pool/syft
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37c11dfe8d
syft/syft.changes

227 lines
10 KiB
Plaintext
Raw Blame History

-------------------------------------------------------------------
Tue Oct 18 05:11:08 UTC 2022 - kastl@b1-systems.de
- Update to version 0.59.0:
* Fixes #1179 Deprecated SPDX license (#1263)
* feat: add RelationshipsBySourceOwnership to syft json output (#1248)
* fix: reset merged package into map; (#1258)
* refactor: Remove experimental Anchore Enterprise upload functionality (#1257)
* Update syft bootstrap tools to latest versions. (#1254)
* Update Stereoscope to d24c9d626b33fa720210b007a20767801827b532 (#1253)
* Update syft bootstrap tools to latest versions. (#1244)
* fix apkdb checksum representation (#1247)
* feat: add identifiable field to source object (#1243)
* feat: attest support for Singularity images (#1201)
* Update syft bootstrap tools to latest versions. (#1239)
* Update Stereoscope to 1b1b744a919964f38d14e1416fb3f25221b761ce (#1240)
* fix: Follow symlinks when searching for globs in all-layers scope (#1221)
* update requires to use list; remove field (#1234)
-------------------------------------------------------------------
Fri Sep 30 05:10:45 UTC 2022 - kastl@b1-systems.de
- Update to version 0.58.0:
* Add Conan (C/C++) conan.lock file support (#1230)
* add sequence diagrams and flesh out TODO notes (#1233)
* Do not fail if unable to parse `.rpm` file (#1232)
* fix: support exclude patterns on Windows (#1228)
* Update syft bootstrap tools to latest versions. (#1225)
* Update Stereoscope to 56552770e555d764ea72b99d3c810326b27ead4a (#1224)
* Update syft bootstrap tools to latest versions. (#1223)
* Update syft bootstrap tools to latest versions. (#1220)
-------------------------------------------------------------------
Wed Sep 21 08:27:42 UTC 2022 - kastl@b1-systems.de
- Update to version 0.57.0:
* feat: catalog python files for installed-files.txt file metadata (#1217)
* Stabilize SPDX JSON output sorting (#1216)
* bug: remove chance for panic; provide default attestation path (#1214)
* refactor: update Makefile organization; update DEVELOPING.md instructions (#1212)
* refactor: replace ioutil=>io; update linter (#1211)
* Update bootstrap tools to latest versions. (#1204)
* Add gosimports (#1205)
* refactor: move formats from internal into syft module (#1172)
-------------------------------------------------------------------
Tue Sep 13 12:42:32 UTC 2022 - kastl@b1-systems.de
- Update to version 0.56.0:
* warn on errors from RPM DB parsing (#1200)
* docs: improve Singularity image source docs (#1190)
* Add RPM file scanning support (#1188)
* Normalize syft-json output (#1194)
* Revert "External sources configuration (#1158)" (#1191)
* Update syft bootstrap tools to latest versions. (#1186)
* Fix RPM DB license handling (#1184)
* Update syft bootstrap tools to latest versions. (#1182)
-------------------------------------------------------------------
Wed Sep 07 05:42:57 UTC 2022 - kastl@b1-systems.de
- Update to version 0.55.0:
* update stereoscope to latest (#1181)
* Update syft bootstrap tools to latest versions. (#1180)
* Bug fix for 1095 - syft conversion option error (#1177)
* Update syft bootstrap tools to latest versions. (#1176)
* enhance development support on macOS ARM (#1163)
* Capture if a node module is private (#1161)
* Find version numbers from jars with different naming conventions (#1174)
* Update syft bootstrap tools to latest versions. (#1171)
* Fix update-bootstrap-tools workflow (#1170)
* workflow to create automated PRs to update bootstrap tools (#1167)
* feat: add support for licenses in package-lock json v2 (#1164)
* External sources configuration (#1158)
* feat: add support for pnpm (#1166)
* Prevent symlinks causing duplicate package-file relationships (#1168)
-------------------------------------------------------------------
Wed Sep 07 05:38:56 UTC 2022 - kastl@b1-systems.de
- Update to version 0.54.0:
* Associate node package licenses from node_modules (#1152)
* Give the contributing guide a substantial rework (#1155)
* fix: extract file ids correctly for spdx-json (#1156)
* metadata decoding should be optional (#1154)
* Update Stereoscope to 84004345484edb881f1cc1d841115da8abda06c3 (#1151)
* Add modularitylabel metadata to RPM type records generated by syft (#1148)
* Update Stereoscope to 1c79d5c84abcc54466417fcc17c844a4875888a1 (#1149)
* retraction for mispublished versions (#1147)
* cataloger configuration is respected regardless of source (#1142)
* Update README.md (#1146)
* bump cosign to v1.10.1 (#1144)
-------------------------------------------------------------------
Wed Sep 07 05:35:58 UTC 2022 - kastl@b1-systems.de
- Update to version 0.53.4:
* Update stereoscope to get rid of the replace directive (#1140)
-------------------------------------------------------------------
Wed Sep 07 05:33:24 UTC 2022 - kastl@b1-systems.de
- Update to version 0.53.3:
* Correct squashfs import and fix incorrect bouncer configuration (#1138)
-------------------------------------------------------------------
Wed Sep 07 05:31:12 UTC 2022 - kastl@b1-systems.de
- Update to version 0.53.2:
* Overwrite deprecated SPDX licenses automatically (#1009)
* disable release for docker assets (#1137)
-------------------------------------------------------------------
Wed Sep 07 05:29:04 UTC 2022 - kastl@b1-systems.de
- Update to version 0.53.1:
* improve docker release bootstrap (#1136)
* Singularity Image Support (#974)
-------------------------------------------------------------------
Wed Sep 07 05:25:20 UTC 2022 - kastl@b1-systems.de
- Update to version 0.53.0:
* remove docker login from keychain (#1135)
* remove ENV checks from siging script (#1134)
* remove docker assets from main goreleaser configuration to reduce mac-os runner friction (#1133)
* remove prefixed v from tag to match release (#1131)
* rollback actions-setup-docker to earlier version (#1130)
* Bump go-rustaudit to support rustaudit 0.2.0 (#1127)
* bump bouncer to v0.4.0 (#1125)
* Added ppc64le supported to the syft:debug image (#1124)
* add a cataloger for binaries built with rust-audit (#1116)
* bump goreleaser to v1.10.3 (#1123)
* bump golangci-lint to v1.47.2 (#1122)
* bump cosign in bootstrap-tools to v1.10.0 (#1121)
* Added s390x support (#1117)
* Delete pr_action.yaml (#1120)
* fix: use generic instead of not generating purl (#1119)
* bump cosign to v1.10.0 (#1114)
-------------------------------------------------------------------
Thu Jul 21 15:12:29 UTC 2022 - kastl@b1-systems.de
- Update to version 0.52.0:
* Update sigstore/rekor dependency (#1112)
* Added ppc64le support (#1099)
* patch-distroless-ghcr (#1110)
* add distroless debug image to published release (#1106)
* update help formatting (#1105)
* feat: implement haskell support (#1096)
* Add the -r argument for gnu xargs (#1103)
* fix: -o output option to include formats (#1102)
* moves go-rpmdb to latest; libc => v1.16.7 (#1098)
-------------------------------------------------------------------
Sat Jul 16 19:00:04 UTC 2022 - kastl@b1-systems.de
- Update to version 0.51.0:
* feat: add support for cocoapods (Swift/Objective-C) (#1081)
* Fix package url for Go modules with no / (#1092)
* Update Stereoscope to 777471f38c5b2f15c19d6cffe093ce6392d8040c (#1090)
* feat: output attestation to file (#1087)
* Update Stereoscope to cfbd966e5a8d11d73cd17adc8b8ab8468a086f1e (#1089)
* Add portage support for Gentoo Linux (#1076)
* Add PR action back to workflow with new token (#1086)
-------------------------------------------------------------------
Wed Jul 06 18:12:23 UTC 2022 - kastl@b1-systems.de
- Update to version 0.50.0:
* feat: add new login cmd (#1068)
* update AltRpmDbGlob with comment and context (#1085)
* feat: add support for conan packages (C/C++) (#1083)
* add golang main module and pseudo-version (#916)
* fix: add glob to filter list to ensure rpm metadata files are matched… (#1079)
* remove pr automation until service account creation (#1080)
* fix: purl generation for pom.xml (#1078)
* Update Stereoscope to 5bd627c0f9ce7facbd63ed1f0cf894d97021aa5e (#1072)
* fix: add new languages found in cpes (#1069)
* fix: add php catalogers to all catalogers (#1065)
* feat: add use-all-catalogers flag (#1050)
-------------------------------------------------------------------
Mon Jun 27 13:20:51 UTC 2022 - kastl@b1-systems.de
- Update to version 0.49.0:
* Updates parsing of `yarn.lock` to use `resolved` URLs that are pulled from yarn and npm registries (#926)
* remove OSS Meetup message (#1057)
* add pom.xml cataloger (#1055)
* Add support for CBL-Mariner distroless images (#1045)
* Add catalogers configuration (#1038)
* add template output (#1051)
-------------------------------------------------------------------
Wed Jun 22 08:47:26 UTC 2022 - kastl@b1-systems.de
- Update to version 0.48.1:
* update stereoscope to latest version (#1052)
-------------------------------------------------------------------
Wed Jun 22 08:34:13 UTC 2022 - kastl@b1-systems.de
- Update to version 0.48.0:
* update zip_read_closer to incorporate zip64 support (#1041)
* Add pacman (alpm) parser support (#943)
-------------------------------------------------------------------
Wed Jun 22 08:23:30 UTC 2022 - kastl@b1-systems.de
- Update to version 0.47.0:
* Update of README.md (#1027)
* bump cosign to v1.9.0 to resolve reporting of GHSA-66x3-6cw3-v5gj (#1025)
* add workflows to test new project automation (#1023)
* improve LanguageByName and add unit tests (#1034)
* Read Description from dpkg status files (#996)
* Add announcement for Anchore OSS Virtual Meetup (#1033)
* add main module field to go bin metadata (#1026)
* Add filters to package cataloger (#1021)
* change draft to false for release process (#1016)
* Support RPM distros with newer RPM db formats (#1018)
* fix: add component list to prevent cyclone-dx panic (#1015)
-------------------------------------------------------------------
Mon Jun 6 19:43:54 UTC 2022 - Johannes Kastl <kastl@b1-systems.de>
- first version of package syft at version 0.46.3
Reference in New Issue View Git Blame Copy Permalink