oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2026-02-12 02:26:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • a400c675fc
         feat: license file search (#4327) Keith Zantow 2025-11-03 14:16:05 -05:00
  • 7c154e7c37
         use official action for token generation (#4331) Alex Goodman 2025-11-03 13:08:42 -05:00
  • 4c93394bc2
         chore(deps): update anchore dependencies (#4330) v1.37.0 anchore-actions-token-generator[bot] 2025-11-03 12:44:07 -05:00
  • 3e4e82f03e
         Canonicalize Ghostscript CPE/PURL for ghostscript packages from PE Binaries (#4308) kdt523 2025-11-03 20:24:48 +05:30
  • 793b0a346f
         chore(deps): bump github/codeql-action from 4.31.1 to 4.31.2 (#4325) dependabot[bot] 2025-11-03 09:11:20 -05:00
  • a0dac519db
         chore(deps): bump github.com/hashicorp/go-getter from 1.8.2 to 1.8.3 (#4326) dependabot[bot] 2025-11-03 09:11:12 -05:00
  • 34f5e521c1
         chore(deps): bump modernc.org/sqlite from 1.39.1 to 1.40.0 (#4329) dependabot[bot] 2025-11-03 09:11:05 -05:00
  • 774b1e97b9
         chore(deps): bump github/codeql-action from 4.31.0 to 4.31.1 (#4321) dependabot[bot] 2025-10-30 13:19:57 -04:00
  • 538430d65d
         describe cataloger capabilities via test observations (#4318) Alex Goodman 2025-10-30 13:19:42 -04:00
  • 5db3a9bf55
         add workflow to create PR for spdx license list updates (#4319) Alex Goodman 2025-10-30 12:14:13 -04:00
  • efc2f0012c
         fix: go binary replace handling in path (#4156) Stepan 2025-10-29 18:59:47 +03:00
  • c5c1454848
         feat(java): Add support for .far (Feature Archive) files (#4193) kyounghoonJang 2025-10-30 00:41:27 +09:00
  • f5c765192c
         Refactor fileresolver to not require base path (#4298) Kudryavcev Nikolay 2025-10-29 17:41:18 +03:00
  • 728feea620
         ci: use apple creds before pushing tags (#4313) Will Murphy 2025-10-29 10:07:47 -04:00
  • 45fb52dca1
         chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.6.8 to 6.6.9 (#4315) dependabot[bot] 2025-10-29 10:06:37 -04:00
  • 45bf8b14ab
         fix: omit records with empty PURL in GitHub format (#4312) Rez Moss 2025-10-28 18:34:10 -04:00
  • 9478cd974b
         docs: update template link in README.md (#4306) Brian Muenzenmeyer 2025-10-28 10:29:07 -05:00
  • 0d9ea69a66
         Respect "rpmmod" PURL qualifier (#4314) Will Murphy 2025-10-28 09:35:11 -04:00
  • bee78c0b16
         chore(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (#4310) dependabot[bot] 2025-10-27 10:43:04 -04:00
  • 88bbcbe9c6
         chore(deps): bump anchore/sbom-action from 0.20.8 to 0.20.9 (#4305) dependabot[bot] 2025-10-27 02:03:09 -04:00
  • e0680eb704
         chore(deps): update tools to latest versions (#4307) anchore-actions-token-generator[bot] 2025-10-27 02:02:47 -04:00
  • 16f851c5d9
         feat: include .rar files as Java archives for Java resource adapters (#4137) Marc 2025-10-24 17:55:02 +02:00
  • d5ca1ad543
         fix: ignore dpkg entries with "deinstall" status (#4231) Ross Kirk 2025-10-23 21:23:58 +01:00
  • 51159ce204
         chore: update tests ignore_deinstall_status Keith Zantow 2025-10-23 15:00:05 -04:00
  • 7c644ea3d1
         chore: update tests & naming conventions Keith Zantow 2025-10-23 14:14:23 -04:00
  • 8be463911c
         chore(deps): update tools to latest versions (#4302) v1.36.0 v1.35.0 anchore-actions-token-generator[bot] 2025-10-22 09:38:18 -04:00
  • 44b7b0947c
         chore(deps): bump github.com/github/go-spdx/v2 from 2.3.3 to 2.3.4 (#4301) dependabot[bot] 2025-10-21 09:34:26 -04:00
  • 675075e882
         chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (#4299) dependabot[bot] 2025-10-20 10:08:39 -04:00
  • 31b2c4c090
         support universal (fat) mach-o binary files (#4278) JoeyShapiro 2025-10-17 12:41:59 -05:00
  • 07029ead8a
         chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4296) dependabot[bot] 2025-10-17 10:22:20 -04:00
  • f4de1e863c
         chore(deps): bump anchore/sbom-action from 0.20.7 to 0.20.8 (#4297) dependabot[bot] 2025-10-17 10:22:10 -04:00
  • 538b4a2194
         convert posix path back to windows (#4285) JoeyShapiro 2025-10-17 08:29:06 -05:00
  • fc74b07369
         Remove duplicate image source providers (#4289) Kudryavcev Nikolay 2025-10-16 23:19:11 +03:00
  • 6627c5214c
         chore(deps): bump anchore/sbom-action from 0.20.6 to 0.20.7 (#4293) dependabot[bot] 2025-10-16 13:57:17 -04:00
  • c0f32e1dba
         feat: add option to fetch remote licenses for pnpm-lock.yaml files (#4286) Tim Olshansky 2025-10-16 09:23:06 -07:00
  • e923db2a94
         Add PDM parser (#4234) Pavel Buchart 2025-10-16 14:50:44 +02:00
  • 0c98a364d5
         chore(deps): update tools to latest versions (#4291) v1.34.2 anchore-actions-token-generator[bot] 2025-10-16 07:02:32 -04:00
  • 4343d04652
         fix: panic during java archive maven resolution (#4290) Keith Zantow 2025-10-16 07:00:31 -04:00
  • 065ac13ab7
         Extract zip archive with multiple entries (#4283) Kudryavcev Nikolay 2025-10-15 19:05:05 +03:00
  • e9a8bc5ab9
         chore: update to use old configuration on new cosign (#4287) v1.34.1 Christopher Angelo Phillips 2025-10-15 11:12:20 -04:00
  • 6d790ec6ec
         chore(deps): update anchore dependencies (#4282) v1.34.0 anchore-actions-token-generator[bot] 2025-10-14 22:09:17 +00:00
  • 1d5bcc553a
         chore(deps): bump github.com/mholt/archives from 0.1.3 to 0.1.5 (#4280) dependabot[bot] 2025-10-14 14:22:00 -04:00
  • d22914baf5
         add docs to configs (#4281) Alex Goodman 2025-10-14 13:58:31 -04:00
  • 760bd9a50a
         feat: Pom xml only archive parser (#4272) Doug Clarke 2025-10-13 15:59:08 -04:00
  • 2d1ada1d00
         fix: enhance setup.py parser to handle unquoted dependencies (#4255) Hala Ali 2025-10-13 15:10:42 -04:00
  • acb244e15e
         fix: lint-fix upgrade-deprecated-archiver Christopher Phillips 2025-10-13 12:17:26 -04:00
  • 3f14eb7eaf
         fix: protect against traversal in file source Christopher Phillips 2025-10-13 12:11:59 -04:00
  • 8ffe15c710
         chore(deps): bump golang.org/x/tools from 0.37.0 to 0.38.0 (#4265) dependabot[bot] 2025-10-13 11:50:59 -04:00
  • 89948dfa51
         chore(deps): bump golang.org/x/mod from 0.28.0 to 0.29.0 (#4266) dependabot[bot] 2025-10-13 11:50:49 -04:00
  • 1a58f27f87
         chore(deps): update tools to latest versions (#4274) anchore-actions-token-generator[bot] 2025-10-13 11:50:41 -04:00
  • 450cd72da5
         chore(deps): bump modernc.org/sqlite from 1.39.0 to 1.39.1 (#4276) dependabot[bot] 2025-10-13 11:50:25 -04:00
  • 5056c7f861
         chore(deps): bump github/codeql-action from 4.30.7 to 4.30.8 (#4277) dependabot[bot] 2025-10-13 10:47:50 -04:00
  • 4ae8f73583
         migrate json schema generation (#4270) Alex Goodman 2025-10-10 10:16:28 -04:00
  • 18e789c4fd
         chore(deps): bump github.com/gohugoio/hashstructure from 0.5.0 to 0.6.0 (#4267) dependabot[bot] 2025-10-09 15:10:47 -04:00
  • 7d4680bc08
         chore(deps): bump golang.org/x/net from 0.45.0 to 0.46.0 (#4268) dependabot[bot] 2025-10-09 15:10:36 -04:00
  • 231f04ae0e
         feat: Parse pnpm v9 lockfiles (#4256) Bernardo de Araujo 2025-10-09 15:07:59 -04:00
  • 3b82a3724a
         chore(deps): bump github/codeql-action from 3.30.6 to 4.30.7 (#4262) dependabot[bot] 2025-10-08 16:44:21 -04:00
  • 337a2754e5
         chore(deps): bump golang.org/x/net from 0.44.0 to 0.45.0 (#4263) dependabot[bot] 2025-10-08 16:44:13 -04:00
  • 190f3068d8
         chore(deps): update tools to latest versions (#4261) anchore-actions-token-generator[bot] 2025-10-08 16:44:05 -04:00
  • bd013fe99a
         docs: Fix typos and linguistic errors in documentation (#4257) Sebastien Dionne 2025-10-06 10:22:22 -04:00
  • c732052cf1
         feat(cpegenerate): add support for binary package digit-suffix variations in CPE generation (#4093) Parthib Mukherjee 2025-10-06 19:39:38 +05:30
  • 8f1d45830d
         chore(deps): bump github.com/iancoleman/orderedmap (#4258) dependabot[bot] 2025-10-06 10:06:28 -04:00
  • ea7dc8f468
         chore(deps): bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.3 (#4259) dependabot[bot] 2025-10-06 10:06:17 -04:00
  • ff6a8b1802
         chore(deps): update tools to latest versions (#4248) anchore-actions-token-generator[bot] 2025-10-03 14:53:27 -04:00
  • a77d24e379
         Improve struct and field comments and incorporate into json schema (#4252) Alex Goodman 2025-10-03 13:01:56 -04:00
  • b96d3d20af
         chore(deps): bump github/codeql-action from 3.30.5 to 3.30.6 (#4253) dependabot[bot] 2025-10-03 12:07:20 -04:00
  • 5461a92337
         chore(deps): bump github.com/hashicorp/go-getter from 1.8.1 to 1.8.2 (#4254) dependabot[bot] 2025-10-03 12:07:13 -04:00
  • b9604cbf30
         chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.2 to 0.9.3 (#4251) dependabot[bot] 2025-10-02 13:24:25 +00:00
  • 9217f2099f
         chore: update ffmpeg tests (#4249) Keith Zantow 2025-10-01 09:11:36 -04:00
  • 605a275dd3
         chore(deps): bump github/codeql-action from 3.30.4 to 3.30.5 (#4246) dependabot[bot] 2025-09-30 17:06:10 -04:00
  • 319bb12627
         chore: do not redesign private Christopher Phillips 2025-09-26 15:07:48 -04:00
  • 7a131ff462
         chore: update config injection Christopher Phillips 2025-09-26 14:51:29 -04:00
  • 6fa1831484
         chore: update feature to include config to restore previous behavior Christopher Phillips 2025-09-26 14:16:49 -04:00
  • e1483e0285
         Add support for identifying ffmpeg/libav libraries (#4227) Alan Pope 2025-09-26 15:43:47 +01:00
  • 0a36dabf23
         feat(cataloger): add snap package cataloger for metadata extraction (#4151) Alan Pope 2025-09-26 15:42:29 +01:00
  • 64b71ec04c
         chore(deps): bump github.com/quasilyte/go-ruleguard/dsl (#4245) dependabot[bot] 2025-09-26 10:27:13 -04:00
  • d02e3bcf62 Fix: map license URLs to SPDX IDs for machine readable format Avadhut03 2025-09-26 09:56:21 +05:30
  • 8629080e80
         chore(deps): update tools to latest versions (#4238) anchore-actions-token-generator[bot] 2025-09-25 12:08:37 -04:00
  • f0998de717
         chore(deps): bump github/codeql-action from 3.30.3 to 3.30.4 (#4239) dependabot[bot] 2025-09-25 12:06:49 -04:00
  • 261ab7c1fd
         chore(deps): bump actions/cache from 4.2.4 to 4.3.0 (#4240) dependabot[bot] 2025-09-25 12:02:41 -04:00
  • 8232f5bd1b
         chore(deps): bump actions/cache in /.github/actions/bootstrap (#4241) dependabot[bot] 2025-09-25 12:02:30 -04:00
  • 21d50d7c31
         feat: add ARM64 Windows build target (#4237) Saleem Abdulrasool 2025-09-24 12:29:03 -07:00
  • c28b90717b
         chore(deps): update tools to latest versions (#4236) anchore-actions-token-generator[bot] 2025-09-24 15:07:58 -04:00
  • 323fd3e34c
         docs: add GitHub actions to supported ecosystems (#4235) Keith Zantow 2025-09-23 10:08:41 -04:00
  • af4d19f81d
         chore(deps): update tools to latest versions (#4230) anchore-actions-token-generator[bot] 2025-09-22 11:08:30 -04:00
  • 9b60b3e33d Ignore dpkg entries that have "deinstall" status indicating package has been removed but not purged Ross Kirk 2025-09-22 11:56:31 +01:00
  • d820c3436b
         chore(deps): bump github.com/charmbracelet/bubbletea (#4228) dependabot[bot] 2025-09-18 15:15:52 -04:00
  • 409642c8f0
         chore(deps): bump github.com/hashicorp/go-getter from 1.8.0 to 1.8.1 (#4229) dependabot[bot] 2025-09-18 15:15:43 -04:00
  • 3abbd940e3
         chore(deps): bump anchore/sbom-action from 0.20.5 to 0.20.6 (#4222) dependabot[bot] 2025-09-18 10:58:53 -04:00
  • 22f6f8f880
         chore(deps): update tools to latest versions (#4221) anchore-actions-token-generator[bot] 2025-09-18 07:16:16 -04:00
  • 6005fb3c20
         chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.14 to 0.5.15 (#4225) dependabot[bot] 2025-09-17 10:07:37 -04:00
  • b87b919149
         chore(deps): update anchore dependencies (#4220) v1.33.0 anchore-actions-token-generator[bot] 2025-09-15 20:22:09 +00:00
  • a51994d102
         chore(deps): update tools to latest versions (#4215) anchore-actions-token-generator[bot] 2025-09-15 14:38:28 -04:00
  • 333b951be3
         chore(deps): bump zizmorcore/zizmor-action from 0.1.2 to 0.2.0 (#4216) dependabot[bot] 2025-09-15 14:30:16 -04:00
  • 90c733d24d
         chore(deps): bump 8398a7/action-slack from 3.18.0 to 3.19.0 (#4217) dependabot[bot] 2025-09-15 14:30:03 -04:00
  • dacc2f61f9
         chore(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0 (#4218) dependabot[bot] 2025-09-15 14:29:53 -04:00
  • 06b01aaa40
         chore(deps): bump modernc.org/sqlite from 1.38.2 to 1.39.0 (#4219) dependabot[bot] 2025-09-15 14:29:45 -04:00
  • e1762a2dda
         chore(deps): bump github.com/charmbracelet/bubbletea from 1.3.8 to 1.3.9 (#4214) dependabot[bot] 2025-09-12 10:21:20 -04:00
  • c5cbc89cb1
         fix: include RpmDBEntry modularityLabel in CycloneDX (#4212) Rafał Maj 2025-09-11 23:22:12 +02:00
  • 7bc15e3d82
         Native Image SBOM: Add Support for Locations Data (#4186) Joel Rudsberg 2025-09-11 20:16:09 +02:00