anchore-actions-token-generator[bot]
59b3eedff5
chore(deps): update tools to latest versions ( #2015 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-07-29 10:03:14 -04:00
dependabot[bot]
16a7e4d423
chore(deps): bump github/codeql-action from 3.25.13 to 3.25.14 ( #2010 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.13 to 3.25.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d790406f5...5cf07d8b70
2024-07-25 16:09:14 +00:00
Alex Goodman
1d38cea896
disable ui before run function on db status ( #2008 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-07-25 11:55:30 -04:00
dependabot[bot]
3af8d1e46e
chore(deps): bump github.com/docker/docker ( #2007 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 27.1.0+incompatible to 27.1.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v27.1.0...v27.1.1 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-24 16:08:59 -04:00
anchore-actions-token-generator[bot]
e07546ec86
chore(deps): update tools to latest versions ( #2003 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-07-23 10:17:04 -04:00
dependabot[bot]
1f0bcc0d96
chore(deps): bump github.com/docker/docker ( #2000 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 27.0.3+incompatible to 27.1.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v27.0.3...v27.1.0 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-22 08:43:47 -07:00
dependabot[bot]
387164964a
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.4 to 0.5.5 ( #2001 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.4...v0.5.5 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-22 08:43:34 -07:00
dependabot[bot]
fb16d0e4b5
chore(deps): bump docker/login-action from 3.2.0 to 3.3.0 ( #2002 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](0d4c9c5ea7...9780b0c442
2024-07-22 08:43:02 -07:00
dependabot[bot]
b68cd230b1
chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 ( #1999 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.12 to 3.25.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4fa2a79536...2d790406f5
2024-07-22 09:37:39 -04:00
William Murphy
96c890f92e
chore: request artifact in issue template ( #1996 )
...
* chore: request artifact in issue template
Signed-off-by: Will Murphy <will.murphy@anchore.com>
* Apply suggestions from code review
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: William Murphy <willmurphyscode@users.noreply.github.com>
* Update .github/ISSUE_TEMPLATE/bug_report.md
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: William Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <will.murphy@anchore.com>
Signed-off-by: William Murphy <willmurphyscode@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-07-18 21:17:06 +00:00
anchore-actions-token-generator[bot]
98fdea4331
chore(deps): update tools to latest versions ( #1998 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-07-18 08:22:02 -07:00
Alan Pope
10e9f4317e
docs: CODE_OF_CONDUCT.md ( #1994 )
...
This PR adds a code of conduct document to the repo, as agreed at our recent OSS team catch up.
Signed-off-by: Alan Pope <alan@popey.com>
2024-07-17 14:33:25 -07:00
dependabot[bot]
be6364fb5e
chore(deps): bump github.com/google/go-containerregistry ( #1997 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.0...v0.20.1 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-17 11:24:21 -07:00
dependabot[bot]
d73d5d505f
chore(deps): bump anchore/sbom-action from 0.16.1 to 0.17.0 ( #1992 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](95b086ac30...d94f46e13c
2024-07-16 20:15:48 -04:00
anchore-actions-token-generator[bot]
08e9b7da44
chore(deps): update tools to latest versions ( #1989 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-07-15 09:08:44 -04:00
dependabot[bot]
c3ce991952
chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 ( #1990 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...4fa2a79536
2024-07-15 09:08:19 -04:00
dependabot[bot]
8f180cd5e5
chore(deps): bump github.com/charmbracelet/lipgloss ( #1991 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.11.1 to 0.12.1.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Changelog](https://github.com/charmbracelet/lipgloss/blob/master/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.11.1...v0.12.1 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-15 09:08:05 -04:00
dependabot[bot]
45b7236e94
chore(deps): bump gorm.io/gorm from 1.25.10 to 1.25.11 ( #1985 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.25.10 to 1.25.11.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.10...v1.25.11 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-11 14:39:52 -04:00
dependabot[bot]
cece530ade
chore(deps): bump anchore/sbom-action from 0.16.0 to 0.16.1 ( #1981 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.16.0 to 0.16.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](e8d2a6937e...95b086ac30
2024-07-11 11:19:01 -07:00
dependabot[bot]
8fd3a21eea
chore(deps): bump actions/setup-go from 5.0.1 to 5.0.2 ( #1982 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](cdcb360436...0a12ed9d6a
2024-07-11 11:18:49 -07:00
anchore-actions-token-generator[bot]
9209b10577
chore(deps): update Syft to v1.9.0 ( #1986 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2024-07-11 18:05:17 +00:00
Weston Steimel
ef37603751
fix: correct cpe target software comparison to syft language ( #1658 )
...
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
2024-07-11 16:08:05 +01:00
dependabot[bot]
7acac8caba
chore(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 ( #1977 )
2024-07-05 12:45:07 -04:00
Christopher Angelo Phillips
8ea95c422c
docs: update readme with new default format ( #1974 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-07-02 15:27:40 +00:00
dependabot[bot]
1ab36b4708
chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 ( #1968 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.10 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](23acc5c183...b611370bb5
2024-07-02 07:42:38 -07:00
anchore-actions-token-generator[bot]
ba13a1a92d
chore(deps): update tools to latest versions ( #1969 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-07-02 07:42:21 -07:00
anchore-actions-token-generator[bot]
5d9415df9e
test: update quality gate db to latest version ( #1972 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-07-02 07:41:09 -07:00
Christopher Angelo Phillips
c7f02e03b8
chore: pin new sign installer to commit sha ( #1966 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-26 20:13:03 +00:00
dependabot[bot]
58360eaaed
chore(deps): bump github.com/charmbracelet/bubbletea ( #1963 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.5 to 0.26.6.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/master/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.5...v0.26.6 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 10:05:21 -07:00
anchore-actions-token-generator[bot]
0ea91e3fac
chore(deps): update tools to latest versions ( #1962 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-06-25 07:53:23 -07:00
Christopher Angelo Phillips
84cbf10b9c
chore: add workflow to update quality test db ( #1961 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-25 10:38:37 -04:00
dependabot[bot]
cbd6346527
chore(deps): bump github.com/anchore/syft from 1.7.0 to 1.8.0 ( #1957 )
...
Bumps [github.com/anchore/syft](https://github.com/anchore/syft ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/anchore/syft/releases )
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/anchore/syft/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/anchore/syft
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 11:28:52 -07:00
dependabot[bot]
6fa82d641b
chore(deps): bump github.com/go-test/deep from 1.1.0 to 1.1.1 ( #1958 )
...
Bumps [github.com/go-test/deep](https://github.com/go-test/deep ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/go-test/deep/releases )
- [Changelog](https://github.com/go-test/deep/blob/master/CHANGES.md )
- [Commits](https://github.com/go-test/deep/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: github.com/go-test/deep
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 11:28:45 -07:00
dependabot[bot]
d95c6612ba
chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 ( #1959 )
...
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-24 10:48:58 -07:00
Christopher Angelo Phillips
5e454d8240
chore: update test_db_url; remove white space ( #1960 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-24 16:54:26 +00:00
dependabot[bot]
368fd73fc2
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 ( #1954 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.5 to 6.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](6d6857d369...c5a7806660
2024-06-21 08:52:29 -07:00
dependabot[bot]
850f678bd6
chore(deps): bump github.com/charmbracelet/bubbletea ( #1955 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.4 to 0.26.5.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/master/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.4...v0.26.5 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-21 08:52:21 -07:00
Weston Steimel
b06db508b7
chore: enable dependabot to keep boostrap action updated ( #1953 )
...
Signed-off-by: Weston Steimel <commits@weston.slmail.me>
2024-06-19 20:16:50 +01:00
Dan Luhring
cb18897492
fix: use location RealPath not String() ( #1950 )
2024-06-18 06:05:32 -04:00
Christopher Angelo Phillips
239741f535
chore: update CI to install golang at latest version ( #1949 )
...
chore: update CI to install golang at latest version (#1949 )
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-17 12:16:24 -07:00
dependabot[bot]
4c6f9bab0d
chore(deps): bump github.com/google/go-containerregistry ( #1948 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 09:29:09 -07:00
dependabot[bot]
82a442682a
chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 ( #1947 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 09:28:19 -07:00
Christopher Angelo Phillips
5821351240
chore: Update syft v1.7.0 ( #1945 )
...
chore: update syft to v1.7.0
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-06-14 20:47:19 +00:00
dependabot[bot]
587a844473
chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 ( #1940 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.8 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...23acc5c183
2024-06-14 12:57:39 -07:00
anchore-actions-token-generator[bot]
0bec3e9444
chore(deps): update tools to latest versions ( #1943 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-06-14 12:57:28 -07:00
Dan Luhring
f599a66257
fix match sort ordering for different locations ( #1944 )
...
* introduce failing test: inconsistent location sorting
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
* fix: inconsistent matches sort ordering
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
---------
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2024-06-14 14:02:12 -04:00
dependabot[bot]
f994fe68b3
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 ( #1941 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
2024-06-13 14:16:02 -07:00
Joshua Cooper
9c98ac80ab
Updating maven URLs in README.md ( #1934 )
2024-06-12 17:34:00 +00:00
Alex Goodman
97edf42c26
sort order for matches should consider fix info ( #1933 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-12 15:48:23 +00:00
anchore-actions-token-generator[bot]
9d28137f78
chore(deps): update tools to latest versions ( #1925 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-06-11 10:01:30 -04:00
