oss/syft - syft - Sa' Rocí Solutions

oss/syft

mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00

Author	SHA1	Message	Date
Alex Goodman	9abdb174d5	ensure pkg.Catalog path index deduplicates real vs virtual paths Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-26 13:27:24 -04:00
Haim Helman	13a066ea18	Add repo digests if available from Stereoscope to the image metadata Signed-off-by: Haim Helman <hhelman@vmware.com>	2021-03-25 05:57:23 -07:00
Alex Goodman	1b7c755536	add file-type mix as golden image Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 16:50:57 -04:00
Alex Goodman	3ef30f99be	pull in stereoscope cache fix + add test cache makefile target helpers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 14:31:59 -04:00
Alex Goodman	929b78efbf	remove prealloc nolint rule in catalogers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 12:56:00 -04:00
Alex Goodman	d420368ba9	add tests around new file metadata cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 11:00:59 -04:00
Alex Goodman	36e4af1953	adjust jsom schema version + adopt java pom properies test fixtures Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 11:27:01 -04:00
Alex Goodman	f180d1c537	improve config parsing + fix command deprecation warning Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:58:09 -04:00
Alex Goodman	6a960ec1f3	update json schema with optional poweruser data shape Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:56:16 -04:00
Alex Goodman	a6cba5d9db	remove multi* content fetching from resolvers Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:53:51 -04:00
Alex Goodman	ff4ed40d50	migrate syft/presenter to internal/presenter Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:52:33 -04:00
Alex Goodman	4666ca8469	migrate syft/cataloger to syft/pkg/cataloger Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 10:46:51 -04:00
Alex Goodman	cb5e7d0e08	Merge pull request #345 from westonsteimel/rust-cargo-cataloger add cataloger for rust crates from Cargo.lock files	2021-03-22 09:51:57 -04:00
Alex Goodman	48a1d4711a	update presenter tests with json schema 1.0.3 examples + rename rust metadata type Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-22 09:44:55 -04:00
Weston Steimel	35cc00b74a	capture extra metadata about rust crates from the Cargo.lock file Signed-off-by: Weston Steimel <weston.steimel@gmail.com>	2021-03-22 09:13:17 -04:00
Alex Goodman	e9e9fe6d9c	prefer warnings over errors when parsing java manifests and pom properties Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-20 08:08:46 -04:00
Alex Goodman	2f8a568d4f	check for multiple delimiters when parsing pom properties Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-20 08:00:08 -04:00
Weston Steimel	ba81bfe529	add cataloger for rust crates from Cargo.lock files Signed-off-by: Weston Steimel <weston.steimel@gmail.com>	2021-03-18 03:12:51 +00:00
Haim Helman	87e1a0f501	Added Photon OS to the list of distros Signed-off-by: Haim Helman <hhelman@vmware.com>	2021-03-11 19:06:17 -08:00
Weston Steimel	b963be219b	allow ability to catalog packages from /var/lib/dpkg/status.d/ Some debian-based variants (such as Google's Distroless images) don't write a single file to `/var/lib/dpkg/status`, but rather write a file per package to `/var/lib/dpkg/status.d/` related to #44 Signed-off-by: Weston Steimel <weston.steimel@gmail.com>	2021-02-27 01:20:44 +00:00
Alex Goodman	1aa8a10f6b	ignore ownership for shared copyright resources Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-02-26 12:30:24 -05:00
Alex Goodman	6d5ff0fd8e	Mark package relations by file ownership (#329 ) * add marking package relations by file ownership Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * correct json schema version; ensure fileOwners dont return dups; pin test pkg versions Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * extract package relationships into separate section Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * pull in client-go features for import of PackageRelationships Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * move unit test for ownership by files relationship further down Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * rename relationship to "ownership-by-file-overlap" Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-02-25 13:47:13 -05:00
Alfredo Deza	05b9d35ee6	python: log a warning when invalid fields in PKG-INFO are found Signed-off-by: Alfredo Deza <adeza@anchore.com>	2021-02-16 15:27:08 -05:00
Alfredo Deza	555376e250	python: test leniency with invalid fields in PKG-INFO Signed-off-by: Alfredo Deza <adeza@anchore.com>	2021-02-16 14:20:07 -05:00
Dan Luhring	1416e3cb7a	Invert if statement to reduce nesting in archive parser Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-27 10:34:52 -05:00
Alex Goodman	bb1facbf81	ensure java parent pkg ref isnt nil when looking for parent matches Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-27 10:12:41 -05:00
Dan Luhring	4576c081b9	Improve output for test case Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-22 15:20:42 -05:00
Dan Luhring	d5779a9822	Clarify debug message for package.json omissions Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-22 15:20:24 -05:00
Dan Luhring	9ec3ad58c8	Update regression test expected value and pin deps Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-22 14:03:50 -05:00
Dan Luhring	176dfdd9c1	Don't create packages unless package.json has name and version Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-22 13:56:54 -05:00
Alex Goodman	6a49717314	add VirtualPath to source.Location Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-05 21:16:42 -05:00
Alex Goodman	06641cfda2	prefer real paths for glob results Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-05 18:48:28 -05:00
Alex Goodman	a5537943fa	keep original dpkg md5sum location Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-05 14:30:05 -05:00
Alex Goodman	fc8b431ea6	duplicate reference readers for duplicate location resolutions Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-05 13:54:39 -05:00
Alex Goodman	bb70b0b43e	Merge pull request #305 from anchore/add-has-path-to-resolver Add HasPath() to Resolver interface for existence check	2021-01-04 19:45:03 -05:00
Alex Goodman	33c27c4f3d	add HasPath() to Resolver interface Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-04 19:39:49 -05:00
Alex Goodman	133d180eec	update gemspec glob to include named spec dirs Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-04 19:33:52 -05:00
Alex Goodman	7f4e8ab97d	Fix symlink resolutions for constituent paths (#304 ) * bump stereoscope to pull in content API refactors Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * incorporate symlink fixes Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * with filetree.File() adjustments Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * regress all-layers scope to not include dead-links + default tests to squashed scope Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * restore all layers resolver glob behavior (custom + lazy link resolution) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * incorporate filetree link resolution options and restore no-follow dead link option for resolvers Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * removed path from lower-level FileTree.File() calls Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump stereoscope to pull in latest link resolution fixes Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * bump doublestar to v2 for directory resolver Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-04 16:41:45 -05:00
Dan Luhring	c2799b35d8	Fix mock resolver interface implementation Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2021-01-04 14:18:51 -05:00
Alex Goodman	d475e6280a	bump stereoscope to pull in content API refactors Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-01-04 14:07:14 -05:00
Dan Luhring	359212e8ee	Disable lint rule prealloc Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-23 11:35:49 -05:00
Dan Luhring	52e719dcb8	Create MockResolver and use to improve python cataloger tests Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-23 11:24:49 -05:00
Dan Luhring	13c289eb7e	Add tests for determining site packages root Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-23 08:22:31 -05:00
Dan Luhring	c1fa701602	Apply lint fix Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-22 17:46:33 -05:00
Dan Luhring	183b8f79d0	Handle site packages based on which egg file is parsed Signed-off-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-22 17:41:27 -05:00
Alfredo Deza	d0d7e849c9	catalogers: Python runtime is not a Python package itself, ignore it Signed-off-by: Alfredo Deza <adeza@anchore.com>	2020-12-22 10:59:43 -05:00
Alex Goodman	6aaf9ee712	Incorporate import changes + add image overwrite option (#294 ) * incorporate import changes + add image overwrite option Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update import tests to account for arbitrary json shape Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2020-12-18 16:59:30 -05:00
Zach Hill	7962002f81	Split dpk source into name and version (#297 ) * Split dpk source into name and version Signed-off-by: Zach Hill <zach@anchore.com> * update dpkg status source name parsing Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Dan Luhring <luhring@users.noreply.github.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>	2020-12-18 14:08:19 -05:00
Alex Goodman	ea162f87f4	update dpkg license to include single-word entries (#298 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Dan Luhring <luhring@users.noreply.github.com>	2020-12-18 12:54:09 -05:00
Zach Hill	9adb57bcb5	Adds globs for .egg-info file for python detection as well as tests (#296 ) * Adds globs for .egg-info file for python detection as well as tests Signed-off-by: Zach Hill <zach@anchore.com> * Fix lint error Signed-off-by: Dan Luhring <dan.luhring@anchore.com> Co-authored-by: Dan Luhring <dan.luhring@anchore.com>	2020-12-18 12:36:25 -05:00

... 20 21 22 23 24 ...

1230 Commits