8000 Comparing v0.19.5...v0.19.6 · anchore/grype-db · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/grype-db 10000
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.19.5
Choose a base ref
...
head repository: anchore/grype-db
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.19.6
Choose a head ref
  • 11 commits
  • 7 files changed
  • 2 contributors

Commits on Jan 29, 2024

  1. chore(deps): Bump github.com/klauspost/compress from 1.17.4 to 1.17.5 ( 

    …#233)

Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.4 to 1.17.5.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.4...v1.17.5)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 29, 2024
    Configuration menu
    Copy the full SHA
    43948e4 View commit details
    Browse the repository at this point in the history

  2. chore(deps): Bump gorm.io/gorm from 1.25.5 to 1.25.6 (#234) 

    Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.5 to 1.25.6.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](go-gorm/gorm@v1.25.5...v1.25.6)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 29, 2024
    Configuration menu
    Copy the full SHA
    17b1968 View commit details
    Browse the repository at this point in the history

  3. chore(deps): Bump 8398a7/action-slack from 3.15.1 to 3.16.2 (#232) 

    Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack) from 3.15.1 to 3.16.2.
- [Release notes](https://github.com/8398a7/action-slack/releases)
- [Commits](8398a7/action-slack@fbd6aa5...28ba43a)

---
updated-dependencies:
- dependency-name: 8398a7/action-slack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 29, 2024
    Configuration menu
    Copy the full SHA
    8c621c1 View commit details
    Browse the repository at this point in the history

Commits on Jan 31, 2024

  1. upgrade syft and grype for path traversal fix (#235) 

    Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
    @wagoodman
    wagoodman authored Jan 31, 2024
    Configuration menu
    Copy the full SHA
    51242d9 View commit details
    Browse the repository at this point in the history

Commits on Feb 1, 2024

  1. chore(deps): Bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 ( 

    …#236)

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.2 to 6.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@1534078...b1ddad2)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 1, 2024
    Configuration menu
    Copy the full SHA
    52f2e94 View commit details
    Browse the repository at this point in the history

  2. chore(deps): Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 ( 

    …#237)

Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.5 to 1.1.12.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md)
- [Commits](opencontainers/runc@v1.1.5...v1.1.12)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 1, 2024
    Configuration menu
    Copy the full SHA
    c657c03 View commit details
    Browse the repository at this point in the history

Commits on Feb 6, 2024

  1. chore(deps): Bump github.com/klauspost/compress from 1.17.5 to 1.17.6 ( 

    …#238)

Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.5 to 1.17.6.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.5...v1.17.6)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 6, 2024
    Configuration menu
    Copy the full SHA
    7dd0018 View commit details
    Browse the repository at this point in the history

  2. chore(deps-dev): Bump cryptography from 41.0.6 to 42.0.0 (#240) 

    Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.6 to 42.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.6...42.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 6, 2024
    Configuration menu
    Copy the full SHA
    3a856f9 View commit details
    Browse the repository at this point in the history

Commits on Feb 7, 2024

  1. chore(dep D0DB s): Bump gorm.io/gorm from 1.25.6 to 1.25.7 (#241) 

    Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.25.6 to 1.25.7.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](go-gorm/gorm@v1.25.6...v1.25.7)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 7, 2024
    Configuration menu
    Copy the full SHA
    52cbfd3 View commit details
    Browse the repository at this point in the history

Commits on Feb 8, 2024

  1. chore(deps): Bump github.com/anchore/grype from 0.74.4 to 0.74.5 (#242) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.74.4 to 0.74.5.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.74.4...v0.74.5)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 8, 2024
    Configuration menu
    Copy the full SHA
    6c14943 View commit details
    Browse the repository at this point in the history

Commits on Feb 15, 2024

  1. chore(deps): Bump github.com/anchore/grype from 0.74.5 to 0.74.6 (#243) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.74.5 to 0.74.6.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.74.5...v0.74.6)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 15, 2024
    Configuration menu
    Copy the full SHA
    99f95c5 View commit details
    Browse the repository at this point in the history
Loading
0