{ "SPDXID": "SPDXRef-DOCUMENT", "creationInfo": { "created": "2024-09-09T12:12:33Z", "creators": [ "Organization: Nokia", "Tool: Nokia Compliance Tool - 1.0" ], "licenseListVersion": "3.22", "comment": "CISA SBOM type: Source" }, "dataLicense": "CC0-1.0", "name": "openchain-telco-sbom-validator-0.1.6", "spdxVersion": "SPDX-2.2", "documentNamespace": "https://nokia.com/spdx/openchain-telco-sbom-validator-0.1.6", "packages": [ { "SPDXID": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "checksums": [ { "algorithm": "SHA256", "checksumValue": "d74a3c7142c82926b73d6928c04dc85e5759b649b403e024d7a44e9998415177" } ], "copyrightText": "(c) 2024 Nokia Authors Gergely Csatari, Marc-Etienne Vargenau", "downloadLocation": "NONE", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/openchain_telco_sbom_validator@0.1.6", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/OpenChain-Project/Telco-WG/tree/main/tools", "licenseConcluded": "NOASSERTION", "licenseDeclared": "Apache-2.0", "name": "openchain_telco_sbom_validator-with-requirements-requirements.txt", "originator": "Organization: Nokia", "supplier": "Organization: Nokia", "versionInfo": "0.1.6" }, { "SPDXID": "SPDXRef-Package-PyPI-beartype-0.18.5", "checksums": [ { "algorithm": "SHA256", "checksumValue": "5301a14f2a9a5540fe47ec6d34d758e9cd8331d36c4760fc7a5499ab86310089" } ], "copyrightText": "Copyright (c) 2014-2024 Beartype authors", "downloadLocation": "git+https://github.com/beartype/beartype.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/beartype@0.18.5", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://beartype.readthedocs.io", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "beartype", "summary": "Unbearably fast runtime type checking in pure Python.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.18.5" }, { "SPDXID": "SPDXRef-Package-PyPI-boolean-py-4.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "2876f2051d7d6394a531d82dc6eb407faa0b01a0a0b3083817ccd7323b8d96bd" } ], "copyrightText": "Copyright (c) 2009-2020 Sebastian Kraemer, basti.kr@gmail.com and others", "downloadLocation": "git+https://github.com/bastikr/boolean.py.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/boolean-py@4.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/bastikr/boolean.py", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-2-Clause", "name": "boolean-py", "summary": "Define boolean algebras, create and parse boolean expressions and create custom boolean DSL.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "4.0" }, { "SPDXID": "SPDXRef-Package-PyPI-certifi-2024.8.30", "checksums": [ { "algorithm": "SHA256", "checksumValue": "922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8" } ], "copyrightText": "(c) 2009, 2012, 2015 Entrust, Inc.", "downloadLocation": "git+https://github.com/certifi/python-certifi.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/certifi@2024.8.30", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/certifi/python-certifi", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MPL-2.0", "name": "certifi", "summary": "Python package for providing Mozilla's CA Bundle.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "2024.8.30" }, { "SPDXID": "SPDXRef-Package-PyPI-charset-normalizer-3.3.2", "checksums": [ { "algorithm": "SHA256", "checksumValue": "753f10e867343b4511128c6ed8c82f7bec3bd026875576dfd88483c5c73b2fd8" } ], "copyrightText": "Copyright (c) 2019, 2021 Ahmed TAHRI @Ousret (https://github.com/Ousret)\n(c) 2012 Denny Vrandecic (http://simia.net/letters/)\n(c) https://stackoverflow.com/questions/3041986/apt-command-line-interface-like-yes-no-input", "downloadLocation": "git+https://github.com/Ousret/charset_normalizer.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/charset-normalizer@3.3.2", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/Ousret/charset_normalizer", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "charset-normalizer", "summary": "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.3.2" }, { "SPDXID": "SPDXRef-Package-PyPI-click-8.1.7", "checksums": [ { "algorithm": "SHA256", "checksumValue": "ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28" } ], "copyrightText": "Copyright 2001-2006 Gregory P. Ward\ncopyright 2014 Pallets\nCopyright 2002-2006 Python Software Foundation", "downloadLocation": "git+https://github.com/pallets/click.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/click@8.1.7", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://palletsprojects.com/p/click/", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-3-Clause", "name": "click", "summary": "Composable command line interface toolkit", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "8.1.7" }, { "SPDXID": "SPDXRef-Package-PyPI-idna-3.8", "checksums": [ { "algorithm": "SHA256", "checksumValue": "050b4e5baadcd44d760cedbd2b8e639f2ff89bbc7a5730fcc662954303377aac" } ], "copyrightText": "Copyright (c) 2013-2024 Kim Davies and contributors", "downloadLocation": "git+https://github.com/kjd/idna.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/idna@3.8", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", "name": "idna", "summary": "Internationalized Domain Names in Applications (IDNA)", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.8" }, { "SPDXID": "SPDXRef-Package-PyPI-isodate-0.6.1", "checksums": [ { "algorithm": "SHA256", "checksumValue": "0751eece944162659049d35f4f549ed815792b38793f07cf73381c1c87cbed96" } ], "copyrightText": "Copyright 2009 Gerhard Weis", "downloadLocation": "git+https://github.com/gweis/isodate.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/isodate@0.6.1", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/gweis/isodate/", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-3-Clause", "name": "isodate", "summary": "An ISO 8601 date/time/duration parser and formatter", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.6.1" }, { "SPDXID": "SPDXRef-Package-PyPI-license-expression-30.3.1", "checksums": [ { "algorithm": "SHA256", "checksumValue": "97904b9185c7bbb1e98799606fa7424191c375e70ba63a524b6f7100e42ddc46" } ], "copyrightText": "Copyright (c) The warehouse developers\nCopyright (c) nexB Inc. and others\nCopyright (c) 2008-2020 The pip developers", "downloadLocation": "git+https://github.com/aboutcode-org/license-expression.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/license-expression@30.3.1", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/aboutcode-org/license-expression", "licenseConcluded": "NOASSERTION", "licenseDeclared": "Apache-2.0", "name": "license-expression", "summary": "license-expression is a comprehensive utility library to parse, compare, simplify and normalize license expressions (such as SPDX license expressions) using boolean logic.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "30.3.1" }, { "SPDXID": "SPDXRef-Package-PyPI-ntia-conformance-checker-3.0.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "2e1b4383628695df24e48c336a5ddebc7ddec7a6fda7d42dad199540dd0bc048" } ], "copyrightText": "NONE", "downloadLocation": "https://files.pythonhosted.org/packages/ce/03/6ed9ac62d454b7d428a33fbe664bbabff9b00cd49eeb09e51bfca906089e/ntia_conformance_checker-3.0.0.tar.gz", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/ntia-conformance-checker@3.0.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "Apache-2.0", "name": "ntia-conformance-checker", "summary": "Check SPDX SBOM for NTIA minimum elements", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.0.0" }, { "SPDXID": "SPDXRef-Package-PyPI-packageurl-python-0.15.6", "checksums": [ { "algorithm": "SHA256", "checksumValue": "a40210652c89022772a6c8340d6066f7d5dc67132141e5284a4db7a27d0a8ab0" } ], "copyrightText": "NONE", "downloadLocation": "git+https://github.com/package-url/packageurl-python.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/packageurl-python@0.15.6", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/package-url/packageurl-python", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "packageurl-python", "summary": "A purl aka. Package URL parser and builder", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.15.6" }, { "SPDXID": "SPDXRef-Package-PyPI-ply-3.11", "checksums": [ { "algorithm": "SHA256", "checksumValue": "00c7c1aaa88358b9c765b6d3000c6eec0ba42abca5351b095321aef446081da3" } ], "copyrightText": "Copyright (c) 2001-2018 David M. Beazley (Dabeaz LLC)", "downloadLocation": "https://files.pythonhosted.org/packages/e5/69/882ee5c9d017149285cab114ebeab373308ef0f874fcdac9beb90e0ac4da/ply-3.11.tar.gz", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/ply@3.11", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "http://www.dabeaz.com/ply/", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-3-Clause", "name": "ply", "summary": "Python Lex & Yacc", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.11" }, { "SPDXID": "SPDXRef-Package-PyPI-prettytable-3.11.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "aa17083feb6c71da11a68b2c213b04675c4af4ce9c541762632ca3f2cb3546dd" } ], "copyrightText": "Copyright (c) 2009-2014 Luke Maurits ", "downloadLocation": "git+https://github.com/jazzband/prettytable.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/prettytable@3.11.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", "name": "prettytable", "summary": "A simple Python library for easily displaying tabular data in a visually appealing ASCII table format", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.11.0" }, { "SPDXID": "SPDXRef-Package-PyPI-pyparsing-3.1.4", "checksums": [ { "algorithm": "SHA256", "checksumValue": "f86ec8d1a83f11977c9a6ea7598e8c27fc5cddfa5b07ea2241edbbde1d7bc032" } ], "copyrightText": "Copyright 2008 Chris Lambrou\nCopyright 2002-2021, 2023-2024 Paul McGuire\nCopyright (c) 2003-2024 Paul McGuire\nCopyright 2004 by Alberto Santini", "downloadLocation": "https://files.pythonhosted.org/packages/83/08/13f3bce01b2061f2bbd582c9df82723de943784cf719a35ac886c652043a/pyparsing-3.1.4.tar.gz", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/pyparsing@3.1.4", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "pyparsing", "summary": "pyparsing module - Classes and methods to define and execute parsing grammars", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "3.1.4" }, { "SPDXID": "SPDXRef-Package-PyPI-pyyaml-6.0.2", "checksums": [ { "algorithm": "SHA256", "checksumValue": "3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85" } ], "copyrightText": "Copyright (c) 2017-2021 Ingy\nCopyright (c) 2006-2016 Kirill Simonov ", "downloadLocation": "git+https://github.com/yaml/pyyaml.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/pyyaml@6.0.2", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://pyyaml.org/", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "pyyaml", "summary": "YAML parser and emitter for Python", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "6.0.2" }, { "SPDXID": "SPDXRef-Package-PyPI-rdflib-7.0.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "0438920912a642c866a513de6fe8a0001bd86ef975057d6962c79ce4771687cd" } ], "copyrightText": "Copyright (c) 2004 Examples-R-Us\nCopyright 2010 Gunnar A. Grimnes\nCopyright (c) 2002-2023 RDFLib Team\ncopyright 2009-2023 RDFLib Team\ncopyright (c) 2001 W3C\nCopyright (c) World Wide Web Consortium, (Massachusetts Institute of Technology, European Research Consortium for Informatics and Mathematics, Keio University) and others\nCopyright 2007-2010 by the Sphinx team\nCopyright clause at ", "downloadLocation": "git+https://github.com/RDFLib/rdflib.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/rdflib@7.0.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/RDFLib/rdflib", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-3-Clause", "name": "rdflib", "summary": "RDFLib is a Python library for working with RDF, a simple yet powerful language for representing information.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "7.0.0" }, { "SPDXID": "SPDXRef-Package-PyPI-requests-2.32.3", "checksums": [ { "algorithm": "SHA256", "checksumValue": "70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6" } ], "copyrightText": "Copyright 2019 Kenneth Reitz\ncopyright MMXVIX. A https://kenreitz.org/projects'> Kenneth Reitz Project\ncopyright (c) 2012, 2017 by Kenneth Reitz", "downloadLocation": "git+https://github.com/psf/requests.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/requests@2.32.3", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://requests.readthedocs.io", "licenseConcluded": "NOASSERTION", "licenseDeclared": "Apache-2.0", "name": "requests", "summary": "Python HTTP for Humans.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "2.32.3" }, { "SPDXID": "SPDXRef-Package-PyPI-semantic-version-2.10.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "de78a3b8e0feda74cabc54aab2da702113e33ac9d9eb9d2389bcf1f58b7d9177" } ], "copyrightText": "copyright 2012-2019 The python-semanticversion project", "downloadLocation": "git+https://github.com/rbarrois/python-semanticversion.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/semantic-version@2.10.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/rbarrois/python-semanticversion", "licenseConcluded": "NOASSERTION", "licenseDeclared": "BSD-3-Clause", "name": "semantic-version", "summary": "A library implementing the 'SemVer' scheme.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "2.10.0" }, { "SPDXID": "SPDXRef-Package-PyPI-six-1.16.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" } ], "copyrightText": "Copyright (c) 2010-2020 Benjamin Peterson", "downloadLocation": "git+https://github.com/benjaminp/six.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/six@1.16.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/benjaminp/six", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "six", "summary": "Python 2 and 3 compatibility utilities", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "1.16.0" }, { "SPDXID": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "checksums": [ { "algorithm": "SHA256", "checksumValue": "aea4ac9c2c375e7f439b1cef5ff32ef34914c083de0f61e08ed67cd3d9deb2a9" } ], "copyrightText": "Copyright (c) 2014 Ahmed H. Ismail\ncopyright (c) 2000-2003 BEA Systems, PackageComment ModificationRecord\n(c) Chris Sainty (chris@sainty.com)\nCopyright (c) 1991 Free Software Foundation, Inc.\n(c) Copyright 2000-2009 Hewlett-Packard Development Company\nCopyright 2008-2010 John Smith The Regents of the University of California\nCopyright 2022-2023 SPDX Contributors\nCopyright 2010-2011 Source Auditor Inc. Open Logic Inc.\nCopyright 2001-2011 The Apache Software Foundation\nCopyright (c) 2020 Yash Varshney", "downloadLocation": "https://files.pythonhosted.org/packages/32/d8/a67445be5981469fdbaf7f765f53c920f699e7e512cc931b650a935c3199/spdx-tools-0.8.2.tar.gz", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/spdx-tools@0.8.2", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "Apache-2.0", "name": "spdx-tools", "summary": "SPDX parser and tools.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.8.2" }, { "SPDXID": "SPDXRef-Package-PyPI-uritools-4.0.3", "checksums": [ { "algorithm": "SHA256", "checksumValue": "bae297d090e69a0451130ffba6f2f1c9477244aa0a5543d66aed2d9f77d0dd9c" } ], "copyrightText": "Copyright (c) 2014-2024 Thomas Kemmer", "downloadLocation": "git+https://github.com/tkem/uritools.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/uritools@4.0.3", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/tkem/uritools/", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "uritools", "summary": "URI parsing, classification and composition", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "4.0.3" }, { "SPDXID": "SPDXRef-Package-PyPI-urllib3-2.2.2", "checksums": [ { "algorithm": "SHA256", "checksumValue": "a448b2f64d686155468037e1ace9f2d2199776e17f0a46610480d311f73e3472" } ], "copyrightText": "Copyright (c) 2008-2020 Andrey Petrov and contributors", "downloadLocation": "git+https://github.com/urllib3/urllib3.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/urllib3@2.2.2", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "urllib3", "summary": "HTTP library with thread-safe connection pooling, file post, and more.", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "2.2.2" }, { "SPDXID": "SPDXRef-Package-PyPI-validators-0.33.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "535867e9617f0100e676a1257ba1e206b9bfd847ddc171e4d44811f07ff0bfbf" } ], "copyrightText": "Copyright (c) 2013-2024 Konsta Vesterinen", "downloadLocation": "https://files.pythonhosted.org/packages/5d/af/5ad4fed95276e3eb7628d858c88cd205799bcad847e46223760a3129cbb1/validators-0.33.0.tar.gz", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/validators@0.33.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "NONE", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "validators", "summary": "# validators - Python Data Validation for Humans\u2122", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.33.0" }, { "SPDXID": "SPDXRef-Package-PyPI-wcwidth-0.2.13", "checksums": [ { "algorithm": "SHA256", "checksumValue": "3da69048e4540d84af32131829ff948f1e022c1c6bdb8d6102117aac784f6859" } ], "copyrightText": "Copyright (c) 2014 Jeff Quast ", "downloadLocation": "git+https://github.com/jquast/wcwidth.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/wcwidth@0.2.13", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/jquast/wcwidth", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "wcwidth", "summary": "Measures the displayed width of unicode strings in a terminal", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.2.13" }, { "SPDXID": "SPDXRef-Package-PyPI-xmltodict-0.13.0", "checksums": [ { "algorithm": "SHA256", "checksumValue": "aa89e8fd76320154a40d19a0df04a4695fb9dc5ba977cbb68ab3e4eb225e7852" } ], "copyrightText": "Copyright (c) 2012 Martin Blech and individual contributors", "downloadLocation": "git+https://github.com/martinblech/xmltodict.git", "externalRefs": [ { "referenceCategory": "PACKAGE_MANAGER", "referenceLocator": "pkg:pypi/xmltodict@0.13.0", "referenceType": "purl" } ], "filesAnalyzed": false, "homepage": "https://github.com/martinblech/xmltodict", "licenseConcluded": "NOASSERTION", "licenseDeclared": "MIT", "name": "xmltodict", "summary": "Makes working with XML feel like you are working with JSON", "supplier": "Organization: Pypi https://pypi.org/", "versionInfo": "0.13.0" } ], "relationships": [ { "spdxElementId": "SPDXRef-Package-PyPI-isodate-0.6.1", "relatedSpdxElement": "SPDXRef-Package-PyPI-six-1.16.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-license-expression-30.3.1", "relatedSpdxElement": "SPDXRef-Package-PyPI-boolean-py-4.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-ntia-conformance-checker-3.0.0", "relatedSpdxElement": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-prettytable-3.11.0", "relatedSpdxElement": "SPDXRef-Package-PyPI-wcwidth-0.2.13", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-rdflib-7.0.0", "relatedSpdxElement": "SPDXRef-Package-PyPI-isodate-0.6.1", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-rdflib-7.0.0", "relatedSpdxElement": "SPDXRef-Package-PyPI-pyparsing-3.1.4", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-requests-2.32.3", "relatedSpdxElement": "SPDXRef-Package-PyPI-certifi-2024.8.30", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-requests-2.32.3", "relatedSpdxElement": "SPDXRef-Package-PyPI-charset-normalizer-3.3.2", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-requests-2.32.3", "relatedSpdxElement": "SPDXRef-Package-PyPI-idna-3.8", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-requests-2.32.3", "relatedSpdxElement": "SPDXRef-Package-PyPI-urllib3-2.2.2", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-beartype-0.18.5", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-click-8.1.7", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-license-expression-30.3.1", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-ply-3.11", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-pyyaml-6.0.2", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-rdflib-7.0.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-semantic-version-2.10.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-uritools-4.0.3", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Package-PyPI-spdx-tools-0.8.2", "relatedSpdxElement": "SPDXRef-Package-PyPI-xmltodict-0.13.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relatedSpdxElement": "SPDXRef-Package-PyPI-ntia-conformance-checker-3.0.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relatedSpdxElement": "SPDXRef-Package-PyPI-packageurl-python-0.15.6", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relatedSpdxElement": "SPDXRef-Package-PyPI-prettytable-3.11.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relatedSpdxElement": "SPDXRef-Package-PyPI-requests-2.32.3", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relatedSpdxElement": "SPDXRef-Package-PyPI-validators-0.33.0", "relationshipType": "DEPENDS_ON" }, { "spdxElementId": "SPDXRef-DOCUMENT", "relatedSpdxElement": "SPDXRef-Project-PIP-openchain-telco-sbom-validator-with-requirements-requirements.txt-0.1.6", "relationshipType": "DESCRIBES" } ] }