Scribe main #13

houdini91 · 2022-12-08T10:59:56Z

No description provided.

github-actions · 2022-12-18T11:36:37Z

Benchmark Test Results

Benchmark results from the latest changes vs base branch

goos: linux%0Agoarch: amd64%0Apkg: github.com/anchore/syft/test/integration%0Acpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz%0A                                                          │ ./.tmp/benchmark-60f01e8.txt │%0A                                                          │            sec/op            │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   12.30m ±  3%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    730.7µ ±  4%25%0AImagePackageCatalogers/binary-cataloger-2                                   211.4µ ±  1%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   577.4µ ±  2%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              1.319m ±  6%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         101.1µ ±  5%25%0AImagePackageCatalogers/java-cataloger-2                                     13.61m ±  2%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     101.5µ ± 10%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       389.1µ ±  4%25%0AImagePackageCatalogers/nix-store-cataloger-2                                264.3µ ±  2%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   787.6µ ±  1%25%0AImagePackageCatalogers/portage-cataloger-2                                  461.4µ ±  1%25%0AImagePackageCatalogers/python-package-cataloger-2                           3.326m ±  1%25%0AImagePackageCatalogers/r-package-cataloger-2                                195.3µ ±  4%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   492.6µ ±  4%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             875.2µ ±  2%25%0AImagePackageCatalogers/sbom-cataloger-2                                     120.6µ ±  1%25%0Ageomean                                                                     614.6µ%0A%0A                                                          │ ./.tmp/benchmark-60f01e8.txt │%0A                                                          │             B/op             │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   5.126Mi ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    204.8Ki ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                   30.25Ki ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   168.8Ki ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              404.3Ki ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         9.797Ki ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                     2.826Mi ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     8.594Ki ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       100.9Ki ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                49.13Ki ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   186.4Ki ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                  120.0Ki ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                           1.003Mi ± 0%25%0AImagePackageCatalogers/r-package-cataloger-2                                53.30Ki ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   181.0Ki ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             144.2Ki ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                     14.57Ki ± 0%25%0Ageomean                                                                     132.8Ki%0A%0A                                                          │ ./.tmp/benchmark-60f01e8.txt │%0A                                                          │          allocs/op           │%0AImagePackageCatalogers/alpmdb-cataloger-2                                    87.75k ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                     4.182k ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                     830.0 ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                    3.000k ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                               6.338k ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                           277.0 ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                      39.88k ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                       228.0 ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                        1.404k ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                  895.0 ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                    4.079k ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                   2.269k ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                            16.44k ± 0%25%0AImagePackageCatalogers/r-package-cataloger-2                                  929.0 ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                    3.989k ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                              2.447k ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                       416.0 ± 0%25%0Ageomean                                                                      2.589k

Signed-off-by: witchcraze <witchcraze@gmail.com>

…re#3083) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.14 to 3.25.15. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5cf07d8...afb54ba) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…anchore#3082) Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.5 to 0.5.6. - [Release notes](https://github.com/gkampitakis/go-snaps/releases) - [Commits](gkampitakis/go-snaps@v0.5.5...v0.5.6) --- updated-dependencies: - dependency-name: github.com/gkampitakis/go-snaps dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

…96bfa5 (anchore#3075) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>

Signed-off-by: Keith Zantow <kzantow@gmail.com>

* Add binary classifier for swipl Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> * Added cataloger for SWI Prolog Pack packages Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> --------- Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>

Signed-off-by: Keith Zantow <kzantow@gmail.com>

…gs (anchore#3087) * chore: basic fix Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> * test: make sure ldflags are prefixed with v --------- Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>

…IDMatchesFilename' (anchore#3054) - Correct retrieval of package name when main POM file exists - Address issue where wrong package name was retrieved for certain jars - Example case: 'jansi' jar containing multiple jars like 'jansi-win32' - Ensure true is returned when filename matches the artifact ID, prevent random retrieval by checking prefix and suffix - Use fallback check with suffix and prefix if no POM properties file matches the exact artifact name Signed-off-by: dor-hayun <dor.hayun@mend.io> Co-authored-by: dor-hayun <dor.hayun@mend.io>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

…ields (anchore#3093) Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>

Signed-off-by: Gijs Calis <51088038+GijsCalis@users.noreply.github.com> Signed-off-by: Keith Zantow <kzantow@gmail.com> Co-authored-by: Keith Zantow <kzantow@gmail.com>

…anchore#3097) Bumps [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) from 0.5.6 to 0.5.7. - [Release notes](https://github.com/gkampitakis/go-snaps/releases) - [Commits](gkampitakis/go-snaps@v0.5.6...v0.5.7) --- updated-dependencies: - dependency-name: github.com/gkampitakis/go-snaps dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.19.0 to 0.20.0. - [Commits](golang/mod@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

…e#3095) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.3.5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b2256b...89ef406) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.27.0 to 0.28.0. - [Commits](golang/net@v0.27.0...v0.28.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: github.com/google/go-containerregistry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…e#3102) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@89ef406...834a144) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…e#3101) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.15 to 3.26.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@afb54ba...eb055d7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

…ore#3107) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): update tools to latest versions Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * chore: disable gosec(G115) A change to the rule gosec(G115) made a large amount of FP for gosec appear when updating to the latest golang-ci linter. securego/gosec#1185 securego/gosec#1149 We're going to ignore this rule for the time being while waiting for gosec to get updates so that bound checking and example snippets of `valid` code is added for this rule Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

…anchore#3240) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.2 to 7.0.3. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@d121e62...6cd32fd) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#3241) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.6 to 3.26.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@4dd1613...8214744) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

….1 (anchore#3242) Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.9.0 to 0.9.1. - [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml) - [Commits](CycloneDX/cyclonedx-go@v0.9.0...v0.9.1) --- updated-dependencies: - dependency-name: github.com/CycloneDX/cyclonedx-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

) (anchore#3250) Signed-off-by: Gorny Krystian <krystian.gorny@wipotec.com> Co-authored-by: Gorny Krystian <krystian.gorny@wipotec.com>

…, and sqlcipher (anchore#3252) * feat: detect lighttpd binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect proftpd binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect zstd binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect xz utils binarie Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect gzip binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect sqlcipher binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * feat: detect jq binaries Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> * add tests + snippets Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Krystian Gorny <krystian.gorny@wipotec.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.2.1+incompatible to 27.3.0+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.2.1...v27.3.0) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

…#3256) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.7 to 3.26.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@8214744...294a9d9) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…anchore#3255) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.3 to 7.0.5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@6cd32fd...5e91468) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…nchore#3254) Bumps [github.com/github/go-spdx/v2](https://github.com/github/go-spdx) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/github/go-spdx/releases) - [Commits](github/go-spdx@v2.3.1...v2.3.2) --- updated-dependencies: - dependency-name: github.com/github/go-spdx/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add policy for empty name and version Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * default stub version Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * modifying ids requires augmenting relationships Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>

* add jvm cataloger Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * simplify version selection Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * CPEs from JVM cataloger should be declared Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * ensure package overlap is enabled for sensitive use cases Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * more permissive glob Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

) Signed-off-by: Christian Dupuis <cd@docker.com>

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...d632683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…322429 (anchore#3280) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>

…#3275) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.8 to 3.26.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@294a9d9...461ef6c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 27.3.0+incompatible to 27.3.1+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.3.0...v27.3.1) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

Signed-off-by: witchcraze <witchcraze@gmail.com>

* update redis classifier Signed-off-by: witchcraze <witchcraze@gmail.com> * Remove snippets to pass Validation. In this case, 9000 byte was required... Signed-off-by: witchcraze <witchcraze@gmail.com>

houdini91 force-pushed the scribe_main branch from a2a3dcc to 429f963 Compare December 18, 2022 11:30

houdini91 force-pushed the scribe_main branch from 1ff0896 to 548555a Compare May 1, 2023 12:42

houdini91 force-pushed the scribe_main branch from f29c239 to b120480 Compare December 13, 2023 11:01

houdini91 and others added 10 commits July 29, 2024 15:27

inital migration

9799718

fix: traefik classifier (anchore#3077)

490e05a

Signed-off-by: witchcraze <witchcraze@gmail.com>

chore(deps): update CPE dictionary index (anchore#3079)

a2042e6

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

chore(deps): update stereoscope to 50ce3be7aa1fb8829234ae648215e79071…

06526e2

…96bfa5 (anchore#3075) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>

fix: improve determinism in java archive identification (anchore#3085)

a4b5dcd

Signed-off-by: Keith Zantow <kzantow@gmail.com>

Relax go version

1dd3ec8

chore: update release script to use gh from binny (anchore#3084)

05a10e8

Signed-off-by: Keith Zantow <kzantow@gmail.com>

houdini91 force-pushed the scribe_main branch from 71f4321 to 1dd3ec8 Compare August 1, 2024 11:51

spiffcs and others added 15 commits August 1, 2024 11:29

chore(deps): update tools to latest versions (anchore#3091)

623532e

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

fix: use organization for package supplier when reading Java vendor f…

cc15edc

…ields (anchore#3093) Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>

feat: improved java maven property resolution (anchore#2769)

9d40d11

Signed-off-by: Gijs Calis <51088038+GijsCalis@users.noreply.github.com> Signed-off-by: Keith Zantow <kzantow@gmail.com> Co-authored-by: Keith Zantow <kzantow@gmail.com>

chore(deps): update CPE dictionary index (anchore#3094)

214a049

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

chore(deps): update tools to latest versions (anchore#3099)

1fb47d9

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

anchore-actions-token-generator bot and others added 30 commits September 13, 2024 15:05

chore(deps): update CPE dictionary index (anchore#3232)

41e9630

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

chore(deps): update tools to latest versions (anchore#3231)

7b4feb7

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

chore(deps): update tools to latest versions (anchore#3243)

7934696

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

chore(deps): update tools to latest versions (anchore#3247)

a2f12fe

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

chore(deps): update tools to latest versions (anchore#3251)

50016c3

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

fix: capture-snippet.sh can handle leading whitespaces now (anchore#3249

cb0de97

) (anchore#3250) Signed-off-by: Gorny Krystian <krystian.gorny@wipotec.com> Co-authored-by: Gorny Krystian <krystian.gorny@wipotec.com>

chore(deps): update tools to latest versions (anchore#3259)

a08ea86

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>

feat: classifier for Dart lang binaries (anchore#3265)

7815d8e

Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>

fix: correct excluded mount point comparison to file paths (anchore#3269

92c1dde

) Signed-off-by: Christian Dupuis <cd@docker.com>

add awaiting response management (anchore#3272)

d7005d7

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

chore(deps): update stereoscope to dc10ea61fd18efa45b516eda4de8bc19d8…

16122eb

…322429 (anchore#3280) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>

chore(deps): update CPE dictionary index (anchore#3262)

e37c468

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>

fix: update ruby classifier for -rc, -dev, etc. versions (anchore#3285)

1a746b2

Signed-off-by: witchcraze <witchcraze@gmail.com>

fix: improve node classifier version matching (anchore#3284)

2a3d171

Signed-off-by: witchcraze <witchcraze@gmail.com>

update redis classifier (anchore#3281)

f5f8005

* update redis classifier Signed-off-by: witchcraze <witchcraze@gmail.com> * Remove snippets to pass Validation. In this case, 9000 byte was required... Signed-off-by: witchcraze <witchcraze@gmail.com>

Merge remote-tracking branch 'upstream/main' into scribe_main

d5be7ab

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Scribe main #13

Scribe main #13

houdini91 commented Dec 8, 2022

github-actions bot commented Dec 18, 2022 •

edited

Loading

Scribe main #13

Are you sure you want to change the base?

Scribe main #13

Conversation

houdini91 commented Dec 8, 2022

github-actions bot commented Dec 18, 2022 • edited Loading

Benchmark Test Results

github-actions bot commented Dec 18, 2022 •

edited

Loading