Mirrors/syft

mirror of https://github.com/anchore/syft synced 2024-09-20 06:01:53 +00:00

Author	SHA1	Message	Date
Alex Goodman	cfbb9f703b	add file source digest support (#1914 ) Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>	2023-07-05 13:47:13 -04:00
Marco Damiani	2e3c7fa158	doc(readme): add installation section with scoop (#1909 ) Signed-off-by: drazen04 <hangtime23@hotmail.it>	2023-07-03 13:50:01 -04:00
Tim Gerla	c27d5b11d4	docs: clarify reasoning of default catalogers for images or directories (#1887 ) Add some explanation around why there are different default sets of catalogers for image scans versus directory scans. Hopefully clarify questions related to #1776. Signed-off-by: Timothy Gerla <tim@gerla.net>	2023-06-20 19:47:50 +00:00
Jeff Squyres	d63a1f5f80	chore(docs): Update lists of catalogers (#1780 ) Signed-off-by: Jeff Squyres <jeff@squyres.com>	2023-05-04 15:36:22 -04:00
Alex Lehman	b2b332e8b2	feat: Add template func `hasField` (#1754 ) Signed-off-by: Lehman, Alex <alex.lehman@gtri.gatech.edu>	2023-04-21 09:34:06 -04:00
Avi Deitcher	b69259534d	feat: Support scanning license files in golang packages over the network (#1630 ) Signed-off-by: Avi Deitcher <avi@deitcher.net> Signed-off-by: Keith Zantow <kzantow@gmail.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Keith Zantow <kzantow@gmail.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2023-04-14 15:13:29 -04:00
Avi Deitcher	cc731c7b19	Add Linux Kernel cataloger (#1694 ) * add kernel handler Signed-off-by: Avi Deitcher <avi@deitcher.net> * [wip] combine kernel and kernel module cataloging Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * [wip] combine kernel and kernel module cataloging Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Avi Deitcher <avi@deitcher.net> * rename Kernel package to LinuxKernel package Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * split kernel and module packages within cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * wire up application configuration with kernel cataloger options Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * dont use references for packages on relationships Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting and tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * kernel cataloger should be resistent to partial failure Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * log upon kernel module metadata missing Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add tests for linux kernel cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update integration tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update cli package test counts Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add evidence annotations for kernel packages Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * reduce noise in cli test output Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * missed cli test to reduce noise for Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix package counts Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update docs with linux kernel cataloging refs Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump json schema with new metadata fields Signed-off-by: Alex Goodman <alex.goodman@anchore.com> --------- Signed-off-by: Avi Deitcher <avi@deitcher.net> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: <> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2023-04-14 14:33:36 -04:00
Shane Dell	16ebcb2455	Add support for nar files. (#1727 ) - Update README.md to show that nar is now supported. - Created a java-archives/example.nar so that the tests wouldn't break. - Add nar glob and as an option for pkgType. Closes #1701 Signed-off-by: Shane Dell <shanedell100@gmail.com>	2023-04-11 09:41:49 -04:00
Alex Goodman	7464079a09	Add Nix cataloger (#1696 ) * Add Basic Nix Cataloger Signed-off-by: Julio Tain Sueiras <juliosueiras@gmail.com> * Update nix def for the latest syft definition Signed-off-by: Julio Tain Sueiras <juliosueiras@gmail.com> * capture nix package files on pkg.NixStoreMetadata Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix unit tests and linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update JSON schema Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * address review comments Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * Update syft/pkg/cataloger/nix/parse_nix_store_path_test.go Co-authored-by: Florian Klink <flokli@flokli.de> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * support unstable version conventions Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update json schema relative to main branch Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update syft json with v7.1.1 schema Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix CLI tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove extra continue statement Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add Nix to list of supported ecosystems Signed-off-by: Alex Goodman <alex.goodman@anchore.com> --------- Signed-off-by: Julio Tain Sueiras <juliosueiras@gmail.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Julio Tain Sueiras <juliosueiras@gmail.com> Co-authored-by: Florian Klink <flokli@flokli.de>	2023-04-04 10:53:56 -04:00
Christopher Angelo Phillips	dfcc07e512	feat: Add config option to allow user to select the default image source location Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2023-03-31 10:04:10 -04:00
Avi Deitcher	9fd532246a	feat: scan local go mod cache for licenses of golang packages (#1645 ) Signed-off-by: Avi Deitcher <avi@deitcher.net> Co-authored-by: Keith Zantow <kzantow@gmail.com>	2023-03-23 10:38:15 -04:00
Marc-Etienne Vargenau	5fb0423b72	Update documentation: (#1680 ) - Syft is now outputing SPDX 2.3 by default - Give syntax to get SPDX 2.2 Signed-off-by: Marc-Etienne Vargenau <marc-etienne.vargenau@nokia.com>	2023-03-20 10:10:35 -04:00
Florian Klink	641bccc79b	README: update Nix installation instructions (#1455 ) 22.05 has been released, update the instructions. Signed-off-by: Florian Klink <flokli@flokli.de>	2023-01-13 15:43:25 +00:00
Christopher Angelo Phillips	44e8ae2577	fix: update attestation code to remove library dependencies and shellout for keyless flow (#1442 ) Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2023-01-12 17:22:05 +00:00
Chapman Pendery	ac8f72fdd1	feat: add BeamVM Hex support (#1073 ) * feat: initial commit providing mix support Signed-off-by: cpendery <cpendery@vt.edu> * feat: add rebar parser Signed-off-by: cpendery <cpendery@vt.edu> * fix: add beam/hex everywhere else required for Syft runtime Signed-off-by: cpendery <cpendery@vt.edu> * style: fix lints Signed-off-by: cpendery <cpendery@vt.edu> * ci: fix failing tests Signed-off-by: cpendery <cpendery@vt.edu> * docs: update with new supported languages Signed-off-by: cpendery <cpendery@vt.edu> * chore: update elixir/erlang catalogers to generic cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: cpendery <cpendery@vt.edu> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2023-01-12 12:10:46 -05:00
mikcl	4bfb849310	Parallel package catalog processing (#1355 ) * catalog: run cataloggers concurrently Signed-off-by: mikcl <mikesmikes400@gmail.com> * frontend: expose workers as a configurable option Signed-off-by: mikcl <mikesmikes400@gmail.com> * fixup! frontend: expose workers as a configurable option Signed-off-by: mikcl <mikesmikes400@gmail.com> * update logging statements Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * test: assert for debug logging Signed-off-by: mikcl <mikesmikes400@gmail.com> Signed-off-by: mikcl <mikesmikes400@gmail.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2023-01-11 15:18:02 -05:00
William Blair	e480443c8c	Add support for GraalVM Native Image executables. (#1276 ) Signed-off-by: William Blair <william.blair@oracle.com>	2023-01-06 18:31:22 -05:00
Rui Chen	6a7d6e6071	docs: migrate to homebrew-core (#1427 )	2023-01-02 08:16:32 -05:00
Keith Zantow	17aa8287e6	docs: remove file classifier (#1397 )	2022-12-08 16:50:29 +00:00
Nick Piper	91f4467a1f	docs: update attestation directions with new cosign changes	2022-10-29 20:18:53 +00:00
Keith Zantow	780e1c310c	refactor: Remove experimental Anchore Enterprise upload functionality (#1257 )	2022-10-10 16:16:47 -04:00
Adam Hughes	999994f197	docs: improve Singularity image source docs (#1190 )	2022-09-07 14:43:38 -04:00
Tom Fay	621f0fe082	cataloger configuration is respected regardless of source (#1142 )	2022-08-04 21:14:23 +00:00
Neil Levine	644ca00e20	Update README.md (#1146 )	2022-08-04 21:13:28 +00:00
Adam Hughes	d361d40cfa	Singularity Image Support (#974 ) * docs: add Singularity image support Add "singularity-image" scheme to CLI documentation and README. Signed-off-by: Adam Hughes <9903835+tri-adam@users.noreply.github.com> * upgrade stereoscope + docs Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-02 11:42:46 -04:00
Tom Fay	9896ff1b1f	add a cataloger for binaries built with rust-audit (#1116 ) * add a cataloger for binaries built with rust-audit Signed-off-by: Tom Fay <tomfay@microsoft.com>	2022-07-28 18:17:38 +00:00
cpendery	9b1adce19a	feat: implement haskell support (#1096 )	2022-07-18 15:33:54 -04:00
cpendery	470b13045b	feat: add support for cocoapods (Swift/Objective-C) (#1081 )	2022-07-11 10:09:08 -04:00
cpendery	57323a1666	feat: add support for conan packages (C/C++) (#1083 )	2022-07-05 10:49:24 -04:00
Christopher Angelo Phillips	bafc66a5e7	remove OSS Meetup message (#1057 )	2022-06-23 18:07:23 +00:00
Alex Goodman	ea611dab5f	Add catalogers configuration (#1038 ) * Option to enable specific language or ecosystem cataloger Signed-off-by: ramanan-ravi <ramanan@deepfence.io> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * Disable dotnet cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * Option to enable specific language or ecosystem cataloger Signed-off-by: Ramanan Ravikumar <ramanan@deepfence.io> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename "enable-cataloger" option to "catalogers" Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add cli test for --catalogers option Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update readme with latest cataloger names Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * enable dotnet cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix cataloger imports Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update readme with alpmdb cataloger config example Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: ramanan-ravi <ramanan@deepfence.io>	2022-06-21 13:06:25 +00:00
Jonas Xavier	aed1599c4d	add template output (#1051 ) * add template output Signed-off-by: Jonas Xavier <jonasx@anchore.com> * remove dead code Signed-off-by: Jonas Xavier <jonasx@anchore.com> * fix template cli flag Signed-off-by: Jonas Xavier <jonasx@anchore.com> * implement template's own format type Signed-off-by: Jonas Xavier <jonasx@anchore.com> * simpler code Signed-off-by: Jonas Xavier <jonasx@anchore.com> * fix readme link to Go template Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com> * simpler func signature patter Signed-off-by: Jonas Xavier <jonasx@anchore.com> * nit Signed-off-by: Jonas Xavier <jonasx@anchore.com> * fix linter error Signed-off-by: Jonas Xavier <jonasx@anchore.com>	2022-06-17 14:04:31 -04:00
marcinbojko	f15d4a9984	Update of README.md (#1027 )	2022-06-08 17:39:22 -04:00
briankoe741	fb699496a8	Add announcement for Anchore OSS Virtual Meetup (#1033 )	2022-06-06 20:26:05 +00:00
Jonas Xavier	24f08e7738	Convert between SBOM formats (#964 ) * add convert command Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * mvp Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * fix hanging bug Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * validate SBOM formats for conversion Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * move convert cmd to new structure Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * remove bin Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * drop event loop from convert cmd extract SBOM type from document namespace Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * validate SPDX in tests Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * documenting convert cmd Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * support output format=file.json notation Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * test convertible formats Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * fix typo Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * clean up Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * more clean up and docs Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonasx@anchore.com> * nit Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com> * re-use more code Signed-off-by: Jonas Xavier <jonasx@anchore.com> * undo encode-decode cycle test Signed-off-by: Jonas Xavier <jonasx@anchore.com> * remove unnecessary test constraint Signed-off-by: Jonas Xavier <jonasx@anchore.com> * fix readme Signed-off-by: Jonas Xavier <jonasx@anchore.com> * try verbose Signed-off-by: Jonas Xavier <jonasx@anchore.com> * cleaner README and no table conversion Signed-off-by: Jonas Xavier <jonasx@anchore.com> * simpler conversion Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes and cleanup Signed-off-by: Jonas Xavier <jonasx@anchore.com> * nit space fix Signed-off-by: Jonas Xavier <jonasx@anchore.com> * use defer Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com> Co-authored-by: Keith Zantow <kzantow@gmail.com>	2022-05-09 17:28:33 -07:00
Christopher Angelo Phillips	a83506628c	Add README updates for Keyless features (#988 )	2022-05-09 16:07:28 +00:00
Christian Kotzbauer	1cea0ecd5c	feat: add initial dotnet-support (#951 ) * feat: add initial dotnet-support Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * fix: add path, sha512 and hashpath Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * fix: add missing dot Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * fix: lint warnings Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * fix CLI test package counts to account for dotnet Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix: updated packagurl-go Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de> * tidy go.sum Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update json schema Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-05-05 15:32:02 -04:00
Steven Maude	8b6c576d78	Fix `github-json` output option (#967 ) * Fix "bad output format" for `github-json` output Signed-off-by: Steven Maude <git@stevenmaude.co.uk> * Update formats in README Signed-off-by: Steven Maude <git@stevenmaude.co.uk> * Run `make lint-fix` Signed-off-by: Steven Maude <git@stevenmaude.co.uk>	2022-05-04 17:25:40 -07:00
Keith Zantow	02a8fb6f8c	Minor readme update to correct format information (#948 )	2022-04-12 17:16:47 -04:00
Eric Larssen	cb3e73e308	Add dart support (#919 ) Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-03-31 15:44:55 -04:00
Dan Luhring	5549939cc6	Fixups and clarifications in README (#920 ) Signed-off-by: Dan Luhring <dan+github@luhrings.com>	2022-03-25 11:36:43 -04:00
briankoe741	47ea910868	Remove announcement for OSS Meetup (#915 ) Proposing changes to remove our 3/23 meetup Signed-off-by: Dan Luhring <dan+github@luhrings.com>	2022-03-25 00:17:14 +00:00
Alex Goodman	03e193e577	Add platform option to the README (#889 )	2022-03-21 12:02:15 -04:00
Keith Zantow	b9b3ccecf9	Update register link text (#891 )	2022-03-15 17:02:33 +00:00
Christopher Angelo Phillips	93d2d57cd3	update README with OSS Meetup information (#890 ) Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-03-15 11:37:56 -04:00
Jonas Xavier	4a8a9ce290	add podman scheme to doc examples (#860 )	2022-03-02 14:39:05 -08:00
Christopher Angelo Phillips	256e85bc12	510 - SBOM attestation stdout (#785 ) add syft attest command to produce an attestation as application/vnd.in-toto+json to standard out using on disk PKI Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-02-22 21:45:12 -05:00
j-k	5ab872c732	Add nix install details (#800 ) Signed-off-by: 06kellyjac <jack@control-plane.io>	2022-02-09 14:33:26 -05:00
majinghe	23e1bd3984	add metadata filed on pod usage template (#788 ) Signed-off-by: xiaomage <jhma@gitlab.cn>	2022-02-08 16:00:19 -05:00
Idan Frimark	ed1cbf50d9	Update README.md (#772 ) Update `Example attest` Signed-off-by: Idan Frimark <idanf@cisco.com>	2022-01-27 19:59:36 +00:00

1 2 3

109 commits