Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull req
8000
uest.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 13 commits
- 55 files changed
- 7 contributors
Commits on May 14, 2025
-
chore: update fixtures based on CI builds (#3894)
* update fixtures based on ci builds Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix typo Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Commits on May 15, 2025
-
Add PHP interpreter + extensions cataloger (#2585)
* Add PHP extensions binary classifiers Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> * [wip] add php extensions cataloger Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * find interpreters + extension Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * internalize binary cataloger utilities Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * default to linux/amd64 for test fixtures Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
-
chore(deps): bump anchore/sbom-action from 0.19.0 to 0.20.0 (#3899)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.19.0 to 0.20.0. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@9f73021...e11c554) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-version: 0.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
-
chore(deps): bump github.com/mholt/archives from 0.1.1 to 0.1.2 (#3898)
Bumps [github.com/mholt/archives](https://github.com/mholt/archives) from 0.1.1 to 0.1.2. - [Release notes](https://github.com/mholt/archives/releases) - [Commits](mholt/archives@v0.1.1...v0.1.2) --- updated-dependencies: - dependency-name: github.com/mholt/archives dependency-version: 0.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
-
Expose RPM signature information (for RPM DB and RPM archives) (#3179)
* feat: expose rpm signature information This helps with more confident identification of an rpm. In theory, two rpms can be built that have the same purl string, and otherwise look identical in syft's output, but the PGP information would distinguish them as signed either by different keys, or signed at different times. In practice, this usually makes no difference since rpms tend to have unique name/version/release strings. This just gives increased confidence about the identity of the rpm found in the db. Signed-off-by: Ralph Bean <rbean@redhat.com> * chore: generate json schema Signed-off-by: Ralph Bean <rbean@redhat.com> * re-generate json schema Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename to a more generic signature field Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename rpm.pgp to rpm.signatures Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * split out signature fields Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * bump json schema Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * include RPM archives Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update json schema Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * dont fail on unknown signature type Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Ralph Bean <rbean@redhat.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
-
Include default config licenses (#3900)
* fix: the licenses config was not being carried through causing content to show by default --------- Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
-
chore: delete unused fixture (#3901)
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
-
chore: fix publishing test fixture images (#3896)
* update pkg counts Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * bump max cache size Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Commits on May 16, 2025
-
fix: Distinguish openjdk vs jdk when using file source (#3895)
* fix: Distinguish openjdk vs jdk when using file source Signed-off-by: adammcclenaghan <adam@mcclenaghan.co.uk> * fix: Fix goimport order Signed-off-by: adammcclenaghan <adam@mcclenaghan.co.uk> * add comment Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: adammcclenaghan <adam@mcclenaghan.co.uk> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
-
fix: Make Native Image contains no embedded SBOM Error Discoverable (#…
…3805) * fix: Make Native Image contains no embedded SBOM Error Discoverable Signed-off-by: Sathiya Narayanan Venkatesan <sathiyavenkat06@gmail.com> * adjust error phrasing + wrap error Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Sathiya Narayanan Venkatesan <sathiyavenkat06@gmail.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
-
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 (#3905)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.17 to 3.28.18. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@60168ef...ff0a06e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
-
fix: update license content filtering default case to be 'none' for n…
…o content returned --------- Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
-
remove benchmark workflow (#3906)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v1.24.0...v1.25.0