Mirrors/syft

mirror of https://github.com/anchore/syft synced 2024-11-13 23:57:07 +00:00

Author	SHA1	Message	Date
anchore-actions-token-generator[bot]	2c882f6239	Update syft bootstrap tools to latest versions. (#1176 ) Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>	2022-08-25 09:14:24 -04:00
Keith Zantow	7d4f333ec4	enhance development support on macOS ARM (#1163 )	2022-08-24 13:48:14 -04:00
Scott Andrews	5e93d1ea1e	Capture if a node module is private (#1161 )	2022-08-24 17:07:56 +00:00
Keith Zantow	57c5413fe0	Find version numbers from jars with different naming conventions (#1174 )	2022-08-24 12:56:53 -04:00
anchore-actions-token-generator[bot]	b0fc955e0c	Update syft bootstrap tools to latest versions. (#1171 ) * Update syft bootstrap tools to latest versions. Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com>	2022-08-23 20:36:59 +01:00
Weston Steimel	6949a2500f	Fix update-bootstrap-tools workflow (#1170 )	2022-08-22 16:17:28 +00:00
Weston Steimel	5282820b5d	workflow to create automated PRs to update bootstrap tools (#1167 )	2022-08-22 11:28:24 -04:00
cpendery	c56d3b5eef	feat: add support for licenses in package-lock json v2 (#1164 )	2022-08-22 11:23:44 -04:00
Marco Deicas	13296880cd	External sources configuration (#1158 )	2022-08-22 11:22:18 -04:00
cpendery	e9221ae25d	feat: add support for pnpm (#1166 )	2022-08-22 10:45:55 -04:00
Justin Chadwell	f3c3d3d98e	Prevent symlinks causing duplicate package-file relationships (#1168 )	2022-08-22 10:29:00 -04:00
Keith Zantow	21eb772060	Associate node package licenses from node_modules (#1152 )	2022-08-16 14:14:02 -04:00
Josh Bressers	d1390b315e	Give the contributing guide a substantial rework (#1155 )	2022-08-16 10:43:25 -04:00
Justin Chadwell	3db6911865	fix: extract file ids correctly for spdx-json (#1156 ) Previously, extracting relationships between packages and files was not completing correctly, as SPDXRef- ElementIDs were being compared to raw IDs, and so never matched. This patch ensures that we always compare ElementIDs, to ensure that the hasFiles field is correctly populated. Signed-off-by: Justin Chadwell <me@jedevc.com>	2022-08-11 14:06:36 -04:00
Alex Goodman	2693a8c19a	metadata decoding should be optional (#1154 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-10 16:20:53 +00:00
anchore-actions-token-generator[bot]	1344889766	Update Stereoscope to 84004345484edb881f1cc1d841115da8abda06c3 (#1151 ) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: kzantow <kzantow@users.noreply.github.com>	2022-08-09 08:59:35 +00:00
Dan Nurmi	04387301ce	Add modularitylabel metadata to RPM type records generated by syft (#1148 ) * bump cosign to v1.10.1 (#1144) Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145. Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update to address lint failures Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Update syft/pkg/rpmdb_metadata.go Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update json schema to match camel case Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-08 11:52:32 +00:00
anchore-actions-token-generator[bot]	4df84d380d	Update Stereoscope to 1c79d5c84abcc54466417fcc17c844a4875888a1 (#1149 ) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: kzantow <kzantow@users.noreply.github.com>	2022-08-06 10:52:42 -04:00
Christopher Angelo Phillips	5be7e081f5	retraction for mispublished versions (#1147 ) Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-08-06 10:52:21 -04:00
Tom Fay	621f0fe082	cataloger configuration is respected regardless of source (#1142 )	2022-08-04 21:14:23 +00:00
Neil Levine	644ca00e20	Update README.md (#1146 )	2022-08-04 21:13:28 +00:00
Weston Steimel	fce83321ba	bump cosign to v1.10.1 (#1144 )	2022-08-04 19:03:57 +00:00
Keith Zantow	69bde44c6e	Update stereoscope to get rid of the replace directive (#1140 )	2022-08-03 12:24:20 -04:00
Christopher Angelo Phillips	042304ee4c	Correct squashfs import and fix incorrect bouncer configuration (#1138 )	2022-08-03 09:46:14 -04:00
Jonas Xavier	69fb0a6f3b	Overwrite deprecated SPDX licenses automatically (#1009 ) Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-02 15:25:33 -04:00
Christopher Angelo Phillips	e68f384063	disable release for docker assets (#1137 )	2022-08-02 14:47:07 -04:00
Christopher Angelo Phillips	f5d02d4e52	improve docker release bootstrap (#1136 )	2022-08-02 15:44:24 +00:00
Adam Hughes	d361d40cfa	Singularity Image Support (#974 ) * docs: add Singularity image support Add "singularity-image" scheme to CLI documentation and README. Signed-off-by: Adam Hughes <9903835+tri-adam@users.noreply.github.com> * upgrade stereoscope + docs Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-02 11:42:46 -04:00
Christopher Angelo Phillips	b7f587f5dc	remove docker login from keychain (#1135 )	2022-08-02 09:42:12 -04:00
Christopher Angelo Phillips	d196ab70a0	remove ENV checks from siging script (#1134 )	2022-08-01 22:08:41 +00:00
Christopher Angelo Phillips	1bf97af3fb	remove docker assets from main goreleaser configuration to reduce mac-os runner friction (#1133 )	2022-08-01 21:08:38 +00:00
Christopher Angelo Phillips	ca69fb8370	remove prefixed v from tag to match release (#1131 )	2022-08-01 15:07:58 +00:00
Christopher Angelo Phillips	8f21180681	rollback actions-setup-docker to earlier version (#1130 )	2022-08-01 14:10:50 +00:00
Tom Fay	b4c272885d	Bump go-rustaudit to support rustaudit 0.2.0 (#1127 )	2022-08-01 09:20:31 -04:00
Weston Steimel	fb8f24dc1e	bump bouncer to v0.4.0 (#1125 ) Signed-off-by: Weston Steimel <weston.steimel@anchore.com>	2022-07-29 16:57:59 +01:00
Mayur Waghmode	f1c5463a6b	Added ppc64le supported to the syft:debug image (#1124 )	2022-07-28 14:18:11 -04:00
Tom Fay	9896ff1b1f	add a cataloger for binaries built with rust-audit (#1116 ) * add a cataloger for binaries built with rust-audit Signed-off-by: Tom Fay <tomfay@microsoft.com>	2022-07-28 18:17:38 +00:00
Weston Steimel	62897fbc89	bump goreleaser to v1.10.3 (#1123 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-28 17:10:32 +00:00
Weston Steimel	d1729ee7e2	bump golangci-lint to v1.47.2 (#1122 )	2022-07-28 09:40:53 -04:00
Weston Steimel	43715d380b	bump cosign in bootstrap-tools to v1.10.0 (#1121 )	2022-07-28 09:40:42 -04:00
Mayur Waghmode	af330c8a37	Added s390x support (#1117 )	2022-07-27 16:33:54 -04:00
Christopher Angelo Phillips	20ad59ad1b	Delete pr_action.yaml (#1120 )	2022-07-27 17:12:00 +00:00
cpendery	8235e8e581	fix: use generic instead of not generating purl (#1119 )	2022-07-27 09:06:37 -04:00
Weston Steimel	b720a3c81c	bump cosign to v1.10.0 (#1114 ) Signed-off-by: Weston Steimel <weston.steimel@anchore.com>	2022-07-22 09:41:38 -04:00
Marco Deicas	ba9adb17eb	Update sigstore/rekor dependency (#1112 )	2022-07-21 09:17:16 -04:00
Mayur Waghmode	51727fcf2d	Added ppc64le support (#1099 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-21 09:12:52 -04:00
Christopher Angelo Phillips	5dc729b67e	patch-distroless-ghcr (#1110 )	2022-07-20 16:51:49 -04:00
Christopher Angelo Phillips	7bae9d4b4e	add distroless debug image to published release (#1106 ) add debug distroless image to published release Debian was chosen based on the fact that it is the smallest available distroless image The new tag is `anchore/syft:debug` Closes #833	2022-07-20 15:54:46 +00:00
Christopher Angelo Phillips	571de3602a	update help formatting (#1105 )	2022-07-19 14:46:48 +00:00
cpendery	9b1adce19a	feat: implement haskell support (#1096 )	2022-07-18 15:33:54 -04:00

1 2 3 4 5 ...

1059 commits