8000 Comparing v0.73.3...v0.73.4 · anchore/grype · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/grype
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.73.3
Choose a base ref
...
head repository: anchore/grype
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.73.4
Choose a head ref
  • 5 commits
  • 6 files changed
  • 4 contributors

Commits on Nov 21, 2023

  1. chore(deps): bump anchore/sbom-action from 0.14.3 to 0.15.0 (#1611) 

    Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.14.3 to 0.15.0.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](anchore/sbom-action@78fc58e...fd74a6f)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 21, 2023
    Configuration menu
    Copy the full SHA
    e4242b9 View commit details
    Browse the repository at this point in the history

Commits on Nov 27, 2023

  1. chore: explicitly test maven suffixes (#1617) 

    Some older Maven releases include a suffix like .RELEASE on the version
number. Grype's behavior with regard to these versions has been
suggested as a source of false positives. Pin the behavior with tests to
make it easier to reason about how Grype will compare maven versions and
to guard against this behavior accidentally changing.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
    @willmurphyscode
    willmurphyscode authored Nov 27, 2023
    Configuration menu
    Copy the full SHA
    e887501 View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2023

  1. chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#1618) 

    Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](spf13/afero@v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 28, 2023
    Configuration menu
    Copy the full SHA
    6a1aa58 View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2023

  1. chore: update syft; go mod tidy (#1621) 

    Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
    @spiffcs
    spiffcs authored Nov 29, 2023
    Configuration menu
    Copy the full SHA
    06b9f1c View commit details
    Browse the repository at this point in the history

Commits on Nov 30, 2023

  1. chore: bump to syft v0.98.0 in quality gate tests (#1623) 

    Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
    @westonsteimel
    westonsteimel authored Nov 30, 2023
    Configuration menu
    Copy the full SHA
    a4bced1 View commit details
    Browse the repository at this point in the history
Loading
0