Commit graph

1484 commits

Author SHA1 Message Date
Alex Goodman
4da3be864f
Refactor source API (#1846)
* refactor source API and syft json source block

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update source detection and format test utils

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* generate list of all source metadata types

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* extract base and root normalization into helper functions

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* preserve syftjson model package name import ref

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* alias should not be a pointer

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-06-30 14:19:16 +00:00
anchore-actions-token-generator[bot]
608dbded06
chore(deps): update bootstrap tools to latest versions (#1905)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
2023-06-29 14:10:30 -04:00
anchore-actions-token-generator[bot]
791d1f9552
chore(deps): update stereoscope to cd49355d934e9e09339e0b690398afe7bd9f63f1 (#1903)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-06-28 12:05:12 -04:00
anchore-actions-token-generator[bot]
e5e97b5c4e
chore(deps): update bootstrap tools to latest versions (#1902)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
2023-06-28 12:04:39 -04:00
Weston Steimel
8219f8d55b
fix: discover deb file relationships in distroless images (#1901)
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
2023-06-28 13:28:20 +01:00
Alex Goodman
026be3c0f1
add oss community board auto-add workflow (#1898)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-06-27 15:53:59 -04:00
anchore-actions-token-generator[bot]
0d4f19043e
chore(deps): update stereoscope to 8c7173ebcf69187d480d4d8b0c6cafaa7aef7024 (#1890)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-06-26 13:58:44 -04:00
anchore-actions-token-generator[bot]
38b47e484c
chore(deps): update bootstrap tools to latest versions (#1894)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
2023-06-26 13:58:17 -04:00
Stephane Rufer
7943c73d3f
fix: add support for Dart SDK package dependencies (#1891)
Signed-off-by: Stephane Rufer <1128559+rufman@users.noreply.github.com>
2023-06-23 12:40:46 -04:00
Alex Goodman
25ce245c03
Simplify the SBOM writer interface (#1892)
* remove sbom.writer bytes call and consolidate helpers to options pkg

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* dont close stdout

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove close operation from multiwriter

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-06-23 11:21:22 -04:00
Dan Luhring
7de7a7990a
fix: improve version detection in Java archive name parsing (#1889)
Signed-off-by: Dan Luhring <dluhring@chainguard.dev>
2023-06-22 18:42:10 +00:00
Keith Zantow
f79cb9587f
fix: only output valid cyclonedx license choices (#1879)
* fix: only output valid cyclonedx license choices

Signed-off-by: Keith Zantow <kzantow@gmail.com>

* chore: update tests

Signed-off-by: Keith Zantow <kzantow@gmail.com>

* chore: return nil for emtpty cdx license list

Signed-off-by: Keith Zantow <kzantow@gmail.com>

---------

Signed-off-by: Keith Zantow <kzantow@gmail.com>
2023-06-22 12:05:38 -04:00
Tim Gerla
c27d5b11d4
docs: clarify reasoning of default catalogers for images or directories (#1887)
Add some explanation around why there are different default sets of catalogers for image scans versus directory scans. Hopefully clarify questions related to #1776.

Signed-off-by: Timothy Gerla <tim@gerla.net>
2023-06-20 19:47:50 +00:00
William Murphy
5d54e6e847
Configure chronicle to pre-1.0 mode (#1886)
Track a chronicle config file that causes chronicle to bump minor
version instead of major version in response to the "breaking-change"
label for pre-1.0 releases.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
2023-06-20 16:08:35 +00:00
Keith Zantow
631d50d038
chore: update SPDX license list to 3.21 (#1885) 2023-06-20 15:47:02 +00:00
anchore-actions-token-generator[bot]
269006bf04
chore(deps): update bootstrap tools to latest versions (#1880) 2023-06-20 10:22:18 -04:00
William Murphy
e2ed89f700
Pad artifact IDs (#1882)
Otherwise the hash can sometimes be short if it results in a low uint64.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
2023-06-16 13:26:18 -04:00
dependabot[bot]
badb957888
chore(deps): bump golang.org/x/mod from 0.10.0 to 0.11.0 (#1878)
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/mod/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 14:10:11 -04:00
dependabot[bot]
a1bba36d51
chore(deps): bump modernc.org/sqlite from 1.23.0 to 1.23.1 (#1874)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.23.0 to 1.23.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.23.0...v1.23.1)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-14 11:45:39 -04:00
anchore-actions-token-generator[bot]
c019cd51da
chore(deps): update stereoscope to 5b5049bf4d3a99df9a2b1c31d5d52ddff7b5cec2 (#1871)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-06-14 11:29:39 -04:00
dependabot[bot]
5406d8a366
chore(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1876)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/net/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-14 10:30:19 -04:00
James Neate
098c255a2d
fix: pom properties not setting artifact id (#1870)
Signed-off-by: James Neate <jamesmneate@gmail.com>
2023-06-12 09:59:14 -04:00
dependabot[bot]
2c5d64ac9e
chore(deps): bump github.com/spdx/tools-golang from 0.5.1 to 0.5.2 (#1868)
Bumps [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/spdx/tools-golang/releases)
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.1...v0.5.2)

---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-08 17:01:19 -04:00
Avi Deitcher
1764e1c3f6
fix: handle invalid symlinks (#1861)
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2023-06-05 15:04:14 -04:00
dependabot[bot]
c560ffd811
chore(deps): bump github.com/spdx/tools-golang from 0.5.0 to 0.5.1 (#1850)
* chore(deps): bump github.com/spdx/tools-golang from 0.5.0 to 0.5.1

Bumps [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/spdx/tools-golang/releases)
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.0...v0.5.1)

---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: update fixtures for spdx with new library changes

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-06-05 15:01:06 -04:00
anchore-actions-token-generator[bot]
7d1b292ad0
chore(deps): update bootstrap tools to latest versions (#1857)
* chore(deps): update bootstrap tools to latest versions

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-06-05 18:56:04 +00:00
Christopher Angelo Phillips
f07581f504
Pr 1825 (#1865)
chore: code cleanup

Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>

---------

Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: guoguangwu <guoguangwu@magic-shield.com>
2023-06-05 17:01:00 +00:00
dependabot[bot]
d676e5e781
chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#1862)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:48:18 -04:00
dependabot[bot]
903d29b6f7
chore(deps): bump modernc.org/sqlite from 1.22.1 to 1.23.0 (#1863)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.22.1 to 1.23.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.22.1...v1.23.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 10:47:59 -04:00
Keith Zantow
79a955b1a9
feat: source-version flag (#1859) 2023-06-05 10:36:34 -04:00
dependabot[bot]
1bd9de9047
chore(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#1851)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-01 08:35:14 -04:00
Avi Deitcher
68f8df9594
accept main.version ldflags even without vcs (#1855)
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2023-06-01 08:34:46 -04:00
James Neate
c69cdd9f4a
feat: add scope to pom properties (#1779)
* feat: add scope to pom properties

Signed-off-by: James Neate <jamesmneate@gmail.com>

* fix: fixed conflict with schema bump

Signed-off-by: James Neate <jamesmneate@gmail.com>

---------

Signed-off-by: James Neate <jamesmneate@gmail.com>
2023-06-01 12:22:29 +00:00
dependabot[bot]
5842fc2a64
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1852)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-30 13:48:54 -04:00
dependabot[bot]
f0307fdd62
chore(deps): bump github.com/docker/docker (#1849)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.1+incompatible to 24.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.1...v24.0.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-26 16:08:20 -04:00
Alex Goodman
74013d7da7
Add test to ensure package metadata is represented in the JSON schema (#1841)
* [wip] try to reflect metadata types... probably wont work

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* refactor to add unit test to ensure there is coverage in the schema

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* [wip] generate metadata container

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add generation of metadata container struct for JSON schema generation

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix linting

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update linter script to account for code generation

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-05-25 13:26:56 -04:00
Alex Goodman
6afbffce28
Fix directory resolver to consider CWD and root path input correctly (#1840)
* [wip] put in initial fix

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* capture expected behavior of dir resolver in tests

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update tests + comments to reflect current dir resolver behavior

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add additional test cases

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix linting

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix additional tests

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix bad merge conflict resolution

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-05-25 13:41:18 +00:00
Alex Goodman
07e76907f6
Migrate location-related structs to the file package (#1751)
* migrate location structs to file package

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* replace source.Location refs with file package call

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix linting

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove hardlink test for file based catalogers

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove hardlink test for all-regular-files testing

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* migrate file resolver implementations to separate package

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix linting

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* [wip] migrate resolvers to internal

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* migrate resolvers to syft/internal

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: <>
2023-05-24 17:06:38 -04:00
dependabot[bot]
4bf17a94b9
chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#1843)
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-24 11:40:11 -04:00
Christopher Angelo Phillips
4ac8fdf6df
fix: add panic recovery for license parse (#1839)
* fix: add panic recovery for license parse
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-05-23 16:58:49 +00:00
Idan Frimark
087a6356b9
chore: return both failures when failed to retrieve an image with a scheme (#1801)
Signed-off-by: Idan Frimark <idanf@cisco.com>
2023-05-23 10:32:12 -04:00
Alex Goodman
26c201f7f7
Extract go module versions from ldflags for binaries built by go (#1832)
* wip

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>

* with golang bin ldflags refactor

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add test for golang binary cataloger for ldflag extraction

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove binary classfiers that overlap with new go ldflags detection

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
2023-05-23 10:27:48 -04:00
Keith Zantow
a3c5550217
fix: duplicate packages, support pnpm lockfile v6 (#1778) 2023-05-23 10:24:25 -04:00
anchore-actions-token-generator[bot]
798af57853
chore(deps): update stereoscope to e14bc4437b2eac481c5b6f101890b22df4f33596 (#1834)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-05-23 10:18:39 -04:00
dependabot[bot]
f50302b2ba
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1829)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 14:01:17 -04:00
dependabot[bot]
b09cf6c6b5
chore(deps): bump github.com/docker/docker (#1833)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.0+incompatible to 24.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.0...v24.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 13:07:24 -04:00
Alex Goodman
334a775cb9
Keep original FileInfo persisted on file.Metadata structs (#1794)
* pull in fileinfo changes from stereoscope #172

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix CLI test assumption about the docker daemon

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

---------

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: <>
2023-05-19 14:21:10 +00:00
dependabot[bot]
f1b6f38ea8
chore(deps): bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 (#1827)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.1...v1.9.2)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-19 09:01:05 -04:00
dependabot[bot]
f6f8332b7f
chore(deps): bump github.com/google/go-containerregistry (#1823)
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.15.1 to 0.15.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.15.1...v0.15.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 14:34:27 -04:00
dependabot[bot]
74351567ab
chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 (#1822)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 14:33:48 -04:00