629 Commits

Author	SHA1	Message	Date
Alex Goodman	c7a653060d	port dotnet cataloger to new generic cataloger pattern (#1286) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 21:17:27 +00:00
Alex Goodman	fbdde6d4f4	port dart cataloger to new generic cataloger pattern (#1285) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 20:37:42 +00:00
Alex Goodman	eb8ebd9ffc	port conan cataloger to new generic cataloger pattern (#1284) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 20:11:20 +00:00
Alex Goodman	f36c0ca971	port apk cataloger to new generic cataloger pattern (#1283) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 13:51:09 -04:00
Alex Goodman	28cadfdb5d	replace signing tooling with quill (#1280) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 13:03:10 -04:00
Alex Goodman	b44f441c82	Upgrade generic cataloger (#1281) ... * add second generation of generic cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * upgrade aplm cataloger to use generic.Cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove pacakge found-by attribute from the definition of a package ID Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 11:12:12 -04:00
Alex Goodman	d8c659b65b	replace logger interface with anchore/go-logger (#1279) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-21 15:12:14 +00:00
Keith Zantow	78a0af2e2d	Add go binary h1 digest to SPDX (#1265)	2022-10-19 16:33:10 -04:00
Christopher Angelo Phillips	ec229b993c	fix: update syftjson ID to match major schema version (#1274)	2022-10-19 16:08:38 +00:00
Christopher Angelo Phillips	89575199b8	feat: add RelationshipsBySourceOwnership to syft json output (#1248)	2022-10-11 15:11:03 -04:00
Christopher Angelo Phillips	fa0b3c0438	fix: reset merged package into map; (#1258)	2022-10-11 18:35:46 +00:00
Alex Goodman	48f0a4680f	fix apkdb checksum representation (#1247) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-05 16:29:05 -04:00
Christopher Angelo Phillips	7d2fe9d95e	feat: add identifiable field to source object (#1243)	2022-10-05 14:01:40 -04:00
Keith Zantow	4d2f18218c	fix: Follow symlinks when searching for globs in all-layers scope (#1221)	2022-09-30 13:01:08 -04:00
Christopher Angelo Phillips	dd7c654ed0	update requires to use list; remove field (#1234)	2022-09-30 11:57:13 -04:00
Hiroaki KAWAI	b9b13d5525	Add Conan (C/C++) conan.lock file support (#1230) ... Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-09-29 18:45:59 +00:00
Keith Zantow	6a40dbf765	Do not fail if unable to parse .rpm file (#1232)	2022-09-28 11:26:06 -04:00
Keith Zantow	16c62a1378	fix: support exclude patterns on Windows (#1228)	2022-09-26 10:59:19 -04:00
Christopher Angelo Phillips	04d288b364	feat: catalog python files for installed-files.txt file metadata (#1217) ... Co-authored-by: houdini91 <mdstrauss91@gmail.com>	2022-09-19 20:08:02 +00:00
Keith Zantow	c2005fad8d	Stabilize SPDX JSON output sorting (#1216)	2022-09-19 15:31:00 -04:00
Christopher Angelo Phillips	b48316742f	refactor: replace ioutil=>io; update linter (#1211)	2022-09-16 17:58:16 +00:00
Keith Zantow	b20310eaf8	Add gosimports (#1205)	2022-09-14 13:38:18 -04:00
Chapman Pendery	9097614f3b	refactor: move formats from internal into syft module (#1172)	2022-09-13 11:20:52 -04:00
Alex Goodman	c5dca001e2	warn on errors from RPM DB parsing (#1200) ... Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-09-09 18:59:42 +00:00
Keith Zantow	70db13d49e	Add RPM file scanning support (#1188)	2022-09-07 14:16:30 -04:00
Scott Andrews	1c7b7c5f8a	Normalize syft-json output (#1194)	2022-09-07 10:56:49 -04:00
Christopher Angelo Phillips	586d3fe77f	Revert "External sources configuration (#1158)" (#1191) ... reverted as functionality is to be merged with dev branch of kubecon draft	2022-09-01 15:45:35 -04:00
Keith Zantow	a17ff7b555	Fix RPM DB license handling (#1184)	2022-08-30 14:38:12 -04:00
Christopher Angelo Phillips	615f933d98	Bug fix for 1095 - syft conversion option error (#1177) ... Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>	2022-08-25 17:36:15 -04:00
Keith Zantow	7d4f333ec4	enhance development support on macOS ARM (#1163)	2022-08-24 13:48:14 -04:00
Scott Andrews	5e93d1ea1e	Capture if a node module is private (#1161)	2022-08-24 17:07:56 +00:00
Keith Zantow	57c5413fe0	Find version numbers from jars with different naming conventions (#1174)	2022-08-24 12:56:53 -04:00
anchore-actions-token-generator[bot]	b0fc955e0c	Update syft bootstrap tools to latest versions. (#1171) ... * Update syft bootstrap tools to latest versions. Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com>	2022-08-23 20:36:59 +01:00
cpendery	c56d3b5eef	feat: add support for licenses in package-lock json v2 (#1164)	2022-08-22 11:23:44 -04:00
Marco Deicas	13296880cd	External sources configuration (#1158)	2022-08-22 11:22:18 -04:00
cpendery	e9221ae25d	feat: add support for pnpm (#1166)	2022-08-22 10:45:55 -04:00
Justin Chadwell	f3c3d3d98e	Prevent symlinks causing duplicate package-file relationships (#1168)	2022-08-22 10:29:00 -04:00
Keith Zantow	21eb772060	Associate node package licenses from node_modules (#1152)	2022-08-16 14:14:02 -04:00
Dan Nurmi	04387301ce	Add modularitylabel metadata to RPM type records generated by syft (#1148) ... * bump cosign to v1.10.1 (#1144) Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Add modularitylabel metadata to RPM type records generated by syft. Fixes #1145. Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update to address lint failures Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * Update syft/pkg/rpmdb_metadata.go Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Daniel Nurmi <nurmi@anchore.com> * update json schema to match camel case Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2022-08-08 11:52:32 +00:00
Tom Fay	621f0fe082	cataloger configuration is respected regardless of source (#1142)	2022-08-04 21:14:23 +00:00
Tom Fay	9896ff1b1f	add a cataloger for binaries built with rust-audit (#1116) ... * add a cataloger for binaries built with rust-audit Signed-off-by: Tom Fay <tomfay@microsoft.com>	2022-07-28 18:17:38 +00:00
cpendery	8235e8e581	fix: use generic instead of not generating purl (#1119)	2022-07-27 09:06:37 -04:00
cpendery	9b1adce19a	feat: implement haskell support (#1096)	2022-07-18 15:33:54 -04:00
cpendery	470b13045b	feat: add support for cocoapods (Swift/Objective-C) (#1081)	2022-07-11 10:09:08 -04:00
Rob Best	2f1aa33ce8	Fix package url for Go modules with no / (#1092)	2022-07-11 10:07:34 -04:00
Zac Medico	4c55c62834	Add portage support for Gentoo Linux (#1076) ... Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-06 16:18:54 -04:00
Christopher Angelo Phillips	47df66960f	update AltRpmDbGlob with comment and context (#1085)	2022-07-05 11:29:31 -04:00
cpendery	57323a1666	feat: add support for conan packages (C/C++) (#1083)	2022-07-05 10:49:24 -04:00
Jonas Xavier	6b28a46ebe	add golang main module and pseudo-version (#916) ... Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-07-01 13:01:57 -04:00
Dan Nurmi	3ae728ede1	fix: add glob to filter list to ensure rpm metadata files are matched… (#1079)	2022-06-30 19:50:24 -04:00