Mirrors/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft synced 2024-09-20 14:11:54 +00:00
Code Issues Projects Releases Packages Wiki Activity
502 commits 71 branches 208 tags 119 MiB
Commit graph

502 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alex Goodman
91baabe5a1
add image metadata as catalogFromJSON return 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:37:12 -05:00
Alex Goodman
6f7a4fd3e4
move source metadata upstream and fix tests 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:37:12 -05:00
Alex Goodman
aa0d444fd4
fix tests to use location instead of file.Reference 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:37:12 -05:00
Alex Goodman
b694dacb21
add source.Location + reorient Resolvers to use it 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:37:11 -05:00
Alex Goodman
9668341a14
rename scope to source 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:37:11 -05:00
Alex Goodman
495fb0a45f
add sbom document import lib helper function 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-17 12:36:51 -05:00
Dan Luhring
a640a2c4cd
Merge pull request #267 from anchore/improve-java-version-recognition 
Improve Java version recognition
 2020-11-17 10:59:54 -05:00
Dan Luhring
3e8bca6911
Rework Java archive name and version detection and clean up tests 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-17 08:35:10 -05:00
Dan Luhring
5afdd574a8
Update existing archive test cases to correct names and versions 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-17 08:35:10 -05:00
Dan Luhring
0ebe791acd
Add archive filename test case for failing example from #255 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-17 08:35:10 -05:00
Dan Luhring
a5b72405dd
Merge pull request #265 from anchore/package-json-license-objects 
Improve package.json license parsing
 2020-11-14 13:06:24 -05:00
Dan Luhring
4861f69d7c
Fix spelling in logger setup 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:35:55 -05:00
Dan Luhring
6bde075cd3
Remove unused argument value 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:20:06 -05:00
Dan Luhring
f7be73dbcc
Fix package.json parsing for no licenses 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:12:13 -05:00
Dan Luhring
fc99538d78
Fix package.json parsing for multiple licenses objects 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:12:13 -05:00
Dan Luhring
4d4e242251
Fix package.json parsing for license object 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:12:12 -05:00
Dan Luhring
416afa015e
Add test for package.json with no licenses 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:11:46 -05:00
Dan Luhring
bd4c784a64
Add test for package.json multiple license objects 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 11:01:59 -05:00
Dan Luhring
624a090631
Add test for package.json license object 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-14 09:50:17 -05:00
Alex Goodman
dad1d9691c
Merge pull request #263 from anchore/add-source-to-rpmdb-cataloger 
Add source to packages found by RPMdb cataloger
 2020-11-12 09:36:20 -05:00
Alex Goodman
7964c27bd8
add source to packages found by rpmdb cataloger 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-12 09:27:08 -05:00
Alex Goodman
9581a0309b
Merge pull request #262 from anchore/fix-release 
Fix release process
 2020-11-11 15:15:12 -05:00
Alex Goodman
7e270bf76c
restore the checksum file during release 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-11 15:11:51 -05:00
Alex Goodman
fde37b4b56
provide goreleaser asset version via env var 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-11 14:36:24 -05:00
Dan Luhring
8627ea88ce
Fix usage of goreleaser's artifact pipeline 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-11 14:29:55 -05:00
Alex Goodman
2c82c7c0f0
Merge pull request #257 from anchore/enhance-deb-support 
Enhance dpkg support
 2020-11-11 13:12:29 -05:00
Dan Luhring
4c38ea595d
Merge pull request #261 from anchore/fix-brew 
Add signed and notarized ZIP release asset
 2020-11-11 13:09:45 -05:00
Dan Luhring
6fe5ad0739
Avoid Finder window flash during install 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-11 12:38:11 -05:00
Dan Luhring
7bced775c4
Add zip to gon outputs 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-11 12:30:29 -05:00
Alex Goodman
db98fba3b4
Merge pull request #260 from anchore/add-warning-levels 
Add warning log level
 2020-11-11 11:13:51 -05:00
Alfredo Deza
29d464c38a
Merge pull request #258 from anchore/distro-like 
Report the ID_LIKE value in the JSON presenter
 2020-11-11 11:11:13 -05:00
Alex Goodman
2a329002b8
enhance dpkg support by parsing md5sum and copyright file sources 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-11 11:06:34 -05:00
Alex Goodman
a6365886ad
add warning log level 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-10 15:09:41 -05:00
Alfredo Deza
6ae3b47959 tests: update all tests to pass the IDLike value 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-11-10 12:40:50 -05:00
Alfredo Deza
10b55311df presenter: provide ID_LIKE information in json 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-11-10 12:40:17 -05:00
Alfredo Deza
64d5554144 include ID_LIKE in distro detection 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-11-10 12:37:35 -05:00
Alfredo Deza
b3098f3423
Merge pull request #250 from anchore/issue-169 
Add distro information to JSON presenter
 2020-11-09 14:18:48 -05:00
Alfredo Deza
c2cf4eb7b0 update tests for the new distro information 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-11-09 12:16:00 -05:00
Alfredo Deza
1e79986188 json: update the document to include distro information 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-11-09 12:16:00 -05:00
Dan Luhring
3699a917fd
Merge pull request #254 from anchore/updates-to-mac-releases 
Updates for macOS release process
 2020-11-06 13:49:54 -05:00
Dan Luhring
501870f89f
Update README for secure macOS releases 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-06 13:40:31 -05:00
Dan Luhring
c878cc361c
Update install.sh to handle new macOS releases 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-06 13:39:26 -05:00
Dan Luhring
8fb5b17dbd
Use .Version in place of .Tag for release asset name 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-06 13:36:02 -05:00
Alex Goodman
b6eb589b78
Merge pull request #251 from anchore/add-rpm-file-info 
Add RPM file info sourced from the RPM DB
 2020-11-06 11:06:34 -05:00
Alex Goodman
6aba2f48d4
split out rpmdb file processing to helper + lint fixes 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-06 10:44:27 -05:00
Alex Goodman
0205e72be9
ensure resolvers ignore directories for "FilesBy*" methods 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-06 07:21:38 -05:00
Alex Goodman
8095cd9980
add rpmdb file info to cataloger 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-06 07:21:23 -05:00
Dan Luhring
ecfc471ce5
Resolve security warning for macOS users (#249) 
* Add support for macOS signing and notarization

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Use Docker to run the changelog generator locally

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-11-04 15:47:55 -05:00
Alex Goodman
a52750bdd3
enhance alpine file discovery (#248) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-11-04 09:56:52 -05:00
Alex Goodman
773581704c
bump threshold for inline compare for jenkins image 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-10-30 15:14:32 -04:00