Mirrors/syft

mirror of https://github.com/anchore/syft synced 2024-11-10 06:14:16 +00:00

Author	SHA1	Message	Date
Alex Goodman	a5cba13ddf	enable more flexible java manifest structure (closer to the spec) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-29 16:26:04 -04:00
Alex Goodman	a4f22e65fc	expand compare testing images Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-29 13:52:51 -04:00
Alex Goodman	ab45be98b8	append java nested package names to the virtual path Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-29 13:52:34 -04:00
Alex Goodman	fc991bc62e	partial java comparison with extra metadata Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-29 12:40:49 -04:00
Alex Goodman	1230650771	allow for java manifest data to be optional Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-29 11:28:27 -04:00
Alex Goodman	452426d1d6	Merge pull request #245 from anchore/update-java-cataloger-for-engine Java cataloger miscellaneous fixes	2020-10-28 17:36:44 -04:00
Alex Goodman	2675891110	remove parent java package from json && add java manifest section parsing Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-28 17:19:06 -04:00
Dan Luhring	bffc4713a7	Update zip archive handling to match globs as expected (#244 ) * Refactor zip file tests Signed-off-by: Dan Luhring <dan.luhring@anchore.com> * Add glob support for leading slashes Signed-off-by: Dan Luhring <dan.luhring@anchore.com> * Update zip testing to account for glob matching Signed-off-by: Dan Luhring <dan.luhring@anchore.com> * Ignore .DS_STORE Signed-off-by: Dan Luhring <dan.luhring@anchore.com> * Improve normalization of zip entry names Signed-off-by: Dan Luhring <dan.luhring@anchore.com> * Rename zip test helpers file Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-10-28 16:50:40 -04:00
Alex Goodman	62f6146c37	do not include optional fields Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-28 15:58:54 -04:00
Alex Goodman	8bcba7d830	update json schema and test for java virtualPath Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-28 15:25:30 -04:00
Alex Goodman	76c8f24090	add java virtual path Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-28 13:53:44 -04:00
Alex Goodman	cc466e47da	bump python version for acceptance tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-27 14:53:52 -04:00
Alex Goodman	f9407d0ce4	Add java/npm to inline comparison (#235 ) * Adds java and npm package comparison * Adds probable matching of extra packages syft found and missing packages that syft did not find (but inline did). This way there is a section of output that fuzzy-matches the package names to get a better sense of "real" problems (actual missing packages) vs slightly mismatched metadata during troubleshooting. * Adds a set or probable missing packages to the report based on the probable matches (again, to aid in troubleshooting) * Fixes image reference clean function to support references with registries * Only shows metadata differences when the package was found by both inline and syft * Splits the inline-compare code into more manageable pieces Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-27 13:43:36 -04:00
Dan Luhring	f19cb03aa0	Update doublestar to include fix for open dirs issue (#240 ) Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-10-26 11:19:25 -04:00
Toure Dunnon	076454d7a8	Merge pull request #233 from anchore/javascript_parser_fix_author Javascript parser fix author	2020-10-26 09:30:11 -04:00
Toure Dunnon	7c42a7441c	Merge branch 'javascript_parser_fix_author' of https://github.com/anchore/syft into javascript_parser_fix_author	2020-10-23 16:49:51 -04:00
Toure Dunnon	cbb7e00a52	Cleaned up go.mod import. Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>	2020-10-23 16:44:07 -04:00
Alex Goodman	6eb36bc3c8	allow for optional fields in npm metadata Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-23 15:00:55 -04:00
Toure Dunnon	94ffc2caa8	Merge branch 'main' into javascript_parser_fix_author Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>	2020-10-23 12:05:30 -04:00
Alex Goodman	15e2e32103	Merge pull request #237 from anchore/update-future-plans Remove CycloneDX from future plans	2020-10-23 11:06:51 -04:00
Alex Goodman	1cdf2b9151	remove cyclonedx from future plans (already implemented) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-23 11:05:28 -04:00
Alex Goodman	fd65f363ce	Merge pull request #236 from anchore/fix-acceptance-test-pipeline Bootstrap cached dependencies and CI dependencies separately for acceptance tests	2020-10-23 10:55:24 -04:00
Alex Goodman	103f0617f5	bootstrap cached deps and ci deps separately for acceptance tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-23 10:42:57 -04:00
Alex Goodman	de2e6a13b8	Merge pull request #234 from anchore/split-python-cataloger-with-cataloger-addition Split python cataloger by image/directory scanning + add more metadata	2020-10-23 10:37:01 -04:00
Alex Goodman	7d55bca0a0	allow for python metadata fields to be optional Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-23 10:29:52 -04:00
Toure	48c7dee9da	included additional support for older npm spec. Signed-off-by: Toure <tdunnon@gmail.com>	2020-10-23 08:50:38 -04:00
Toure	94e448a818	Merge commit '15379d1' into javascript_parser_fix_author Signed-off-by: Toure <tdunnon@gmail.com>	2020-10-22 14:08:33 -04:00
Toure Dunnon	15379d1075	Fix for errors+failures parsing `package.json` closes: #230 Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>	2020-10-22 13:58:18 -04:00
Alex Goodman	2e5ff4a995	add top_level.txt processing to python package cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-22 12:39:03 -04:00
Alex Goodman	1414d1fbc3	add test coverage for python pacakge cataloger and update catalog interface Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-22 09:51:29 -04:00
Alex Goodman	7fc926d40d	add python author and emil fields + add metadata type Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-22 09:51:29 -04:00
Toure Dunnon	5b08616e47	Fix for errors+failures parsing `package.json` closes: #230 Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>	2020-10-21 14:11:35 -04:00
Alex Goodman	0ce8701e73	split python package catalogers by image vs directory Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-21 11:48:26 -04:00
Alex Goodman	beb6afff36	Merge pull request #232 from anchore/cataloger-interface-upgrade Upgrade cataloger interface to use full resolver	2020-10-21 11:47:52 -04:00
Alex Goodman	d4ca0ab167	expand the resolver to include content requests for a single reference Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-21 11:40:14 -04:00
Alex Goodman	6cd9c2b771	upgrade cataloger interface to use full resolver (remove SelectFiles function) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-21 10:49:33 -04:00
Alex Goodman	931c796158	add dynamic package.json parsing of author field Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-20 15:23:04 -04:00
Alex Goodman	bb14f3b45b	reduce number of open files while processing nested java archives (#227 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-16 17:22:14 -04:00
Toure Dunnon	c0b9d7854b	Merge pull request #224 from anchore/add_package_json Add support for package.json #200	2020-10-16 11:43:27 -04:00
Toure Dunnon	27c62e34f2	Add support for package.json #200 Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>	2020-10-16 11:28:54 -04:00
Alex Goodman	4c751cb1d4	Merge pull request #222 from VinodAnandan/main Enable CodeQL Security Scan	2020-10-15 23:11:01 -04:00
Vinod Anandan	0f92f16eb6	Enable CodeQL Security Scan https://github.blog/2020-09-30-code-scanning-is-now-available/ remove java from codeql scan Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Vinod Anandan <vinod.anandan@jpmorgan.com>	2020-10-16 03:02:09 +01:00
Alex Goodman	1bf1e643eb	restore original release token Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-15 14:41:28 -04:00
Alex Goodman	3ba67a6bcc	update json schema to account for optional gemspec fields (#225 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-15 13:56:59 -04:00
Alex Goodman	4a8ee15e87	fix syft version verbiage Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-15 11:50:23 -04:00
Alex Goodman	dcb5d6d08e	remove greeter action since it is broken for forked PRs (#223 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-15 10:20:09 -04:00
Alex Goodman	b3387807c1	allow for gemspec metadata fields to be optional (#218 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-15 09:57:58 -04:00
Alex Goodman	24c4c025e1	Merge pull request #217 from jhujasonw/main Fixes #212 by increasing buffer size for scanner	2020-10-14 07:29:00 -04:00
Alex Goodman	5d0909f31e	add regression test to cover issue #212 Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-10-14 07:22:19 -04:00
Jason Williams	1f64b3cd49	Fixes #212 by increasing buffer size for scanner Signed-off-by: Jason Williams <jasonw@jhu.edu>	2020-10-13 11:00:55 -04:00

... 41 42 43 44 45 ...

2447 commits