oss/syft - syft - Sa' Rocí Solutions

oss/syft

mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00

Author	SHA1	Message	Date
dependabot[bot]	6c7900f5b8	chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#2236 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`8ade135a41...b4ffde65f4`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-10-18 09:54:26 -04:00
dependabot[bot]	351c683cb4	chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#2172 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`3df4ab11eb...8ade135a41`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-26 07:49:13 -04:00
dependabot[bot]	962ff1ec49	chore(deps): bump tibdex/github-app-token from 2.0.0 to 2.1.0 (#2157 ) Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](`0914d50df7...3beb63f4bd`) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-20 10:12:13 -04:00
Christopher Angelo Phillips	094b41b301	chore: pin and update all workflow dependencies; add permission scopes (#2138 ) --------- Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2023-09-15 14:18:42 -04:00
dependabot[bot]	b2be411f77	chore(deps): bump tibdex/github-app-token from 1 to 2 (#2116 ) Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1 to 2. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](https://github.com/tibdex/github-app-token/compare/v1...v2) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-11 09:56:22 -04:00
dlorenc	9f22ab6137	Bump the golang.org/x/exp dependency and fix a build breakage. (#2088 ) * Bump the golang.org/x/exp dependency and fix a build breakage. --------- Signed-off-by: Dan Lorenc <dlorenc@chainguard.dev> Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>	2023-09-07 14:55:52 -04:00
dependabot[bot]	1315cfd787	chore(deps): bump actions/checkout from 3 to 4 (#2094 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-07 09:57:51 -04:00
Keith Zantow	dd09e0362e	chore: update quill to the latest version (#2065 ) Signed-off-by: Keith Zantow <kzantow@gmail.com>	2023-08-25 20:45:04 +00:00
Dan Luhring	99d172f0d1	Introduce indexed embedded CPE dictionary (#1897 ) * Introduce indexed embedded CPE dictionary Signed-off-by: Dan Luhring <dluhring@chainguard.dev> * Don't generate cpe-index on make snapshot Signed-off-by: Dan Luhring <dluhring@chainguard.dev> * Add unit tests for individual addEntry funcs Signed-off-by: Dan Luhring <dluhring@chainguard.dev> * migrate CPE index build to go generate and add periodic workflow Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add test to ensure generated cpe index is wired up to function that uses it Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Dan Luhring <dluhring@chainguard.dev> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>	2023-07-21 13:54:19 +00:00
Bob Callaway	0580328ad9	update cosign to v2 release (different go module) (#1805 ) Signed-off-by: Bob Callaway <bcallaway@google.com>	2023-05-10 11:12:37 -04:00
dependabot[bot]	394ec8d215	chore(deps): bump peter-evans/create-pull-request from 4 to 5 (#1712 ) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4 to 5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-05 19:04:26 -04:00
Keith Zantow	34ace36a9e	chore: tweak some workflow text (#1685 ) Signed-off-by: Keith Zantow <kzantow@gmail.com>	2023-03-21 11:08:49 -04:00
dependabot[bot]	b5ec4d4f08	chore(deps): bump actions/setup-go from 3 to 4 (#1671 ) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-16 12:02:07 -04:00
Alex Goodman	8847ba5d0b	Add release trigger (#1501 ) * add release trigger Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * deduplicate version and changelog calls + add gh checks Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add more chronicle verbosity, but not when triggering releases Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump chronicle version to get --version-file feature Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update bootstrap tool workflow to include glow Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add version prefix check on tags in release quality gate Signed-off-by: Alex Goodman <alex.goodman@anchore.com> --------- Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2023-02-08 11:38:27 -05:00
Bradley Jones	cdac2245b5	feat: update golang to 1.19 (#1526 ) * feat: update golang to 1.19 Signed-off-by: Bradley Jones <bradley.jones@anchore.com> * chore: break out json schema drift check into separate script Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * chore: update git index refresh Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> --------- Signed-off-by: Bradley Jones <bradley.jones@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2023-01-31 11:39:57 -05:00
Keith Zantow	674a54512c	chore: correct bootstrap tool script (#1514 )	2023-01-25 10:22:28 -05:00
dependabot[bot]	10ca7f56ab	chore(deps): bump actions/setup-go from 2 to 3 (#1472 ) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-18 09:37:45 -05:00
Weston Steimel	e87cfe7319	chore: remove bumping cosign in go.mod when updating bootstrap tools (#1452 )	2023-01-12 16:21:01 -05:00
Keith Zantow	b20310eaf8	Add gosimports (#1205 )	2022-09-14 13:38:18 -04:00
Weston Steimel	6949a2500f	Fix update-bootstrap-tools workflow (#1170 )	2022-08-22 16:17:28 +00:00
Weston Steimel	5282820b5d	workflow to create automated PRs to update bootstrap tools (#1167 )	2022-08-22 11:28:24 -04:00

21 Commits