mirror of
https://github.com/anchore/syft
synced 2024-09-20 06:01:53 +00:00
15c9fe092a
* chore(deps): update tools to latest versions Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * add tmate debug session Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add go tooling to bootstrap on mac Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
117 lines
2.4 KiB
YAML
117 lines
2.4 KiB
YAML
tools:
|
|
# we want to use a pinned version of binny to manage the toolchain (so binny manages itself!)
|
|
- name: binny
|
|
version:
|
|
want: v0.7.0
|
|
method: github-release
|
|
with:
|
|
repo: anchore/binny
|
|
|
|
# used to produce SBOMs during release
|
|
- name: syft
|
|
version:
|
|
want: latest
|
|
method: github-release
|
|
with:
|
|
repo: anchore/syft
|
|
|
|
# used to sign mac binaries at release
|
|
- name: quill
|
|
version:
|
|
want: v0.4.1
|
|
method: github-release
|
|
with:
|
|
repo: anchore/quill
|
|
|
|
# used for linting
|
|
- name: golangci-lint
|
|
version:
|
|
want: v1.58.1
|
|
method: github-release
|
|
with:
|
|
repo: golangci/golangci-lint
|
|
|
|
# used for showing the changelog at release
|
|
- name: glow
|
|
version:
|
|
want: v1.5.1
|
|
method: github-release
|
|
with:
|
|
repo: charmbracelet/glow
|
|
|
|
# used for signing the checksums file at release
|
|
- name: cosign
|
|
version:
|
|
want: v2.2.4
|
|
method: github-release
|
|
with:
|
|
repo: sigstore/cosign
|
|
|
|
# used in integration tests to verify JSON schemas
|
|
- name: yajsv
|
|
version:
|
|
want: v1.4.1
|
|
method: github-release
|
|
with:
|
|
repo: neilpa/yajsv
|
|
|
|
# used to release all artifacts
|
|
- name: goreleaser
|
|
version:
|
|
want: v1.26.0
|
|
method: github-release
|
|
with:
|
|
repo: goreleaser/goreleaser
|
|
|
|
# used for organizing imports during static analysis
|
|
- name: gosimports
|
|
version:
|
|
want: v0.3.8
|
|
method: github-release
|
|
with:
|
|
repo: rinchsan/gosimports
|
|
|
|
# used at release to generate the changelog
|
|
- name: chronicle
|
|
version:
|
|
want: v0.8.0
|
|
method: github-release
|
|
with:
|
|
repo: anchore/chronicle
|
|
|
|
# used during static analysis for license compliance
|
|
- name: bouncer
|
|
version:
|
|
want: v0.4.0
|
|
method: github-release
|
|
with:
|
|
repo: wagoodman/go-bouncer
|
|
|
|
# used for showing benchmark testing
|
|
- name: benchstat
|
|
version:
|
|
want: latest
|
|
method: go-proxy
|
|
with:
|
|
module: golang.org/x/perf
|
|
allow-unresolved-version: true
|
|
method: go-install
|
|
with:
|
|
entrypoint: cmd/benchstat
|
|
module: golang.org/x/perf
|
|
|
|
# used for running all local and CI tasks
|
|
- name: task
|
|
version:
|
|
want: v3.37.2
|
|
method: github-release
|
|
with:
|
|
repo: go-task/task
|
|
|
|
# used for triggering a release
|
|
- name: gh
|
|
version:
|
|
want: v2.49.2
|
|
method: github-release
|
|
with:
|
|
repo: cli/cli
|