brian-ebarb
6a2517b5d2
Add ELF binary package cataloger ( #2396 )
...
* feat Adds Elf package catalogger
Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>
* Add test fixtures for elf package
Signed-off-by: Colleen Divers <colleen.divers@gmail.com>
* bump JSON schema to v16.0.6 + expand test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* less verbose logging
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove dead test code
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove unreleated swift change
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>
Signed-off-by: Colleen Divers <colleen.divers@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Colleen Divers <colleen.divers@gmail.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-14 11:16:03 -04:00
dependabot[bot]
7ab6fc3fe4
chore(deps): bump modernc.org/sqlite from 1.29.3 to 1.29.5 ( #2710 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.3 to 1.29.5.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.3...v1.29.5 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 09:58:56 -04:00
dependabot[bot]
2051a62ded
chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 ( #2711 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...3ab4101902
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 09:58:42 -04:00
dependabot[bot]
5534c38d0f
chore(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 ( #2712 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](a4f52f8033...70a41aba78
)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-13 13:47:47 -04:00
Alex Goodman
47fc909700
Show binary exports, entrypoint, and imports ( #2626 )
...
show binary exports, entrypoint, and imports for macho, elf, and pe formats
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-12 22:04:02 +00:00
dependabot[bot]
2e2a9377ea
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 ( #2703 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-12 13:18:44 -04:00
dependabot[bot]
4ca79c7626
chore(deps): bump github.com/knqyf263/go-rpmdb ( #2701 )
...
Bumps [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb ) from 0.0.0-20230301153543-ba94b245509b to 0.1.0.
- [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.0 )
---
updated-dependencies:
- dependency-name: github.com/knqyf263/go-rpmdb
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-11 11:48:05 -04:00
guangwu
3743f5ae53
chore: reduce duplicate case SwiftPkg ( #2696 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-03-07 18:15:31 +00:00
guangwu
ebb9d4edb6
chore: remove deprecated os.SEEK_SET os.SEEK_CUR ( #2693 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-03-07 13:10:48 -05:00
dependabot[bot]
e2a9d891b2
chore(deps): bump github.com/docker/docker ( #2698 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.3+incompatible to 25.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:14 -05:00
dependabot[bot]
5b09c154bb
chore(deps): bump modernc.org/sqlite from 1.29.2 to 1.29.3 ( #2699 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.2 to 1.29.3.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.2...v1.29.3 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:02 -05:00
dependabot[bot]
1b121ac3f4
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 ( #2689 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:25:56 -05:00
Keith Zantow
f9e09aef19
docs: add simplest example from regsitry ( #2691 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-03-06 14:25:37 -05:00
anchore-actions-token-generator[bot]
d2ac672f8f
chore(deps): update tools to latest versions ( #2688 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-03-06 14:25:13 -05:00
dependabot[bot]
5e3fde04a5
chore(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 ( #2694 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.8 to 0.15.9.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](b6a39da807...9fece9e200
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:24:56 -05:00
dependabot[bot]
e214645394
chore(deps): bump github.com/charmbracelet/lipgloss from 0.9.1 to 0.10.0 ( #2695 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.9.1...v0.10.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:24:46 -05:00
dependabot[bot]
5bd1cd5c13
chore(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0 ( #2690 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/mod/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 10:15:18 -05:00
dependabot[bot]
fe4f17286f
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 ( #2684 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-01 13:51:18 -05:00
dependabot[bot]
d7e58964ef
chore(deps): bump actions/cache from 4.0.0 to 4.0.1 ( #2685 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](13aacd865c...ab5e6d0c87
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-01 13:50:49 -05:00
dependabot[bot]
59d54d6154
chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 ( #2686 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddaf
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-01 13:50:34 -05:00
Christopher Angelo Phillips
4d0dd02d5a
chore: update stereoscope ( #2683 )
...
* chore: update stereoscope to account for traversal bug fix
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-29 13:32:18 -05:00
Harm Weites
356f7c92b4
fix: match OpenSSL letter releases ( #2682 )
...
* chore: match openssl 1.1 letter releases
Signed-off-by: Harm Weites <harm@weites.com>
* chore: include image sha
Signed-off-by: Harm Weites <harm@weites.com>
---------
Signed-off-by: Harm Weites <harm@weites.com>
2024-02-29 14:39:23 +00:00
Alex Goodman
6377465440
Mark duplicated rows in table output ( #2679 )
...
* mark duplicated rows in table output
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix unit test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-29 09:33:00 -05:00
William Murphy
3ad91f2678
fix: trim path from deps.json in portable way ( #2674 )
...
* fix: trim path from deps.json in portable way
Previously, the path trimming regex would leave leading path separator
in place on Windows.
Probably a better long term fix is to a library path operation.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-02-29 09:31:55 -05:00
anchore-actions-token-generator[bot]
5ef83fdc79
chore(deps): update tools to latest versions ( #2680 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-02-29 09:27:37 -05:00
Alex Goodman
06ff1a353a
enforce breaking change bump major version ( #2635 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-28 15:48:20 -05:00
Keith Zantow
326ec57d4a
docs: fix incorrect flag name in readme ( #2677 )
2024-02-28 15:39:43 -05:00
Alex Goodman
48e5672a87
Consider filesystem types for mount points when ignoring system paths ( #2675 )
...
* consider fs types for mount points when ignoring system paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-28 15:37:17 -05:00
William Murphy
63171b55dd
fix: stop emitting bus events on go mod events ( #2673 )
...
Previously, the TUI would hang when scanning directories with lots of go
packages, possibly because this path was spamming the TUI with too
many events. Since checking on a particular go module is fast, don't
show TUI events for each one.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-02-28 14:14:46 -05:00
dependabot[bot]
acc473fc30
chore(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 ( #2676 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](b1ddad2c99...a4f52f8033
)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-28 09:31:29 -05:00
Keith Zantow
a978966cad
feat: add --from
flag, refactor source providers ( #2610 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-02-27 16:44:37 -05:00
dependabot[bot]
928511ea0f
chore(deps): bump modernc.org/sqlite from 1.29.1 to 1.29.2 ( #2671 )
2024-02-26 10:57:06 -05:00
dependabot[bot]
33b72ccbf8
chore(deps): bump github/codeql-action from 3.24.4 to 3.24.5 ( #2666 )
2024-02-23 14:10:26 +00:00
Keith Zantow
2995c3c4fd
fix: SPDX tag value version selector ( #2665 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-02-23 08:22:10 -05:00
Stefan Hacker
170ac079d4
fix(install): return appropriate error codes ( #2664 )
...
Signed-off-by: Stefan Hacker <mail@hacst.net>
2024-02-22 19:34:51 -05:00
Keith Zantow
108a5dae9b
chore: update busybox image for acceptance tests ( #2663 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-02-22 15:32:17 -05:00
dependabot[bot]
cdf1e0bacb
chore(deps): bump github/codeql-action from 3.24.3 to 3.24.4 ( #2662 )
2024-02-22 16:50:53 +00:00
Alex Goodman
0c3b8ca4ed
rename binary classifier cataloger name ( #2643 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-20 13:52:11 -05:00
Alex Goodman
434b6ad506
add cataloger selection example ( #2646 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-20 11:44:42 -05:00
anchore-actions-token-generator[bot]
3598cb4f8f
chore(deps): update tools to latest versions ( #2651 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-02-20 11:39:54 -05:00
anchore-actions-token-generator[bot]
8260bce057
chore(deps): update stereoscope to 6171ee21e1d584f6bde910f354d126c9cd70deaa ( #2655 )
2024-02-17 10:22:56 -05:00
dependabot[bot]
578ac9cf2d
chore(deps): bump github/codeql-action from 3.24.1 to 3.24.3 ( #2649 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.1 to 3.24.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e675ced7a7...379614612a
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-15 09:13:29 -05:00
Alex Goodman
a1b23bd57d
add syft version used to SBOM tool info by default ( #2647 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 16:57:31 -05:00
Alex Goodman
65cadda486
Survive indexing dead symlinks ( #2645 )
...
* survive indexing branches that start with a bad symlink
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add log statement
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 21:06:22 +00:00
Alex Goodman
a909e3cec9
fix considering base path when ignoring known bad unix paths ( #2644 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 15:57:38 -05:00
Alex Goodman
8e62ff9831
test for field conventions in json schema ( #2642 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 11:11:53 -05:00
Alexandr Hacicheant
96ee2db875
feat: Add Wordpress cataloger ( #2218 )
...
* Closes #1911 Wordpress cataloger
Signed-off-by: disc <a.hacicheant@gmail.com>
* Fixed a few unit tests and static analizer notices
Signed-off-by: disc <a.hacicheant@gmail.com>
* Updated `README.md`
Signed-off-by: disc <a.hacicheant@gmail.com>
* Fixed `golangci-lint` notices
Added integration test for `wordpress-plugin`
Signed-off-by: disc <a.hacicheant@gmail.com>
* Fixed `gosimports` notices
Signed-off-by: disc <a.hacicheant@gmail.com>
* Updated `json schema` version
Signed-off-by: disc <a.hacicheant@gmail.com>
* Fixed CLI tests, increased expected package count
Signed-off-by: disc <a.hacicheant@gmail.com>
* Read first 4Kb of a plugins file's content
Signed-off-by: disc <a.hacicheant@gmail.com>
* replace JSON schema version
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* change wording on source info for wordpress packages
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* Minor changes after a huge refactoring
Signed-off-by: disc <a.hacicheant@gmail.com>
* Removed unused files
Signed-off-by: disc <a.hacicheant@gmail.com>
* Updated schema
Signed-off-by: disc <a.hacicheant@gmail.com>
* Fixed integration tests
Signed-off-by: disc <a.hacicheant@gmail.com>
* fix integration tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* Renamed `metadata.Name` to `metadata.PluginInstallDirectory`
Signed-off-by: disc <a.hacicheant@gmail.com>
* rename fields to be compliant with json conventions
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: disc <a.hacicheant@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 16:03:25 +00:00
Alex Goodman
98b700e83c
rename binary cataloger to be more unique ( #2633 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-14 11:01:55 -05:00
Christopher Angelo Phillips
9803db2949
fix: update runner size to use larger HD for codeql ( #2641 )
...
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-14 10:31:05 -05:00
anchore-actions-token-generator[bot]
17ef243956
chore(deps): update tools to latest versions ( #2616 )
...
* chore(deps): update tools to latest versions
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* fix: update to new linter rules
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-14 14:59:49 +00:00