anchore-oss-update-bot
5b58ec96b7
chore(deps): update Go version ( #4773 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-15 10:01:39 -04:00
Will Murphy
26e87c7cd3
fix format string in search results ( #4775 )
...
Passing '%q' to format strings for integer types is a go vet error in
recent go versions, and likely a bug.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-14 12:59:44 -04:00
Rez Moss
722e3f267b
added deno bin classifiers ( #4677 )
...
Signed-off-by: Rez Moss <hi@rezmoss.com>
2026-04-14 11:33:26 -04:00
nadimz
c09f42e024
feat: support zImage and bzImage in linux-kernel-cataloger ( #4751 )
...
Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com>
2026-04-14 10:02:20 -04:00
Alex Goodman
19b4f41270
pin wolfi cache version ( #4774 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-14 09:15:24 -04:00
nadimz
bcc1f15ceb
feat: OpenLDAP binary classifier ( #4755 )
...
Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com>
2026-04-13 16:27:48 -04:00
dependabot[bot]
ce2c56bf06
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 ( #4750 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) from 1.96.0 to 1.97.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.96.0...service/s3/v1.97.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-version: 1.97.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 15:47:17 -04:00
dependabot[bot]
532fbafe36
chore(deps): bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 ( #4752 )
...
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go ) from 1.40.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
dependency-version: 1.43.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 15:22:53 -04:00
dependabot[bot]
8835af66b0
chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 ( #4737 )
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 14:58:53 -04:00
dependabot[bot]
f4290cb876
chore(deps): bump the actions-minor-patch group across 2 directories with 7 updates ( #4763 )
...
Bumps the actions-minor-patch group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [docker/login-action](https://github.com/docker/login-action ) | `4.0.0` | `4.1.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.23.0` | `0.24.0` |
| [runs-on/action](https://github.com/runs-on/action ) | `2.0.3` | `2.1.0` |
| [actions/download-artifact](https://github.com/actions/download-artifact ) | `8.0.0` | `8.0.1` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) | `4.0.0` | `4.1.1` |
Bumps the actions-minor-patch group with 2 updates in the /.github/actions/bootstrap directory: [actions/setup-go](https://github.com/actions/setup-go ) and [actions/cache](https://github.com/actions/cache ).
Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](b45d80f862...4907a6ddechttps://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](17ae174017...e22c389904https://github.com/runs-on/action/releases )
- [Commits](cd2b598b05...742bf56072https://github.com/actions/download-artifact/releases )
- [Commits](70fc10c6e5...3e5f45b2cfhttps://github.com/sigstore/cosign-installer/releases )
- [Commits](faadad0cce...cad07c2e89https://github.com/actions/setup-go/releases )
- [Commits](4b73464bb3...4a3601121dhttps://github.com/actions/setup-go/releases )
- [Commits](4b73464bb3...4a3601121dhttps://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](cdf6c1fa76...668228422a
2026-04-13 11:39:21 -04:00
dependabot[bot]
990cc3c599
chore(deps): bump github.com/hashicorp/go-getter from 1.8.5 to 1.8.6 ( #4764 )
...
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.5...v1.8.6 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.6
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 11:39:08 -04:00
witchcraze
03d6399b0c
fix: update erlang classifier ( #4766 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-04-13 11:31:19 -04:00
anchore-oss-update-bot
1e08f703d0
chore(deps): update CPE dictionary index ( #4767 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-13 11:28:50 -04:00
witchcraze
e420322494
fix: more istio classifier matching ( #4645 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-04-12 10:54:08 -04:00
Benjamin Grandfond
cc3b8eb48f
fix(json): use value alias in Document.UnmarshalJSON to prevent infinite recursion with encoding/json/v2 ( #4748 )
...
The pattern 'type Alias *Document' does not strip methods under
encoding/json/v2 (GOEXPERIMENT=jsonv2), causing UnmarshalJSON to call
itself infinitely until the goroutine stack overflows (1GB limit).
Change to 'type Alias Document' with (*Alias)(d) cast — the standard
Go pattern that works correctly with both encoding/json v1 and v2.
Adds a regression test that uses debug.SetMaxStack to shrink the
goroutine stack limit to 8MB, making the overflow happen in milliseconds
rather than minutes if the recursion is reintroduced.
Ref: https://github.com/golang/go/issues/75361
Signed-off-by: Benjamin Grandfond <benjamin.grandfond@docker.com>
2026-04-10 13:36:07 -04:00
Alex Goodman
d0ee9098cf
bump version ( #4756 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-09 21:11:47 +00:00
Alex Goodman
344d1f47a1
support single arch images without manifests when checking platform ( #4753 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-09 15:54:41 +00:00
anchore-oss-update-bot
f618917527
chore(deps): update CPE dictionary index ( #4745 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-08 13:06:28 -04:00
Will Murphy
99158be0ba
chore: move test fixtures to oss-cache repo ( #4733 )
...
* chore: move test fixtures to oss-cache repo
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* pr feedback: sort vars in taskfile
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 20:50:43 +00:00
Alex Goodman
2089d086fe
chore: update zizmor workflow triggers ( #4732 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 14:56:46 -04:00
Alex Goodman
b0dc65a4fb
improve automation ( #4730 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 12:44:54 -04:00
Alex Goodman
611a24fcae
(chore): removing automations ( #4727 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-01 14:27:29 -04:00
anchore-oss-update-bot
da601363ed
chore(deps): update CPE dictionary index ( #4726 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-01 10:24:27 -04:00
Will Murphy
0d748ec700
chore: cpe index update job needs tools ( #4725 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-01 09:35:17 -04:00
Will Murphy
d60e43f822
chore: move CPE cache to oss-cache repo ( #4723 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-01 06:57:47 -04:00
anchore-actions-token-generator[bot]
2884cc77fc
chore(deps): update CPE dictionary index ( #4715 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-31 14:28:15 -04:00
anchore-oss-update-bot
c11a79ef19
chore(deps): update tool versions ( #4706 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-03-31 14:06:07 -04:00
Josh Bressers
90198da04d
Add a trust boundary section ( #4716 )
...
Signed-off-by: Josh Bressers <josh@bress.net>
2026-03-30 11:29:37 -05:00
dependabot[bot]
d71b747cd1
chore(deps): bump slackapi/slack-github-action from 2.1.1 to 3.0.1 ( #4684 )
...
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action ) from 2.1.1 to 3.0.1.
- [Release notes](https://github.com/slackapi/slack-github-action/releases )
- [Commits](91efab103c...af78098f53
2026-03-26 11:12:33 -04:00
dependabot[bot]
58a8a95e26
chore(deps): bump marocchino/sticky-pull-request-comment ( #4685 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.4 to 3.0.2.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](773744901b...70d2764d1a
2026-03-25 19:27:59 -04:00
dependabot[bot]
78a21b9c88
chore(deps): bump the go-minor-patch group with 2 updates ( #4697 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ).
Updates `github.com/gkampitakis/go-snaps` from 0.5.20 to 0.5.21
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.20...v0.5.21 )
Updates `modernc.org/sqlite` from 1.46.1 to 1.46.2
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.46.1...v1.46.2 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-version: 0.5.21
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.46.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-25 19:27:50 -04:00
dependabot[bot]
7d3882a425
chore(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0 ( #4699 )
...
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token ) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Commits](29824e69f5...f8d387b68d
2026-03-25 19:27:31 -04:00
anchore-actions-token-generator[bot]
673c85754c
chore(deps): update CPE dictionary index ( #4689 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-25 08:38:49 -04:00
Will Murphy
c5114fd745
chore(deps): ignore some dependabot deps ( #4696 )
...
Prevent some packages from being updated.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-24 08:12:50 -04:00
Weston Steimel
f68a7cc899
ci: further pr target code checkout assurances ( #4695 )
...
Signed-off-by: Weston Steimel <author@code.w.steimel.me.uk>
2026-03-24 07:16:16 -04:00
witchcraze
7800b16529
fix: update arangodb classifier and capture-snippet.sh ( #4662 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-03-23 16:29:39 -04:00
Keith Zantow
834ddcb1c0
fix: golang version file regex ( #4694 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2026-03-23 15:56:29 -04:00
Weston Steimel
f5d318d934
ci: add explicit ref to main and warning for pull_request_target workflow ( #4693 )
...
Signed-off-by: Weston Steimel <author@code.w.steimel.me.uk>
2026-03-23 16:45:18 +00:00
anchore-actions-token-generator[bot]
8531e1917b
chore(deps): update tools to latest versions ( #4690 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-03-23 12:01:27 -04:00
anchore-actions-token-generator[bot]
860126c650
chore(deps): update anchore dependencies ( #4681 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-03-19 16:44:55 +00:00
Will Murphy
36639f136b
chore(deps): bump github.com/buger/jsonsparser to v1.1.2 ( #4680 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-19 15:08:18 +00:00
dependabot[bot]
f32238c268
chore(deps): bump the go-minor-patch group with 2 updates ( #4678 )
...
Bumps the go-minor-patch group with 2 updates: [golang.org/x/net](https://github.com/golang/net ) and [golang.org/x/tools](https://github.com/golang/tools ).
Updates `golang.org/x/net` from 0.51.0 to 0.52.0
- [Commits](https://github.com/golang/net/compare/v0.51.0...v0.52.0 )
Updates `golang.org/x/tools` from 0.42.0 to 0.43.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.42.0...v0.43.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.52.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-19 10:25:19 -04:00
dependabot[bot]
0c8eef65f0
chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 ( #4675 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.79.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:55:30 -04:00
dependabot[bot]
4d42f8af32
chore(deps): bump the go-minor-patch group with 2 updates ( #4674 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) and [golang.org/x/mod](https://github.com/golang/mod ).
Updates `github.com/hashicorp/go-getter` from 1.8.4 to 1.8.5
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.4...v1.8.5 )
Updates `golang.org/x/mod` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
dependency-version: 0.34.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:13:35 -04:00
Will Murphy
e38851143e
chore: centralize temp files and prefer streaming IO ( #4668 )
...
* chore: centralize temp files and prefer streaming IO
Catalogers that create temp files ad-hoc can easily forget cleanup,
leaking files on disk. Similarly, io.ReadAll is convenient but risks
OOM on large or malicious inputs.
Introduce internal/tmpdir to manage all cataloger temp storage under
a single root directory with automatic cleanup. Prefer streaming
parsers (bufio.Scanner, json/yaml.NewDecoder, io.LimitReader) over
buffering entire inputs into memory. Add ruleguard rules to enforce
both practices going forward.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: go back to old release parsing
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify to limit reader in version check
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: regex change postponed
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify supplement release to limitreader
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-18 10:53:51 -04:00
anchore-actions-token-generator[bot]
a3dacf5ecd
chore(deps): update tools to latest versions ( #4663 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-03-16 11:26:06 -04:00
dependabot[bot]
cccc9bf7f9
chore(deps): bump the go-minor-patch group with 3 updates ( #4669 )
...
Bumps the go-minor-patch group with 3 updates: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ), [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) and [golang.org/x/time](https://github.com/golang/time ).
Updates `github.com/google/go-containerregistry` from 0.21.1 to 0.21.2
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.21.1...v0.21.2 )
Updates `github.com/olekukonko/tablewriter` from 1.1.3 to 1.1.4
- [Release notes](https://github.com/olekukonko/tablewriter/releases )
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.3...v1.1.4 )
Updates `golang.org/x/time` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/time/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-version: 0.21.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/time
dependency-version: 0.15.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 11:25:41 -04:00
dependabot[bot]
59f7725d0d
chore(deps): bump github/codeql-action ( #4670 )
...
Bumps the actions-minor-patch group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 4.32.3 to 4.32.6
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e907b5e64...0d579ffd05
2026-03-16 11:25:27 -04:00
dependabot[bot]
7a6b1575ae
chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 ( #4671 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](c94ce9fb46...b45d80f862
2026-03-16 11:25:16 -04:00
anchore-actions-token-generator[bot]
92a6b36e89
chore(deps): update CPE dictionary index ( #4673 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-16 11:25:05 -04:00
