Mirrors/grype
2
0
Fork 0
mirror of https://github.com/anchore/grype synced 2024-09-20 06:21:56 +00:00
Code Issues Projects Releases Packages Wiki Activity
719 commits 35 branches 150 tags 10 MiB
Commit graph

719 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alex Goodman
d4587ddeec
Add in-depth quality gate checks (#949) 
* add in-depth quality gate checks

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add quality tests to PR checks

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-05 16:26:26 -04:00
anchore-actions-token-generator[bot]
7ad60ce410
Update Syft to v0.58.0 (#941) 
* Update Syft to v0.58.0

Signed-off-by: GitHub <noreply@github.com>

* fix conan metadata related unit test failures

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
 2022-10-05 11:26:16 +01:00
anchore-actions-token-generator[bot]
a4eb7ac2ce
Update grype bootstrap tools to latest versions. (#945) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-10-04 10:12:33 -04:00
anchore-actions-token-generator[bot]
047e662c11
Update grype bootstrap tools to latest versions. (#935) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-09-26 10:39:44 -04:00
anchore-actions-token-generator[bot]
f094b860b9
Update Syft to v0.57.0 (#930) 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-09-20 09:35:37 +01:00
Jan Hensel
a678b8d134
Correct falsely copied app-name 'syft' in example (#922) 2022-09-19 12:19:49 -04:00
dependabot[bot]
e63910b2c5
Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 (#927) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-19 11:46:11 -04:00
anchore-actions-token-generator[bot]
345d8494fd
Update grype bootstrap tools to latest versions. (#925) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-09-19 10:48:51 -04:00
anchore-actions-token-generator[bot]
403a535321
Update Syft to v0.56.0 (#919) 
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-09-13 11:18:13 -04:00
Keith Zantow
ba73ab362a
Add support for scanning RPM files (#917) 2022-09-09 14:56:37 -04:00
Christopher Angelo Phillips
7f09eebdde
remove arch typo - add debug/reg s390x (#915) 2022-09-06 13:58:24 -04:00
Christopher Angelo Phillips
78d87c1e11
grype release message update (#914) 2022-09-06 11:46:59 -04:00
Chapman Pendery
d5b825e40b
feat: extract use cpes in matching logic to be configurable (#911) 2022-09-06 09:55:35 -04:00
Adam Hughes
ac3d6b643c
docs: add Singularity to "features" in README (#912) 2022-09-06 09:33:07 -04:00
Adam Hughes
9810495212
docs: improve Singularity image source docs (#910) 2022-09-01 12:53:54 -04:00
Adam Hughes
9f28cdc24f
Add Singularity image source (#908) 2022-08-31 13:55:49 -04:00
anchore-actions-token-generator[bot]
df571a1a88
Update grype bootstrap tools to latest versions. (#907) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-08-31 09:05:19 -04:00
anchore-actions-token-generator[bot]
77a8eb866d
Update Syft to v0.55.0 (#906) 
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-08-30 09:18:17 -04:00
anchore-actions-token-generator[bot]
b31d28546b
Update grype bootstrap tools to latest versions. (#905) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-08-30 09:17:52 -04:00
anchore-actions-token-generator[bot]
a027c74c2c
Update grype bootstrap tools to latest versions. (#903) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-08-29 10:30:39 -04:00
anchore-actions-token-generator[bot]
198326745b
Update grype bootstrap tools to latest versions. (#896) 
Co-authored-by: westonsteimel <westonsteimel@users.noreply.github.com>
 2022-08-25 09:14:46 -04:00
Keith Zantow
64cbb68d9d
Add blurbs about building and running from source (#893) 2022-08-24 15:30:21 -04:00
Alex Goodman
ea4b250055
Fix docker build typo (#891) 2022-08-24 17:07:48 +00:00
Weston Steimel
e9df59b4b1
disable CPE match filtering based on target software component for java packages (#889) 
Java packages are known to embed other ecosystem packages within them, so we don't want to currently make this assumption for any java language type packages

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-24 15:20:45 +00:00
anchore-actions-token-generator[bot]
9d3e40079b
Update grype bootstrap tools to latest versions. (#886) 
* Update grype bootstrap tools to latest versions.

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-23 20:09:56 +00:00
Weston Steimel
0de5dfdd86
fix getting latest gosimports version (#885) 
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-22 18:27:50 +00:00
Weston Steimel
d463d74178
workflow to create automated PRs to update bootstrap tools (#883) 
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-22 17:59:54 +00:00
skuethe
ae37eb4a05
Add s390x build support (#720) 
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
 2022-08-18 16:28:10 -04:00
cpendery
d67b3e64aa
fix: only show distro warning if distro packages exist (#875) 2022-08-18 11:55:35 -04:00
anchore-actions-token-generator[bot]
08b4ef493b
Update Syft to v0.54.0 (#881) 
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: wagoodman <wagoodman@users.noreply.github.com>
 2022-08-17 19:36:54 +00:00
Brock R
174f61ec23
Update README.md (#871) 2022-08-16 19:45:50 +00:00
Neil Levine
f12bb67720
Update README.md (#868) 2022-08-04 21:08:16 +00:00
Michael de Senna
c755c7304f
test: rm mustConst since unused (#860) 2022-08-04 09:38:54 -04:00
anchore-actions-token-generator[bot]
262630e01e
Update Syft to v0.53.4 (#856) 2022-08-04 09:37:48 -04:00
Michael de Senna
80f9e04289
feat: enrich db check cmd feedback (#853) 
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
 2022-08-03 16:34:27 -04:00
Christopher Angelo Phillips
ad9f0ac76e
update syft version location for Makefile (#865) 2022-08-03 12:54:29 -04:00
Christopher Angelo Phillips
8fe761b41f
remove env variable dependencies and keychain from signing script (#864) 2022-08-03 14:55:15 +00:00
Christopher Angelo Phillips
d264309035
macos-latest for signing (#863) 2022-08-03 14:09:44 +00:00
Christopher Angelo Phillips
6810fa5809
move docker release into separate release workflow (#862) 2022-08-03 13:10:40 +00:00
Christopher Angelo Phillips
5cb0bf742b
revert to old docker action (#861) 2022-08-03 11:56:22 +00:00
Christopher Angelo Phillips
49eb05656e
additional readOptions added per 855 (#857) 2022-08-02 20:49:37 +00:00
Keith Zantow
5d4f1ffdea
Ensure database access is readonly (#854) 2022-08-02 14:41:22 -04:00
Christopher Angelo Phillips
ad55091216
push older version for mac runner stability (#852) 2022-08-01 10:32:06 -04:00
Weston Steimel
147cd7938f
bump bouncer to v0.4.0 (#851) 
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
 2022-07-29 16:56:13 +01:00
cpendery
c20924fa55
feat: simple input case to request vulnerability data via purl (#795) 2022-07-28 14:56:04 -04:00
Christopher Angelo Phillips
74fd591caf
update golanci-lint, goreleaser, cosign (#850) 2022-07-28 14:55:14 -04:00
cpendery
d5ff4ef9dc
fix: db diff default has flipped base/target url (#845) 2022-07-25 17:13:24 -04:00
Christopher Angelo Phillips
a6ec8f11be
add env variables and keychain for GHCR publish (#843) 2022-07-25 15:26:14 +00:00
Christopher Angelo Phillips
991d16879a
update grype to use syft v0.52.0 (#838) 2022-07-22 16:12:18 +00:00
Christopher Angelo Phillips
2c7d4e66d4
add debug distroless image to published images (#835) 2022-07-20 16:52:05 -04:00