dependabot[bot]
a5ef8167a1
chore(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to 2.23.0 ( #3605 )
...
Bumps [github.com/hashicorp/hcl/v2](https://github.com/hashicorp/hcl ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/hashicorp/hcl/releases )
- [Changelog](https://github.com/hashicorp/hcl/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/hcl/compare/v2.22.0...v2.23.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/hcl/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-22 10:47:47 -05:00
dependabot[bot]
07f0658843
chore(deps): bump github.com/aquasecurity/go-pep440-version ( #3606 )
...
Bumps [github.com/aquasecurity/go-pep440-version](https://github.com/aquasecurity/go-pep440-version ) from 0.0.0-20210121094942-22b2f8951d46 to 0.0.1.
- [Release notes](https://github.com/aquasecurity/go-pep440-version/releases )
- [Commits](https://github.com/aquasecurity/go-pep440-version/commits/v0.0.1 )
---
updated-dependencies:
- dependency-name: github.com/aquasecurity/go-pep440-version
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-22 10:47:38 -05:00
Christopher Angelo Phillips
7f5dbf9872
chore: bump stereoscope to v0.0.13 ( #3601 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-01-21 15:50:42 -05:00
Thomas Gosteli
c10e904c28
feat(cataloger): add a terraform provider cataloger ( #3378 )
...
* feat(cataloger): add a terraform provider cataloger
* chore: bump schema from 16.0.19 -> 16.0.20
------
Signed-off-by: Thomas Gosteli <thomas.gosteli@protonmail.ch>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-01-21 14:44:54 -05:00
anchore-actions-token-generator[bot]
1906c179d0
chore(deps): update tools to latest versions ( #3597 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-01-21 11:44:27 -05:00
anchore-actions-token-generator[bot]
4edfa4d138
chore(deps): update CPE dictionary index ( #3599 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-01-21 11:43:59 -05:00
dependabot[bot]
a6557d7cec
chore(deps): bump actions/setup-go from 5.2.0 to 5.3.0 ( #3600 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](3041bf56c9...f111f3307d
2025-01-21 11:41:53 -05:00
Dominik Schmidt
19a75fe504
feat(golang): add license parsing from vendor dirs ( #3522 )
...
Signed-off-by: Dominik Schmidt <dev@dominik-schmidt.de>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Co-authored-by: Keith Zantow <kzantow@gmail.com>
2025-01-17 20:25:05 -05:00
Christopher Angelo Phillips
8198a706d6
chore: bump packageurl-go with new parsing rules ( #3596 )
...
* chore: bump packageurl-go with new parsing rules
* test: update expectedPURL in unit tests to match new % encoding
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-01-17 16:20:14 -05:00
dependabot[bot]
254a915592
chore(deps): bump marocchino/sticky-pull-request-comment ( #3595 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](331f8f5b42...52423e0164
2025-01-17 13:57:21 -05:00
Bert Coppens
512319337f
feat: add cataloger for NuGet packages ( #3484 )
...
* add cataloger for dotnet packages.lock.json files
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* add entry for dotnet packages.lock files
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* add unit test for dotnet packages.lock cataloger
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* add test for faulty packages.lock.json file
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* add missing name metadata
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* ensure package appears with version
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* add example of conflicting dependencies
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
* fix linting
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump json schema and fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* move section
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Kemosabert <bert.coppens14@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-01-16 14:57:17 -05:00
GGMU
6b2d73d4b7
allow disabling all package catalogers ( #3468 )
...
Signed-off-by: tomersein <tomersein@gmail.com>
2025-01-16 13:03:54 -05:00
dependabot[bot]
c359c76934
chore(deps): bump github.com/google/go-containerregistry ( #3592 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.20.2 to 0.20.3.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.2...v0.20.3 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-16 12:19:26 -05:00
dependabot[bot]
06a22dd4dc
chore(deps): bump modernc.org/sqlite from 1.34.4 to 1.34.5 ( #3593 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.34.4 to 1.34.5.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.34.4...v1.34.5 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-16 12:19:19 -05:00
anchore-actions-token-generator[bot]
63a026eb8f
chore(deps): update tools to latest versions ( #3582 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-01-15 17:13:17 -05:00
Alex Mason
436b36916d
chore: update README.md's link to Nixpkgs ( #3578 )
...
Nixpkgs changed the location of packages to ease organisation, this should be the correct link.
Signed-off-by: Alex Mason <github@me.axman6.com>
2025-01-15 17:56:11 +00:00
dependabot[bot]
453b187ca1
chore(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.6 ( #3579 )
...
Bumps [github.com/sanity-io/litter](https://github.com/sanity-io/litter ) from 1.5.5 to 1.5.6.
- [Changelog](https://github.com/sanity-io/litter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sanity-io/litter/compare/v1.5.5...v1.5.6 )
---
updated-dependencies:
- dependency-name: github.com/sanity-io/litter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-15 12:42:13 -05:00
dependabot[bot]
86ad570f8d
chore(deps): bump github.com/spf13/afero from 1.11.0 to 1.12.0 ( #3580 )
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/spf13/afero/releases )
- [Commits](https://github.com/spf13/afero/compare/v1.11.0...v1.12.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/afero
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-15 12:41:59 -05:00
dependabot[bot]
2f08d60ba3
chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 ( #3581 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](6f51ac03b9...65c4c4a1dd
2025-01-15 12:41:07 -05:00
anchore-actions-token-generator[bot]
da62caee3d
chore(deps): update CPE dictionary index ( #3583 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-01-15 12:11:46 -05:00
dependabot[bot]
2220d708a5
chore(deps): bump github/codeql-action from 3.28.0 to 3.28.1 ( #3584 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](48ab28a6f5...b6a472f63d
2025-01-15 12:05:19 -05:00
dependabot[bot]
1a9af0db96
chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 ( #3585 )
...
Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy ) from 5.6.1 to 5.6.2.
- [Release notes](https://github.com/go-git/go-billy/releases )
- [Commits](https://github.com/go-git/go-billy/compare/v5.6.1...v5.6.2 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-billy/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 10:57:33 -05:00
dependabot[bot]
b79f9330fc
chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.7.1 to 4.8.0 ( #3586 )
...
Bumps [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar ) from 4.7.1 to 4.8.0.
- [Release notes](https://github.com/bmatcuk/doublestar/releases )
- [Commits](https://github.com/bmatcuk/doublestar/compare/v4.7.1...v4.8.0 )
---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar/v4
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 10:55:48 -05:00
dependabot[bot]
fbfad5ef35
chore(deps): bump github.com/docker/docker ( #3587 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 27.4.1+incompatible to 27.5.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v27.4.1...v27.5.0 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-14 10:55:38 -05:00
anchore-actions-token-generator[bot]
b4e7b64d5c
chore(deps): update anchore dependencies ( #3571 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-01-08 17:51:48 +00:00
anchore-actions-token-generator[bot]
b3fc7b3b0a
chore(deps): update tools to latest versions ( #3567 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-01-07 11:30:26 -05:00
dependabot[bot]
df36303df0
chore(deps): bump golang.org/x/net from 0.33.0 to 0.34.0 ( #3568 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.33.0 to 0.34.0.
- [Commits](https://github.com/golang/net/compare/v0.33.0...v0.34.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-07 11:29:58 -05:00
Keith Zantow
a2a56dd3e9
fix: golang remote license search not executing when error reading local mod dir ( #3549 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2025-01-06 11:47:55 -05:00
anchore-actions-token-generator[bot]
2a8c8ac832
chore(deps): update tools to latest versions ( #3564 )
2025-01-06 11:15:36 -05:00
anchore-actions-token-generator[bot]
dc01c5d052
chore(deps): update CPE dictionary index ( #3565 )
2025-01-06 11:15:13 -05:00
dependabot[bot]
a95244aace
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.7 to 0.5.8 ( #3548 )
...
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.7...v0.5.8 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-03 15:23:57 +00:00
anchore-actions-token-generator[bot]
5c429ae834
chore(deps): update tools to latest versions ( #3560 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-01-03 10:12:02 -05:00
dependabot[bot]
463a8f3661
chore(deps): bump github.com/go-git/go-git/v5 from 5.13.0 to 5.13.1 ( #3561 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.13.0 to 5.13.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.13.0...v5.13.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-03 10:11:30 -05:00
Alex Goodman
cbce129bb9
Use reader when scanning for package versions over reading entire binary into memory ( #3558 )
...
* use streaming readers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* replace redis search patterns
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-01-02 22:12:37 +00:00
dependabot[bot]
470c2ff04c
chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 ( #3551 )
...
Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy ) from 5.6.0 to 5.6.1.
- [Release notes](https://github.com/go-git/go-billy/releases )
- [Commits](https://github.com/go-git/go-billy/compare/v5.6.0...v5.6.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-billy/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 21:52:01 +00:00
anchore-actions-token-generator[bot]
1f4a48c3c1
chore(deps): update tools to latest versions ( #3556 )
...
* chore(deps): update tools to latest versions
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* chore: update build scripts with new architecture suffix
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
* chore: update suffix for new ppc64 arch
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
* chore(deps): update tools to latest versions
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* chore: lintfix
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-01-02 16:18:47 -05:00
Christopher Angelo Phillips
f9ffe7252e
test: removes latest license list test ( #3559 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-01-02 20:56:44 +00:00
dependabot[bot]
286182a66f
chore(deps): bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 ( #3547 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5e914681df...67ccf781d6
2025-01-02 12:26:49 -05:00
anchore-actions-token-generator[bot]
5c47568362
chore(deps): update CPE dictionary index ( #3550 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-01-02 09:25:13 -05:00
dependabot[bot]
52d904363c
chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 ( #3552 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.12.0 to 5.13.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.12.0...v5.13.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 09:24:40 -05:00
anchore-actions-token-generator[bot]
25792160fb
chore(deps): update tools to latest versions ( #3543 )
...
* chore(deps): update tools to latest versions
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-12-23 11:32:17 -05:00
anchore-actions-token-generator[bot]
453c429c5c
chore(deps): update CPE dictionary index ( #3544 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-12-23 09:37:58 -05:00
dependabot[bot]
13e32d3a49
chore(deps): bump modernc.org/sqlite from 1.34.3 to 1.34.4 ( #3545 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.34.3 to 1.34.4.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.34.3...v1.34.4 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-23 09:36:57 -05:00
dependabot[bot]
03dbd38d88
chore(deps): bump github/codeql-action from 3.27.9 to 3.28.0 ( #3546 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.9 to 3.28.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df409f7d92...48ab28a6f5
2024-12-23 09:36:46 -05:00
dependabot[bot]
a185acdc43
chore(deps): bump golang.org/x/net from 0.32.0 to 0.33.0 ( #3541 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.32.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.32.0...v0.33.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-19 11:15:20 -05:00
dependabot[bot]
4822950b06
chore(deps): bump modernc.org/sqlite from 1.34.2 to 1.34.3 ( #3542 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.34.2 to 1.34.3.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.34.2...v1.34.3 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-19 11:15:10 -05:00
dependabot[bot]
2c10b602f0
chore(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 ( #3537 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.4.3 to 4.5.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...6f51ac03b9
2024-12-18 13:34:38 -05:00
dependabot[bot]
5120651285
chore(deps): bump github.com/docker/docker ( #3538 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 27.4.0+incompatible to 27.4.1+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v27.4.0...v27.4.1 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-18 13:34:24 -05:00
anchore-actions-token-generator[bot]
397eb9c10a
chore(deps): update CPE dictionary index ( #3526 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-12-16 10:37:35 -05:00
dependabot[bot]
adfb6656fd
chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.1 to 0.9.2 ( #3530 )
...
Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go ) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases )
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml )
- [Commits](https://github.com/CycloneDX/cyclonedx-go/compare/v0.9.1...v0.9.2 )
---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-16 10:37:19 -05:00
