Alex Goodman
3aaa0e5566
move package purl and cpes (identities) to pkg.Package
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-11-19 11:25:51 -05:00
Alex Goodman
7e270bf76c
restore the checksum file during release
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-11-11 15:11:51 -05:00
Alex Goodman
fde37b4b56
provide goreleaser asset version via env var
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-11-11 14:36:24 -05:00
Dan Luhring
ecfc471ce5
Resolve security warning for macOS users ( #249 )
...
* Add support for macOS signing and notarization
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Use Docker to run the changelog generator locally
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-04 15:47:55 -05:00
Alex Goodman
0ce8701e73
split python package catalogers by image vs directory
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-21 11:48:26 -04:00
Toure Dunnon
27c62e34f2
Add support for package.json #200
...
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
2020-10-16 11:28:54 -04:00
Alex Goodman
5d0909f31e
add regression test to cover issue #212
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-14 07:22:19 -04:00
Alex Goodman
10b44f5311
split catalogers into two sets, one for images another for directory scans
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-08 10:23:24 -04:00
Alex Goodman
16b23e7994
add gha pipeline to replace circlei pipeline ( #202 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-07 12:20:51 -04:00
Alex Goodman
2844b9878f
add release notification
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 23:21:16 -04:00
Alex Goodman
8b81c87d18
remove unreleased tags and exclude size labels
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 22:59:19 -04:00
Alex Goodman
9bd9dad76c
remove unrelease changelog option
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 18:11:02 -04:00
Alex Goodman
6d9f9a9b3b
pin the two tags used for release autochangelog
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 17:57:51 -04:00
Alex Goodman
50cb5612d0
fix github releaser changelog intake
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 17:20:27 -04:00
Alex Goodman
080f010746
remove tty requirement from release process
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 17:07:59 -04:00
Alex Goodman
f4502fc824
Add notifications around the release process ( #184 )
...
* add pipeline notification upon release
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add pending notification to release pipeline
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 16:58:56 -04:00
Alex Goodman
3d91a66536
Add OCI support + use URI schemes for user image input ( #178 )
...
* add oci support + update image schemes
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update docs to reflect OCI image sources + URI scheme change
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update to oci-dir
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump upstream stereoscope pin
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 10:24:24 -04:00
Alex Goodman
eda0f8c774
add bom descriptor schema + test against xml schemas in pipeline ( #163 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-27 19:12:45 -04:00
Alex Goodman
d85d0ac418
add changelog generation ( #162 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-27 08:10:56 -04:00
Alex Goodman
f892289e7c
Add CycloneDX presenter ( #157 )
...
* add CycloneDX presenter + BOM Descriptor extension
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add docstrings to cyclonedx presenter
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-24 20:43:29 -04:00
Alex Goodman
90bd68e44c
Disable prerelease version update check ( #140 )
...
* disable prerelease version update check
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* use prerelease flag as source of truth for user notifications
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-11 09:54:04 -04:00
Alex Goodman
2d452bf59e
Add inline-comparison as acceptance test ( #130 )
...
* add inline-compare as acceptance test
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add additional RPM metadata
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add comments and doc strings to the compare-* make targets
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-10 10:33:44 -04:00
Dan Luhring
70e673204c
Add poetry cataloger ( #121 )
...
* Minor cleanup
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Update pkg Type definition to string
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Implement poetry.lock parsing
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Address CI issues
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Integrate Alex's changes
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-08-04 18:22:43 -04:00
Alex Goodman
e2a874a277
finalize json output & add schema ( #118 )
2020-08-04 16:05:53 -04:00
Alex Goodman
ad1a72c6ff
ignore prerelease verions when uploading version file on release
2020-07-29 14:54:47 -04:00
Alex Goodman
06f8355fce
finalize update check URL
2020-07-27 15:13:41 -04:00
Alex Goodman
d21de64cb3
use mount path for version upload
2020-07-27 09:35:55 -04:00
Alex Goodman
6536f0bb36
upload version check file on release
2020-07-27 09:30:05 -04:00
Alex Goodman
78c3652759
bump bouncer version
2020-07-25 16:55:41 -04:00
Alex Goodman
2502814143
rollup static analysis to make target
2020-07-25 16:40:37 -04:00
Alex Goodman
05c78de9d3
generate java fixtures ahead of tests
2020-07-25 10:06:52 -04:00
Alex Goodman
c9dea59232
verify signing fingerprint
2020-07-25 09:59:48 -04:00
Alex Goodman
1ba0678cf6
provide signed checksums
2020-07-25 08:42:50 -04:00
Alex Goodman
32bd57886e
add publish release
2020-07-25 07:09:20 -04:00
Alex Goodman
14ec30aee1
fix acceptance test compare script & persist
2020-07-24 17:41:22 -04:00
Alex Goodman
0a0bc68e95
show verbose test output to prevent circleci kills
2020-07-23 21:47:11 -04:00
Alex Goodman
a4016d35ce
rename to syft
2020-07-23 20:54:04 -04:00
Alex Goodman
2132700198
add apk/alpine support ( #98 )
2020-07-23 20:35:57 -04:00
Alex Goodman
5ccd6d5f6a
check for unsupported "go get" chars ( #100 )
2020-07-23 13:08:31 -04:00
Alex Goodman
ba4f63099d
Add release process ( #89 )
...
* add check for app update; fix ETUI error handling
* validate user args
* add goreleaser support
* replace cgo dependencies (go-rpm) with go equivalents
* add acceptance tests against build snapshot
* add brew tap + acceptance test pipeline
* add mac acceptance tests
* fix compare makefile
* fix mac acceptance tests
* add release pipeline with wait checks
* add token to release step
* rm dir presenters int test
* enforce dpkg to be non interactive
Co-authored-by: Alfredo Deza <adeza@anchore.com>
* pin brew formulae
* pin skopeo to formulae url
* only run acceptance tests
Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-23 10:52:44 -04:00
Alex Goodman
9e285fd0e2
use common entry point for integration tests; refactor cmd pkg ( #86 )
2020-07-17 15:16:33 -04:00
Alfredo Deza
b734623ef0
make: bump test coverage
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-07-17 13:32:53 -04:00
Alfredo Deza
b457d4ebd2
tests: drop coverage requirement to 69% for now
...
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-07-15 10:15:58 -04:00
Alex Goodman
e8d11eec69
add license validation ( #80 )
2020-07-13 13:07:20 -04:00
Alex Goodman
61f51d80bb
Add comparative analysis with anchore-engine ( #78 )
...
* add comparative analysis
* remove extra comma from compare script tuple
Co-authored-by: Alfredo Deza <adeza@anchore.com>
Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-13 12:12:00 -04:00
Alex Goodman
3f090f9647
fix java cache key for CI; fix circle docker api version ( #79 )
2020-07-13 12:11:11 -04:00
Alex Goodman
e55db9247e
add java cataloger
2020-07-08 16:16:01 -04:00
Alex Goodman
1896831c39
add rpmdb support; enhance integration tests
2020-07-06 12:55:11 -04:00
Alex Goodman
d59a19697d
add coverage + makefile improvements
2020-07-06 07:25:18 -04:00
Alex Goodman
2471663d27
sync/fmt linting tasks with stereoscope
2020-05-21 09:37:20 -04:00
Alex Goodman
cb6555491c
add analyzer interface/controller and supporting package/catalog
2020-05-13 10:13:48 -04:00
Alex Goodman
1e5c7bb5c7
initial project structure
2020-05-12 10:45:18 -04:00