Commit graph

2184 commits

Author SHA1 Message Date
Rajan Agaskar
ae0683074e
feat: update syft to generate cyclone-dx 1.6 by default (#2978)
- Resolves #2974
- add detailed instructions re: updating schemas (a necessary task
  when a new CycloneDX spec version becomes available).
- The DefaultVersion constant has been updated to "1.6" -- it's not
  clear to me how this is used at this time (it may be redundant given
  other code), but effectively unless a specific spec version is
  configured, `syft` will emit the "most recent" spec version available
  for cyclonedx. Users who wish to pin back to a "older" specVersion
  (e.g. to preserve compatibilty with utilities that have not yet bumped
  to latest) can either set this in a syft config file or pass a
  name@spec_version pair to the output flag (e.g. `-o
  cyclonedx-json@1.5=some-1.5-spec-bom.cdx.json`)
- Regenerate relevant .golden files (there seems to be a way to do this
  via flags, but I couldn't quite figure out the right set to pass
  correctly, esp. since (as a relative go novice) I found it difficult
  to run just a single test file. I ended up "brute-forcing it" by
  changing the *updateSnapshot val to "true" and running it in Goland.
  A brief comment giving an example of regenerating fixtures usage would
  be helpful.

Signed-off-by: Rajan Agaskar <ragaskar@gmail.com>
2024-06-21 08:51:27 -07:00
dependabot[bot]
9b178174a7
chore(deps): bump github.com/charmbracelet/bubbletea (#2982)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.4 to 0.26.5.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/master/.goreleaser.yml)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.4...v0.26.5)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-21 08:46:35 -07:00
dependabot[bot]
e947779886
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#2975) 2024-06-20 15:12:12 +00:00
Laurent Goderre
7a35de04ee
fix: detection of arangodb 3.12 (#2979)
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-06-20 11:11:03 -04:00
Weston Steimel
246df97ae7
chore: enable dependabot to keep boostrap action updated (#2976)
Signed-off-by: Weston Steimel <commits@weston.slmail.me>
2024-06-19 20:17:11 +01:00
dependabot[bot]
750d37f075
chore(deps): bump github.com/github/go-spdx/v2 from 2.2.0 to 2.3.1 (#2973)
Bumps [github.com/github/go-spdx/v2](https://github.com/github/go-spdx) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/github/go-spdx/releases)
- [Commits](https://github.com/github/go-spdx/compare/v2.2.0...v2.3.1)

---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 09:46:11 -07:00
dependabot[bot]
5061b905dc
chore(deps): bump github.com/google/go-containerregistry (#2971)
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 08:44:19 -07:00
dependabot[bot]
ed3774afa7
chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#2972)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 08:44:10 -07:00
Christopher Angelo Phillips
22d5731482
fix: fix parsing for complex toml types (#2965)
* fix: fix parsing for complex toml types
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-14 19:32:17 +00:00
Keith Zantow
af3aaa0397
fix: make caching options more explicit (#2966)
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-06-14 18:45:48 +00:00
anchore-actions-token-generator[bot]
70098e20bb
chore(deps): update tools to latest versions (#2961)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-06-14 08:18:41 -07:00
dependabot[bot]
784b17f66c
chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 (#2964)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.9 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](530d4feaa9...23acc5c183)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-14 08:18:25 -07:00
Weston Steimel
d5cd5f6091
feat: index known CPEs for wordpress plugins and themes (#2963)
Signed-off-by: Weston Steimel <commits@weston.slmail.me>
2024-06-14 14:39:43 +01:00
Weston Steimel
749ccc59c1
fix(golang): improve version extraction from ldflags for pingcap TiDB (#2962)
* fix(golang): improve version extraction from ldflags for pingcap TiDB

Signed-off-by: Weston Steimel <commits@weston.slmail.me>

* loosen ld flag parsing requirements

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Weston Steimel <commits@weston.slmail.me>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-14 14:35:14 +01:00
dependabot[bot]
273e31e806
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#2955)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-13 12:28:04 -04:00
dependabot[bot]
9beaec2e97
chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 (#2956)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.8 to 3.25.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2e230e8fe0...530d4feaa9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-13 12:27:53 -04:00
Keith Zantow
ca0cc52d47
fix: separate golang license caches from mod dir (#2852)
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-06-12 19:12:35 -04:00
dependabot[bot]
dd723bb3c5
chore(deps): bump github.com/vbatts/go-mtree from 0.5.3 to 0.5.4 (#2952)
Bumps [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/vbatts/go-mtree/releases)
- [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md)
- [Commits](https://github.com/vbatts/go-mtree/compare/v0.5.3...v0.5.4)

---
updated-dependencies:
- dependency-name: github.com/vbatts/go-mtree
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-12 13:17:06 -04:00
anchore-actions-token-generator[bot]
fb68489590
chore(deps): update tools to latest versions (#2949)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-06-11 08:09:07 -07:00
dependabot[bot]
5590d5c1ce
chore(deps): bump modernc.org/sqlite from 1.30.0 to 1.30.1 (#2950)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.30.0 to 1.30.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.30.0...v1.30.1)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-11 08:08:45 -07:00
Alex Goodman
0956753409
Consider Author field for wordpress plugins when generating CPEs (#2946)
* enhance wordpress vendor candidates for CPEs

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* encode wordpress plugin target software

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-10 14:12:20 -04:00
Alex Goodman
f966bcfd03
trim whitespace from wordpress values (#2945)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-10 13:35:01 -04:00
Alex Goodman
c43f4fb416
add signature verification to install.sh (#2941)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-10 11:29:53 -04:00
Alex Goodman
db0c33481e
pin golang image (#2944)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-10 09:59:33 -04:00
anchore-actions-token-generator[bot]
a658cc7402
chore(deps): update tools to latest versions (#2943)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-06-10 09:20:22 -04:00
Alex Goodman
254a562b4e
Add support for reading ELF package notes with section header (#2939)
* add support for reading ELF package notes with section header

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add systemd elf package fields to json schema

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-07 14:38:54 -04:00
anchore-actions-token-generator[bot]
bc20e66d08
chore(deps): update tools to latest versions (#2940)
* chore(deps): update tools to latest versions

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* chore: update header and deprecated fields

Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-06-07 16:55:32 +00:00
Alex Goodman
6e16396d18
remove dco workflow (#2936)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-06 14:29:55 +00:00
Brian Ebarb
5cdc0845fb
feat: add license field to ELF binary package metadata (#2890)
Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>

feat: add License component to elf binary packages

Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>

feat: fix elf_package_cataloger test

feat: elf package cataloger unit test updates
2024-06-06 14:10:53 +00:00
dependabot[bot]
baca15f186
chore(deps): bump github.com/docker/docker (#2935)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.3+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.3...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-06 09:56:47 -04:00
Laurent Goderre
b608ab77e1
feat: classifier for util-linux (#2933)
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-06-05 17:32:52 -04:00
dependabot[bot]
f4c941f08d
chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#2929)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.26.0.
- [Commits](https://github.com/golang/net/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-05 19:09:09 +00:00
dependabot[bot]
2d5760145c
chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#2928)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.7 to 3.25.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f079b84933...2e230e8fe0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-05 11:58:14 -07:00
dependabot[bot]
f11bb95c1e
chore(deps): bump golang.org/x/mod from 0.17.0 to 0.18.0 (#2930)
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/mod/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-05 11:57:54 -07:00
dependabot[bot]
d2fa5ed41c
chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.8.0 to 0.9.0 (#2931)
Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml)
- [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-05 11:57:43 -07:00
Christopher Angelo Phillips
7508d75b2b
fix: update unit tests to use pinned patch version (#2932)
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-06-05 18:31:38 +00:00
Alex Goodman
3472b48177
Add relationships for python poetry packages (#2906)
* [wip] add initial poetry.lock relationship support

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* provide generic set for basic types

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* dependency resolver should allow for conditional deps

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add tests for poetry lock relationship additions

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* update schema with python poetry dependency refs

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* dep specification data structure should not be recursive in nature

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 20:00:05 +00:00
Alex Goodman
4bdbd1aa2a
remove unused test fixtures and empty dirs (#2924)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 15:22:49 -04:00
William Murphy
557ad73ee6
fix: only skip tmpfs mounts for some paths (#2918)
* fix: only skip tmpfs mounts for some paths

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* refactor and add tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add regression test for archive processing

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* bump to golang 1.22

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* remove rule 1 and add more tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Will Murphy <will.murphy@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 15:21:45 -04:00
Alex Goodman
cb09dd9e19 match existing DCO GH check name
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 13:34:29 -04:00
Alex Goodman
2f39322f81
use dco tool during gh app outage (#2926)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-04 17:31:29 +00:00
William Tang
fe0b78b7fe
fix: close sql driver after testing sqlite availability (#2922)
Signed-off-by: William Tang <ttc0419@outlook.com>
2024-06-03 14:42:13 +00:00
Ralph Bean
8a7f08e2c8
Use redhat as namespace for redhat rpms (#2914)
The namespace value of `redhat` signifies this as an RPM package
produced and distributed by Red Hat.

Using "rhel" in the namespace is not correct.

Signed-off-by: Ralph Bean <rbean@redhat.com>
2024-06-03 10:18:52 -04:00
dufucun
29d601d1f1
chore: fix some comments (#2920)
Signed-off-by: dufucun <dufuchun@sohu.com>
Co-authored-by: dufucun <dufucunn@sohu.com>
2024-06-03 14:10:39 +00:00
anchore-actions-token-generator[bot]
3ac95bfbd0
chore(deps): update CPE dictionary index (#2919)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-06-03 10:00:30 -04:00
dependabot[bot]
24262b9e31
chore(deps): bump modernc.org/sqlite from 1.29.10 to 1.30.0 (#2921)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.10 to 1.30.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.10...v1.30.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 09:59:33 -04:00
dependabot[bot]
b04bc0fbfe
chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (#2916)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9fdb3e4972...f079b84933)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 11:17:21 -04:00
dependabot[bot]
aafa161ff6
chore(deps): bump github.com/charmbracelet/bubbletea (#2917)
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.3 to 0.26.4.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.3...v0.26.4)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-31 10:20:00 -04:00
Laurent Goderre
eeb4193d4a
Lua: Add support for more advanced syntax (#2908)
* Add lua/rocksepc support for variables substitution
* Lua: Skip expressions in rockspec packages
* Lua: Add support for concatenation of string and variables
* Lua: Skip expressions in local
* Lua: Skip build sections in Rockspec files
* Lua: skip function blocks in Rockspec
* Lua: Add support for multi variable per line
---------
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-05-30 11:38:45 -04:00
anchore-actions-token-generator[bot]
5cf8cc9bc3
chore(deps): update tools to latest versions (#2913)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-05-30 11:37:31 -04:00