Will Murphy
26e87c7cd3
fix format string in search results ( #4775 )
...
Passing '%q' to format strings for integer types is a go vet error in
recent go versions, and likely a bug.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-14 12:59:44 -04:00
Rez Moss
722e3f267b
added deno bin classifiers ( #4677 )
...
Signed-off-by: Rez Moss <hi@rezmoss.com>
2026-04-14 11:33:26 -04:00
nadimz
c09f42e024
feat: support zImage and bzImage in linux-kernel-cataloger ( #4751 )
...
Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com>
2026-04-14 10:02:20 -04:00
Alex Goodman
19b4f41270
pin wolfi cache version ( #4774 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-14 09:15:24 -04:00
nadimz
bcc1f15ceb
feat: OpenLDAP binary classifier ( #4755 )
...
Signed-off-by: Nadim Zubidat <nadimz@users.noreply.github.com>
2026-04-13 16:27:48 -04:00
dependabot[bot]
ce2c56bf06
chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 ( #4750 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) from 1.96.0 to 1.97.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.96.0...service/s3/v1.97.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-version: 1.97.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 15:47:17 -04:00
dependabot[bot]
532fbafe36
chore(deps): bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 ( #4752 )
...
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go ) from 1.40.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
dependency-version: 1.43.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 15:22:53 -04:00
dependabot[bot]
8835af66b0
chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 ( #4737 )
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 14:58:53 -04:00
dependabot[bot]
f4290cb876
chore(deps): bump the actions-minor-patch group across 2 directories with 7 updates ( #4763 )
...
Bumps the actions-minor-patch group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [docker/login-action](https://github.com/docker/login-action ) | `4.0.0` | `4.1.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.23.0` | `0.24.0` |
| [runs-on/action](https://github.com/runs-on/action ) | `2.0.3` | `2.1.0` |
| [actions/download-artifact](https://github.com/actions/download-artifact ) | `8.0.0` | `8.0.1` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) | `4.0.0` | `4.1.1` |
Bumps the actions-minor-patch group with 2 updates in the /.github/actions/bootstrap directory: [actions/setup-go](https://github.com/actions/setup-go ) and [actions/cache](https://github.com/actions/cache ).
Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](b45d80f862...4907a6ddechttps://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](17ae174017...e22c389904https://github.com/runs-on/action/releases )
- [Commits](cd2b598b05...742bf56072https://github.com/actions/download-artifact/releases )
- [Commits](70fc10c6e5...3e5f45b2cfhttps://github.com/sigstore/cosign-installer/releases )
- [Commits](faadad0cce...cad07c2e89https://github.com/actions/setup-go/releases )
- [Commits](4b73464bb3...4a3601121dhttps://github.com/actions/setup-go/releases )
- [Commits](4b73464bb3...4a3601121dhttps://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](cdf6c1fa76...668228422a
2026-04-13 11:39:21 -04:00
dependabot[bot]
990cc3c599
chore(deps): bump github.com/hashicorp/go-getter from 1.8.5 to 1.8.6 ( #4764 )
...
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.5...v1.8.6 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.6
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-13 11:39:08 -04:00
witchcraze
03d6399b0c
fix: update erlang classifier ( #4766 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-04-13 11:31:19 -04:00
anchore-oss-update-bot
1e08f703d0
chore(deps): update CPE dictionary index ( #4767 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-13 11:28:50 -04:00
witchcraze
e420322494
fix: more istio classifier matching ( #4645 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-04-12 10:54:08 -04:00
Benjamin Grandfond
cc3b8eb48f
fix(json): use value alias in Document.UnmarshalJSON to prevent infinite recursion with encoding/json/v2 ( #4748 )
...
The pattern 'type Alias *Document' does not strip methods under
encoding/json/v2 (GOEXPERIMENT=jsonv2), causing UnmarshalJSON to call
itself infinitely until the goroutine stack overflows (1GB limit).
Change to 'type Alias Document' with (*Alias)(d) cast — the standard
Go pattern that works correctly with both encoding/json v1 and v2.
Adds a regression test that uses debug.SetMaxStack to shrink the
goroutine stack limit to 8MB, making the overflow happen in milliseconds
rather than minutes if the recursion is reintroduced.
Ref: https://github.com/golang/go/issues/75361
Signed-off-by: Benjamin Grandfond <benjamin.grandfond@docker.com>
2026-04-10 13:36:07 -04:00
Alex Goodman
d0ee9098cf
bump version ( #4756 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-09 21:11:47 +00:00
Alex Goodman
344d1f47a1
support single arch images without manifests when checking platform ( #4753 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-09 15:54:41 +00:00
anchore-oss-update-bot
f618917527
chore(deps): update CPE dictionary index ( #4745 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-08 13:06:28 -04:00
Will Murphy
99158be0ba
chore: move test fixtures to oss-cache repo ( #4733 )
...
* chore: move test fixtures to oss-cache repo
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* pr feedback: sort vars in taskfile
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 20:50:43 +00:00
Alex Goodman
2089d086fe
chore: update zizmor workflow triggers ( #4732 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 14:56:46 -04:00
Alex Goodman
b0dc65a4fb
improve automation ( #4730 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-02 12:44:54 -04:00
Alex Goodman
611a24fcae
(chore): removing automations ( #4727 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-04-01 14:27:29 -04:00
anchore-oss-update-bot
da601363ed
chore(deps): update CPE dictionary index ( #4726 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-04-01 10:24:27 -04:00
Will Murphy
0d748ec700
chore: cpe index update job needs tools ( #4725 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-01 09:35:17 -04:00
Will Murphy
d60e43f822
chore: move CPE cache to oss-cache repo ( #4723 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-04-01 06:57:47 -04:00
anchore-actions-token-generator[bot]
2884cc77fc
chore(deps): update CPE dictionary index ( #4715 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-31 14:28:15 -04:00
anchore-oss-update-bot
c11a79ef19
chore(deps): update tool versions ( #4706 )
...
Signed-off-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
Co-authored-by: anchore-oss-update-bot <anchore-oss-update-bot@users.noreply.github.com>
2026-03-31 14:06:07 -04:00
Josh Bressers
90198da04d
Add a trust boundary section ( #4716 )
...
Signed-off-by: Josh Bressers <josh@bress.net>
2026-03-30 11:29:37 -05:00
dependabot[bot]
d71b747cd1
chore(deps): bump slackapi/slack-github-action from 2.1.1 to 3.0.1 ( #4684 )
...
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action ) from 2.1.1 to 3.0.1.
- [Release notes](https://github.com/slackapi/slack-github-action/releases )
- [Commits](91efab103c...af78098f53
2026-03-26 11:12:33 -04:00
dependabot[bot]
58a8a95e26
chore(deps): bump marocchino/sticky-pull-request-comment ( #4685 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.9.4 to 3.0.2.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](773744901b...70d2764d1a
2026-03-25 19:27:59 -04:00
dependabot[bot]
78a21b9c88
chore(deps): bump the go-minor-patch group with 2 updates ( #4697 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps ) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite ).
Updates `github.com/gkampitakis/go-snaps` from 0.5.20 to 0.5.21
- [Release notes](https://github.com/gkampitakis/go-snaps/releases )
- [Commits](https://github.com/gkampitakis/go-snaps/compare/v0.5.20...v0.5.21 )
Updates `modernc.org/sqlite` from 1.46.1 to 1.46.2
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.46.1...v1.46.2 )
---
updated-dependencies:
- dependency-name: github.com/gkampitakis/go-snaps
dependency-version: 0.5.21
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
dependency-version: 1.46.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-25 19:27:50 -04:00
dependabot[bot]
7d3882a425
chore(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0 ( #4699 )
...
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token ) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Commits](29824e69f5...f8d387b68d
2026-03-25 19:27:31 -04:00
anchore-actions-token-generator[bot]
673c85754c
chore(deps): update CPE dictionary index ( #4689 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-25 08:38:49 -04:00
Will Murphy
c5114fd745
chore(deps): ignore some dependabot deps ( #4696 )
...
Prevent some packages from being updated.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-24 08:12:50 -04:00
Weston Steimel
f68a7cc899
ci: further pr target code checkout assurances ( #4695 )
...
Signed-off-by: Weston Steimel <author@code.w.steimel.me.uk>
2026-03-24 07:16:16 -04:00
witchcraze
7800b16529
fix: update arangodb classifier and capture-snippet.sh ( #4662 )
...
Signed-off-by: witchcraze <witchcraze@gmail.com>
2026-03-23 16:29:39 -04:00
Keith Zantow
834ddcb1c0
fix: golang version file regex ( #4694 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2026-03-23 15:56:29 -04:00
Weston Steimel
f5d318d934
ci: add explicit ref to main and warning for pull_request_target workflow ( #4693 )
...
Signed-off-by: Weston Steimel <author@code.w.steimel.me.uk>
2026-03-23 16:45:18 +00:00
anchore-actions-token-generator[bot]
8531e1917b
chore(deps): update tools to latest versions ( #4690 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-03-23 12:01:27 -04:00
anchore-actions-token-generator[bot]
860126c650
chore(deps): update anchore dependencies ( #4681 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
2026-03-19 16:44:55 +00:00
Will Murphy
36639f136b
chore(deps): bump github.com/buger/jsonsparser to v1.1.2 ( #4680 )
...
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-19 15:08:18 +00:00
dependabot[bot]
f32238c268
chore(deps): bump the go-minor-patch group with 2 updates ( #4678 )
...
Bumps the go-minor-patch group with 2 updates: [golang.org/x/net](https://github.com/golang/net ) and [golang.org/x/tools](https://github.com/golang/tools ).
Updates `golang.org/x/net` from 0.51.0 to 0.52.0
- [Commits](https://github.com/golang/net/compare/v0.51.0...v0.52.0 )
Updates `golang.org/x/tools` from 0.42.0 to 0.43.0
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.42.0...v0.43.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.52.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
dependency-version: 0.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-19 10:25:19 -04:00
dependabot[bot]
0c8eef65f0
chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 ( #4675 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.79.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:55:30 -04:00
dependabot[bot]
4d42f8af32
chore(deps): bump the go-minor-patch group with 2 updates ( #4674 )
...
Bumps the go-minor-patch group with 2 updates: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter ) and [golang.org/x/mod](https://github.com/golang/mod ).
Updates `github.com/hashicorp/go-getter` from 1.8.4 to 1.8.5
- [Release notes](https://github.com/hashicorp/go-getter/releases )
- [Commits](https://github.com/hashicorp/go-getter/compare/v1.8.4...v1.8.5 )
Updates `golang.org/x/mod` from 0.33.0 to 0.34.0
- [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
dependency-version: 1.8.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
dependency-version: 0.34.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-18 16:13:35 -04:00
Will Murphy
e38851143e
chore: centralize temp files and prefer streaming IO ( #4668 )
...
* chore: centralize temp files and prefer streaming IO
Catalogers that create temp files ad-hoc can easily forget cleanup,
leaking files on disk. Similarly, io.ReadAll is convenient but risks
OOM on large or malicious inputs.
Introduce internal/tmpdir to manage all cataloger temp storage under
a single root directory with automatic cleanup. Prefer streaming
parsers (bufio.Scanner, json/yaml.NewDecoder, io.LimitReader) over
buffering entire inputs into memory. Add ruleguard rules to enforce
both practices going forward.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: go back to old release parsing
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify to limit reader in version check
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* chore: regex change postponed
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
* simplify supplement release to limitreader
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
---------
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-18 10:53:51 -04:00
anchore-actions-token-generator[bot]
a3dacf5ecd
chore(deps): update tools to latest versions ( #4663 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
2026-03-16 11:26:06 -04:00
dependabot[bot]
cccc9bf7f9
chore(deps): bump the go-minor-patch group with 3 updates ( #4669 )
...
Bumps the go-minor-patch group with 3 updates: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ), [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter ) and [golang.org/x/time](https://github.com/golang/time ).
Updates `github.com/google/go-containerregistry` from 0.21.1 to 0.21.2
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.21.1...v0.21.2 )
Updates `github.com/olekukonko/tablewriter` from 1.1.3 to 1.1.4
- [Release notes](https://github.com/olekukonko/tablewriter/releases )
- [Commits](https://github.com/olekukonko/tablewriter/compare/v1.1.3...v1.1.4 )
Updates `golang.org/x/time` from 0.14.0 to 0.15.0
- [Commits](https://github.com/golang/time/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-version: 0.21.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: github.com/olekukonko/tablewriter
dependency-version: 1.1.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: go-minor-patch
- dependency-name: golang.org/x/time
dependency-version: 0.15.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go-minor-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-16 11:25:41 -04:00
dependabot[bot]
59f7725d0d
chore(deps): bump github/codeql-action ( #4670 )
...
Bumps the actions-minor-patch group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 4.32.3 to 4.32.6
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e907b5e64...0d579ffd05
2026-03-16 11:25:27 -04:00
dependabot[bot]
7a6b1575ae
chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 ( #4671 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](c94ce9fb46...b45d80f862
2026-03-16 11:25:16 -04:00
anchore-actions-token-generator[bot]
92a6b36e89
chore(deps): update CPE dictionary index ( #4673 )
...
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
2026-03-16 11:25:05 -04:00
Will Murphy
7158535fe6
chore(tests): fix test fixture build on modern ARM Mac ( #4666 )
...
BUILDPLATFORM is automatically set to the host's platform in new Docker,
so having it defined as an arg results in it being overridden by this
automatic value. Since it was always assigned to a literal string in the
test files, just use that string.
Additionally, image platform is better pulled from the manifest, not the
image config, in containerd store, so try that first.
Additionally, python3 is on PATH on new macs by default, but not python.
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com>
2026-03-11 09:37:40 -04:00
