Update grype bootstrap tools to latest versions. (#886)

* Update grype bootstrap tools to latest versions.

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>

Makefile

@@ -34,10 +34,10 @@ OS=$(shell uname | tr '[:upper:]' '[:lower:]')
 SYFT_VERSION=$(shell go list -m all | grep github.com/anchore/syft | awk '{print $$2}')
 SNAPSHOT_BIN=$(shell realpath $(shell pwd)/$(SNAPSHOTDIR)/$(OS)-build_$(OS)_amd64_v1/$(BIN))
 
-GOLANGCILINT_VERSION = v1.47.2
+GOLANGCILINT_VERSION = v1.48.0
 BOUNCER_VERSION = v0.4.0
-CHRONICLE_VERSION = v0.3.0
-GOSIMPORTS_VERSION = v0.1.5
+CHRONICLE_VERSION = v0.4.1
+GOSIMPORTS_VERSION = v0.3.0
 YAJSV_VERSION = v1.4.0
 GORELEASER_VERSION = v1.10.3
 

cmd/root.go

@@ -269,7 +269,7 @@ func isVerbose() (result bool) {
 	return appConfig.CliOptions.Verbosity > 0 || isPipedInput
 }
 
-// nolint:funlen
+//nolint:funlen
 func startWorker(userInput string, failOnSeverity *vulnerability.Severity) <-chan error {
 	errs := make(chan error)
 	go func() {

grype/db/v3/store/store.go

@@ -144,8 +144,9 @@ func (s *store) GetVulnerabilityMetadata(id, namespace string) (*v3.Vulnerabilit
 	return nil, nil
 }
 
-// nolint:gocognit
 // AddVulnerabilityMetadata stores one or more vulnerability metadata models into the sqlite DB.
+//
+//nolint:gocognit
 func (s *store) AddVulnerabilityMetadata(metadata ...v3.VulnerabilityMetadata) error {
 	for _, m := range metadata {
 		existing, err := s.GetVulnerabilityMetadata(m.ID, m.Namespace)

grype/db/v4/store/store.go

@@ -154,8 +154,9 @@ func (s *store) GetVulnerabilityMetadata(id, namespace string) (*v4.Vulnerabilit
 	return nil, nil
 }
 
-// nolint:gocognit
 // AddVulnerabilityMetadata stores one or more vulnerability metadata models into the sqlite DB.
+//
+//nolint:gocognit
 func (s *store) AddVulnerabilityMetadata(metadata ...v4.VulnerabilityMetadata) error {
 	for _, m := range metadata {
 		existing, err := s.GetVulnerabilityMetadata(m.ID, m.Namespace)

grype/matcher/rpmdb/matcher.go

@@ -23,7 +23,7 @@ func (m *Matcher) Type() match.MatcherType {
 	return match.RpmDBMatcher
 }
 
-// nolint:funlen
+//nolint:funlen
 func (m *Matcher) Match(store vulnerability.Provider, d *distro.Distro, p pkg.Package) ([]match.Match, error) {
 	matches := make([]match.Match, 0)
 

grype/pkg/package.go

@@ -13,10 +13,11 @@ import (
 
 // the source-rpm field has something akin to "util-linux-ng-2.17.2-12.28.el6_9.2.src.rpm"
 // in which case the pattern will extract out the following values for the named capture groups:
-//		name = "util-linux-ng"
-//		version = "2.17.2" (or, if there's an epoch, we'd expect a value like "4:2.17.2")
-//		release = "12.28.el6_9.2"
-//		arch = "src"
+//
+//	name = "util-linux-ng"
+//	version = "2.17.2" (or, if there's an epoch, we'd expect a value like "4:2.17.2")
+//	release = "12.28.el6_9.2"
+//	arch = "src"
 var rpmPackageNamePattern = regexp.MustCompile(`^(?P<name>.*)-(?P<version>.*)-(?P<release>.*)\.(?P<arch>[a-zA-Z][^.]+)(\.rpm)$`)
 
 // ID represents a unique value for each package added to a package catalog.

grype/presenter/table/presenter.go

@@ -98,7 +98,7 @@ func (pres *Presenter) Present(output io.Writer) error {
 
 func removeDuplicateRows(items [][]string) [][]string {
 	seen := map[string][]string{}
-	// nolint:prealloc
+	//nolint:prealloc
 	var result [][]string
 
 	for _, v := range items {

grype/version/fuzzy_version.go

@@ -9,7 +9,7 @@ type fuzzyVersion struct {
 	raw    string
 }
 
-// nolint:unparam
+//nolint:unparam
 func newFuzzyVersion(raw string) (fuzzyVersion, error) {
 	var semVer *semanticVersion
 

grype/version/portage_version.go

@@ -44,7 +44,7 @@ var (
 	suffixValue   = map[string]int{"pre": -2, "p": 0, "alpha": -4, "beta": -3, "rc": -1}
 )
 
-// nolint:funlen,gocognit
+//nolint:funlen,gocognit
 func comparePortageVersions(a, b string) int {
 	match1 := versionRegexp.FindStringSubmatch(a)
 	match2 := versionRegexp.FindStringSubmatch(b)

grype/version/rpm_version.go

@@ -141,7 +141,7 @@ func (v rpmVersion) String() string {
 // https://github.com/rpm-software-management/rpm/blob/master/lib/rpmvercmp.c#L16
 var alphanumPattern = regexp.MustCompile("([a-zA-Z]+)|([0-9]+)|(~)")
 
-// nolint:funlen,gocognit
+//nolint:funlen,gocognit
 func compareRpmVersions(a, b string) int {
 	// shortcut for equality
 	if a == b {

grype/vulnerability/metadata.go

@@ -43,7 +43,7 @@ func NewMetadata(m *grypeDB.VulnerabilityMetadata) (*Metadata, error) {
 }
 
 func NewCvss(m []grypeDB.Cvss) []Cvss {
-	// nolint:prealloc
+	//nolint:prealloc
 	var cvss []Cvss
 	for _, score := range m {
 		cvss = append(cvss, Cvss{

internal/config/registry.go

@@ -30,7 +30,7 @@ func (cfg registry) loadDefaultValues(v *viper.Viper) {
 	v.SetDefault("registry.auth", []RegistryCredentials{})
 }
 
-// nolint:unparam
+//nolint:unparam
 func (cfg *registry) parseConfigValues() error {
 	// there may be additional credentials provided by env var that should be appended to the set of credentials
 	authority, username, password, token :=

ui/event_handlers.go

@@ -92,7 +92,7 @@ func (r *Handler) UpdateVulnerabilityDatabaseHandler(ctx context.Context, fr *fr
 	return err
 }
 
-// nolint: dupl
+//nolint:dupl
 func (r *Handler) VulnerabilityScanningStartedHandler(ctx context.Context, fr *frame.Frame, event partybus.Event, wg *sync.WaitGroup) error {
 	monitor, err := grypeEventParsers.ParseVulnerabilityScanningStarted(event)
 	if err != nil {
@@ -169,7 +169,7 @@ func (r *Handler) SkippedAttestationVerification(ctx context.Context, fr *frame.
 	return nil
 }
 
-// nolint: dupl
+//nolint:dupl
 func (r *Handler) DatabaseDiffingStartedHandler(ctx context.Context, fr *frame.Frame, event partybus.Event, wg *sync.WaitGroup) error {
 	monitor, err := grypeEventParsers.ParseDatabaseDiffingStarted(event)
 	if err != nil {