mirror of
https://github.com/anchore/syft
synced 2024-11-10 06:14:16 +00:00
d76c868481
* add first-level archive processing when input is a file Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add license exception for github.com/xi2/xz Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * always return cleanup function Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * change source.NewFromFile log entry to warn Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * ensure file source always has cleanup function Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * ensure we are always preferring the unarchive cleanup function for source Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
22 lines
754 B
YAML
22 lines
754 B
YAML
permit:
|
|
- BSD.*
|
|
- MIT.*
|
|
- Apache.*
|
|
- MPL.*
|
|
- ISC
|
|
ignore-packages:
|
|
# packageurl-go is released under the MIT license located in the root of the repo at /mit.LICENSE
|
|
- github.com/anchore/packageurl-go
|
|
|
|
# from: https://github.com/spdx/tools-golang/blob/main/LICENSE.code
|
|
# The tools-golang source code is provided and may be used, at your option,
|
|
# under either:
|
|
# * Apache License, version 2.0 (Apache-2.0), OR
|
|
# * GNU General Public License, version 2.0 or later (GPL-2.0-or-later).
|
|
# (we choose Apache-2.0)
|
|
- github.com/spdx/tools-golang
|
|
|
|
# from: https://github.com/xi2/xz/blob/master/LICENSE
|
|
# All these files have been put into the public domain.
|
|
# You can do whatever you want with these files.
|
|
- github.com/xi2/xz
|