8000 Comparing v1.27.0...main · anchore/syft · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can als 8000 o or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/syft
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.27.0
Choose a base ref
...
head repository: anchore/syft
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
  • 15 commits
  • 76 files changed
  • 6 contributors

Commits on Jun 10, 2025

  1. chore(deps): bump github.com/anchore/stereoscope (#3991) 

    Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.1.5-0.20250604132324-344e29f37f05 to 0.1.5.
- [Release notes](https://github.com/anchore/stereoscope/releases)
- [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/stereoscope/commits/v0.1.5)

---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
  dependency-version: 0.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 10, 2025
    Configuration menu
    Copy the full SHA
    cfa7cc5 View commit details
    Browse the repository at this point in the history

  2. Allow decoding of anchorectl json files (#3973) 

    * allow decoding of import sbom file shape

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* address formatting

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* add file mode and type processing

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* use type to interpret the raw value

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* safe mode convert should use uint32

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

* simpler decoder type

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
    @wagoodman
    wagoodman authored Jun 10, 2025
    Configuration menu
    Copy the full SHA
    79b6d5d View commit details
    Browse the repository at this point in the history

Commits on Jun 11, 2025

  1. account for non-import shapes (#3997) 

    Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
    @wagoodman
    wagoodman authored Jun 11, 2025
    Configuration menu
    Copy the full SHA
    96c34ff View commit details
    Browse the repository at this point in the history

  2. fix: provide separate nonroot image (#3998) 

    Signed-off-by: Keith Zantow <kzantow@gmail.com>
    @kzantow
    kzantow authored Jun 11, 2025
    Configuration menu
    Copy the full SHA
    10f0631 View commit details
    Browse the repository at this point in the history

Commits on Jun 12, 2025

  1. chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0 (#4000) 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.19 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@fca7ace...ce28f5b)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 12, 2025
    Configuration menu
    Copy the full SHA
    c19558d View commit details
    Browse the repository at this point in the history

Commits on Jun 13, 2025

  1. chore(deps): update tools to latest versions (#3992) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Jun 13, 2025
    Configuration menu
    Copy the full SHA
    181e180 View commit details
    Browse the repository at this point in the history

Commits on Jun 16, 2025

  1. chore(deps): bump github.com/google/go-containerregistry (#4009) 

    Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.20.5 to 0.20.6.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.20.5...v0.20.6)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.20.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 16, 2025
    Configuration menu
    Copy the full SHA
    72f9c42 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1 (#4008) 

    Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@e11c554...9246b90)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 16, 2025
    Configuration menu
    Copy the full SHA
    0b57d03 View commit details
    Browse the repository at this point in the history

  3. chore(deps): update CPE dictionary index (#4007) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
    @anchore-actions-token-generator @wagoodman
    anchore-actions-token-generator[bot] and wagoodman authored Jun 16, 2025
    Configuration menu
    Copy the full SHA
    0bfda2c View commit details
    Browse the repository at this point in the history

Commits on Jun 17, 2025

  1. chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#4015) 

    Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v3.8.2...v3.9.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 17, 2025
    Configuration menu
    Copy the full SHA
    b52b13c View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump github.com/go-viper/mapstructure/v2 (#4014) 

    Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](go-viper/mapstructure@v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 17, 2025
    Configuration menu
    Copy the full SHA
    32a30f7 View commit details
    Browse the repository at this point in the history

  3. chore(deps): update tools to latest versions (#4012) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Jun 17, 2025
    Configuration menu
    Copy the full SHA
    d9eb1d7 View commit details
    Browse the repository at this point in the history

Commits on Jun 19, 2025

  1. chore(deps): update tools to latest versions (#4016) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Jun 19, 2025
    Configuration menu
    Copy the full SHA
    4911535 View commit details
    Browse the repository at this point in the history

Commits on Jun 23, 2025

  1. chore(deps): update CPE dictionary index (#4021) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
    @anchore-actions-token-generator @wagoodman
    anchore-actions-token-generator[bot] and wagoodman authored Jun 23, 2025
    Configuration menu
    Copy the full SHA
    4eb8ba4 View commit details
    Browse the repository at this point in the history

Commits on Jun 25, 2025

  1. Add ability to scan snaps (as a source) (#3929)

    @wagoodman
    wagoodman authored Jun 25, 2025
    Configuration menu
    Copy the full SHA
    2bda086 View commit details
    Browse the repository at this point in the history
Loading
0