oss/syft - syft - Sa' Rocí Solutions

oss/syft

mirror of https://github.com/anchore/syft.git synced 2025-11-19 17:33:18 +01:00

Author	SHA1	Message	Date
Alex Goodman	1201ad6df0	add all package metadata types slice for use in downstream testing Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-05-24 10:20:14 -04:00
Alex Goodman	a6c798f438	close all ReadClosers explicitly retrieved from resolvers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-05-12 17:21:30 -04:00
Alfredo Deza	26007db650	manually add msrc as an observed distro Signed-off-by: Alfredo Deza <adeza@anchore.com>	2021-04-23 10:17:16 -04:00
Alfredo Deza	5af2687022	support msrc types Signed-off-by: Alfredo Deza <adeza@anchore.com>	2021-04-23 10:17:16 -04:00
Alex Goodman	18af21d2a5	add jenkins filter for known bad CPE field combinations Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 15:51:59 -04:00
Alex Goodman	170681943c	remove type assertion check in packageIdentitiesMatch fn Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 14:00:31 -04:00
Alex Goodman	46043510ae	update parent pom persistence with regard to shaded jars Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 14:00:31 -04:00
Alex Goodman	24a2f9344b	add additional string.contains case for jenkins package by group id Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 13:20:12 -04:00
Alex Goodman	d9de63c837	Enhance CPE generation for java GroupId and filtering (#402 ) * enhance cpe generation for group id and filtering Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename group id const + add doc comment for HasAnyOfPrefixes Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 12:22:56 +00:00
Alex Goodman	0c29090b42	Add hyphen replacement logic for CPE generation (#397 ) * add hyphen replacement logic for CPE generation Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * migrate "python-" vendor prefix to product candidate processing Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump linter timeout for CI Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update cpe candidate product tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-21 12:59:48 +00:00
Dan Luhring	060e60b6dd	Add more tests to CPE generation Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-04-20 20:42:40 -04:00
Dan Luhring	33e6be0b74	Identify Jenkins plugin upstream of CPE generation Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-04-20 19:36:34 -04:00
Dan Luhring	fa7fd718cb	Refactor Java archive parsing logic Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-04-20 19:34:59 -04:00
Dan Luhring	65e4e17590	Pin gradle builder container image Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-04-20 19:34:59 -04:00
Dan Luhring	091fd1f0b0	Improve CPE generation for Jenkins/Jira plugins Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-04-20 19:34:53 -04:00
Alex Goodman	b301b56db1	add nomatch_inclusion engine mechanism in cpe generation logic (#394 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-20 19:57:04 +00:00
Alex Goodman	676bdf9816	refactor pom properties to modify parent pkg less often (#392 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-20 16:19:28 +00:00
Alex Goodman	136e439dc2	use the standard file.Digest for apk checksums Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-19 16:42:17 -04:00
Alex Goodman	0c7706f254	add extra RPM file record fields (user, group, flags) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-16 10:25:46 -04:00
Alex Goodman	c363b2b532	Add ability to pull images directly from a registry (#378 ) * add registry image source Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * use explicit source for fetching image + add scheme and registry tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * adjust test variable name and add credential helper function Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-13 13:30:57 +00:00
Alex Goodman	b5d4b2f7b2	simplify test assertions + rename file contents cataloger size limiter var Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:34:56 -04:00
Alex Goodman	d451a5ad30	update the json schema and tests with file contents section Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:33:20 -04:00
Alex Goodman	c1551a03c5	add file contents cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:30:57 -04:00
Alex Goodman	28c407572c	simplify test assertions for classification cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:11:43 -04:00
Alex Goodman	309cbf5264	add missing file classification test fixtures + gitignore adjustment Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:11:43 -04:00
Alex Goodman	46fffe5c6f	update json schema + presenter snapshots with file classification section Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:11:40 -04:00
Alex Goodman	46bfb68113	add file classifier + tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:08:50 -04:00
Alex Goodman	5743e32e02	add tests around MatchNamedCaptureGroups + rename Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-12 17:08:50 -04:00
Alex Goodman	0511972dfa	clarify default collection value + fix appending conffiles location Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-09 11:41:44 -04:00
Alex Goodman	c56690fc52	fix DpkgMetadata.Files test to ensure it is never nil Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-09 08:46:59 -04:00
Alex Goodman	ba3407a767	add dpkg conffile update to json schema + json test snapshots Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-09 08:37:28 -04:00
Alex Goodman	269832ce8d	add conffile listing to dpkg metadata + normalize digests Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-08 14:21:23 -04:00
Alex Goodman	9ec09add67	Add secrets search capability (#367 ) * add initial secrets cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update ETUI elements with new catalogers (file metadata, digests, and secrets) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update secrets cataloger to read full contents into memory for searching Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * quick prototype of parallelization secret regex search Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * quick prototype with single aggregated regex Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * quick prototype for secret search line-by-line Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * quick prototype hybrid secrets search Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add secrets cataloger with line strategy Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * adjust verbiage towards SearchResults instead of Secrets + add tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update json schema with secrets cataloger results Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * address PR comments Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update readme with secrets config options Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * ensure file catalogers call AllLocations once Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-01 21:34:15 +00:00
Zach Hill	c332ba0867	Use cataloger Sorted() output instead of Enumerate() for stable result sorting in presenters. Fixes #331 Also adds artifact location to sort key for Sorted() to ensure consistent sorts when artifacts of same name, version, and type are found in different locations in the image. Location should be sufficient since we assume only one package of a given name and version can exist in one location, even if that location is an package-db like rpmdb. Signed-off-by: Zach Hill <zach@anchore.com>	2021-04-01 01:40:41 -07:00
Alex Goodman	cd925e5664	account for repoDigests data in power-user json testing Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-30 08:46:42 -04:00
Alex Goodman	db35186c7d	allow file metadata digests to be optional + add link destination Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-29 12:07:42 -04:00
Alex Goodman	8551168702	capitalize file type strings Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-29 12:07:41 -04:00
Robert Prince	ab83b7f840	Merge pull request #350 from octarinesec/repo-digests Add repo digests if available from Stereoscope to the image metadata	2021-03-29 08:47:50 -07:00
Alex Goodman	9abdb174d5	ensure pkg.Catalog path index deduplicates real vs virtual paths Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-26 13:27:24 -04:00
Haim Helman	13a066ea18	Add repo digests if available from Stereoscope to the image metadata Signed-off-by: Haim Helman <hhelman@vmware.com>	2021-03-25 05:57:23 -07:00
Alex Goodman	1b7c755536	add file-type mix as golden image Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 16:50:57 -04:00
Alex Goodman	3ef30f99be	pull in stereoscope cache fix + add test cache makefile target helpers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 14:31:59 -04:00
Alex Goodman	929b78efbf	remove prealloc nolint rule in catalogers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 12:56:00 -04:00
Alex Goodman	d420368ba9	add tests around new file metadata cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 11:00:59 -04:00
Alex Goodman	36e4af1953	adjust jsom schema version + adopt java pom properies test fixtures Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 11:27:01 -04:00
Alex Goodman	f180d1c537	improve config parsing + fix command deprecation warning Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:58:09 -04:00
Alex Goodman	6a960ec1f3	update json schema with optional poweruser data shape Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:56:16 -04:00
Alex Goodman	a6cba5d9db	remove multi* content fetching from resolvers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:53:51 -04:00
Alex Goodman	ff4ed40d50	migrate syft/presenter to internal/presenter Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:52:33 -04:00
Alex Goodman	4666ca8469	migrate syft/cataloger to syft/pkg/cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:46:51 -04:00

1 2 3 4 5

218 Commits