Dan Luhring
a82ae1f6c9
Skip signing for snapshot builds
...
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 09:12:46 -05:00
Dan Luhring
e93bf99d9d
Use snapshot build for pipeline CLI testing
...
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 08:58:02 -05:00
Dan Luhring
49b04f13eb
Add basic CLI tests for SBOM input
...
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 08:58:01 -05:00
Alfredo Deza
38e3405f0e
remove schema-validation checks
...
No longer required since it is always going to be one schema imported as
part of `db`
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2021-03-05 09:46:24 -05:00
Alex Goodman
627aa77842
remove CPE generation (rely on static CPES from syft instead)
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-11-20 06:43:45 -05:00
Dan Luhring
d7a323b0be
Add signed and notarized ZIP release asset
...
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-11 17:30:50 -05:00
Dan Luhring
5725f26c04
Resolve security warning for macOS users ( #194 )
...
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-05 08:50:58 -05:00
Alex Goodman
da614aa4ac
bump syft version (add package.json, rename bundler to ruby)
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-19 08:02:13 -04:00
Alex Goodman
86b0ae1ada
migrate to GHA pipeline ( #176 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-07 14:57:59 -04:00
Alex Goodman
3c35e562bf
exclude size labels from release changelog
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 23:30:15 -04:00
Alex Goodman
75e3638468
add changelog generation into the release process ( #167 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 16:59:00 -04:00
Alex Goodman
326afa3c41
Add OCI support + use URI schemes ( #160 )
...
* add oci support + update image schemes
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update to oci-dir
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump upstream stereoscope, testutils, and syft pins
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* fix malformed go.sum
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* pull in upstream syft json presenter updates
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 14:18:03 -04:00
Alex Goodman
f0f8f4bf02
add --fail-on threshold support ( #156 )
...
* add --fail-on threshold support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* rename fail-on support functions and variables
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* remove UK spelling of canceled
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-21 17:12:21 -04:00
Alfredo Deza
57d777cf04
tests: add cyclonedx schema check
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-09-21 11:17:51 -04:00
Alex Goodman
89a6201555
Disable prerelease version update check ( #118 )
...
* disable prerelease version update check
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* use prerelease flag as source of truth for user notifications
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-11 09:54:09 -04:00
Alex Goodman
56b9576a19
Add inline-comparison as acceptance test ( #106 )
...
* add inline-compare as acceptance tests
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* improve RPM matching with source indirection matching
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add comments to compare-* make targets
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* clean inline-compare image test names
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump syft version to get rpm field enhancements
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-10 11:03:48 -04:00
Alex Goodman
009dcb1a46
Ignore prerelease versions on release + add DB update URL ( #76 )
...
* ignore prerelease versions when uploading version file on release
* add db update url
2020-07-30 12:37:49 -04:00
Alex Goodman
e1b4ea5fda
add schema validation & fix schema status logic
2020-07-29 21:11:05 -04:00
Alex Goodman
8d84dfeb65
finalize update check URL
2020-07-27 15:13:10 -04:00
Alex Goodman
94636feffa
add bin name to makefile for version upload
2020-07-27 10:02:36 -04:00
Alex Goodman
c0dff6c0d2
upload version check file on release
2020-07-27 09:37:16 -04:00
Alex Goodman
959fa89cad
bump bouncer version
2020-07-25 16:55:13 -04:00
Alex Goodman
0faf81320d
rollup static analysis to make target
2020-07-25 16:41:59 -04:00
Alex Goodman
4220fc60a7
Add default table presenter ( #59 )
...
* add default table presenter
* compress table output
* fix table presenter found-by to use only search key
2020-07-25 11:38:08 -04:00
Alex Goodman
2835ccb23f
add snapshot check & enable release publishing
2020-07-25 11:08:54 -04:00
Alex Goodman
c5867b32ea
show verbose test output to prevent circleci kills
2020-07-23 21:47:23 -04:00
Alex Goodman
6340b2da3a
add release pipeline & replace imgbom with syft ( #60 )
2020-07-23 21:26:03 -04:00
Alex Goodman
c8bca755ff
Add integration tests ( #54 )
...
* add integration tests + add matcher types
* tweak db auto update var; rm dead cache cmd
* Update cmd/root.go
Co-authored-by: Alfredo Deza <adeza@anchore.com>
Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-21 12:34:39 -04:00
Alfredo Deza
83401f7fc3
tests: make the results dir if it doesn't exist
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-07-17 13:58:07 -04:00
Alex Goodman
12aeee3b92
add java matcher ( #44 )
2020-07-15 07:17:21 -04:00
Alex Goodman
d585ebe6c1
add comparitive analysis ( #46 )
2020-07-13 13:55:39 -04:00
Alex Goodman
16f7579520
add license validation
2020-07-13 13:42:21 -04:00
Alex Goodman
765d5dfb5b
add rpm version + constraint, rpmdb matching; refactor dpkg constraint
2020-07-07 09:22:14 -04:00
Alex Goodman
b2151d080a
add coverage + makefile improvements
2020-07-06 07:26:24 -04:00
Alex Goodman
92cf98ab12
sync vulnscan db changes
2020-06-28 07:22:27 -04:00
Alex Goodman
9c70953dfb
add curation of db file
2020-06-19 10:57:06 -04:00
Alex Goodman
a3d1451833
add basic pipeline
2020-06-15 15:01:16 -04:00
Alex Goodman
3c6ae01619
initial project structure
2020-05-26 10:41:23 -04:00