Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: anchore/syft
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.31.0
Choose a base ref
...
head repository: anchore/syft
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.32.0
Choose a head ref
  • 16 commits
  • 79 files changed
  • 9 contributors

Commits on Aug 13, 2025

  1. feat: add support for authors, maintainers, and contributors in packa… 

    …ge.json. (#4003)

Fixes #2250
---------
Signed-off-by: Alan Pope <alan.pope@anchore.com>
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
    @popey @spiffcs
    popey and spiffcs authored Aug 13, 2025
    Configuration menu
    Copy the full SHA
    87e1d8c View commit details
    Browse the repository at this point in the history

Commits on Aug 14, 2025

  1. chore(deps): update tools to latest versions (#4139) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Aug 14, 2025
    Configuration menu
    Copy the full SHA
    10ea022 View commit details
    Browse the repository at this point in the history

Commits on Aug 15, 2025

  1. chore(deps): bump anchore/sbom-action from 0.20.4 to 0.20.5 (#4141) 

    Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.4 to 0.20.5.
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@7b36ad6...da167ea)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 15, 2025
    Configuration menu
    Copy the full SHA
    0e669fa View commit details
    Browse the repository at this point in the history

Commits on Aug 18, 2025

  1. chore(deps): bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 (#… 

    …4144)

Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.7.8 to 1.7.9.
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](hashicorp/go-getter@v1.7.8...v1.7.9)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.7.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 18, 2025
    Configuration menu
    Copy the full SHA
    c4292ad View commit details
    Browse the repository at this point in the history

  2. chore(deps): update CPE dictionary index (#4143) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: wagoodman <590471+wagoodman@users.noreply.github.com>
    @anchore-actions-token-generator @wagoodman
    anchore-actions-token-generator[bot] and wagoodman authored Aug 18, 2025
    Configuration menu
    Copy the full SHA
    ba2eb57 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump github/codeql-action from 3.29.9 to 3.29.10 (#4145) 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.9 to 3.29.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@df55935...96f518a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 18, 2025
    Configuration menu
    Copy the full SHA
    8e51e8d View commit details
    Browse the repository at this point in the history

Commits on Aug 20, 2025

  1. feat: basic Conda ecosystem support (#4002) 

    ----------------------------------------------------------------
Signed-off-by: Simeon Stoykov <simeon.stoykov@quantco.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Co-authored-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
    @SimeonStoykovQC @spiffcs
    SimeonStoykovQC and spiffcs authored Aug 20, 2025
    Configuration menu
    Copy the full SHA
    a433045 View commit details
    Browse the repository at this point in the history

Commits on Aug 21, 2025

  1. chore(deps): bump github/codeql-action from 3.29.10 to 3.29.11 (#4149) 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.10 to 3.29.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@96f518a...3c3833e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 21, 2025
    Configuration menu
    Copy the full SHA
    26792fc View commit details
    Browse the repository at this point in the history

  2. chore: redhat cataloger error when sqlite not regsitered (#4150) 

    Signed-off-by: Keith Zantow <kzantow@gmail.com>
    @kzantow
    kzantow authored Aug 21, 2025
    Configuration menu
    Copy the full SHA
    ca21ccf View commit details
    Browse the repository at this point in the history

Commits on Aug 25, 2025

  1. Feature: Add ffmpeg binary cataloger (#3994) 

    * Add ffmpeg binary cataloger

Signed-off-by: Alan Pope <alan.pope@anchore.com>

* add linux-amd64 snippet and test

Signed-off-by: Alan Pope <alan.pope@anchore.com>

* Widen scope of regex to two digit version numbers

Signed-off-by: Alan Pope <alan.pope@anchore.com>

* Add full test fixtures for ffmpeg

Signed-off-by: Alan Pope <alan.pope@anchore.com>

---------

Signed-off-by: Alan Pope <alan.pope@anchore.com>
    @popey
    popey authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    ada74a8 View commit details
    Browse the repository at this point in the history

  2. chore(deps): update tools to latest versions (#4154) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    37b2c03 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2025

  1. chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 (#… 

    …4160)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 26, 2025
    Configuration menu
    Copy the full SHA
    9f07fa4 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump github.com/diskfs/go-diskfs (#4159) 

    Bumps [github.com/diskfs/go-diskfs](https://github.com/diskfs/go-diskfs) from 1.6.1-0.20250601133945-2af1c7ece24c to 1.7.0.
- [Commits](https://github.com/diskfs/go-diskfs/commits/v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/diskfs/go-diskfs
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Aug 26, 2025
    Configuration menu
    Copy the full SHA
    7dc7c01 View commit details
    Browse the repository at this point in the history

  3. use go.yaml.in/yaml (#4157) 

    Signed-off-by: Nikita Besperstov <n.bes@pm.me>
    @n-bes
    n-bes authored Aug 26, 2025
    Configuration menu
    Copy the full SHA
    170c4c4 View commit details
    Browse the repository at this point in the history

  4. feat: combine go module file and go source discovery into single cata… 

    …loger (#4127)

---------
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Christopher Angelo Phillips <32073428+spiffcs@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
    @spiffcs @wagoodman
    spiffcs and wagoodman authored Aug 26, 2025
    Configuration menu
    Copy the full SHA
    13ffeeb View commit details
    Browse the repository at this point in the history

  5. chore(deps): update anchore dependencies (#4169) 

    Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
    @anchore-actions-token-generator @spiffcs
    anchore-actions-token-generator[bot] and spiffcs authored Aug 26, 2025
    Configuration menu
    Copy the full SHA
    2d8e337 View commit details
    Browse the repository at this point in the history
Loading