af..c751ac2c2 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -39,7 +39,7 @@ "@microsoft/eslint-formatter-sarif": "3.1.0", "@trivago/prettier-plugin-sort-imports": "4.3.0", "@types/inflection": "1.13.2", - "@types/node": "22.9.0", + "@types/node": "22.9.1", "@types/prop-types": "15.7.13", "@types/react": "18.3.12", "@types/react-dom": "18.3.1", @@ -3187,9 +3187,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.9.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.9.0.tgz", - "integrity": "sha512-vuyHg81vvWA1Z1ELfvLko2c8f34gyA0zaic0+Rllc5lbCnbSyuvb2Oxpm6TAUAC/2xZN3QGqxBNggD1nNR2AfQ==", + "version": "22.9.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.9.1.tgz", + "integrity": "sha512-p8Yy/8sw1caA8CdRIQBG5tiLHmxtQKObCijiAa9Ez+d4+PRffM4054xbju0msf+cvhJpnFEeNjxmVT/0ipktrg==", "dev": true, "license": "MIT", "dependencies": { diff --git a/frontend/package.json b/frontend/package.json index 7c38d1408..0235f4087 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -48,7 +48,7 @@ "@microsoft/eslint-formatter-sarif": "3.1.0", "@trivago/prettier-plugin-sort-imports": "4.3.0", "@types/inflection": "1.13.2", - "@types/node": "22.9.0", + "@types/node": "22.9.1", "@types/prop-types": "15.7.13", "@types/react": "18.3.12", "@types/react-dom": "18.3.1", From ef9f38a16f44269f3df2884685d5b09a7e66134e Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Tue, 19 Nov 2024 19:54:59 +0000 Subject: [PATCH 12/14] fix: use both license ids and license names from SBOM (#2231) --- .../import_observations/parsers/cyclone_dx/parser.py | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/backend/application/import_observations/parsers/cyclone_dx/parser.py b/backend/application/import_observations/parsers/cyclone_dx/parser.py index 71f99c4e2..77ee5a2ed 100644 --- a/backend/application/import_observations/parsers/cyclone_dx/parser.py +++ b/backend/application/import_observations/parsers/cyclone_dx/parser.py @@ -139,21 +139,14 @@ def _get_component(self, component_data: dict[str, Any]) -> Optional[Component]: if licenses and licenses[0].get("expression"): unknown_licenses.append(licenses[0].get("expression")) else: - unknown_license_ids = [] - unknown_license_names = [] for my_license in licenses: component_license = my_license.get("license", {}).get("id") if component_license: - unknown_license_ids.append(component_license) + unknown_licenses.append(component_license) component_license = my_license.get("license", {}).get("name") if component_license: - unknown_license_names.append(component_license) - - if unknown_license_ids: - unknown_licenses = unknown_license_ids - else: - unknown_licenses = unknown_license_names + unknown_licenses.append(component_license) return Component( bom_ref=component_data.get("bom-ref", ""), From 5434cc68f4eb7f34a053728aca9e7896a543cc81 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Nov 2024 21:22:31 +0100 Subject: [PATCH 13/14] chore(deps): lock file maintenance (#2183) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- backend/poetry.lock | 36 ++--- frontend/package-lock.json | 300 +++++++++++++++++++------------------ 2 files changed, 171 insertions(+), 165 deletions(-) diff --git a/backend/poetry.lock b/backend/poetry.lock index c5185ee91..f5748647d 100644 --- a/backend/poetry.lock +++ b/backend/poetry.lock @@ -1021,13 +1021,13 @@ redis = ["redis (>=3.0.0)"] [[package]] name = "identify" -version = "2.6.1" +version = "2.6.2" description = "File identification library for Python" optional = true -python-versions = ">=3.8" +python-versions = ">=3.9" files = [ - {file = "identify-2.6.1-py2.py3-none-any.whl", hash = "sha256:53863bcac7caf8d2ed85bd20312ea5dcfc22226800f6d6881f232d861db5a8f0"}, - {file = "identify-2.6.1.tar.gz", hash = "sha256:91478c5fb7c3aac5ff7bf9b4344f803843dc586832d5f110d672b19aa1984c98"}, + {file = "identify-2.6.2-py2.py3-none-any.whl", hash = "sha256:c097384259f49e372f4ea00a19719d95ae27dd5ff0fd77ad630aa891306b82f3"}, + {file = "identify-2.6.2.tar.gz", hash = "sha256:fab5c716c24d7a789775228823797296a2994b075fb6080ac83a102772a98cbd"}, ] [package.extras] @@ -1151,22 +1151,22 @@ colors = ["colorama (>=0.4.6)"] [[package]] name = "jedi" -version = "0.19.1" +version = "0.19.2" description = "An autocompletion tool for Python that can be used for text editors." optional = true python-versions = ">=3.6" files = [ - {file = "jedi-0.19.1-py2.py3-none-any.whl", hash = "sha256:e983c654fe5c02867aef4cdfce5a2fbb4a50adc0af145f70504238f18ef5e7e0"}, - {file = "jedi-0.19.1.tar.gz", hash = "sha256:cf0496f3651bc65d7174ac1b7d043eff454892c708a87d1b683e57b569927ffd"}, + {file = "jedi-0.19.2-py2.py3-none-any.whl", hash = "sha256:a8ef22bde8490f57fe5c7681a3c83cb58874daf72b4784de3cce5b6ef6edb5b9"}, + {file = "jedi-0.19.2.tar.gz", hash = "sha256:4770dc3de41bde3966b02eb84fbcf557fb33cce26ad23da12c742fb50ecb11f0"}, ] [package.dependencies] -parso = ">=0.8.3,<0.9.0" +parso = ">=0.8.4,<0.9.0" [package.extras] docs = ["Jinja2 (==2.11.3)", "MarkupSafe (==1.1.1)", "Pygments (==2.8.1)", "alabaster (==0.7.12)", "babel (==2.9.1)", "chardet (==4.0.0)", "commonmark (==0.8.1)", "docutils (==0.17.1)", "future (==0.18.2)", "idna (==2.10)", "imagesize (==1.2.0)", "mock (==1.0.1)", "packaging (==20.9)", "pyparsing (==2.4.7)", "pytz (==2021.1)", "readthedocs-sphinx-ext (==2.1.4)", "recommonmark (==0.5.0)", "requests (==2.25.1)", "six (==1.15.0)", "snowballstemmer (==2.1.0)", "sphinx (==1.8.5)", "sphinx-rtd-theme (==0.4.3)", "sphinxcontrib-serializinghtml (==1.1.4)", "sphinxcontrib-websupport (==1.2.4)", "urllib3 (==1.26.4)"] qa = ["flake8 (==5.0.4)", "mypy (==0.971)", "types-setuptools (==67.2.0.1)"] -testing = ["Django", "attrs", "colorama", "docopt", "pytest (<7.0.0)"] +testing = ["Django", "attrs", "colorama", "docopt", "pytest (<9.0.0)"] [[package]] name = "jira" @@ -1478,13 +1478,13 @@ test = ["pytest"] [[package]] name = "packaging" -version = "24.1" +version = "24.2" description = "Core utilities for Python packages" optional = false python-versions = ">=3.8" files = [ - {file = "packaging-24.1-py3-none-any.whl", hash = "sha256:5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124"}, - {file = "packaging-24.1.tar.gz", hash = "sha256:026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002"}, + {file = "packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759"}, + {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, ] [[package]] @@ -2257,13 +2257,13 @@ files = [ [[package]] name = "sqlparse" -version = "0.5.1" +version = "0.5.2" description = "A non-validating SQL parser." optional = false python-versions = ">=3.8" files = [ - {file = "sqlparse-0.5.1-py3-none-any.whl", hash = "sha256:773dcbf9a5ab44a090f3441e2180efe2560220203dc2f8c0b0fa141e18b505e4"}, - {file = "sqlparse-0.5.1.tar.gz", hash = "sha256:bb6b4df465655ef332548e24f08e205afc81b9ab86cb1c45657a7ff173a3a00e"}, + {file = "sqlparse-0.5.2-py3-none-any.whl", hash = "sha256:e99bc85c78160918c3e1d9230834ab8d80fc06c59d03f8db2618f65f65dda55e"}, + {file = "sqlparse-0.5.2.tar.gz", hash = "sha256:9e37b35e16d1cc652a2545f0997c1deb23ea28fa1f3eefe609eee3063c3b105f"}, ] [package.extras] @@ -2291,13 +2291,13 @@ tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] [[package]] name = "tomli" -version = "2.0.2" +version = "2.1.0" description = "A lil' TOML parser" optional = true python-versions = ">=3.8" files = [ - {file = "tomli-2.0.2-py3-none-any.whl", hash = "sha256:2ebe24485c53d303f690b0ec092806a085f07af5a5aa1464f3931eec36caaa38"}, - {file = "tomli-2.0.2.tar.gz", hash = "sha256:d46d457a85337051c36524bc5349dd91b1877838e2979ac5ced3e710ed8a60ed"}, + {file = "tomli-2.1.0-py3-none-any.whl", hash = "sha256:a5c57c3d1c56f5ccdf89f6523458f60ef716e210fc47c4cfb188c5ba473e0391"}, + {file = "tomli-2.1.0.tar.gz", hash = "sha256:3f646cae2aec94e17d04973e4249548320197cfabdf130015d023de4b74d8ab8"}, ] [[package]] diff --git a/frontend/package-lock.json b/frontend/package-lock.json index c751ac2c2..ee3bd4a75 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -1410,9 +1410,9 @@ } }, "node_modules/@kurkle/color": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/@kurkle/color/-/color-0.3.2.tgz", - "integrity": "sha512-fuscdXJ9G1qb7W8VdHi+IwRqij3lBkosAm4ydQtEmbY58OzHXqQhvlxqEkoz0yssNVn38bcpRWgA9PP+OGoisw==", + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/@kurkle/color/-/color-0.3.4.tgz", + "integrity": "sha512-M5UknZPHRu3DEDWoipU6sE8PdkZ6Z/S+v4dD+Ke8IaNlpdSQah50lz1KtcFBa2vsdOnwbbnxJwVM4wty6udA5w==", "license": "MIT" }, "node_modules/@mermaid-js/parser": { @@ -1704,6 +1704,12 @@ } } }, + "node_modules/@mui/material/node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "license": "MIT" + }, "node_modules/@mui/private-theming": { "version": "5.16.6", "resolved": "https://registry.npmjs.org/@mui/private-theming/-/private-theming-5.16.6.tgz", @@ -1847,6 +1853,12 @@ } } }, + "node_modules/@mui/utils/node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "license": "MIT" + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -1911,9 +1923,9 @@ } }, "node_modules/@rollup/rollup-android-arm-eabi": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.24.4.tgz", - "integrity": "sha512-jfUJrFct/hTA0XDM5p/htWKoNNTbDLY0KRwEt6pyOA6k2fmk0WVwl65PdUdJZgzGEHWx+49LilkcSaumQRyNQw==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.27.3.tgz", + "integrity": "sha512-EzxVSkIvCFxUd4Mgm4xR9YXrcp976qVaHnqom/Tgm+vU79k4vV4eYTjmRvGfeoW8m9LVcsAy/lGjcgVegKEhLQ==", "cpu": [ "arm" ], @@ -1925,9 +1937,9 @@ ] }, "node_modules/@rollup/rollup-android-arm64": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.24.4.tgz", - "integrity": "sha512-j4nrEO6nHU1nZUuCfRKoCcvh7PIywQPUCBa2UsootTHvTHIoIu2BzueInGJhhvQO/2FTRdNYpf63xsgEqH9IhA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.27.3.tgz", + "integrity": "sha512-LJc5pDf1wjlt9o/Giaw9Ofl+k/vLUaYsE2zeQGH85giX2F+wn/Cg8b3c5CDP3qmVmeO5NzwVUzQQxwZvC2eQKw==", "cpu": [ "arm64" ], @@ -1939,9 +1951,9 @@ ] }, "node_modules/@rollup/rollup-darwin-arm64": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.24.4.tgz", - "integrity": "sha512-GmU/QgGtBTeraKyldC7cDVVvAJEOr3dFLKneez/n7BvX57UdhOqDsVwzU7UOnYA7AAOt+Xb26lk79PldDHgMIQ==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.27.3.tgz", + "integrity": "sha512-OuRysZ1Mt7wpWJ+aYKblVbJWtVn3Cy52h8nLuNSzTqSesYw1EuN6wKp5NW/4eSre3mp12gqFRXOKTcN3AI3LqA==", "cpu": [ "arm64" ], @@ -1953,9 +1965,9 @@ ] }, "node_modules/@rollup/rollup-darwin-x64": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.24.4.tgz", - "integrity": "sha512-N6oDBiZCBKlwYcsEPXGDE4g9RoxZLK6vT98M8111cW7VsVJFpNEqvJeIPfsCzbf0XEakPslh72X0gnlMi4Ddgg==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.27.3.tgz", + "integrity": "sha512-xW//zjJMlJs2sOrCmXdB4d0uiilZsOdlGQIC/jjmMWT47lkLLoB1nsNhPUcnoqyi5YR6I4h+FjBpILxbEy8JRg==", "cpu": [ "x64" ], @@ -1967,9 +1979,9 @@ ] }, "node_modules/@rollup/rollup-freebsd-arm64": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.24.4.tgz", - "integrity": "sha512-py5oNShCCjCyjWXCZNrRGRpjWsF0ic8f4ieBNra5buQz0O/U6mMXCpC1LvrHuhJsNPgRt36tSYMidGzZiJF6mw==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.27.3.tgz", + "integrity": "sha512-58E0tIcwZ+12nK1WiLzHOD8I0d0kdrY/+o7yFVPRHuVGY3twBwzwDdTIBGRxLmyjciMYl1B/U515GJy+yn46qw==", "cpu": [ "arm64" ], @@ -1981,9 +1993,9 @@ ] }, "node_modules/@rollup/rollup-freebsd-x64": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.24.4.tgz", - "integrity": "sha512-L7VVVW9FCnTTp4i7KrmHeDsDvjB4++KOBENYtNYAiYl96jeBThFfhP6HVxL74v4SiZEVDH/1ILscR5U9S4ms4g==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.27.3.tgz", + "integrity": "sha512-78fohrpcVwTLxg1ZzBMlwEimoAJmY6B+5TsyAZ3Vok7YabRBUvjYTsRXPTjGEvv/mfgVBepbW28OlMEz4w8wGA==", "cpu": [ "x64" ], @@ -1995,9 +2007,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm-gnueabihf": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.24.4.tgz", - "integrity": "sha512-10ICosOwYChROdQoQo589N5idQIisxjaFE/PAnX2i0Zr84mY0k9zul1ArH0rnJ/fpgiqfu13TFZR5A5YJLOYZA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.27.3.tgz", + "integrity": "sha512-h2Ay79YFXyQi+QZKo3ISZDyKaVD7uUvukEHTOft7kh00WF9mxAaxZsNs3o/eukbeKuH35jBvQqrT61fzKfAB/Q==", "cpu": [ "arm" ], @@ -2009,9 +2021,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm-musleabihf": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.24.4.tgz", - "integrity": "sha512-ySAfWs69LYC7QhRDZNKqNhz2UKN8LDfbKSMAEtoEI0jitwfAG2iZwVqGACJT+kfYvvz3/JgsLlcBP+WWoKCLcw==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.27.3.tgz", + "integrity": "sha512-Sv2GWmrJfRY57urktVLQ0VKZjNZGogVtASAgosDZ1aUB+ykPxSi3X1nWORL5Jk0sTIIwQiPH7iE3BMi9zGWfkg==", "cpu": [ "arm" ], @@ -2023,9 +2035,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm64-gnu": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.24.4.tgz", - "integrity": "sha512-uHYJ0HNOI6pGEeZ/5mgm5arNVTI0nLlmrbdph+pGXpC9tFHFDQmDMOEqkmUObRfosJqpU8RliYoGz06qSdtcjg==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.27.3.tgz", + "integrity": "sha512-FPoJBLsPW2bDNWjSrwNuTPUt30VnfM8GPGRoLCYKZpPx0xiIEdFip3dH6CqgoT0RnoGXptaNziM0WlKgBc+OWQ==", "cpu": [ "arm64" ], @@ -2037,9 +2049,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm64-musl": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.24.4.tgz", - "integrity": "sha512-38yiWLemQf7aLHDgTg85fh3hW9stJ0Muk7+s6tIkSUOMmi4Xbv5pH/5Bofnsb6spIwD5FJiR+jg71f0CH5OzoA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.27.3.tgz", + "integrity": "sha512-TKxiOvBorYq4sUpA0JT+Fkh+l+G9DScnG5Dqx7wiiqVMiRSkzTclP35pE6eQQYjP4Gc8yEkJGea6rz4qyWhp3g==", "cpu": [ "arm64" ], @@ -2051,9 +2063,9 @@ ] }, "node_modules/@rollup/rollup-linux-powerpc64le-gnu": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.24.4.tgz", - "integrity": "sha512-q73XUPnkwt9ZNF2xRS4fvneSuaHw2BXuV5rI4cw0fWYVIWIBeDZX7c7FWhFQPNTnE24172K30I+dViWRVD9TwA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.27.3.tgz", + "integrity": "sha512-v2M/mPvVUKVOKITa0oCFksnQQ/TqGrT+yD0184/cWHIu0LoIuYHwox0Pm3ccXEz8cEQDLk6FPKd1CCm+PlsISw==", "cpu": [ "ppc64" ], @@ -2065,9 +2077,9 @@ ] }, "node_modules/@rollup/rollup-linux-riscv64-gnu": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.24.4.tgz", - "integrity": "sha512-Aie/TbmQi6UXokJqDZdmTJuZBCU3QBDA8oTKRGtd4ABi/nHgXICulfg1KI6n9/koDsiDbvHAiQO3YAUNa/7BCw==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.27.3.tgz", + "integrity": "sha512-LdrI4Yocb1a/tFVkzmOE5WyYRgEBOyEhWYJe4gsDWDiwnjYKjNs7PS6SGlTDB7maOHF4kxevsuNBl2iOcj3b4A==", "cpu": [ "riscv64" ], @@ -2079,9 +2091,9 @@ ] }, "node_modules/@rollup/rollup-linux-s390x-gnu": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.24.4.tgz", - "integrity": "sha512-P8MPErVO/y8ohWSP9JY7lLQ8+YMHfTI4bAdtCi3pC2hTeqFJco2jYspzOzTUB8hwUWIIu1xwOrJE11nP+0JFAQ==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.27.3.tgz", + "integrity": "sha512-d4wVu6SXij/jyiwPvI6C4KxdGzuZOvJ6y9VfrcleHTwo68fl8vZC5ZYHsCVPUi4tndCfMlFniWgwonQ5CUpQcA==", "cpu": [ "s390x" ], @@ -2093,9 +2105,9 @@ ] }, "node_modules/@rollup/rollup-linux-x64-gnu": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.24.4.tgz", - "integrity": "sha512-K03TljaaoPK5FOyNMZAAEmhlyO49LaE4qCsr0lYHUKyb6QacTNF9pnfPpXnFlFD3TXuFbFbz7tJ51FujUXkXYA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.27.3.tgz", + "integrity": "sha512-/6bn6pp1fsCGEY5n3yajmzZQAh+mW4QPItbiWxs69zskBzJuheb3tNynEjL+mKOsUSFK11X4LYF2BwwXnzWleA==", "cpu": [ "x64" ], @@ -2107,9 +2119,9 @@ ] }, "node_modules/@rollup/rollup-linux-x64-musl": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.24.4.tgz", - "integrity": "sha512-VJYl4xSl/wqG2D5xTYncVWW+26ICV4wubwN9Gs5NrqhJtayikwCXzPL8GDsLnaLU3WwhQ8W02IinYSFJfyo34Q==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.27.3.tgz", + "integrity": "sha512-nBXOfJds8OzUT1qUreT/en3eyOXd2EH5b0wr2bVB5999qHdGKkzGzIyKYaKj02lXk6wpN71ltLIaQpu58YFBoQ==", "cpu": [ "x64" ], @@ -2121,9 +2133,9 @@ ] }, "node_modules/@rollup/rollup-win32-arm64-msvc": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.24.4.tgz", - "integrity": "sha512-ku2GvtPwQfCqoPFIJCqZ8o7bJcj+Y54cZSr43hHca6jLwAiCbZdBUOrqE6y29QFajNAzzpIOwsckaTFmN6/8TA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.27.3.tgz", + "integrity": "sha512-ogfbEVQgIZOz5WPWXF2HVb6En+kWzScuxJo/WdQTqEgeyGkaa2ui5sQav9Zkr7bnNCLK48uxmmK0TySm22eiuw==", "cpu": [ "arm64" ], @@ -2135,9 +2147,9 @@ ] }, "node_modules/@rollup/rollup-win32-ia32-msvc": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.24.4.tgz", - "integrity": "sha512-V3nCe+eTt/W6UYNr/wGvO1fLpHUrnlirlypZfKCT1fG6hWfqhPgQV/K/mRBXBpxc0eKLIF18pIOFVPh0mqHjlg==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.27.3.tgz", + "integrity": "sha512-ecE36ZBMLINqiTtSNQ1vzWc5pXLQHlf/oqGp/bSbi7iedcjcNb6QbCBNG73Euyy2C+l/fn8qKWEwxr+0SSfs3w==", "cpu": [ "ia32" ], @@ -2149,9 +2161,9 @@ ] }, "node_modules/@rollup/rollup-win32-x64-msvc": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.24.4.tgz", - "integrity": "sha512-LTw1Dfd0mBIEqUVCxbvTE/LLo+9ZxVC9k99v1v4ahg9Aak6FpqOfNu5kRkeTAn0wphoC4JU7No1/rL+bBCEwhg==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.27.3.tgz", + "integrity": "sha512-vliZLrDmYKyaUoMzEbMTg2JkerfBjn03KmAw9CykO0Zzkzoyd7o3iZNam/TpyWNjNT+Cz2iO3P9Smv2wgrR+Eg==", "cpu": [ "x64" ], @@ -2163,9 +2175,9 @@ ] }, "node_modules/@tanstack/query-core": { - "version": "5.59.20", - "resolved": "https://registry.npmjs.org/@tanstack/query-core/-/query-core-5.59.20.tgz", - "integrity": "sha512-e8vw0lf7KwfGe1if4uPFhvZRWULqHjFcz3K8AebtieXvnMOz5FSzlZe3mTLlPuUBcydCnBRqYs2YJ5ys68wwLg==", + "version": "5.60.6", + "resolved": "https://registry.npmjs.org/@tanstack/query-core/-/query-core-5.60.6.tgz", + "integrity": "sha512-tI+k0KyCo1EBJ54vxK1kY24LWj673ujTydCZmzEZKAew4NqZzTaVQJEuaG1qKj2M03kUHN46rchLRd+TxVq/zQ==", "license": "MIT", "funding": { "type": "github", @@ -2173,12 +2185,12 @@ } }, "node_modules/@tanstack/react-query": { - "version": "5.59.20", - "resolved": "https://registry.npmjs.org/@tanstack/react-query/-/react-query-5.59.20.tgz", - "integrity": "sha512-Zly0egsK0tFdfSbh5/mapSa+Zfc3Et0Zkar7Wo5sQkFzWyB3p3uZWOHR2wrlAEEV2L953eLuDBtbgFvMYiLvUw==", + "version": "5.60.6", + "resolved": "https://registry.npmjs.org/@tanstack/react-query/-/react-query-5.60.6.tgz", + "integrity": "sha512-FUzSDaiPkuZCmuGqrixfRRXJV9u+nrUh9lAlA5Q3ZFrOw1Js1VeBfxi1NIcJO3ZWJdKceBqKeBJdNcWStCYZnw==", "license": "MIT", "dependencies": { - "@tanstack/query-core": "5.59.20" + "@tanstack/query-core": "5.60.6" }, "funding": { "type": "github", @@ -3737,9 +3749,9 @@ "license": "MIT" }, "node_modules/attr-accept": { - "version": "2.2.4", - "resolved": "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.4.tgz", - "integrity": "sha512-2pA6xFIbdTUDCAwjN8nQwI+842VwzbDUXO2IYlpPXQIORgKnavorcr4Ce3rwh+zsNg9zK7QPsdvDj3Lum4WX4w==", + "version": "2.2.5", + "resolved": "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.5.tgz", + "integrity": "sha512-0bDNnY/u6pPwHDMoF0FieU354oBi0a8rD9FcsLwzcGWbc8KS8KPIi7y+s13OlVY+gMWc/9xEMUgNE6Qm8ZllYQ==", "license": "MIT", "engines": { "node": ">=4" @@ -3889,9 +3901,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001678", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001678.tgz", - "integrity": "sha512-RR+4U/05gNtps58PEBDZcPWTgEO2MBeoPZ96aQcjmfkBWRIDfN451fW2qyDA9/+HohLLIL5GqiMwA+IB1pWarw==", + "version": "1.0.30001680", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001680.tgz", + "integrity": "sha512-rPQy70G6AGUMnbwS1z6Xg+RkHYPAi18ihs47GH0jcxIG7wArmPgY3XbS2sRdBbxJljp3thdT8BIqv9ccCypiPA==", "dev": true, "funding": [ { @@ -4086,9 +4098,9 @@ "license": "MIT" }, "node_modules/cross-spawn": { - "version": "7.0.5", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", - "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "license": "MIT", "dependencies": { @@ -4796,9 +4808,9 @@ "license": "(MPL-2.0 OR Apache-2.0)" }, "node_modules/electron-to-chromium": { - "version": "1.5.52", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.52.tgz", - "integrity": "sha512-xtoijJTZ+qeucLBDNztDOuQBE1ksqjvNjvqFoST3nGC7fSpqJ+X6BdTBaY5BHG+IhWWmpc6b/KfpeuEDupEPOQ==", + "version": "1.5.63", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.63.tgz", + "integrity": "sha512-ddeXKuY9BHo/mw145axlyWjlJ1UBt4WK3AlvkT7W2AbqfRQoacVoRUCF6wL3uIx/8wT9oLKXzI+rFqHHscByaA==", "dev": true, "license": "ISC" }, @@ -4830,9 +4842,9 @@ } }, "node_modules/es-abstract": { - "version": "1.23.3", - "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.23.3.tgz", - "integrity": "sha512-e+HfNH61Bj1X9/jLc5v1owaLYuHdeHHSQlkhCBiTK8rBvKaULl/beGMxwrMXjpYrv4pz22BlY570vVePA2ho4A==", + "version": "1.23.5", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.23.5.tgz", + "integrity": "sha512-vlmniQ0WNPwXqA0BnmwV3Ng7HxiGlh6r5U6JcTMNx8OilcAGqVJBHJcPjqOMaczU9fRuRK5Px2BdVyPRnKMMVQ==", "dev": true, "license": "MIT", "dependencies": { @@ -4851,7 +4863,7 @@ "function.prototype.name": "^1.1.6", "get-intrinsic": "^1.2.4", "get-symbol-description": "^1.0.2", - "globalthis": "^1.0.3", + "globalthis": "^1.0.4", "gopd": "^1.0.1", "has-property-descriptors": "^1.0.2", "has-proto": "^1.0.3", @@ -4867,10 +4879,10 @@ "is-string": "^1.0.7", "is-typed-array": "^1.1.13", "is-weakref": "^1.0.2", - "object-inspect": "^1.13.1", + "object-inspect": "^1.13.3", "object-keys": "^1.1.1", "object.assign": "^4.1.5", - "regexp.prototype.flags": "^1.5.2", + "regexp.prototype.flags": "^1.5.3", "safe-array-concat": "^1.1.2", "safe-regex-test": "^1.0.3", "string.prototype.trim": "^1.2.9", @@ -5147,9 +5159,9 @@ } }, "node_modules/eslint-plugin-react-hooks": { - "version": "5.1.0-rc-66855b96-20241106", - "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-5.1.0-rc-66855b96-20241106.tgz", - "integrity": "sha512-Ujwx0O8fhjfp1LZ0/lLlzTn/BW32ZhshDrswz6B1bhwrGb/4u9J0m6KPxrQY7jidPf2WILEETeAPKFKN2V0YzA==", + "version": "5.1.0-rc.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-5.1.0-rc.1.tgz", + "integrity": "sha512-nAD017D/00XFwjP4F7cXaIbCxQ9A4pGaqjLs5347px37w/WclOtPqz8bBiTQFoj+teVQei6Ahr1h1aZiuaXMSw==", "dev": true, "license": "MIT", "engines": { @@ -5477,9 +5489,9 @@ } }, "node_modules/flatted": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", - "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==", + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.2.tgz", + "integrity": "sha512-AiwGJM8YcNOaobumgtng+6NHuOqC3A7MixFeDafM3X9cIUM+xUXoS5Vfgf+OihAYe20fxqNM9yPBXJzRtZ/4eA==", "dev": true, "license": "ISC" }, @@ -5826,12 +5838,6 @@ "react-is": "^16.7.0" } }, - "node_modules/hoist-non-react-statics/node_modules/react-is": { - "version": "16.13.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", - "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", - "license": "MIT" - }, "node_modules/iconv-lite": { "version": "0.6.3", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", @@ -6572,19 +6578,19 @@ } }, "node_modules/linkifyjs": { - "version": "4.1.3", - "resolved": "https://registry.npmjs.org/linkifyjs/-/linkifyjs-4.1.3.tgz", - "integrity": "sha512-auMesunaJ8yfkHvK4gfg1K0SaKX/6Wn9g2Aac/NwX+l5VdmFZzo/hdPGxEOETj+ryRa4/fiOPjeeKURSAJx1sg==", + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/linkifyjs/-/linkifyjs-4.1.4.tgz", + "integrity": "sha512-0/NxkHNpiJ0k9VrYCkAn9OtU1eu8xEr1tCCpDtSsVRm/SF0xAak2Gzv3QimSfgUgqLBCDlfhMbu73XvaEHUTPQ==", "license": "MIT" }, "node_modules/local-pkg": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/local-pkg/-/local-pkg-0.5.0.tgz", - "integrity": "sha512-ok6z3qlYyCDS4ZEU27HaU6x/xZa9Whf8jD4ptH5UZTQYZVYeb9bnZ3ojVhiJNLiXK1Hfc0GNbLXcmZ5plLDDBg==", + "version": "0.5.1", + "resolved": "https://registry.npmjs.org/local-pkg/-/local-pkg-0.5.1.tgz", + "integrity": "sha512-9rrA30MRRP3gBD3HTGnC6cDFpaE1kVDWxWgqWJUN0RvDNAo+Nz/9GxB+nHOH0ifbVFy0hSA1V6vFDvnx54lTEQ==", "license": "MIT", "dependencies": { - "mlly": "^1.4.2", - "pkg-types": "^1.0.3" + "mlly": "^1.7.3", + "pkg-types": "^1.2.1" }, "engines": { "node": ">=14" @@ -6791,14 +6797,14 @@ } }, "node_modules/mlly": { - "version": "1.7.2", - "resolved": "https://registry.npmjs.org/mlly/-/mlly-1.7.2.tgz", - "integrity": "sha512-tN3dvVHYVz4DhSXinXIk7u9syPYaJvio118uomkovAtWBT+RdbP6Lfh/5Lvo519YMmwBafwlh20IPTXIStscpA==", + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/mlly/-/mlly-1.7.3.tgz", + "integrity": "sha512-xUsx5n/mN0uQf4V548PKQ+YShA4/IW0KI1dZhrNrPCLG+xizETbHTkOa1f8/xut9JRPp8kQuMnz0oqwkTiLo/A==", "license": "MIT", "dependencies": { - "acorn": "^8.12.1", + "acorn": "^8.14.0", "pathe": "^1.1.2", - "pkg-types": "^1.2.0", + "pkg-types": "^1.2.1", "ufo": "^1.5.4" } }, @@ -6865,9 +6871,9 @@ } }, "node_modules/object-inspect": { - "version": "1.13.2", - "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.2.tgz", - "integrity": "sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==", + "version": "1.13.3", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.3.tgz", + "integrity": "sha512-kDCGIbxkDSXE3euJZZXzc6to7fCrKHNI/hSRQnRuQ+BWjFNzZwiFF8fj/6o2t2G9/jTj8PSIYTfCLelLZEeRpA==", "dev": true, "license": "MIT", "engines": { @@ -7035,9 +7041,9 @@ } }, "node_modules/package-manager-detector": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/package-manager-detector/-/package-manager-detector-0.2.2.tgz", - "integrity": "sha512-VgXbyrSNsml4eHWIvxxG/nTL4wgybMTXCV2Un/+yEc3aDKKU6nQBZjbeP3Pl3qm9Qg92X/1ng4ffvCeD/zwHgg==", + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/package-manager-detector/-/package-manager-detector-0.2.4.tgz", + "integrity": "sha512-H/OUu9/zUfP89z1APcBf2X8Us0tt8dUK4lUmKqz12QNXif3DxAs1/YqjGtcutZi1zQqeNQRWr9C+EbQnnvSSFA==", "license": "MIT" }, "node_modules/parent-module": { @@ -7184,9 +7190,9 @@ } }, "node_modules/postcss": { - "version": "8.4.47", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.47.tgz", - "integrity": "sha512-56rxCq7G/XfB4EkXq9Egn5GCqugWvDFjafDOThIdMBsI15iqPqR5r15TfSr1YPYeEI19YeaXMCbY6u88Y76GLQ==", + "version": "8.4.49", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz", + "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==", "dev": true, "funding": [ { @@ -7205,7 +7211,7 @@ "license": "MIT", "dependencies": { "nanoid": "^3.3.7", - "picocolors": "^1.1.0", + "picocolors": "^1.1.1", "source-map-js": "^1.2.1" }, "engines": { @@ -7249,12 +7255,6 @@ "react-is": "^16.13.1" } }, - "node_modules/prop-types/node_modules/react-is": { - "version": "16.13.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", - "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", - "license": "MIT" - }, "node_modules/prosemirror-changeset": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/prosemirror-changeset/-/prosemirror-changeset-2.2.1.tgz", @@ -7574,6 +7574,12 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/ra-core/node_modules/react-is": { + "version": "18.3.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", + "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "license": "MIT" + }, "node_modules/ra-core/node_modules/split-on-first": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/split-on-first/-/split-on-first-1.1.0.tgz", @@ -7818,9 +7824,9 @@ } }, "node_modules/react-is": { - "version": "18.3.1", - "resolved": "https://registry.npmjs.org/react-is/-/react-is-18.3.1.tgz", - "integrity": "sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==", + "version": "16.13.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", + "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", "license": "MIT" }, "node_modules/react-oidc-context": { @@ -8220,9 +8226,9 @@ "license": "Unlicense" }, "node_modules/rollup": { - "version": "4.24.4", - "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.24.4.tgz", - "integrity": "sha512-vGorVWIsWfX3xbcyAS+I047kFKapHYivmkaT63Smj77XwvLSJos6M1xGqZnBPFQFBRZDOcG1QnYEIxAvTr/HjA==", + "version": "4.27.3", + "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.27.3.tgz", + "integrity": "sha512-SLsCOnlmGt9VoZ9Ek8yBK8tAdmPHeppkw+Xa7yDlCEhDTvwYei03JlWo1fdc7YTfLZ4tD8riJCUyAgTbszk1fQ==", "dev": true, "license": "MIT", "dependencies": { @@ -8236,24 +8242,24 @@ "npm": ">=8.0.0" }, "optionalDependencies": { - "@rollup/rollup-android-arm-eabi": "4.24.4", - "@rollup/rollup-android-arm64": "4.24.4", - "@rollup/rollup-darwin-arm64": "4.24.4", - "@rollup/rollup-darwin-x64": "4.24.4", - "@rollup/rollup-freebsd-arm64": "4.24.4", - "@rollup/rollup-freebsd-x64": "4.24.4", - "@rollup/rollup-linux-arm-gnueabihf": "4.24.4", - "@rollup/rollup-linux-arm-musleabihf": "4.24.4", - "@rollup/rollup-linux-arm64-gnu": "4.24.4", - "@rollup/rollup-linux-arm64-musl": "4.24.4", - "@rollup/rollup-linux-powerpc64le-gnu": "4.24.4", - "@rollup/rollup-linux-riscv64-gnu": "4.24.4", - "@rollup/rollup-linux-s390x-gnu": "4.24.4", - "@rollup/rollup-linux-x64-gnu": "4.24.4", - "@rollup/rollup-linux-x64-musl": "4.24.4", - "@rollup/rollup-win32-arm64-msvc": "4.24.4", - "@rollup/rollup-win32-ia32-msvc": "4.24.4", - "@rollup/rollup-win32-x64-msvc": "4.24.4", + "@rollup/rollup-android-arm-eabi": "4.27.3", + "@rollup/rollup-android-arm64": "4.27.3", + "@rollup/rollup-darwin-arm64": "4.27.3", + "@rollup/rollup-darwin-x64": "4.27.3", + "@rollup/rollup-freebsd-arm64": "4.27.3", + "@rollup/rollup-freebsd-x64": "4.27.3", + "@rollup/rollup-linux-arm-gnueabihf": "4.27.3", + "@rollup/rollup-linux-arm-musleabihf": "4.27.3", + "@rollup/rollup-linux-arm64-gnu": "4.27.3", + "@rollup/rollup-linux-arm64-musl": "4.27.3", + "@rollup/rollup-linux-powerpc64le-gnu": "4.27.3", + "@rollup/rollup-linux-riscv64-gnu": "4.27.3", + "@rollup/rollup-linux-s390x-gnu": "4.27.3", + "@rollup/rollup-linux-x64-gnu": "4.27.3", + "@rollup/rollup-linux-x64-musl": "4.27.3", + "@rollup/rollup-win32-arm64-msvc": "4.27.3", + "@rollup/rollup-win32-ia32-msvc": "4.27.3", + "@rollup/rollup-win32-x64-msvc": "4.27.3", "fsevents": "~2.3.2" } }, From 9750a1c1aaf8876cac76ae935e3140cdf6be704f Mon Sep 17 00:00:00 2001 From: Stefan Fleckenstein Date: Tue, 19 Nov 2024 20:37:20 +0000 Subject: [PATCH 14/14] chore: prepare for release 1.22.3 (#2232) --- backend/application/__init__.py | 2 +- backend/pyproject.toml | 2 +- .../parsers/cyclone_dx/files/changed/licenses_1.json | 8 ++++---- .../parsers/cyclone_dx/files/licenses_1.json | 2 +- .../services/test_import_observations.py | 2 +- .../vex/api/files/csaf_given_vulnerability.json | 2 +- .../api/files/csaf_given_vulnerability_update.json | 2 +- .../vex/api/files/csaf_product_branches.json | 2 +- .../vex/api/files/csaf_product_given_branch.json | 2 +- .../vex/api/files/csaf_product_no_branch.json | 2 +- .../vex/api/files/csaf_product_no_branch_update.json | 2 +- .../vex/api/files/openvex_given_vulnerability.json | 2 +- .../files/openvex_given_vulnerability_update.json | 2 +- .../vex/api/files/openvex_product_branches.json | 2 +- .../vex/api/files/openvex_product_given_branch.json | 2 +- .../vex/api/files/openvex_product_no_branch.json | 2 +- .../api/files/openvex_product_no_branch_update.json | 2 +- .../vex/services/files/so_csaf_2024_0001_0001.json | 2 +- .../services/files/so_csaf_2024_0001_0001_short.json | 2 +- .../services/files/so_openvex_2024_0001_0001.json | 2 +- docker-compose-prod-mysql.yml | 4 ++-- docker-compose-prod-postgres.yml | 4 ++-- docs/getting_started/installation.md | 4 ++-- end_to_end_tests/package-lock.json | 4 ++-- end_to_end_tests/package.json | 2 +- frontend/package-lock.json | 4 ++-- frontend/package.json | 2 +- so_configuration_sca_current.yml | 12 ++++++------ 28 files changed, 41 insertions(+), 41 deletions(-) diff --git a/backend/application/__init__.py b/backend/application/__init__.py index b610e6c6b..30f15b9a8 100644 --- a/backend/application/__init__.py +++ b/backend/application/__init__.py @@ -1,4 +1,4 @@ -__version__ = "1.22.2" +__version__ = "1.22.3" import pymysql diff --git a/backend/pyproject.toml b/backend/pyproject.toml index 122703495..45682d7c1 100644 --- a/backend/pyproject.toml +++ b/backend/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "SecObserve" -version = "1.22.2" +version = "1.22.3" description = "SecObserve is an open source vulnerability management system for software development and cloud environments." license = "BSD-3-Clause" authors = [ diff --git a/backend/unittests/import_observations/parsers/cyclone_dx/files/changed/licenses_1.json b/backend/unittests/import_observations/parsers/cyclone_dx/files/changed/licenses_1.json index a0903cb87..568e5040e 100644 --- a/backend/unittests/import_observations/parsers/cyclone_dx/files/changed/licenses_1.json +++ b/backend/unittests/import_observations/parsers/cyclone_dx/files/changed/licenses_1.json @@ -31,11 +31,11 @@ ], "component": { "name": "SecObserve", - "version": "1.22.2", + "version": "1.22.3", "description": "SecObserve is an open source vulnerability management system for software development and cloud environments.", "type": "application", - "bom-ref": "pkg:pypi/secobserve@1.22.2", - "purl": "pkg:pypi/secobserve@1.22.2" + "bom-ref": "pkg:pypi/secobserve@1.22.3", + "purl": "pkg:pypi/secobserve@1.22.3" }, "properties": [ { @@ -2792,7 +2792,7 @@ ], "dependencies": [ { - "ref": "pkg:pypi/secobserve@1.22.2", + "ref": "pkg:pypi/secobserve@1.22.3", "dependsOn": [ "pkg:pypi/argon2-cffi@23.1.0", "pkg:pypi/cvss@3.2", diff --git a/backend/unittests/import_observations/parsers/cyclone_dx/files/licenses_1.json b/backend/unittests/import_observations/parsers/cyclone_dx/files/licenses_1.json index f2dea8f51..66afa38da 100644 --- a/backend/unittests/import_observations/parsers/cyclone_dx/files/licenses_1.json +++ b/backend/unittests/import_observations/parsers/cyclone_dx/files/licenses_1.json @@ -1 +1 @@ -{"bomFormat":"CycloneDX","specVersion":"1.5","serialNumber":"urn:uuid:12f6dd75-f31f-48a8-8b59-c7c9f87d68c9","version":1,"metadata":{"timestamp":"2024-10-22T12:15:48Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"10.10.6","purl":"pkg:npm/%40cyclonedx/cdxgen@10.10.6","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@10.10.6","author":"OWASP Foundation","publisher":"OWASP Foundation"}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"SecObserve","version":"1.22.2","description":"SecObserve is an open source vulnerability management system for software development and cloud environments.","type":"application","bom-ref":"pkg:pypi/secobserve@1.22.2","purl":"pkg:pypi/secobserve@1.22.2"},"properties":[{"name":"cdx:bom:componentTypes","value":"pypi"}]},"components":[{"author":"Hynek Schlawack ","group":"","name":"argon2-cffi-bindings","version":"21.2.0","description":"Low-level CFFI bindings for Argon2","hashes":[{"alg":"SHA-256","content":"ccb949252cb2ab3a08c02024acb77cfb179492d5701c7cbdbfd776124d4d2367"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/argon2-cffi-bindings@21.2.0","externalReferences":[{"type":"vcs","url":"https://github.com/hynek/argon2-cffi-bindings"}],"type":"library","bom-ref":"pkg:pypi/argon2-cffi-bindings@21.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Hynek Schlawack ","group":"","name":"argon2-cffi","version":"23.1.0","description":"Argon2 for Python","hashes":[{"alg":"SHA-256","content":"c670642b78ba29641818ab2e68bd4e6a78ba53b7eff7b4c3815ae16abf91c7ea"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/argon2-cffi@23.1.0","type":"library","bom-ref":"pkg:pypi/argon2-cffi@23.1.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Django Software Foundation ","group":"","name":"asgiref","version":"3.8.1","description":"ASGI specs, helper code, and adapters","hashes":[{"alg":"SHA-256","content":"3e1e3ecc849832fe52ccf2cb6686b7a55f82bb1d6aee72a58826471390335e47"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/asgiref@3.8.1","externalReferences":[{"type":"vcs","url":"https://github.com/django/asgiref/"}],"type":"library","bom-ref":"pkg:pypi/asgiref@3.8.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Hynek Schlawack ","group":"","name":"attrs","version":"24.2.0","description":"Classes Without Boilerplate","hashes":[{"alg":"SHA-256","content":"81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/attrs@24.2.0","type":"library","bom-ref":"pkg:pypi/attrs@24.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Eric Larson , Frost Ming , William Woodruff ","group":"","name":"CacheControl","version":"0.14.0","description":"httplib2 caching for requests","hashes":[{"alg":"SHA-256","content":"f5bf3f0620c38db2e5122c0726bdebb0d16869de966ea6a2befe92470b740ea0"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/cachecontrol@0.14.0","type":"library","bom-ref":"pkg:pypi/cachecontrol@0.14.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Kenneth Reitz ","group":"","name":"certifi","version":"2024.8.30","description":"Python package for providing Mozilla's CA Bundle.","hashes":[{"alg":"SHA-256","content":"922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8"}],"licenses":[{"license":{"id":"MPL-2.0","url":"https://opensource.org/licenses/MPL-2.0"}}],"purl":"pkg:pypi/certifi@2024.8.30","externalReferences":[{"type":"vcs","url":"https://github.com/certifi/python-certifi"}],"type":"library","bom-ref":"pkg:pypi/certifi@2024.8.30","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Armin Rigo, Maciej Fijalkowski ","group":"","name":"cffi","version":"1.17.1","description":"Foreign Function Interface for Python calling C code.","hashes":[{"alg":"SHA-256","content":"df8b1c11f177bc2313ec4b2d46baec87a5f3e71fc8b45dab2ee7cae86d9aba14"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/cffi@1.17.1","externalReferences":[{"type":"website","url":"http://cffi.readthedocs.org"}],"type":"library","bom-ref":"pkg:pypi/cffi@1.17.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ahmed TAHRI ","group":"","name":"charset-normalizer","version":"3.4.0","description":"The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.","hashes":[{"alg":"SHA-256","content":"4f9fc98dad6c2eaa32fc3af1417d95b5e3d08aff968df0cd320066def971f9a6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/charset-normalizer@3.4.0","externalReferences":[{"type":"vcs","url":"https://github.com/Ousret/charset_normalizer"}],"type":"library","bom-ref":"pkg:pypi/charset-normalizer@3.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"The cryptography developers >","group":"","name":"cryptography","version":"43.0.1","description":"cryptography is a package which provides cryptographic recipes and primitives to Python developers.","hashes":[{"alg":"SHA-256","content":"8385d98f6a3bf8bb2d65a73e17ed87a3ba84f6991c155691c51112075f9ffc5d"}],"licenses":[{"expression":"Apache-2.0 OR BSD-3-Clause"}],"purl":"pkg:pypi/cryptography@43.0.1","type":"library","bom-ref":"pkg:pypi/cryptography@43.0.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"43.0.3"},{"name":"cdx:pypi:resolved_from","value":"cryptography"}]},{"author":"Stanislav Kontar, Red Hat Product Security ","group":"","name":"cvss","version":"3.2","description":"CVSS2/3/4 library with interactive calculator for Python 2 and Python 3","hashes":[{"alg":"SHA-256","content":"e2c2fbc8943c6df83d23c7ad74bb9c5e584c666a9455b013b598e292e5018469"}],"licenses":[{"license":{"id":"LGPL-3.0-or-later","url":"https://opensource.org/licenses/LGPL-3.0-or-later"}}],"purl":"pkg:pypi/cvss@3.2","externalReferences":[{"type":"vcs","url":"https://github.com/RedHatProductSecurity/cvss"}],"type":"library","bom-ref":"pkg:pypi/cvss@3.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Raphael Michel ","group":"","name":"defusedcsv","version":"2.0.0","description":"Drop-in replacement for Python's CSV library that tries to mitigate CSV injection attacks","hashes":[{"alg":"SHA-256","content":"a7bc3b1ac1ce4f8c6c1e8740466b1b5789b51ca18d918b0099313dc0cdf2cef4"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/defusedcsv@2.0.0","externalReferences":[{"type":"vcs","url":"https://github.com/raphaelm/defusedcsv"}],"type":"library","bom-ref":"pkg:pypi/defusedcsv@2.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Christian Heimes ","group":"","name":"defusedxml","version":"0.7.1","description":"XML bomb protection for Python stdlib modules","hashes":[{"alg":"SHA-256","content":"a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61"}],"licenses":[{"license":{"id":"PSF-2.0","url":"https://opensource.org/licenses/PSF-2.0"}}],"purl":"pkg:pypi/defusedxml@0.7.1","externalReferences":[{"type":"vcs","url":"https://github.com/tiran/defusedxml"}],"type":"library","bom-ref":"pkg:pypi/defusedxml@0.7.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Otto Yiu ","group":"","name":"django-cors-headers","version":"4.5.0","description":"django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS).","hashes":[{"alg":"SHA-256","content":"28c1ded847aa70208798de3e42422a782f427b8b720e8d7319d34b654b5978e6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-cors-headers@4.5.0","type":"framework","bom-ref":"pkg:pypi/django-cors-headers@4.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"James Socol ","group":"","name":"django-csp","version":"3.8","description":"Django Content Security Policy support.","hashes":[{"alg":"SHA-256","content":"19b2978b03fcd73517d7d67acbc04fbbcaec0facc3e83baa502965892d1e0719"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/django-csp@3.8","type":"framework","bom-ref":"pkg:pypi/django-csp@3.8","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Scott Sharkey ","group":"","name":"django-encrypted-model-fields","version":"0.6.5","description":"A set of fields that wrap standard Django fields with encryption provided by the python cryptography library.","hashes":[{"alg":"SHA-256","content":"b21bbdd8ae2e1a0ea37a5049b3ba46e6e63bf287ad241219a058fac1070796cc"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-encrypted-model-fields@0.6.5","externalReferences":[{"type":"vcs","url":"https://gitlab.com/lansharkconsulting/django/django-encrypted-model-fields"}],"type":"framework","bom-ref":"pkg:pypi/django-encrypted-model-fields@0.6.5","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Daniele Faraglia ","group":"","name":"django-environ","version":"0.11.2","description":"A package that allows you to utilize 12factor inspired environment variables to configure your Django application.","hashes":[{"alg":"SHA-256","content":"0ff95ab4344bfeff693836aa978e6840abef2e2f1145adff7735892711590c05"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-environ@0.11.2","externalReferences":[{"type":"website","url":"https://django-environ.readthedocs.org"}],"type":"framework","bom-ref":"pkg:pypi/django-environ@0.11.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Alex Gaynor ","group":"","name":"django-filter","version":"24.3","description":"Django-filter is a reusable Django application for allowing users to filter querysets dynamically.","hashes":[{"alg":"SHA-256","content":"c4852822928ce17fb699bcfccd644b3574f1a2d80aeb2b4ff4f16b02dd49dc64"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/django-filter@24.3","type":"framework","bom-ref":"pkg:pypi/django-filter@24.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Simon Charette ","group":"","name":"django-picklefield","version":"3.2","description":"Pickled object field for Django","hashes":[{"alg":"SHA-256","content":"e9a73539d110f69825d9320db18bcb82e5189ff48dbed41821c026a20497764c"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-picklefield@3.2","externalReferences":[{"type":"vcs","url":"http://github.com/gintas/django-picklefield"}],"type":"framework","bom-ref":"pkg:pypi/django-picklefield@3.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Django Software Foundation ","group":"","name":"Django","version":"5.1.2","description":"A high-level Python web framework that encourages rapid development and clean, pragmatic design.","hashes":[{"alg":"SHA-256","content":"f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/django@5.1.2","type":"framework","bom-ref":"pkg:pypi/django@5.1.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Tom Christie ","group":"","name":"djangorestframework","version":"3.15.2","description":"Web APIs for Django, made easy.","hashes":[{"alg":"SHA-256","content":"2b8871b062ba1aefc2de01f773875441a961fefbf79f5eed1e32b2f096944b20"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/djangorestframework@3.15.2","externalReferences":[{"type":"website","url":"https://www.django-rest-framework.org/"}],"type":"framework","bom-ref":"pkg:pypi/djangorestframework@3.15.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Bob Halley ","group":"","name":"dnspython","version":"2.7.0","description":"DNS toolkit","hashes":[{"alg":"SHA-256","content":"b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86"}],"licenses":[{"license":{"id":"ISC","url":"https://opensource.org/licenses/ISC"}}],"purl":"pkg:pypi/dnspython@2.7.0","type":"library","bom-ref":"pkg:pypi/dnspython@2.7.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"T. Franzel ","group":"","name":"drf-spectacular-sidecar","version":"2024.7.1","description":"Serve self-contained distribution builds of Swagger UI and Redoc with Django","hashes":[{"alg":"SHA-256","content":"5dc8b38ad153e90b328152674c7959bf114bf86360a617a5a4516e135cb832bc"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","externalReferences":[{"type":"vcs","url":"https://github.com/tfranzel/drf-spectacular-sidecar"}],"type":"library","bom-ref":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"T. Franzel ","group":"","name":"drf-spectacular","version":"0.27.2","description":"Sane and flexible OpenAPI 3 schema generation for Django REST framework","hashes":[{"alg":"SHA-256","content":"b1c04bf8b2fbbeaf6f59414b4ea448c8787aba4d32f76055c3b13335cf7ec37b"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/drf-spectacular@0.27.2","externalReferences":[{"type":"vcs","url":"https://github.com/tfranzel/drf-spectacular"}],"type":"framework","bom-ref":"pkg:pypi/drf-spectacular@0.27.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Joshua Tauberer ","group":"","name":"email-validator","version":"2.1.1","description":"A robust email address syntax and deliverability validation library.","hashes":[{"alg":"SHA-256","content":"97d882d174e2a65732fb43bfce81a3a834cbc1bde8bf419e30ef5ea976370a05"}],"licenses":[{"expression":"The Unlicense (Unlicense)"}],"purl":"pkg:pypi/email-validator@2.1.1","externalReferences":[{"type":"vcs","url":"https://github.com/JoshData/python-email-validator"}],"type":"library","bom-ref":"pkg:pypi/email-validator@2.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"2.2.0"},{"name":"cdx:pypi:resolved_from","value":"email-validator"}]},{"author":"See ATUHORS.txt ","group":"","name":"et-xmlfile","version":"1.1.0","description":"An implementation of lxml.xmlfile for the standard library","hashes":[{"alg":"SHA-256","content":"a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/et-xmlfile@1.1.0","externalReferences":[{"type":"website","url":"https://foss.heptapod.net/openpyxl/et_xmlfile"}],"type":"library","bom-ref":"pkg:pypi/et-xmlfile@1.1.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Benoit Chesneau ","group":"","name":"gunicorn","version":"23.0.0","description":"WSGI HTTP Server for UNIX","hashes":[{"alg":"SHA-256","content":"ec400d38950de4dfd418cff8328b2c8faed0edb0d517d3394e457c317908ca4d"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/gunicorn@23.0.0","type":"library","bom-ref":"pkg:pypi/gunicorn@23.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Charles Leifer ","group":"","name":"huey","version":"2.5.2","description":"huey, a little task queue","hashes":[{"alg":"SHA-256","content":"df33db474c05414ed40ee2110e9df692369871734da22d74ffb035a4bd74047f"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/huey@2.5.2","externalReferences":[{"type":"vcs","url":"http://github.com/coleifer/huey/"}],"type":"library","bom-ref":"pkg:pypi/huey@2.5.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kim Davies ","group":"","name":"idna","version":"3.10","description":"Internationalized Domain Names in Applications (IDNA)","hashes":[{"alg":"SHA-256","content":"946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/idna@3.10","type":"library","bom-ref":"pkg:pypi/idna@3.10","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jason R. Coombs\" ","group":"","name":"importlib-metadata","version":"8.5.0","description":"Read metadata from Python packages","hashes":[{"alg":"SHA-256","content":"45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/importlib-metadata@8.5.0","type":"library","bom-ref":"pkg:pypi/importlib-metadata@8.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Paul Dyson ","group":"","name":"inflect","version":"7.4.0","description":"Correctly generate plurals, singular nouns, ordinals, indefinite articles","hashes":[{"alg":"SHA-256","content":"85af0997ee2bda942b1c1eed8c8a827abda91aa3e22d1efaa0eea817f9350ce7"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/inflect@7.4.0","type":"library","bom-ref":"pkg:pypi/inflect@7.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Janne Vanhala ","group":"","name":"inflection","version":"0.5.1","description":"A port of Ruby on Rails inflector to Python","hashes":[{"alg":"SHA-256","content":"f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/inflection@0.5.1","externalReferences":[{"type":"vcs","url":"https://github.com/jpvanhal/inflection"}],"type":"library","bom-ref":"pkg:pypi/inflection@0.5.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ben Speakmon ","group":"","name":"jira","version":"3.8.0","description":"Python library for interacting with JIRA via REST APIs.","hashes":[{"alg":"SHA-256","content":"12190dc84dad00b8a6c0341f7e8a254b0f38785afdec022bd5941e1184a5a3fb"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-2-Clause","url":"https://opensource.org/licenses/BSD-2-Clause"}}],"purl":"pkg:pypi/jira@3.8.0","externalReferences":[{"type":"vcs","url":"https://github.com/pycontribs/jira"}],"type":"library","bom-ref":"pkg:pypi/jira@3.8.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"David Aguilar ","group":"","name":"jsonpickle","version":"3.3.0","description":"Python library for serializing arbitrary object graphs into JSON","hashes":[{"alg":"SHA-256","content":"287c12143f35571ab00e224fa323aa4b090d5a7f086f5f494d7ee9c7eb1a380a"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/jsonpickle@3.3.0","externalReferences":[{"type":"vcs","url":"https://github.com/jsonpickle/jsonpickle"}],"type":"library","bom-ref":"pkg:pypi/jsonpickle@3.3.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"jsonschema-specifications","version":"2024.10.1","description":"The JSON Schema meta-schemas and vocabularies, exposed as a Registry","hashes":[{"alg":"SHA-256","content":"a09a0680616357d9a0ecf05c12ad234479f549239d0f5b55f3deea67475da9bf"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/jsonschema-specifications@2024.10.1","type":"library","bom-ref":"pkg:pypi/jsonschema-specifications@2024.10.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"jsonschema","version":"4.23.0","description":"An implementation of JSON Schema validation for Python","hashes":[{"alg":"SHA-256","content":"fbadb6f8b144a8f8cf9f0b89ba94501d143e50411a1278633f56a7acf7fd5566"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/jsonschema@4.23.0","type":"library","bom-ref":"pkg:pypi/jsonschema@4.23.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Erik Rose ","group":"","name":"more-itertools","version":"10.5.0","description":"More routines for operating on iterables, beyond itertools","hashes":[{"alg":"SHA-256","content":"037b0d3203ce90cca8ab1defbbdac29d5f993fc20131f3664dc8d6acfa872aef"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/more-itertools@10.5.0","type":"library","bom-ref":"pkg:pypi/more-itertools@10.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Inada Naoki ","group":"","name":"msgpack","version":"1.1.0","description":"MessagePack serializer","hashes":[{"alg":"SHA-256","content":"7ad442d527a7e358a469faf43fda45aaf4ac3249c8310a82f0ccff9164e5dccd"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/msgpack@1.1.0","type":"library","bom-ref":"pkg:pypi/msgpack@1.1.0","evidence":{"identity":{"field":"purl","confidence":0.8,"methods":[{"technique":"manifest-analysis","confidence":0.8,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"The OAuthlib Community ","group":"","name":"oauthlib","version":"3.2.2","description":"A generic, spec-compliant, thorough implementation of the OAuth request-signing logic","hashes":[{"alg":"SHA-256","content":"8139f29aac13e25d502680e9e19963e83f16838d48a0d71c287fe40e7067fbca"}],"licenses":[{"expression":"OSI Approved"}],"purl":"pkg:pypi/oauthlib@3.2.2","externalReferences":[{"type":"vcs","url":"https://github.com/oauthlib/oauthlib"}],"type":"library","bom-ref":"pkg:pypi/oauthlib@3.2.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"See AUTHORS ","group":"","name":"openpyxl","version":"3.1.5","description":"A Python library to read/write Excel 2010 xlsx/xlsm files","hashes":[{"alg":"SHA-256","content":"5282c12b107bffeef825f4617dc029afaf41d0ea60823bbb665ef3079dc79de2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/openpyxl@3.1.5","externalReferences":[{"type":"website","url":"https://openpyxl.readthedocs.io"}],"type":"library","bom-ref":"pkg:pypi/openpyxl@3.1.5","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"the purl authors","group":"","name":"packageurl-python","version":"0.16.0","description":"A purl aka. Package URL parser and builder","hashes":[{"alg":"SHA-256","content":"5c3872638b177b0f1cf01c3673017b7b27ebee485693ae12a8bed70fa7fa7c35"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/packageurl-python@0.16.0","externalReferences":[{"type":"vcs","url":"https://github.com/package-url/packageurl-python"}],"type":"library","bom-ref":"pkg:pypi/packageurl-python@0.16.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Donald Stufft ","group":"","name":"packaging","version":"24.1","description":"Core utilities for Python packages","hashes":[{"alg":"SHA-256","content":"5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}},{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/packaging@24.1","type":"library","bom-ref":"pkg:pypi/packaging@24.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jeffrey A. Clark\" ","group":"","name":"pillow","version":"10.4.0","description":"Python Imaging Library (Fork)","hashes":[{"alg":"SHA-256","content":"4d9667937cfa347525b319ae34375c37b9ee6b525440f3ef48542fcf66f2731e"}],"licenses":[{"expression":"CMU License (MIT-CMU)"}],"purl":"pkg:pypi/pillow@10.4.0","type":"library","bom-ref":"pkg:pypi/pillow@10.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"11.0.0"},{"name":"cdx:pypi:resolved_from","value":"pillow"}]},{"author":"Daniele Varrazzo ","group":"","name":"psycopg-binary","version":"3.2.3","description":"PostgreSQL database adapter for Python -- C optimisation distribution","hashes":[{"alg":"SHA-256","content":"965455eac8547f32b3181d5ec9ad8b9be500c10fe06193543efaaebe3e4ce70c"}],"licenses":[{"license":{"id":"LGPL-3.0-only","url":"https://opensource.org/licenses/LGPL-3.0-only"}}],"purl":"pkg:pypi/psycopg-binary@3.2.3","externalReferences":[{"type":"website","url":"https://psycopg.org/psycopg3/"}],"type":"library","bom-ref":"pkg:pypi/psycopg-binary@3.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Daniele Varrazzo ","group":"","name":"psycopg","version":"3.2.3","description":"PostgreSQL database adapter for Python","hashes":[{"alg":"SHA-256","content":"644d3973fe26908c73d4be746074f6e5224b03c1101d302d9a53bf565ad64907"}],"licenses":[{"license":{"id":"LGPL-3.0-only","url":"https://opensource.org/licenses/LGPL-3.0-only"}}],"purl":"pkg:pypi/psycopg@3.2.3","externalReferences":[{"type":"website","url":"https://psycopg.org/psycopg3/"}],"type":"library","bom-ref":"pkg:pypi/psycopg@3.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Prowler Team ","group":"","name":"py-ocsf-models","version":"0.1.1","description":"This is a Python implementation of the OCSF models. The models are used to represent the data of the OCSF Schema defined in https://schema.ocsf.io/.","hashes":[{"alg":"SHA-256","content":"c6ea465fda85470b938a48da65b1f19664f6d83820ebe849ef5551094e6768de"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/py-ocsf-models@0.1.1","type":"library","bom-ref":"pkg:pypi/py-ocsf-models@0.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"0.2.0"},{"name":"cdx:pypi:resolved_from","value":"py-ocsf-models"}]},{"author":"Eli Bendersky ","group":"","name":"pycparser","version":"2.22","description":"C parser in Python","hashes":[{"alg":"SHA-256","content":"c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/pycparser@2.22","externalReferences":[{"type":"vcs","url":"https://github.com/eliben/pycparser"}],"type":"library","bom-ref":"pkg:pypi/pycparser@2.22","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Samuel Colvin , Eric Jolibois , Hasan Ramezani , Adrian Garcia Badaracco <1755071+adriangb@users.noreply.github.com>, Terrence Dorsey , David Montague , Serge Matveenko , Marcelo Trylesinski , Sydney Runkle , David Hewitt , Alex Hall ","group":"","name":"pydantic","version":"1.10.15","description":"Data validation using Python type hints","hashes":[{"alg":"SHA-256","content":"22ed12ee588b1df028a2aa5d66f07bf8f8b4c8579c2e96d5a9c1f96b77f3bb55"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pydantic@1.10.15","type":"library","bom-ref":"pkg:pypi/pydantic@1.10.15","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"2.9.2"},{"name":"cdx:pypi:resolved_from","value":"pydantic"}]},{"author":"Jose Padilla ","group":"","name":"PyJWT","version":"2.9.0","description":"JSON Web Token implementation in Python","hashes":[{"alg":"SHA-256","content":"3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyjwt@2.9.0","externalReferences":[{"type":"vcs","url":"https://github.com/jpadilla/pyjwt"}],"type":"library","bom-ref":"pkg:pypi/pyjwt@2.9.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Inada Naoki , Yutaka Matsubara ","group":"","name":"PyMySQL","version":"1.1.1","description":"Pure Python MySQL Driver","hashes":[{"alg":"SHA-256","content":"4de15da4c61dc132f4fb9ab763063e693d521a80fd0e87943b9a453dd4c19d6c"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pymysql@1.1.1","type":"library","bom-ref":"pkg:pypi/pymysql@1.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Thomas Kluyver ","group":"","name":"pyproject-hooks","version":"1.2.0","description":"Wrappers to call pyproject.toml-based build backend hooks.","hashes":[{"alg":"SHA-256","content":"9e5c6bfa8dcc30091c74b0cf803c81fdd29d94f01992a7707bc97babb1141913"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyproject-hooks@1.2.0","type":"library","bom-ref":"pkg:pypi/pyproject-hooks@1.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Kirill Simonov ","group":"","name":"PyYAML","version":"6.0.2","description":"YAML parser and emitter for Python","hashes":[{"alg":"SHA-256","content":"0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyyaml@6.0.2","externalReferences":[{"type":"website","url":"https://pyyaml.org/"}],"type":"library","bom-ref":"pkg:pypi/pyyaml@6.0.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Max Bachmann ","group":"","name":"RapidFuzz","version":"3.10.0","description":"rapid fuzzy string matching","hashes":[{"alg":"SHA-256","content":"884453860de029380dded8f3c1918af2d8eb5adf8010261645c7e5c88c2b5428"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/rapidfuzz@3.10.0","type":"library","bom-ref":"pkg:pypi/rapidfuzz@3.10.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Julian Berman ","group":"","name":"referencing","version":"0.35.1","description":"JSON Referencing + Python","hashes":[{"alg":"SHA-256","content":"eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/referencing@0.35.1","type":"library","bom-ref":"pkg:pypi/referencing@0.35.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kenneth Reitz ","group":"","name":"requests-oauthlib","version":"2.0.0","description":"OAuthlib authentication support for Requests.","hashes":[{"alg":"SHA-256","content":"7dd8a5c40426b779b0868c404bdef9768deccf22749cde15852df527e6269b36"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"ISC","url":"https://opensource.org/licenses/ISC"}}],"purl":"pkg:pypi/requests-oauthlib@2.0.0","externalReferences":[{"type":"vcs","url":"https://github.com/requests/requests-oauthlib"}],"type":"library","bom-ref":"pkg:pypi/requests-oauthlib@2.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ian Cordasco, Cory Benfield ","group":"","name":"requests-toolbelt","version":"1.0.0","description":"A utility belt for advanced users of python-requests","hashes":[{"alg":"SHA-256","content":"cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/requests-toolbelt@1.0.0","externalReferences":[{"type":"website","url":"https://toolbelt.readthedocs.io/"}],"type":"library","bom-ref":"pkg:pypi/requests-toolbelt@1.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kenneth Reitz ","group":"","name":"requests","version":"2.32.3","description":"Python HTTP for Humans.","hashes":[{"alg":"SHA-256","content":"70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/requests@2.32.3","externalReferences":[{"type":"website","url":"https://requests.readthedocs.io"}],"type":"library","bom-ref":"pkg:pypi/requests@2.32.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"rpds-py","version":"0.20.0","description":"Python bindings to Rust's persistent data structures (rpds)","hashes":[{"alg":"SHA-256","content":"3ad0fda1635f8439cde85c700f964b23ed5fc2d28016b32b9ee5fe30da5c84e2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/rpds-py@0.20.0","type":"library","bom-ref":"pkg:pypi/rpds-py@0.20.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Andi Albrecht ","group":"","name":"sqlparse","version":"0.5.1","description":"A non-validating SQL parser.","hashes":[{"alg":"SHA-256","content":"773dcbf9a5ab44a090f3441e2180efe2560220203dc2f8c0b0fa141e18b505e4"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/sqlparse@0.5.1","type":"library","bom-ref":"pkg:pypi/sqlparse@0.5.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Alex Grönholm ","group":"","name":"typeguard","version":"4.3.0","description":"Run-time type checker for Python","hashes":[{"alg":"SHA-256","content":"4d24c5b39a117f8a895b9da7a9b3114f04eb63bade45a4492de49b175b6f7dfa"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/typeguard@4.3.0","type":"library","bom-ref":"pkg:pypi/typeguard@4.3.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Guido van Rossum, Jukka Lehtosalo, Łukasz Langa, Michael Lee\" ","group":"","name":"typing-extensions","version":"4.12.2","description":"Backported and Experimental Type Hints for Python 3.8+","hashes":[{"alg":"SHA-256","content":"04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d"}],"licenses":[{"license":{"id":"PSF-2.0","url":"https://opensource.org/licenses/PSF-2.0"}}],"purl":"pkg:pypi/typing-extensions@4.12.2","type":"library","bom-ref":"pkg:pypi/typing-extensions@4.12.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Python Software Foundation ","group":"","name":"tzdata","version":"2024.2","description":"Provider of IANA time zone data","hashes":[{"alg":"SHA-256","content":"a48093786cdcde33cad18c2555e8532f34422074448fbc874186f0abd79565cd"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/tzdata@2024.2","externalReferences":[{"type":"vcs","url":"https://github.com/python/tzdata"}],"type":"library","bom-ref":"pkg:pypi/tzdata@2024.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ian Stapleton Cordasco ","group":"","name":"uritemplate","version":"4.1.1","description":"Implementation of RFC 6570 URI Templates","hashes":[{"alg":"SHA-256","content":"830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e"}],"licenses":[{"expression":"OSI Approved OR BSD 3-Clause License or Apache License, Version 2.0"}],"purl":"pkg:pypi/uritemplate@4.1.1","externalReferences":[{"type":"website","url":"https://uritemplate.readthedocs.org"}],"type":"library","bom-ref":"pkg:pypi/uritemplate@4.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Andrey Petrov ","group":"","name":"urllib3","version":"2.2.3","description":"HTTP library with thread-safe connection pooling, file post, and more.","hashes":[{"alg":"SHA-256","content":"ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/urllib3@2.2.3","type":"library","bom-ref":"pkg:pypi/urllib3@2.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Konsta Vesterinen ","group":"","name":"validators","version":"0.34.0","description":"Python Data Validation for Humans™","hashes":[{"alg":"SHA-256","content":"c804b476e3e6d3786fa07a30073a4ef694e617805eb1946ceee3fe5a9b8b1321"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/validators@0.34.0","type":"library","bom-ref":"pkg:pypi/validators@0.34.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"David Evans","group":"","name":"whitenoise","version":"6.7.0","description":"Radically simplified static file serving for WSGI applications","hashes":[{"alg":"SHA-256","content":"a1ae85e01fdc9815d12fa33f17765bc132ed2c54fa76daf9e39e879dd93566f6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/whitenoise@6.7.0","type":"library","bom-ref":"pkg:pypi/whitenoise@6.7.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jason R. Coombs\" ","group":"","name":"zipp","version":"3.20.2","description":"Backport of pathlib-compatible object wrapper for zip files","hashes":[{"alg":"SHA-256","content":"a817ac80d6cf4b23bf7f2828b7cabf326f15a001bea8b1f9b49631780ba28350"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/zipp@3.20.2","type":"library","bom-ref":"pkg:pypi/zipp@3.20.2","evidence":{"identity":{"field":"purl","confidence":0.8,"methods":[{"technique":"manifest-analysis","confidence":0.8,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}],"dependencies":[{"ref":"pkg:pypi/secobserve@1.22.2","dependsOn":["pkg:pypi/argon2-cffi@23.1.0","pkg:pypi/cvss@3.2","pkg:pypi/defusedcsv@2.0.0","pkg:pypi/django-cors-headers@4.5.0","pkg:pypi/django-csp@3.8","pkg:pypi/django-encrypted-model-fields@0.6.5","pkg:pypi/django-environ@0.11.2","pkg:pypi/django-filter@24.3","pkg:pypi/django-picklefield@3.2","pkg:pypi/django@5.1.2","pkg:pypi/djangorestframework@3.15.2","pkg:pypi/drf-spectacular-sidecar@2024.7.1","pkg:pypi/drf-spectacular@0.27.2","pkg:pypi/gunicorn@23.0.0","pkg:pypi/huey@2.5.2","pkg:pypi/inflect@7.4.0","pkg:pypi/jira@3.8.0","pkg:pypi/jsonpickle@3.3.0","pkg:pypi/openpyxl@3.1.5","pkg:pypi/packageurl-python@0.16.0","pkg:pypi/psycopg@3.2.3","pkg:pypi/py-ocsf-models@0.1.1","pkg:pypi/pymysql@1.1.1","pkg:pypi/requests@2.32.3","pkg:pypi/validators@0.34.0","pkg:pypi/whitenoise@6.7.0"]},{"ref":"pkg:pypi/argon2-cffi@23.1.0","dependsOn":["pkg:pypi/argon2-cffi-bindings@21.2.0"]},{"ref":"pkg:pypi/argon2-cffi-bindings@21.2.0","dependsOn":["pkg:pypi/cffi@1.17.1"]},{"ref":"pkg:pypi/asgiref@3.8.1","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/attrs@24.2.0","dependsOn":[]},{"ref":"pkg:pypi/certifi@2024.8.30","dependsOn":[]},{"ref":"pkg:pypi/cffi@1.17.1","dependsOn":["pkg:pypi/pycparser@2.22"]},{"ref":"pkg:pypi/charset-normalizer@3.4.0","dependsOn":[]},{"ref":"pkg:pypi/cryptography@43.0.1","dependsOn":["pkg:pypi/cffi@1.17.1"]},{"ref":"pkg:pypi/cvss@3.2","dependsOn":[]},{"ref":"pkg:pypi/defusedcsv@2.0.0","dependsOn":[]},{"ref":"pkg:pypi/defusedxml@0.7.1","dependsOn":[]},{"ref":"pkg:pypi/django@5.1.2","dependsOn":["pkg:pypi/asgiref@3.8.1","pkg:pypi/sqlparse@0.5.1","pkg:pypi/tzdata@2024.2"]},{"ref":"pkg:pypi/django-cors-headers@4.5.0","dependsOn":["pkg:pypi/asgiref@3.8.1","pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-csp@3.8","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-encrypted-model-fields@0.6.5","dependsOn":["pkg:pypi/cryptography@43.0.1","pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-environ@0.11.2","dependsOn":[]},{"ref":"pkg:pypi/django-filter@24.3","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-picklefield@3.2","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/djangorestframework@3.15.2","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/dnspython@2.7.0","dependsOn":[]},{"ref":"pkg:pypi/drf-spectacular@0.27.2","dependsOn":["pkg:pypi/django@5.1.2","pkg:pypi/djangorestframework@3.15.2","pkg:pypi/inflection@0.5.1","pkg:pypi/jsonschema@4.23.0","pkg:pypi/pyyaml@6.0.2","pkg:pypi/uritemplate@4.1.1"]},{"ref":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/email-validator@2.1.1","dependsOn":["pkg:pypi/dnspython@2.7.0","pkg:pypi/idna@3.10"]},{"ref":"pkg:pypi/et-xmlfile@1.1.0","dependsOn":[]},{"ref":"pkg:pypi/gunicorn@23.0.0","dependsOn":["pkg:pypi/packaging@24.1"]},{"ref":"pkg:pypi/huey@2.5.2","dependsOn":[]},{"ref":"pkg:pypi/idna@3.10","dependsOn":[]},{"ref":"pkg:pypi/inflect@7.4.0","dependsOn":["pkg:pypi/more-itertools@10.5.0","pkg:pypi/typeguard@4.3.0"]},{"ref":"pkg:pypi/inflection@0.5.1","dependsOn":[]},{"ref":"pkg:pypi/jira@3.8.0","dependsOn":["pkg:pypi/defusedxml@0.7.1","pkg:pypi/packaging@24.1","pkg:pypi/pillow@10.4.0","pkg:pypi/requests-oauthlib@2.0.0","pkg:pypi/requests-toolbelt@1.0.0","pkg:pypi/requests@2.32.3","pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/jsonpickle@3.3.0","dependsOn":[]},{"ref":"pkg:pypi/jsonschema@4.23.0","dependsOn":["pkg:pypi/attrs@24.2.0","pkg:pypi/jsonschema-specifications@2024.10.1","pkg:pypi/referencing@0.35.1","pkg:pypi/rpds-py@0.20.0"]},{"ref":"pkg:pypi/jsonschema-specifications@2024.10.1","dependsOn":["pkg:pypi/referencing@0.35.1"]},{"ref":"pkg:pypi/more-itertools@10.5.0","dependsOn":[]},{"ref":"pkg:pypi/oauthlib@3.2.2","dependsOn":[]},{"ref":"pkg:pypi/openpyxl@3.1.5","dependsOn":["pkg:pypi/et-xmlfile@1.1.0"]},{"ref":"pkg:pypi/packageurl-python@0.16.0","dependsOn":[]},{"ref":"pkg:pypi/packaging@24.1","dependsOn":[]},{"ref":"pkg:pypi/pillow@10.4.0","dependsOn":[]},{"ref":"pkg:pypi/psycopg@3.2.3","dependsOn":["pkg:pypi/psycopg-binary@3.2.3","pkg:pypi/typing-extensions@4.12.2","pkg:pypi/tzdata@2024.2"]},{"ref":"pkg:pypi/psycopg-binary@3.2.3","dependsOn":[]},{"ref":"pkg:pypi/py-ocsf-models@0.1.1","dependsOn":["pkg:pypi/email-validator@2.1.1","pkg:pypi/pydantic@1.10.15"]},{"ref":"pkg:pypi/pycparser@2.22","dependsOn":[]},{"ref":"pkg:pypi/pydantic@1.10.15","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/pyjwt@2.9.0","dependsOn":[]},{"ref":"pkg:pypi/pymysql@1.1.1","dependsOn":[]},{"ref":"pkg:pypi/pyyaml@6.0.2","dependsOn":[]},{"ref":"pkg:pypi/referencing@0.35.1","dependsOn":["pkg:pypi/attrs@24.2.0","pkg:pypi/rpds-py@0.20.0"]},{"ref":"pkg:pypi/requests@2.32.3","dependsOn":["pkg:pypi/certifi@2024.8.30","pkg:pypi/charset-normalizer@3.4.0","pkg:pypi/idna@3.10","pkg:pypi/urllib3@2.2.3"]},{"ref":"pkg:pypi/requests-oauthlib@2.0.0","dependsOn":["pkg:pypi/oauthlib@3.2.2","pkg:pypi/requests@2.32.3"]},{"ref":"pkg:pypi/requests-toolbelt@1.0.0","dependsOn":["pkg:pypi/requests@2.32.3"]},{"ref":"pkg:pypi/rpds-py@0.20.0","dependsOn":[]},{"ref":"pkg:pypi/sqlparse@0.5.1","dependsOn":[]},{"ref":"pkg:pypi/typeguard@4.3.0","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/typing-extensions@4.12.2","dependsOn":[]},{"ref":"pkg:pypi/tzdata@2024.2","dependsOn":[]},{"ref":"pkg:pypi/uritemplate@4.1.1","dependsOn":[]},{"ref":"pkg:pypi/urllib3@2.2.3","dependsOn":[]},{"ref":"pkg:pypi/validators@0.34.0","dependsOn":[]},{"ref":"pkg:pypi/whitenoise@6.7.0","dependsOn":[]},{"ref":"pkg:pypi/rapidfuzz@3.10.0","dependsOn":[]},{"ref":"pkg:pypi/pyproject-hooks@1.2.0","dependsOn":[]},{"ref":"pkg:pypi/zipp@3.20.2","dependsOn":[]},{"ref":"pkg:pypi/importlib-metadata@8.5.0","dependsOn":["pkg:pypi/zipp@3.20.2"]},{"ref":"pkg:pypi/msgpack@1.1.0","dependsOn":[]},{"ref":"pkg:pypi/cachecontrol@0.14.0","dependsOn":["pkg:pypi/msgpack@1.1.0","pkg:pypi/requests@2.32.3"]}]} \ No newline at end of file +{"bomFormat":"CycloneDX","specVersion":"1.5","serialNumber":"urn:uuid:12f6dd75-f31f-48a8-8b59-c7c9f87d68c9","version":1,"metadata":{"timestamp":"2024-10-22T12:15:48Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"10.10.6","purl":"pkg:npm/%40cyclonedx/cdxgen@10.10.6","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@10.10.6","author":"OWASP Foundation","publisher":"OWASP Foundation"}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"SecObserve","version":"1.22.3","description":"SecObserve is an open source vulnerability management system for software development and cloud environments.","type":"application","bom-ref":"pkg:pypi/secobserve@1.22.3","purl":"pkg:pypi/secobserve@1.22.3"},"properties":[{"name":"cdx:bom:componentTypes","value":"pypi"}]},"components":[{"author":"Hynek Schlawack ","group":"","name":"argon2-cffi-bindings","version":"21.2.0","description":"Low-level CFFI bindings for Argon2","hashes":[{"alg":"SHA-256","content":"ccb949252cb2ab3a08c02024acb77cfb179492d5701c7cbdbfd776124d4d2367"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/argon2-cffi-bindings@21.2.0","externalReferences":[{"type":"vcs","url":"https://github.com/hynek/argon2-cffi-bindings"}],"type":"library","bom-ref":"pkg:pypi/argon2-cffi-bindings@21.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Hynek Schlawack ","group":"","name":"argon2-cffi","version":"23.1.0","description":"Argon2 for Python","hashes":[{"alg":"SHA-256","content":"c670642b78ba29641818ab2e68bd4e6a78ba53b7eff7b4c3815ae16abf91c7ea"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/argon2-cffi@23.1.0","type":"library","bom-ref":"pkg:pypi/argon2-cffi@23.1.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Django Software Foundation ","group":"","name":"asgiref","version":"3.8.1","description":"ASGI specs, helper code, and adapters","hashes":[{"alg":"SHA-256","content":"3e1e3ecc849832fe52ccf2cb6686b7a55f82bb1d6aee72a58826471390335e47"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/asgiref@3.8.1","externalReferences":[{"type":"vcs","url":"https://github.com/django/asgiref/"}],"type":"library","bom-ref":"pkg:pypi/asgiref@3.8.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Hynek Schlawack ","group":"","name":"attrs","version":"24.2.0","description":"Classes Without Boilerplate","hashes":[{"alg":"SHA-256","content":"81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/attrs@24.2.0","type":"library","bom-ref":"pkg:pypi/attrs@24.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Eric Larson , Frost Ming , William Woodruff ","group":"","name":"CacheControl","version":"0.14.0","description":"httplib2 caching for requests","hashes":[{"alg":"SHA-256","content":"f5bf3f0620c38db2e5122c0726bdebb0d16869de966ea6a2befe92470b740ea0"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/cachecontrol@0.14.0","type":"library","bom-ref":"pkg:pypi/cachecontrol@0.14.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Kenneth Reitz ","group":"","name":"certifi","version":"2024.8.30","description":"Python package for providing Mozilla's CA Bundle.","hashes":[{"alg":"SHA-256","content":"922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8"}],"licenses":[{"license":{"id":"MPL-2.0","url":"https://opensource.org/licenses/MPL-2.0"}}],"purl":"pkg:pypi/certifi@2024.8.30","externalReferences":[{"type":"vcs","url":"https://github.com/certifi/python-certifi"}],"type":"library","bom-ref":"pkg:pypi/certifi@2024.8.30","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Armin Rigo, Maciej Fijalkowski ","group":"","name":"cffi","version":"1.17.1","description":"Foreign Function Interface for Python calling C code.","hashes":[{"alg":"SHA-256","content":"df8b1c11f177bc2313ec4b2d46baec87a5f3e71fc8b45dab2ee7cae86d9aba14"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/cffi@1.17.1","externalReferences":[{"type":"website","url":"http://cffi.readthedocs.org"}],"type":"library","bom-ref":"pkg:pypi/cffi@1.17.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ahmed TAHRI ","group":"","name":"charset-normalizer","version":"3.4.0","description":"The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.","hashes":[{"alg":"SHA-256","content":"4f9fc98dad6c2eaa32fc3af1417d95b5e3d08aff968df0cd320066def971f9a6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/charset-normalizer@3.4.0","externalReferences":[{"type":"vcs","url":"https://github.com/Ousret/charset_normalizer"}],"type":"library","bom-ref":"pkg:pypi/charset-normalizer@3.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"The cryptography developers >","group":"","name":"cryptography","version":"43.0.1","description":"cryptography is a package which provides cryptographic recipes and primitives to Python developers.","hashes":[{"alg":"SHA-256","content":"8385d98f6a3bf8bb2d65a73e17ed87a3ba84f6991c155691c51112075f9ffc5d"}],"licenses":[{"expression":"Apache-2.0 OR BSD-3-Clause"}],"purl":"pkg:pypi/cryptography@43.0.1","type":"library","bom-ref":"pkg:pypi/cryptography@43.0.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"43.0.3"},{"name":"cdx:pypi:resolved_from","value":"cryptography"}]},{"author":"Stanislav Kontar, Red Hat Product Security ","group":"","name":"cvss","version":"3.2","description":"CVSS2/3/4 library with interactive calculator for Python 2 and Python 3","hashes":[{"alg":"SHA-256","content":"e2c2fbc8943c6df83d23c7ad74bb9c5e584c666a9455b013b598e292e5018469"}],"licenses":[{"license":{"id":"LGPL-3.0-or-later","url":"https://opensource.org/licenses/LGPL-3.0-or-later"}}],"purl":"pkg:pypi/cvss@3.2","externalReferences":[{"type":"vcs","url":"https://github.com/RedHatProductSecurity/cvss"}],"type":"library","bom-ref":"pkg:pypi/cvss@3.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Raphael Michel ","group":"","name":"defusedcsv","version":"2.0.0","description":"Drop-in replacement for Python's CSV library that tries to mitigate CSV injection attacks","hashes":[{"alg":"SHA-256","content":"a7bc3b1ac1ce4f8c6c1e8740466b1b5789b51ca18d918b0099313dc0cdf2cef4"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/defusedcsv@2.0.0","externalReferences":[{"type":"vcs","url":"https://github.com/raphaelm/defusedcsv"}],"type":"library","bom-ref":"pkg:pypi/defusedcsv@2.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Christian Heimes ","group":"","name":"defusedxml","version":"0.7.1","description":"XML bomb protection for Python stdlib modules","hashes":[{"alg":"SHA-256","content":"a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61"}],"licenses":[{"license":{"id":"PSF-2.0","url":"https://opensource.org/licenses/PSF-2.0"}}],"purl":"pkg:pypi/defusedxml@0.7.1","externalReferences":[{"type":"vcs","url":"https://github.com/tiran/defusedxml"}],"type":"library","bom-ref":"pkg:pypi/defusedxml@0.7.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Otto Yiu ","group":"","name":"django-cors-headers","version":"4.5.0","description":"django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS).","hashes":[{"alg":"SHA-256","content":"28c1ded847aa70208798de3e42422a782f427b8b720e8d7319d34b654b5978e6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-cors-headers@4.5.0","type":"framework","bom-ref":"pkg:pypi/django-cors-headers@4.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"James Socol ","group":"","name":"django-csp","version":"3.8","description":"Django Content Security Policy support.","hashes":[{"alg":"SHA-256","content":"19b2978b03fcd73517d7d67acbc04fbbcaec0facc3e83baa502965892d1e0719"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/django-csp@3.8","type":"framework","bom-ref":"pkg:pypi/django-csp@3.8","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Scott Sharkey ","group":"","name":"django-encrypted-model-fields","version":"0.6.5","description":"A set of fields that wrap standard Django fields with encryption provided by the python cryptography library.","hashes":[{"alg":"SHA-256","content":"b21bbdd8ae2e1a0ea37a5049b3ba46e6e63bf287ad241219a058fac1070796cc"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-encrypted-model-fields@0.6.5","externalReferences":[{"type":"vcs","url":"https://gitlab.com/lansharkconsulting/django/django-encrypted-model-fields"}],"type":"framework","bom-ref":"pkg:pypi/django-encrypted-model-fields@0.6.5","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Daniele Faraglia ","group":"","name":"django-environ","version":"0.11.2","description":"A package that allows you to utilize 12factor inspired environment variables to configure your Django application.","hashes":[{"alg":"SHA-256","content":"0ff95ab4344bfeff693836aa978e6840abef2e2f1145adff7735892711590c05"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-environ@0.11.2","externalReferences":[{"type":"website","url":"https://django-environ.readthedocs.org"}],"type":"framework","bom-ref":"pkg:pypi/django-environ@0.11.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Alex Gaynor ","group":"","name":"django-filter","version":"24.3","description":"Django-filter is a reusable Django application for allowing users to filter querysets dynamically.","hashes":[{"alg":"SHA-256","content":"c4852822928ce17fb699bcfccd644b3574f1a2d80aeb2b4ff4f16b02dd49dc64"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/django-filter@24.3","type":"framework","bom-ref":"pkg:pypi/django-filter@24.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Simon Charette ","group":"","name":"django-picklefield","version":"3.2","description":"Pickled object field for Django","hashes":[{"alg":"SHA-256","content":"e9a73539d110f69825d9320db18bcb82e5189ff48dbed41821c026a20497764c"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/django-picklefield@3.2","externalReferences":[{"type":"vcs","url":"http://github.com/gintas/django-picklefield"}],"type":"framework","bom-ref":"pkg:pypi/django-picklefield@3.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Django Software Foundation ","group":"","name":"Django","version":"5.1.2","description":"A high-level Python web framework that encourages rapid development and clean, pragmatic design.","hashes":[{"alg":"SHA-256","content":"f11aa87ad8d5617171e3f77e1d5d16f004b79a2cf5d2e1d2b97a6a1f8e9ba5ed"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/django@5.1.2","type":"framework","bom-ref":"pkg:pypi/django@5.1.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Tom Christie ","group":"","name":"djangorestframework","version":"3.15.2","description":"Web APIs for Django, made easy.","hashes":[{"alg":"SHA-256","content":"2b8871b062ba1aefc2de01f773875441a961fefbf79f5eed1e32b2f096944b20"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/djangorestframework@3.15.2","externalReferences":[{"type":"website","url":"https://www.django-rest-framework.org/"}],"type":"framework","bom-ref":"pkg:pypi/djangorestframework@3.15.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Bob Halley ","group":"","name":"dnspython","version":"2.7.0","description":"DNS toolkit","hashes":[{"alg":"SHA-256","content":"b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86"}],"licenses":[{"license":{"id":"ISC","url":"https://opensource.org/licenses/ISC"}}],"purl":"pkg:pypi/dnspython@2.7.0","type":"library","bom-ref":"pkg:pypi/dnspython@2.7.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"T. Franzel ","group":"","name":"drf-spectacular-sidecar","version":"2024.7.1","description":"Serve self-contained distribution builds of Swagger UI and Redoc with Django","hashes":[{"alg":"SHA-256","content":"5dc8b38ad153e90b328152674c7959bf114bf86360a617a5a4516e135cb832bc"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","externalReferences":[{"type":"vcs","url":"https://github.com/tfranzel/drf-spectacular-sidecar"}],"type":"library","bom-ref":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"T. Franzel ","group":"","name":"drf-spectacular","version":"0.27.2","description":"Sane and flexible OpenAPI 3 schema generation for Django REST framework","hashes":[{"alg":"SHA-256","content":"b1c04bf8b2fbbeaf6f59414b4ea448c8787aba4d32f76055c3b13335cf7ec37b"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/drf-spectacular@0.27.2","externalReferences":[{"type":"vcs","url":"https://github.com/tfranzel/drf-spectacular"}],"type":"framework","bom-ref":"pkg:pypi/drf-spectacular@0.27.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Joshua Tauberer ","group":"","name":"email-validator","version":"2.1.1","description":"A robust email address syntax and deliverability validation library.","hashes":[{"alg":"SHA-256","content":"97d882d174e2a65732fb43bfce81a3a834cbc1bde8bf419e30ef5ea976370a05"}],"licenses":[{"expression":"The Unlicense (Unlicense)"}],"purl":"pkg:pypi/email-validator@2.1.1","externalReferences":[{"type":"vcs","url":"https://github.com/JoshData/python-email-validator"}],"type":"library","bom-ref":"pkg:pypi/email-validator@2.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"2.2.0"},{"name":"cdx:pypi:resolved_from","value":"email-validator"}]},{"author":"See ATUHORS.txt ","group":"","name":"et-xmlfile","version":"1.1.0","description":"An implementation of lxml.xmlfile for the standard library","hashes":[{"alg":"SHA-256","content":"a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/et-xmlfile@1.1.0","externalReferences":[{"type":"website","url":"https://foss.heptapod.net/openpyxl/et_xmlfile"}],"type":"library","bom-ref":"pkg:pypi/et-xmlfile@1.1.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Benoit Chesneau ","group":"","name":"gunicorn","version":"23.0.0","description":"WSGI HTTP Server for UNIX","hashes":[{"alg":"SHA-256","content":"ec400d38950de4dfd418cff8328b2c8faed0edb0d517d3394e457c317908ca4d"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/gunicorn@23.0.0","type":"library","bom-ref":"pkg:pypi/gunicorn@23.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Charles Leifer ","group":"","name":"huey","version":"2.5.2","description":"huey, a little task queue","hashes":[{"alg":"SHA-256","content":"df33db474c05414ed40ee2110e9df692369871734da22d74ffb035a4bd74047f"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/huey@2.5.2","externalReferences":[{"type":"vcs","url":"http://github.com/coleifer/huey/"}],"type":"library","bom-ref":"pkg:pypi/huey@2.5.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kim Davies ","group":"","name":"idna","version":"3.10","description":"Internationalized Domain Names in Applications (IDNA)","hashes":[{"alg":"SHA-256","content":"946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/idna@3.10","type":"library","bom-ref":"pkg:pypi/idna@3.10","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jason R. Coombs\" ","group":"","name":"importlib-metadata","version":"8.5.0","description":"Read metadata from Python packages","hashes":[{"alg":"SHA-256","content":"45e54197d28b7a7f1559e60b95e7c567032b602131fbd588f1497f47880aa68b"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/importlib-metadata@8.5.0","type":"library","bom-ref":"pkg:pypi/importlib-metadata@8.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Paul Dyson ","group":"","name":"inflect","version":"7.4.0","description":"Correctly generate plurals, singular nouns, ordinals, indefinite articles","hashes":[{"alg":"SHA-256","content":"85af0997ee2bda942b1c1eed8c8a827abda91aa3e22d1efaa0eea817f9350ce7"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/inflect@7.4.0","type":"library","bom-ref":"pkg:pypi/inflect@7.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Janne Vanhala ","group":"","name":"inflection","version":"0.5.1","description":"A port of Ruby on Rails inflector to Python","hashes":[{"alg":"SHA-256","content":"f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/inflection@0.5.1","externalReferences":[{"type":"vcs","url":"https://github.com/jpvanhal/inflection"}],"type":"library","bom-ref":"pkg:pypi/inflection@0.5.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ben Speakmon ","group":"","name":"jira","version":"3.8.0","description":"Python library for interacting with JIRA via REST APIs.","hashes":[{"alg":"SHA-256","content":"12190dc84dad00b8a6c0341f7e8a254b0f38785afdec022bd5941e1184a5a3fb"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-2-Clause","url":"https://opensource.org/licenses/BSD-2-Clause"}}],"purl":"pkg:pypi/jira@3.8.0","externalReferences":[{"type":"vcs","url":"https://github.com/pycontribs/jira"}],"type":"library","bom-ref":"pkg:pypi/jira@3.8.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"David Aguilar ","group":"","name":"jsonpickle","version":"3.3.0","description":"Python library for serializing arbitrary object graphs into JSON","hashes":[{"alg":"SHA-256","content":"287c12143f35571ab00e224fa323aa4b090d5a7f086f5f494d7ee9c7eb1a380a"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/jsonpickle@3.3.0","externalReferences":[{"type":"vcs","url":"https://github.com/jsonpickle/jsonpickle"}],"type":"library","bom-ref":"pkg:pypi/jsonpickle@3.3.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"jsonschema-specifications","version":"2024.10.1","description":"The JSON Schema meta-schemas and vocabularies, exposed as a Registry","hashes":[{"alg":"SHA-256","content":"a09a0680616357d9a0ecf05c12ad234479f549239d0f5b55f3deea67475da9bf"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/jsonschema-specifications@2024.10.1","type":"library","bom-ref":"pkg:pypi/jsonschema-specifications@2024.10.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"jsonschema","version":"4.23.0","description":"An implementation of JSON Schema validation for Python","hashes":[{"alg":"SHA-256","content":"fbadb6f8b144a8f8cf9f0b89ba94501d143e50411a1278633f56a7acf7fd5566"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/jsonschema@4.23.0","type":"library","bom-ref":"pkg:pypi/jsonschema@4.23.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Erik Rose ","group":"","name":"more-itertools","version":"10.5.0","description":"More routines for operating on iterables, beyond itertools","hashes":[{"alg":"SHA-256","content":"037b0d3203ce90cca8ab1defbbdac29d5f993fc20131f3664dc8d6acfa872aef"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/more-itertools@10.5.0","type":"library","bom-ref":"pkg:pypi/more-itertools@10.5.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Inada Naoki ","group":"","name":"msgpack","version":"1.1.0","description":"MessagePack serializer","hashes":[{"alg":"SHA-256","content":"7ad442d527a7e358a469faf43fda45aaf4ac3249c8310a82f0ccff9164e5dccd"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/msgpack@1.1.0","type":"library","bom-ref":"pkg:pypi/msgpack@1.1.0","evidence":{"identity":{"field":"purl","confidence":0.8,"methods":[{"technique":"manifest-analysis","confidence":0.8,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"The OAuthlib Community ","group":"","name":"oauthlib","version":"3.2.2","description":"A generic, spec-compliant, thorough implementation of the OAuth request-signing logic","hashes":[{"alg":"SHA-256","content":"8139f29aac13e25d502680e9e19963e83f16838d48a0d71c287fe40e7067fbca"}],"licenses":[{"expression":"OSI Approved"}],"purl":"pkg:pypi/oauthlib@3.2.2","externalReferences":[{"type":"vcs","url":"https://github.com/oauthlib/oauthlib"}],"type":"library","bom-ref":"pkg:pypi/oauthlib@3.2.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"See AUTHORS ","group":"","name":"openpyxl","version":"3.1.5","description":"A Python library to read/write Excel 2010 xlsx/xlsm files","hashes":[{"alg":"SHA-256","content":"5282c12b107bffeef825f4617dc029afaf41d0ea60823bbb665ef3079dc79de2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/openpyxl@3.1.5","externalReferences":[{"type":"website","url":"https://openpyxl.readthedocs.io"}],"type":"library","bom-ref":"pkg:pypi/openpyxl@3.1.5","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"the purl authors","group":"","name":"packageurl-python","version":"0.16.0","description":"A purl aka. Package URL parser and builder","hashes":[{"alg":"SHA-256","content":"5c3872638b177b0f1cf01c3673017b7b27ebee485693ae12a8bed70fa7fa7c35"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/packageurl-python@0.16.0","externalReferences":[{"type":"vcs","url":"https://github.com/package-url/packageurl-python"}],"type":"library","bom-ref":"pkg:pypi/packageurl-python@0.16.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Donald Stufft ","group":"","name":"packaging","version":"24.1","description":"Core utilities for Python packages","hashes":[{"alg":"SHA-256","content":"5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}},{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/packaging@24.1","type":"library","bom-ref":"pkg:pypi/packaging@24.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jeffrey A. Clark\" ","group":"","name":"pillow","version":"10.4.0","description":"Python Imaging Library (Fork)","hashes":[{"alg":"SHA-256","content":"4d9667937cfa347525b319ae34375c37b9ee6b525440f3ef48542fcf66f2731e"}],"licenses":[{"expression":"CMU License (MIT-CMU)"}],"purl":"pkg:pypi/pillow@10.4.0","type":"library","bom-ref":"pkg:pypi/pillow@10.4.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"11.0.0"},{"name":"cdx:pypi:resolved_from","value":"pillow"}]},{"author":"Daniele Varrazzo ","group":"","name":"psycopg-binary","version":"3.2.3","description":"PostgreSQL database adapter for Python -- C optimisation distribution","hashes":[{"alg":"SHA-256","content":"965455eac8547f32b3181d5ec9ad8b9be500c10fe06193543efaaebe3e4ce70c"}],"licenses":[{"license":{"id":"LGPL-3.0-only","url":"https://opensource.org/licenses/LGPL-3.0-only"}}],"purl":"pkg:pypi/psycopg-binary@3.2.3","externalReferences":[{"type":"website","url":"https://psycopg.org/psycopg3/"}],"type":"library","bom-ref":"pkg:pypi/psycopg-binary@3.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Daniele Varrazzo ","group":"","name":"psycopg","version":"3.2.3","description":"PostgreSQL database adapter for Python","hashes":[{"alg":"SHA-256","content":"644d3973fe26908c73d4be746074f6e5224b03c1101d302d9a53bf565ad64907"}],"licenses":[{"license":{"id":"LGPL-3.0-only","url":"https://opensource.org/licenses/LGPL-3.0-only"}}],"purl":"pkg:pypi/psycopg@3.2.3","externalReferences":[{"type":"website","url":"https://psycopg.org/psycopg3/"}],"type":"library","bom-ref":"pkg:pypi/psycopg@3.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Prowler Team ","group":"","name":"py-ocsf-models","version":"0.1.1","description":"This is a Python implementation of the OCSF models. The models are used to represent the data of the OCSF Schema defined in https://schema.ocsf.io/.","hashes":[{"alg":"SHA-256","content":"c6ea465fda85470b938a48da65b1f19664f6d83820ebe849ef5551094e6768de"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/py-ocsf-models@0.1.1","type":"library","bom-ref":"pkg:pypi/py-ocsf-models@0.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"0.2.0"},{"name":"cdx:pypi:resolved_from","value":"py-ocsf-models"}]},{"author":"Eli Bendersky ","group":"","name":"pycparser","version":"2.22","description":"C parser in Python","hashes":[{"alg":"SHA-256","content":"c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"BSD-3-Clause","url":"https://opensource.org/licenses/BSD-3-Clause"}}],"purl":"pkg:pypi/pycparser@2.22","externalReferences":[{"type":"vcs","url":"https://github.com/eliben/pycparser"}],"type":"library","bom-ref":"pkg:pypi/pycparser@2.22","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Samuel Colvin , Eric Jolibois , Hasan Ramezani , Adrian Garcia Badaracco <1755071+adriangb@users.noreply.github.com>, Terrence Dorsey , David Montague , Serge Matveenko , Marcelo Trylesinski , Sydney Runkle , David Hewitt , Alex Hall ","group":"","name":"pydantic","version":"1.10.15","description":"Data validation using Python type hints","hashes":[{"alg":"SHA-256","content":"22ed12ee588b1df028a2aa5d66f07bf8f8b4c8579c2e96d5a9c1f96b77f3bb55"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pydantic@1.10.15","type":"library","bom-ref":"pkg:pypi/pydantic@1.10.15","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}},"properties":[{"name":"cdx:pypi:latest_version","value":"2.9.2"},{"name":"cdx:pypi:resolved_from","value":"pydantic"}]},{"author":"Jose Padilla ","group":"","name":"PyJWT","version":"2.9.0","description":"JSON Web Token implementation in Python","hashes":[{"alg":"SHA-256","content":"3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyjwt@2.9.0","externalReferences":[{"type":"vcs","url":"https://github.com/jpadilla/pyjwt"}],"type":"library","bom-ref":"pkg:pypi/pyjwt@2.9.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Inada Naoki , Yutaka Matsubara ","group":"","name":"PyMySQL","version":"1.1.1","description":"Pure Python MySQL Driver","hashes":[{"alg":"SHA-256","content":"4de15da4c61dc132f4fb9ab763063e693d521a80fd0e87943b9a453dd4c19d6c"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pymysql@1.1.1","type":"library","bom-ref":"pkg:pypi/pymysql@1.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Thomas Kluyver ","group":"","name":"pyproject-hooks","version":"1.2.0","description":"Wrappers to call pyproject.toml-based build backend hooks.","hashes":[{"alg":"SHA-256","content":"9e5c6bfa8dcc30091c74b0cf803c81fdd29d94f01992a7707bc97babb1141913"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyproject-hooks@1.2.0","type":"library","bom-ref":"pkg:pypi/pyproject-hooks@1.2.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Kirill Simonov ","group":"","name":"PyYAML","version":"6.0.2","description":"YAML parser and emitter for Python","hashes":[{"alg":"SHA-256","content":"0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/pyyaml@6.0.2","externalReferences":[{"type":"website","url":"https://pyyaml.org/"}],"type":"library","bom-ref":"pkg:pypi/pyyaml@6.0.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Max Bachmann ","group":"","name":"RapidFuzz","version":"3.10.0","description":"rapid fuzzy string matching","hashes":[{"alg":"SHA-256","content":"884453860de029380dded8f3c1918af2d8eb5adf8010261645c7e5c88c2b5428"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/rapidfuzz@3.10.0","type":"library","bom-ref":"pkg:pypi/rapidfuzz@3.10.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"instrumentation","confidence":1,"value":"/tmp/cdxgen-venv-43yYKx"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]},{"author":"Julian Berman ","group":"","name":"referencing","version":"0.35.1","description":"JSON Referencing + Python","hashes":[{"alg":"SHA-256","content":"eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/referencing@0.35.1","type":"library","bom-ref":"pkg:pypi/referencing@0.35.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kenneth Reitz ","group":"","name":"requests-oauthlib","version":"2.0.0","description":"OAuthlib authentication support for Requests.","hashes":[{"alg":"SHA-256","content":"7dd8a5c40426b779b0868c404bdef9768deccf22749cde15852df527e6269b36"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}},{"license":{"id":"ISC","url":"https://opensource.org/licenses/ISC"}}],"purl":"pkg:pypi/requests-oauthlib@2.0.0","externalReferences":[{"type":"vcs","url":"https://github.com/requests/requests-oauthlib"}],"type":"library","bom-ref":"pkg:pypi/requests-oauthlib@2.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ian Cordasco, Cory Benfield ","group":"","name":"requests-toolbelt","version":"1.0.0","description":"A utility belt for advanced users of python-requests","hashes":[{"alg":"SHA-256","content":"cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/requests-toolbelt@1.0.0","externalReferences":[{"type":"website","url":"https://toolbelt.readthedocs.io/"}],"type":"library","bom-ref":"pkg:pypi/requests-toolbelt@1.0.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Kenneth Reitz ","group":"","name":"requests","version":"2.32.3","description":"Python HTTP for Humans.","hashes":[{"alg":"SHA-256","content":"70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/requests@2.32.3","externalReferences":[{"type":"website","url":"https://requests.readthedocs.io"}],"type":"library","bom-ref":"pkg:pypi/requests@2.32.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Julian Berman ","group":"","name":"rpds-py","version":"0.20.0","description":"Python bindings to Rust's persistent data structures (rpds)","hashes":[{"alg":"SHA-256","content":"3ad0fda1635f8439cde85c700f964b23ed5fc2d28016b32b9ee5fe30da5c84e2"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/rpds-py@0.20.0","type":"library","bom-ref":"pkg:pypi/rpds-py@0.20.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Andi Albrecht ","group":"","name":"sqlparse","version":"0.5.1","description":"A non-validating SQL parser.","hashes":[{"alg":"SHA-256","content":"773dcbf9a5ab44a090f3441e2180efe2560220203dc2f8c0b0fa141e18b505e4"}],"licenses":[{"license":{"id":"0BSD","url":"https://opensource.org/licenses/0BSD"}}],"purl":"pkg:pypi/sqlparse@0.5.1","type":"library","bom-ref":"pkg:pypi/sqlparse@0.5.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Alex Grönholm ","group":"","name":"typeguard","version":"4.3.0","description":"Run-time type checker for Python","hashes":[{"alg":"SHA-256","content":"4d24c5b39a117f8a895b9da7a9b3114f04eb63bade45a4492de49b175b6f7dfa"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/typeguard@4.3.0","type":"library","bom-ref":"pkg:pypi/typeguard@4.3.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Guido van Rossum, Jukka Lehtosalo, Łukasz Langa, Michael Lee\" ","group":"","name":"typing-extensions","version":"4.12.2","description":"Backported and Experimental Type Hints for Python 3.8+","hashes":[{"alg":"SHA-256","content":"04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d"}],"licenses":[{"license":{"id":"PSF-2.0","url":"https://opensource.org/licenses/PSF-2.0"}}],"purl":"pkg:pypi/typing-extensions@4.12.2","type":"library","bom-ref":"pkg:pypi/typing-extensions@4.12.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Python Software Foundation ","group":"","name":"tzdata","version":"2024.2","description":"Provider of IANA time zone data","hashes":[{"alg":"SHA-256","content":"a48093786cdcde33cad18c2555e8532f34422074448fbc874186f0abd79565cd"}],"licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:pypi/tzdata@2024.2","externalReferences":[{"type":"vcs","url":"https://github.com/python/tzdata"}],"type":"library","bom-ref":"pkg:pypi/tzdata@2024.2","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Ian Stapleton Cordasco ","group":"","name":"uritemplate","version":"4.1.1","description":"Implementation of RFC 6570 URI Templates","hashes":[{"alg":"SHA-256","content":"830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e"}],"licenses":[{"expression":"OSI Approved OR BSD 3-Clause License or Apache License, Version 2.0"}],"purl":"pkg:pypi/uritemplate@4.1.1","externalReferences":[{"type":"website","url":"https://uritemplate.readthedocs.org"}],"type":"library","bom-ref":"pkg:pypi/uritemplate@4.1.1","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Andrey Petrov ","group":"","name":"urllib3","version":"2.2.3","description":"HTTP library with thread-safe connection pooling, file post, and more.","hashes":[{"alg":"SHA-256","content":"ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/urllib3@2.2.3","type":"library","bom-ref":"pkg:pypi/urllib3@2.2.3","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"Konsta Vesterinen ","group":"","name":"validators","version":"0.34.0","description":"Python Data Validation for Humans™","hashes":[{"alg":"SHA-256","content":"c804b476e3e6d3786fa07a30073a4ef694e617805eb1946ceee3fe5a9b8b1321"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/validators@0.34.0","type":"library","bom-ref":"pkg:pypi/validators@0.34.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"David Evans","group":"","name":"whitenoise","version":"6.7.0","description":"Radically simplified static file serving for WSGI applications","hashes":[{"alg":"SHA-256","content":"a1ae85e01fdc9815d12fa33f17765bc132ed2c54fa76daf9e39e879dd93566f6"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/whitenoise@6.7.0","type":"library","bom-ref":"pkg:pypi/whitenoise@6.7.0","evidence":{"identity":{"field":"purl","confidence":1,"methods":[{"technique":"manifest-analysis","confidence":1,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry.lock"}]}}},{"author":"\"Jason R. Coombs\" ","group":"","name":"zipp","version":"3.20.2","description":"Backport of pathlib-compatible object wrapper for zip files","hashes":[{"alg":"SHA-256","content":"a817ac80d6cf4b23bf7f2828b7cabf326f15a001bea8b1f9b49631780ba28350"}],"licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:pypi/zipp@3.20.2","type":"library","bom-ref":"pkg:pypi/zipp@3.20.2","evidence":{"identity":{"field":"purl","confidence":0.8,"methods":[{"technique":"manifest-analysis","confidence":0.8,"value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}},"properties":[{"name":"SrcFile","value":"/home/runner/work/SecObserve/SecObserve/backend/poetry_requirements.txt"}]}],"dependencies":[{"ref":"pkg:pypi/secobserve@1.22.3","dependsOn":["pkg:pypi/argon2-cffi@23.1.0","pkg:pypi/cvss@3.2","pkg:pypi/defusedcsv@2.0.0","pkg:pypi/django-cors-headers@4.5.0","pkg:pypi/django-csp@3.8","pkg:pypi/django-encrypted-model-fields@0.6.5","pkg:pypi/django-environ@0.11.2","pkg:pypi/django-filter@24.3","pkg:pypi/django-picklefield@3.2","pkg:pypi/django@5.1.2","pkg:pypi/djangorestframework@3.15.2","pkg:pypi/drf-spectacular-sidecar@2024.7.1","pkg:pypi/drf-spectacular@0.27.2","pkg:pypi/gunicorn@23.0.0","pkg:pypi/huey@2.5.2","pkg:pypi/inflect@7.4.0","pkg:pypi/jira@3.8.0","pkg:pypi/jsonpickle@3.3.0","pkg:pypi/openpyxl@3.1.5","pkg:pypi/packageurl-python@0.16.0","pkg:pypi/psycopg@3.2.3","pkg:pypi/py-ocsf-models@0.1.1","pkg:pypi/pymysql@1.1.1","pkg:pypi/requests@2.32.3","pkg:pypi/validators@0.34.0","pkg:pypi/whitenoise@6.7.0"]},{"ref":"pkg:pypi/argon2-cffi@23.1.0","dependsOn":["pkg:pypi/argon2-cffi-bindings@21.2.0"]},{"ref":"pkg:pypi/argon2-cffi-bindings@21.2.0","dependsOn":["pkg:pypi/cffi@1.17.1"]},{"ref":"pkg:pypi/asgiref@3.8.1","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/attrs@24.2.0","dependsOn":[]},{"ref":"pkg:pypi/certifi@2024.8.30","dependsOn":[]},{"ref":"pkg:pypi/cffi@1.17.1","dependsOn":["pkg:pypi/pycparser@2.22"]},{"ref":"pkg:pypi/charset-normalizer@3.4.0","dependsOn":[]},{"ref":"pkg:pypi/cryptography@43.0.1","dependsOn":["pkg:pypi/cffi@1.17.1"]},{"ref":"pkg:pypi/cvss@3.2","dependsOn":[]},{"ref":"pkg:pypi/defusedcsv@2.0.0","dependsOn":[]},{"ref":"pkg:pypi/defusedxml@0.7.1","dependsOn":[]},{"ref":"pkg:pypi/django@5.1.2","dependsOn":["pkg:pypi/asgiref@3.8.1","pkg:pypi/sqlparse@0.5.1","pkg:pypi/tzdata@2024.2"]},{"ref":"pkg:pypi/django-cors-headers@4.5.0","dependsOn":["pkg:pypi/asgiref@3.8.1","pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-csp@3.8","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-encrypted-model-fields@0.6.5","dependsOn":["pkg:pypi/cryptography@43.0.1","pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-environ@0.11.2","dependsOn":[]},{"ref":"pkg:pypi/django-filter@24.3","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/django-picklefield@3.2","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/djangorestframework@3.15.2","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/dnspython@2.7.0","dependsOn":[]},{"ref":"pkg:pypi/drf-spectacular@0.27.2","dependsOn":["pkg:pypi/django@5.1.2","pkg:pypi/djangorestframework@3.15.2","pkg:pypi/inflection@0.5.1","pkg:pypi/jsonschema@4.23.0","pkg:pypi/pyyaml@6.0.2","pkg:pypi/uritemplate@4.1.1"]},{"ref":"pkg:pypi/drf-spectacular-sidecar@2024.7.1","dependsOn":["pkg:pypi/django@5.1.2"]},{"ref":"pkg:pypi/email-validator@2.1.1","dependsOn":["pkg:pypi/dnspython@2.7.0","pkg:pypi/idna@3.10"]},{"ref":"pkg:pypi/et-xmlfile@1.1.0","dependsOn":[]},{"ref":"pkg:pypi/gunicorn@23.0.0","dependsOn":["pkg:pypi/packaging@24.1"]},{"ref":"pkg:pypi/huey@2.5.2","dependsOn":[]},{"ref":"pkg:pypi/idna@3.10","dependsOn":[]},{"ref":"pkg:pypi/inflect@7.4.0","dependsOn":["pkg:pypi/more-itertools@10.5.0","pkg:pypi/typeguard@4.3.0"]},{"ref":"pkg:pypi/inflection@0.5.1","dependsOn":[]},{"ref":"pkg:pypi/jira@3.8.0","dependsOn":["pkg:pypi/defusedxml@0.7.1","pkg:pypi/packaging@24.1","pkg:pypi/pillow@10.4.0","pkg:pypi/requests-oauthlib@2.0.0","pkg:pypi/requests-toolbelt@1.0.0","pkg:pypi/requests@2.32.3","pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/jsonpickle@3.3.0","dependsOn":[]},{"ref":"pkg:pypi/jsonschema@4.23.0","dependsOn":["pkg:pypi/attrs@24.2.0","pkg:pypi/jsonschema-specifications@2024.10.1","pkg:pypi/referencing@0.35.1","pkg:pypi/rpds-py@0.20.0"]},{"ref":"pkg:pypi/jsonschema-specifications@2024.10.1","dependsOn":["pkg:pypi/referencing@0.35.1"]},{"ref":"pkg:pypi/more-itertools@10.5.0","dependsOn":[]},{"ref":"pkg:pypi/oauthlib@3.2.2","dependsOn":[]},{"ref":"pkg:pypi/openpyxl@3.1.5","dependsOn":["pkg:pypi/et-xmlfile@1.1.0"]},{"ref":"pkg:pypi/packageurl-python@0.16.0","dependsOn":[]},{"ref":"pkg:pypi/packaging@24.1","dependsOn":[]},{"ref":"pkg:pypi/pillow@10.4.0","dependsOn":[]},{"ref":"pkg:pypi/psycopg@3.2.3","dependsOn":["pkg:pypi/psycopg-binary@3.2.3","pkg:pypi/typing-extensions@4.12.2","pkg:pypi/tzdata@2024.2"]},{"ref":"pkg:pypi/psycopg-binary@3.2.3","dependsOn":[]},{"ref":"pkg:pypi/py-ocsf-models@0.1.1","dependsOn":["pkg:pypi/email-validator@2.1.1","pkg:pypi/pydantic@1.10.15"]},{"ref":"pkg:pypi/pycparser@2.22","dependsOn":[]},{"ref":"pkg:pypi/pydantic@1.10.15","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/pyjwt@2.9.0","dependsOn":[]},{"ref":"pkg:pypi/pymysql@1.1.1","dependsOn":[]},{"ref":"pkg:pypi/pyyaml@6.0.2","dependsOn":[]},{"ref":"pkg:pypi/referencing@0.35.1","dependsOn":["pkg:pypi/attrs@24.2.0","pkg:pypi/rpds-py@0.20.0"]},{"ref":"pkg:pypi/requests@2.32.3","dependsOn":["pkg:pypi/certifi@2024.8.30","pkg:pypi/charset-normalizer@3.4.0","pkg:pypi/idna@3.10","pkg:pypi/urllib3@2.2.3"]},{"ref":"pkg:pypi/requests-oauthlib@2.0.0","dependsOn":["pkg:pypi/oauthlib@3.2.2","pkg:pypi/requests@2.32.3"]},{"ref":"pkg:pypi/requests-toolbelt@1.0.0","dependsOn":["pkg:pypi/requests@2.32.3"]},{"ref":"pkg:pypi/rpds-py@0.20.0","dependsOn":[]},{"ref":"pkg:pypi/sqlparse@0.5.1","dependsOn":[]},{"ref":"pkg:pypi/typeguard@4.3.0","dependsOn":["pkg:pypi/typing-extensions@4.12.2"]},{"ref":"pkg:pypi/typing-extensions@4.12.2","dependsOn":[]},{"ref":"pkg:pypi/tzdata@2024.2","dependsOn":[]},{"ref":"pkg:pypi/uritemplate@4.1.1","dependsOn":[]},{"ref":"pkg:pypi/urllib3@2.2.3","dependsOn":[]},{"ref":"pkg:pypi/validators@0.34.0","dependsOn":[]},{"ref":"pkg:pypi/whitenoise@6.7.0","dependsOn":[]},{"ref":"pkg:pypi/rapidfuzz@3.10.0","dependsOn":[]},{"ref":"pkg:pypi/pyproject-hooks@1.2.0","dependsOn":[]},{"ref":"pkg:pypi/zipp@3.20.2","dependsOn":[]},{"ref":"pkg:pypi/importlib-metadata@8.5.0","dependsOn":["pkg:pypi/zipp@3.20.2"]},{"ref":"pkg:pypi/msgpack@1.1.0","dependsOn":[]},{"ref":"pkg:pypi/cachecontrol@0.14.0","dependsOn":["pkg:pypi/msgpack@1.1.0","pkg:pypi/requests@2.32.3"]}]} \ No newline at end of file diff --git a/backend/unittests/import_observations/services/test_import_observations.py b/backend/unittests/import_observations/services/test_import_observations.py index 750571ae1..68e121e7d 100644 --- a/backend/unittests/import_observations/services/test_import_observations.py +++ b/backend/unittests/import_observations/services/test_import_observations.py @@ -542,7 +542,7 @@ def _file_upload_licenses( ) self.assertEqual(license_components[1].purl_type, "pypi") self.assertEqual(license_components[1].cpe, "") - dependencies = """SecObserve:1.22.2 --> argon2-cffi:23.1.0 + dependencies = """SecObserve:1.22.3 --> argon2-cffi:23.1.0 argon2-cffi:23.1.0 --> argon2-cffi-bindings:21.2.0""" self.assertEqual(license_components[1].dependencies, dependencies) self.assertEqual( diff --git a/backend/unittests/vex/api/files/csaf_given_vulnerability.json b/backend/unittests/vex/api/files/csaf_given_vulnerability.json index 5e2b8974e..430cc2b62 100644 --- a/backend/unittests/vex/api/files/csaf_given_vulnerability.json +++ b/backend/unittests/vex/api/files/csaf_given_vulnerability.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0001", diff --git a/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json b/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json index a47244a89..2b8372798 100644 --- a/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json +++ b/backend/unittests/vex/api/files/csaf_given_vulnerability_update.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0002", diff --git a/backend/unittests/vex/api/files/csaf_product_branches.json b/backend/unittests/vex/api/files/csaf_product_branches.json index 310ab0fe6..2c4de6d75 100644 --- a/backend/unittests/vex/api/files/csaf_product_branches.json +++ b/backend/unittests/vex/api/files/csaf_product_branches.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0001", diff --git a/backend/unittests/vex/api/files/csaf_product_given_branch.json b/backend/unittests/vex/api/files/csaf_product_given_branch.json index bcc38f268..4b7ad0655 100644 --- a/backend/unittests/vex/api/files/csaf_product_given_branch.json +++ b/backend/unittests/vex/api/files/csaf_product_given_branch.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0001", diff --git a/backend/unittests/vex/api/files/csaf_product_no_branch.json b/backend/unittests/vex/api/files/csaf_product_no_branch.json index e2e47460a..2d3b69ac5 100644 --- a/backend/unittests/vex/api/files/csaf_product_no_branch.json +++ b/backend/unittests/vex/api/files/csaf_product_no_branch.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0001", diff --git a/backend/unittests/vex/api/files/csaf_product_no_branch_update.json b/backend/unittests/vex/api/files/csaf_product_no_branch_update.json index 45d0de920..0e2d600eb 100644 --- a/backend/unittests/vex/api/files/csaf_product_no_branch_update.json +++ b/backend/unittests/vex/api/files/csaf_product_no_branch_update.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "CSAF_2024_0001_0002", diff --git a/backend/unittests/vex/api/files/openvex_given_vulnerability.json b/backend/unittests/vex/api/files/openvex_given_vulnerability.json index 4368513ea..cb020a71b 100644 --- a/backend/unittests/vex/api/files/openvex_given_vulnerability.json +++ b/backend/unittests/vex/api/files/openvex_given_vulnerability.json @@ -47,6 +47,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 1 } \ No newline at end of file diff --git a/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json b/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json index 4d6a5316c..c607d1aac 100644 --- a/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json +++ b/backend/unittests/vex/api/files/openvex_given_vulnerability_update.json @@ -37,6 +37,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 2 } \ No newline at end of file diff --git a/backend/unittests/vex/api/files/openvex_product_branches.json b/backend/unittests/vex/api/files/openvex_product_branches.json index 33474fd60..ebb302dcb 100644 --- a/backend/unittests/vex/api/files/openvex_product_branches.json +++ b/backend/unittests/vex/api/files/openvex_product_branches.json @@ -70,6 +70,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 1 } \ No newline at end of file diff --git a/backend/unittests/vex/api/files/openvex_product_given_branch.json b/backend/unittests/vex/api/files/openvex_product_given_branch.json index 0fc2a5723..24d74c0f4 100644 --- a/backend/unittests/vex/api/files/openvex_product_given_branch.json +++ b/backend/unittests/vex/api/files/openvex_product_given_branch.json @@ -28,6 +28,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 1 } \ No newline at end of file diff --git a/backend/unittests/vex/api/files/openvex_product_no_branch.json b/backend/unittests/vex/api/files/openvex_product_no_branch.json index db7ef1d20..469fec5a7 100644 --- a/backend/unittests/vex/api/files/openvex_product_no_branch.json +++ b/backend/unittests/vex/api/files/openvex_product_no_branch.json @@ -63,6 +63,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 1 } \ No newline at end of file diff --git a/backend/unittests/vex/api/files/openvex_product_no_branch_update.json b/backend/unittests/vex/api/files/openvex_product_no_branch_update.json index 7441e0525..b52400485 100644 --- a/backend/unittests/vex/api/files/openvex_product_no_branch_update.json +++ b/backend/unittests/vex/api/files/openvex_product_no_branch_update.json @@ -64,6 +64,6 @@ } ], "timestamp": "2020-01-01T04:30:00+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 2 } \ No newline at end of file diff --git a/backend/unittests/vex/services/files/so_csaf_2024_0001_0001.json b/backend/unittests/vex/services/files/so_csaf_2024_0001_0001.json index 7d8f31b97..65fd1bb87 100644 --- a/backend/unittests/vex/services/files/so_csaf_2024_0001_0001.json +++ b/backend/unittests/vex/services/files/so_csaf_2024_0001_0001.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "so_2024_0001_0001", diff --git a/backend/unittests/vex/services/files/so_csaf_2024_0001_0001_short.json b/backend/unittests/vex/services/files/so_csaf_2024_0001_0001_short.json index 863a2021c..13f153d90 100644 --- a/backend/unittests/vex/services/files/so_csaf_2024_0001_0001_short.json +++ b/backend/unittests/vex/services/files/so_csaf_2024_0001_0001_short.json @@ -18,7 +18,7 @@ "generator": { "engine": { "name": "SecObserve", - "version": "1.22.2" + "version": "1.22.3" } }, "id": "so_2024_0001_0001", diff --git a/backend/unittests/vex/services/files/so_openvex_2024_0001_0001.json b/backend/unittests/vex/services/files/so_openvex_2024_0001_0001.json index 3c4f40e65..386a3f323 100644 --- a/backend/unittests/vex/services/files/so_openvex_2024_0001_0001.json +++ b/backend/unittests/vex/services/files/so_openvex_2024_0001_0001.json @@ -294,6 +294,6 @@ } ], "timestamp": "2024-07-14T11:17:57.668593+00:00", - "tooling": "SecObserve / 1.22.2", + "tooling": "SecObserve / 1.22.3", "version": 1 } \ No newline at end of file diff --git a/docker-compose-prod-mysql.yml b/docker-compose-prod-mysql.yml index bc709c1f8..f70d9138b 100644 --- a/docker-compose-prod-mysql.yml +++ b/docker-compose-prod-mysql.yml @@ -35,7 +35,7 @@ services: - traefik frontend: - image: maibornwolff/secobserve-frontend:1.22.2 + image: maibornwolff/secobserve-frontend:1.22.3 container_name: "prod_secobserve_frontend" labels: - "traefik.enable=true" @@ -54,7 +54,7 @@ services: - traefik backend: - image: maibornwolff/secobserve-backend:1.22.2 + image: maibornwolff/secobserve-backend:1.22.3 container_name: "prod_secobserve_backend" labels: - "traefik.enable=true" diff --git a/docker-compose-prod-postgres.yml b/docker-compose-prod-postgres.yml index adc727a63..c6ae0c3c0 100644 --- a/docker-compose-prod-postgres.yml +++ b/docker-compose-prod-postgres.yml @@ -35,7 +35,7 @@ services: - traefik frontend: - image: maibornwolff/secobserve-frontend:1.22.2 + image: maibornwolff/secobserve-frontend:1.22.3 container_name: "prod_secobserve_frontend" labels: - "traefik.enable=true" @@ -54,7 +54,7 @@ services: - traefik backend: - image: maibornwolff/secobserve-backend:1.22.2 + image: maibornwolff/secobserve-backend:1.22.3 container_name: "prod_secobserve_backend" labels: - "traefik.enable=true" diff --git a/docs/getting_started/installation.md b/docs/getting_started/installation.md index d61a9f47e..f014aae15 100644 --- a/docs/getting_started/installation.md +++ b/docs/getting_started/installation.md @@ -45,7 +45,7 @@ services: - default frontend: - image: maibornwolff/secobserve-frontend:1.22.2 + image: maibornwolff/secobserve-frontend:1.22.3 labels: - "traefik.enable=true" - "traefik.http.routers.frontend.rule=Host(`secobserve.localhost`)" @@ -62,7 +62,7 @@ services: - traefik backend: - image: maibornwolff/secobserve-backend:1.22.2 + image: maibornwolff/secobserve-backend:1.22.3 labels: - "traefik.enable=true" - "traefik.http.routers.backend.rule=Host(`secobserve-backend.localhost`)" diff --git a/end_to_end_tests/package-lock.json b/end_to_end_tests/package-lock.json index f9ba18061..76dfeac81 100644 --- a/end_to_end_tests/package-lock.json +++ b/end_to_end_tests/package-lock.json @@ -1,12 +1,12 @@ { "name": "end_to_end_tests", - "version": "1.22.2", + "version": "1.22.3", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "end_to_end_tests", - "version": "1.22.2", + "version": "1.22.3", "devDependencies": { "@playwright/test": "1.49.0", "@types/node": "22.9.1" diff --git a/end_to_end_tests/package.json b/end_to_end_tests/package.json index 93da92cc9..f76cbd399 100644 --- a/end_to_end_tests/package.json +++ b/end_to_end_tests/package.json @@ -1,6 +1,6 @@ { "name": "end_to_end_tests", - "version": "1.22.2", + "version": "1.22.3", "private": true, "description": "", "main": "index.js", diff --git a/frontend/package-lock.json b/frontend/package-lock.json index ee3bd4a75..8d1916878 100644 --- a/frontend/package-lock.json +++ b/frontend/package-lock.json @@ -1,12 +1,12 @@ { "name": "secobserve", - "version": "1.22.2", + "version": "1.22.3", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "secobserve", - "version": "1.22.2", + "version": "1.22.3", "license": "BSD-3-Clause", "dependencies": { "@emotion/react": "11.13.3", diff --git a/frontend/package.json b/frontend/package.json index 0235f4087..a5c653f53 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -1,6 +1,6 @@ { "name": "secobserve", - "version": "1.22.2", + "version": "1.22.3", "license": "BSD-3-Clause", "description": "SecObserve is an open source vulnerability management system for software development and cloud environments.", "private": true, diff --git a/so_configuration_sca_current.yml b/so_configuration_sca_current.yml index 2c0927f38..10068c0ab 100644 --- a/so_configuration_sca_current.yml +++ b/so_configuration_sca_current.yml @@ -1,18 +1,18 @@ trivy_image_backend_current: SCANNER: trivy_image - TARGET: "maibornwolff/secobserve-backend:1.22.2" + TARGET: "maibornwolff/secobserve-backend:1.22.3" FURTHER_PARAMETERS: "--pkg-types os --db-repository public.ecr.aws/aquasecurity/trivy-db:2" REPORT_NAME: "trivy_backend_image.json" SO_ORIGIN_SERVICE: "backend" - SO_BRANCH_NAME: "1.22.2" + SO_BRANCH_NAME: "1.22.3" trivy_image_frontend_current: SCANNER: trivy_image - TARGET: "maibornwolff/secobserve-frontend:1.22.2" + TARGET: "maibornwolff/secobserve-frontend:1.22.3" FURTHER_PARAMETERS: "--pkg-types os --db-repository public.ecr.aws/aquasecurity/trivy-db:2" REPORT_NAME: "trivy_frontend_image.json" SO_ORIGIN_SERVICE: "frontend" - SO_BRANCH_NAME: "1.22.2" + SO_BRANCH_NAME: "1.22.3" trivy_filesystem_backend_current: SCANNER: trivy_filesystem @@ -21,7 +21,7 @@ trivy_filesystem_backend_current: FURTHER_PARAMETERS: "--db-repository public.ecr.aws/aquasecurity/trivy-db:2" REPORT_NAME: "trivy_backend_poetry.json" SO_ORIGIN_SERVICE: "backend" - SO_BRANCH_NAME: "1.22.2" + SO_BRANCH_NAME: "1.22.3" trivy_filesystem_frontend_current: SCANNER: trivy_filesystem @@ -30,7 +30,7 @@ trivy_filesystem_frontend_current: FURTHER_PARAMETERS: "--db-repository public.ecr.aws/aquasecurity/trivy-db:2" REPORT_NAME: "trivy_frontend_npm.json" SO_ORIGIN_SERVICE: "frontend" - SO_BRANCH_NAME: "1.22.2" + SO_BRANCH_NAME: "1.22.3" importer: SO_UPLOAD: "true"