Laurent Goderre
c9aab4863b
fix: binary character in java version ( #2766 )
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Co-authored-by: Keith Zantow <kzantow@gmail.com>
2024-04-11 10:32:24 -04:00
anchore-actions-token-generator[bot]
af1a065d2a
chore(deps): update tools to latest versions ( #2760 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-04-09 12:03:12 -04:00
dependabot[bot]
88cef1e05c
chore(deps): bump modernc.org/sqlite from 1.29.5 to 1.29.6 ( #2761 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.5 to 1.29.6.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.5...v1.29.6 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-09 12:02:56 -04:00
dependabot[bot]
870d97ca5a
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.6 to 6.5.8 ( #2754 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.6 to 6.5.8.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.6...v6.5.8 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08 12:19:45 -04:00
dependabot[bot]
e681bc4780
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.2 to 0.5.3 ( #2755 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.2...v0.5.3 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08 12:19:32 -04:00
dependabot[bot]
c31696f131
chore(deps): bump github/codeql-action from 3.24.9 to 3.24.10 ( #2756 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
2024-04-08 12:19:20 -04:00
dependabot[bot]
67781e98a2
chore(deps): bump golang.org/x/mod from 0.16.0 to 0.17.0 ( #2751 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/mod/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 19:22:00 +00:00
Laurent Goderre
619ace65c3
Differentiate between JRE and JDK ( #2748 )
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-04-05 15:10:58 -04:00
dependabot[bot]
3e4e3bb1d4
chore(deps): bump golang.org/x/net from 0.23.0 to 0.24.0 ( #2752 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.23.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.24.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 15:10:15 -04:00
anchore-actions-token-generator[bot]
1e31356c49
chore(deps): update tools to latest versions ( #2744 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-04-04 10:34:19 -04:00
dependabot[bot]
0fa925e5af
chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 ( #2747 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-04 10:34:03 -04:00
Christopher Angelo Phillips
e100776f22
chore: update anchore/packageurl-go to use latest commits ( #2746 )
...
chore: update packageurl-go dependency to use latest commits
chore: go mod tidy
unit: update + -> %2B
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-04-04 10:33:51 -04:00
Laurent Goderre
e0233625cb
feat: cataloger for PHP Pecl and PEAR packages ( #2604 )
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2024-04-02 11:55:56 -04:00
dependabot[bot]
e0f5b5a787
chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 ( #2743 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 14:14:07 -04:00
anchore-actions-token-generator[bot]
9c42c83229
chore(deps): update tools to latest versions ( #2741 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-03-30 17:51:21 -04:00
Keith Zantow
01340b2a5c
fix: conan poco project cpe ( #2740 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-03-28 16:56:24 -04:00
dependabot[bot]
16edb40c72
chore(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0 ( #2738 )
...
Bumps [github.com/distribution/reference](https://github.com/distribution/reference ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/distribution/reference/releases )
- [Commits](https://github.com/distribution/reference/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/distribution/reference
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-28 12:22:00 -04:00
dependabot[bot]
5a865d0d90
chore(deps): bump anchore/sbom-action from 0.15.9 to 0.15.10 ( #2737 )
2024-03-27 17:52:22 +00:00
Keith Zantow
410867ca0c
fix: panic scanning binaries without symtab ( #2739 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-03-27 13:51:45 -04:00
guangwu
469b4c13bb
chore: remove useless code ( #2716 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-03-26 12:21:03 -04:00
dependabot[bot]
57e9cc52a4
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 ( #2731 )
...
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 11:52:50 -04:00
dependabot[bot]
55fff0f4a1
chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 ( #2732 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](05963f47d8...1b1aada464
2024-03-26 11:50:31 -04:00
anchore-actions-token-generator[bot]
2a7b4f3761
chore(deps): update tools to latest versions ( #2733 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-03-26 11:50:21 -04:00
dependabot[bot]
fe3704d4a9
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.5 to 6.5.6 ( #2734 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.5...v6.5.6 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 11:50:07 -04:00
Hung Nguyen
059cfd6730
update release token from readonly to write token ( #2735 )
...
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-26 09:06:55 -04:00
Colm O hEigeartaigh
f4e18961b9
Adding the ability to retrieve remote licenses from package.lock ( #2708 )
...
Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
2024-03-21 13:20:04 -04:00
Alex Goodman
0d5ebed74a
dont include labels for dependabot ecosystems ( #2720 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-21 12:16:01 -04:00
dependabot[bot]
8f7305ef78
chore(deps): bump fountainhead/action-wait-for-check from 1.1.0 to 1.2.0 ( #2717 )
...
Bumps [fountainhead/action-wait-for-check](https://github.com/fountainhead/action-wait-for-check ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/fountainhead/action-wait-for-check/releases )
- [Commits](297be350cf...5a908a2481
2024-03-21 12:15:30 -04:00
anchore-actions-token-generator[bot]
c199b80b88
chore(deps): update tools to latest versions ( #2726 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-03-21 12:15:06 -04:00
dependabot[bot]
df547020ef
chore(deps): bump github/codeql-action from 3.24.7 to 3.24.8 ( #2725 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.7 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ab4101902...05963f47d8
2024-03-21 12:14:51 -04:00
dependabot[bot]
37094c9751
chore(deps): bump actions/cache from 4.0.1 to 4.0.2 ( #2728 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](ab5e6d0c87...0c45773b62
2024-03-21 12:14:43 -04:00
dependabot[bot]
c83556e7b6
chore(deps): bump github.com/docker/docker ( #2730 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.4+incompatible to 26.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.4...v26.0.0 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 12:14:32 -04:00
Hung Nguyen
3ac1cd7a9f
updating credentials to scoped permissions ( #2722 )
...
* updating credentials to scoped permissions
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
---------
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-20 17:35:07 -04:00
dependabot[bot]
96d2b4a368
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.5 ( #2718 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.5.4 to 6.5.5.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.4...v6.5.5 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-15 10:33:11 -04:00
dependabot[bot]
807de976c4
chore(deps): bump github.com/google/go-containerregistry ( #2719 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.1 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-15 10:32:51 -04:00
Laurent Goderre
cf17bd69b2
Add detection for Oracle GraalVM ( #2705 )
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-14 15:40:07 +00:00
dependabot[bot]
1c8d29d577
chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 ( #2714 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fb
2024-03-14 11:16:16 -04:00
brian-ebarb
6a2517b5d2
Add ELF binary package cataloger ( #2396 )
...
* feat Adds Elf package catalogger
Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>
* Add test fixtures for elf package
Signed-off-by: Colleen Divers <colleen.divers@gmail.com>
* bump JSON schema to v16.0.6 + expand test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* less verbose logging
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove dead test code
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove unreleated swift change
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Brian Ebarb <ebarb.brian@gmail.com>
Signed-off-by: Colleen Divers <colleen.divers@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Colleen Divers <colleen.divers@gmail.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-14 11:16:03 -04:00
dependabot[bot]
7ab6fc3fe4
chore(deps): bump modernc.org/sqlite from 1.29.3 to 1.29.5 ( #2710 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.3 to 1.29.5.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.3...v1.29.5 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-14 09:58:56 -04:00
dependabot[bot]
2051a62ded
chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 ( #2711 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...3ab4101902
2024-03-14 09:58:42 -04:00
dependabot[bot]
5534c38d0f
chore(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 ( #2712 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](a4f52f8033...70a41aba78
2024-03-13 13:47:47 -04:00
Alex Goodman
47fc909700
Show binary exports, entrypoint, and imports ( #2626 )
...
show binary exports, entrypoint, and imports for macho, elf, and pe formats
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-12 22:04:02 +00:00
dependabot[bot]
2e2a9377ea
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 ( #2703 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-12 13:18:44 -04:00
dependabot[bot]
4ca79c7626
chore(deps): bump github.com/knqyf263/go-rpmdb ( #2701 )
...
Bumps [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb ) from 0.0.0-20230301153543-ba94b245509b to 0.1.0.
- [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.0 )
---
updated-dependencies:
- dependency-name: github.com/knqyf263/go-rpmdb
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-11 11:48:05 -04:00
guangwu
3743f5ae53
chore: reduce duplicate case SwiftPkg ( #2696 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-03-07 18:15:31 +00:00
guangwu
ebb9d4edb6
chore: remove deprecated os.SEEK_SET os.SEEK_CUR ( #2693 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-03-07 13:10:48 -05:00
dependabot[bot]
e2a9d891b2
chore(deps): bump github.com/docker/docker ( #2698 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 25.0.3+incompatible to 25.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:14 -05:00
dependabot[bot]
5b09c154bb
chore(deps): bump modernc.org/sqlite from 1.29.2 to 1.29.3 ( #2699 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.29.2 to 1.29.3.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.2...v1.29.3 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 13:00:02 -05:00
dependabot[bot]
1b121ac3f4
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 ( #2689 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 14:25:56 -05:00
Keith Zantow
f9e09aef19
docs: add simplest example from regsitry ( #2691 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-03-06 14:25:37 -05:00
