Commit graph

7 commits

Author SHA1 Message Date
Christopher Angelo Phillips
5821351240
chore: Update syft v1.7.0 (#1945)
chore: update syft to v1.7.0
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-14 20:47:19 +00:00
Alex Goodman
24d5d4ffb2
Upgrade tool management (#1842)
* upgrade tool management

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update version file on release

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-09 16:25:00 -04:00
Alex Goodman
18241e8986
Upgrade syft to v0.91.0 (#1508)
* bump syft to main

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* upgdate cyclonedx presenter fixtures (bump from cdx 1.4 to 1.5)

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update cyclonedx schema

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* allow for pkg type exceptions for github actions and workflows

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update cyclonedx json schema from v1.4 to v1.5

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* bump to syft v0.91.0

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* upgrade go-setup action to v4

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* remove asset upload from release workflow

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-09-20 16:39:23 -04:00
Alex Goodman
ebd4643930
Port UI to bubbletea (#1385)
* initial port to bubbletea

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* remove jotframe UI

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add bubbletea component tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update main.go refs to cmd package

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* move goreleaser build dir to cmd

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* upgrade yardstick for grype source installs and fix post-ui tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* ensure stable severity map in UI component test

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add windows support for tui

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-07-13 17:13:48 +00:00
Christopher Angelo Phillips
a62a3a413e
feat: swap custom cyclone-dx model for cyclone-dx library (#1038)
grype currently produces CYCLONE-DX SBOM that are not compliant with the cyclone-dx tooling libraries. Rather than write the logic in two places, this PR moves grype to use syft's formatting functions as a library to produce valid CYCLONE-DX SBOM components along with the discovered vulnerabilities.

For more context on impacted issues:
https://github.com/anchore/grype/issues/796
https://github.com/anchore/grype/issues/951
2022-12-22 16:35:09 +00:00
Alex Goodman
d8aedf8117 use test config for schema validations
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-05-26 12:30:21 -04:00
Alfredo Deza
57d777cf04 tests: add cyclonedx schema check
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-09-21 11:17:51 -04:00