Mirrors/grype
2
0
Fork 0
mirror of https://github.com/anchore/grype synced 2024-09-20 14:31:59 +00:00
Code Issues Projects Releases Packages Wiki Activity
1297 commits 36 branches 150 tags 10 MiB
Commit graph

397 commits

Author SHA1 Message Date
dependabot[bot]
4c6f9bab0d
chore(deps): bump github.com/google/go-containerregistry (#1948) 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-17 09:29:09 -07:00
dependabot[bot]
82a442682a
chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#1947) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-17 09:28:19 -07:00
Christopher Angelo Phillips
5821351240
chore: Update syft v1.7.0 (#1945) 
chore: update syft to v1.7.0
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
 2024-06-14 20:47:19 +00:00
dependabot[bot]
0cacbe5081
chore(deps): bump github.com/docker/docker (#1916) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.3+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-06 16:12:57 +00:00
dependabot[bot]
7dc95ebceb
chore(deps): bump github.com/charmbracelet/bubbletea (#1902) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.3 to 0.26.4.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.3...v0.26.4)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-31 14:05:25 -04:00
Alex Goodman
b13315fa72
update syft to v1.5.0 (#1897) 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-05-28 13:37:10 -04:00
Alex Goodman
621eeddcce
Update syft to 1.4.2-0.20240528141306-ac34808b9c55 (#1895) 
* update to latest syft

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* fix tests related to syft bump

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-05-28 15:06:16 +00:00
dependabot[bot]
8b7cf8f5e2
chore(deps): bump github.com/charmbracelet/lipgloss (#1888) 
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases)
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 14:26:23 +00:00
dependabot[bot]
51bd0be67b
chore(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#1887) 
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-version/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:03:28 -04:00
dependabot[bot]
ecd9afa8e7
chore(deps): bump github.com/charmbracelet/bubbletea (#1890) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.2 to 0.26.3.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.2...v0.26.3)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-28 10:02:52 -04:00
dependabot[bot]
cea7a404d6
chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 (#1889) 
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-24 14:28:56 -04:00
Keith Zantow
d4b6cd60a6
feat: add config command (#1876) 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
 2024-05-23 15:18:37 -04:00
dependabot[bot]
834793100e
chore(deps): bump github.com/docker/docker (#1867) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.2+incompatible to 26.1.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.2...v26.1.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-20 13:38:54 -04:00
anchore-actions-token-generator[bot]
e0c2b90da0
chore(deps): update Syft to v1.4.0 (#1855) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
 2024-05-09 20:15:15 +00:00
dependabot[bot]
f66a7f0f64
chore(deps): bump github.com/charmbracelet/bubbletea (#1853) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 12:04:30 -04:00
dependabot[bot]
f396a579f6
chore(deps): bump github.com/docker/docker (#1854) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.1+incompatible to 26.1.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 12:04:21 -04:00
dependabot[bot]
c6bbb6ba2c
chore(deps): bump github.com/charmbracelet/bubbletea (#1844) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 11:45:18 -04:00
dependabot[bot]
216ebc4f11
chore(deps): bump github.com/charmbracelet/bubbletea (#1841) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.25.0 to 0.26.0.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-02 14:11:55 -04:00
dependabot[bot]
be167e8d72
chore(deps): bump github.com/docker/docker (#1839) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.0+incompatible to 26.1.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.0...v26.1.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 12:38:31 -04:00
dependabot[bot]
11fe1a5bb2
chore(deps): bump gorm.io/gorm from 1.25.9 to 1.25.10 (#1831) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.9 to 1.25.10.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.9...v1.25.10)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-26 12:44:55 -04:00
anchore-actions-token-generator[bot]
15059bfc3b
chore(deps): update Syft to v1.3.0 (#1832) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
 2024-04-26 12:42:56 -04:00
dependabot[bot]
b3e26e6597
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.3 to 0.5.4 (#1824) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.3...v0.5.4)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-25 16:57:09 -04:00
dependabot[bot]
32da42f16c
chore(deps): bump github.com/anchore/stereoscope (#1825) 
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.0.2-0.20240229175558-fe426d1b1c84 to 0.0.2.
- [Release notes](https://github.com/anchore/stereoscope/releases)
- [Changelog](https://github.com/anchore/stereoscope/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/anchore/stereoscope/commits/v0.0.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-25 16:56:53 -04:00
dependabot[bot]
ca52c5cb18
chore(deps): bump github.com/docker/docker (#1821) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.2+incompatible to 26.1.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.2...v26.1.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-24 12:06:36 -04:00
dependabot[bot]
94f180da76
chore(deps): bump github.com/docker/docker (#1817) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.1+incompatible to 26.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.1...v26.0.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 15:07:34 -04:00
dependabot[bot]
018b415abd
chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#1805) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-15 12:27:26 -04:00
anchore-actions-token-generator[bot]
9ce3048adb
chore(deps): update Syft to v1.2.0 (#1803) 2024-04-12 18:57:16 +00:00
dependabot[bot]
062217c7b6
chore(deps): bump github.com/docker/docker (#1800) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.0+incompatible to 26.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.0...v26.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-11 13:35:11 -04:00
dependabot[bot]
2d613a816d
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.2 to 0.5.3 (#1791) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.2...v0.5.3)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 16:24:35 +00:00
Weston Steimel
420c0cd0b3
test: fuzzy version comparison for java versions (#1788) 
Adds tests to ensure fuzzy version comparison logic works as expected
for java version strings under both the pre version 9 schema and the
modern semver equivalents.  Details of the version schemes can be found
in https://openjdk.org/jeps/223

Signed-off-by: Weston Steimel <commits@weston.slmail.me>
 2024-04-05 13:17:33 -04:00
Christopher Angelo Phillips
57af1c34cb
chore: update syft to latest v1.1.1 (#1784) 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
 2024-04-04 11:52:02 -04:00
dependabot[bot]
c807af5f4f
chore(deps): bump gorm.io/gorm from 1.25.8 to 1.25.9 (#1775) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.8 to 1.25.9.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.8...v1.25.9)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-28 16:35:57 -04:00
anchore-actions-token-generator[bot]
e531660d63
chore(deps): update Syft to v1.1.0 (#1769) 2024-03-26 11:44:13 -04:00
dependabot[bot]
16e954ab35
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#1750) 
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 13:22:55 -04:00
dependabot[bot]
32853abe08
chore(deps): bump github.com/glebarez/sqlite from 1.10.0 to 1.11.0 (#1751) 
Bumps [github.com/glebarez/sqlite](https://github.com/glebarez/sqlite) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/glebarez/sqlite/releases)
- [Commits](https://github.com/glebarez/sqlite/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/glebarez/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 13:22:27 -04:00
dependabot[bot]
ee402f9020
chore(deps): bump gorm.io/gorm from 1.25.7 to 1.25.8 (#1756) 
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.7 to 1.25.8.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.7...v1.25.8)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 13:22:13 -04:00
dependabot[bot]
270fdd30d4
chore(deps): bump github.com/google/go-containerregistry (#1754) 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 13:22:06 -04:00
dependabot[bot]
e864b373d9
chore(deps): bump github.com/anchore/syft from 1.0.0 to 1.0.1 (#1743) 
Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/anchore/syft/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-07 12:59:16 -05:00
dependabot[bot]
6bf4b17623
chore(deps): bump github.com/docker/docker (#1744) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.3+incompatible to 25.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-07 12:59:05 -05:00
dependabot[bot]
296b0901cf
chore(deps): bump github.com/charmbracelet/lipgloss from 0.9.1 to 0.10.0 (#1741) 
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases)
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.9.1...v0.10.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 14:26:30 -05:00
dependabot[bot]
ec21e628c7
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1736) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-01 13:08:49 -05:00
dependabot[bot]
484647fcdf
chore(deps): bump github.com/anchore/syft (#1734) 
Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.105.2-0.20240227214437-a978966cadfc to 1.0.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](https://github.com/anchore/syft/commits/v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-29 10:40:45 -05:00
Keith Zantow
77e00feb42
chore: update syft source providers (#1727) 2024-02-27 20:47:51 -05:00
anchore-actions-token-generator[bot]
987238519b
chore(deps): update Syft to v0.105.1 (#1728) 2024-02-26 12:30:31 -05:00
Seiya
05953ead8c
chore: remove unused file internal/logger/logrus.go (#1721) 
Signed-off-by: seiya <20365512+seiyab@users.noreply.github.com>
 2024-02-20 11:35:38 -05:00
anchore-actions-token-generator[bot]
b9cf0e5cf8
chore(deps): update Syft to v0.105.0 (#1714) 
* chore(deps): update Syft to v0.105.0

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* fix tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-02-14 22:09:50 +00:00
Keith Zantow
ba0cc19a1e
fix: ensure version output to stdout (#1709) 2024-02-09 21:05:52 +00:00
anchore-actions-token-generator[bot]
74780902ed
chore(deps): update Syft to v0.104.0 (#1704) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
 2024-02-07 16:14:57 -05:00
William Murphy
396cc0aea7
Bump Syft in Grype to pull in unmarshaling fix (#1703) 
* WIP: package builds but tests do not

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* WIP: some unit tests compile

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* WIP: unit tests compile but do not pass

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* Units passing with some changes to syft

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* fix: excludes plus bad sbom should not suppress error

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* add conan entry v2 package test

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* bump syft again

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: fix compiler error in integration tests

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: remove erlang OTP from package types that must be seen in test image

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* bump syft version used

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Will Murphy <will.murphy@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-02-07 14:28:48 -05:00
dependabot[bot]
68b2796026
chore(deps): bump github.com/docker/docker (#1702) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.2+incompatible to 25.0.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.2...v25.0.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 11:32:18 -05:00