Mirrors/grype
2
0
Fork 0
mirror of https://github.com/anchore/grype synced 2024-09-20 14:31:59 +00:00
Code Issues Projects Releases Packages Wiki Activity
1145 commits 36 branches 150 tags 10 MiB
Commit graph

27 commits

Author SHA1 Message Date
dependabot[bot]
a820759495
chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (#1630) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](93397bea11...0c52d547c9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-11 06:40:01 -05:00
dependabot[bot]
4c3ff476fa
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#1564) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-18 13:50:51 -04:00
dependabot[bot]
cc522decdb
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#1519) 
* chore(deps): bump actions/checkout from 4.0.0 to 4.1.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](3df4ab11eb...8ade135a41)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: add version comment

Signed-off-by: Will Murphy <will.murphy@anchore.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Will Murphy <will.murphy@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Will Murphy <will.murphy@anchore.com>
 2023-09-26 13:16:42 -04:00
dependabot[bot]
da3de94842
chore(deps): bump tibdex/github-app-token from 2.0.0 to 2.1.0 (#1506) 
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](0914d50df7...3beb63f4bd)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-20 16:39:49 -04:00
dependabot[bot]
655c65facb
chore(deps): bump actions/checkout from 3 to 4 (#1475) 
* chore(deps): bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...3df4ab11eba7bda6032a0b82a6bb43b11571feac)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: update tag comments and standardize comments to # vx.x.x

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
 2023-09-15 15:25:20 -04:00
dependabot[bot]
8b34b585ca
chore(deps): bump tibdex/github-app-token from 1.8.2 to 2.0.0 (#1485) 
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.8.2 to 2.0.0.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](0d49dd7211...0914d50df7)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-11 15:23:55 -04:00
Christopher Angelo Phillips
719feb0b44
chore: update grype to use Go v1.21 (#1480) 
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
 2023-09-07 14:55:38 -04:00
dependabot[bot]
7b3605db24
chore(deps): bump tibdex/github-app-token from 1.8.0 to 1.8.2 (#1474) 
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](b62528385c...0d49dd7211)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 10:20:24 -04:00
dependabot[bot]
fff434156c
chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 (#1421) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](fac708d667...93397bea11)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-08 13:29:12 -04:00
dependabot[bot]
4e31789324
chore(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 (#1351) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](284f54f989...153407881e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-14 15:58:43 -04:00
dependabot[bot]
745dca977c
chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (#1298) 2023-05-17 13:24:06 +00:00
dependabot[bot]
2e835eaebf
chore(deps): bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 (#1263) 2023-05-02 20:33:51 +00:00
dependabot[bot]
01cbc98198
chore(deps): bump peter-evans/create-pull-request from 4.2.4 to 5.0.0 (#1219) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.4 to 5.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](38e0b6e68b...5b4a9f6a9e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-05 19:07:58 -04:00
Keith Zantow
b9e40306d2
chore: update syft update (#1211) 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
 2023-04-03 10:28:53 -04:00
Keith Zantow
f40b5d43ab
chore: update deprecated set-output calls (#1210) 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
 2023-04-03 09:36:18 -04:00
Keith Zantow
c1bc54f943
chore: tweak some workflow text (#1190) 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
 2023-03-21 11:09:10 -04:00
dependabot[bot]
568b504a7e
chore(deps): bump peter-evans/create-pull-request from 4.2.3 to 4.2.4 (#1184) 2023-03-21 09:51:27 -04:00
dependabot[bot]
96cbcad484
chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (#1182) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](6edd4406fa...4d34df0c23)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-15 17:19:41 -04:00
Christopher Angelo Phillips
788ed965ec
chore: prune cosign dependency for grype builds (#1100) 
* feat: segment cosign dependency for grype builds for faster build times

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
 2023-01-31 11:42:40 -05:00
dependabot[bot]
c89fa42552
chore(deps): bump tibdex/github-app-token from 1.7.0 to 1.8.0 (#1099) 
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](021a2405c7...b62528385c)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-27 10:50:16 -05:00
dependabot[bot]
48db63a05e
chore(deps): bump actions/checkout from 3.1.0 to 3.3.0 (#1090) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.1.0...ac593985615ec2ede58e132d2e21d2b1cbd6127c)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 18:39:09 +00:00
dependabot[bot]
1ac4289432
chore(deps): bump peter-evans/create-pull-request from 4.2.0 to 4.2.3 (#1089) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.0 to 4.2.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](b4d51739f9...2b011faafd)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 13:06:01 -05:00
dependabot[bot]
752b0d470f
chore(deps): bump actions/setup-go from 3.3.1 to 3.5.0 (#1091) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](c4a742cab1...6edd4406fa)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-26 13:05:20 -05:00
Christopher Angelo Phillips
3e0af43383
chore: pin dependencies (#994) 2022-11-14 21:23:42 +00:00
Joyce
8f28a6ea96
Update token permissions to be read-only (#988) 
Closes https://github.com/anchore/grype/issues/984
 2022-11-14 08:10:09 -05:00
Keith Zantow
4ed0704dcf
Auto-PR needs to run go mod tidy (#727) 2022-04-13 16:30:53 -04:00
Keith Zantow
b1e7189a4a
Add workflow for automatic PR for new Syft releases (#722) 2022-04-13 13:08:04 -04:00