dependabot[bot]
05c09fd73d
chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5 ( #3473 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.4 to 3.27.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...f09c1c0a94
2024-11-21 15:14:27 -05:00
anchore-actions-token-generator[bot]
a8d4202d77
chore(deps): update stereoscope to aa3a3ef4efe8d8759c9aa87261b405cc003bfc9a ( #3472 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2024-11-21 14:28:51 +00:00
dependabot[bot]
19a30b9fd2
chore(deps): bump github.com/charmbracelet/bubbletea from 1.2.2 to 1.2.3 ( #3467 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-20 08:32:30 -05:00
William Murphy
e65fe243bf
fix: bump clio to pull in logging fix ( #3466 )
...
Previously, if SYFT_LOG_FILE was not set, and no TTY was present,
log.Warn messages were discarded instead of being sent to stderr.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2024-11-19 14:56:53 -05:00
Christopher Angelo Phillips
f4cad63da1
3122 valid license url characters ( #3449 )
...
* chore: strip unwanted characters from license URL
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-11-19 15:34:58 +00:00
Christopher Angelo Phillips
e7b65c2c58
3030 license declared spdx correction ( #3461 )
...
* feat: update hasExtractedLicense field to include license-ref candidates
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2024-11-19 15:00:59 +00:00
anchore-actions-token-generator[bot]
8aef0c908a
chore(deps): update tools to latest versions ( #3463 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-11-19 09:36:46 -05:00
dependabot[bot]
35fa0cc454
chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.6.1 to 6.6.2 ( #3465 )
...
Bumps [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty ) from 6.6.1 to 6.6.2.
- [Release notes](https://github.com/jedib0t/go-pretty/releases )
- [Commits](https://github.com/jedib0t/go-pretty/compare/v6.6.1...v6.6.2 )
---
updated-dependencies:
- dependency-name: github.com/jedib0t/go-pretty/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-19 09:36:32 -05:00
dependabot[bot]
1c61e9cbff
chore(deps): bump modernc.org/sqlite from 1.33.1 to 1.34.1 ( #3460 )
...
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ) from 1.33.1 to 1.34.1.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.33.1...v1.34.1 )
---
updated-dependencies:
- dependency-name: modernc.org/sqlite
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 09:33:08 -05:00
anchore-actions-token-generator[bot]
d91150edea
chore(deps): update CPE dictionary index ( #3453 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-11-18 08:33:41 -05:00
anchore-actions-token-generator[bot]
215ae2bbb9
chore(deps): update tools to latest versions ( #3454 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-11-18 08:33:23 -05:00
anchore-actions-token-generator[bot]
93d90cb10a
chore(deps): update tools to latest versions ( #3448 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-11-17 12:32:11 -05:00
anchore-actions-token-generator[bot]
70ef3f25df
chore(deps): update tools to latest versions ( #3444 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-11-15 09:36:21 -05:00
dependabot[bot]
e41f8dfa04
chore(deps): bump github/codeql-action from 3.27.3 to 3.27.4 ( #3446 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.3 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](396bb3e453...ea9e4e3799
2024-11-15 09:35:59 -05:00
William Murphy
bc35345afb
feat: emit dependency relationships found in Cargo.lock ( #3443 )
...
* feat: emit dependency relationships found in Cargo.lock
Include updating test Cargo.lock to have dependencies on multiple
versions of the same crate.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2024-11-14 16:45:00 -05:00
anchore-actions-token-generator[bot]
926486a7c3
chore(deps): update stereoscope to aa3a3ef4efe8d8759c9aa87261b405cc003bfc9a ( #3442 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-11-14 13:13:04 -05:00
dependabot[bot]
a15c5f61f4
chore(deps): bump github/codeql-action from 3.27.2 to 3.27.3 ( #3438 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.2 to 3.27.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9278e42166...396bb3e453
2024-11-14 05:32:26 -05:00
dependabot[bot]
94dd634a97
chore(deps): bump github.com/charmbracelet/bubbletea from 1.2.1 to 1.2.2 ( #3439 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.2.1...v1.2.2 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-14 05:31:39 -05:00
dependabot[bot]
5624d48e25
chore(deps): bump github.com/saferwall/pe from 1.5.4 to 1.5.5 ( #3440 )
...
Bumps [github.com/saferwall/pe](https://github.com/saferwall/pe ) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/saferwall/pe/releases )
- [Changelog](https://github.com/saferwall/pe/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saferwall/pe/compare/v1.5.4...v1.5.5 )
---
updated-dependencies:
- dependency-name: github.com/saferwall/pe
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-14 05:31:21 -05:00
anchore-actions-token-generator[bot]
ac8be4ad41
chore(deps): update tools to latest versions ( #3413 )
...
* chore(deps): update tools to latest versions
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* fix linting
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-11-12 15:53:27 +00:00
dependabot[bot]
abd6abe186
chore(deps): bump github/codeql-action from 3.27.1 to 3.27.2 ( #3436 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...9278e42166
2024-11-12 13:50:25 +00:00
dependabot[bot]
51872403d1
chore(deps): bump golang.org/x/mod from 0.21.0 to 0.22.0 ( #3426 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/mod/compare/v0.21.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 13:48:39 +00:00
witchcraze
066aadb4d1
update node classifier ( #3419 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2024-11-12 08:38:43 -05:00
anchore-actions-token-generator[bot]
e463206349
chore(deps): update stereoscope to 120d9ea511e2f7a9887b443c52e66cd19bb80b43 ( #3424 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-11-12 08:37:14 -05:00
anchore-actions-token-generator[bot]
7c6483f84a
chore(deps): update CPE dictionary index ( #3429 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-11-12 08:36:41 -05:00
dependabot[bot]
013a2fe340
chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 ( #3431 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617
2024-11-12 08:36:01 -05:00
dependabot[bot]
6e7c198ae7
chore(deps): bump golang.org/x/net from 0.30.0 to 0.31.0 ( #3432 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.30.0 to 0.31.0.
- [Commits](https://github.com/golang/net/compare/v0.30.0...v0.31.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 08:35:41 -05:00
dependabot[bot]
8a7da599fc
chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.1 ( #3433 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 1.1.2 to 1.2.1.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.1.2...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 08:35:15 -05:00
Alex Goodman
b0bffef1a2
restore log on ui teardown ( #3427 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-11-08 12:31:38 -05:00
Alan Pope
3c070e0ad9
doc: Add official Syft logo license information ( #3421 )
...
This clarifies the license under which the Syft "owl" logo is released. This is necessary to enable us to share the logo in certain online communities.
Signed-off-by: Alan Pope <alan.pope@anchore.com>
2024-11-07 14:23:57 +00:00
dependabot[bot]
defb08d120
chore(deps): bump anchore/sbom-action from 0.17.6 to 0.17.7 ( #3418 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.17.6 to 0.17.7.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](251a468eed...fc46e51fd3
2024-11-06 10:41:45 -05:00
Keith Zantow
16eedd81ec
chore: build release sbom from go.mod ( #3417 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-11-05 09:51:23 -05:00
Christopher Angelo Phillips
8a41d77250
chore: prevent file resolver from bubbling errors in binary cataloger ( #3410 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Co-authored-by: Keith Zantow <kzantow@gmail.com>
2024-11-04 20:23:27 +00:00
anchore-actions-token-generator[bot]
eb56f2e4bb
chore(deps): update stereoscope to cbd43fb4e5d348fe680066ee6329385fd6a4f827 ( #3411 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-11-04 10:20:27 -05:00
anchore-actions-token-generator[bot]
849e325408
chore(deps): update CPE dictionary index ( #3414 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2024-11-04 10:13:22 -05:00
dependabot[bot]
203df65a65
chore(deps): bump github.com/adrg/xdg from 0.5.2 to 0.5.3 ( #3408 )
...
Bumps [github.com/adrg/xdg](https://github.com/adrg/xdg ) from 0.5.2 to 0.5.3.
- [Release notes](https://github.com/adrg/xdg/releases )
- [Commits](https://github.com/adrg/xdg/compare/v0.5.2...v0.5.3 )
---
updated-dependencies:
- dependency-name: github.com/adrg/xdg
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 11:43:54 -04:00
dependabot[bot]
2c70090d10
chore(deps): bump github.com/charmbracelet/lipgloss from 0.13.1 to 1.0.0 ( #3409 )
...
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss ) from 0.13.1 to 1.0.0.
- [Release notes](https://github.com/charmbracelet/lipgloss/releases )
- [Changelog](https://github.com/charmbracelet/lipgloss/blob/master/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/lipgloss/compare/v0.13.1...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/lipgloss
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 11:43:47 -04:00
anchore-actions-token-generator[bot]
8f179e6961
chore(deps): update stereoscope to 2ce1e520983b1c21d5150d7fae2b39e8e5ab9063 ( #3405 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-11-01 11:43:39 -04:00
Artemii
6a1e3f32fe
Issue #3143 – fixed format conversion docs link ( #3407 )
...
* chore: fixed format conversion docs link (#3143 )
Signed-off-by: Artemii Fedotov <artemii.fedotov@tutamail.com>
* changed link to wiki docs
Signed-off-by: Artemii Fedotov <artemii.fedotov@tutamail.com>
---------
Signed-off-by: Artemii Fedotov <artemii.fedotov@tutamail.com>
2024-11-01 11:43:00 -04:00
Joel Rudsberg
fcf1350a0e
feat: support dependencies and purl for Native Image SBOMs ( #3399 )
...
Signed-off-by: Joel Rudsberg <joel.rudsberg@oracle.com>
2024-10-31 12:12:54 -04:00
anchore-actions-token-generator[bot]
9302e20d62
chore(deps): update stereoscope to 9c92fe30492ffeba14ed2e23ad1fd923341dda4f ( #3398 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
2024-10-31 10:22:14 -04:00
Nathan Voss
a55b71d4ef
feat: exclude devDependencies from package-lock.json parsing ( #3371 )
...
Signed-off-by: Nathan Voss <njvoss299@gmail.com>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Co-authored-by: Keith Zantow <kzantow@gmail.com>
2024-10-30 12:02:27 -04:00
dependabot[bot]
df3998b4f1
chore(deps): bump github.com/adrg/xdg from 0.5.1 to 0.5.2 ( #3394 )
2024-10-29 16:32:14 +00:00
dependabot[bot]
9dc9be645a
chore(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6 ( #3393 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.17.5 to 0.17.6.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](1ca97d9028...251a468eed
2024-10-29 10:07:28 -04:00
Keith Zantow
798c18a698
fix: stack overflow in spyingIoReadCloser ( #3392 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-10-29 08:23:57 -04:00
Keith Zantow
1118ac4ace
fix: bad pom files may cause infinite loop ( #3391 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2024-10-28 18:09:04 -04:00
anchore-actions-token-generator[bot]
55cc1877ef
chore(deps): update stereoscope to bcc40c6817524718277256d6b774ce643f98640a ( #3388 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2024-10-28 19:48:04 +00:00
dependabot[bot]
367c699585
chore(deps): bump actions/setup-go from 5.0.2 to 5.1.0 ( #3384 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0a12ed9d6a...41dfa10bad
2024-10-28 14:09:45 -04:00
dependabot[bot]
46445ff29f
chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.1 to 1.1.2 ( #3385 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.1.1...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-28 14:08:44 -04:00
anchore-actions-token-generator[bot]
5faa6d34d5
chore(deps): update tools to latest versions ( #3383 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2024-10-28 14:08:14 -04:00
