8000 Comparing v0.74.1...v0.74.2 · anchore/grype · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/grype
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.74.1
Choose a base ref
...
head repository: anchore/grype
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.74.2
Choose a head ref
  • 6 commits
  • 5 files changed
  • 4 contributors

Commits on Jan 18, 2024

  1. chore: enable automatic approval of dependabot PRs (#1664) 

    To reduce toil in this repo, enable dependabot PRs to be automatically
approved, but not merged. They are not automatically merged because if
the default GitHub token is used to automatically merge a PR, the
resulting commit will not trigger workflows on main. Rather than
generate a more potent token, just automatically review them, which
reduces toil by eliminating several clicks and page loads for
maintainers who are trying to merge dependabot PRs.

Signed-off-by: Will Murphy <will.murphy@anchore.com>
    @willmurphyscode
    willmurphyscode authored Jan 18, 2024
    Configuration menu
    Copy the full SHA
    cd1c2ac View commit details
    Browse the repository at this point in the history

Commits on Jan 19, 2024

  1. chore(deps): bump github.com/google/go-containerregistry (#1665) 

    Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 19, 2024
    Configuration menu
    Copy the full SHA
    9c0ed56 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 (#1668) 

    Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@1eb3cb2...694cdab)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 19, 2024
    Configuration menu
    Copy the full SHA
    5436f55 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 (#1666) 

    Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.3 to 0.15.4.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Commits](anchore/sbom-action@c7f031d...41f7a6c)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 19, 2024
    Configuration menu
    Copy the full SHA
    8bc6ca8 View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump github.com/docker/docker (#1667) 

    Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 25.0.0+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v24.0.7...v25.0.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 19, 2024
    Configuration menu
    Copy the full SHA
    acd8c9c View commit details
    Browse the repository at this point in the history

  5. chore(deps): update Syft to v0.101.1 (#1669) 

    Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: wagoodman <wagoodman@users.noreply.github.com>
    @anchore-actions-token-generator @wagoodman
    anchore-actions-token-generator[bot] and wagoodman authored Jan 19, 2024
    Configuration menu
    Copy the full SHA
    90fa3f2 View commit details
    Browse the repository at this point in the history
Loading
0