Christopher Angelo Phillips
e100776f22
chore: update anchore/packageurl-go to use latest commits ( #2746 )
...
chore: update packageurl-go dependency to use latest commits
chore: go mod tidy
unit: update + -> %2B
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-04-04 10:33:51 -04:00
Laurent Goderre
e0233625cb
feat: cataloger for PHP Pecl and PEAR packages ( #2604 )
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-04-02 11:55:56 -04:00
dependabot[bot]
e0f5b5a787
chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 ( #2743 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 14:14:07 -04:00
dependabot[bot]
16edb40c72
chore(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0 ( #2738 )
...
Bumps [github.com/distribution/reference](https://github.com/distribution/reference ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/distribution/reference/releases )
- [Commits](https://github.com/distribution/reference/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/distribution/reference
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-28 12:22:00 -04:00
dependabot[bot]
57e9cc52a4
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 ( #2731 )
...
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 11:52:50 -04:00
dependabot[bot]
fe3704d4a9
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.5 to 6.5.6 ( #2734 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.5...v6.5.6 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 11:50:07 -04:00
dependabot[bot]
c83556e7b6
chore(deps): bump github.com/docker/docker ( #2730 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.4+incompatible to 26.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.4...v26.0.0 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 12:14:32 -04:00
dependabot[bot]
96d2b4a368
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.5 ( #2718 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.4 to 6.5.5.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.4...v6.5.5 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-15 10:33:11 -04:00
dependabot[bot]
807de976c4
chore(deps): bump github.com/google/go-containerregistry ( #2719 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.1 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-15 10:32:51 -04:00
dependabot[bot]
7ab6fc3fe4
chore(deps): bump modernc.org/sqlite from 1.29.3 to 1.29.5 ( #2710 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.3 to 1.29.5.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.3...v1.29.5 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 09:58:56 -04:00
dependabot[bot]
4ca79c7626
chore(deps): bump github.com/knqyf263/go-rpmdb ( #2701 )
...
Bumps [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb ) from 0.0.0-20230301153543-ba94b245509b to 0.1.0.
- [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.0 )
---
updated-dependencies:
- dependency-name: github.com/knqyf263/go-rpmdb
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-11 11:48:05 -04:00
dependabot[bot]
e2a9d891b2
chore(deps): bump github.com/docker/docker ( #2698 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.3+incompatible to 25.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:14 -05:00
dependabot[bot]
5b09c154bb
chore(deps): bump modernc.org/sqlite from 1.29.2 to 1.29.3 ( #2699 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.2 to 1.29.3.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.2...v1.29.3 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:02 -05:00
dependabot[bot]
1b121ac3f4
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 ( #2689 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:25:56 -05:00
dependabot[bot]
e214645394
chore(deps): bump github.com/charmbracelet/lipgloss from 0.9.1 to 0.10.0 ( #2695 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.9.1...v0.10.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:24:46 -05:00
dependabot[bot]
5bd1cd5c13
chore(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0 ( #2690 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/mod/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-05 10:15:18 -05:00
dependabot[bot]
fe4f17286f
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 ( #2684 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-01 13:51:18 -05:00
Christopher Angelo Phillips
4d0dd02d5a
chore: update stereoscope ( #2683 )
...
* chore: update stereoscope to account for traversal bug fix
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-29 13:32:18 -05:00
Alex Goodman
48e5672a87
Consider filesystem types for mount points when ignoring system paths ( #2675 )
...
* consider fs types for mount points when ignoring system paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-28 15:37:17 -05:00
Keith Zantow
a978966cad
feat: add --from
flag, refactor source providers ( #2610 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-02-27 16:44:37 -05:00
dependabot[bot]
928511ea0f
chore(deps): bump modernc.org/sqlite from 1.29.1 to 1.29.2 ( #2671 )
2024-02-26 10:57:06 -05:00
anchore-actions-token-generator[bot]
8260bce057
chore(deps): update stereoscope to 6171ee21e1d584f6bde910f354d126c9cd70deaa ( #2655 )
2024-02-17 10:22:56 -05:00
dependabot[bot]
a7da2270c7
chore(deps): bump modernc.org/sqlite from 1.29.0 to 1.29.1 ( #2640 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.0 to 1.29.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.0...v1.29.1 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-14 09:20:54 -05:00
dependabot[bot]
25d3c06962
chore(deps): bump github.com/saferwall/pe from 1.5.0 to 1.5.2 ( #2629 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.5.0...v1.5.2 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-13 11:23:35 -05:00
dependabot[bot]
79b71be0ee
chore(deps): bump modernc.org/sqlite from 1.28.0 to 1.29.0 ( #2630 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.28.0 to 1.29.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.28.0...v1.29.0 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-13 11:23:22 -05:00
dependabot[bot]
e72dec8e9e
chore(deps): bump golang.org/x/net from 0.20.0 to 0.21.0 ( #2607 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.20.0 to 0.21.0.
- [Commits](https://github.com/golang/net/compare/v0.20.0...v0.21.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 14:31:44 -05:00
dependabot[bot]
3398e72066
chore(deps): bump github.com/saferwall/pe from 1.4.8 to 1.5.0 ( #2625 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.4.8 to 1.5.0.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.4.8...v1.5.0 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 14:31:31 -05:00
Keith Zantow
d26a5c4d30
fix: ensure version output to stdout ( #2621 )
2024-02-09 20:59:25 +00:00
anchore-actions-token-generator[bot]
737c4e44c5
chore(deps): update stereoscope to 681f6715b0e35686d6e6f40bce109176de1ee274 ( #2617 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-09 14:06:28 -05:00
dependabot[bot]
da31eed637
chore(deps): bump golang.org/x/mod from 0.14.0 to 0.15.0 ( #2602 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/mod/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 11:31:49 -05:00
dependabot[bot]
704155eb22
chore(deps): bump github.com/docker/docker ( #2601 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.2+incompatible to 25.0.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.2...v25.0.3 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 11:31:41 -05:00
anchore-actions-token-generator[bot]
91d7a8a992
chore(deps): update stereoscope to bfa15e446f061bda7f68305d2d6240b053f17e0c ( #2589 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-02-05 10:27:12 -05:00
dependabot[bot]
e813a427b9
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.0 to 0.5.2 ( #2591 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.0 to 0.5.2.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.0...v0.5.2 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 10:26:39 -05:00
Laurent Goderre
d7b9cc70b0
Add Erlang OTP Application cataloger ( #2403 )
...
* Add cataloger for Erlang OTP applications
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
* Add OTP Package type and Purl for ErLang
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
* remove erlang OTP metadata type
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* use OTP purl type
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* restore otp fixture and adjust tests for dir-only results
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-02 13:40:18 -05:00
anchore-actions-token-generator[bot]
4fe50f4169
chore(deps): update stereoscope to 37291e81936d2b43b3cef56667a741ef715fbfe4 ( #2583 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-02-02 10:27:26 -05:00
dependabot[bot]
78d362f91a
chore(deps): bump github.com/charmbracelet/bubbles from 0.17.1 to 0.18.0 ( #2584 )
...
Bumps [github.com/charmbracelet/bubbles](https://github.com/charmbracelet/bubbles ) from 0.17.1 to 0.18.0.
- [Release notes](https://github.com/charmbracelet/bubbles/releases )
- [Commits](https://github.com/charmbracelet/bubbles/compare/v0.17.1...v0.18.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbles
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-02 10:27:09 -05:00
dependabot[bot]
3ac7e43e3e
chore(deps): bump github.com/docker/docker ( #2580 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.1+incompatible to 25.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.1...v25.0.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 10:26:25 -05:00
anchore-actions-token-generator[bot]
216e211dc8
chore(deps): update stereoscope to db7a4bedaba6ad93becf22ce794f306dfb07fcb9 ( #2577 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-02-01 08:32:13 +00:00
William Murphy
bbddac1f9d
Fix attest with --key ( #2551 )
...
Fix passing "--key" to the attest command. Additionally, pull in an update to
the clio CLI library to permit unit testing that flags and env vars are parsed
to the correct field on command options structs. This testing strategy was
needed here because testing attestation in an end to end test requires a
prohibitive amount of setup.
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Will Murphy <will.murphy@anchore.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-31 16:39:17 -05:00
Alex Goodman
bbe7fa180a
bump archiver and stereoscope ( #2570 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-31 11:24:33 -05:00
dependabot[bot]
d4f31d6a3e
chore(deps): bump github.com/google/go-containerregistry ( #2561 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.18.0...v0.19.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-30 13:15:13 -05:00
dependabot[bot]
bd4bcc4e89
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.3 to 6.5.4 ( #2562 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.3...v6.5.4 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-30 13:15:06 -05:00
dependabot[bot]
b4f565a620
chore(deps): bump github.com/sassoftware/go-rpmutils from 0.2.0 to 0.3.0 ( #2556 )
...
Bumps [github.com/sassoftware/go-rpmutils](https://github.com/sassoftware/go-rpmutils ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/sassoftware/go-rpmutils/releases )
- [Commits](https://github.com/sassoftware/go-rpmutils/compare/v0.2.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/sassoftware/go-rpmutils
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 12:32:37 -05:00
dependabot[bot]
0bb94099b0
chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 ( #2538 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-24 10:11:33 -05:00
dependabot[bot]
97d0108bd5
chore(deps): bump github.com/docker/docker ( #2537 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.0+incompatible to 25.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.0...v25.0.1 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-24 10:11:24 -05:00
dependabot[bot]
935b885ba2
chore(deps): bump github.com/gkampitakis/go-snaps from 0.4.12 to 0.5.0 ( #2532 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.4.12 to 0.5.0.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.4.12...v0.5.0 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-23 10:13:51 -05:00
William Murphy
c6ce1de928
make AllLocations accept a context ( #2518 )
...
The previous implementation would leak a goroutine if the caller of
AllLocations stopped iterating early. Now, accept a context so that the
caller can cancel the AllLocations iterator rather than leak the
goroutine.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-01-22 11:05:59 -05:00
anchore-actions-token-generator[bot]
969b5f1764
chore(deps): update stereoscope to eb656fc717935ad5abeb8e1379a5c4e11c957120 ( #2510 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2024-01-19 10:25:31 -05:00
dependabot[bot]
1b6c2470b0
chore(deps): bump github.com/docker/docker ( #2512 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 24.0.7+incompatible to 25.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v24.0.7...v25.0.0 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 10:04:07 -05:00
dependabot[bot]
42dd04699f
chore(deps): bump github.com/google/go-containerregistry ( #2507 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.17.0...v0.18.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 09:44:45 -05:00
dependabot[bot]
fe271e89f6
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.2 to 6.5.3 ( #2502 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.2...v6.5.3 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-17 10:07:57 -05:00
dependabot[bot]
6f4fb61a1c
chore(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 ( #2501 )
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.3.3 to 1.3.7.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.7 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-17 10:08:51 +00:00
Alex Goodman
313d9212b6
Add cataloger list command ( #2366 )
...
* add cataloger list command
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* chore: tidy go mod
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-01-16 09:41:58 -05:00
dependabot[bot]
41601e60ca
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.2 to 6.5.3 ( #2494 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.2...v6.5.3 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:40:33 -05:00
dependabot[bot]
75fdb9e623
chore(deps): bump github.com/charmbracelet/bubbles from 0.16.1 to 0.17.1 ( #2475 )
2024-01-10 16:13:59 +00:00
dependabot[bot]
c209d03fe8
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.4.9 to 6.5.2 ( #2476 )
2024-01-10 15:58:09 +00:00
dependabot[bot]
1af68683d0
chore(deps): bump golang.org/x/net from 0.19.0 to 0.20.0 ( #2482 )
2024-01-10 15:49:18 +00:00
Christopher Angelo Phillips
7182f5b519
Upgrade binary test fixtures management ( #2444 )
...
* test: strip fixtures of any execution permissions
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* chore: add lint check for large files
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* add helper script to capture binary snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* chore: update scripts and add new dir output for snippets
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update erlang test to new generated format
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update memcached to new generator pattern
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update openjdk to named version
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: move openjdk lts to versioned folder
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: rename unversioned java to versioned folders
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: migrate bash fixture to new snippet workflow
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update script to size 600 bytes
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update go classifier to new snippet workflow
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: move haproxy new new snippet
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: add flatter haproxy example
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update tests to new pattern
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: final version of snippet script
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* [wip] download bin helpers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add manager for binary cataloger test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add remaining binary cataloger patterns and snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* adjust gitignore to be more permissive to snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add rust darwin snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* skip tests that are missing full binaries
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add tests for binary test fixture manager
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* highlight rows that do not have binaries or snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump fixture limit to 1K (found exceptions when adding snippets)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add redis and postgres snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* improve formating of fixture listing
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-05 21:40:03 +00:00
anchore-actions-token-generator[bot]
04e8c96822
chore(deps): update stereoscope to 590920dabc5479216e755983d41367b6be3544f3 ( #2452 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-12-22 09:36:13 -05:00
anchore-actions-token-generator[bot]
56a1ab54d2
chore(deps): update stereoscope to 4b999b76ca8901d15bb97aef445dc94c38d11d5c ( #2440 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-12-18 06:43:24 -05:00
dependabot[bot]
b83cc8485a
chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0 ( #2413 )
2023-12-14 17:18:37 -05:00
dependabot[bot]
51831d303c
chore(deps): bump modernc.org/sqlite from 1.27.0 to 1.28.0 ( #2429 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.27.0 to 1.28.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-14 12:38:55 -05:00
dependabot[bot]
67dbd1fe4c
chore(deps): bump github.com/charmbracelet/bubbletea ( #2424 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 0.24.2 to 0.25.0.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.24.2...v0.25.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-13 12:21:22 -05:00
dependabot[bot]
402227f0b3
chore(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 ( #2425 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-13 11:45:04 -05:00
dependabot[bot]
b9462db59e
chore(deps): bump github.com/saferwall/pe from 1.4.7 to 1.4.8 ( #2415 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.4.7 to 1.4.8.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.4.7...v1.4.8 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 12:37:20 -05:00
dependabot[bot]
bfad9659a8
chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 ( #2414 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.10.1 to 5.11.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 08:58:26 -05:00
William Murphy
13758260dd
fix: bump fangs for ptr summarize fix ( #2387 )
...
Previously, pointers to primitive types in config summarization could be
printed literally (like "0x123aefef"). Pull in fangs to get the fix for
this.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2023-12-01 14:37:42 +00:00
Alex Goodman
4adfbeb5f0
Generalize UI events for cataloging tasks ( #2369 )
...
* generalize ui events for cataloging tasks
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* moderate review comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* incorporate review comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* rename cataloger task progress object
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* migrate cataloger task fn to bus helper
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-11-30 16:25:50 +00:00
dependabot[bot]
e8119acf93
chore(deps): bump github.com/google/go-containerregistry ( #2377 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.16.1...v0.17.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-30 09:24:25 -05:00
dependabot[bot]
5d44e49d2f
chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 ( #2361 )
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases )
- [Commits](https://github.com/spf13/afero/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/afero
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-28 10:22:21 -05:00
dependabot[bot]
5dd3b127b0
chore(deps): bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 ( #2362 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.10.0 to 5.10.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-28 10:21:59 -05:00
Alex Goodman
1676934c63
Add "pretty" json configuration and change default behavior to be space-efficient ( #2275 )
...
* expose underlying format options
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove escape html options and address PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* incorporate PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix cli test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-11-20 15:29:34 +00:00
anchore-actions-token-generator[bot]
7cfb5f630a
chore(deps): update stereoscope to 3610f4ef3e83e8ff2edf8859e8916bce326fa260 ( #2336 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: wagoodman <wagoodman@users.noreply.github.com>
2023-11-17 20:53:01 +00:00
Christopher Angelo Phillips
ba80e490c2
feat: allow for stdout to be buffered on each command ( #2335 )
...
* feat: add preRun func to version to restore stdout
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: add test to capture version in output
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* change stdout buffering to log to be opt-in per command
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-11-17 14:14:13 -05:00
Keith Zantow
1c787f436f
fix: prevent writing non-report output to stdout ( #2324 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2023-11-16 17:45:25 -05:00
dependabot[bot]
58f310c390
chore(deps): bump github.com/gkampitakis/go-snaps from 0.4.11 to 0.4.12 ( #2310 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.4.11 to 0.4.12.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.4.11...v0.4.12 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-09 08:06:50 -08:00
dependabot[bot]
a383239217
chore(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 ( #2311 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-09 08:06:19 -08:00
dependabot[bot]
220655743b
chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 ( #2293 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-08 10:23:40 -08:00
dependabot[bot]
a4b895d31f
chore(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0 ( #2292 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 14:12:40 +00:00
dependabot[bot]
a6d73e5659
chore(deps): bump modernc.org/sqlite from 1.26.0 to 1.27.0 ( #2279 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.26.0 to 1.27.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-01 10:35:20 -04:00
dependabot[bot]
f442586ec9
chore(deps): bump github.com/docker/docker ( #2263 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 24.0.6+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v24.0.6...v24.0.7 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-30 09:55:19 -04:00
anchore-actions-token-generator[bot]
12877ed863
chore(deps): update stereoscope to 5909e353ee88d7809f0e646c79f110a0e6b1d80d ( #2265 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
2023-10-30 09:51:37 -04:00
dependabot[bot]
58850d3258
chore(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 ( #2262 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 09:55:04 -04:00
dependabot[bot]
ae27dcdfa9
chore(deps): bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 ( #2256 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.9.0 to 5.10.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.9.0...v5.10.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 10:45:27 -04:00
Alex Goodman
7392d607b6
Split the sbom.Format interface by encode and decode use cases ( #2186 )
...
* split up sbom.Format into encode and decode ops
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update cmd pkg to inject format configs
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump cyclonedx schema to 1.5
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* redact image metadata from github encoder tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add more testing around format decoder identify
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add test case for format version options
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix cli tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix CLI test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* [wip] - review comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep encoder creation out of post load function
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* keep decider and identify functions
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add a few more doc comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove format encoder default function helpers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* move back to streaming based decode functions
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* with common convention for encoder constructors
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests and allow for encoders to be created from cli options
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix cli tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix linting
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* buffer reads from stdin to support seeking
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-25 13:43:06 +00:00
dependabot[bot]
5a4778093d
chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.6.0 to 4.6.1 ( #2248 )
...
Bumps [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar ) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/bmatcuk/doublestar/releases )
- [Commits](https://github.com/bmatcuk/doublestar/compare/v4.6.0...v4.6.1 )
---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar/v4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-23 10:42:17 -04:00
Alex Goodman
f3ad8cf250
bump clio to get stderr reporting fix ( #2232 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-16 12:47:48 -04:00
dependabot[bot]
1fe0921a5b
chore(deps): bump github.com/charmbracelet/lipgloss from 0.9.0 to 0.9.1 ( #2222 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.9.0 to 0.9.1.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.9.0...v0.9.1 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 11:10:56 -04:00
dependabot[bot]
7732cd3b48
chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 ( #2214 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 13:52:07 -04:00
dependabot[bot]
0302fc5b48
chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 ( #2215 )
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.9 to 0.6.0.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.9...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 09:53:00 -04:00
dependabot[bot]
b899536814
chore(deps): bump github.com/charmbracelet/lipgloss from 0.8.0 to 0.9.0 ( #2216 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 09:52:42 -04:00
dependabot[bot]
87e57aa925
chore(deps): bump github.com/docker/distribution from 2.8.2+incompatible to 2.8.3+incompatible ( #2193 )
...
* chore(deps): bump github.com/docker/distribution
Bumps [github.com/docker/distribution](https://github.com/docker/distribution ) from 2.8.2+incompatible to 2.8.3+incompatible.
- [Release notes](https://github.com/docker/distribution/releases )
- [Commits](https://github.com/docker/distribution/compare/v2.8.2...v2.8.3 )
---
updated-dependencies:
- dependency-name: github.com/docker/distribution
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore: update reference import
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-10-06 12:54:19 -04:00
dependabot[bot]
b23879fd37
chore(deps): bump golang.org/x/net from 0.15.0 to 0.16.0 ( #2204 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-06 12:01:38 -04:00
dependabot[bot]
127fac8ca9
chore(deps): bump github.com/saferwall/pe from 1.4.6 to 1.4.7 ( #2198 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.4.6...v1.4.7 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-05 13:02:30 -04:00
dependabot[bot]
37bb95f5c9
chore(deps): bump golang.org/x/mod from 0.12.0 to 0.13.0 ( #2199 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/mod/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-05 11:50:05 -04:00
dependabot[bot]
86005d1593
chore(deps): bump modernc.org/sqlite from 1.25.0 to 1.26.0 ( #2189 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.25.0 to 1.26.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.25.0...v1.26.0 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 12:34:59 -04:00
dependabot[bot]
45625dae94
chore(deps): bump github.com/gkampitakis/go-snaps from 0.4.10 to 0.4.11 ( #2191 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.4.10 to 0.4.11.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.4.10...v0.4.11 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 12:33:42 -04:00
dependabot[bot]
7b1af8721d
chore(deps): bump github.com/saferwall/pe from 1.4.5 to 1.4.6 ( #2180 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.4.5...v1.4.6 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-27 15:04:52 -04:00
dependabot[bot]
534a5f54b0
chore(deps): bump github.com/spf13/afero from 1.9.5 to 1.10.0 ( #2174 )
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from 1.9.5 to 1.10.0.
- [Release notes](https://github.com/spf13/afero/releases )
- [Commits](https://github.com/spf13/afero/compare/v1.9.5...v1.10.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/afero
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-25 15:07:19 -04:00
William Murphy
8a414b5366
chore: bump stereoscope to fix data race in UI code ( #2173 )
...
Pulls in a fix in go-progress that prevents a race in the UI code when
scanning large images.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2023-09-25 10:29:56 -04:00