dependabot[bot]
443de210ca
chore(deps): bump github.com/bmatcuk/doublestar/v4 ( #4606 )
...
Bumps the go-minor-patch group with 1 update: [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar ).
Updates `github.com/bmatcuk/doublestar/v4` from 4.9.2 to 4.10.0
- [Release notes](https://github.com/bmatcuk/doublestar/releases )
- [Commits](https://github.com/bmatcuk/doublestar/compare/v4.9.2...v4.10.0 )
---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar/v4
dependency-version: 4.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-06 13:20:24 -05:00
dependabot[bot]
1af8b1acaa
chore(deps): bump the actions-minor-patch group across 2 directories with 2 updates ( #4607 )
...
Bumps the actions-minor-patch group with 1 update in the / directory: [docker/login-action](https://github.com/docker/login-action ).
Bumps the actions-minor-patch group with 1 update in the /.github/actions/bootstrap directory: [actions/cache](https://github.com/actions/cache ).
Updates `docker/login-action` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](5e57cd1181...c94ce9fb46https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](9255dc7a25...cdf6c1fa76
2026-02-06 13:20:12 -05:00
Rez Moss
c185657d71
feat: add yarn lock dev dep detection; fixed #4548
...
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-02-05 22:27:17 +00:00
Will Murphy
48ee12be0c
ci(generate-capabilities): serialize writing and reading yaml ( #4602 )
...
Otherwise sometimes the test that reads will run during the test that
writes and fail because the yaml file is in a partially written state.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-02-05 11:35:45 -05:00
anchore-actions-token-generator[bot]
0b05f0ed69
chore(deps): update CPE dictionary index ( #4601 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-02-05 15:29:00 +00:00
Will Murphy
138cb1be0e
fix(cpe-generation): set start and end date ( #4600 )
...
* fix(cpe-generation): set start and end date
Previously, the update job was silently failing because the NVD API
returns a 404 with no body if a start date is specified but not an end
date. Further, the API returns an error if more than 120 days are in
range of the start and end date.
Update the API client to:
1. Return a non-nil error on http 404
2. Chunk the date range into 120 day chunks
3. Pass start and end date to avoid errors.
Also add more tolerant timestamp parsing since the previous update job
would fail with timestamp format errors.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* refactor(cpe-generator): remove callbacks
Previously, this job had callbacks that were there to make sure that
incremental progress could be written to disk. However, incremental
progress was not being written to disk, and there were issues related to
the callbacks like double logging. Therefore, just remove the callbacks
and do simple imperative code to page through the API results.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-02-05 09:54:24 -05:00
Peter Bücker
6755377554
fix: CPE detection for APK libavif to use aomedia vendor ( #4597 )
...
NVD uses "aomedia" as the vendor for libavif CVEs. This change adds
libavif to the APK package CPE candidate additions with "aomedia" as
an additional vendor, enabling Syft/Grype to match CVEs like
CVE-2025-48174 and CVE-2025-48175.
Signed-off-by: Peter Bücker <peter.buecker@gmail.com>
2026-02-05 09:11:44 +00:00
anchore-actions-token-generator[bot]
540c08a41b
chore(deps): update tools to latest versions ( #4594 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-02-04 09:26:09 -05:00
Keith Zantow
add2629446
fix: further improve go binary classifier, including windows ( #4593 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2026-02-03 10:29:00 -05:00
anchore-actions-token-generator[bot]
d22139ef1a
chore(deps): update tools to latest versions ( #4589 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-02-02 12:59:57 -05:00
Christopher Angelo Phillips
c94d1ccf1c
fix: lookup alternate scheme on url->licenseID ( #4588 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-01-30 14:25:27 -05:00
dependabot[bot]
69d0898918
chore(deps): bump the go-minor-patch group with 2 updates ( #4583 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ).
Updates `github.com/olekukonko/tablewriter` from 1.1.2 to 1.1.3
- [Release notes](https://github.com/olekukonko/tablewriter/releases )
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.2...v1.1.3 )
Updates `modernc.org/sqlite` from 1.44.1 to 1.44.3
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.1...v1.44.3 )
---
updated-dependencies:
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.44.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-30 11:24:34 -05:00
Rez Moss
94c8088542
feat: add Qt6 binary detection ( #4550 )
...
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-01-30 15:35:33 +00:00
dependabot[bot]
e136ebc44f
chore(deps): bump the actions-minor-patch group across 1 directory with 2 updates ( #4584 )
...
Bumps the actions-minor-patch group with 2 updates in the / directory: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action ).
Updates `peter-evans/create-pull-request` from 8.0.0 to 8.1.0
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](98357b18bf...c0f553fe54https://github.com/zizmorcore/zizmor-action/releases )
- [Commits](e639db9933...135698455d
2026-01-30 10:33:32 -05:00
Alan Pope
0bca34f986
fix: snap cataloger incorrectly identifies snap container as deb package ( #4500 )
...
Signed-off-by: Alan Pope <alan@popey.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-01-30 10:19:26 -05:00
anchore-actions-token-generator[bot]
8d836fb8b0
chore(deps): update tools to latest versions ( #4577 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-27 15:18:18 -05:00
Christopher Angelo Phillips
9a250a4b4b
fix: update mixed case dependencies in python to be normalized ( #4573 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2026-01-27 15:16:32 -05:00
anchore-actions-token-generator[bot]
e8b4527bfb
chore(deps): update anchore dependencies ( #4575 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-27 10:14:26 +00:00
anchore-actions-token-generator[bot]
d0bb042d74
chore(deps): update tools to latest versions ( #4570 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-26 12:25:31 -05:00
Keith Zantow
c65d023668
feat: detect Debian version from /etc/debian_version ( #4569 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2026-01-23 17:52:21 -05:00
Keith Zantow
836f358cd4
fix: correctly report supporting evidence for binary packages ( #4558 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2026-01-23 13:01:12 -05:00
dependabot[bot]
27b1219e98
chore(deps): bump the actions-minor-patch group across 2 directories with 3 updates ( #4568 )
...
Bumps the actions-minor-patch group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-go](https://github.com/actions/setup-go ) and [github/codeql-action](https://github.com/github/codeql-action ).
Bumps the actions-minor-patch group with 1 update in the /.github/actions/bootstrap directory: [actions/setup-go](https://github.com/actions/setup-go ).
Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45https://github.com/actions/setup-go/releases )
- [Commits](4dc6199c7b...7a3fe6cf4chttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5d4e8d1aca...cdefb33c0fhttps://github.com/actions/setup-go/releases )
- [Commits](4dc6199c7b...7a3fe6cf4c
2026-01-23 10:37:23 -05:00
dependabot[bot]
c0e0058c86
chore(deps): bump the go-minor-patch group with 6 updates ( #4567 )
...
Bumps the go-minor-patch group with 6 updates:
| Package | From | To |
| --- | --- | --- |
| [github.com/github/go-spdx/v2](https://github.com/github/go-spdx ) | `2.3.5` | `2.3.6` |
| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure ) | `2.4.0` | `2.5.0` |
| [golang.org/x/mod](https://github.com/golang/mod ) | `0.31.0` | `0.32.0` |
| [golang.org/x/net](https://github.com/golang/net ) | `0.48.0` | `0.49.0` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) | `1.43.0` | `1.44.1` |
| [golang.org/x/tools](https://github.com/golang/tools ) | `0.40.0` | `0.41.0` |
Updates `github.com/github/go-spdx/v2` from 2.3.5 to 2.3.6
- [Release notes](https://github.com/github/go-spdx/releases )
- [Commits](https://github.com/github/go-spdx/compare/v2.3.5...v2.3.6 )
Updates `github.com/go-viper/mapstructure/v2` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/go-viper/mapstructure/releases )
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md )
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.4.0...v2.5.0 )
Updates `golang.org/x/mod` from 0.31.0 to 0.32.0
- [Commits](https://github.com/golang/mod/compare/v0.31.0...v0.32.0 )
Updates `golang.org/x/net` from 0.48.0 to 0.49.0
- [Commits](https://github.com/golang/net/compare/v0.48.0...v0.49.0 )
Updates `modernc.org/sqlite` from 1.43.0 to 1.44.1
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.43.0...v1.44.1 )
Updates `golang.org/x/tools` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.40.0...v0.41.0 )
---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
dependency-version: 2.3.6
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/go-viper/mapstructure/v2
dependency-version: 2.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
dependency-version: 0.32.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
dependency-version: 0.49.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.44.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.41.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-23 10:37:10 -05:00
anchore-actions-token-generator[bot]
a9fabb6c0f
chore(deps): update tools to latest versions ( #4565 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-22 13:04:45 -05:00
dependabot[bot]
7954324417
chore(deps): bump github.com/spdx/tools-golang ( #4557 )
...
Bumps the go-minor-patch group with 1 update in the / directory: [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang ).
Updates `github.com/spdx/tools-golang` from 0.5.6 to 0.5.7
- [Release notes](https://github.com/spdx/tools-golang/releases )
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md )
- [Commits](https://github.com/spdx/tools-golang/compare/v0.5.6...v0.5.7 )
---
updated-dependencies:
- dependency-name: github.com/spdx/tools-golang
dependency-version: 0.5.7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-16 13:04:13 -05:00
Will Murphy
3e563d90d5
ci: enable zizmor to fail PRs ( #4556 )
...
* ci: enable zizmor to fail PRs
Enable zizmor (gh actions yaml linter) to fail builds in PRs. Fix any
outstanding linting errors found by this tool.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* fix outdated version comments
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-01-16 10:49:00 -05:00
Will Murphy
5987f46353
Chore new slack action ( #4553 )
...
* chore: new slack action
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* TEMP: exit 1 to test slack notify
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* new slack integration everywhere
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-01-16 11:26:40 +00:00
anchore-actions-token-generator[bot]
63927ab49f
chore(deps): update anchore dependencies ( #4552 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-15 21:33:35 +00:00
anchore-actions-token-generator[bot]
308b8030e7
chore(deps): update tools to latest versions ( #4551 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-15 07:30:10 -05:00
anchore-actions-token-generator[bot]
6d8a03b375
chore(deps): update tools to latest versions ( #4545 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-12 11:05:17 -05:00
anchore-actions-token-generator[bot]
55a190aed1
chore(deps): update tools to latest versions ( #4542 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-09 13:14:13 -05:00
dependabot[bot]
695bbcc4f9
chore(deps): bump the go-minor-patch group with 4 updates ( #4543 )
...
Bumps the go-minor-patch group with 4 updates: [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree ), [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ), [github.com/goccy/go-yaml](https://github.com/goccy/go-yaml ) and [github.com/gpustack/gguf-parser-go](https://github.com/gpustack/gguf-parser-go ).
Updates `github.com/vbatts/go-mtree` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/vbatts/go-mtree/releases )
- [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md )
- [Commits](https://github.com/vbatts/go-mtree/compare/v0.6.0...v0.7.0 )
Updates `modernc.org/sqlite` from 1.42.2 to 1.43.0
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.42.2...v1.43.0 )
Updates `github.com/goccy/go-yaml` from 1.19.1 to 1.19.2
- [Release notes](https://github.com/goccy/go-yaml/releases )
- [Changelog](https://github.com/goccy/go-yaml/blob/master/CHANGELOG.md )
- [Commits](https://github.com/goccy/go-yaml/compare/v1.19.1...v1.19.2 )
Updates `github.com/gpustack/gguf-parser-go` from 0.22.1 to 0.23.1
- [Release notes](https://github.com/gpustack/gguf-parser-go/releases )
- [Commits](https://github.com/gpustack/gguf-parser-go/compare/v0.22.1...v0.23.1 )
---
updated-dependencies:
- dependency-name: github.com/vbatts/go-mtree
dependency-version: 0.7.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/goccy/go-yaml
dependency-version: 1.19.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/gpustack/gguf-parser-go
dependency-version: 0.23.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-01-09 13:13:56 -05:00
dependabot[bot]
6d206910f0
chore(deps): bump anchore/sbom-action ( #4544 )
...
Bumps the actions-minor-patch group with 1 update in the / directory: [anchore/sbom-action](https://github.com/anchore/sbom-action ).
Updates `anchore/sbom-action` from 0.21.0 to 0.21.1
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](a930d0ac43...0b82b0b1a2
2026-01-09 13:13:44 -05:00
Rez Moss
2f3a504acf
Feat/catalog mongodb bin ( #4541 )
...
* fixed #4550 , catalog mongodb bin
Signed-off-by: Rez Moss <hi@rezmoss.com>
* fixed #4550 , catalog mongodb bin
Signed-off-by: Rez Moss <hi@rezmoss.com>
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
2026-01-08 12:18:51 -05:00
anchore-actions-token-generator[bot]
d24e843c45
chore(deps): update tools to latest versions ( #4537 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-01-08 11:56:50 -05:00
Will Murphy
83a4528fff
chore: sync generated file immediately ( #4538 )
...
A CI failure was observed where a generated file was only partly written
when the CI job immediately tried to read it. Put in an fs.Sync call to
eliminate this flakiness.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-01-08 09:01:17 -05:00
anchore-actions-token-generator[bot]
11e871566b
chore(deps): update anchore dependencies ( #4535 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-01-08 12:16:49 +00:00
promalert
cc1a7dfae8
chore: fix some comments to improve readability ( #4533 )
...
Signed-off-by: promalert <promalert@outlook.com>
2026-01-07 15:48:40 +00:00
Rez Moss
3a3a86eb01
fixed #4430 exclude dev pnpm pkg ( #4487 )
...
* fixed #4430 exclude dev pnpm pkg
Signed-off-by: Rez Moss <hi@rezmoss.com>
* use existing dev deps option
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fixed #4430 exclude dev pnpm pkg, add test
Signed-off-by: Rez Moss <hi@rezmoss.com>
* fixed #4430 exclude dev pnpm pkg, add test
Signed-off-by: Rez Moss <hi@rezmoss.com>
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-07 10:39:16 -05:00
witchcraze
6509b7079e
add istio classifier ( #4521 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-01-07 10:36:39 -05:00
Rez Moss
7f1d57d06f
feat: detect older bitnami img packages ( #4532 )
...
Signed-off-by: Rez Moss <hi@rezmoss.com>
2026-01-07 10:07:33 -05:00
Alex Goodman
ed339e4fed
fix: ensure java image build failures stop the build ( #4531 )
...
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-06 11:43:51 -05:00
dependabot[bot]
3ea6a03cd0
chore(deps): bump the go-minor-patch group with 3 updates ( #4524 )
...
* chore(deps): bump the go-minor-patch group with 3 updates
Bumps the go-minor-patch group with 3 updates: [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ), [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) and [github.com/invopop/jsonschema](https://github.com/invopop/jsonschema ).
Updates `github.com/BurntSushi/toml` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v1.5.0...v1.6.0 )
Updates `github.com/go-git/go-git/v5` from 5.16.3 to 5.16.4
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.16.3...v5.16.4 )
Updates `github.com/invopop/jsonschema` from 0.7.0 to 0.13.0
- [Commits](https://github.com/invopop/jsonschema/compare/v0.7.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-version: 1.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: github.com/go-git/go-git/v5
dependency-version: 5.16.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/invopop/jsonschema
dependency-version: 0.13.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* port breaking jsonschema lib changes
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* regenerate the existing json schema with new generation code
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-06 15:25:43 +00:00
witchcraze
81dd955871
add envoy binary classifier ( #4530 )
...
* add envoy classifier
Signed-off-by: witchcraze <witchcraze@gmail.com>
* add envoy classifier
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-01-06 08:45:01 -05:00
Alex Goodman
48948ddb8f
add container support for graalvm fixture ( #4528 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-05 14:18:12 -05:00
dependabot[bot]
63273b1b00
chore(deps): bump the actions-minor-patch group across 1 directory with 2 updates ( #4525 )
...
Bumps the actions-minor-patch group with 2 updates in the / directory: [docker/login-action](https://github.com/docker/login-action ) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action ).
Updates `docker/login-action` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](184bdaa072...5e57cd1181https://github.com/zizmorcore/zizmor-action/releases )
- [Commits](e673c3917a...e639db9933
2026-01-05 12:48:30 -05:00
dependabot[bot]
92e523caa6
chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 ( #4526 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](018cc2cf5b...37930b1c2a
2026-01-05 12:48:20 -05:00
dependabot[bot]
9b33b8a3d6
chore(deps): bump actions/upload-artifact from 4.4.3 to 6.0.0 ( #4527 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.4.3 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...b7c566a772
2026-01-05 12:48:13 -05:00
Alex Goodman
29a0b19a21
Group dependabot updates ( #4522 )
...
* group dependabot updates
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* use directories key
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-01-05 16:57:38 +00:00
Luis Miguel Santos
ea43506196
fix: corrects handling of UNC root paths in windows.
...
---------
Signed-off-by: Luis M. Santos <luis.santos2@nih.gov>
Co-authored-by: Luis M. Santos <luis.santos2@nih.gov>
2026-01-05 11:32:07 -05:00
