oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2026-04-04 05:40:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 56a1ab54d2
         chore(deps): update stereoscope to 4b999b76ca8901d15bb97aef445dc94c38d11d5c (#2440) anchore-actions-token-generator[bot] 2023-12-18 06:43:24 -05:00
  • f4dd36ca9d
         fix syft-json test to use pretty json for snapshot testing (#2441) Alex Goodman 2023-12-15 17:23:21 -05:00
  • 17c605822e
         refactor pkg.Collection (#2439) Alex Goodman 2023-12-15 17:11:11 -05:00
  • 4eace4b141
         refactor javascript cataloger to use configuration options when creating packages (#2438) Alex Goodman 2023-12-15 17:11:02 -05:00
  • 05660da8d7
         use single source of truth for archive options (#2437) Alex Goodman 2023-12-15 17:07:55 -05:00
  • 2f378d806e
         fix file digest cataloger when passed coordinates (#2436) Alex Goodman 2023-12-15 14:43:09 -05:00
  • b83cc8485a
         chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0 (#2413) dependabot[bot] 2023-12-14 17:18:37 -05:00
  • 38a12bd91a
         Look for a maven version in a pom from a parent dependency management section (#2423) Colm O hEigeartaigh 2023-12-14 18:15:14 +00:00
  • 649d152548
         Parse Python licenses from LicenseExpression entry in the Wheel Metadata (#2431) Colm O hEigeartaigh 2023-12-14 17:41:41 +00:00
  • f5d5892434
         chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11 (#2430) dependabot[bot] 2023-12-14 12:40:39 -05:00
  • 51831d303c
         chore(deps): bump modernc.org/sqlite from 1.27.0 to 1.28.0 (#2429) dependabot[bot] 2023-12-14 12:38:55 -05:00
  • 09e62c3282
         chore(deps): update tools to latest versions (#2428) anchore-actions-token-generator[bot] 2023-12-14 07:31:44 -05:00
  • d39ef44e40
         Parse Python licenses from LicenseFile entry in the Wheel Metadata (#2331) Colm O hEigeartaigh 2023-12-13 22:46:56 +00:00
  • 8bca0ac39e
         fix: use filepath instead of path for file source exclusions (#2411) Wayne Starr 2023-12-13 15:45:34 -07:00
  • 67dbd1fe4c
         chore(deps): bump github.com/charmbracelet/bubbletea (#2424) dependabot[bot] 2023-12-13 12:21:22 -05:00
  • 402227f0b3
         chore(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2425) dependabot[bot] 2023-12-13 11:45:04 -05:00
  • 2bcf825857
         chore(deps): bump github/codeql-action from 2.22.9 to 2.22.10 (#2426) dependabot[bot] 2023-12-13 11:44:41 -05:00
  • 9cb7c3d350
         chore(deps): bump dawidd6/action-homebrew-bump-formula (#2420) dependabot[bot] 2023-12-12 14:43:43 -05:00
  • e789e0714d
         feat: add the option to retrieve remote licenses for projects defined in a maven pom (#2409) Colm O hEigeartaigh 2023-12-12 19:02:36 +00:00
  • 790ecc6f28
         chore(deps): bump github/codeql-action from 2.22.8 to 2.22.9 (#2400) dependabot[bot] 2023-12-12 13:59:39 -05:00
  • b9462db59e
         chore(deps): bump github.com/saferwall/pe from 1.4.7 to 1.4.8 (#2415) dependabot[bot] 2023-12-11 12:37:20 -05:00
  • bfad9659a8
         chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#2414) dependabot[bot] 2023-12-11 08:58:26 -05:00
  • b345752f49
         chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (#2401) dependabot[bot] 2023-12-11 06:38:05 -05:00
  • ba9dd1d5fd
         chore(deps): update tools to latest versions (#2408) anchore-actions-token-generator[bot] 2023-12-11 06:36:51 -05:00
  • 68f35815d6
         chore(deps): update CPE dictionary index (#2412) anchore-actions-token-generator[bot] 2023-12-11 06:35:58 -05:00
  • 4d4b502174
         fix(java): improve identification for org.codehaus.groovy artifacts (#2404) Weston Steimel 2023-12-08 10:02:01 +00:00
  • ea80f94c0e
         fix(java): improve identification for commons-jelly artifacts (#2399) Weston Steimel 2023-12-07 17:28:21 +00:00
  • 2c145f70b2
         fix(java): improve identification for io.minio artifacts (#2398) Weston Steimel 2023-12-06 21:58:07 +00:00
  • bcc7e90fcc
         fix(java): improve identification for com.graphql-java artifacts (#2397) Weston Steimel 2023-12-06 18:04:43 +00:00
  • fa1baabc05
         chore(deps): update tools to latest versions (#2395) anchore-actions-token-generator[bot] 2023-12-06 10:49:07 -05:00
  • b5906824cb
         chore: enhance java purl generation integration test (#2393) Weston Steimel 2023-12-06 15:31:16 +00:00
  • 16dee41b4b
         feat: add ability to retrieve remote licenses for yarn.lock (#2338) Colm O hEigeartaigh 2023-12-05 18:38:28 +00:00
  • 23778de112
         chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 (#2392) dependabot[bot] 2023-12-05 09:48:40 -05:00
  • 3ba9df4ff3
         Retrieve remote licenses using pom.properties when there is no pom.xml (#2315) Colm O hEigeartaigh 2023-12-05 14:47:40 +00:00
  • bbf223b2c9
         fix(java): improve identification for org.apache.tapestry artifacts (#2384) Weston Steimel 2023-12-04 16:23:40 +00:00
  • b126276f97
         fix(java): improve identification for io.ratpack artifacts (#2379) Weston Steimel 2023-12-04 16:23:26 +00:00
  • 40d766a257
         fix(java): improve identification for org.apache.cassandra artifacts (#2386) Weston Steimel 2023-12-01 15:51:14 +00:00
  • 814960f65a
         fix(java): improve identification for org.neo4j.procedure artifacts (#2388) Weston Steimel 2023-12-01 15:50:24 +00:00
  • 00f3b44e6f
         fix(java): improve identification for org.neo4j.procedure artifacts improve-org.neo4j.procedure-java-artifact-identification Weston Steimel 2023-12-01 14:24:49 +00:00
  • 13758260dd
         fix: bump fangs for ptr summarize fix (#2387) William Murphy 2023-12-01 09:37:42 -05:00
  • 11039f4b4e
         fix(java): improve identification for org.elasticsearch artifacts (#2383) Weston Steimel 2023-12-01 14:22:33 +00:00
  • 413ffdb233
         fix(java): improve identification for org.apache.geode artifacts (#2382) Weston Steimel 2023-12-01 12:48:15 +00:00
  • e53fe51612
         fix(java): improve identification for org.apache.tomcat.embed artifacts (#2381) Weston Steimel 2023-12-01 12:13:13 +00:00
  • facbc486a8
         fix(java): improve identification for io.projectreactor.netty artifacts (#2378) Weston Steimel 2023-12-01 12:09:06 +00:00
  • 5d42a349e6
         fix(java): improve identification for org.eclipse.platform artifacts (#2349) Weston Steimel 2023-11-30 21:02:03 +00:00
  • 4adfbeb5f0
         Generalize UI events for cataloging tasks (#2369) Alex Goodman 2023-11-30 11:25:50 -05:00
  • b943da6433
         chore(deps): update tools to latest versions (#2376) anchore-actions-token-generator[bot] 2023-11-30 09:25:02 -05:00
  • e8119acf93
         chore(deps): bump github.com/google/go-containerregistry (#2377) dependabot[bot] 2023-11-30 09:24:25 -05:00
  • 06b9a79e3d
         chore: fix tests failing due to Mac Rosetta cache (#2374) Laurent Goderre 2023-11-29 13:39:28 -05:00
  • ef5c1651ef
         fix: improve dotnet portable executable identification (#2133) Keith Zantow 2023-11-29 12:51:24 -05:00
  • 5e75fcf49d [wip] add support for linux/arm64 for java openjdk binary classifier support-arm-java-openjdk-pattern Alex Goodman 2023-11-29 10:23:31 -05:00
  • 5c8dd4c3a7
         fix file metadata cataloger to use resolved locations (#2370) v0.98.0 Alex Goodman 2023-11-29 09:42:34 -05:00
  • f5a6b5a02f
         fix: logging level for parsing potential PE files (#2367) Keith Zantow 2023-11-28 22:42:22 -05:00
  • c379d21e9a
         only remove breaking-change label when there are schema changes (#2371) Alex Goodman 2023-11-28 17:59:04 -05:00
  • a50a0f77d2
         fix: capture root command stdout (#2364) Keith Zantow 2023-11-28 15:04:28 -05:00
  • ea4a6747eb
         fix: hardcode xalan group ID (#2368) William Murphy 2023-11-28 14:40:03 -05:00
  • 1cfc4c7387
         Normalize cataloger configuration patterns (#2365) Alex Goodman 2023-11-28 12:02:43 -05:00
  • 4d0da703bf
         normalize enums to lowercase with hyphens (#2363) Alex Goodman 2023-11-28 11:02:20 -05:00
  • 4ee6be3777
         chore(deps): update tools to latest versions (#2358) anchore-actions-token-generator[bot] 2023-11-28 10:22:57 -05:00
  • 5d44e49d2f
         chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#2361) dependabot[bot] 2023-11-28 10:22:21 -05:00
  • 5dd3b127b0
         chore(deps): bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 (#2362) dependabot[bot] 2023-11-28 10:21:59 -05:00
  • ce4b31757a
         fix: index file itself when file scan path has symlink (#2359) William Murphy 2023-11-28 09:41:28 -05:00
  • c08b0990ca
         chore(deps): bump github/codeql-action from 2.22.7 to 2.22.8 (#2351) dependabot[bot] 2023-11-24 06:42:30 -05:00
  • 8ee209a5ae
         use read lock in pkg collection (#2341) Alex Goodman 2023-11-21 13:48:25 -05:00
  • 4712246897
         Fix the attest command (#2337) Alex Goodman 2023-11-21 13:29:58 -05:00
  • ebeb768f59
         fix: add manual namespace mapping for org.springframework jars (#2345) Weston Steimel 2023-11-21 18:28:10 +00:00
  • d4733fac1d
         Add binary classifiers for MySQL and MariaDB (#2316) Duane May 2023-11-21 11:54:41 -05:00
  • 34774a0e10
         Enhance redis binary classifier (#2329) David Dooling 2023-11-21 10:24:59 -06:00
  • 1c582f0aa5
         chore(deps): bump anchore/sbom-action from 0.14.3 to 0.15.0 (#2344) dependabot[bot] 2023-11-21 11:12:43 -05:00
  • 8c1f087fd7 wip rename-top-level-json-fields Alex Goodman 2023-11-21 10:13:09 -05:00
  • 9d766c0325
         fix: add manual namespace mapping for org.springframework.security jars (#2343) Weston Steimel 2023-11-21 13:46:34 +00:00
  • 5751b43608
         fix: add manual namespace mapping for org.bouncycastle jars (#2342) Weston Steimel 2023-11-21 13:17:07 +00:00
  • 51d015d5ea
         Update developer docs to represent the current package layout (#2340) Alex Goodman 2023-11-20 15:06:18 -05:00
  • 5565bdef0c
         Remove the power-user command and related catalogers (#2306) Alex Goodman 2023-11-20 10:44:28 -05:00
  • 1676934c63
         Add "pretty" json configuration and change default behavior to be space-efficient (#2275) Alex Goodman 2023-11-20 10:29:34 -05:00
  • 7cfb5f630a
         chore(deps): update stereoscope to 3610f4ef3e83e8ff2edf8859e8916bce326fa260 (#2336) v0.97.1 anchore-actions-token-generator[bot] 2023-11-17 20:53:01 +00:00
  • ba80e490c2
         feat: allow for stdout to be buffered on each command (#2335) Christopher Angelo Phillips 2023-11-17 14:14:13 -05:00
  • 1c787f436f
         fix: prevent writing non-report output to stdout (#2324) v0.97.0 Keith Zantow 2023-11-16 17:45:25 -05:00
  • c7eb3f4c93
         chore(deps): bump github/codeql-action from 2.22.6 to 2.22.7 (#2332) dependabot[bot] 2023-11-16 09:22:23 -05:00
  • 11a8cde8e4
         export metadata type helper (#2328) Alex Goodman 2023-11-15 14:05:18 -05:00
  • dcd062cffb
         fix(java): add manual groupid mappings for org.apache.velocity jars (#2327) Weston Steimel 2023-11-15 17:44:36 +00:00
  • b9294976ef
         fix(java): skip maven bundle plugin logic if vendor id and symbolic name match (#2326) Weston Steimel 2023-11-15 17:44:15 +00:00
  • 3e8a2304e8
         Refine license searching from groupIDFromJavaMetadata to allow for having the artfactId in the groupId (#2313) Colm O hEigeartaigh 2023-11-15 15:04:31 +00:00
  • e04d90fc9a
         chore(deps): update tools to latest versions (#2325) anchore-actions-token-generator[bot] 2023-11-15 10:02:27 -05:00
  • 0f39917999
         chore(deps): update tools to latest versions (#2318) anchore-actions-token-generator[bot] 2023-11-14 12:01:47 -05:00
  • 0652998b9b
         Add license for golang stdlib (#2317) Colm O hEigeartaigh 2023-11-14 16:53:07 +00:00
  • 43bdf6e1b2
         chore(deps): bump github/codeql-action from 2.22.5 to 2.22.6 (#2321) dependabot[bot] 2023-11-14 11:35:59 -05:00
  • 9aa9e0e09a
         docs: Update README.md for dotnet-portable-executable (#2322) Benji Visser 2023-11-14 07:37:56 -08:00
  • 7ccbadff34
         Fall back to searching maven central using groupIDFromJavaMetadata (#2295) Colm O hEigeartaigh 2023-11-11 03:02:53 +00:00
  • 3f13d209a5
         rename file.Location.VirtualPath to AccessPath (#2288) Alex Goodman 2023-11-09 11:30:08 -06:00
  • baa3dc74d3
         chore(deps): update tools to latest versions (#2308) anchore-actions-token-generator[bot] 2023-11-09 08:07:59 -08:00
  • 58f310c390
         chore(deps): bump github.com/gkampitakis/go-snaps from 0.4.11 to 0.4.12 (#2310) dependabot[bot] 2023-11-09 08:06:50 -08:00
  • a383239217
         chore(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 (#2311) dependabot[bot] 2023-11-09 08:06:19 -08:00
  • 0891d35e07
         include image labels in cycloneDX SBOM (#2294) v0.96.0 Benji Visser 2023-11-08 15:13:04 -08:00
  • 502971a1b2
         Add accessPath on Location objects to syft-json output (#2287) Alex Goodman 2023-11-08 17:05:30 -06:00
  • dc14dbb326
         SPDX file has duplicate sha256 tag in versionInfo (#2300) Colm O hEigeartaigh 2023-11-08 22:49:31 +00:00
  • bae5a2e741
         Check maven central as well for licenses in parents poms for nested jars (#2302) Colm O hEigeartaigh 2023-11-08 18:26:12 +00:00
  • 220655743b
         chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#2293) dependabot[bot] 2023-11-08 10:23:40 -08:00
  • 9fce006b8f
         chore(deps): update tools to latest versions (#2301) anchore-actions-token-generator[bot] 2023-11-08 09:33:59 -08:00
  • d91c2dd842
         fix: identify cyclone-json without $schema (#2303) Keith Zantow 2023-11-08 11:54:22 -05:00