oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
466 Commits 60 Branches 243 Tags
Commit Graph

466 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex Goodman
a5537943fa
keep original dpkg md5sum location 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-05 14:30:05 -05:00
Alex Goodman
0030880e74
Merge pull request #307 from anchore/dup-readers-on-bulk-fetch 
Duplicate reference readers for duplicate location resolutions
 2021-01-05 14:12:42 -05:00
Alex Goodman
fc8b431ea6
duplicate reference readers for duplicate location resolutions 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-05 13:54:39 -05:00
Alex Goodman
bb70b0b43e
Merge pull request #305 from anchore/add-has-path-to-resolver 
Add HasPath() to Resolver interface for existence check
v0.12.1 		2021-01-04 19:45:03 -05:00
Alex Goodman
ee0a02621a
Merge pull request #306 from anchore/update-gemspec-glob 
Update gemspec glob to include named nested specification directories
 2021-01-04 19:42:26 -05:00
Alex Goodman
33c27c4f3d
add HasPath() to Resolver interface 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-04 19:39:49 -05:00
Alex Goodman
133d180eec
update gemspec glob to include named spec dirs 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-04 19:33:52 -05:00
Alex Goodman
37b96a241b
ensure acceptance tests use existing snapshot dir 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
v0.12.0 		2021-01-04 16:50:35 -05:00
Alex Goodman
7f4e8ab97d
Fix symlink resolutions for constituent paths (#304) 
* bump stereoscope to pull in content API refactors

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* incorporate symlink fixes

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* with filetree.File() adjustments

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* regress all-layers scope to not include dead-links + default tests to squashed scope

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* restore all layers resolver glob behavior (custom + lazy link resolution)

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* incorporate filetree link resolution options and restore no-follow dead link option for resolvers

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* removed path from lower-level FileTree.File() calls

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* bump stereoscope to pull in latest link resolution fixes

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* bump doublestar to v2 for directory resolver

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-04 16:41:45 -05:00
Dan Luhring
76446abd7d
Merge pull request #299 from anchore/with-content-api-refactor 
Bump stereoscope to pull in content API refactors
 2021-01-04 14:41:00 -05:00
Dan Luhring
c2799b35d8
Fix mock resolver interface implementation 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2021-01-04 14:18:51 -05:00
Alex Goodman
d475e6280a
bump stereoscope to pull in content API refactors 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2021-01-04 14:07:14 -05:00
Dan Luhring
e299a5355f
Merge pull request #303 from anchore/fix-site-packages-dir 
Handle site packages based on which egg file is parsed
v0.11.1 		2020-12-23 13:23:01 -05:00
Dan Luhring
359212e8ee
Disable lint rule prealloc 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-23 11:35:49 -05:00
Dan Luhring
52e719dcb8
Create MockResolver and use to improve python cataloger tests 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-23 11:24:49 -05:00
Dan Luhring
13c289eb7e
Add tests for determining site packages root 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-23 08:22:31 -05:00
Dan Luhring
c1fa701602
Apply lint fix 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-22 17:46:33 -05:00
Dan Luhring
183b8f79d0
Handle site packages based on which egg file is parsed 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-22 17:41:27 -05:00
Alex Goodman
558781eed6
Merge pull request #302 from anchore/add-manual-cache-buster 
add manual cache buster to the pipeline
 2020-12-22 16:32:59 -05:00
Alex Goodman
60f525af18
add manual cache buster to the pipeline 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-22 16:22:42 -05:00
Alfredo Deza
8dbb095fc6
Merge pull request #301 from anchore/issue-300 
catalogers: Python runtime is not a Python package itself, ignore it
 2020-12-22 15:18:56 -05:00
Alfredo Deza
d0d7e849c9 catalogers: Python runtime is not a Python package itself, ignore it 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
 2020-12-22 10:59:43 -05:00
Alex Goodman
6aaf9ee712
Incorporate import changes + add image overwrite option (#294) 
* incorporate import changes + add image overwrite option

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update import tests to account for arbitrary json shape

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
v0.11.0 		2020-12-18 16:59:30 -05:00
Alex Goodman
75d89293ce
fix acceptance tests 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-18 14:32:29 -05:00
Zach Hill
7962002f81
Split dpk source into name and version (#297) 
* Split dpk source into name and version

Signed-off-by: Zach Hill <zach@anchore.com>

* update dpkg status source name parsing

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Dan Luhring <luhring@users.noreply.github.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-18 14:08:19 -05:00
Alex Goodman
ea162f87f4
update dpkg license to include single-word entries (#298) 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Dan Luhring <luhring@users.noreply.github.com>
 2020-12-18 12:54:09 -05:00
Zach Hill
9adb57bcb5
Adds globs for .egg-info file for python detection as well as tests (#296) 
* Adds globs for .egg-info file for python detection as well as tests

Signed-off-by: Zach Hill <zach@anchore.com>

* Fix lint error

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

Co-authored-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-18 12:36:25 -05:00
Alex Goodman
0891faa756
Merge pull request #293 from anchore/revert-288-syft_docker_image 
Revert "Add the ability to run syft from a scratch image."
 2020-12-16 16:55:26 -05:00
Alex Goodman
a56292e2e0
Revert "Add the ability to run syft from a scratch image." 
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
 2020-12-16 16:54:34 -05:00
Toure Dunnon
688aa2e832
Merge pull request #288 from anchore/syft_docker_image 
Add the ability to run syft from a scratch image.
 2020-12-16 10:39:30 -05:00
Toure Dunnon
2c90ec84b9
Merge branch 'main' into syft_docker_image 2020-12-15 19:52:55 -05:00
Alex Goodman
d1d7471f2f
Merge pull request #290 from anchore/improve-python-cataloger 
Improve performance of the python cataloger
 2020-12-15 12:41:58 -05:00
Toure Dunnon
a19496b846 added: Docker login github action to publish new images 
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-15 11:07:14 -05:00
Alex Goodman
d94d7a7d80
add tests for content requester object 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-15 10:59:15 -05:00
Alex Goodman
45fed7c69b
break out packageEntry into a separate file 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-15 10:59:14 -05:00
Alex Goodman
e4a3e433b6
add content requested and refactor python cataloger to use it 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-15 10:59:14 -05:00
Alex Goodman
82c8a8e17b
add mem profile option and refactor python cataloger for batch requests 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-15 10:59:14 -05:00
Alex Goodman
be5917a058
add profiler dev option 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-15 10:59:13 -05:00
Toure Dunnon
9365625fc3 added: corrected request from review. 
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-15 09:27:09 -05:00
Toure Dunnon
c626cb1c60 added: update to README.md to indicate on how to use the new feature. 
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-14 08:10:46 -05:00
Toure Dunnon
07f2c2f702 Add the ability to run syft from a scratch image. 
This change will allow endusers or CI to run syft from a
minimum image which will simplify CI deployment.

Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-14 08:10:46 -05:00
Dan Luhring
737a81c38c
Sort generated CPEs by specificity (#289) 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-11 12:08:39 -05:00
Alex Goodman
52bac6e2fd
Add enterprise upload capability (#285) 
* add support to upload results to enterprise

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add package sbom upload

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add dockerfile support

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add manifest, index, and dockerfile import functions

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* schema version to json output + enhance json schema generation

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* modify package SBOM shape to be entire syft document + add etui updates

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add import image config and manifest support

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add config options for import to enterprise

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* incorporate final stereoscope and client-go deps

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
v0.10.0 		2020-12-09 22:20:53 -05:00
Toure Dunnon
2d0c127419
Merge pull request #282 from anchore/issue_270 
Corrected syft cyclonedx generated bom to adhere to the specifications found in CycloneDX 1.2
 2020-12-04 13:48:55 -05:00
Toure Dunnon
1a124bd77b added: regenerated new test fixtures to reflect change in specification. 
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-04 11:48:20 -05:00
Toure Dunnon
a5fd83b21d added: correct the bom descriptor to meet the cyclonedx 1.2 
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
 2020-12-04 11:48:20 -05:00
Alex Goodman
f87c59b4eb
Merge pull request #286 from anchore/rm-tree-catalog-sync-check 
Bump stereoscope to remove tree-catalog syft check
v0.9.2 		2020-12-03 16:32:24 -05:00
Alex Goodman
3ce7eabc98
bump stereoscope to remove tree-catalog syft check 
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
 2020-12-03 16:20:17 -05:00
Alex Goodman
6f9ded60ed
Merge pull request #279 from anchore/enhance-java-cpe-by-group-id 
Include CPEs with elements from POM GroupId fields
v0.9.1 		2020-12-02 07:50:31 -05:00
Dan Luhring
65cbacd135
Clarify python wheel parsing process (#281) 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
 2020-12-01 16:30:30 -05:00