oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 08:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,101 Commits 60 Branches 243 Tags
Commit Graph

446 Commits

Author SHA1 Message Date
Brian Ebarb
4194a2cd34
feat: add relationships to ELF package discovery (#2715) 
This PR adds DependencyOf relationships when ELF packages have been discovered by the binary cataloger. The discovered file.Executable type has a []ImportedLibraries that's read from the file when discovered by syft. By mapping these imported libraries back to the package collection, syft is able to create relationships showing which packages are dependencies of other packages by just reading metadata from the ELF executable.

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Brian Ebarb <ebarb.brian@sers.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-05-09 13:53:59 -04:00
dependabot[bot]
1892f24002
chore(deps): bump github.com/docker/docker (#2859) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.1+incompatible to 26.1.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.1...v26.1.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 12:02:36 -04:00
dependabot[bot]
88aaab2841
chore(deps): bump github.com/charmbracelet/bubbletea (#2860) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 12:02:28 -04:00
dependabot[bot]
6c2e8c8c4b
chore(deps): bump github.com/sassoftware/go-rpmutils from 0.3.0 to 0.4.0 (#2856) 
Bumps [github.com/sassoftware/go-rpmutils](https://github.com/sassoftware/go-rpmutils) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/sassoftware/go-rpmutils/releases)
- [Commits](https://github.com/sassoftware/go-rpmutils/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/sassoftware/go-rpmutils
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-08 10:33:11 -04:00
dependabot[bot]
78625164c6
chore(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 (#2849) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.24.0 to 0.25.0.
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-07 12:05:43 -04:00
William Murphy
3713d97b7b
chore: use ruleguard to test for missing defer statements (#2837) 
* chore: ruleguard to enforce defer use

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* fix go.mod location

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close in linux release identifier

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: better lint suggestion

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: refactor binary classifier to defer close

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in gentoo cataloger

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: make go license parsing defer close readers

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer closing readers in alpine apm parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in graalvm parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in debian package parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in alpm parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in executable file cataloger

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in javascript license parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* chore: defer close readers in go mod parser

Signed-off-by: Will Murphy <will.murphy@anchore.com>

---------

Signed-off-by: Will Murphy <will.murphy@anchore.com>
 2024-05-07 05:42:29 -04:00
dependabot[bot]
9de533996e
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.8 to 6.5.9 (#2842) 
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty) from 6.5.8 to 6.5.9.
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.8...v6.5.9)

---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 11:44:05 -04:00
dependabot[bot]
7aae7470e2
chore(deps): bump modernc.org/sqlite from 1.29.8 to 1.29.9 (#2843) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.8 to 1.29.9.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.8...v1.29.9)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 11:43:55 -04:00
dependabot[bot]
d6604adaaf
chore(deps): bump github.com/charmbracelet/bubbletea (#2838) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-03 09:50:20 -04:00
anchore-actions-token-generator[bot]
9bbb42620a
chore(deps): update stereoscope to 2e9894674185d121917b283f773c2b5830f8b360 (#2831) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
 2024-05-02 09:38:23 -04:00
dependabot[bot]
0b4de3d0c7
chore(deps): bump github.com/charmbracelet/bubbletea (#2833) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 0.25.0 to 0.26.0.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-02 09:36:49 -04:00
dependabot[bot]
93a99e36c2
chore(deps): bump github.com/docker/docker (#2827) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.0+incompatible to 26.1.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.1.0...v26.1.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-01 11:03:31 -04:00
anchore-actions-token-generator[bot]
f2fc10aa86
chore(deps): update stereoscope to 8b297badafd5d81fa1187b26ae34dd2a7ce7e425 (#2807) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
 2024-04-24 15:19:13 -04:00
dependabot[bot]
5326efcef1
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.3 to 0.5.4 (#2810) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.3...v0.5.4)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-24 12:04:09 -04:00
dependabot[bot]
fbdd4ee015
chore(deps): bump github.com/docker/docker (#2805) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.2+incompatible to 26.1.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.2...v26.1.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-23 14:32:34 -04:00
William Murphy
f154bf570d
Display which provider caused which error in output (#2757) 
* Display which provider caused which error in output

Otherwise, the output is very difficult to parse.

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* lint fix

Signed-off-by: Will Murphy <will.murphy@anchore.com>

* bump stereoscope to v0.0.2

Signed-off-by: Will Murphy <will.murphy@anchore.com>

---------

Signed-off-by: Will Murphy <will.murphy@anchore.com>
 2024-04-23 14:27:39 -04:00
dependabot[bot]
f2633800ce
chore(deps): bump github.com/docker/docker (#2793) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.1+incompatible to 26.0.2+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.1...v26.0.2)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 15:06:57 -04:00
dependabot[bot]
4f227bf447
chore(deps): bump modernc.org/sqlite from 1.29.7 to 1.29.8 (#2794) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.7 to 1.29.8.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.7...v1.29.8)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 15:06:44 -04:00
dependabot[bot]
31969136e3
chore(deps): bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#2790) 
Bumps [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) from 0.5.3 to 0.5.4.
- [Release notes](https://github.com/spdx/tools-golang/releases)
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.3...v0.5.4)

---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-18 12:39:42 -04:00
dependabot[bot]
3b01e13f92
chore(deps): bump modernc.org/sqlite from 1.29.6 to 1.29.7 (#2783) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.6 to 1.29.7.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.6...v1.29.7)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-16 11:05:35 -04:00
dependabot[bot]
21eaa5c82b
chore(deps): bump github.com/docker/docker (#2773) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.0.0+incompatible to 26.0.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v26.0.0...v26.0.1)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-12 15:33:27 -04:00
dependabot[bot]
88cef1e05c
chore(deps): bump modernc.org/sqlite from 1.29.5 to 1.29.6 (#2761) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.5 to 1.29.6.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.5...v1.29.6)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-09 12:02:56 -04:00
dependabot[bot]
870d97ca5a
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.6 to 6.5.8 (#2754) 
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty) from 6.5.6 to 6.5.8.
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.6...v6.5.8)

---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 12:19:45 -04:00
dependabot[bot]
e681bc4780
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.2 to 0.5.3 (#2755) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.2...v0.5.3)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 12:19:32 -04:00
dependabot[bot]
67781e98a2
chore(deps): bump golang.org/x/mod from 0.16.0 to 0.17.0 (#2751) 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/mod/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-05 19:22:00 +00:00
dependabot[bot]
3e4e3bb1d4
chore(deps): bump golang.org/x/net from 0.23.0 to 0.24.0 (#2752) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-05 15:10:15 -04:00
dependabot[bot]
0fa925e5af
chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 (#2747) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-04 10:34:03 -04:00
Christopher Angelo Phillips
e100776f22
chore: update anchore/packageurl-go to use latest commits (#2746) 
chore: update packageurl-go dependency to use latest commits
chore: go mod tidy
unit: update + -> %2B
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
 2024-04-04 10:33:51 -04:00
Laurent Goderre
e0233625cb
feat: cataloger for PHP Pecl and PEAR packages (#2604) 
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
 2024-04-02 11:55:56 -04:00
dependabot[bot]
e0f5b5a787
chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#2743) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-01 14:14:07 -04:00
dependabot[bot]
16edb40c72
chore(deps): bump github.com/distribution/reference from 0.5.0 to 0.6.0 (#2738) 
Bumps [github.com/distribution/reference](https://github.com/distribution/reference) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/distribution/reference/releases)
- [Commits](https://github.com/distribution/reference/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/distribution/reference
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-28 12:22:00 -04:00
dependabot[bot]
57e9cc52a4
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#2731) 
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-26 11:52:50 -04:00
dependabot[bot]
fe3704d4a9
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.5 to 6.5.6 (#2734) 
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.5...v6.5.6)

---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-26 11:50:07 -04:00
dependabot[bot]
c83556e7b6
chore(deps): bump github.com/docker/docker (#2730) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.4+incompatible to 26.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.4...v26.0.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-21 12:14:32 -04:00
dependabot[bot]
96d2b4a368
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.5 (#2718) 
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty) from 6.5.4 to 6.5.5.
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.5.4...v6.5.5)

---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-15 10:33:11 -04:00
dependabot[bot]
807de976c4
chore(deps): bump github.com/google/go-containerregistry (#2719) 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-15 10:32:51 -04:00
dependabot[bot]
7ab6fc3fe4
chore(deps): bump modernc.org/sqlite from 1.29.3 to 1.29.5 (#2710) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.3 to 1.29.5.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.3...v1.29.5)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 09:58:56 -04:00
dependabot[bot]
4ca79c7626
chore(deps): bump github.com/knqyf263/go-rpmdb (#2701) 
Bumps [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb) from 0.0.0-20230301153543-ba94b245509b to 0.1.0.
- [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: github.com/knqyf263/go-rpmdb
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-11 11:48:05 -04:00
dependabot[bot]
e2a9d891b2
chore(deps): bump github.com/docker/docker (#2698) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.3+incompatible to 25.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v25.0.3...v25.0.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-07 13:00:14 -05:00
dependabot[bot]
5b09c154bb
chore(deps): bump modernc.org/sqlite from 1.29.2 to 1.29.3 (#2699) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.2 to 1.29.3.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.2...v1.29.3)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-07 13:00:02 -05:00
dependabot[bot]
1b121ac3f4
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#2689) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 14:25:56 -05:00
dependabot[bot]
e214645394
chore(deps): bump github.com/charmbracelet/lipgloss from 0.9.1 to 0.10.0 (#2695) 
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss) from 0.9.1 to 0.10.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases)
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.9.1...v0.10.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 14:24:46 -05:00
dependabot[bot]
5bd1cd5c13
chore(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0 (#2690) 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/mod/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 10:15:18 -05:00
dependabot[bot]
fe4f17286f
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#2684) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-01 13:51:18 -05:00
Christopher Angelo Phillips
4d0dd02d5a
chore: update stereoscope (#2683) 
* chore: update stereoscope to account for traversal bug fix

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
 2024-02-29 13:32:18 -05:00
Alex Goodman
48e5672a87
Consider filesystem types for mount points when ignoring system paths (#2675) 
* consider fs types for mount points when ignoring system paths

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* address feedback

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2024-02-28 15:37:17 -05:00
Keith Zantow
a978966cad
feat: add --from flag, refactor source providers (#2610) 
Signed-off-by: Keith Zantow <kzantow@gmail.com>
 2024-02-27 16:44:37 -05:00
dependabot[bot]
928511ea0f
chore(deps): bump modernc.org/sqlite from 1.29.1 to 1.29.2 (#2671) 2024-02-26 10:57:06 -05:00
anchore-actions-token-generator[bot]
8260bce057
chore(deps): update stereoscope to 6171ee21e1d584f6bde910f354d126c9cd70deaa (#2655) 2024-02-17 10:22:56 -05:00
dependabot[bot]
a7da2270c7
chore(deps): bump modernc.org/sqlite from 1.29.0 to 1.29.1 (#2640) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.29.0 to 1.29.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.29.0...v1.29.1)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-14 09:20:54 -05:00