Will Murphy
36639f136b
chore(deps): bump github.com/buger/jsonsparser to v1.1.2 ( #4680 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-19 15:08:18 +00:00
dependabot[bot]
f32238c268
chore(deps): bump the go-minor-patch group with 2 updates ( #4678 )
...
Bumps the go-minor-patch group with 2 updates: [golang.org/x/net](https://github.com/golang/net ) and [golang.org/x/tools](https://github.com/golang/tools ).
Updates `golang.org/x/net` from 0.51.0 to 0.52.0
- [Commits](https://github.com/golang/net/compare/v0.51.0...v0.52.0 )
Updates `golang.org/x/tools` from 0.42.0 to 0.43.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.42.0...v0.43.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.52.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-19 10:25:19 -04:00
dependabot[bot]
0c8eef65f0
chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 ( #4675 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.79.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:55:30 -04:00
dependabot[bot]
4d42f8af32
chore(deps): bump the go-minor-patch group with 2 updates ( #4674 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) and [golang.org/x/mod](https://github.com/golang/mod ).
Updates `github.com/hashicorp/go-getter` from 1.8.4 to 1.8.5
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.4...v1.8.5 )
Updates `golang.org/x/mod` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
dependency-version: 0.34.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:13:35 -04:00
Will Murphy
e38851143e
chore: centralize temp files and prefer streaming IO ( #4668 )
...
* chore: centralize temp files and prefer streaming IO
Catalogers that create temp files ad-hoc can easily forget cleanup,
leaking files on disk. Similarly, io.ReadAll is convenient but risks
OOM on large or malicious inputs.
Introduce internal/tmpdir to manage all cataloger temp storage under
a single root directory with automatic cleanup. Prefer streaming
parsers (bufio.Scanner, json/yaml.NewDecoder, io.LimitReader) over
buffering entire inputs into memory. Add ruleguard rules to enforce
both practices going forward.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: go back to old release parsing
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify to limit reader in version check
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: regex change postponed
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify supplement release to limitreader
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-18 10:53:51 -04:00
dependabot[bot]
cccc9bf7f9
chore(deps): bump the go-minor-patch group with 3 updates ( #4669 )
...
Bumps the go-minor-patch group with 3 updates: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ), [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) and [golang.org/x/time](https://github.com/golang/time ).
Updates `github.com/google/go-containerregistry` from 0.21.1 to 0.21.2
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.21.1...v0.21.2 )
Updates `github.com/olekukonko/tablewriter` from 1.1.3 to 1.1.4
- [Release notes](https://github.com/olekukonko/tablewriter/releases )
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.3...v1.1.4 )
Updates `golang.org/x/time` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/time/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-version: 0.21.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/time
dependency-version: 0.15.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 11:25:41 -04:00
anchore-actions-token-generator[bot]
75455f050a
chore(deps): update anchore dependencies ( #4631 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-03-09 18:10:53 +00:00
dependabot[bot]
c88051d74e
chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 ( #4638 )
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-version: 1.6.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 10:34:11 -04:00
dependabot[bot]
2c201469c3
chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 ( #4646 )
...
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go ) from 1.39.0 to 1.40.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.39.0...v1.40.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
dependency-version: 1.40.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 10:29:46 -04:00
dependabot[bot]
22014b6022
chore(deps): bump the go-minor-patch group across 1 directory with 5 updates ( #4661 )
...
Bumps the go-minor-patch group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [github.com/github/go-spdx/v2](https://github.com/github/go-spdx ) | `2.3.6` | `2.4.0` |
| [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy ) | `5.7.0` | `5.8.0` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) | `5.16.5` | `5.17.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.50.0` | `0.51.0` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) | `1.45.0` | `1.46.1` |
Updates `github.com/github/go-spdx/v2` from 2.3.6 to 2.4.0
- [Release notes](https://github.com/github/go-spdx/releases )
- [Commits](https://github.com/github/go-spdx/compare/v2.3.6...v2.4.0 )
Updates `github.com/go-git/go-billy/v5` from 5.7.0 to 5.8.0
- [Release notes](https://github.com/go-git/go-billy/releases )
- [Commits](https://github.com/go-git/go-billy/compare/v5.7.0...v5.8.0 )
Updates `github.com/go-git/go-git/v5` from 5.16.5 to 5.17.0
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.16.5...v5.17.0 )
Updates `golang.org/x/net` from 0.50.0 to 0.51.0
- [Commits](https://github.com/golang/net/compare/v0.50.0...v0.51.0 )
Updates `modernc.org/sqlite` from 1.45.0 to 1.46.1
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.45.0...v1.46.1 )
---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/go-git/go-billy/v5
dependency-version: 5.8.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/go-git/go-git/v5
dependency-version: 5.17.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
dependency-version: 0.51.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.46.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 10:20:06 -04:00
Alex Goodman
b5e85c3ea5
chore: migrate fixtures to testdata ( #4651 )
...
* migrate fixtures to testdata
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix: correct broken symlinks after testdata migration
The migration from test-fixtures to testdata broke several symlinks:
- elf-test-fixtures symlinks pointed to old test-fixtures paths
- elf-test-fixtures needed to be renamed to elf-testdata
- image-pkg-coverage symlink pointed to test-fixtures instead of testdata
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix: handle missing classifiers/bin directory in Makefile
The clean-fingerprint target was failing when classifiers/bin doesn't
exist (e.g., on fresh clone without downloaded binaries).
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix: add gitignore negation for jar/zip fixtures in test/cli
The jar and zip files in test/cli/testdata/image-unknowns were being
gitignored by the root .gitignore patterns. This caused them to be
untracked and not included when building docker images in CI, resulting
in Test_Unknowns failures since the test expects errors from corrupt
archive files that weren't present.
Add a .gitignore in test/cli/testdata to negate the exclusions for
these specific test fixture files.
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* switch fixture cache to v2
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* test: update expected versions for rebuilt fixtures
Update test expectations for packages that have been updated in
upstream repositories when docker images are rebuilt:
- glibc: 2.42-r4 → 2.43-r1 (wolfi)
- php: 8.2.29 → 8.2.30 (ubuntu/apache)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* upgrade go
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix: add go-shlex dependency for testdata manager tool
The manager tool in syft/pkg/cataloger/binary/testdata/ imports
go-shlex, but since it's in a testdata directory, Go doesn't track
its dependencies. This caused CI failures when go.mod didn't
explicitly list the dependency.
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* refactor: move binary classifier manager to internal/
Move the manager tool from testdata/manager to internal/manager so
that Go properly tracks its dependencies. Code in testdata directories
is ignored by Go for dependency tracking, which caused CI failures
when go.mod didn't explicitly list transitive dependencies.
This is a cleaner solution than manually adding dependencies to go.mod
for code that happens to live in testdata.
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix: add gitignore negations for test fixtures blocked by root patterns
Multiple test fixtures were being blocked by root-level gitignore patterns
like bin/, *.jar, *.tar, and *.exe. This adds targeted .gitignore files with
negation patterns to allow these specific test fixtures to be tracked:
- syft/linux/testdata/os/busybox/bin/busybox (blocked by bin/)
- syft/pkg/cataloger/java/testdata/corrupt/example.{jar,tar} (blocked by *.jar, *.tar)
- syft/pkg/cataloger/binary/testdata/classifiers/snippets/go-version-hint/**/bin/go (blocked by bin/)
- syft/pkg/cataloger/bitnami/testdata/no-rel/.../bin/redis-server (blocked by bin/)
Also updates the bitnami test expectation to include the newly required
.gitignore files in the test fixture.
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* test: update glibc version expectation (2.43-r1 -> 2.43-r2)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add capability drift check as unit step
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* dont clear test observations before drift detection
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump stereoscope commit to main
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-03-06 19:42:04 +00:00
dependabot[bot]
f5110f109a
chore(deps): bump github.com/charmbracelet/bubbles from 0.21.1 to 1.0.0 ( #4633 )
...
Bumps [github.com/charmbracelet/bubbles](https://github.com/charmbracelet/bubbles ) from 0.21.1 to 1.0.0.
- [Release notes](https://github.com/charmbracelet/bubbles/releases )
- [Commits](https://github.com/charmbracelet/bubbles/compare/v0.21.1...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbles
dependency-version: 1.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-20 08:41:21 -05:00
dependabot[bot]
612eadb22e
chore(deps): bump the go-minor-patch group with 5 updates ( #4632 )
...
Bumps the go-minor-patch group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [golang.org/x/mod](https://github.com/golang/mod ) | `0.32.0` | `0.33.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.49.0` | `0.50.0` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) | `1.44.3` | `1.45.0` |
| [golang.org/x/tools](https://github.com/golang/tools ) | `0.41.0` | `0.42.0` |
| [github.com/gpustack/gguf-parser-go](https://github.com/gpustack/gguf-parser-go ) | `0.23.1` | `0.24.0` |
Updates `golang.org/x/mod` from 0.32.0 to 0.33.0
- [Commits](https://github.com/golang/mod/compare/v0.32.0...v0.33.0 )
Updates `golang.org/x/net` from 0.49.0 to 0.50.0
- [Commits](https://github.com/golang/net/compare/v0.49.0...v0.50.0 )
Updates `modernc.org/sqlite` from 1.44.3 to 1.45.0
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.3...v1.45.0 )
Updates `golang.org/x/tools` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.41.0...v0.42.0 )
Updates `github.com/gpustack/gguf-parser-go` from 0.23.1 to 0.24.0
- [Release notes](https://github.com/gpustack/gguf-parser-go/releases )
- [Commits](https://github.com/gpustack/gguf-parser-go/compare/v0.23.1...v0.24.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.33.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
dependency-version: 0.50.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.45.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.42.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/gpustack/gguf-parser-go
dependency-version: 0.24.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-20 08:40:09 -05:00
Christopher Angelo Phillips
2fe5f9c7b8
fix: bumps go mod version to 1.25; ci takes latest patch ( #4628 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-02-17 12:04:51 -05:00
dependabot[bot]
458ebbbff8
chore(deps): bump the go-minor-patch group with 2 updates ( #4621 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go ) and [github.com/charmbracelet/bubbles](https://github.com/charmbracelet/bubbles ).
Updates `github.com/CycloneDX/cyclonedx-go` from 0.9.3 to 0.10.0
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases )
- [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.9.3...v0.10.0 )
Updates `github.com/charmbracelet/bubbles` from 0.21.0 to 0.21.1
- [Release notes](https://github.com/charmbracelet/bubbles/releases )
- [Commits](https://github.com/charmbracelet/bubbles/compare/v0.21.0...v0.21.1 )
---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
dependency-version: 0.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/charmbracelet/bubbles
dependency-version: 0.21.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-17 10:14:13 -05:00
anchore-actions-token-generator[bot]
9872ff36ba
chore(deps): update anchore dependencies ( #4613 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-02-10 17:19:56 +00:00
dependabot[bot]
31c503124f
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 ( #4612 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.16.4 to 5.16.5.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.16.4...v5.16.5 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-version: 5.16.5
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-10 08:25:31 -05:00
dependabot[bot]
443de210ca
chore(deps): bump github.com/bmatcuk/doublestar/v4 ( #4606 )
...
Bumps the go-minor-patch group with 1 update: [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar ).
Updates `github.com/bmatcuk/doublestar/v4` from 4.9.2 to 4.10.0
- [Release notes](https://github.com/bmatcuk/doublestar/releases )
- [Commits](https://github.com/bmatcuk/doublestar/compare/v4.9.2...v4.10.0 )
---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar/v4
dependency-version: 4.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-06 13:20:24 -05:00
dependabot[bot]
69d0898918
chore(deps): bump the go-minor-patch group with 2 updates ( #4583 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ).
Updates `github.com/olekukonko/tablewriter` from 1.1.2 to 1.1.3
- [Release notes](https://github.com/olekukonko/tablewriter/releases )
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.2...v1.1.3 )
Updates `modernc.org/sqlite` from 1.44.1 to 1.44.3
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.1...v1.44.3 )
---
updated-dependencies:
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.44.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-30 11:24:34 -05:00
anchore-actions-token-generator[bot]
e8b4527bfb
chore(deps): update anchore dependencies ( #4575 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-27 10:14:26 +00:00
dependabot[bot]
c0e0058c86
chore(deps): bump the go-minor-patch group with 6 updates ( #4567 )
...
Bumps the go-minor-patch group with 6 updates:
| Package | From | To |
| --- | --- | --- |
| [github.com/github/go-spdx/v2](https://github.com/github/go-spdx ) | `2.3.5` | `2.3.6` |
| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure ) | `2.4.0` | `2.5.0` |
| [golang.org/x/mod](https://github.com/golang/mod ) | `0.31.0` | `0.32.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.48.0` | `0.49.0` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) | `1.43.0` | `1.44.1` |
| [golang.org/x/tools](https://github.com/golang/tools ) | `0.40.0` | `0.41.0` |
Updates `github.com/github/go-spdx/v2` from 2.3.5 to 2.3.6
- [Release notes](https://github.com/github/go-spdx/releases )
- [Commits](https://github.com/github/go-spdx/compare/v2.3.5...v2.3.6 )
Updates `github.com/go-viper/mapstructure/v2` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/go-viper/mapstructure/releases )
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md )
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.4.0...v2.5.0 )
Updates `golang.org/x/mod` from 0.31.0 to 0.32.0
- [Commits](https://github.com/golang/mod/compare/v0.31.0...v0.32.0 )
Updates `golang.org/x/net` from 0.48.0 to 0.49.0
- [Commits](https://github.com/golang/net/compare/v0.48.0...v0.49.0 )
Updates `modernc.org/sqlite` from 1.43.0 to 1.44.1
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.43.0...v1.44.1 )
Updates `golang.org/x/tools` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.40.0...v0.41.0 )
---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
dependency-version: 2.3.6
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/go-viper/mapstructure/v2
dependency-version: 2.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
dependency-version: 0.32.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
dependency-version: 0.49.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.44.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.41.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-23 10:37:10 -05:00
dependabot[bot]
7954324417
chore(deps): bump github.com/spdx/tools-golang ( #4557 )
...
Bumps the go-minor-patch group with 1 update in the / directory: [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang ).
Updates `github.com/spdx/tools-golang` from 0.5.6 to 0.5.7
- [Release notes](https://github.com/spdx/tools-golang/releases )
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md )
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.6...v0.5.7 )
---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
dependency-version: 0.5.7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-16 13:04:13 -05:00
anchore-actions-token-generator[bot]
63927ab49f
chore(deps): update anchore dependencies ( #4552 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-15 21:33:35 +00:00
dependabot[bot]
695bbcc4f9
chore(deps): bump the go-minor-patch group with 4 updates ( #4543 )
...
Bumps the go-minor-patch group with 4 updates: [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree ), [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ), [github.com/goccy/go-yaml](https://github.com/goccy/go-yaml ) and [github.com/gpustack/gguf-parser-go](https://github.com/gpustack/gguf-parser-go ).
Updates `github.com/vbatts/go-mtree` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/vbatts/go-mtree/releases )
- [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md )
- [Commits](https://github.com/vbatts/go-mtree/compare/v0.6.0...v0.7.0 )
Updates `modernc.org/sqlite` from 1.42.2 to 1.43.0
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.42.2...v1.43.0 )
Updates `github.com/goccy/go-yaml` from 1.19.1 to 1.19.2
- [Release notes](https://github.com/goccy/go-yaml/releases )
- [Changelog](https://github.com/goccy/go-yaml/blob/master/CHANGELOG.md )
- [Commits](https://github.com/goccy/go-yaml/compare/v1.19.1...v1.19.2 )
Updates `github.com/gpustack/gguf-parser-go` from 0.22.1 to 0.23.1
- [Release notes](https://github.com/gpustack/gguf-parser-go/releases )
- [Commits](https://github.com/gpustack/gguf-parser-go/compare/v0.22.1...v0.23.1 )
---
updated-dependencies:
- dependency-name: github.com/vbatts/go-mtree
dependency-version: 0.7.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/goccy/go-yaml
dependency-version: 1.19.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/gpustack/gguf-parser-go
dependency-version: 0.23.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-09 13:13:56 -05:00
anchore-actions-token-generator[bot]
11e871566b
chore(deps): update anchore dependencies ( #4535 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-08 12:16:49 +00:00
dependabot[bot]
3ea6a03cd0
chore(deps): bump the go-minor-patch group with 3 updates ( #4524 )
...
* chore(deps): bump the go-minor-patch group with 3 updates
Bumps the go-minor-patch group with 3 updates: [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ), [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) and [github.com/invopop/jsonschema](https://github.com/invopop/jsonschema ).
Updates `github.com/BurntSushi/toml` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v1.5.0...v1.6.0 )
Updates `github.com/go-git/go-git/v5` from 5.16.3 to 5.16.4
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.16.3...v5.16.4 )
Updates `github.com/invopop/jsonschema` from 0.7.0 to 0.13.0
- [Commits](https://github.com/invopop/jsonschema/compare/v0.7.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-version: 1.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/go-git/go-git/v5
dependency-version: 5.16.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/invopop/jsonschema
dependency-version: 0.13.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* port breaking jsonschema lib changes
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* regenerate the existing json schema with new generation code
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-06 15:25:43 +00:00
dependabot[bot]
488511f69d
chore(deps): bump modernc.org/sqlite from 1.41.0 to 1.42.2 ( #4513 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.41.0 to 1.42.2.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.41.0...v1.42.2 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-version: 1.42.2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 10:46:39 -05:00
dependabot[bot]
d1adfdc3a6
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.7 to 6.7.8 ( #4502 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.7 to 6.7.8.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.7...v6.7.8 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.8
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 09:19:34 -05:00
dependabot[bot]
0028165062
chore(deps): bump github.com/spdx/tools-golang from 0.5.5 to 0.5.6 ( #4503 )
...
Bumps [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang ) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/spdx/tools-golang/releases )
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md )
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.5...v0.5.6 )
---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
dependency-version: 0.5.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 09:19:29 -05:00
dependabot[bot]
e44ef53489
chore(deps): bump github.com/hashicorp/go-getter from 1.8.3 to 1.8.4 ( #4518 )
...
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.3...v1.8.4 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 09:17:46 -05:00
dependabot[bot]
e0708e725f
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.18 to 0.5.19 ( #4520 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.18 to 0.5.19.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/0.5.18...v0.5.19 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-version: 0.5.19
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-05 09:17:39 -05:00
Alex Goodman
0ea920ba6d
Decompress UPX packed binaries to extract golang build info (ELF formatted binaries with lzma method only) ( #4480 )
...
* decompress upx packed binaries
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix linting and remove dead code
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-12-22 14:17:38 +00:00
dependabot[bot]
8334fb04ec
chore(deps): bump modernc.org/sqlite from 1.40.1 to 1.41.0 ( #4489 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.40.1 to 1.41.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.40.1...v1.41.0 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-version: 1.41.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-19 11:00:31 -05:00
dependabot[bot]
a2020fe1c7
chore(deps): bump github.com/goccy/go-yaml from 1.19.0 to 1.19.1 ( #4482 )
...
Bumps [github.com/goccy/go-yaml](https://github.com/goccy/go-yaml ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/goccy/go-yaml/releases )
- [Changelog](https://github.com/goccy/go-yaml/blob/master/CHANGELOG.md )
- [Commits](https://github.com/goccy/go-yaml/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: github.com/goccy/go-yaml
dependency-version: 1.19.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-17 10:20:43 -05:00
dependabot[bot]
a85e034afc
chore(deps): bump github.com/anchore/stereoscope from 0.1.14 to 0.1.16 ( #4470 )
...
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope ) from 0.1.14 to 0.1.16.
- [Release notes](https://github.com/anchore/stereoscope/releases )
- [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md )
- [Commits](https://github.com/anchore/stereoscope/compare/v0.1.14...v0.1.16 )
---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
dependency-version: 0.1.16
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-12 08:48:28 -05:00
dependabot[bot]
a0c5b8aa8d
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.5 to 6.7.7 ( #4460 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.5 to 6.7.7.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.5...v6.7.7 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:32:56 -05:00
anchore-actions-token-generator[bot]
bfe63f83db
chore(deps): update anchore dependencies ( #4440 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2025-12-09 20:56:03 +00:00
dependabot[bot]
6b0f924426
chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.2 to 5.7.0 ( #4448 )
...
Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy ) from 5.6.2 to 5.7.0.
- [Release notes](https://github.com/go-git/go-billy/releases )
- [Commits](https://github.com/go-git/go-billy/compare/v5.6.2...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-billy/v5
dependency-version: 5.7.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-09 09:56:00 -05:00
dependabot[bot]
1d718f3311
chore(deps): bump golang.org/x/tools from 0.39.0 to 0.40.0 ( #4453 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.39.0 to 0.40.0.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.39.0...v0.40.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-09 09:46:52 -05:00
dependabot[bot]
155738aba7
chore(deps): bump github.com/github/go-spdx/v2 from 2.3.4 to 2.3.5 ( #4434 )
...
Bumps [github.com/github/go-spdx/v2](https://github.com/github/go-spdx ) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/github/go-spdx/releases )
- [Commits](https://github.com/github/go-spdx/compare/v2.3.4...v2.3.5 )
---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
dependency-version: 2.3.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-04 13:42:59 -05:00
dependabot[bot]
2b72158b0b
chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 ( #4435 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-version: 1.10.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-04 13:42:50 -05:00
dependabot[bot]
b0c74d4104
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.17 to 0.5.18 ( #4432 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.17 to 0.5.18.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/0.5.17...0.5.18 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-version: 0.5.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-03 13:20:11 -05:00
dependabot[bot]
e556ceb4a8
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.15 to 0.5.17 ( #4413 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.15 to 0.5.17.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.15...0.5.17 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-version: 0.5.17
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 16:34:38 -05:00
dependabot[bot]
cd19ac956c
chore(deps): bump github.com/olekukonko/tablewriter from 1.1.1 to 1.1.2 ( #4427 )
...
Bumps [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) from 1.1.1 to 1.1.2.
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.1...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 16:34:07 -05:00
dependabot[bot]
e1e3d002bc
chore(deps): bump github.com/goccy/go-yaml from 1.18.0 to 1.19.0 ( #4426 )
...
Bumps [github.com/goccy/go-yaml](https://github.com/goccy/go-yaml ) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/goccy/go-yaml/releases )
- [Changelog](https://github.com/goccy/go-yaml/blob/master/CHANGELOG.md )
- [Commits](https://github.com/goccy/go-yaml/compare/v1.18.0...v1.19.0 )
---
updated-dependencies:
- dependency-name: github.com/goccy/go-yaml
dependency-version: 1.19.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 16:33:48 -05:00
dependabot[bot]
b9710a1e79
chore(deps): bump modernc.org/sqlite from 1.40.0 to 1.40.1 ( #4382 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.40.0 to 1.40.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.40.0...v1.40.1 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-version: 1.40.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 23:04:56 -05:00
dependabot[bot]
439a063d08
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.3 to 6.7.5 ( #4397 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.3 to 6.7.5.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.3...v6.7.5 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 10:20:59 -05:00
dependabot[bot]
479cf5aff2
chore(deps): bump github.com/google/go-containerregistry ( #4409 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.20.6 to 0.20.7.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.6...v0.20.7 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-version: 0.20.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 10:16:54 -05:00
dependabot[bot]
67709362b6
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.2 to 6.7.3 ( #4387 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.2 to 6.7.3.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.2...v6.7.3 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-20 12:01:21 -05:00
dependabot[bot]
55526dbde0
chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 ( #4391 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.44.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.44.0...v0.45.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.45.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-20 12:01:05 -05:00
