dependabot[bot]
7dc95ebceb
chore(deps): bump github.com/charmbracelet/bubbletea ( #1902 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.3 to 0.26.4.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.3...v0.26.4 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 14:05:25 -04:00
Avtar Gill
0baa116159
fix: add note about TMPDIR env var ( #1880 )
...
Signed-off-by: Avtar Gill <avtargill@gmail.com>
2024-05-31 10:19:42 -04:00
Keith Zantow
31b0fcd390
fix: uppercased package in json ( #1900 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-05-30 17:37:09 -04:00
Dan Luhring
316c0e9a11
fix: main mod pseudo version default off ( #1894 )
...
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2024-05-30 13:59:00 -04:00
anchore-actions-token-generator[bot]
46865680f5
chore(deps): update tools to latest versions ( #1898 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-30 11:43:52 -04:00
Alex Goodman
b13315fa72
update syft to v1.5.0 ( #1897 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-28 13:37:10 -04:00
dependabot[bot]
238caa4a82
chore(deps): bump docker/login-action from 3.1.0 to 3.2.0 ( #1896 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](e92390c5fb...0d4c9c5ea7
2024-05-28 12:29:48 -04:00
Alex Goodman
621eeddcce
Update syft to 1.4.2-0.20240528141306-ac34808b9c55 ( #1895 )
...
* update to latest syft
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests related to syft bump
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-28 15:06:16 +00:00
dependabot[bot]
8b7cf8f5e2
chore(deps): bump github.com/charmbracelet/lipgloss ( #1888 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 14:26:23 +00:00
dependabot[bot]
51bd0be67b
chore(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 ( #1887 )
...
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-version/releases )
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/go-version/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 10:03:28 -04:00
anchore-actions-token-generator[bot]
336952b36e
chore(deps): update tools to latest versions ( #1891 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-28 10:03:05 -04:00
dependabot[bot]
ecd9afa8e7
chore(deps): bump github.com/charmbracelet/bubbletea ( #1890 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.2 to 0.26.3.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.2...v0.26.3 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 10:02:52 -04:00
dependabot[bot]
cea7a404d6
chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 ( #1889 )
...
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype ) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases )
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.3...v1.4.4 )
---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-24 14:28:56 -04:00
anchore-actions-token-generator[bot]
e097691d7f
chore(deps): update tools to latest versions ( #1883 )
2024-05-24 09:33:42 -04:00
Keith Zantow
d4b6cd60a6
feat: add config command ( #1876 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-05-23 15:18:37 -04:00
Alex Goodman
2b1ca9b07f
disable TUI for simpler commands ( #1872 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-21 15:17:33 +00:00
dependabot[bot]
834793100e
chore(deps): bump github.com/docker/docker ( #1867 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 26.1.2+incompatible to 26.1.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.1.2...v26.1.3 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 13:38:54 -04:00
dependabot[bot]
1e6811b7cb
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 ( #1868 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
2024-05-20 13:38:30 -04:00
anchore-actions-token-generator[bot]
b7a51d669c
chore(deps): update tools to latest versions ( #1864 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-20 11:59:56 -04:00
dependabot[bot]
0117d566a9
chore(deps): bump github/codeql-action from 2.13.4 to 3.25.6 ( #1870 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.13.4 to 3.25.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](cdcdbb5797...9fdb3e4972
2024-05-20 11:59:06 -04:00
dependabot[bot]
cefc896a4f
chore(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 ( #1871 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.11 to 0.16.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](7ccf588e3c...e8d2a6937e
2024-05-20 11:58:39 -04:00
anchore-actions-token-generator[bot]
0ff0d99a50
chore(deps): update tools to latest versions ( #1862 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-14 11:27:55 -04:00
Christopher Angelo Phillips
bfac9dafed
chore: add top level permissions to new workflow ( #1860 )
...
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-05-13 13:35:37 -04:00
anchore-actions-token-generator[bot]
d7bf327d3c
chore(deps): update tools to latest versions ( #1856 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-13 12:29:07 -04:00
dependabot[bot]
7ccaaf6904
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 ( #1858 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.4...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 12:28:42 -04:00
dependabot[bot]
38ccf16049
chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 ( #1859 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...dc50aa9510
2024-05-13 12:28:33 -04:00
William Murphy
5ac483a3bc
fix: ask catalog for package rather than type asserting ( #1857 )
...
This fixes a class of false positive where removing language packages that are
owned by OS packages would incorrectly fail due to a buggy type assertion.
---------
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-05-10 15:20:24 +00:00
Alex Goodman
24d5d4ffb2
Upgrade tool management ( #1842 )
...
* upgrade tool management
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update version file on release
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-09 16:25:00 -04:00
anchore-actions-token-generator[bot]
e0c2b90da0
chore(deps): update Syft to v1.4.0 ( #1855 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-05-09 20:15:15 +00:00
anchore-actions-token-generator[bot]
39e9843d47
chore(deps): update bootstrap tools to latest versions ( #1852 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-09 12:04:53 -04:00
dependabot[bot]
f66a7f0f64
chore(deps): bump github.com/charmbracelet/bubbletea ( #1853 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 12:04:30 -04:00
dependabot[bot]
f396a579f6
chore(deps): bump github.com/docker/docker ( #1854 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 26.1.1+incompatible to 26.1.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 12:04:21 -04:00
dependabot[bot]
6b8f0f5eaa
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 ( #1847 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-07 13:25:45 -04:00
Arvind Somya
88b6139c69
Revert "feat: modify metadata structure for providers' pull date ( #1795 )" ( #1846 )
...
This reverts commit 4584423321
2024-05-06 15:39:40 -04:00
dependabot[bot]
c6bbb6ba2c
chore(deps): bump github.com/charmbracelet/bubbletea ( #1844 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.0...v0.26.1 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-06 11:45:18 -04:00
anchore-actions-token-generator[bot]
6700983fe8
chore(deps): update bootstrap tools to latest versions ( #1845 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-06 11:45:09 -04:00
dependabot[bot]
61c962f856
chore(deps): bump actions/setup-go from 5.0.0 to 5.0.1 ( #1840 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0c52d547c9...cdcb360436
2024-05-02 14:13:22 -04:00
dependabot[bot]
216ebc4f11
chore(deps): bump github.com/charmbracelet/bubbletea ( #1841 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.25.0 to 0.26.0.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.25.0...v0.26.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 14:11:55 -04:00
dependabot[bot]
be167e8d72
chore(deps): bump github.com/docker/docker ( #1839 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 26.1.0+incompatible to 26.1.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v26.1.0...v26.1.1 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-01 12:38:31 -04:00
Keith Zantow
bd16101ad0
fix: update ignored vulnerability count in tui ( #1837 )
2024-05-01 11:46:50 -04:00
Keith Zantow
6b9ea217f3
fix: update sarif to pass microsoft validator ( #1838 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-04-30 14:45:48 -04:00
dependabot[bot]
8210bf2613
chore(deps): bump anchore/sbom-action from 0.15.10 to 0.15.11 ( #1835 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.10 to 0.15.11.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](ab5d7b5f48...7ccf588e3c
2024-04-29 13:13:03 -04:00
dependabot[bot]
11fe1a5bb2
chore(deps): bump gorm.io/gorm from 1.25.9 to 1.25.10 ( #1831 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.25.9 to 1.25.10.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.9...v1.25.10 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 12:44:55 -04:00
anchore-actions-token-generator[bot]
15059bfc3b
chore(deps): update Syft to v1.3.0 ( #1832 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2024-04-26 12:42:56 -04:00
dependabot[bot]
b3e26e6597
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.3 to 0.5.4 ( #1824 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.3...v0.5.4 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 16:57:09 -04:00
dependabot[bot]
f247c622a9
chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 ( #1823 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1d96c772d1...0ad4b8fada
2024-04-25 16:57:01 -04:00
dependabot[bot]
32da42f16c
chore(deps): bump github.com/anchore/stereoscope ( #1825 )
...
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope ) from 0.0.2-0.20240229175558-fe426d1b1c84 to 0.0.2.
- [Release notes](https://github.com/anchore/stereoscope/releases )
- [Changelog](https://github.com/anchore/stereoscope/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/anchore/stereoscope/commits/v0.0.2 )
---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-25 16:56:53 -04:00
dependabot[bot]
92e864df35
chore(deps): bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 ( #1828 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.4 to 6.0.5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](9153d834b6...6d6857d369
2024-04-25 16:56:42 -04:00
Christopher Angelo Phillips
8c044b0d08
fix: update grype version to support darwin arm64 ( #1830 )
...
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-04-25 18:34:48 +00:00
dependabot[bot]
d37674ee17
chore(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 ( #1820 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1746f4ab65...65462800fd
2024-04-24 15:23:41 -04:00
