Mirrors/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft synced 2024-11-10 06:14:16 +00:00
Code Issues Projects Releases Packages Wiki Activity
2346 commits 73 branches 214 tags 132 MiB
Commit graph

2346 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alfredo Deza
bc693829a6
Merge pull request #110 from anchore/issue-8 
adds the yarn.lock cataloger
 2020-07-29 11:20:06 -04:00
Alfredo Deza
caecce9b41 tests: update integration tests to include yarn packages 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:35:45 -04:00
Alfredo Deza
713f660528 cataloger: update controller to use javascript (vs. npm) 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:20:11 -04:00
Alfredo Deza
d79cecea3e tests: verify new yarn.lock parser 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:20:11 -04:00
Alfredo Deza
57904743aa pkg: define the Yarn package type 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:18:47 -04:00
Alfredo Deza
67fb1326e0 cataloger: implement the yarn.lock parser 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:18:47 -04:00
Alfredo Deza
146b4bd01f cataloger: rename npm to javascript to accommodate yarn parser 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-28 15:18:47 -04:00
Alex Goodman
06f8355fce
finalize update check URL 2020-07-27 15:13:41 -04:00
Alex Goodman
19eadde9ca
use aws creds for version file upload 2020-07-27 09:55:11 -04:00
Alex Goodman
d21de64cb3
use mount path for version upload 2020-07-27 09:35:55 -04:00
Alex Goodman
50b50a50b2
Merge pull request #108 from anchore/upload-version 
Upload version check file on release
 2020-07-27 09:33:52 -04:00
Alex Goodman
6536f0bb36
upload version check file on release 2020-07-27 09:30:05 -04:00
Alex Goodman
2e15d854eb
bump circle resources 2020-07-25 19:08:19 -04:00
Alex Goodman
78c3652759
bump bouncer version 2020-07-25 16:55:41 -04:00
Alex Goodman
2502814143
rollup static analysis to make target 2020-07-25 16:40:37 -04:00
Alex Goodman
991bf203da
bust old imgbom cache 2020-07-25 10:36:17 -04:00
Alex Goodman
05c78de9d3
generate java fixtures ahead of tests 2020-07-25 10:06:52 -04:00
Alex Goodman
c9dea59232
verify signing fingerprint 2020-07-25 09:59:48 -04:00
Alex Goodman
08ea496544
Merge pull request #94 from anchore/table-output 
Add default table presenter
 2020-07-25 08:49:14 -04:00
Alex Goodman
1ba0678cf6
provide signed checksums 2020-07-25 08:42:50 -04:00
Alex Goodman
c814379c80
add auto prerelease option 2020-07-25 07:33:24 -04:00
Alex Goodman
f3428e49b8
add release quality gate 2020-07-25 07:23:15 -04:00
Alex Goodman
585569e929
fix gha go cache key; rm brew until oss release 2020-07-25 07:18:21 -04:00
Alex Goodman
32bd57886e
add publish release 2020-07-25 07:09:20 -04:00
Alex Goodman
44f26c7f90
update release quality gate version 2020-07-25 07:03:57 -04:00
Alfredo Deza
f8a5c56191
Fix acceptance tests (#106) 
* test: allow no metadata in packages

Signed-off-by: Alfredo Deza <adeza@anchore.com>

* test: update centos json fixture

Signed-off-by: Alfredo Deza <adeza@anchore.com>

Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2020-07-25 06:39:44 -04:00
Alex Goodman
2e458cd73d
make acceptance test results dir on run 2020-07-24 18:04:52 -04:00
Alex Goodman
6b0ab2de4a
Merge pull request #107 from anchore/fix-acceptance-compare 
Fix acceptance test compare script & persist results
 2020-07-24 17:53:02 -04:00
Alex Goodman
14ec30aee1
fix acceptance test compare script & persist 2020-07-24 17:41:22 -04:00
Alfredo Deza
578952986f
Merge pull request #103 from anchore/issue-81 
scope: do not create scope if path is invalid
 2020-07-24 15:33:30 -04:00
Alfredo Deza
e1ce040ead scope: do not create scope if path is invalid 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-24 15:25:14 -04:00
Alex Goodman
9ec5da24dd
fix py globs to include partial matches (#101) 2020-07-24 08:22:56 -04:00
Alex Goodman
32071b0bf1
add default table presenter 2020-07-23 21:48:12 -04:00
Alex Goodman
0a0bc68e95
show verbose test output to prevent circleci kills 2020-07-23 21:47:11 -04:00
Alex Goodman
a4016d35ce
rename to syft 2020-07-23 20:54:04 -04:00
Alex Goodman
2132700198
add apk/alpine support (#98) 2020-07-23 20:35:57 -04:00
Alex Goodman
63ba7ae47d
add remaining debian & el distro support (#99) 2020-07-23 20:35:40 -04:00
Alex Goodman
5ccd6d5f6a
check for unsupported "go get" chars (#100) 2020-07-23 13:08:31 -04:00
Alex Goodman
ba4f63099d
Add release process (#89) 
* add check for app update; fix ETUI error handling

* validate user args

* add goreleaser support

* replace cgo dependencies (go-rpm) with go equivalents

* add acceptance tests against build snapshot

* add brew tap + acceptance test pipeline

* add mac acceptance tests

* fix compare makefile

* fix mac acceptance tests

* add release pipeline with wait checks

* add token to release step

* rm dir presenters int test

* enforce dpkg to be non interactive

Co-authored-by: Alfredo Deza <adeza@anchore.com>

* pin brew formulae

* pin skopeo to formulae url

* only run acceptance tests

Co-authored-by: Alfredo Deza <adeza@anchore.com>
 2020-07-23 10:52:44 -04:00
Alfredo Deza
3cb7c43dbc
Merge pull request #96 from anchore/issue-7 
Add support for analyzing package-lock.json files
 2020-07-23 09:54:39 -04:00
Alfredo Deza
f1c14d97f6 integration: validate package-lock.json parsing 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-23 09:51:05 -04:00
Alfredo Deza
9f314eb493 cataloger: support npm packages from package-lock.json files 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-23 09:51:05 -04:00
Alfredo Deza
fb4b83cf3e cataloger: define Javascript (npm) package type 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-23 09:51:01 -04:00
Alex Goodman
44c69f1f91
add go.mod cataloger (#97) 2020-07-23 08:17:30 -04:00
Alfredo Deza
265516682f
Merge pull request #92 from anchore/issue-58 
catalog Python packages from a requirements.txt file
 2020-07-21 16:00:20 -04:00
Alfredo Deza
74d87254ed integration: validate requirements.txt is picked up and parsed 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-21 15:49:19 -04:00
Alfredo Deza
50eae46d37 type: add PythonPkg types for requirements-based packages 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-21 15:49:19 -04:00
Alfredo Deza
f8a2b7a626 tests: verify requirements.txt captures versions 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-21 15:49:19 -04:00
Alfredo Deza
83056a4b6f cataloger: add a requirements.txt parser 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-21 15:38:30 -04:00
Alfredo Deza
8747b68b86 cataloger: add a glob path for parsing requirements.txt 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-07-21 14:37:06 -04:00