oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2026-05-24 14:15:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 1e3ffbebb9
         Update Stereoscope to 5bd627c0f9ce7facbd63ed1f0cf894d97021aa5e (#1072) anchore-actions-token-generator[bot] 2022-06-29 10:18:41 -04:00
  • 0853825931
         fix: add new languages found in cpes (#1069) cpendery 2022-06-28 10:05:13 -04:00
  • 73262c7258
         fix: add php catalogers to all catalogers (#1065) cpendery 2022-06-27 10:53:10 -04:00
  • 2b8e15b638
         feat: add use-all-catalogers flag (#1050) cpendery 2022-06-27 10:24:45 -04:00
  • d5e12ff89c
         Updates parsing of yarn.lock to use resolved URLs that are pulled from yarn and npm registries (#926) v0.49.0 Miki 2022-06-24 08:05:25 -07:00
  • bafc66a5e7
         remove OSS Meetup message (#1057) Christopher Angelo Phillips 2022-06-23 14:07:23 -04:00
  • 1d14f22e45
         add pom.xml cataloger (#1055) Jonas Xavier 2022-06-22 11:19:10 -07:00
  • 3f6afd572a
         Add support for CBL-Mariner distroless images (#1045) Tom Fay 2022-06-21 18:27:03 +01:00
  • ea611dab5f
         Add catalogers configuration (#1038) Alex Goodman 2022-06-21 09:06:25 -04:00
  • aed1599c4d
         add template output (#1051) Jonas Xavier 2022-06-17 11:04:31 -07:00
  • 03e37044d4
         update stereoscope to latest version (#1052) v0.48.1 Christopher Angelo Phillips 2022-06-16 14:56:33 -04:00
  • 9e72771b85
         update zip_read_closer to incorporate zip64 support (#1041) v0.48.0 Christopher Angelo Phillips 2022-06-16 10:43:18 -04:00
  • e72d68b0c6
         Add pacman (alpm) parser support (#943) Morten Linderud 2022-06-13 20:51:37 +02:00
  • f15d4a9984
         Update of README.md (#1027) v0.47.0 marcinbojko 2022-06-08 23:39:22 +02:00
  • b8d1a46e7e
         bump cosign to v1.9.0 to resolve reporting of GHSA-66x3-6cw3-v5gj (#1025) Weston Steimel 2022-06-08 15:51:10 +00:00
  • f35a252ecf
         add workflows to test new project automation (#1023) Christopher Angelo Phillips 2022-06-08 09:42:53 -04:00
  • b06a2d4f27
         add task id to constructor api-wip Alex Goodman 2022-06-07 17:44:24 -04:00
  • a5dd485672
         add configurable task collection backend Alex Goodman 2022-06-06 22:02:39 -04:00
  • 05be9e25ce
         improve LanguageByName and add unit tests (#1034) Weston Steimel 2022-06-07 13:09:09 +00:00
  • 5e2ab0874d
         Read Description from dpkg status files (#996) Ryan Moran 2022-06-06 13:59:35 -07:00
  • fb699496a8
         Add announcement for Anchore OSS Virtual Meetup (#1033) briankoe741 2022-06-06 15:26:05 -05:00
  • 0aea55f880
         add main module field to go bin metadata (#1026) Jonas Xavier 2022-06-03 16:12:09 -07:00
  • caff67289a
         Add filters to package cataloger (#1021) Jonas Xavier 2022-06-03 10:17:43 -07:00
  • 82de24cf7c
         change draft to false for release process (#1016) Christopher Angelo Phillips 2022-06-01 11:55:33 -04:00
  • 3db3efacdc
         Support RPM distros with newer RPM db formats (#1018) Tom Fay 2022-05-31 22:25:22 +01:00
  • 6ccd460e59
         fix: add component list to prevent cyclone-dx panic (#1015) cpendery 2022-05-26 13:44:12 -04:00
  • 7cb8e1fc14
         Use SBOM descriptor version (#1011) v0.46.3 Jonas Xavier 2022-05-25 14:40:08 -07:00
  • c990f425a6
         Longer CPEs for golang modules to avoid false positives (#1006) Jonas Xavier 2022-05-23 10:39:34 -07:00
  • d41afe05eb
         Malformed licenses field in package json warn not skip (#1004) v0.46.2 mikey strauss 2022-05-19 23:10:34 +03:00
  • 0f5a9eed09
         bump stereoscope version to include source path fix (#1005) Jonas Xavier 2022-05-18 13:53:53 -07:00
  • 8420612724
         bump cosign to v1.8.0 (#1003) Weston Steimel 2022-05-18 17:17:21 +01:00
  • 03ee4fdf5e
         add integration tests for validating CycloneDX output using cyclonedx-cli (#1000) v0.46.1 Christopher Angelo Phillips 2022-05-12 12:56:04 -04:00
  • 91e2fd8532
         Fix potential race condition during event subscription (#993) v0.46.0 Keith Zantow 2022-05-11 18:35:55 -04:00
  • 24f08e7738
         Convert between SBOM formats (#964) Jonas Xavier 2022-05-09 17:28:33 -07:00
  • a83506628c
         Add README updates for Keyless features (#988) Christopher Angelo Phillips 2022-05-09 12:07:28 -04:00
  • 42f8601919
         Fix tests: add timeout to long-running failures, update SPDX license list (#989) Jonas Xavier 2022-05-09 08:48:44 -07:00
  • d2d532f4a8
         835 - Keyless Support for SBOM Attestations (#910) Christopher Angelo Phillips 2022-05-06 18:06:32 -04:00
  • 1cea0ecd5c
         feat: add initial dotnet-support (#951) Christian Kotzbauer 2022-05-05 21:32:02 +02:00
  • d2f053bc71
         unblock timeout for power-user select CLI tests (#985) Alex Goodman 2022-05-05 11:12:11 -04:00
  • 2fc344aba4
         golang cataloger - main module version as is (#986) Jonas Xavier 2022-05-05 00:01:00 -07:00
  • 8b6c576d78
         Fix github-json output option (#967) Steven Maude 2022-05-05 01:25:40 +01:00
  • ab289933da
         read Go main module version as is - (devel) (#981) Jonas Xavier 2022-05-04 10:47:13 -07:00
  • 37927b8b23
         reduce logging severity for non-Go binaries (#983) v0.45.1 Dan Luhring 2022-05-03 09:38:14 -04:00
  • 03d51c36d0
         golang.org/x/crypto upgrade (#979) Christopher Angelo Phillips 2022-05-02 17:33:40 -04:00
  • 0bd3558fb2
         reduce noise of log output (#976) Dan Luhring 2022-05-02 10:54:30 -04:00
  • 4ce2edda9e
         add version info and remove double config call (#977) Christopher Angelo Phillips 2022-05-02 10:54:10 -04:00
  • 36973021fa
         Rename syft-id to package-id (#970) v0.45.0 Sambhav Kothari 2022-04-29 16:18:45 +01:00
  • 7d8ea39ee5
         update to cyclonedx-go 0.5.2 (#971) Christian Köberl 2022-04-28 16:42:12 +02:00
  • 6029dd7c2e
         refactor command package to remove globals and add dependency injection Christopher Angelo Phillips 2022-04-26 14:23:03 -04:00
  • 7304bbf8ee
         fix: #953 Derive language from pURL - https://github.com/anchore/syft… (#957) Jon McEwen 2022-04-26 16:51:24 +01:00
  • c270ee2a02
         Fix typo in CPE-parsing error (#966) Rob Dimsdale-Zucker 2022-04-22 12:08:44 -04:00
  • 172ecc0d77
         Preserve syft IDs on SBOM decode (#963) Alex Goodman 2022-04-18 14:10:55 -04:00
  • 248023baaf
         Update GitHub format package_url and correlator (#961) v0.44.1 Keith Zantow 2022-04-15 13:00:06 -04:00
  • b7295b79de
         Ensure SPDXIDs are valid (#955) Keith Zantow 2022-04-14 15:07:23 -04:00
  • 321eddf874
         Auto-PR needs to run go mod tidy (#958) Keith Zantow 2022-04-13 16:30:35 -04:00
  • 25bf679f8f
         Add workflow for automatic PR for new stereoscope updates (#954) Keith Zantow 2022-04-13 13:20:40 -04:00
  • 02a8fb6f8c
         Minor readme update to correct format information (#948) Keith Zantow 2022-04-12 17:16:47 -04:00
  • b46d044d7e
         Update spdx22json to only take uppercase checksum algorithm (#946) v0.44.0 Christopher Angelo Phillips 2022-04-11 14:56:04 -04:00
  • 15e45a8ce1
         add additional vendors for springframework (#945) Weston Steimel 2022-04-11 13:38:52 +00:00
  • 782b2e3348
         Add digest property to parent and nested java package metadata (#941) Christopher Angelo Phillips 2022-04-08 15:12:32 -04:00
  • 1c2254f5cf
         hide digests for rpm dirs hide-digest-for-dirs Alex Goodman 2022-04-08 08:57:59 -04:00
  • e415bb21e7
         Update write permissions and log into ghcr.io for release (#942) v0.43.2 Alex Goodman 2022-04-06 17:15:55 -04:00
  • 748cfbf006
         Retry auth URL lookup without docker credentialhelper workaround (#939) v0.43.1 Alex Goodman 2022-04-06 12:27:13 -04:00
  • 078dbedfb6
         separate CPE definitions from capabilities Alex Goodman 2022-04-02 00:05:25 -04:00
  • 8bc5d84481
         Ensure that all cyclonedx components have bom-refs (#914) Sambhav Kothari 2022-04-01 17:19:30 +01:00
  • 68b7ad9770
         Additionally publish docker images to GHCR (#934) Alex Goodman 2022-04-01 11:30:21 -04:00
  • 1aeda6bb50
         use filepath.Base() instead of path.Base() for temp files (#882) Oscar Hallgren 2022-04-01 16:42:22 +02:00
  • f24bbc1838
         Deduplicate packages across multiple container image layers (#930) v0.43.0 Alex Goodman 2022-03-31 15:45:51 -04:00
  • cb3e73e308
         Add dart support (#919) Eric Larssen 2022-03-31 14:44:55 -05:00
  • f157d7a862
         Pull from DockerHub fails for public images when using SSO (#928) Alex Goodman 2022-03-30 13:32:49 -04:00
  • 028cd9e27e
         Fix nil pointer dereference in directory resolver's indexPath method (#924) Dan Luhring 2022-03-28 13:15:09 -04:00
  • 5549939cc6
         Fixups and clarifications in README (#920) Dan Luhring 2022-03-25 11:36:43 -04:00
  • 47ea910868
         Remove announcement for OSS Meetup (#915) briankoe741 2022-03-24 19:17:14 -05:00
  • a7db43f5ec
         Fix panic on empty sbom (#917) v0.42.4 Dan Luhring 2022-03-24 10:11:51 -04:00
  • cc2c0e57a0
         bump strset version to fix 386 builds (#911) v0.42.3 Alex Goodman 2022-03-23 14:34:54 -04:00
  • 5253da4b36
         Rollback referencing docker config items (#912) Alex Goodman 2022-03-23 14:33:41 -04:00
  • 9f60d32369
         migrate source.FileResolver to the file package Alex Goodman 2022-03-22 20:50:05 -04:00
  • a3dc0fa97d
         rename location.VirtualPath to AccessPath Alex Goodman 2022-03-22 18:24:50 -04:00
  • f999604a29
         migrate location and file metadata to the file package Alex Goodman 2022-03-22 18:21:35 -04:00
  • a49c7e3c53
         migrate filename glob helpers to internal Alex Goodman 2022-03-22 17:41:02 -04:00
  • b3ca75646c
         keep file catalogers separate from file-related definitions Alex Goodman 2022-03-22 17:18:36 -04:00
  • 3308079158
         export event monitor structs but not behavior Alex Goodman 2022-03-22 16:05:45 -04:00
  • c0b547bdb2
         Less verbose logging in Golang Cataloger (#904) v0.42.2 Jonas Xavier 2022-03-22 10:19:18 -07:00
  • cffcaf5984
         Improve docker config support (#906) Alex Goodman 2022-03-22 11:02:54 -04:00
  • 7f9edf346a
         Bump golangci-lint to 1.45.0 (#909) Alex Goodman 2022-03-22 11:02:36 -04:00
  • 1279bd0b08
         add additional package catalger append option Alex Goodman 2022-03-22 10:48:16 -04:00
  • a644a45ef4
         Correct go.mod to enforce go 1.18 (#897) j-k 2022-03-21 19:38:32 +00:00
  • 283db88dc4
         Omit H1Digest when empty (#902) v0.42.1 Jonas Xavier 2022-03-21 11:59:10 -07:00
  • 03e193e577
         Add platform option to the README (#889) Alex Goodman 2022-03-21 12:02:15 -04:00
  • 069aa68b63
         Fix image cleanup when there is an error (#905) Alex Goodman 2022-03-21 10:48:11 -04:00
  • 9240860f44
         Correct ID handling during Syft JSON decoding (#900) Keith Zantow 2022-03-18 17:03:26 -04:00
  • 4231f38fa2
         add case to decode GolangBinMetadata for syftjson model (#901) Christopher Angelo Phillips 2022-03-18 15:15:10 -04:00
  • 752b03b2d6
         Remove commit signing requirement (#899) Dan Luhring 2022-03-18 12:48:00 -04:00
  • 99c3339810
         Fix CycloneDX license decoding panic (#898) Keith Zantow 2022-03-18 09:44:51 -04:00
  • f4734d28b3
         Fix panic when CycloneDX BOM missing metadata.component (#895) v0.42.0 Keith Zantow 2022-03-17 10:22:35 -04:00
  • 6ef3e45ffc
         Use go 1.18 buildinfo to catalog binaries (#827) Jonas Xavier 2022-03-16 17:07:02 -07:00
  • ee0a1d172c
         panic parsing cyclonedx (#892) v0.41.6 Keith Zantow 2022-03-16 09:10:44 -04:00
  • b9b3ccecf9
         Update register link text (#891) v0.41.5 Keith Zantow 2022-03-15 13:02:33 -04:00
  • 95271fb10d
         NPM PURLs are invalid (#832) mikey strauss 2022-03-15 17:54:33 +02:00
  • 93d2d57cd3
         update README with OSS Meetup information (#890) Christopher Angelo Phillips 2022-03-15 11:37:56 -04:00