dependabot[bot]
d70eb3d04b
chore(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 ( #2795 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...1746f4ab65
2024-04-19 15:06:32 -04:00
dependabot[bot]
f6845474bd
chore(deps): bump github/codeql-action from 3.25.0 to 3.25.1 ( #2786 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.0 to 3.25.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df5a14dc28...c7f9125735
2024-04-17 10:46:34 -04:00
dependabot[bot]
e1cadead1d
chore(deps): bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 ( #2787 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](c55203cfde...9153d834b6
2024-04-17 10:46:24 -04:00
dependabot[bot]
dc7fa21980
chore(deps): bump github/codeql-action from 3.24.10 to 3.25.0 ( #2779 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4355270be1...df5a14dc28
2024-04-15 10:00:54 -04:00
dependabot[bot]
081ec04b3f
chore(deps): bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 ( #2774 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](70a41aba78...c55203cfde
2024-04-12 15:31:36 -04:00
dependabot[bot]
c31696f131
chore(deps): bump github/codeql-action from 3.24.9 to 3.24.10 ( #2756 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
2024-04-08 12:19:20 -04:00
dependabot[bot]
5a865d0d90
chore(deps): bump anchore/sbom-action from 0.15.9 to 0.15.10 ( #2737 )
2024-03-27 17:52:22 +00:00
dependabot[bot]
55fff0f4a1
chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 ( #2732 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](05963f47d8...1b1aada464
2024-03-26 11:50:31 -04:00
Hung Nguyen
059cfd6730
update release token from readonly to write token ( #2735 )
...
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-26 09:06:55 -04:00
Alex Goodman
0d5ebed74a
dont include labels for dependabot ecosystems ( #2720 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-21 12:16:01 -04:00
dependabot[bot]
8f7305ef78
chore(deps): bump fountainhead/action-wait-for-check from 1.1.0 to 1.2.0 ( #2717 )
...
Bumps [fountainhead/action-wait-for-check](https://github.com/fountainhead/action-wait-for-check ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/fountainhead/action-wait-for-check/releases )
- [Commits](297be350cf...5a908a2481
2024-03-21 12:15:30 -04:00
dependabot[bot]
df547020ef
chore(deps): bump github/codeql-action from 3.24.7 to 3.24.8 ( #2725 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.7 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ab4101902...05963f47d8
2024-03-21 12:14:51 -04:00
dependabot[bot]
37094c9751
chore(deps): bump actions/cache from 4.0.1 to 4.0.2 ( #2728 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](ab5e6d0c87...0c45773b62
2024-03-21 12:14:43 -04:00
Hung Nguyen
3ac1cd7a9f
updating credentials to scoped permissions ( #2722 )
...
* updating credentials to scoped permissions
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
---------
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-20 17:35:07 -04:00
dependabot[bot]
1c8d29d577
chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 ( #2714 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fb
2024-03-14 11:16:16 -04:00
dependabot[bot]
2051a62ded
chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 ( #2711 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...3ab4101902
2024-03-14 09:58:42 -04:00
dependabot[bot]
5534c38d0f
chore(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 ( #2712 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](a4f52f8033...70a41aba78
2024-03-13 13:47:47 -04:00
Alex Goodman
47fc909700
Show binary exports, entrypoint, and imports ( #2626 )
...
show binary exports, entrypoint, and imports for macho, elf, and pe formats
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-03-12 22:04:02 +00:00
dependabot[bot]
2e2a9377ea
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 ( #2703 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-12 13:18:44 -04:00
dependabot[bot]
5e3fde04a5
chore(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 ( #2694 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.8 to 0.15.9.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](b6a39da807...9fece9e200
2024-03-06 14:24:56 -05:00
dependabot[bot]
d7e58964ef
chore(deps): bump actions/cache from 4.0.0 to 4.0.1 ( #2685 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](13aacd865c...ab5e6d0c87
2024-03-01 13:50:49 -05:00
dependabot[bot]
59d54d6154
chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 ( #2686 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddaf
2024-03-01 13:50:34 -05:00
dependabot[bot]
acc473fc30
chore(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 ( #2676 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](b1ddad2c99...a4f52f8033
2024-02-28 09:31:29 -05:00
dependabot[bot]
33b72ccbf8
chore(deps): bump github/codeql-action from 3.24.4 to 3.24.5 ( #2666 )
2024-02-23 14:10:26 +00:00
dependabot[bot]
cdf1e0bacb
chore(deps): bump github/codeql-action from 3.24.3 to 3.24.4 ( #2662 )
2024-02-22 16:50:53 +00:00
dependabot[bot]
578ac9cf2d
chore(deps): bump github/codeql-action from 3.24.1 to 3.24.3 ( #2649 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.1 to 3.24.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e675ced7a7...379614612a
2024-02-15 09:13:29 -05:00
Christopher Angelo Phillips
9803db2949
fix: update runner size to use larger HD for codeql ( #2641 )
...
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2024-02-14 10:31:05 -05:00
dependabot[bot]
3ac7369068
chore(deps): bump github/codeql-action from 3.24.0 to 3.24.1 ( #2638 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.0 to 3.24.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e8893c57a1...e675ced7a7
2024-02-14 09:21:21 -05:00
dependabot[bot]
4d4efa4963
chore(deps): bump dawidd6/action-homebrew-bump-formula ( #2639 )
...
Bumps [dawidd6/action-homebrew-bump-formula](https://github.com/dawidd6/action-homebrew-bump-formula ) from 3.10.1 to 3.11.0.
- [Release notes](https://github.com/dawidd6/action-homebrew-bump-formula/releases )
- [Commits](75ed025ff3...baf2b60c51
2024-02-14 09:21:05 -05:00
dependabot[bot]
0bc5971085
chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 ( #2597 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](26f96dfa69...5d5d22a312
2024-02-06 10:44:51 -05:00
dependabot[bot]
05fa8ba4e9
chore(deps): bump actions/cache from 3.3.2 to 4.0.0 ( #2592 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.2 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.3.2...13aacd865c20de90d75de3b17ebe84f7a17d57d2 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 10:26:55 -05:00
dependabot[bot]
0618b2cb35
chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 ( #2593 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.2 to 3.24.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b7bf0a3ed3...e8893c57a1
2024-02-05 09:46:22 -05:00
Alex Goodman
fd3844853a
labeler should ignore latest version ( #2588 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-02 18:08:15 -05:00
Alex Goodman
3023a5a7bc
Detect ELF security features ( #2443 )
...
* add detection of ELF security features
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix linting
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update json schema with file executable data
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update expected fixure when no tty present
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* more detailed differ
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* use json differ
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove json schema addition
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* regenerate json schema
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix mimtype set ref
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-02 16:51:18 +00:00
dependabot[bot]
4a98f9fbd3
chore(deps): bump anchore/sbom-action from 0.15.7 to 0.15.8 ( #2578 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.7 to 0.15.8.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](767b08fd88...b6a39da807
2024-02-01 10:26:47 -05:00
dependabot[bot]
db49c145f0
chore(deps): bump marocchino/sticky-pull-request-comment ( #2579 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](efaaab3fd4...331f8f5b42
2024-02-01 10:26:37 -05:00
dependabot[bot]
43837f47f5
chore(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 ( #2567 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.2 to 6.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](153407881e...b1ddad2c99
2024-01-31 13:20:17 -05:00
dependabot[bot]
e880e6dcd6
chore(deps): bump anchore/sbom-action from 0.15.6 to 0.15.7 ( #2568 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.6 to 0.15.7.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c6aed38a43...767b08fd88
2024-01-31 13:19:50 -05:00
Alex Goodman
6ae5b2904d
re-add cosign signing checksums file ( #2572 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-31 13:19:41 -05:00
dependabot[bot]
b113391638
chore(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 ( #2560 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.5 to 0.15.6.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](24b0d52385...c6aed38a43
2024-01-30 13:15:22 -05:00
dependabot[bot]
2e0149fd9e
chore(deps): bump 8398a7/action-slack from 3.15.1 to 3.16.2 ( #2557 )
...
Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack ) from 3.15.1 to 3.16.2.
- [Release notes](https://github.com/8398a7/action-slack/releases )
- [Commits](fbd6aa58ba...28ba43ae48
2024-01-29 12:32:30 -05:00
dependabot[bot]
87bbc507ee
chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 ( #2558 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.1 to 3.23.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0b21cf2492...b7bf0a3ed3
2024-01-29 12:32:22 -05:00
Alex Goodman
e0e1c4ba0a
Internalize majority of cmd package ( #2533 )
...
* internalize majority of cmd package and migrate integration tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add internal api encoder
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* create internal representation of all formats
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* export capability to get default encoders
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* restore test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-24 13:29:51 -05:00
dependabot[bot]
ad2843bf50
chore(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 ( #2536 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](694cdabd8b...26f96dfa69
2024-01-24 10:11:43 -05:00
dependabot[bot]
8e39ca6dfc
chore(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 ( #2531 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.4 to 0.15.5.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](41f7a6c033...24b0d52385
2024-01-23 10:14:05 -05:00
dependabot[bot]
ec802dfc80
chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 ( #2513 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1eb3cb2b3e...694cdabd8b
2024-01-19 09:31:12 -05:00
dependabot[bot]
8845c938ce
chore(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 ( #2514 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.3 to 0.15.4.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c7f031d924...41f7a6c033
2024-01-19 09:28:37 -05:00
dependabot[bot]
308dc6f9b8
chore(deps): bump github/codeql-action from 3.23.0 to 3.23.1 ( #2506 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.0 to 3.23.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e5f05b81d5...0b21cf2492
2024-01-18 09:45:04 -05:00
William Murphy
c816c73341
chore: enable automatic approval of dependabot PRs ( #2505 )
...
To reduce toil in this repo, enable dependabot PRs to be automatically
approved, but not merged. They are not automatically merged because if
the default GitHub token is used to automatically merge a PR, the
resulting commit will not trigger workflows on main. Rather than
generate a more potent token, just automatically review them, which
reduces toil by eliminating several clicks and page loads for
maintainers who are trying to merge dependabot PRs.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-01-18 08:35:23 -05:00
dependabot[bot]
0409eef615
chore(deps): bump actions/cache from 3.3.3 to 4.0.0 ( #2503 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.3 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](e12d46a63a...13aacd865c
2024-01-17 10:07:41 -05:00
