oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 08:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,013 Commits 60 Branches 243 Tags
Commit Graph

739 Commits

Author SHA1 Message Date
Christopher Phillips
ce74ed0309
chore: refactor to use gguf-parser-go; 50mb limit 
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
 2025-10-22 02:37:01 -04:00
dependabot[bot]
8ffe15c710
chore(deps): bump golang.org/x/tools from 0.37.0 to 0.38.0 (#4265) 
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.37.0 to 0.38.0.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 11:50:59 -04:00
dependabot[bot]
89948dfa51
chore(deps): bump golang.org/x/mod from 0.28.0 to 0.29.0 (#4266) 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.28.0 to 0.29.0.
- [Commits](https://github.com/golang/mod/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 11:50:49 -04:00
dependabot[bot]
450cd72da5
chore(deps): bump modernc.org/sqlite from 1.39.0 to 1.39.1 (#4276) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.39.0 to 1.39.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.39.0...v1.39.1)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 11:50:25 -04:00
dependabot[bot]
18e789c4fd
chore(deps): bump github.com/gohugoio/hashstructure from 0.5.0 to 0.6.0 (#4267) 
Bumps [github.com/gohugoio/hashstructure](https://github.com/gohugoio/hashstructure) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/gohugoio/hashstructure/releases)
- [Commits](https://github.com/gohugoio/hashstructure/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/gohugoio/hashstructure
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-09 15:10:47 -04:00
dependabot[bot]
7d4680bc08
chore(deps): bump golang.org/x/net from 0.45.0 to 0.46.0 (#4268) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.45.0 to 0.46.0.
- [Commits](https://github.com/golang/net/compare/v0.45.0...v0.46.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-09 15:10:36 -04:00
dependabot[bot]
337a2754e5
chore(deps): bump golang.org/x/net from 0.44.0 to 0.45.0 (#4263) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.44.0 to 0.45.0.
- [Commits](https://github.com/golang/net/compare/v0.44.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-08 16:44:13 -04:00
dependabot[bot]
8f1d45830d
chore(deps): bump github.com/iancoleman/orderedmap (#4258) 
Bumps [github.com/iancoleman/orderedmap](https://github.com/iancoleman/orderedmap) from 0.0.0-20190318233801-ac98e3ecb4b0 to 0.3.0.
- [Commits](https://github.com/iancoleman/orderedmap/commits/v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/iancoleman/orderedmap
  dependency-version: 0.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 10:06:28 -04:00
dependabot[bot]
ea7dc8f468
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.3 (#4259) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.16.2 to 5.16.3.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.16.2...v5.16.3)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 10:06:17 -04:00
Alex Goodman
a77d24e379
Improve struct and field comments and incorporate into json schema (#4252) 
* improve struct and field comments and incorporate into json schema

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* address review feedback

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2025-10-03 17:01:56 +00:00
dependabot[bot]
5461a92337
chore(deps): bump github.com/hashicorp/go-getter from 1.8.1 to 1.8.2 (#4254) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-03 12:07:13 -04:00
dependabot[bot]
b9604cbf30
chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.2 to 0.9.3 (#4251) 2025-10-02 13:24:25 +00:00
Alan Pope
0a36dabf23
feat(cataloger): add snap package cataloger for metadata extraction (#4151) 
---------
Signed-off-by: Alan Pope <alan.pope@anchore.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
 2025-09-26 10:42:29 -04:00
dependabot[bot]
64b71ec04c
chore(deps): bump github.com/quasilyte/go-ruleguard/dsl (#4245) 
Bumps [github.com/quasilyte/go-ruleguard/dsl](https://github.com/quasilyte/go-ruleguard) from 0.3.22 to 0.3.23.
- [Release notes](https://github.com/quasilyte/go-ruleguard/releases)
- [Commits](https://github.com/quasilyte/go-ruleguard/compare/dsl/v0.3.22...dsl/v0.3.23)

---
updated-dependencies:
- dependency-name: github.com/quasilyte/go-ruleguard/dsl
  dependency-version: 0.3.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-26 10:27:13 -04:00
dependabot[bot]
d820c3436b
chore(deps): bump github.com/charmbracelet/bubbletea (#4228) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 1.3.9 to 1.3.10.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.3.9...v1.3.10)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-version: 1.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-18 15:15:52 -04:00
dependabot[bot]
409642c8f0
chore(deps): bump github.com/hashicorp/go-getter from 1.8.0 to 1.8.1 (#4229) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-18 15:15:43 -04:00
dependabot[bot]
6005fb3c20
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.14 to 0.5.15 (#4225) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.14 to 0.5.15.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.14...v0.5.15)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-version: 0.5.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-17 10:07:37 -04:00
anchore-actions-token-generator[bot]
b87b919149
chore(deps): update anchore dependencies (#4220) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
 2025-09-15 20:22:09 +00:00
dependabot[bot]
06b01aaa40
chore(deps): bump modernc.org/sqlite from 1.38.2 to 1.39.0 (#4219) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.38.2 to 1.39.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.38.2...v1.39.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-version: 1.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 14:29:45 -04:00
dependabot[bot]
e1762a2dda
chore(deps): bump github.com/charmbracelet/bubbletea from 1.3.8 to 1.3.9 (#4214) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 1.3.8 to 1.3.9.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.3.8...v1.3.9)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-version: 1.3.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-12 10:21:20 -04:00
dependabot[bot]
c6cd66357a
chore(deps): bump github.com/spf13/afero from 1.14.0 to 1.15.0 (#4202) 
Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](https://github.com/spf13/afero/compare/v1.14.0...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-version: 1.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-11 13:27:42 -04:00
dependabot[bot]
04e989d761
chore(deps): bump github.com/charmbracelet/bubbletea from 1.3.6 to 1.3.8 (#4203) 
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea) from 1.3.6 to 1.3.8.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml)
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.3.6...v1.3.8)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
  dependency-version: 1.3.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-11 13:27:33 -04:00
dependabot[bot]
b6f7532b0f
chore(deps): bump github.com/vbatts/go-mtree from 0.5.4 to 0.6.0 (#4204) 
Bumps [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree) from 0.5.4 to 0.6.0.
- [Release notes](https://github.com/vbatts/go-mtree/releases)
- [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md)
- [Commits](https://github.com/vbatts/go-mtree/compare/v0.5.4...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/vbatts/go-mtree
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-11 13:27:24 -04:00
dependabot[bot]
f986327257
chore(deps): bump golang.org/x/tools from 0.36.0 to 0.37.0 (#4211) 
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.36.0 to 0.37.0.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.36.0...v0.37.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-11 12:50:33 -04:00
dependabot[bot]
169220ba81
chore(deps): bump github.com/hashicorp/go-getter from 1.7.10 to 1.8.0 (#4197) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.10 to 1.8.0.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/commits/v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-08 09:50:54 -04:00
dependabot[bot]
1df4779b48
chore(deps): bump golang.org/x/mod from 0.27.0 to 0.28.0 (#4198) 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.27.0 to 0.28.0.
- [Commits](https://github.com/golang/mod/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-08 09:50:09 -04:00
dependabot[bot]
3a7f1f27a6
chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#4182) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-08 02:36:59 -04:00
dependabot[bot]
cc07df0347
chore(deps): bump github.com/hashicorp/go-getter from 1.7.9 to 1.7.10 (#4190) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.9 to 1.7.10.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.9...v1.7.10)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.7.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-08 02:05:46 -04:00
dependabot[bot]
6f4da8c797
chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 (#4173) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.11.0...v1.11.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-03 12:22:38 -04:00
dependabot[bot]
39441f1999
chore(deps): bump github.com/ulikunitz/xz from 0.5.12 to 0.5.14 (#4178) 
Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.12 to 0.5.14.
- [Commits](https://github.com/ulikunitz/xz/compare/v0.5.12...v0.5.14)

---
updated-dependencies:
- dependency-name: github.com/ulikunitz/xz
  dependency-version: 0.5.14
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 00:26:54 -04:00
dependabot[bot]
507987c193
chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.0 (#4180) 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.9.1...v1.10.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 00:26:42 -04:00
dependabot[bot]
bc18e3ab8c
chore(deps): bump github.com/anchore/stereoscope (#4174) 
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.1.9-0.20250826202322-ef061ea78385 to 0.1.9.
- [Release notes](https://github.com/anchore/stereoscope/releases)
- [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/stereoscope/commits/v0.1.9)

---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
  dependency-version: 0.1.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-28 13:43:20 -04:00
dependabot[bot]
c4eb071324
chore(deps): bump github.com/gookit/color from 1.5.4 to 1.6.0 (#4176) 
Bumps [github.com/gookit/color](https://github.com/gookit/color) from 1.5.4 to 1.6.0.
- [Release notes](https://github.com/gookit/color/releases)
- [Commits](https://github.com/gookit/color/compare/v1.5.4...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/gookit/color
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-28 13:42:38 -04:00
dependabot[bot]
cbcf8bd542
chore(deps): bump golang.org/x/tools from 0.35.0 to 0.36.0 (#4172) 
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.35.0 to 0.36.0.
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-27 13:09:28 -04:00
anchore-actions-token-generator[bot]
2d8e337d34
chore(deps): update anchore dependencies (#4169) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
 2025-08-26 17:04:20 -04:00
Christopher Angelo Phillips
13ffeeb3d0
feat: combine go module file and go source discovery into single cataloger (#4127) 
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2025-08-26 19:35:44 +00:00
n-bes
170c4c41f4
use go.yaml.in/yaml (#4157) 
Signed-off-by: Nikita Besperstov <n.bes@pm.me>
 2025-08-26 11:24:23 -04:00
dependabot[bot]
7dc7c01c5c
chore(deps): bump github.com/diskfs/go-diskfs (#4159) 
Bumps [github.com/diskfs/go-diskfs](https://github.com/diskfs/go-diskfs) from 1.6.1-0.20250601133945-2af1c7ece24c to 1.7.0.
- [Commits](https://github.com/diskfs/go-diskfs/commits/v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/diskfs/go-diskfs
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 09:00:02 -04:00
dependabot[bot]
9f07fa4a68
chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 (#4160) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 08:59:49 -04:00
dependabot[bot]
c4292ad79b
chore(deps): bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 (#4144) 
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.8 to 1.7.9.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.7.8...v1.7.9)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.7.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 11:42:13 +01:00
dependabot[bot]
49736e7c4a
chore(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 (#4122) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.42.0 to 0.43.0.
- [Commits](https://github.com/golang/net/compare/v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-08 17:51:06 +00:00
dependabot[bot]
7a9e1e06da
chore(deps): bump golang.org/x/mod from 0.26.0 to 0.27.0 (#4123) 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/mod/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-08 13:35:44 -04:00
anchore-actions-token-generator[bot]
386ef842d9
chore(deps): update anchore dependencies (#4104) 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
 2025-07-30 17:41:35 +00:00
anchore-actions-token-generator[bot]
bd79463e77
chore(deps): update anchore dependencies (#4098) 
* chore(deps): update anchore dependencies

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* address reader close operations

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2025-07-30 17:23:07 +00:00
dependabot[bot]
28ba092375
chore(deps): bump github.com/anchore/stereoscope (#4091) 
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.1.7-0.20250716200927-94c6f92877d4 to 0.1.7.
- [Release notes](https://github.com/anchore/stereoscope/releases)
- [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/stereoscope/commits/v0.1.7)

---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
  dependency-version: 0.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-30 09:12:55 -04:00
dependabot[bot]
fa68af468d
chore(deps): bump github.com/docker/docker (#4092) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.2.2+incompatible to 28.3.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v28.2.2...v28.3.3)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-version: 28.3.3+incompatible
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-29 16:29:03 -04:00
dependabot[bot]
700a777356
chore(deps): bump modernc.org/sqlite from 1.38.1 to 1.38.2 (#4088) 
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.38.1 to 1.38.2.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.38.1...v1.38.2)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-version: 1.38.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-29 10:29:57 -04:00
dependabot[bot]
71aa59a210
chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.13 to 0.5.14 (#4089) 
Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.13 to 0.5.14.
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.13...v0.5.14)

---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-version: 0.5.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-29 10:29:45 -04:00
dependabot[bot]
d0d9c6a8e5
chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.9.0 to 4.9.1 (#4087) 2025-07-28 13:39:36 -04:00
dependabot[bot]
702b4358e9
chore(deps): bump github.com/olekukonko/tablewriter from 1.0.8 to 1.0.9 (#4086) 2025-07-28 13:39:22 -04:00