add syft attest command to produce an attestation as application/vnd.in-toto+json to standard out using on disk PKI
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* Make installation methods more obvious
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Create linkable section headers
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add badge for joining Slack
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Document requirement for signed commits
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* add docs for spdx support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* copy updates for format options
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add registry image source
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* use explicit source for fetching image + add scheme and registry tests
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* adjust test variable name and add credential helper function
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add initial secrets cataloger
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update ETUI elements with new catalogers (file metadata, digests, and secrets)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update secrets cataloger to read full contents into memory for searching
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* quick prototype of parallelization secret regex search
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* quick prototype with single aggregated regex
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* quick prototype for secret search line-by-line
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* quick prototype hybrid secrets search
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add secrets cataloger with line strategy
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* adjust verbiage towards SearchResults instead of Secrets + add tests
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update json schema with secrets cataloger results
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* address PR comments
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update readme with secrets config options
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* ensure file catalogers call AllLocations once
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add support to upload results to enterprise
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add package sbom upload
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add dockerfile support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add manifest, index, and dockerfile import functions
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* schema version to json output + enhance json schema generation
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* modify package SBOM shape to be entire syft document + add etui updates
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add import image config and manifest support
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add config options for import to enterprise
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* incorporate final stereoscope and client-go deps
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
