Commit graph

254 commits

Author SHA1 Message Date
dependabot[bot]
7f71f7f849
chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#1336)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 12:50:01 -04:00
dependabot[bot]
7c681d5059
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1324)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-30 12:42:46 -04:00
dependabot[bot]
8fbcb42619
chore(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#1323)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-30 12:13:39 -04:00
dependabot[bot]
2d1dcd72dc
chore(deps): bump github.com/docker/docker (#1320)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.1+incompatible to 24.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.1...v24.0.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-26 12:39:51 -04:00
Christopher Angelo Phillips
0f71006f62
chore: update gomod with latest syft (#1313)
* chore: update go mod with latest syft

---------

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-05-23 13:57:53 -04:00
dependabot[bot]
3b80916c23
chore(deps): bump github.com/docker/docker (#1311)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.0+incompatible to 24.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.0...v24.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-23 13:42:03 -04:00
Alex Goodman
852a208417
bump syft to pre-release of v0.81.0 (#1310)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-05-22 14:17:34 +00:00
dependabot[bot]
1a3b92a3f1
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1309)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 09:13:30 -04:00
dependabot[bot]
e7fa9d6d50
chore(deps): bump github.com/docker/docker (#1304)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.6+incompatible to 24.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.6...v24.0.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-19 11:41:10 -04:00
dependabot[bot]
f15b1fa1f8
chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#1307)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.2)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-19 11:40:38 -04:00
dependabot[bot]
a153b3047b
chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#1289) 2023-05-17 13:45:58 +00:00
dependabot[bot]
e4b756eb34
chore(deps): bump github.com/docker/distribution (#1290) 2023-05-17 13:45:39 +00:00
dependabot[bot]
75e7ef43cd
chore(deps): bump github.com/docker/docker (#1280) 2023-05-08 17:07:59 +00:00
anchore-actions-token-generator[bot]
f9df952a2d
chore(deps): update Syft to v0.80.0 (#1276) 2023-05-07 13:57:12 -04:00
dependabot[bot]
eb337bf45e
chore(deps): bump golang.org/x/term from 0.7.0 to 0.8.0 (#1268) 2023-05-05 15:43:13 +00:00
dependabot[bot]
74a5d6d4fc
chore(deps): bump github.com/docker/docker (#1257) 2023-05-02 20:34:19 +00:00
Christopher Angelo Phillips
3caabc8711
chore: bump syft to latest version v0.79.0 (#1250)
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-04-21 12:58:02 -04:00
anchore-actions-token-generator[bot]
b9fa68e3a9
chore(deps): update Syft to v0.78.0 (#1242)
* chore(deps): update Syft to v0.78.0

Signed-off-by: GitHub <noreply@github.com>

* fix test location references and package types

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2023-04-19 17:38:06 +00:00
dependabot[bot]
0bc86761f2
chore(deps): bump github.com/docker/docker (#1241)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.3+incompatible to 23.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.3...v23.0.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-18 12:57:38 -04:00
dependabot[bot]
1f51229e17
chore(deps): bump github.com/docker/docker (#1218)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.2+incompatible to 23.0.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.2...v23.0.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-12 10:55:21 -04:00
dependabot[bot]
2e8a63dba6
chore(deps): bump golang.org/x/term from 0.6.0 to 0.7.0 (#1217)
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/term/releases)
- [Commits](https://github.com/golang/term/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05 19:05:38 -04:00
dependabot[bot]
cecad5c9c4
chore(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 (#1216)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.6.1...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-04 14:32:16 -04:00
dependabot[bot]
d8c0c0805b
chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1-0.20221222100750-41a1ac565cce to 0.7.1 (#1213)
* chore(deps): bump github.com/CycloneDX/cyclonedx-go

Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.7.1-0.20221222100750-41a1ac565cce to 0.7.1.
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml)
- [Commits](https://github.com/CycloneDX/cyclonedx-go/commits/v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: update test fixtures

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-04-04 14:41:03 +00:00
dependabot[bot]
0b306fae25
chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#1212)
Bumps google.golang.org/protobuf from 1.29.0 to 1.29.1.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 14:36:40 -04:00
dependabot[bot]
147f5cf92f
chore(deps): bump github.com/anchore/syft from 0.75.0 to 0.76.0 (#1207)
* chore(deps): bump github.com/anchore/syft from 0.75.0 to 0.76.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.75.0 to 0.76.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/anchore/syft/compare/v0.75.0...v0.76.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: update ParseInput signature with new syft version

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

* fix: update integration tests

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-04-03 10:48:33 -04:00
dependabot[bot]
7614621b1d
chore(deps): bump github.com/docker/docker (#1201)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.1+incompatible to 23.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.1...v23.0.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-29 09:59:00 -04:00
dependabot[bot]
b3eff0c2d8
chore(deps): bump github.com/gookit/color from 1.5.2 to 1.5.3 (#1192) 2023-03-24 07:49:36 -04:00
dependabot[bot]
6716ca5e24
chore(deps): bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1 (#1181) 2023-03-21 09:51:55 -04:00
anchore-actions-token-generator[bot]
6da09d4fda
Update Syft to v0.75.0 (#1177)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-03-14 08:47:20 +00:00
dependabot[bot]
3a4d01b59c
chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.1 to 1.4.2 (#1166)
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-09 15:06:26 +00:00
anchore-actions-token-generator[bot]
2bc4c35142
Update Syft to v0.74.1 (#1168)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-03-09 14:37:02 +00:00
dependabot[bot]
8076863582
chore(deps): bump gorm.io/gorm from 1.23.5 to 1.23.10 (#1157)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.23.5 to 1.23.10.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.23.5...v1.23.10)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-03 12:26:49 -05:00
anchore-actions-token-generator[bot]
04a55885ee
chore: Update Syft to v0.74.0 (#1151) 2023-03-02 12:22:46 -05:00
Keith Zantow
bdcefd2554
chore: update progress monitor handling (#1149) 2023-03-01 16:47:01 -05:00
anchore-actions-token-generator[bot]
d1352ce843
Update Syft to v0.73.0 (#1140)
* Update Syft to v0.73.0

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-02-27 21:12:37 +00:00
dependabot[bot]
7ec450d413
chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#1144)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 12:25:04 -05:00
dependabot[bot]
c65ef466a9
chore(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.4 (#1141)
Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.9.3 to 1.9.4.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](https://github.com/spf13/afero/compare/v1.9.3...v1.9.4)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-24 15:10:36 -05:00
dependabot[bot]
0051d0e6d0
chore(deps): bump github.com/hashicorp/go-getter from 1.6.2 to 1.7.0 (#1134)
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.6.2 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.6.2...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Resolves reporting of CVE-2023-0475

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-20 09:59:19 +00:00
anchore-actions-token-generator[bot]
50a5c33247
Update Syft to v0.72.0 (#1136)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
2023-02-16 11:57:45 -05:00
dependabot[bot]
47ab7f55d3
chore(deps): bump github.com/docker/docker (#1128)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.0+incompatible to 23.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.0...v23.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-10 11:24:40 -05:00
anchore-actions-token-generator[bot]
29eeb69bc9
Update Syft to v0.71.0 (#1126) 2023-02-10 10:14:01 -05:00
dependabot[bot]
562a8d1776
chore(deps): bump golang.org/x/term from 0.4.0 to 0.5.0 (#1123)
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/term/releases)
- [Commits](https://github.com/golang/term/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 11:56:58 -05:00
anchore-actions-token-generator[bot]
f7f1ae8344
Update Syft to v0.70.0 (#1117)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-02-06 09:24:15 -05:00
dependabot[bot]
94b2ba8eef
chore(deps): bump github.com/docker/docker (#1114)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.23+incompatible to 23.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v20.10.23...v23.0.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-02 12:18:57 -05:00
anchore-actions-token-generator[bot]
1cd4ef1108
Update Syft to v0.69.1 (#1111)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-02-01 08:28:50 +00:00
Christopher Angelo Phillips
788ed965ec
chore: prune cosign dependency for grype builds (#1100)
* feat: segment cosign dependency for grype builds for faster build times

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-01-31 11:42:40 -05:00
anchore-actions-token-generator[bot]
46a1955484
Update Syft to v0.69.0 (#1109) 2023-01-31 09:26:26 -05:00
dependabot[bot]
73577eb430
chore(deps): bump github.com/hashicorp/go-getter from 1.6.1 to 1.6.2 (#1087)
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.6.1 to 1.6.2.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.6.1...v1.6.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-26 13:07:24 -05:00
anchore-actions-token-generator[bot]
c01ee9b2c7
Update Syft to v0.68.1 (#1086)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-01-26 10:07:49 +00:00
dependabot[bot]
46a3c17e11
chore(deps): bump github.com/sigstore/sigstore from 1.4.4 to 1.5.1 (#1081)
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.4.4 to 1.5.1.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.4.4...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-25 14:42:48 -05:00