oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-19 17:33:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,296 Commits 64 Branches 244 Tags
Commit Graph

534 Commits

Author SHA1 Message Date
Rob Tompkins
fb388c0f25
fix: Resolve Maven POM expressions (#1251) (#1278) 2022-10-27 13:01:07 -04:00
Alex Goodman
e52aa3bc03
port haskell cataloger to new generic cataloger pattern (#1290) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-27 11:30:22 -04:00
Alex Goodman
6826d7603b
port golang cataloger to new generic cataloger pattern (#1289) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-25 16:42:50 +00:00
Alex Goodman
52cb7269bf
port deb/dpkg cataloger to new generic cataloger pattern (#1288) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-25 15:47:32 +00:00
Alex Goodman
bd5adbc9b3
update cataloger tests to use pkgtest utils (#1287) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-25 11:20:02 -04:00
Alex Goodman
c7a653060d
port dotnet cataloger to new generic cataloger pattern (#1286) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 21:17:27 +00:00
Alex Goodman
fbdde6d4f4
port dart cataloger to new generic cataloger pattern (#1285) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 20:37:42 +00:00
Alex Goodman
eb8ebd9ffc
port conan cataloger to new generic cataloger pattern (#1284) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 20:11:20 +00:00
Alex Goodman
f36c0ca971
port apk cataloger to new generic cataloger pattern (#1283) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 13:51:09 -04:00
Alex Goodman
28cadfdb5d
replace signing tooling with quill (#1280) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 13:03:10 -04:00
Alex Goodman
b44f441c82
Upgrade generic cataloger (#1281) 
* add second generation of generic cataloger

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* upgrade aplm cataloger to use generic.Cataloger

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove pacakge found-by attribute from the definition of a package ID

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-24 11:12:12 -04:00
Alex Goodman
d8c659b65b
replace logger interface with anchore/go-logger (#1279) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-21 15:12:14 +00:00
Keith Zantow
78a0af2e2d
Add go binary h1 digest to SPDX (#1265) 2022-10-19 16:33:10 -04:00
Christopher Angelo Phillips
ec229b993c
fix: update syftjson ID to match major schema version (#1274) 2022-10-19 16:08:38 +00:00
Christopher Angelo Phillips
89575199b8
feat: add RelationshipsBySourceOwnership to syft json output (#1248) 2022-10-11 15:11:03 -04:00
Christopher Angelo Phillips
fa0b3c0438
fix: reset merged package into map; (#1258) 2022-10-11 18:35:46 +00:00
Alex Goodman
48f0a4680f
fix apkdb checksum representation (#1247) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-10-05 16:29:05 -04:00
Christopher Angelo Phillips
7d2fe9d95e
feat: add identifiable field to source object (#1243) 2022-10-05 14:01:40 -04:00
Keith Zantow
4d2f18218c
fix: Follow symlinks when searching for globs in all-layers scope (#1221) 2022-09-30 13:01:08 -04:00
Christopher Angelo Phillips
dd7c654ed0
update requires to use list; remove field (#1234) 2022-09-30 11:57:13 -04:00
Hiroaki KAWAI
b9b13d5525
Add Conan (C/C++) conan.lock file support (#1230) 
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
 2022-09-29 18:45:59 +00:00
Keith Zantow
6a40dbf765
Do not fail if unable to parse .rpm file (#1232) 2022-09-28 11:26:06 -04:00
Keith Zantow
16c62a1378
fix: support exclude patterns on Windows (#1228) 2022-09-26 10:59:19 -04:00
Christopher Angelo Phillips
04d288b364
feat: catalog python files for installed-files.txt file metadata (#1217) 
Co-authored-by: houdini91 <mdstrauss91@gmail.com>
 2022-09-19 20:08:02 +00:00
Keith Zantow
c2005fad8d
Stabilize SPDX JSON output sorting (#1216) 2022-09-19 15:31:00 -04:00
Christopher Angelo Phillips
b48316742f
refactor: replace ioutil=>io; update linter (#1211) 2022-09-16 17:58:16 +00:00
Keith Zantow
b20310eaf8
Add gosimports (#1205) 2022-09-14 13:38:18 -04:00
Chapman Pendery
9097614f3b
refactor: move formats from internal into syft module (#1172) 2022-09-13 11:20:52 -04:00
Alex Goodman
c5dca001e2
warn on errors from RPM DB parsing (#1200) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-09-09 18:59:42 +00:00
Keith Zantow
70db13d49e
Add RPM file scanning support (#1188) 2022-09-07 14:16:30 -04:00
Scott Andrews
1c7b7c5f8a
Normalize syft-json output (#1194) 2022-09-07 10:56:49 -04:00
Christopher Angelo Phillips
586d3fe77f
Revert "External sources configuration (#1158)" (#1191) 
reverted as functionality is to be merged with dev branch of kubecon draft
 2022-09-01 15:45:35 -04:00
Keith Zantow
a17ff7b555
Fix RPM DB license handling (#1184) 2022-08-30 14:38:12 -04:00
Christopher Angelo Phillips
615f933d98
Bug fix for 1095 - syft conversion option error (#1177) 
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2022-08-25 17:36:15 -04:00
Keith Zantow
7d4f333ec4
enhance development support on macOS ARM (#1163) 2022-08-24 13:48:14 -04:00
Scott Andrews
5e93d1ea1e
Capture if a node module is private (#1161) 2022-08-24 17:07:56 +00:00
Keith Zantow
57c5413fe0
Find version numbers from jars with different naming conventions (#1174) 2022-08-24 12:56:53 -04:00
anchore-actions-token-generator[bot]
b0fc955e0c
Update syft bootstrap tools to latest versions. (#1171) 
* Update syft bootstrap tools to latest versions.

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-23 20:36:59 +01:00
cpendery
c56d3b5eef
feat: add support for licenses in package-lock json v2 (#1164) 2022-08-22 11:23:44 -04:00
Marco Deicas
13296880cd
External sources configuration (#1158) 2022-08-22 11:22:18 -04:00
cpendery
e9221ae25d
feat: add support for pnpm (#1166) 2022-08-22 10:45:55 -04:00
Justin Chadwell
f3c3d3d98e
Prevent symlinks causing duplicate package-file relationships (#1168) 2022-08-22 10:29:00 -04:00
Keith Zantow
21eb772060
Associate node package licenses from node_modules (#1152) 2022-08-16 14:14:02 -04:00
Dan Nurmi
04387301ce
Add modularitylabel metadata to RPM type records generated by syft (#1148) 
* bump cosign to v1.10.1 (#1144)

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145.

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* update to address lint failures

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* Update syft/pkg/rpmdb_metadata.go

Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* update json schema to match camel case

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
 2022-08-08 11:52:32 +00:00
Tom Fay
621f0fe082
cataloger configuration is respected regardless of source (#1142) 2022-08-04 21:14:23 +00:00
Tom Fay
9896ff1b1f
add a cataloger for binaries built with rust-audit (#1116) 
* add a cataloger for binaries built with rust-audit

Signed-off-by: Tom Fay <tomfay@microsoft.com>
 2022-07-28 18:17:38 +00:00
cpendery
8235e8e581
fix: use generic instead of not generating purl (#1119) 2022-07-27 09:06:37 -04:00
cpendery
9b1adce19a
feat: implement haskell support (#1096) 2022-07-18 15:33:54 -04:00
cpendery
470b13045b
feat: add support for cocoapods (Swift/Objective-C) (#1081) 2022-07-11 10:09:08 -04:00
Rob Best
2f1aa33ce8
Fix package url for Go modules with no / (#1092) 2022-07-11 10:07:34 -04:00