-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[pull] main from anchore:main #1
base: main
Are you sure you want to change the base?
Commits on Jul 9, 2024
-
fix: workaround windows install script (#477)
Because of a small bug the version of curl presently on GitHub windows runners, Syft's install.sh file can fail to execute. Therefore, at least for now, fall back to just using cache.downloadTool to get Syft. Signed-off-by: Will Murphy <will.murphy@anchore.com>
Configuration menu - View commit details
-
Copy full SHA for 95b086a - Browse repository at this point
Copy the full SHA 95b086aView commit details
Commits on Jul 10, 2024
-
chore(deps): update Syft to v1.8.0 (#473)
* chore(deps): update Syft to v1.8.0 Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * chore: bump snapshots to reflect CycloneDX 1.6 Previous snapshots were saved with CycloneDX 1.5, but Syft's default CycloneDX output is now version 1.6. Signed-off-by: Will Murphy <will.murphy@anchore.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Will Murphy <will.murphy@anchore.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com> Co-authored-by: Will Murphy <will.murphy@anchore.com>
Configuration menu - View commit details
-
Copy full SHA for f3253ca - Browse repository at this point
Copy the full SHA f3253caView commit details -
chore: serialize tests to prevent install race (#478)
Previously, running the npm test script in CI would sometimes result in multiple test processes all trying to install Syft at the same time, and one would fail with "spawn: ETXTBSY". Instead, run all tests in series. Signed-off-by: Will Murphy <will.murphy@anchore.com>
Configuration menu - View commit details
-
Copy full SHA for f4035cd - Browse repository at this point
Copy the full SHA f4035cdView commit details -
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (…
…#475) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.5 to 6.1.0. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@6d6857d...c5a7806) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 23e0b38 - Browse repository at this point
Copy the full SHA 23e0b38View commit details -
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#474)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@a5ac7e5...692973e) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ee41e6a - Browse repository at this point
Copy the full SHA ee41e6aView commit details
Commits on Jul 11, 2024
-
chore(deps): update Syft to v1.9.0 (#479)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d94f46e - Browse repository at this point
Copy the full SHA d94f46eView commit details
Commits on Jul 18, 2024
-
docs: CODE_OF_CONDUCT.md (#480)
This PR adds a code of conduct document to the repo, as agreed at our recent OSS team catch up. Signed-off-by: Alan Pope <alan@popey.com>
Configuration menu - View commit details
-
Copy full SHA for ca15f99 - Browse repository at this point
Copy the full SHA ca15f99View commit details -
chore: Create issue template (#481)
Signed-off-by: Alan Pope <alan.pope@anchore.com>
Configuration menu - View commit details
-
Copy full SHA for f2d02cb - Browse repository at this point
Copy the full SHA f2d02cbView commit details
Commits on Aug 12, 2024
-
doc: Updates for the Slack to Discourse migration (#484)
Signed-off-by: Alan Pope <alan@popey.com>
Configuration menu - View commit details
-
Copy full SHA for fe5e7c3 - Browse repository at this point
Copy the full SHA fe5e7c3View commit details
Commits on Aug 13, 2024
-
Configuration menu - View commit details
-
Copy full SHA for ab9d16d - Browse repository at this point
Copy the full SHA ab9d16dView commit details
Commits on Aug 21, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 61119d4 - Browse repository at this point
Copy the full SHA 61119d4View commit details
Commits on Sep 17, 2024
-
chore(deps): bump micromatch from 4.0.4 to 4.0.8 (#491)
Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.4 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.4...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 9249ac2 - Browse repository at this point
Copy the full SHA 9249ac2View commit details -
chore(deps): bump path-to-regexp from 6.2.2 to 6.3.0 (#492)
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 6.2.2 to 6.3.0. - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v6.2.2...v6.3.0) --- updated-dependencies: - dependency-name: path-to-regexp dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8abbe51 - Browse repository at this point
Copy the full SHA 8abbe51View commit details
Commits on Sep 25, 2024
-
add awaiting response management (#494)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for dbef896 - Browse repository at this point
Copy the full SHA dbef896View commit details
Commits on Oct 5, 2024
-
chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#495)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...d632683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 5cc1a40 - Browse repository at this point
Copy the full SHA 5cc1a40View commit details -
chore(deps): update Syft to v1.13.0 (#488)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 87b3137 - Browse repository at this point
Copy the full SHA 87b3137View commit details -
Update README to include bit about permissions near the top (#496)
Currently the info about permissions is below the fold, and I missed it when implementing the action for my own projects. Signed-off-by: Josh Buker <git-commit@joshbuker.com>
Configuration menu - View commit details
-
Copy full SHA for beb779b - Browse repository at this point
Copy the full SHA beb779bView commit details
Commits on Oct 8, 2024
-
chore(deps): update Syft to v1.14.0 (#498)
* chore(deps): update Syft to v1.14.0 Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * chore: fix snapshots and redaction Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> Co-authored-by: kzantow <3009477+kzantow@users.noreply.github.com> Co-authored-by: Will Murphy <willmurphyscode@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8cb9966 - Browse repository at this point
Copy the full SHA 8cb9966View commit details
Commits on Oct 9, 2024
-
chore(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#497)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@d632683...eef6144) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 4a914bc - Browse repository at this point
Copy the full SHA 4a914bcView commit details
Commits on Oct 11, 2024
-
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2e87236 - Browse repository at this point
Copy the full SHA 2e87236View commit details -
chore: remove snapshot tests; fix deprecation errors for outdated pac…
…kages (#501) * chore: fix deprecation errors for outdated packages Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> * test: remove snapshot tests given they cover syft's correctness and not sbom-action correctness Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> * chore: run npm i -- u to remove old snapshot Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --------- Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 18f9bde - Browse repository at this point
Copy the full SHA 18f9bdeView commit details -
chore: configure changelog-ignore label (#499)
Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for eff08d0 - Browse repository at this point
Copy the full SHA eff08d0View commit details -
chore(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.5 (…
…#493) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.1.0 to 7.0.5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c5a7806...5e91468) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f5e124a - Browse repository at this point
Copy the full SHA f5e124aView commit details
Commits on Oct 15, 2024
-
chore(deps): update Syft to v1.14.1 (#502)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: willmurphyscode <12529630+willmurphyscode@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8d0a650 - Browse repository at this point
Copy the full SHA 8d0a650View commit details