pool/syft
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46e556c238
syft/syft.spec
Richard Brown 46e556c238 Accepting request 1115835 from home:amanzini:branches:devel:kubic 
- Update to version 0.92.0:
  * bump deps to latest version
  * fix: deterministic java purls (#2170)
- Update to version 0.91.0:
  * fix: prevent errors from clobbering terminal (#2161)
  * Require ordering of relationships when comparing parser output (#2160)
  * Add containerd support (#1793)
  * feat: add dependency information to conan lockfile parser (#2131)
  * fix: encode and decode FileLicenses and FileContents in Syft JSON (#2083)
  * feat: add cyclonedx schema version selection (#2123)
  * fix: allow cyclonedx json input with no components (#2127)
  * fix source-version typo in flag description (#2126)
- Update to version 0.90.0:
  * fix(help): power-user help text to indicate it supports file-system (#2113)
  * fix: update codeql-analysis for go 1.21 (#2108)
  * feat(cmd/update): add UA header with current ver when check for update (#2100)
  * fix(cdx): validate external refs before encoding (#2091)
  * fix: correct group IDs for commons-codec, okhttp, okio, and add integration tests for Java PURL generation (#2075)

OBS-URL: https://build.opensuse.org/request/show/1115835
OBS-URL: https://build.opensuse.org/package/show/devel:kubic/syft?expand=0&rev=97
2023-10-06 13:37:10 +00:00

57 lines
1.9 KiB
RPMSpec
Raw Blame History

#
# spec file for package syft
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
Version: 0.92.0
Release: 0
Summary: CLI tool and library for generating a Software Bill of Materials
License: Apache-2.0
URL: https://github.com/anchore/syft
Source: syft-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: go >= 1.18
%description
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype.
%prep
%setup -q
%setup -q -T -D -a 1
%build
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
go build \
-mod=vendor \
-buildmode=pie \
-ldflags="-X github.com/anchore/syft/internal/version.version=%{version} -X github.com/anchore/syft/internal/version.buildDate=$BUILD_DATE" \
-o bin/syft ./cmd/syft
%install
# Install the binary.
install -D -m 0755 bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
%files
%doc README.md
%license LICENSE
%{_bindir}/%{name}
%changelog
Reference in New Issue View Git Blame Copy Permalink