Commit graph

1382 commits

Author SHA1 Message Date
dependabot[bot]
adcfc04199
chore(deps): bump actions/checkout from 4.1.1 to 4.1.6 (#1920)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...a5ac7e51b41094c92402da3b24376905380afc29)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-07 09:56:50 -07:00
Shubham Hibare
17b104771a
feat(signature): Checksum signature verification (#1670)
* feat(signature): Checksum signature verification

Signed-off-by: Shubham Hibare <shubham@hibare.in>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* Update message

Signed-off-by: Shubham Hibare <shubham@hibare.in>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* address comments

Signed-off-by: Shubham Hibare <shubham@hibare.in>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* consider -v flag across supported releases

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add tests for install.sh signature verification

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* check that release is run from main

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* summarize install.sh flags and recommendations

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* remove regex use on cosign verify-blob

Co-authored-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* simplify the compare_semver install function

Co-authored-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add more tests to compare_semver

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* nit copy change for install help

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* keep original compare_semver implementation

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update copy to include default install path

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Shubham Hibare <shubham@hibare.in>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Dominique Martinet <asmadeus@codewreck.org>
2024-06-06 21:23:04 +00:00
Alex Goodman
e5b341b87a
add skopeo to managed utilities (#1915)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-06 18:58:34 +00:00
dependabot[bot]
cc5ca8b28c
chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#1909)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.7 to 3.25.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f079b84933...2e230e8fe0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-06 12:55:31 -04:00
dependabot[bot]
0cacbe5081
chore(deps): bump github.com/docker/docker (#1916)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.3+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-06 16:12:57 +00:00
Alex Goodman
2beae30864
remove dco workflow (#1914)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-06 10:53:23 -04:00
Alex Goodman
28c40f50cd
use dco tool during gh app outage (#1910)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 14:08:34 -04:00
dependabot[bot]
ef4d3f55c4
chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (#1901)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9fdb3e4972...f079b84933)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 14:12:32 -04:00
dependabot[bot]
7dc95ebceb
chore(deps): bump github.com/charmbracelet/bubbletea (#1902)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.3 to 0.26.4.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.3...v0.26.4)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 14:05:25 -04:00
Avtar Gill
0baa116159
fix: add note about TMPDIR env var (#1880)
Signed-off-by: Avtar Gill <avtargill@gmail.com>
2024-05-31 10:19:42 -04:00
Keith Zantow
31b0fcd390
fix: uppercased package in json (#1900)
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-05-30 17:37:09 -04:00
Dan Luhring
316c0e9a11
fix: main mod pseudo version default off (#1894)
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2024-05-30 13:59:00 -04:00
anchore-actions-token-generator[bot]
46865680f5
chore(deps): update tools to latest versions (#1898)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-30 11:43:52 -04:00
Alex Goodman
b13315fa72
update syft to v1.5.0 (#1897)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-28 13:37:10 -04:00
dependabot[bot]
238caa4a82
chore(deps): bump docker/login-action from 3.1.0 to 3.2.0 (#1896)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](e92390c5fb...0d4c9c5ea7)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 12:29:48 -04:00
Alex Goodman
621eeddcce
Update syft to 1.4.2-0.20240528141306-ac34808b9c55 (#1895)
* update to latest syft

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* fix tests related to syft bump

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-28 15:06:16 +00:00
dependabot[bot]
8b7cf8f5e2
chore(deps): bump github.com/charmbracelet/lipgloss (#1888)
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases)
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 14:26:23 +00:00
dependabot[bot]
51bd0be67b
chore(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#1887)
Bumps [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-version/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-version
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 10:03:28 -04:00
anchore-actions-token-generator[bot]
336952b36e
chore(deps): update tools to latest versions (#1891)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-28 10:03:05 -04:00
dependabot[bot]
ecd9afa8e7
chore(deps): bump github.com/charmbracelet/bubbletea (#1890)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.2 to 0.26.3.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.2...v0.26.3)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-28 10:02:52 -04:00
dependabot[bot]
cea7a404d6
chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 (#1889)
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-24 14:28:56 -04:00
anchore-actions-token-generator[bot]
e097691d7f
chore(deps): update tools to latest versions (#1883) 2024-05-24 09:33:42 -04:00
Keith Zantow
d4b6cd60a6
feat: add config command (#1876)
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-05-23 15:18:37 -04:00
Alex Goodman
2b1ca9b07f
disable TUI for simpler commands (#1872)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-21 15:17:33 +00:00
dependabot[bot]
834793100e
chore(deps): bump github.com/docker/docker (#1867)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.2+incompatible to 26.1.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.2...v26.1.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 13:38:54 -04:00
dependabot[bot]
1e6811b7cb
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#1868)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](44c2b7a8a4...a5ac7e51b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 13:38:30 -04:00
anchore-actions-token-generator[bot]
b7a51d669c
chore(deps): update tools to latest versions (#1864)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-20 11:59:56 -04:00
dependabot[bot]
0117d566a9
chore(deps): bump github/codeql-action from 2.13.4 to 3.25.6 (#1870)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.13.4 to 3.25.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](cdcdbb5797...9fdb3e4972)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 11:59:06 -04:00
dependabot[bot]
cefc896a4f
chore(deps): bump anchore/sbom-action from 0.15.11 to 0.16.0 (#1871)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.11 to 0.16.0.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](7ccf588e3c...e8d2a6937e)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 11:58:39 -04:00
anchore-actions-token-generator[bot]
0ff0d99a50
chore(deps): update tools to latest versions (#1862)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-14 11:27:55 -04:00
Christopher Angelo Phillips
bfac9dafed
chore: add top level permissions to new workflow (#1860)
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-05-13 13:35:37 -04:00
anchore-actions-token-generator[bot]
d7bf327d3c
chore(deps): update tools to latest versions (#1856)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-13 12:29:07 -04:00
dependabot[bot]
7ccaaf6904
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#1858)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4.1.4...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 12:28:42 -04:00
dependabot[bot]
38ccf16049
chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#1859)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](0864cf1902...dc50aa9510)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 12:28:33 -04:00
William Murphy
5ac483a3bc
fix: ask catalog for package rather than type asserting (#1857)
This fixes a class of false positive where removing language packages that are
owned by OS packages would incorrectly fail due to a buggy type assertion.

---------

Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-05-10 15:20:24 +00:00
Alex Goodman
24d5d4ffb2
Upgrade tool management (#1842)
* upgrade tool management

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update version file on release

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-09 16:25:00 -04:00
anchore-actions-token-generator[bot]
e0c2b90da0
chore(deps): update Syft to v1.4.0 (#1855)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-05-09 20:15:15 +00:00
anchore-actions-token-generator[bot]
39e9843d47
chore(deps): update bootstrap tools to latest versions (#1852)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-09 12:04:53 -04:00
dependabot[bot]
f66a7f0f64
chore(deps): bump github.com/charmbracelet/bubbletea (#1853)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 12:04:30 -04:00
dependabot[bot]
f396a579f6
chore(deps): bump github.com/docker/docker (#1854)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.1+incompatible to 26.1.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-09 12:04:21 -04:00
dependabot[bot]
6b8f0f5eaa
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#1847)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...44c2b7a8a4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-07 13:25:45 -04:00
Arvind Somya
88b6139c69
Revert "feat: modify metadata structure for providers' pull date (#1795)" (#1846)
This reverts commit 4584423321.

Signed-off-by: Arvind Somya <arvind.somya@anchore.com>
2024-05-06 15:39:40 -04:00
dependabot[bot]
c6bbb6ba2c
chore(deps): bump github.com/charmbracelet/bubbletea (#1844)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-06 11:45:18 -04:00
anchore-actions-token-generator[bot]
6700983fe8
chore(deps): update bootstrap tools to latest versions (#1845)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: westonsteimel <1593939+westonsteimel@users.noreply.github.com>
2024-05-06 11:45:09 -04:00
dependabot[bot]
61c962f856
chore(deps): bump actions/setup-go from 5.0.0 to 5.0.1 (#1840)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](0c52d547c9...cdcb360436)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 14:13:22 -04:00
dependabot[bot]
216ebc4f11
chore(deps): bump github.com/charmbracelet/bubbletea (#1841)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.25.0 to 0.26.0.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 14:11:55 -04:00
dependabot[bot]
be167e8d72
chore(deps): bump github.com/docker/docker (#1839)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.0+incompatible to 26.1.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.0...v26.1.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-01 12:38:31 -04:00
Keith Zantow
bd16101ad0
fix: update ignored vulnerability count in tui (#1837) 2024-05-01 11:46:50 -04:00
Keith Zantow
6b9ea217f3
fix: update sarif to pass microsoft validator (#1838)
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-04-30 14:45:48 -04:00
dependabot[bot]
8210bf2613
chore(deps): bump anchore/sbom-action from 0.15.10 to 0.15.11 (#1835)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.10 to 0.15.11.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](ab5d7b5f48...7ccf588e3c)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 13:13:03 -04:00