Alex Goodman
abe5e27b4b
fix: remove race when writing errors in generic cataloger ( #3875 )
...
* fix generic cataloger race
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update race test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-09 17:46:47 +00:00
Alex Goodman
a7816dc9e7
clear devel version for go packages ( #3873 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-09 13:36:52 -04:00
anchore-actions-token-generator[bot]
0b78186a97
chore(deps): update tools to latest versions ( #3871 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-05-09 08:29:20 +00:00
dependabot[bot]
99ef5accc7
chore(deps): bump actions/setup-go from 5.4.0 to 5.5.0 ( #3867 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0aaccfd150...d35c59abb0
2025-05-08 14:27:08 -04:00
dependabot[bot]
d634f1438b
chore(deps): bump actions/setup-go in /.github/actions/bootstrap ( #3868 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0aaccfd150...d35c59abb0
2025-05-08 14:26:57 -04:00
Alex Goodman
1574fb20ae
merge multiple targets for the same dotnet package ( #3869 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-08 15:28:08 +00:00
James Neate
00c4a4e72a
Use package ID from decoded SBOMs when provided ( #1872 )
...
* fix: use package id from cyclonedx when provided
Signed-off-by: James Neate <jamesmneate@gmail.com>
* override package IDs from converted SBOMs
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix typo
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove extractSyftID function
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: James Neate <jamesmneate@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-08 11:25:30 -04:00
bgoareguer
39396cfff9
feat: upgrade base docker image ( #3862 )
...
Signed-off-by: Goareguer Bertrand <bertrand.goareguer@gmail.com>
2025-05-07 14:29:48 +00:00
dependabot[bot]
8aaf36b1ad
chore(deps): bump github.com/github/go-spdx/v2 from 2.3.2 to 2.3.3 ( #3863 )
...
Bumps [github.com/github/go-spdx/v2](https://github.com/github/go-spdx ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/go-spdx/releases )
- [Commits](https://github.com/github/go-spdx/compare/v2.3.2...v2.3.3 )
---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
dependency-version: 2.3.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-07 10:00:05 -04:00
dependabot[bot]
af273002b8
chore(deps): bump golang.org/x/net from 0.39.0 to 0.40.0 ( #3859 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-06 12:12:58 -04:00
Christopher Angelo Phillips
6eff158ad3
chore: update license sort to be stable with contents field ( #3860 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-05-06 11:45:47 -04:00
Alex Goodman
7b25ea5eda
annotate hidden paths in all-layers scope ( #3855 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-06 09:50:04 -04:00
Christopher Angelo Phillips
1ba1186410
fix: use "contents" field and remove "fullText" license field ( #3857 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-05-05 21:40:09 +00:00
GGMU
6db60c5975
Add deep-squashed scope to annotate all layers where a package exists ( #3138 )
...
* add squash all layers resolver
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* add squash with all layers logic
Signed-off-by: tomersein <tomersein@gmail.com>
* add squash with all layers logic
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squashed all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squash with all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* squash with all layers
Signed-off-by: tomersein <tomersein@gmail.com>
* adjust resolver to strictly return squash paths only
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* show all packages have locations + primary evidence
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix race condition in test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* consider access paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: tomersein <tomersein@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-05 14:35:57 -04:00
Kudryavcev Nikolay
e13c9e7813
fix: propagate unarchive error of file source ( #3845 )
...
Signed-off-by: Kudryavcev Nikolay <kydry.nikolau@gmail.com>
2025-05-05 15:37:47 +00:00
Alex Goodman
d47a6c3a6d
Improve support for cataloging nix package relationships ( #3837 )
...
* add nix DB cataloger
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add derivation path to nix store pkg metadata
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* go mod tidy
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* allow for derivation path to be optional
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* repin build image and disable syscall filtering
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump storage capacity
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* track nix derivation details on packages
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* image fixture should have derivation examples
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-05-05 15:35:13 +00:00
anchore-actions-token-generator[bot]
7505a04aad
chore(deps): update tools to latest versions ( #3848 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-05-05 15:26:14 +00:00
anchore-actions-token-generator[bot]
f1620b120a
chore(deps): update CPE dictionary index ( #3851 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-05-05 15:14:28 +00:00
Christopher Angelo Phillips
00f53b1777
chore: upgrade fixtures to use version 4 lockfile ( #3852 )
...
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-05-05 14:38:23 +00:00
dependabot[bot]
3faf43d592
chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17 ( #3846 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.16 to 3.28.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-05 10:23:08 -04:00
Christopher Angelo Phillips
6ba087c72c
fix: Do not use hashes for SPDX license names/expressions ( #3844 )
...
---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
2025-05-02 09:34:08 -04:00
Christopher Angelo Phillips
94e63eb367
feat: detect when full license text has been provided and preserve as separate field ( #3450 )
...
* feat: add full text field to syft license struct
---------
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
2025-05-01 15:00:46 -04:00
dependabot[bot]
4999de4114
chore(deps): bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 ( #3843 )
...
Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/Masterminds/semver/releases )
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Masterminds/semver/compare/v3.3.0...v3.3.1 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/semver/v3
dependency-version: 3.3.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-01 10:06:11 -04:00
anchore-actions-token-generator[bot]
9ecfe9a53c
chore(deps): update tools to latest versions ( #3841 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-05-01 09:29:19 -04:00
Alan Pope
baa1080ef6
Update github.com/Masterminds/semver to v3 ( #3836 )
...
* Update semver to v3. Fixes #3829
Signed-off-by: Alan Pope <alan.pope@anchore.com>
* use single instance of regex obj
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alan Pope <alan.pope@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-30 20:38:12 +00:00
Laurent Goderre
529840bfc0
Add support for PHP Pear ( #2775 )
...
* Add support for PHP Pear and unify PECL with it
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove log statements
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix struct comment
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-30 20:16:58 +00:00
Oleksandr Vodotiiets
78ef2cf53b
fix: Improve detection of erlang binary in alpine Linux ( #3839 )
...
Signed-off-by: Oleksandr Vodotiiets <alex.vodotiiets@gmail.com>
Signed-off-by: Oleksandr Vodotiiets <61548316+avodotiiets@users.noreply.github.com>
2025-04-30 18:50:12 +00:00
VictorHuu
09c3b7cbea
fix:Resolve ancestral symlinks correctly ( #3783 )
...
* Resolve upstream symlinks correctly
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* in case of the root directory
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* for static analysis check pass
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* add unit test cases for the symlink scenarios
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
---------
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
2025-04-30 14:47:32 -04:00
anchore-actions-token-generator[bot]
6dca10fe1f
chore(deps): update CPE dictionary index ( #3834 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-04-30 14:40:52 -04:00
anchore-actions-token-generator[bot]
1ecf1ce7bf
chore(deps): update tools to latest versions ( #3835 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-04-30 14:40:37 -04:00
dependabot[bot]
20ca60de8b
chore(deps): bump github.com/charmbracelet/bubbletea from 1.3.4 to 1.3.5 ( #3838 )
...
Bumps [github.com/charmbracelet/bubbletea](https://github.com/charmbracelet/bubbletea ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/charmbracelet/bubbletea/releases )
- [Changelog](https://github.com/charmbracelet/bubbletea/blob/main/.goreleaser.yml )
- [Commits](https://github.com/charmbracelet/bubbletea/compare/v1.3.4...v1.3.5 )
---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbletea
dependency-version: 1.3.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-30 14:40:00 -04:00
VictorHuu
fa599547a3
fix the fluent-bit regex detection pattern ( #3817 )
...
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
2025-04-25 11:50:45 -04:00
dependabot[bot]
22d8b30813
chore(deps): bump anchore/sbom-action from 0.18.0 to 0.19.0 ( #3832 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](f325610c9f...9f73021414
2025-04-25 11:29:24 -04:00
anchore-actions-token-generator[bot]
a714fb8391
chore(deps): update tools to latest versions ( #3830 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-04-25 09:59:29 -04:00
Alex Goodman
03fa142de9
Resolve owned file paths when searching for overlaps ( #3828 )
...
* resolve owned file paths when searching for overlaps
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* dont remove empty paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-24 21:59:45 +00:00
anchore-actions-token-generator[bot]
4211d79667
chore(deps): update anchore dependencies ( #3827 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2025-04-24 16:03:09 -04:00
VictorHuu
9af087d213
fix: Make the fileresolver Support Prefix Match of Files ( #3820 )
...
* fix the dpkg files pattern detection
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* consider slash before the path is concatenated
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* add test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-24 17:38:05 +00:00
Alex Goodman
5c6c6aa123
Add support for detecting javascript assets in .NET projects using libman ( #3825 )
...
* add support for .NET libman files
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix when no libman detected
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add libman.json docs
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-24 17:11:01 +00:00
anchore-actions-token-generator[bot]
43a85dfb85
chore(deps): update tools to latest versions ( #3823 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-04-24 13:08:32 -04:00
Adam McClenaghan
61a3d1784a
(feat): support skipping archive extraction with file source ( #3795 )
...
Signed-off-by: Adam McClenaghan <adam@mcclenaghan.co.uk>
2025-04-24 12:22:36 -04:00
Alex Goodman
df18edf905
Consider DLL claims for dependencies of .NET packages from deps.json ( #3822 )
...
* consider child dll claims for .NET packages from deps.json
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* make dll claim propagation configurable
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-24 11:59:16 -04:00
Alex Goodman
2dd9d583af
PE cataloger should consider compile target paths from deps.json ( #3821 )
...
* fix PE compile path processing
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* adjust fixture comment
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-24 14:01:53 +01:00
Adam McClenaghan
f6d4a7d27a
Perf: skip license scanner injection ( #3796 )
...
* (perf): allow library users to skip default scanner injection
Signed-off-by: Adam McClenaghan <adam@mcclenaghan.co.uk>
* (perf): remove prints
Signed-off-by: Adam McClenaghan <adam@mcclenaghan.co.uk>
* perf: move to cataloging licenses.go
Signed-off-by: adammcclenaghan <adam.mcclenaghan@upwind.io>
* perf: Simplify to expose a SetContextLicenseScanner func
Signed-off-by: adammcclenaghan <adam.mcclenaghan@upwind.io>
---------
Signed-off-by: Adam McClenaghan <adam@mcclenaghan.co.uk>
Signed-off-by: adammcclenaghan <adam.mcclenaghan@upwind.io>
2025-04-23 16:01:10 -04:00
dependabot[bot]
273d414b6b
chore(deps): bump sigstore/cosign-installer from 3.8.1 to 3.8.2 ( #3818 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.1...v3.8.2 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-version: 3.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-23 11:27:08 -04:00
dependabot[bot]
0a0c2963f4
chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 ( #3819 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.15 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](45775bd823...28deaeda66
2025-04-23 11:25:42 -04:00
anchore-actions-token-generator[bot]
1d7529d01f
chore(deps): update tools to latest versions ( #3815 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2025-04-22 13:10:35 -04:00
Will Murphy
a69f6aec90
docs: document test commands ( #3816 )
...
So that contributors can quickly figure out how to run tests.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2025-04-22 10:23:52 -04:00
Stijn Taelemans
df11561929
Support detection of Chrome binaries ( #3136 )
...
* test: add test cases
Signed-off-by: Stijn Taelemans <taelemansst@gmail.com>
* feat: add classifier for chrome
Signed-off-by: Stijn Taelemans <taelemansst@gmail.com>
---------
Signed-off-by: Stijn Taelemans <taelemansst@gmail.com>
2025-04-21 16:37:15 -04:00
VictorHuu
ab570497b0
fix:allow golang tip image detection regex pattern ( #3757 )
...
* Modify the Regex version matcher for golang in the binary classifiers to make it compatible with golang tip images
Signed-off-by: Victor Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* Preliminary fix the regex matching for golang tip image and add the corresponding unit tests
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* consider VERSION.cache when it comes to golang tip images
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* consider VERSION.cache when it comes to golang tip images
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
---------
Signed-off-by: Victor Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
2025-04-21 14:06:52 -04:00
VictorHuu
ea7e9e696b
fix:Make the parse of the replace part in ``go.mod`` more compliant and traceable ( #3812 )
...
* We only need to replace the name of a GoLang package when the name is a web link
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* make the detection of a localfile path pattern more easy
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* consider the m.New.Version so the granularity is narrowed
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* to pass the static-analysis
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* to pass the static-analysis
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
* add test
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-04-21 17:58:54 +00:00
