oss/syft - syft - Sa' Rocí Solutions

oss/syft

mirror of https://github.com/anchore/syft.git synced 2025-11-22 10:53:19 +01:00

Author	SHA1	Message	Date
Alex Goodman	e52aa3bc03	port haskell cataloger to new generic cataloger pattern (#1290 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-27 11:30:22 -04:00
Alex Goodman	6826d7603b	port golang cataloger to new generic cataloger pattern (#1289 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-25 16:42:50 +00:00
Alex Goodman	52cb7269bf	port deb/dpkg cataloger to new generic cataloger pattern (#1288 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-25 15:47:32 +00:00
Alex Goodman	bd5adbc9b3	update cataloger tests to use pkgtest utils (#1287 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-25 11:20:02 -04:00
Alex Goodman	c7a653060d	port dotnet cataloger to new generic cataloger pattern (#1286 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 21:17:27 +00:00
Alex Goodman	fbdde6d4f4	port dart cataloger to new generic cataloger pattern (#1285 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 20:37:42 +00:00
Alex Goodman	eb8ebd9ffc	port conan cataloger to new generic cataloger pattern (#1284 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 20:11:20 +00:00
Alex Goodman	f36c0ca971	port apk cataloger to new generic cataloger pattern (#1283 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 13:51:09 -04:00
Alex Goodman	b44f441c82	Upgrade generic cataloger (#1281 ) * add second generation of generic cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * upgrade aplm cataloger to use generic.Cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove pacakge found-by attribute from the definition of a package ID Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 11:12:12 -04:00
Alex Goodman	48f0a4680f	fix apkdb checksum representation (#1247 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-05 16:29:05 -04:00
Christopher Angelo Phillips	dd7c654ed0	update requires to use list; remove field (#1234 )	2022-09-30 11:57:13 -04:00
Hiroaki KAWAI	b9b13d5525	Add Conan (C/C++) conan.lock file support (#1230 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-09-29 18:45:59 +00:00
Keith Zantow	6a40dbf765	Do not fail if unable to parse `.rpm` file (#1232 )	2022-09-28 11:26:06 -04:00
Christopher Angelo Phillips	04d288b364	feat: catalog python files for installed-files.txt file metadata (#1217 ) Co-authored-by: houdini91 <mdstrauss91@gmail.com>	2022-09-19 20:08:02 +00:00
Christopher Angelo Phillips	b48316742f	refactor: replace ioutil=>io; update linter (#1211 )	2022-09-16 17:58:16 +00:00
Keith Zantow	b20310eaf8	Add gosimports (#1205 )	2022-09-14 13:38:18 -04:00
Alex Goodman	c5dca001e2	warn on errors from RPM DB parsing (#1200 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-09-09 18:59:42 +00:00
Keith Zantow	70db13d49e	Add RPM file scanning support (#1188 )	2022-09-07 14:16:30 -04:00
Christopher Angelo Phillips	586d3fe77f	Revert "External sources configuration (#1158 )" (#1191 ) reverted as functionality is to be merged with dev branch of kubecon draft	2022-09-01 15:45:35 -04:00
Keith Zantow	a17ff7b555	Fix RPM DB license handling (#1184 )	2022-08-30 14:38:12 -04:00
Christopher Angelo Phillips	615f933d98	Bug fix for 1095 - syft conversion option error (#1177 ) Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>	2022-08-25 17:36:15 -04:00
Keith Zantow	7d4f333ec4	enhance development support on macOS ARM (#1163 )	2022-08-24 13:48:14 -04:00
Scott Andrews	5e93d1ea1e	Capture if a node module is private (#1161 )	2022-08-24 17:07:56 +00:00
Keith Zantow	57c5413fe0	Find version numbers from jars with different naming conventions (#1174 )	2022-08-24 12:56:53 -04:00
anchore-actions-token-generator[bot]	b0fc955e0c	Update syft bootstrap tools to latest versions. (#1171 ) * Update syft bootstrap tools to latest versions. Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com>	2022-08-23 20:36:59 +01:00
cpendery	c56d3b5eef	feat: add support for licenses in package-lock json v2 (#1164 )	2022-08-22 11:23:44 -04:00
Marco Deicas	13296880cd	External sources configuration (#1158 )	2022-08-22 11:22:18 -04:00
cpendery	e9221ae25d	feat: add support for pnpm (#1166 )	2022-08-22 10:45:55 -04:00
Justin Chadwell	f3c3d3d98e	Prevent symlinks causing duplicate package-file relationships (#1168 )	2022-08-22 10:29:00 -04:00
Keith Zantow	21eb772060	Associate node package licenses from node_modules (#1152 )	2022-08-16 14:14:02 -04:00
Dan Nurmi	04387301ce	Add modularitylabel metadata to RPM type records generated by syft (#1148 ) * bump cosign to v1.10.1 (#1144) Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145. Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update to address lint failures Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Update syft/pkg/rpmdb_metadata.go Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update json schema to match camel case Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-08 11:52:32 +00:00
Tom Fay	621f0fe082	cataloger configuration is respected regardless of source (#1142 )	2022-08-04 21:14:23 +00:00
Tom Fay	9896ff1b1f	add a cataloger for binaries built with rust-audit (#1116 ) * add a cataloger for binaries built with rust-audit Signed-off-by: Tom Fay <tomfay@microsoft.com>	2022-07-28 18:17:38 +00:00
cpendery	9b1adce19a	feat: implement haskell support (#1096 )	2022-07-18 15:33:54 -04:00
cpendery	470b13045b	feat: add support for cocoapods (Swift/Objective-C) (#1081 )	2022-07-11 10:09:08 -04:00
Zac Medico	4c55c62834	Add portage support for Gentoo Linux (#1076 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-06 16:18:54 -04:00
cpendery	57323a1666	feat: add support for conan packages (C/C++) (#1083 )	2022-07-05 10:49:24 -04:00
Jonas Xavier	6b28a46ebe	add golang main module and pseudo-version (#916 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-01 13:01:57 -04:00
cpendery	bc054e4724	fix: purl generation for pom.xml (#1078 )	2022-06-30 10:31:36 -04:00
cpendery	73262c7258	fix: add php catalogers to all catalogers (#1065 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-06-27 14:53:10 +00:00
cpendery	2b8e15b638	feat: add use-all-catalogers flag (#1050 )	2022-06-27 10:24:45 -04:00
Miki	d5e12ff89c	Updates parsing of `yarn.lock` to use `resolved` URLs that are pulled from yarn and npm registries (#926 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-06-24 11:05:25 -04:00
Jonas Xavier	1d14f22e45	add pom.xml cataloger (#1055 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-06-22 14:19:10 -04:00
Tom Fay	3f6afd572a	Add support for CBL-Mariner distroless images (#1045 )	2022-06-21 13:27:03 -04:00
Alex Goodman	ea611dab5f	Add catalogers configuration (#1038 ) * Option to enable specific language or ecosystem cataloger Signed-off-by: ramanan-ravi <ramanan@deepfence.io> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * Disable dotnet cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * Option to enable specific language or ecosystem cataloger Signed-off-by: Ramanan Ravikumar <ramanan@deepfence.io> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename "enable-cataloger" option to "catalogers" Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add cli test for --catalogers option Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update readme with latest cataloger names Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * enable dotnet cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix linting Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix cataloger imports Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update readme with alpmdb cataloger config example Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: ramanan-ravi <ramanan@deepfence.io>	2022-06-21 13:06:25 +00:00
Morten Linderud	e72d68b0c6	Add pacman (alpm) parser support (#943 ) Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-06-13 18:51:37 +00:00
Ryan Moran	5e2ab0874d	Read Description from dpkg status files (#996 )	2022-06-06 16:59:35 -04:00
Jonas Xavier	0aea55f880	add main module field to go bin metadata (#1026 ) * add main module field to go bin metadata Signed-off-by: Jonas Xavier <jonasx@anchore.com> * udpate json ouput schema to 3.2.4 Signed-off-by: Jonas Xavier <jonasx@anchore.com> * clean up fixture Signed-off-by: Jonas Xavier <jonasx@anchore.com>	2022-06-03 23:12:09 +00:00
Jonas Xavier	caff67289a	Add filters to package cataloger (#1021 ) * Add filters to package cataloger This PR adds filters so a package without name or version doesn't go in the list of all discovered packages. Integration and cli tests were added to validate the feature. Signed-off-by: Jonas Xavier <jonasx@anchore.com> * add nolint:funlen to cataloger/catalog.go Signed-off-by: Jonas Xavier <jonasx@anchore.com> * don't require package version Signed-off-by: Jonas Xavier <jonasx@anchore.com> * add package filtering to generic and python cataloger also removes cli tests in favor of integration and unit tests Signed-off-by: Jonas Xavier <jonasx@anchore.com> * drop nolint:funlen Signed-off-by: Jonas Xavier <jonasx@anchore.com> * check for no-removal operation Signed-off-by: Jonas Xavier <jonasx@anchore.com> * remove unused fixtures Signed-off-by: Jonas Xavier <jonasx@anchore.com> * rename no-version file to hide semantic version Signed-off-by: Jonas Xavier <jonasx@anchore.com> * drop integration tests and add pkg func for validation Signed-off-by: Jonas Xavier <jonasx@anchore.com> * python cataloger use global pkg validation Signed-off-by: Jonas Xavier <jonasx@anchore.com> * check for valid packages on deb/go/rpm catalogers Signed-off-by: Jonas Xavier <jonasx@anchore.com> * update rpm cataloger after rebase Signed-off-by: Jonas Xavier <jonasx@anchore.com> * nit with pointers Signed-off-by: Jonas Xavier <jonasx@anchore.com> * simpler use of package validation Signed-off-by: Jonas Xavier <jonasx@anchore.com> * remmove double pkg validations Signed-off-by: Jonas Xavier <jonasx@anchore.com> * rename func param to artifactsToExclude Signed-off-by: Jonas Xavier <jonasx@anchore.com> * add test for relationships and bug fix Signed-off-by: Jonas Xavier <jonasx@anchore.com> * feedback changes Signed-off-by: Jonas Xavier <jonasx@anchore.com>	2022-06-03 13:17:43 -04:00
Tom Fay	3db3efacdc	Support RPM distros with newer RPM db formats (#1018 ) * Support RPM distros with newer db formats Recent RPM distros (Fedora 33+, CBL-Mariner 2.0+, amazonlinux 2022+) use an sqlite package database in /var/lib/rpm/rpmdb.sqlite, or "ndb" format (SUSE). Remove anchore's fork in favour of the upstream, https://github.com/knqyf263/go-rpmdb, to gain support for these formats. Signed-off-by: Tom Fay <tomfay@microsoft.com> * add exception for modernc.org repos Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * shorten rpmdb helper function Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-05-31 17:25:22 -04:00

... 5 6 7 8 9 ...

454 Commits