mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 08:23:15 +01:00
1d5bcc553a
* chore(deps): bump github.com/mholt/archives from 0.1.3 to 0.1.5 Bumps [github.com/mholt/archives](https://github.com/mholt/archives) from 0.1.3 to 0.1.5. - [Release notes](https://github.com/mholt/archives/releases) - [Commits](https://github.com/mholt/archives/compare/v0.1.3...v0.1.5) --- updated-dependencies: - dependency-name: github.com/mholt/archives dependency-version: 0.1.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: allow lzip-go in bouncer yaml Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Will Murphy <willmurphyscode@users.noreply.github.com>
66 lines
2.1 KiB
YAML
66 lines
2.1 KiB
YAML
permit:
|
|
- BSD.*
|
|
- CC0.*
|
|
- MIT.*
|
|
- Apache.*
|
|
- MPL.*
|
|
- ISC
|
|
- WTFPL
|
|
- Unlicense
|
|
|
|
ignore-packages:
|
|
# https://github.com/sorairolake/lzip-go/blob/34a2615d2abf740175c6b0a835baa08364e09430/go.sum.license#L3
|
|
# has `SPDX-License-Identifier: Apache-2.0 OR MIT`, both of which are acceptable
|
|
- github.com/sorairolake/lzip-go
|
|
# packageurl-go is released under the MIT license located in the root of the repo at /mit.LICENSE
|
|
- github.com/anchore/packageurl-go
|
|
|
|
# both of these dependencies are specified as Apache-2.0 in their respective GitHub READMEs
|
|
- github.com/alibabacloud-go/cr-20160607/client
|
|
- github.com/alibabacloud-go/tea-xml/service
|
|
|
|
# crypto/internal/boring is released under the openSSL license as a part of the Golang Standard Libary
|
|
- crypto/internal/boring
|
|
|
|
# from: https://github.com/spdx/tools-golang/blob/main/LICENSE.code
|
|
# The tools-golang source code is provided and may be used, at your option,
|
|
# under either:
|
|
# * Apache License, version 2.0 (Apache-2.0), OR
|
|
# * GNU General Public License, version 2.0 or later (GPL-2.0-or-later).
|
|
# (we choose Apache-2.0)
|
|
- github.com/spdx/tools-golang
|
|
|
|
# from: https://github.com/xi2/xz/blob/master/LICENSE
|
|
# All these files have been put into the public domain.
|
|
# You can do whatever you want with these files.
|
|
- github.com/xi2/xz
|
|
|
|
# from: https://gitlab.com/cznic/sqlite/-/blob/v1.15.4/LICENSE
|
|
# This is a BSD-3-Clause license
|
|
- modernc.org/libc
|
|
- modernc.org/libc/errno
|
|
- modernc.org/libc/fcntl
|
|
- modernc.org/libc/fts
|
|
- modernc.org/libc/grp
|
|
- modernc.org/libc/langinfo
|
|
- modernc.org/libc/limits
|
|
- modernc.org/libc/netdb
|
|
- modernc.org/libc/netinet/in
|
|
- modernc.org/libc/poll
|
|
- modernc.org/libc/pthread
|
|
- modernc.org/libc/pwd
|
|
- modernc.org/libc/signal
|
|
- modernc.org/libc/stdio
|
|
- modernc.org/libc/stdlib
|
|
- modernc.org/libc/sys/socket
|
|
- modernc.org/libc/sys/stat
|
|
- modernc.org/libc/sys/types
|
|
- modernc.org/libc/termios
|
|
- modernc.org/libc/time
|
|
- modernc.org/libc/unistd
|
|
- modernc.org/libc/utime
|
|
- modernc.org/libc/uuid/uuid
|
|
- modernc.org/libc/wctype
|
|
- modernc.org/mathutil
|
|
- modernc.org/memory
|