oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 08:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,091 Commits 60 Branches 243 Tags
Commit Graph

1091 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Adam Hughes
40d294a89e
feat: attest support for Singularity images (#1201) 2022-10-04 12:34:59 -04:00
anchore-actions-token-generator[bot]
91eece47ff
Update syft bootstrap tools to latest versions. (#1239) 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-10-04 10:18:21 +01:00
anchore-actions-token-generator[bot]
1fa4bab7a7
Update Stereoscope to 1b1b744a919964f38d14e1416fb3f25221b761ce (#1240) 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-10-04 10:17:29 +01:00
Keith Zantow
4d2f18218c
fix: Follow symlinks when searching for globs in all-layers scope (#1221) 2022-09-30 13:01:08 -04:00
Christopher Angelo Phillips
dd7c654ed0
update requires to use list; remove field (#1234) 2022-09-30 11:57:13 -04:00
Hiroaki KAWAI
b9b13d5525
Add Conan (C/C++) conan.lock file support (#1230) 
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
v0.58.0 		2022-09-29 18:45:59 +00:00
Christopher Angelo Phillips
e6502536a7
add sequence diagrams and flesh out TODO notes (#1233) 2022-09-28 13:05:49 -04:00
Keith Zantow
6a40dbf765
Do not fail if unable to parse .rpm file (#1232) 2022-09-28 11:26:06 -04:00
Keith Zantow
16c62a1378
fix: support exclude patterns on Windows (#1228) 2022-09-26 10:59:19 -04:00
anchore-actions-token-generator[bot]
30e8c4ab8e
Update syft bootstrap tools to latest versions. (#1225) 2022-09-23 09:26:30 -04:00
anchore-actions-token-generator[bot]
911242accc
Update Stereoscope to 56552770e555d764ea72b99d3c810326b27ead4a (#1224) 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-09-22 10:44:52 +01:00
anchore-actions-token-generator[bot]
ab6e1c4dc3
Update syft bootstrap tools to latest versions. (#1223) 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-09-22 10:41:36 +01:00
anchore-actions-token-generator[bot]
1cfa73732a
Update syft bootstrap tools to latest versions. (#1220) 
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-09-20 10:28:53 -04:00
Christopher Angelo Phillips
04d288b364
feat: catalog python files for installed-files.txt file metadata (#1217) 
Co-authored-by: houdini91 <mdstrauss91@gmail.com>
v0.57.0 		2022-09-19 20:08:02 +00:00
Keith Zantow
c2005fad8d
Stabilize SPDX JSON output sorting (#1216) 2022-09-19 15:31:00 -04:00
Christopher Angelo Phillips
0f99215b2c
bug: remove chance for panic; provide default attestation path (#1214) 2022-09-19 15:50:33 +00:00
Christopher Angelo Phillips
ad263e6562
refactor: update Makefile organization; update DEVELOPING.md instructions (#1212) 2022-09-19 10:38:12 -04:00
Christopher Angelo Phillips
b48316742f
refactor: replace ioutil=>io; update linter (#1211) 2022-09-16 17:58:16 +00:00
anchore-actions-token-generator[bot]
0a1cd25ba5
Update bootstrap tools to latest versions. (#1204) 2022-09-14 15:28:08 -04:00
Keith Zantow
b20310eaf8
Add gosimports (#1205) 2022-09-14 13:38:18 -04:00
Chapman Pendery
9097614f3b
refactor: move formats from internal into syft module (#1172) 2022-09-13 11:20:52 -04:00
Alex Goodman
c5dca001e2
warn on errors from RPM DB parsing (#1200) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
v0.56.0 		2022-09-09 18:59:42 +00:00
Adam Hughes
999994f197
docs: improve Singularity image source docs (#1190) 2022-09-07 14:43:38 -04:00
Keith Zantow
70db13d49e
Add RPM file scanning support (#1188) 2022-09-07 14:16:30 -04:00
Scott Andrews
1c7b7c5f8a
Normalize syft-json output (#1194) 2022-09-07 10:56:49 -04:00
Christopher Angelo Phillips
586d3fe77f
Revert "External sources configuration (#1158)" (#1191) 
reverted as functionality is to be merged with dev branch of kubecon draft
 2022-09-01 15:45:35 -04:00
anchore-actions-token-generator[bot]
1b0cfe7246
Update syft bootstrap tools to latest versions. (#1186) 
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-08-31 09:04:45 -04:00
Keith Zantow
a17ff7b555
Fix RPM DB license handling (#1184) 2022-08-30 14:38:12 -04:00
anchore-actions-token-generator[bot]
ccc5a89226
Update syft bootstrap tools to latest versions. (#1182) 
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-08-30 09:18:36 -04:00
Christopher Angelo Phillips
a7966a4d9d
update stereoscope to latest (#1181) v0.55.0 2022-08-29 19:28:19 +00:00
anchore-actions-token-generator[bot]
4ebf6aff86
Update syft bootstrap tools to latest versions. (#1180) 
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-08-29 10:30:58 -04:00
Christopher Angelo Phillips
615f933d98
Bug fix for 1095 - syft conversion option error (#1177) 
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2022-08-25 17:36:15 -04:00
anchore-actions-token-generator[bot]
2c882f6239
Update syft bootstrap tools to latest versions. (#1176) 
Co-authored-by: spiffcs <spiffcs@users.noreply.github.com>
 2022-08-25 09:14:24 -04:00
Keith Zantow
7d4f333ec4
enhance development support on macOS ARM (#1163) 2022-08-24 13:48:14 -04:00
Scott Andrews
5e93d1ea1e
Capture if a node module is private (#1161) 2022-08-24 17:07:56 +00:00
Keith Zantow
57c5413fe0
Find version numbers from jars with different naming conventions (#1174) 2022-08-24 12:56:53 -04:00
anchore-actions-token-generator[bot]
b0fc955e0c
Update syft bootstrap tools to latest versions. (#1171) 
* Update syft bootstrap tools to latest versions.

Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
 2022-08-23 20:36:59 +01:00
Weston Steimel
6949a2500f
Fix update-bootstrap-tools workflow (#1170) 2022-08-22 16:17:28 +00:00
Weston Steimel
5282820b5d
workflow to create automated PRs to update bootstrap tools (#1167) 2022-08-22 11:28:24 -04:00
cpendery
c56d3b5eef
feat: add support for licenses in package-lock json v2 (#1164) 2022-08-22 11:23:44 -04:00
Marco Deicas
13296880cd
External sources configuration (#1158) 2022-08-22 11:22:18 -04:00
cpendery
e9221ae25d
feat: add support for pnpm (#1166) 2022-08-22 10:45:55 -04:00
Justin Chadwell
f3c3d3d98e
Prevent symlinks causing duplicate package-file relationships (#1168) 2022-08-22 10:29:00 -04:00
Keith Zantow
21eb772060
Associate node package licenses from node_modules (#1152) v0.54.0 2022-08-16 14:14:02 -04:00
Josh Bressers
d1390b315e
Give the contributing guide a substantial rework (#1155) 2022-08-16 10:43:25 -04:00
Justin Chadwell
3db6911865
fix: extract file ids correctly for spdx-json (#1156) 
Previously, extracting relationships between packages and files was not
completing correctly, as SPDXRef- ElementIDs were being compared to raw
IDs, and so never matched. This patch ensures that we always compare
ElementIDs, to ensure that the hasFiles field is correctly populated.

Signed-off-by: Justin Chadwell <me@jedevc.com>
 2022-08-11 14:06:36 -04:00
Alex Goodman
2693a8c19a
metadata decoding should be optional (#1154) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2022-08-10 16:20:53 +00:00
anchore-actions-token-generator[bot]
1344889766
Update Stereoscope to 84004345484edb881f1cc1d841115da8abda06c3 (#1151) 
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-08-09 08:59:35 +00:00
Dan Nurmi
04387301ce
Add modularitylabel metadata to RPM type records generated by syft (#1148) 
* bump cosign to v1.10.1 (#1144)

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145.

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* update to address lint failures

Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* Update syft/pkg/rpmdb_metadata.go

Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Daniel Nurmi <nurmi@anchore.com>

* update json schema to match camel case

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Weston Steimel <weston.steimel@anchore.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
 2022-08-08 11:52:32 +00:00
anchore-actions-token-generator[bot]
4df84d380d
Update Stereoscope to 1c79d5c84abcc54466417fcc17c844a4875888a1 (#1149) 
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: kzantow <kzantow@users.noreply.github.com>
 2022-08-06 10:52:42 -04:00