* add marking package relations by file ownership
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* correct json schema version; ensure fileOwners dont return dups; pin test pkg versions
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* extract package relationships into separate section
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* pull in client-go features for import of PackageRelationships
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* move unit test for ownership by files relationship further down
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* rename relationship to "ownership-by-file-overlap"
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump stereoscope to pull in content API refactors
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* incorporate symlink fixes
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* with filetree.File() adjustments
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* regress all-layers scope to not include dead-links + default tests to squashed scope
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* restore all layers resolver glob behavior (custom + lazy link resolution)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* incorporate filetree link resolution options and restore no-follow dead link option for resolvers
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* removed path from lower-level FileTree.File() calls
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump stereoscope to pull in latest link resolution fixes
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump doublestar to v2 for directory resolver
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add support to upload results to enterprise
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add package sbom upload
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add dockerfile support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add manifest, index, and dockerfile import functions
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* schema version to json output + enhance json schema generation
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* modify package SBOM shape to be entire syft document + add etui updates
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add import image config and manifest support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add config options for import to enterprise
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* incorporate final stereoscope and client-go deps
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add package URL support to the CycloneDX presenter
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* wrap license tags with licenses
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* improve overall documentation
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* fix tests to use scope.Resolver over scope
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add inline-compare as acceptance test
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add additional RPM metadata
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add comments and doc strings to the compare-* make targets
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add check for app update; fix ETUI error handling
* validate user args
* add goreleaser support
* replace cgo dependencies (go-rpm) with go equivalents
* add acceptance tests against build snapshot
* add brew tap + acceptance test pipeline
* add mac acceptance tests
* fix compare makefile
* fix mac acceptance tests
* add release pipeline with wait checks
* add token to release step
* rm dir presenters int test
* enforce dpkg to be non interactive
Co-authored-by: Alfredo Deza <adeza@anchore.com>
* pin brew formulae
* pin skopeo to formulae url
* only run acceptance tests
Co-authored-by: Alfredo Deza <adeza@anchore.com>