chore(deps): update tools to latest versions (#3413)

* chore(deps): update tools to latest versions Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-17 08:23:15 +01:00 · 2024-11-12 15:53:27 +00:00 · 2024-11-12 15:53:27 +00:00 · ac8be4ad41
commit ac8be4ad41
parent abd6abe186
7 changed files with 23 additions and 12 deletions
--- a/.binny.yaml
+++ b/.binny.yaml
@ -18,7 +18,7 @@ tools:
  # used to sign mac binaries at release
  - name: quill
    version:
-      want: v0.4.2
+      want: v0.5.0
    method: github-release
    with:
      repo: anchore/quill
@ -26,7 +26,7 @@ tools:
  # used for linting
  - name: golangci-lint
    version:
-      want: v1.61.0
+      want: v1.62.0
    method: github-release
    with:
      repo: golangci/golangci-lint
@ -58,7 +58,7 @@ tools:
  # used to release all artifacts
  - name: goreleaser
    version:
-      want: v2.3.2
+      want: v2.4.4
    method: github-release
    with:
      repo: goreleaser/goreleaser
@ -103,7 +103,7 @@ tools:
  # used for running all local and CI tasks
  - name: task
    version:
-      want: v3.39.2
+      want: v3.40.0
    method: github-release
    with:
      repo: go-task/task
@ -111,7 +111,7 @@ tools:
  # used for triggering a release
  - name: gh
    version:
-      want: v2.60.1
+      want: v2.61.0
    method: github-release
    with:
      repo: cli/cli
--- a/cmd/syft/internal/commands/scan.go
+++ b/cmd/syft/internal/commands/scan.go
@ -156,13 +156,13 @@ func validateScanArgs(cmd *cobra.Command, args []string) error {
 	return validateArgs(cmd, args, "an image/directory argument is required")
 }

-func validateArgs(cmd *cobra.Command, args []string, error string) error {
+func validateArgs(cmd *cobra.Command, args []string, err string) error {
 	if len(args) == 0 {
 		// in the case that no arguments are given we want to show the help text and return with a non-0 return code.
 		if err := cmd.Help(); err != nil {
 			return fmt.Errorf("unable to display help: %w", err)
 		}
-		return fmt.Errorf("%v", error)
+		return fmt.Errorf("%v", err)
 	}

 	return cobra.MaximumNArgs(1)(cmd, args)
--- a/cmd/syft/internal/ui/capture.go
+++ b/cmd/syft/internal/ui/capture.go
@ -17,11 +17,11 @@ const defaultStdoutLogBufferSize = 1024
 //	restore := CaptureStdoutToTraceLog()
 //	// here, stdout will be captured and redirected to the provided writer
 //	restore() // block until the output has all been sent to the writer and restore the original stdout
-func CaptureStdoutToTraceLog() (close func()) {
+func CaptureStdoutToTraceLog() func() {
 	return capture(&os.Stdout, newLogWriter(), defaultStdoutLogBufferSize)
 }

-func capture(target **os.File, writer io.Writer, bufSize int) (close func()) {
+func capture(target **os.File, writer io.Writer, bufSize int) func() {
 	original := *target

 	r, w, _ := os.Pipe()
--- a/test/install/1_download_snapshot_asset_test.sh
+++ b/test/install/1_download_snapshot_asset_test.sh
@ -61,6 +61,11 @@ test_negative_snapshot_download_asset() {
 }

 test_sboms_have_packages() {
+  if ! command -v jq &> /dev/null; then
+    echo "jq command not found. Please install jq or ensure it is in your PATH."
+    exit 1
+  fi
+
  find "$(snapshot_dir)/" -name "*.sbom" -print0 | while IFS= read -r -d '' file; do
      count=$(cat "$file" | jq ".artifacts | length")
      if [ "$count" -lt 80 ]; then
--- a/test/install/3_install_asset_test.sh
+++ b/test/install/3_install_asset_test.sh
@ -32,8 +32,14 @@ test_positive_snapshot_install_asset() {
 	  arch="amd64_v1"
  fi

+  # note: this is a change made in goreleaser v1.62.0
+  local_suffix=""
+  if [ "${arch}" == "arm64" ]; then
+    local_suffix="_v8.0"
+  fi
+
  assertFilesEqual \
-    "$(snapshot_dir)/${os}-build_${os}_${arch}/${binary}" \
+    "$(snapshot_dir)/${os}-build_${os}_${arch}${local_suffix}/${binary}" \
    "${expected_path}" \
    "unable to verify installation of os=${os} arch=${arch} format=${format}"

--- a/test/install/environments/Dockerfile-alpine-3.6
+++ b/test/install/environments/Dockerfile-alpine-3.6
@ -1,5 +1,5 @@
 FROM alpine:3.6
-RUN apk update && apk add python3 wget curl unzip make ca-certificates
+RUN apk update && apk add python3 wget curl unzip make ca-certificates jq
 RUN curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64" && \
    mv cosign-linux-amd64 /usr/local/bin/cosign && \
    chmod +x /usr/local/bin/cosign
--- a/test/install/environments/Dockerfile-ubuntu-20.04
+++ b/test/install/environments/Dockerfile-ubuntu-20.04
@ -1,5 +1,5 @@
 FROM --platform=linux/amd64 ubuntu:20.04@sha256:33a5cc25d22c45900796a1aca487ad7a7cb09f09ea00b779e3b2026b4fc2faba
-RUN apt update -y && apt install make python3 curl unzip -y
+RUN apt update -y && apt install make python3 curl unzip jq -y
 RUN LATEST_VERSION=$(curl https://api.github.com/repos/sigstore/cosign/releases/latest | grep tag_name | cut -d : -f2 | tr -d "v\", ") && \
    curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign_${LATEST_VERSION}_amd64.deb" && \
    dpkg -i cosign_${LATEST_VERSION}_amd64.deb