8000 Comparing v0.19.2...v0.19.3 · anchore/grype-db · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/grype-db
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.19.2
Choose a base ref
...
head repository: anchore/grype-db
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.19.3
Choose a head ref
  • 9 commits
  • 10 files changed
  • 2 contributors

Commits on Nov 10, 2023

  1. chore(deps): Bump github.com/anchore/grype from 0.73.0 to 0.73.1 (#198) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.73.0 to 0.73.1.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.73.0...v0.73.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 10, 2023
    Configuration menu
    Copy the full SHA
    6e1c837 View commit details
    Browse the repository at this point in the history

Commits on Nov 17, 2023

  1. chore(deps): Bump github.com/klauspost/compress from 1.17.2 to 1.17.3 ( 

    …#200)

Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.2 to 1.17.3.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.2...v1.17.3)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 17, 2023
    Configuration menu
    Copy the full SHA
    86f6a47 View commit details
    Browse the repository at this point in the history

Commits on Nov 18, 2023

  1. chore(deps): Bump github.com/anchore/grype from 0.73.1 to 0.73.2 (#201) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.73.1 to 0.73.2.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.73.1...v0.73.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 18, 2023
    Configuration menu
    Copy the full SHA
    69526dd View commit details
    Browse the repository at this point in the history

Commits on Nov 20, 2023

  1. chore(deps): Bump github.com/anchore/grype from 0.73.2 to 0.73.3 (#202) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.73.2 to 0.73.3.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.73.2...v0.73.3)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 20, 2023
    10000 Configuration menu
    Copy the full SHA
    cd2c9b5 View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2023

  1. chore: bump vulnerability match labels (#204) 

    Signed-off-by: Will Murphy <will.murphy@anchore.com>
    @willmurphyscode
    willmurphyscode authored Nov 28, 2023
    Configuration menu
    Copy the full SHA
    3396900 View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2023

  1. chore(deps): Bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#205) 

    Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](spf13/afero@v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 29, 2023
    Configuration menu
    Copy the full SHA
    31141fd View commit details
    Browse the repository at this point in the history

Commits on Dec 1, 2023

  1. chore(deps): Bump github.com/anchore/grype from 0.73.3 to 0.73.4 (#206) 

    Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.73.3 to 0.73.4.
- [Release notes](https://github.com/anchore/grype/releases)
- [Changelog](https://github.com/anchore/grype/blob/main/.goreleaser.yaml)
- [Commits](anchore/grype@v0.73.3...v0.73.4)

---
updated-dependencies:
- dependency-name: github.com/anchore/grype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 1, 2023
    Configuration menu
    Copy the full SHA
    9e71b2f View commit details
    Browse the repository at this point in the history

Commits on Dec 5, 2023

  1. feat: multiple platform cpes (#203) 

    Previously, if the platform CPE was more complicated than a single "running
on/with" entry, grype-db would leave it blank. Now, when several "running 
on/with" entries are present, emit a row for each of them, in order to reduce false
positives caused by more permissive platform constraint.

Note that "running on/with" could be an application or platform CPE.
For example, Redis or OpenShift might be coded as a type "a" CPE (for
"application"), but might be a platform (displayed in the "running on or
with" section of the NVD UI). For these, consider them platforms and
emit a platform CPE.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
    @willmurphyscode
    willmurphyscode authored Dec 5, 2023
    Configuration menu
    Copy the full SHA
    af631d9 View commit details
    Browse the repository at this point in the history

  2. chore(deps): Bump github.com/klauspost/compress from 1.17.3 to 1.17.4 ( 

    …#207)

Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.3 to 1.17.4.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.3...v1.17.4)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: di
5D7E
rect:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 5, 2023
    Configuration menu
    Copy the full SHA
    4c0d5bc View commit details
    Browse the repository at this point in the history
Loading
0