Will Murphy
a0f7148608
chore: ignore .DS_Store in test fixtures ( #4422 )
...
Otherwise, we get test failures on macOS if macOS has decided to put
.DS_Store entries in the test fixtures.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-12-01 10:15:35 -05:00
Adam Chovanec
5b96d1d69d
chore: rename test func for CPE decoder ( #4379 )
...
Signed-off-by: Adam Chovanec <git@adamchovanec.cz>
Co-authored-by: Adam Chovanec <git@adamchovanec.cz>
2025-11-25 23:05:31 -05:00
dependabot[bot]
6c666383e7
chore(deps): bump anchore/sbom-action from 0.20.9 to 0.20.10 ( #4381 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.20.9 to 0.20.10.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](8e94d75ddd...fbfd9c6c18
2025-11-25 23:05:05 -05:00
dependabot[bot]
b9710a1e79
chore(deps): bump modernc.org/sqlite from 1.40.0 to 1.40.1 ( #4382 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.40.0 to 1.40.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.40.0...v1.40.1 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-version: 1.40.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 23:04:56 -05:00
dependabot[bot]
023a14f869
chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 ( #4396 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68
2025-11-25 23:03:02 -05:00
dependabot[bot]
439a063d08
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.3 to 6.7.5 ( #4397 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.3 to 6.7.5.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.3...v6.7.5 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 10:20:59 -05:00
Will Murphy
c95893209d
fix: normalize python package names from dependency lists ( #4408 )
...
Because package names in METADATA files may have upper case like
Werkzeug or Jinja2, but Syft artifacts have normalized names and are
lower case, like werkzeug or jinja2, Syft would miss emitting dependency
relationships. Therefore, normalize dependency names before comparing
with existing artifacts.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-11-25 10:20:21 -05:00
anchore-actions-token-generator[bot]
7e02bdfe45
chore(deps): update tools to latest versions ( #4398 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-25 10:17:33 -05:00
dependabot[bot]
479cf5aff2
chore(deps): bump github.com/google/go-containerregistry ( #4409 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.20.6 to 0.20.7.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.6...v0.20.7 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-version: 0.20.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-25 10:16:54 -05:00
dependabot[bot]
f12788da78
chore(deps): bump github/codeql-action from 4.31.3 to 4.31.4 ( #4386 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.31.3 to 4.31.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](014f16e7ab...e12f017898
2025-11-20 12:40:21 -05:00
dependabot[bot]
67709362b6
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.2 to 6.7.3 ( #4387 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.2 to 6.7.3.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.2...v6.7.3 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-20 12:01:21 -05:00
dependabot[bot]
55526dbde0
chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 ( #4391 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.44.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.44.0...v0.45.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.45.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-20 12:01:05 -05:00
dependabot[bot]
af167ba0c1
chore(deps): bump actions/setup-go from 6.0.0 to 6.1.0 ( #4392 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4469467582...4dc6199c7b
2025-11-20 12:00:56 -05:00
dependabot[bot]
00e1329bd1
chore(deps): bump actions/setup-go in /.github/actions/bootstrap ( #4393 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4469467582...4dc6199c7b
2025-11-20 12:00:44 -05:00
Christopher Angelo Phillips
9aca8167b8
chore: drop cpe from gguf ( #4383 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-11-19 05:37:40 -05:00
Will Murphy
759909f611
fix: emit lua rockspec dependencies in metadata ( #4376 )
...
The types / schema allowed for this field to begin with but it wasn't
set.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-11-18 09:19:41 -05:00
Keith Zantow
7014cb023f
chore: options to run release-install-script without release ( #4377 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2025-11-17 22:12:04 +00:00
anchore-actions-token-generator[bot]
a033ae525f
chore(deps): update anchore dependencies ( #4374 )
2025-11-17 12:17:15 -05:00
Will Murphy
1c22325385
ci: output oras path ( #4373 )
...
* ci: output oras path
Some workflows expect bootstrap to output the oras path. This seems like
a reasonable thing for it to do.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* ci: use path to oras from binny
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-11-17 15:36:45 +00:00
dependabot[bot]
75ad5c6c74
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.1 to 6.7.2 ( #4372 )
2025-11-17 08:47:47 -05:00
dependabot[bot]
d2641dfa39
chore(deps): bump golang.org/x/tools from 0.38.0 to 0.39.0 ( #4364 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Keith Zantow <kzantow@gmail.com>
2025-11-17 13:41:45 +00:00
anchore-actions-token-generator[bot]
365325376a
chore(deps): update tools to latest versions ( #4370 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-15 06:47:23 -05:00
Alex Goodman
153f2321ce
Fix test-fixture publish ( #4369 )
...
* pin python dependencies
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* pin rust dependencies
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* pin php deps
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update and pin http and curl fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-14 15:41:23 -05:00
Alex Goodman
7bf7bcc461
Support extras statements in Python PDM cataloger ( #4352 )
...
* fix pdm
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update json schema
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add test for metadata construction
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add missing test fixture
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* conserve markers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update json schema
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add additional tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-14 15:13:10 -05:00
anchore-actions-token-generator[bot]
6a21b5e5e2
chore(deps): update tools to latest versions ( #4365 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-14 09:25:27 -05:00
dependabot[bot]
6480c8a425
chore(deps): bump github/codeql-action from 4.31.2 to 4.31.3 ( #4366 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.31.2 to 4.31.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0499de31b9...014f16e7ab
2025-11-14 09:25:08 -05:00
Kudryavcev Nikolay
89842bd2f6
chore: migrate syft to use mholt/archives instead of anchore fork ( #4029 )
...
---------
Signed-off-by: Kudryavcev Nikolay <kydry.nikolau@gmail.com>
Signed-off-by: Christopher Phillips <spiffcs@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-13 23:04:43 +00:00
Christopher Angelo Phillips
4a60c41f38
feat: 4184 gguf parser (ai artifact cataloger) part 1 ( #4279 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-11-13 17:43:48 -05:00
anchore-actions-token-generator[bot]
2e100f33f3
chore(deps): update tools to latest versions ( #4358 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-12 13:27:47 -05:00
dependabot[bot]
b444f0c2ed
chore(deps): bump golang.org/x/mod from 0.29.0 to 0.30.0 ( #4359 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.29.0 to 0.30.0.
- [Commits](https://github.com/golang/mod/compare/v0.29.0...v0.30.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.30.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-12 13:27:33 -05:00
Adam Chovanec
102d362daf
feat: CPEs format decoder ( #4207 )
...
Signed-off-by: Adam Chovanec <git@adamchovanec.cz>
2025-11-12 10:45:09 -05:00
Alex Goodman
66c78d44af
Document additional json schema fields ( #4356 )
...
* add documentation to key fields
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* regenerate json schema
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-10 16:29:06 -05:00
dependabot[bot]
78a4ab8ced
chore(deps): bump github.com/olekukonko/tablewriter from 1.0.9 to 1.1.1 ( #4354 )
...
Bumps [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) from 1.0.9 to 1.1.1.
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.0.9...v1.1.1 )
---
updated-dependencies:
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-10 13:31:15 -05:00
dependabot[bot]
25ca33d20e
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.0 to 6.7.1 ( #4355 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.7.0 to 6.7.1.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.7.0...v6.7.1 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-10 13:30:56 -05:00
anchore-actions-token-generator[bot]
60ca241593
chore(deps): update tools to latest versions ( #4347 )
...
* chore: new tool checks
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-07 20:56:44 +00:00
dependabot[bot]
0f475c8bcd
chore(deps): bump github.com/opencontainers/selinux ( #4349 )
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.11.0 to 1.13.0.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-version: 1.13.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-07 15:21:35 -05:00
Alex Goodman
199394934d
preserve --from order ( #4350 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-07 10:17:10 -05:00
dependabot[bot]
8a22d394ed
chore(deps): bump golang.org/x/time from 0.12.0 to 0.14.0 ( #4348 )
...
Bumps [golang.org/x/time](https://github.com/golang/time ) from 0.12.0 to 0.14.0.
- [Commits](https://github.com/golang/time/compare/v0.12.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/time
dependency-version: 0.14.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-07 08:48:20 -05:00
Tim Olshansky
bbef262b8f
feat: Add license enrichment from pypi to python packages ( #4295 )
...
* feat: Add license enrichment from pypi to python packages
* Implement license caching and improve test coverage
---------
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
2025-11-06 16:05:08 -05:00
Tim Olshansky
4e06a7ab32
feat(javascript): Add dependency parsing ( #4304 )
...
* feat: Add dependency parsing to javascript package locks
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* Bump schema version
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* Add support for yarn and pnpm, excl. yarn v1
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* Add support for dependencies for v1 yarn lock files
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* Ensure schema is correctly generated
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* Fix tests
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
* PR feedback
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
---------
Signed-off-by: Tim Olshansky <456103+timols@users.noreply.github.com>
2025-11-06 16:03:43 -05:00
Alex Goodman
e5711e9b42
Update CPE processing to use NVD API ( #4332 )
...
* update NVD CPE dictionary processor to use API
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* pass linting with exceptions
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-06 16:02:26 -05:00
Rez Moss
f69b1db099
feat: detect elixir bin ( #4334 )
...
* Elixir detection, fixed #4333
---------
Signed-off-by: Rez Moss <hi@rezmoss.com>
2025-11-06 16:02:02 -05:00
dependabot[bot]
fe1ea443c2
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.6.9 to 6.7.0 ( #4337 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.6.9 to 6.7.0.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.6.9...v6.7.0 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-version: 6.7.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-06 15:47:49 -05:00
dependabot[bot]
bfcbf266df
chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 ( #4340 )
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.7.28 to 1.7.29.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.7.28...v1.7.29 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-version: 1.7.29
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-06 15:46:32 -05:00
Keith Zantow
a400c675fc
feat: license file search ( #4327 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2025-11-03 14:16:05 -05:00
Alex Goodman
7c154e7c37
use official action for token generation ( #4331 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-03 13:08:42 -05:00
anchore-actions-token-generator[bot]
4c93394bc2
chore(deps): update anchore dependencies ( #4330 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-11-03 12:44:07 -05:00
kdt523
3e4e82f03e
Canonicalize Ghostscript CPE/PURL for ghostscript packages from PE Binaries ( #4308 )
...
* binary(pe): canonicalize Ghostscript CPE to artifex:ghostscript and add generic purl for PE (#4275 )\n\n- Detect Ghostscript via PE version resources and set purl pkg:generic/ghostscript@<version>\n- Add PE-specific CPE candidates: vendor 'artifex', product 'ghostscript'\n- Add focused unit tests for purl and CPE generation
Signed-off-by: kdt523 <krushna.datir231@vit.edu>
* fix: gofmt formatting for static analysis pass (pe-ghostscript-cpe-purl-4275)
Signed-off-by: kdt523 <krushna.datir231@vit.edu>
---------
Signed-off-by: kdt523 <krushna.datir231@vit.edu>
2025-11-03 14:54:48 +00:00
dependabot[bot]
793b0a346f
chore(deps): bump github/codeql-action from 4.31.1 to 4.31.2 ( #4325 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.31.1 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5fe9434cd2...0499de31b9
2025-11-03 09:11:20 -05:00
dependabot[bot]
a0dac519db
chore(deps): bump github.com/hashicorp/go-getter from 1.8.2 to 1.8.3 ( #4326 )
...
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-03 09:11:12 -05:00
