Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates go mod toolchain version to 1.22.5 #584

Closed
wants to merge 245 commits into from
Closed

Updates go mod toolchain version to 1.22.5 #584

wants to merge 245 commits into from

Commits on Dec 7, 2021

  1. Adds v2 branch

    Ryan Moran committed Dec 7, 2021
    Configuration menu
    Copy the full SHA
    39b9455 View commit details
    Browse the repository at this point in the history

  2. Fixes import statement for v2 module

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Dec 7, 2021
    Configuration menu
    Copy the full SHA
    c810215 View commit details
    Browse the repository at this point in the history

Commits on Dec 9, 2021

  1. Removes syft replace directive to use upstream

    @ForestEckhardt
    Ryan Moran authored and ForestEckhardt committed Dec 9, 2021
    Configuration menu
    Copy the full SHA
    5bda788 View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2021

  1. Bump github.com/anchore/syft from 0.32.0 to 0.32.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.0 to 0.32.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.32.0...v0.32.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Dec 14, 2021
    Configuration menu
    Copy the full SHA
    8ae6429 View commit details
    Browse the repository at this point in the history

  2. Updates expectations to match new Syft output

    @ForestEckhardt
    ForestEckhardt committed Dec 14, 2021
    Configuration menu
    Copy the full SHA
    4f67806 View commit details
    Browse the repository at this point in the history

  3. Bump github.com/anchore/syft from 0.32.1 to 0.32.2 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.1 to 0.32.2.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.32.1...v0.32.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @sophiewigmore
    dependabot[bot] authored and sophiewigmore committed Dec 14, 2021
    Configuration menu
    Copy the full SHA
    592fec7 View commit details
    Browse the repository at this point in the history

Commits on Dec 21, 2021

  1. Bump github.com/anchore/syft from 0.32.2 to 0.33.0 (#270) 

    * Bump github.com/anchore/syft from 0.32.2 to 0.33.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.2 to 0.33.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.32.2...v0.33.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* extract dependency IDs from syft output

since these seem to change with syft releases

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frankie Gallina-Jones <[email protected]>
    @dependabot
    dependabot[bot] and Frankie Gallina-Jones authored Dec 21, 2021
    Configuration menu
    Copy the full SHA
    0f61b71 View commit details
    Browse the repository at this point in the history

Commits on Jan 3, 2022

  1. streamline sbom test assertions 

    to avoid brittleness from irrelevant SBOM content changes
    @sophiewigmore
    Frankie Gallina-Jones authored and sophiewigmore committed Jan 3, 2022
    Configuration menu
    Copy the full SHA
    6bec663 View commit details
    Browse the repository at this point in the history

  2. extract SBOM output structs; share across tests

    @sophiewigmore
    Frankie Gallina-Jones authored and sophiewigmore committed Jan 3, 2022
    Configuration menu
    Copy the full SHA
    5b4d81b View commit details
    Browse the repository at this point in the history

  3. remove unused structs

    @sophiewigmore
    Frankie Gallina-Jones authored and sophiewigmore committed Jan 3, 2022
    Configuration menu
    Copy the full SHA
    56c823a View commit details
    Browse the repository at this point in the history

Commits on Jan 4, 2022

  1. Bump github.com/anchore/syft from 0.33.0 to 0.34.0 (#271) 

    * Bump github.com/anchore/syft from 0.33.0 to 0.34.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.33.0 to 0.34.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* in tests: extract syft SBOM schema info from actual SBOM

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frankie Gallina-Jones <[email protected]>
Co-authored-by: Sophie Wigmore <[email protected]>
    @dependabot
    3 people authored Jan 4, 2022
    Configuration menu
    Copy the full SHA
    14956ac View commit details
    Browse the repository at this point in the history

Commits on Jan 7, 2022

  1. Add a WithLevel function to scribe.Emitter

    @ryanmoran
    Sophie Wigmore authored and ryanmoran committed Jan 7, 2022
    Configuration menu
    Copy the full SHA
    b0348e1 View commit details
    Browse the repository at this point in the history

Commits on Jan 10, 2022

  1. fix(servicebindings): trim provider/type whitespace 

    Currently, the servicebindings.Resolve(...) function does not consider
whitespace when comparing the requested type/providers with what's on the
filesystem. This change ensures that the type/providers read from disk
are sanitized before they are used.
    @noamichael @ryanmoran
    noamichael authored and ryanmoran committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    98052d2 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/anchore/syft from 0.34.0 to 0.35.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.34.0 to 0.35.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    c6f84d7 View commit details
    Browse the repository at this point in the history

  3. Update input to syft.CatalogPackages

    @ryanmoran
    Sophie Wigmore authored and ryanmoran committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    bbd6771 View commit details
    Browse the repository at this point in the history

Commits on Jan 11, 2022

  1. Bump github.com/anchore/syft from 0.35.0 to 0.35.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.0 to 0.35.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.35.0...v0.35.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Jan 11, 2022
    Configuration menu
    Copy the full SHA
    f1329b1 View commit details
    Browse the repository at this point in the history

Commits on Jan 13, 2022

  1. Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (#279) 

    * Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0

Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 0.4.1 to 1.0.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v0.4.1...v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* update toml decoding

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frankie Gallina-Jones <[email protected]>
    @dependabot
    dependabot[bot] and Frankie Gallina-Jones authored Jan 13, 2022
    Configuration menu
    Copy the full SHA
    f498877 View commit details
    Browse the repository at this point in the history

Commits on Jan 25, 2022

  1. Bump github.com/onsi/gomega from 1.17.0 to 1.18.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Jan 25, 2022
    Configuration menu
    Copy the full SHA
    56ac668 View commit details
    Browse the repository at this point in the history

Commits on Jan 26, 2022

  1. Bump github.com/anchore/syft from 0.35.1 to 0.36.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.1 to 0.36.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.35.1...v0.36.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Jan 26, 2022
    Configuration menu
    Copy the full SHA
    3790bd4 View commit details
    Browse the repository at this point in the history

  2. Fixes breaking changes in syft sbom package

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Jan 26, 2022
    Configuration menu
    Copy the full SHA
    8a2660d View commit details
    Browse the repository at this point in the history

Commits on Jan 28, 2022

  1. Bump github.com/onsi/gomega from 1.18.0 to 1.18.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.18.0...v1.18.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Jan 28, 2022
    Configuration menu
    Copy the full SHA
    ebf2e8a View commit details
    Browse the repository at this point in the history

Commits on Feb 7, 2022

  1. Bump github.com/anchore/syft from 0.36.0 to 0.37.5 (#285) 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.36.0 to 0.37.5.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.36.0...v0.37.5)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 7, 2022
    Configuration menu
    Copy the full SHA
    246b9c4 View commit details
    Browse the repository at this point in the history

Commits on Feb 8, 2022

  1. Bump github.com/anchore/syft from 0.37.5 to 0.37.10 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.5 to 0.37.10.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.37.5...v0.37.10)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Feb 8, 2022
    Configuration menu
    Copy the full SHA
    8f080ea View commit details
    Browse the repository at this point in the history

Commits on Feb 9, 2022

  1. make logger writers public (#284)

    Frankie G-J authored Feb 9, 2022
    Configuration menu
    Copy the full SHA
    02183b6 View commit details
    Browse the repository at this point in the history

Commits on Feb 16, 2022

  1. Bump github.com/anchore/syft from 0.37.10 to 0.38.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.10 to 0.38.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.37.10...v0.38.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Feb 16, 2022
    Configuration menu
    Copy the full SHA
    82fbf79 View commit details
    Browse the repository at this point in the history

  2. add SBOM logging to scribe.Emitter

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Feb 16, 2022
    Configuration menu
    Copy the full SHA
    07ce8a2 View commit details
    Browse the repository at this point in the history

Commits on Feb 23, 2022

  1. Fixes error interpolation case where err is nil (#289) 

    * Fixes error interpolation case where err is nil

* Adds failure case where there is additional data on the tar file

Co-authored-by: Forest Eckhardt <[email protected]>
    @ryanmoran @ForestEckhardt
    ryanmoran and ForestEckhardt authored Feb 23, 2022
    Configuration menu
    Copy the full SHA
    99c168f View commit details
    Browse the repository at this point in the history

Commits on Feb 28, 2022

  1. Bump github.com/anchore/syft from 0.38.0 to 0.39.3 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.38.0 to 0.39.3.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.38.0...v0.39.3)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Feb 28, 2022
    Configuration menu
    Copy the full SHA
    fb8c35f View commit details
    Browse the repository at this point in the history

Commits on Mar 2, 2022

  1. Trims whitespace around dependency-mapping values (#291)

    @ryanmoran
    ryanmoran authored Mar 2, 2022
    Configuration menu
    Copy the full SHA
    06a914f View commit details
    Browse the repository at this point in the history

Commits on Mar 3, 2022

  1. Bump github.com/anchore/syft from 0.39.3 to 0.40.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.39.3 to 0.40.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.39.3...v0.40.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Mar 3, 2022
    Configuration menu
    Copy the full SHA
    e3ed2b9 View commit details
    Browse the repository at this point in the history

  2. assert that syft SBOM schema major version is fixed

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Mar 3, 2022
    Configuration menu
    Copy the full SHA
    01b7e94 View commit details
    Browse the repository at this point in the history

Commits on Mar 7, 2022

  1. Bump github.com/anchore/syft from 0.40.0 to 0.40.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.40.0 to 0.40.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.40.0...v0.40.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Mar 7, 2022
    Configuration menu
    Copy the full SHA
    8117a8c View commit details
    Browse the repository at this point in the history

Commits on Mar 8, 2022

  1. Bump github.com/anchore/syft from 0.40.1 to 0.41.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.40.1 to 0.41.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.40.1...v0.41.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Mar 8, 2022
    Configuration menu
    Copy the full SHA
    8bb42ef View commit details
    Browse the repository at this point in the history

  2. Fixes format references for SBOM

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Mar 8, 2022
    Configuration menu
    Copy the full SHA
    cf9981d View commit details
    Browse the repository at this point in the history

Commits on Mar 9, 2022

  1. Bump github.com/anchore/syft from 0.41.0 to 0.41.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.41.0 to 0.41.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.41.0...v0.41.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Mar 9, 2022
    Configuration menu
    Copy the full SHA
    e0511eb View commit details
    Browse the repository at this point in the history

Commits on Mar 10, 2022

  1. Updates README and adds top level blurb

    @ForestEckhardt @ryanmoran
    ForestEckhardt authored and ryanmoran committed Mar 10, 2022
    Configuration menu
    Copy the full SHA
    d2001eb View commit details
    Browse the repository at this point in the history

  2. Adds missing description lines

    @ForestEckhardt @ryanmoran
    ForestEckhardt authored and ryanmoran committed Mar 10, 2022
    Configuration menu
    Copy the full SHA
    68f1252 View commit details
    Browse the repository at this point in the history

  3. Fixes docs badge

    @ForestEckhardt @ryanmoran
    ForestEckhardt authored and ryanmoran committed Mar 10, 2022
    Configuration menu
    Copy the full SHA
    ed29b63 View commit details
    Browse the repository at this point in the history

Commits on Mar 17, 2022

  1. Fixes line continuations in indented writer streams

    @ForestEckhardt
    Ryan Moran authored and ForestEckhardt committed Mar 17, 2022
    Configuration menu
    Copy the full SHA
    5ff9d3b View commit details
    Browse the repository at this point in the history

Commits on Mar 21, 2022

  1. Use a file source for SBOM when applicable

    @ForestEckhardt
    Ryan Moran authored and ForestEckhardt committed Mar 21, 2022
    Configuration menu
    Copy the full SHA
    306103e View commit details
    Browse the repository at this point in the history

Commits on Mar 23, 2022

  1. Add "application/octet-stream" as an allowed file type

    @joshuatcasey @ForestEckhardt
    joshuatcasey authored and ForestEckhardt committed Mar 23, 2022
    Configuration menu
    Copy the full SHA
    d176542 View commit details
    Browse the repository at this point in the history

  2. Fix: application/x-executable should use NewExecutable decompression … 

    …strategy
    @joshuatcasey @ForestEckhardt
    joshuatcasey authored and ForestEckhardt committed Mar 23, 2022
    Configuration menu
    Copy the full SHA
    545e8c0 View commit details
    Browse the repository at this point in the history

Commits on Mar 24, 2022

  1. Update create-release.yml

    @ryanmoran @ForestEckhardt
    ryanmoran authored and ForestEckhardt committed Mar 24, 2022
    Configuration menu
    Copy the full SHA
    1d7e9a9 View commit details
    Browse the repository at this point in the history

  2. consolidate PR autolabeler (#314)

    Frankie G-J authored Mar 24, 2022
    Configuration menu
    Copy the full SHA
    cbf7ba2 View commit details
    Browse the repository at this point in the history

Commits on Mar 28, 2022

  1. Bump github.com/onsi/gomega from 1.18.1 to 1.19.0 (#316) 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.18.1 to 1.19.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.18.1...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 28, 2022
    Configuration menu
    Copy the full SHA
    6ff09da View commit details
    Browse the repository at this point in the history

Commits on Mar 31, 2022

  1. Add commands.PopulateExecDCommands to move bin/* commands into an exe… 

    …c.d executable
    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Mar 31, 2022
    Configuration menu
    Copy the full SHA
    580c283 View commit details
    Browse the repository at this point in the history

  2. Move "exec.d" into the Layer

    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Mar 31, 2022
    Configuration menu
    Copy the full SHA
    7484d77 View commit details
    Browse the repository at this point in the history

  3. Use matcher BeARegularFile

    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Mar 31, 2022
    Configuration menu
    Copy the full SHA
    3735008 View commit details
    Browse the repository at this point in the history

  4. use err from fs.Copy

    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Mar 31, 2022
    Configuration menu
    Copy the full SHA
    579f71a View commit details
    Browse the repository at this point in the history

Commits on Apr 1, 2022

  1. Upgrades actions to go 1.18

    @ForestEckhardt @ryanmoran
    ForestEckhardt authored and ryanmoran committed Apr 1, 2022
    Configuration menu
    Copy the full SHA
    c7fa1a6 View commit details
    Browse the repository at this point in the history

  2. Complete comment block to pacify linter

    @ForestEckhardt @ryanmoran
    ForestEckhardt authored and ryanmoran committed Apr 1, 2022
    Configuration menu
    Copy the full SHA
    1c5ad2f View commit details
    Browse the repository at this point in the history

Commits on Apr 4, 2022

  1. approve and enable auto-merge on bot PRs (#323)

    Frankie G-J authored Apr 4, 2022
    Configuration menu
    Copy the full SHA
    e050758 View commit details
    Browse the repository at this point in the history

Commits on Apr 5, 2022

  1. Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0 (#324) 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.0.0...v1.1.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 5, 2022
    Configuration menu
    Copy the full SHA
    6954a42 View commit details
    Browse the repository at this point in the history

Commits on Apr 8, 2022

  1. add cyclonedx13 and syft2 implementations of Syft sbom.Format 

    so that they can be used in syft.Encode() to generate pinned
SBOM schema versions. Upgrades to syft 0.42.2

NOTE: upgrading syft required me to upgrade to go.1.18 on my machine
We'll need to update our pipelines accordingly
    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    1baf032 View commit details
    Browse the repository at this point in the history

  2. address linter complaints

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    23a81a1 View commit details
    Browse the repository at this point in the history

  3. add syft 3.0.1; unit tests passing

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    776ba7a View commit details
    Browse the repository at this point in the history

  4. register syft3.0.1 format, update default schema versions

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    80341f5 View commit details
    Browse the repository at this point in the history

  5. remove dead code; get tests passing with upgraded syft 0.43.0

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    610f3b8 View commit details
    Browse the repository at this point in the history

  6. adjust FormattedReader implementation to preserve test compatibility

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    29abfed View commit details
    Browse the repository at this point in the history

  7. upgrade to latest syft

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    e3745cd View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2022

  1. Bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#326) 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.7.0...v1.7.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 11, 2022
    Configuration menu
    Copy the full SHA
    e6b2701 View commit details
    Browse the repository at this point in the history

Commits on Apr 12, 2022

  1. Adds sbom.NewSBOM (#327)

    @ryanmoran
    ryanmoran authored Apr 12, 2022
    Configuration menu
    Copy the full SHA
    b5dff77 View commit details
    Browse the repository at this point in the history

Commits on Apr 13, 2022

  1. Bump github.com/anchore/syft from 0.43.2 to 0.44.0 (#328) 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.43.2 to 0.44.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.43.2...v0.44.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 13, 2022
    Configuration menu
    Copy the full SHA
    67120d3 View commit details
    Browse the repository at this point in the history

Commits on Apr 18, 2022

  1. Bump github.com/anchore/syft from 0.44.0 to 0.44.1 (#332) 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.44.0 to 0.44.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.44.0...v0.44.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 18, 2022
    Configuration menu
    Copy the full SHA
    53a23cf View commit details
    Browse the repository at this point in the history

  2. update auto-label workflow trigger

    @ryanmoran
    Sophie Wigmore authored and ryanmoran committed Apr 18, 2022
    Configuration menu
    Copy the full SHA
    fe74309 View commit details
    Browse the repository at this point in the history

  3. rebase instead of squash on auto-merge

    @ryanmoran
    Frankie G-J authored and ryanmoran committed Apr 18, 2022
    Configuration menu
    Copy the full SHA
    2247967 View commit details
    Browse the repository at this point in the history

Commits on Apr 22, 2022

  1. Bump github.com/pelletier/go-toml from 1.9.4 to 1.9.5 

    Bumps [github.com/pelletier/go-toml](https://github.com/pelletier/go-toml) from 1.9.4 to 1.9.5.
- [Release notes](https://github.com/pelletier/go-toml/releases)
- [Commits](pelletier/go-toml@v1.9.4...v1.9.5)

---
updated-dependencies:
- dependency-name: github.com/pelletier/go-toml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 22, 2022
    Configuration menu
    Copy the full SHA
    0ff8008 View commit details
    Browse the repository at this point in the history

Commits on Apr 25, 2022

  1. API 0.8: Allows for process specific working directory (#336) 

    Co-authored-by: Sophie Wigmore <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Sophie Wigmore authored Apr 25, 2022
    Configuration menu
    Copy the full SHA
    733d098 View commit details
    Browse the repository at this point in the history

Commits on Apr 27, 2022

  1. Bump github.com/google/go-cmp from 0.5.7 to 0.5.8 

    Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.7...v0.5.8)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 27, 2022
    Configuration menu
    Copy the full SHA
    a8d191f View commit details
    Browse the repository at this point in the history

  2. API 0.8: Uses environment variables over postional args when available ( 

    #335)

Co-authored-by: Sophie Wigmore <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Sophie Wigmore authored Apr 27, 2022
    Configuration menu
    Copy the full SHA
    f95ee58 View commit details
    Browse the repository at this point in the history

Commits on Apr 29, 2022

  1. Fallback to id if idLike doesn't exist

    @ForestEckhardt
    Ryan Moran authored and ForestEckhardt committed Apr 29, 2022
    Configuration menu
    Copy the full SHA
    5fa7790 View commit details
    Browse the repository at this point in the history

Commits on May 2, 2022

  1. Bump github.com/anchore/syft from 0.44.1 to 0.45.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.44.1 to 0.45.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.44.1...v0.45.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 2, 2022
    Configuration menu
    Copy the full SHA
    e9bd6e2 View commit details
    Browse the repository at this point in the history

Commits on May 4, 2022

  1. Bump github.com/anchore/syft from 0.45.0 to 0.45.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.45.0 to 0.45.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.45.0...v0.45.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 4, 2022
    Configuration menu
    Copy the full SHA
    dd5868f View commit details
    Browse the repository at this point in the history

Commits on May 11, 2022

  1. Remove deprecated ioutil package.

    @robdimsdale @ForestEckhardt
    robdimsdale authored and ForestEckhardt committed May 11, 2022
    Configuration menu
    Copy the full SHA
    bf5a320 View commit details
    Browse the repository at this point in the history

Commits on May 13, 2022

  1. Bump github.com/anchore/syft from 0.45.1 to 0.46.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.45.1 to 0.46.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.45.1...v0.46.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 13, 2022
    Configuration menu
    Copy the full SHA
    22b1ca9 View commit details
    Browse the repository at this point in the history

Commits on May 17, 2022

  1. Bump github.com/anchore/syft from 0.46.0 to 0.46.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.46.0 to 0.46.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.46.0...v0.46.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 17, 2022
    Configuration menu
    Copy the full SHA
    7b9a5b0 View commit details
    Browse the repository at this point in the history

Commits on May 24, 2022

  1. Bump github.com/anchore/syft from 0.46.1 to 0.46.2 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.46.1 to 0.46.2.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.46.1...v0.46.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 24, 2022
    Configuration menu
    Copy the full SHA
    5d38995 View commit details
    Browse the repository at this point in the history

Commits on May 26, 2022

  1. Bump github.com/anchore/syft from 0.46.2 to 0.46.3 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.46.2 to 0.46.3.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.46.2...v0.46.3)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 26, 2022
    Configuration menu
    Copy the full SHA
    5022b00 View commit details
    Browse the repository at this point in the history

Commits on Jun 7, 2022

  1. Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 7, 2022
    Configuration menu
    Copy the full SHA
    5d8cd20 View commit details
    Browse the repository at this point in the history

Commits on Jun 10, 2022

  1. Bump github.com/anchore/syft from 0.46.3 to 0.47.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.46.3 to 0.47.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.46.3...v0.47.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 10, 2022
    Configuration menu
    Copy the full SHA
    10340fb View commit details
    Browse the repository at this point in the history

Commits on Jun 17, 2022

  1. Bump github.com/anchore/syft from 0.47.0 to 0.48.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.47.0 to 0.48.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.47.0...v0.48.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 17, 2022
    Configuration menu
    Copy the full SHA
    f9813db View commit details
    Browse the repository at this point in the history

Commits on Jun 21, 2022

  1. Bump github.com/stretchr/testify from 1.7.2 to 1.7.4 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.7.2...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 21, 2022
    Configuration menu
    Copy the full SHA
    8f861ec View commit details
    Browse the repository at this point in the history

Commits on Jun 23, 2022

  1. Adds scribe.WithPrefix option for scribe.Writer

    @ForestEckhardt
    Ryan Moran authored and ForestEckhardt committed Jun 23, 2022
    Configuration menu
    Copy the full SHA
    115372f View commit details
    Browse the repository at this point in the history

Commits on Jun 24, 2022

  1. Bump github.com/stretchr/testify from 1.7.4 to 1.7.5 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 24, 2022
    Configuration menu
    Copy the full SHA
    95719da View commit details
    Browse the repository at this point in the history

Commits on Jun 27, 2022

  1. Bump github.com/anchore/syft from 0.48.1 to 0.49.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.48.1 to 0.49.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.48.1...v0.49.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 27, 2022
    Configuration menu
    Copy the full SHA
    63415bf View commit details
    Browse the repository at this point in the history

Commits on Jun 30, 2022

  1. Bump github.com/stretchr/testify from 1.7.5 to 1.8.0 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 30, 2022
    Configuration menu
    Copy the full SHA
    0536aa9 View commit details
    Browse the repository at this point in the history

Commits on Jul 7, 2022

  1. Bump github.com/anchore/syft from 0.49.0 to 0.50.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.49.0...v0.50.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 7, 2022
    Configuration menu
    Copy the full SHA
    795b1b9 View commit details
    Browse the repository at this point in the history

Commits on Jul 8, 2022

  1. Bump github.com/gabriel-vasile/mimetype from 1.4.0 to 1.4.1 

    Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 8, 2022
    Configuration menu
    Copy the full SHA
    5add877 View commit details
    Browse the repository at this point in the history

Commits on Jul 12, 2022

  1. Bump github.com/anchore/syft from 0.50.0 to 0.51.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.50.0 to 0.51.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md)
- [Commits](anchore/syft@v0.50.0...v0.51.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 12, 2022
    Configuration menu
    Copy the full SHA
    429f8e4 View commit details
    Browse the repository at this point in the history

Commits on Jul 21, 2022

  1. Bump github.com/onsi/gomega from 1.19.0 to 1.20.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.19.0 to 1.20.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.19.0...v1.20.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 21, 2022
    Configuration menu
    Copy the full SHA
    4a6b6e9 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 21, 2022
    Configuration menu
    Copy the full SHA
    15857fd View commit details
    Browse the repository at this point in the history

Commits on Jul 22, 2022

  1. Bump github.com/anchore/syft from 0.51.0 to 0.52.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.51.0 to 0.52.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.51.0...v0.52.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 22, 2022
    Configuration menu
    Copy the full SHA
    e6a8364 View commit details
    Browse the repository at this point in the history

Commits on Jul 27, 2022

  1. add logging for layer flags and env var configuration

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    b8f20b3 View commit details
    Browse the repository at this point in the history

  2. test NewFormattedMapFromEnvironment with non-packit.Environment map

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Jul 27, 2022
    Configuration menu
    Copy the full SHA
    05348af View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2022

  1. Bump github.com/anchore/syft from 0.52.0 to 0.53.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.52.0 to 0.53.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.52.0...v0.53.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 1, 2022
    Configuration menu
    Copy the full SHA
    43dbd22 View commit details
    Browse the repository at this point in the history

Commits on Aug 2, 2022

  1. Validate env var names before writing env var files (#365) 

    * validate that env var names before adding to formatted map

* validate env var names during Write()

* Apply suggestions from code review
    Frankie G-J authored Aug 2, 2022
    Configuration menu
    Copy the full SHA
    548b1e3 View commit details
    Browse the repository at this point in the history

Commits on Aug 3, 2022

  1. Bump github.com/anchore/syft from 0.53.0 to 0.53.2 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.53.0 to 0.53.2.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.53.0...v0.53.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 3, 2022
    Configuration menu
    Copy the full SHA
    7cc181e View commit details
    Browse the repository at this point in the history

  2. Makes CycloneDX SBOM Reproducible (#369) 

    * Makes CycloneDX SBOM Reproducible

- Removes the serial number and timestamp in the FormatterReader.Read()
  function

* Adds format verification check

* Update sbom/formatted_reader.go

Co-authored-by: Sophie Wigmore <[email protected]>

Co-authored-by: Sophie Wigmore <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Sophie Wigmore authored Aug 3, 2022
    Configuration menu
    Copy the full SHA
    3b843c5 View commit details
    Browse the repository at this point in the history

  3. Adds a reproducibility verification check (#371)

    @ForestEckhardt
    ForestEckhardt authored Aug 3, 2022
    Configuration menu
    Copy the full SHA
    3d5da08 View commit details
    Browse the repository at this point in the history

Commits on Aug 4, 2022

  1. Bump github.com/anchore/syft from 0.53.2 to 0.53.4 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.53.2 to 0.53.4.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.53.2...v0.53.4)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    3e01d1e View commit details
    Browse the repository at this point in the history

  2. Add support for wild-card stacks in dependencies 

    Signed-off-by: Sambhav Kothari <[email protected]>
    @sambhav @ForestEckhardt
    sambhav authored and ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    ba6658c View commit details
    Browse the repository at this point in the history

  3. Makes SPDX SBOM Reproducible 

    - Writes custom documentNamespace and use SOURCE_DATE_EPOCH for created
  timestamp when available
    @ForestEckhardt
    ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    aade3bb View commit details
    Browse the repository at this point in the history

  4. Update sbom/formatted_reader.go 

    Co-authored-by: Frankie G-J <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Frankie G-J committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    d8bc1a6 View commit details
    Browse the repository at this point in the history

  5. Makes SPDX test with SOURCE_DATE_EPOCH run in seires and adds a failu… 

    …re case test
    @ForestEckhardt
    ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    f027902 View commit details
    Browse the repository at this point in the history

  6. Update sbom/formatted_reader.go 

    Co-authored-by: Frankie G-J <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Frankie G-J committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    602660a View commit details
    Browse the repository at this point in the history

  7. compare SBOM output as strings 

    so that test failure shows helpful string output instead of a byte array
    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    1434903 View commit details
    Browse the repository at this point in the history

  8. assert that output SPDX is valid SPDX

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    341fa34 View commit details
    Browse the repository at this point in the history

  9. Removes unnecesary loops

    @ForestEckhardt
    ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    fec3ba5 View commit details
    Browse the repository at this point in the history

  10. Removes use of third party hashing library

    @ForestEckhardt
    ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    4e304e4 View commit details
    Browse the repository at this point in the history

  11. variable rename; typo fix

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 4, 2022
    Configuration menu
    Copy the full SHA
    32d5998 View commit details
    Browse the repository at this point in the history

Commits on Aug 5, 2022

  1. GenerateFromDependency without CPE or PURL (#373) 

    * if dependency has no CPE, omit or use all-wildcards CPE value

* use all-N/A CPE instead of all-ANY cpe when CPE is unknown

* rename UnknownDependencyCPE --> UnknownCPE

* add godoc for UnknownCPE

Co-authored-by: Forest Eckhardt <[email protected]>
    @ForestEckhardt
    Frankie G-J and ForestEckhardt authored Aug 5, 2022
    Configuration menu
    Copy the full SHA
    444cccb View commit details
    Browse the repository at this point in the history

Commits on Aug 8, 2022

  1. add CPEs to buildpack.toml dependency schema

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 8, 2022
    Configuration menu
    Copy the full SHA
    c773010 View commit details
    Browse the repository at this point in the history

  2. test that CPEs are included in parsed postal dependency

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 8, 2022
    Configuration menu
    Copy the full SHA
    49787b5 View commit details
    Browse the repository at this point in the history

  3. deprecate CPE in buildpack.toml

    @ForestEckhardt
    Frankie Gallina-Jones authored and ForestEckhardt committed Aug 8, 2022
    Configuration menu
    Copy the full SHA
    8b897da View commit details
    Browse the repository at this point in the history

Commits on Aug 9, 2022

  1. Update lint.yml (#380) 

    * Update lint.yml

* ignore linter on usage of deprecated CPE field

* add timeout for linter

Co-authored-by: Sophie Wigmore <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Sophie Wigmore authored Aug 9, 2022
    Configuration menu
    Copy the full SHA
    2ecad07 View commit details
    Browse the repository at this point in the history

  2. Marshal CycloneDX/SPDX SBOM with indentation (#379) 

    * Marshal CycloneDX/SPDX SBOM with indentation

* sbom: add assertions that output is pretty-printed

* ignore linter failures on CPE field

* indent SBOM JSON with spaces from upstream formats

Co-authored-by: Frankie G-J <[email protected]>
    Sophie Wigmore and Frankie G-J authored Aug 9, 2022
    Configuration menu
    Copy the full SHA
    5c8e862 View commit details
    Browse the repository at this point in the history

Commits on Aug 23, 2022

  1. Adds strip-components field to cargo 

    - This means that the field will be perserved when running jam pack
    @ForestEckhardt
    ForestEckhardt committed Aug 23, 2022
    Configuration menu
    Copy the full SHA
    8bb254b View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2022

  1. Bump github.com/onsi/gomega from 1.20.0 to 1.20.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.0 to 1.20.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.20.0...v1.20.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 29, 2022
    Configuration menu
    Copy the full SHA
    a9983c8 View commit details
    Browse the repository at this point in the history

Commits on Aug 30, 2022

  1. Bump github.com/anchore/syft from 0.53.4 to 0.54.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.53.4 to 0.54.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.53.4...v0.54.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Aug 30, 2022
    Configuration menu
    Copy the full SHA
    56d7667 View commit details
    Browse the repository at this point in the history

  2. Update test expectation

    @ForestEckhardt
    ForestEckhardt committed Aug 30, 2022
    Configuration menu
    Copy the full SHA
    7dfd95a View commit details
    Browse the repository at this point in the history

  3. Standardize workflows to appear more similar to github-config

    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Aug 30, 2022
    Configuration menu
    Copy the full SHA
    1224515 View commit details
    Browse the repository at this point in the history

  4. Bump github.com/anchore/syft from 0.54.0 to 0.55.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.54.0 to 0.55.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 30, 2022
    Configuration menu
    Copy the full SHA
    56b3d48 View commit details
    Browse the repository at this point in the history

Commits on Sep 1, 2022

  1. Bump github.com/onsi/gomega from 1.20.1 to 1.20.2 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.1 to 1.20.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.20.1...v1.20.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Sep 1, 2022
    Configuration menu
    Copy the full SHA
    8f76e7a View commit details
    Browse the repository at this point in the history

Commits on Sep 9, 2022

  1. Bump github.com/google/go-cmp from 0.5.8 to 0.5.9 

    Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.5.8...v0.5.9)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Sep 9, 2022
    Configuration menu
    Copy the full SHA
    9c33469 View commit details
    Browse the repository at this point in the history

  2. Add update-github-config workflow to sync from github-config/library

    @joshuatcasey @ryanmoran
    joshuatcasey authored and ryanmoran committed Sep 9, 2022
    Configuration menu
    Copy the full SHA
    54dcc85 View commit details
    Browse the repository at this point in the history

Commits on Sep 12, 2022

  1. Open github-config updates against v2 branch

    @ryanmoran
    ryanmoran committed Sep 12, 2022
    Configuration menu
    Copy the full SHA
    998393f View commit details
    Browse the repository at this point in the history

Commits on Sep 13, 2022

  1. Bump github.com/anchore/syft from 0.55.0 to 0.56.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.55.0 to 0.56.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.55.0...v0.56.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Sep 13, 2022
    Configuration menu
    Copy the full SHA
    d991581 View commit details
    Browse the repository at this point in the history

  2. rename RpmdbMetadata --> RpmMetadata to match upstream

    @ryanmoran
    Frankie Gallina-Jones authored and ryanmoran committed Sep 13, 2022
    Configuration menu
    Copy the full SHA
    3f5210f View commit details
    Browse the repository at this point in the history

Commits on Sep 14, 2022

  1. Adds checksum and source-checksum field in dependencies

    @ForestEckhardt
    ForestEckhardt committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    7f7eaad View commit details
    Browse the repository at this point in the history

  2. Deprecates sha256 and source_sha256

    @ForestEckhardt
    ForestEckhardt committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    de1bc36 View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2022

  1. Allow checksum field usage in legacy SBOM

    @ryanmoran
    Sophie Wigmore authored and ryanmoran committed Sep 20, 2022
    Configuration menu
    Copy the full SHA
    b5e27ef View commit details
    Browse the repository at this point in the history

  2. switch to using Checksum in new SBOM tests

    @ryanmoran
    Sophie Wigmore authored and ryanmoran committed Sep 20, 2022
    Configuration menu
    Copy the full SHA
    bc31d56 View commit details
    Browse the repository at this point in the history

  3. Update postal/service.go 

    Co-authored-by: Ryan Moran <[email protected]>
    @ryanmoran
    Sophie Wigmore and ryanmoran committed Sep 20, 2022
    Configuration menu
    Copy the full SHA
    9339a24 View commit details
    Browse the repository at this point in the history

  4. Bump github.com/anchore/syft from 0.56.0 to 0.57.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.56.0 to 0.57.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.56.0...v0.57.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Sep 20, 2022
    Configuration menu
    Copy the full SHA
    8a63129 View commit details
    Browse the repository at this point in the history

  5. Fixes sbom.AllCoordinates references

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Sep 20, 2022
    Configuration menu
    Copy the full SHA
    190426a View commit details
    Browse the repository at this point in the history

Commits on Sep 21, 2022

  1. Add AreChecksumsEqual (#398)

    @joshuatcasey
    joshuatcasey authored Sep 21, 2022
    Configuration menu
    Copy the full SHA
    cd69bd3 View commit details
    Browse the repository at this point in the history

Commits on Sep 27, 2022

  1. Refactors out common Checksum concept (#399)

    @ryanmoran
    ryanmoran authored Sep 27, 2022
    Configuration menu
    Copy the full SHA
    246a747 View commit details
    Browse the repository at this point in the history

Commits on Sep 30, 2022

  1. Bump github.com/anchore/syft from 0.57.0 to 0.58.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.57.0 to 0.58.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.57.0...v0.58.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Sep 30, 2022
    Configuration menu
    Copy the full SHA
    fe14322 View commit details
    Browse the repository at this point in the history

Commits on Oct 3, 2022

  1. Deprioritize wildcard stacks when resolving dependency. 

    - Also fail when multiple dependencies with the same version support wildcard stacks.
    @robdimsdale @ryanmoran
    robdimsdale authored and ryanmoran committed Oct 3, 2022
    Configuration menu
    Copy the full SHA
    11cf297 View commit details
    Browse the repository at this point in the history

Commits on Oct 4, 2022

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Oct 4, 2022
    Configuration menu
    Copy the full SHA
    77b6938 View commit details
    Browse the repository at this point in the history

  2. Updating github-config

    @paketo-bot
    paketo-bot committed Oct 4, 2022
    Configuration menu
    Copy the full SHA
    53d7bd7 View commit details
    Browse the repository at this point in the history

Commits on Oct 7, 2022

  1. Bump github.com/onsi/gomega from 1.20.2 to 1.21.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.2 to 1.21.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.20.2...v1.21.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 7, 2022
    Configuration menu
    Copy the full SHA
    881a73d View commit details
    Browse the repository at this point in the history

Commits on Oct 12, 2022

  1. Bump github.com/onsi/gomega from 1.21.1 to 1.22.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.21.1 to 1.22.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.21.1...v1.22.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 12, 2022
    Configuration menu
    Copy the full SHA
    57021e5 View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2022

  1. Bump github.com/anchore/syft from 0.58.0 to 0.59.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.58.0 to 0.59.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser_docker.yaml)
- [Commits](anchore/syft@v0.58.0...v0.59.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 18, 2022
    Configuration menu
    Copy the full SHA
    0e95819 View commit details
    Browse the repository at this point in the history

Commits on Oct 24, 2022

  1. Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 24, 2022
    Configuration menu
    Copy the full SHA
    bfefb95 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/BurntSushi/toml from 1.2.0 to 1.2.1 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 24, 2022
    Configuration menu
    Copy the full SHA
    37dbc35 View commit details
    Browse the repository at this point in the history

Commits on Oct 27, 2022

  1. Bump github.com/onsi/gomega from 1.22.1 to 1.23.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.22.1 to 1.23.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.22.1...v1.23.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 27, 2022
    Configuration menu
    Copy the full SHA
    ec2329c View commit details
    Browse the repository at this point in the history

Commits on Nov 1, 2022

  1. Bump github.com/anchore/syft from 0.59.0 to 0.60.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.59.0 to 0.60.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.59.0...v0.60.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 1, 2022
    Configuration menu
    Copy the full SHA
    9bfc1d4 View commit details
    Browse the repository at this point in the history

Commits on Nov 2, 2022

  1. Bump github.com/anchore/syft from 0.60.0 to 0.60.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.60.0 to 0.60.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.60.0...v0.60.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 2, 2022
    Configuration menu
    Copy the full SHA
    054c1ca View commit details
    Browse the repository at this point in the history

Commits on Nov 3, 2022

  1. Bump github.com/onsi/gomega from 1.23.0 to 1.24.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.23.0...v1.24.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 3, 2022
    Configuration menu
    Copy the full SHA
    181d2b3 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/anchore/syft from 0.60.1 to 0.60.2 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.60.1 to 0.60.2.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.60.1...v0.60.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 3, 2022
    Configuration menu
    Copy the full SHA
    6a7f27d View commit details
    Browse the repository at this point in the history

  3. Converts all present strip-componets keys to integers (#417) 

    * Converts all present strip-componets keys to integers

* clarify unit test purpose

Co-authored-by: Frankie Gallina-Jones <[email protected]>
    @ForestEckhardt
    ForestEckhardt and Frankie Gallina-Jones authored Nov 3, 2022
    Configuration menu
    Copy the full SHA
    0ce9f56 View commit details
    Browse the repository at this point in the history

  4. Bump github.com/anchore/syft from 0.60.2 to 0.60.3 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.60.2 to 0.60.3.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.60.2...v0.60.3)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Nov 3, 2022
    Configuration menu
    Copy the full SHA
    85db596 View commit details
    Browse the repository at this point in the history

Commits on Nov 4, 2022

  1. enable support for checksum in postal dependency mappings (#422)

    Sophie Wigmore authored Nov 4, 2022
    Configuration menu
    Copy the full SHA
    e7bd30a View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2022

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Nov 9, 2022
    Configuration menu
    Copy the full SHA
    7d3ea90 View commit details
    Browse the repository at this point in the history

Commits on Nov 10, 2022

  1. Bump github.com/onsi/gomega from 1.24.0 to 1.24.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.24.0 to 1.24.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.24.0...v1.24.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 10, 2022
    Configuration menu
    Copy the full SHA
    86b7e87 View commit details
    Browse the repository at this point in the history

Commits on Nov 14, 2022

  1. Return a typed error when no dependencies are found during resolution.

    @robdimsdale
    robdimsdale committed Nov 14, 2022
    Configuration menu
    Copy the full SHA
    1820200 View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2022

  1. Bump github.com/Masterminds/semver/v3 from 3.1.1 to 3.2.0 

    Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/Masterminds/semver/releases)
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md)
- [Commits](Masterminds/semver@v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: github.com/Masterminds/semver/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 29, 2022
    Configuration menu
    Copy the full SHA
    d53b6dd View commit details
    Browse the repository at this point in the history

Commits on Dec 13, 2022

  1. Bump github.com/ulikunitz/xz from 0.5.10 to 0.5.11 

    Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.10 to 0.5.11.
- [Release notes](https://github.com/ulikunitz/xz/releases)
- [Commits](ulikunitz/xz@v0.5.10...v0.5.11)

---
updated-dependencies:
- dependency-name: github.com/ulikunitz/xz
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Dec 13, 2022
    Configuration menu
    Copy the full SHA
    ffd6402 View commit details
    Browse the repository at this point in the history

Commits on Dec 15, 2022

  1. Bump github.com/onsi/gomega from 1.24.1 to 1.24.2 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.24.1 to 1.24.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.24.1...v1.24.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Dec 15, 2022
    Configuration menu
    Copy the full SHA
    7946103 View commit details
    Browse the repository at this point in the history

Commits on Jan 16, 2023

  1. Bump github.com/sergi/go-diff from 1.2.0 to 1.3.1 

    Bumps [github.com/sergi/go-diff](https://github.com/sergi/go-diff) from 1.2.0 to 1.3.1.
- [Release notes](https://github.com/sergi/go-diff/releases)
- [Commits](sergi/go-diff@v1.2.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/sergi/go-diff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 16, 2023
    Configuration menu
    Copy the full SHA
    ac9385b View commit details
    Browse the repository at this point in the history

Commits on Jan 17, 2023

  1. Bump Syft from 0.60.3 to 0.66.1 (#440) 

    * Bump github.com/anchore/syft from 0.60.3 to 0.65.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.60.3 to 0.65.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.60.3...v0.65.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump Syft from 0.60.3 to 0.66.1

- Adds internal SPDX 2.2 support, sine Syft 0.66.1 supports 2.3
- Clean up Syft and CycloneDX models, and update test fixtures
- Fixes long-failing SBOM test failures
- Add clarifying comments

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    Sophie Wigmore and dependabot[bot] authored Jan 17, 2023
    Configuration menu
    Copy the full SHA
    f959f31 View commit details
    Browse the repository at this point in the history

Commits on Jan 18, 2023

  1. Bump github.com/apex/log from 1.1.4 to 1.9.0 

    Bumps [github.com/apex/log](https://github.com/apex/log) from 1.1.4 to 1.9.0.
- [Release notes](https://github.com/apex/log/releases)
- [Changelog](https://github.com/apex/log/blob/master/History.md)
- [Commits](apex/log@v1.1.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/apex/log
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 18, 2023
    Configuration menu
    Copy the full SHA
    e89d955 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/onsi/gomega from 1.24.2 to 1.25.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.24.2 to 1.25.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.24.2...v1.25.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 18, 2023
    Configuration menu
    Copy the full SHA
    f58bd8e View commit details
    Browse the repository at this point in the history

  3. Updating github-config

    @paketo-bot
    paketo-bot committed Jan 18, 2023
    Configuration menu
    Copy the full SHA
    5b6af78 View commit details
    Browse the repository at this point in the history

Commits on Jan 23, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Jan 23, 2023
    Configuration menu
    Copy the full SHA
    cc22b52 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/anchore/syft from 0.66.1 to 0.68.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.66.1 to 0.68.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.66.1...v0.68.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Jan 23, 2023
    Configuration menu
    Copy the full SHA
    42a0269 View commit details
    Browse the repository at this point in the history

  3. Fix sbom syft tests

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Jan 23, 2023
    Configuration menu
    Copy the full SHA
    531c596 View commit details
    Browse the repository at this point in the history

Commits on Jan 24, 2023

  1. Bump github.com/onsi/gomega from 1.25.0 to 1.26.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 24, 2023
    Configuration menu
    Copy the full SHA
    663a970 View commit details
    Browse the repository at this point in the history

Commits on Jan 26, 2023

  1. Bump github.com/anchore/syft from 0.68.0 to 0.68.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.68.0 to 0.68.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.68.0...v0.68.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Jan 26, 2023
    Configuration menu
    Copy the full SHA
    13b0ecc View commit details
    Browse the repository at this point in the history

  2. fix spdx sbom tests

    @ForestEckhardt
    Sophie Wigmore authored and ForestEckhardt committed Jan 26, 2023
    Configuration menu
    Copy the full SHA
    7fc64d7 View commit details
    Browse the repository at this point in the history

Commits on Jan 31, 2023

  1. Bump github.com/anchore/syft from 0.68.1 to 0.69.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.68.1 to 0.69.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.68.1...v0.69.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 31, 2023
    Configuration menu
    Copy the full SHA
    c7c3398 View commit details
    Browse the repository at this point in the history

Commits on Feb 2, 2023

  1. Bump github.com/anchore/syft from 0.69.0 to 0.69.1 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.69.0 to 0.69.1.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.69.0...v0.69.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Feb 2, 2023
    Configuration menu
    Copy the full SHA
    64169e4 View commit details
    Browse the repository at this point in the history

  2. Fix spdx common references for new library version

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Feb 2, 2023
    Configuration menu
    Copy the full SHA
    1be192e View commit details
    Browse the repository at this point in the history

Commits on Feb 6, 2023

  1. Bump github.com/anchore/syft from 0.69.1 to 0.70.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.69.1 to 0.70.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.69.1...v0.70.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Feb 6, 2023
    Configuration menu
    Copy the full SHA
    a97c19b View commit details
    Browse the repository at this point in the history

Commits on Feb 17, 2023

  1. Bump github.com/onsi/gomega from 1.26.0 to 1.27.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Feb 17, 2023
    Configuration menu
    Copy the full SHA
    1072dbc View commit details
    Browse the repository at this point in the history

Commits on Feb 20, 2023

  1. Bump github.com/onsi/gomega from 1.27.0 to 1.27.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.0 to 1.27.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.0...v1.27.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Feb 20, 2023
    Configuration menu
    Copy the full SHA
    aa8161a View commit details
    Browse the repository at this point in the history

Commits on Feb 21, 2023

  1. Bump github.com/anchore/syft from 0.70.0 to 0.72.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.70.0 to 0.72.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.70.0...v0.72.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Feb 21, 2023
    Configuration menu
    Copy the full SHA
    e4f7c46 View commit details
    Browse the repository at this point in the history

  2. Fixe syft formatting issues

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Feb 21, 2023
    Configuration menu
    Copy the full SHA
    e1f6949 View commit details
    Browse the repository at this point in the history

Commits on Feb 23, 2023

  1. Fix confusion in boolean parameter order in tests 

    Prevent it from happening again by introducing an enum

Co-authored-by: Philipp Stehle <[email protected]>
    @pbusko @phil9909 @ForestEckhardt
    2 people authored and ForestEckhardt committed Feb 23, 2023
    Configuration menu
    Copy the full SHA
    d41178d View commit details
    Browse the repository at this point in the history

  2. Bump github.com/anchore/syft from 0.72.0 to 0.73.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.72.0 to 0.73.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.72.0...v0.73.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ryanmoran
    dependabot[bot] authored and ryanmoran committed Feb 23, 2023
    Configuration menu
    Copy the full SHA
    c40e34d View commit details
    Browse the repository at this point in the history

  3. Fixes sbom tests

    @ryanmoran
    Ryan Moran authored and ryanmoran committed Feb 23, 2023
    Configuration menu
    Copy the full SHA
    35cf40c View commit details
    Browse the repository at this point in the history

Commits on Feb 24, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Feb 24, 2023
    Configuration menu
    Copy the full SHA
    dcc1374 View commit details
    Browse the repository at this point in the history

  2. Updating github-config

    @paketo-bot
    paketo-bot committed Feb 24, 2023
    Configuration menu
    Copy the full SHA
    706743a View commit details
    Browse the repository at this point in the history

Commits on Feb 25, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Feb 25, 2023
    Configuration menu
    Copy the full SHA
    2a4b22d View commit details
    Browse the repository at this point in the history

Commits on Feb 27, 2023

  1. Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Feb 27, 2023
    Configuration menu
    Copy the full SHA
    814626f View commit details
    Browse the repository at this point in the history

Commits on Feb 28, 2023

  1. Bump github.com/onsi/gomega from 1.27.1 to 1.27.2 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.1 to 1.27.2.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.1...v1.27.2)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Feb 28, 2023
    Configuration menu
    Copy the full SHA
    60faaec View commit details
    Browse the repository at this point in the history

Commits on Mar 3, 2023

  1. Bump github.com/anchore/syft from 0.73.0 to 0.74.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.73.0 to 0.74.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.73.0...v0.74.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 3, 2023
    Configuration menu
    Copy the full SHA
    8a2fa04 View commit details
    Browse the repository at this point in the history

Commits on Mar 7, 2023

  1. Addstack extension support 

    Co-authored-by: Ralf Pannemans <[email protected]>
Co-authored-by: Philipp Stehle <[email protected]>
    @phil9909 @c0d1ngm0nk3y @ryanmoran
    2 people authored and ryanmoran committed Mar 7, 2023
    Configuration menu
    Copy the full SHA
    c2c06a4 View commit details
    Browse the repository at this point in the history

Commits on Mar 9, 2023

  1. Bump github.com/gabriel-vasile/mimetype from 1.4.1 to 1.4.2 

    Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 9, 2023
    Configuration menu
    Copy the full SHA
    34d99ab View commit details
    Browse the repository at this point in the history

  2. Updating github-config

    @paketo-bot
    paketo-bot committed Mar 9, 2023
    Configuration menu
    Copy the full SHA
    be2f594 View commit details
    Browse the repository at this point in the history

Commits on Mar 13, 2023

  1. Bump github.com/onsi/gomega from 1.27.2 to 1.27.3 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.2 to 1.27.3.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.2...v1.27.3)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    909d039 View commit details
    Browse the repository at this point in the history

Commits on Mar 14, 2023

  1. Bump github.com/onsi/gomega from 1.27.3 to 1.27.4 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.3 to 1.27.4.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.3...v1.27.4)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 14, 2023
    Configuration menu
    Copy the full SHA
    87586bc View commit details
    Browse the repository at this point in the history

Commits on Mar 16, 2023

  1. Adds stdin to pexec (#472) 

    * Adds stdin to pexec

* Update pexec/executable_test.go

---------

Co-authored-by: Sophie Wigmore <[email protected]>
    @ryanmoran
    ryanmoran and Sophie Wigmore authored Mar 16, 2023
    Configuration menu
    Copy the full SHA
    0c723ae View commit details
    Browse the repository at this point in the history

Commits on Mar 21, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Mar 21, 2023
    Configuration menu
    Copy the full SHA
    61144ef View commit details
    Browse the repository at this point in the history

Commits on Mar 24, 2023

  1. Bump github.com/onsi/gomega from 1.27.4 to 1.27.5 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.4 to 1.27.5.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.4...v1.27.5)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 24, 2023
    Configuration menu
    Copy the full SHA
    73d8bc1 View commit details
    Browse the repository at this point in the history

Commits on Mar 30, 2023

  1. Bump github.com/onsi/gomega from 1.27.5 to 1.27.6 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.5 to 1.27.6.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.5...v1.27.6)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 30, 2023
    Configuration menu
    Copy the full SHA
    ad03504 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/anchore/syft from 0.74.0 to 0.75.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.74.0 to 0.75.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.74.0...v0.75.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @ForestEckhardt
    dependabot[bot] authored and ForestEckhardt committed Mar 30, 2023
    Configuration menu
    Copy the full SHA
    9784594 View commit details
    Browse the repository at this point in the history

  3. Updates documentNamespace expectation

    @ForestEckhardt
    ForestEckhardt committed Mar 30, 2023
    Configuration menu
    Copy the full SHA
    c0228c6 View commit details
    Browse the repository at this point in the history

Commits on Mar 31, 2023

  1. raise error when dependecy download returns http error status code 

    Co-authored-by: Marcel Hierling <[email protected]>
    @phil9909 @lezram @robdimsdale
    2 people authored and robdimsdale committed Mar 31, 2023
    Configuration menu
    Copy the full SHA
    6e01b44 View commit details
    Browse the repository at this point in the history

Commits on Apr 3, 2023

  1. Bump github.com/anchore/syft from 0.75.0 to 0.76.0 

    Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.75.0 to 0.76.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.75.0...v0.76.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 3, 2023
    Configuration menu
    Copy the full SHA
    a9c466f View commit details
    Browse the repository at this point in the history

Commits on Apr 6, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Apr 6, 2023
    Configuration menu
    Copy the full SHA
    3acbbae View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2023

  1. Bump github.com/Masterminds/semver/v3 from 3.2.0 to 3.2.1 

    Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/Masterminds/semver/releases)
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md)
- [Commits](Masterminds/semver@v3.2.0...v3.2.1)

---
updated-dependencies:
- dependency-name: github.com/Masterminds/semver/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 11, 2023
    Configuration menu
    Copy the full SHA
    60d240d View commit details
    Browse the repository at this point in the history

Commits on Apr 25, 2023

  1. Bump github.com/anchore/syft from 0.76.0 to 0.79.0 (#488) 

    * Bump github.com/anchore/syft from 0.76.0 to 0.79.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.76.0 to 0.79.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.76.0...v0.79.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fix SBOM tests and linting failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sophie Wigmore <[email protected]>
    @dependabot
    dependabot[bot] and Sophie Wigmore authored Apr 25, 2023
    Configuration menu
    Copy the full SHA
    95a690c View commit details
    Browse the repository at this point in the history

Commits on May 2, 2023

  1. Adding Extension config (#489) 

    * hard copy of config and config parser to extension_config and extension_config_parser

* adding extension config structure

* adding extensin config parser

* adding configurations on metadata

* adding encoding extension

* adding encoding configExtension with licences

* adding test in decodeExtensionConfig
    @pacostas
    pacostas authored May 2, 2023
    Configuration menu
    Copy the full SHA
    1dd83ed View commit details
    Browse the repository at this point in the history

Commits on May 4, 2023

  1. adding hasStack method for ConfigExtension

    @pacostas @ForestEckhardt
    pacostas authored and ForestEckhardt committed May 4, 2023
    Configuration menu
    Copy the full SHA
    97dea53 View commit details
    Browse the repository at this point in the history

Commits on May 9, 2023

  1. Bump github.com/anchore/syft from 0.79.0 to 0.80.0 (#491) 

    * Bump github.com/anchore/syft from 0.79.0 to 0.80.0

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.79.0 to 0.80.0.
- [Release notes](https://github.com/anchore/syft/releases)
- [Changelog](https://github.com/anchore/syft/blob/main/.goreleaser.yaml)
- [Commits](anchore/syft@v0.79.0...v0.80.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/syft
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* update SBOM internals to be compatible with Syft 0.80.0

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sophie Wigmore <[email protected]>
    @dependabot
    dependabot[bot] and Sophie Wigmore authored May 9, 2023
    Configuration menu
    Copy the full SHA
    a65afbb View commit details
    Browse the repository at this point in the history

Commits on May 11, 2023

  1. Add support for buildpack API v0.9 (#486) 

    * Add support for buildpack API v0.9

* Move process-specific printing logic to emitter.

---------

Co-authored-by: Rob Dimsdale-Zucker <[email protected]>
    @modulo11 @robdimsdale
    modulo11 and robdimsdale authored May 11, 2023
    Configuration menu
    Copy the full SHA
    4a226ae View commit details
    Browse the repository at this point in the history

Commits on May 19, 2023

  1. Bump github.com/onsi/gomega from 1.27.6 to 1.27.7 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.6 to 1.27.7.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.6...v1.27.7)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 19, 2023
    Configuration menu
    Copy the full SHA
    74d5f06 View commit details
    Browse the repository at this point in the history

  2. Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 19, 2023
    Configuration menu
    Copy the full SHA
    67a71e0 View commit details
    Browse the repository at this point in the history

Commits on May 31, 2023

  1. Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 31, 2023
    Configuration menu
    Copy the full SHA
    d94b1ef View commit details
    Browse the repository at this point in the history

  2. Bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 31, 2023
    Configuration menu
    Copy the full SHA
    c65a7b7 View commit details
    Browse the repository at this point in the history

Commits on Jun 7, 2023

  1. Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.7 to 1.27.8.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.7...v1.27.8)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 7, 2023
    Configuration menu
    Copy the full SHA
    1d84cfe View commit details
    Browse the repository at this point in the history

  2. Bump github.com/BurntSushi/toml from 1.3.0 to 1.3.1 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 7, 2023
    Configuration menu
    Copy the full SHA
    6c889fc View commit details
    Browse the repository at this point in the history

Commits on Jun 9, 2023

  1. Bump github.com/BurntSushi/toml from 1.3.1 to 1.3.2 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.3.1...v1.3.2)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    65e47b8 View commit details
    Browse the repository at this point in the history

Commits on Jul 24, 2023

  1. Bump github.com/onsi/gomega from 1.27.8 to 1.27.9 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.8 to 1.27.9.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.8...v1.27.9)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 24, 2023
    Configuration menu
    Copy the full SHA
    2ef9116 View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2023

  1. Bump github.com/onsi/gomega from 1.27.9 to 1.27.10 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.9 to 1.27.10.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.9...v1.27.10)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jul 25, 2023
    Configuration menu
    Copy the full SHA
    abeb000 View commit details
    Browse the repository at this point in the history

Commits on Aug 22, 2023

  1. Bump github.com/google/uuid from 1.3.0 to 1.3.1 

    Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Aug 22, 2023
    Configuration menu
    Copy the full SHA
    de0f00f View commit details
    Browse the repository at this point in the history

Commits on Sep 29, 2023

  1. Bump github.com/onsi/gomega from 1.27.10 to 1.28.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.10 to 1.28.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.27.10...v1.28.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Sep 29, 2023
    Configuration menu
    Copy the full SHA
    8a7cf8f View commit details
    Browse the repository at this point in the history

Commits on Oct 10, 2023

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Oct 10, 2023
    Configuration menu
    Copy the full SHA
    7893a5c View commit details
    Browse the repository at this point in the history

Commits on Oct 13, 2023

  1. Bump github.com/gabriel-vasile/mimetype from 1.4.2 to 1.4.3 

    Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.2...v1.4.3)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 13, 2023
    Configuration menu
    Copy the full SHA
    0ce6d54 View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2023

  1. Bump github.com/onsi/gomega from 1.28.0 to 1.28.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.28.0...v1.28.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 23, 2023
    Configuration menu
    Copy the full SHA
    14ebfa0 View commit details
    Browse the repository at this point in the history

  2. Enable Alternative Checksum format of algorithm_hash (#526) 

    * Enable Alternative Checksum format of algorithm-hash

* Adjust alternate delimeter from - to _.

* Update comment with algorithm_hash

Co-authored-by: Sophie Wigmore <[email protected]>

---------

Co-authored-by: Sophie Wigmore <[email protected]>
Co-authored-by: Sophie Wigmore <[email protected]>
    @ChuckQuinnIV @sophiewigmore
    3 people authored Oct 23, 2023
    Configuration menu
    Copy the full SHA
    fb332c0 View commit details
    Browse the repository at this point in the history

Commits on Oct 26, 2023

  1. Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.28.1 to 1.29.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.28.1...v1.29.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 26, 2023
    Configuration menu
    Copy the full SHA
    7ece65c View commit details
    Browse the repository at this point in the history

Commits on Oct 27, 2023

  1. Bump github.com/google/uuid from 1.3.1 to 1.4.0 

    Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.3.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Oct 27, 2023
    Configuration menu
    Copy the full SHA
    42ee8c8 View commit details
    Browse the repository at this point in the history

  2. Updating github-config

    @paketo-bot
    paketo-bot committed Oct 27, 2023
    Configuration menu
    Copy the full SHA
    c8db4ec View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2023

  1. Bump github.com/onsi/gomega from 1.29.0 to 1.30.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.29.0 to 1.30.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.29.0...v1.30.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Nov 9, 2023
    Configuration menu
    Copy the full SHA
    0649674 View commit details
    Browse the repository at this point in the history

  2. Updating github-config

    @paketo-bot
    paketo-bot committed Nov 9, 2023
    Configuration menu
    Copy the full SHA
    c10f263 View commit details
    Browse the repository at this point in the history

Commits on Dec 13, 2023

  1. Bump github.com/google/uuid from 1.4.0 to 1.5.0 

    Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Dec 13, 2023
    Configuration menu
    Copy the full SHA
    703e4fb View commit details
    Browse the repository at this point in the history

Commits on Jan 18, 2024

  1. Bump github.com/onsi/gomega from 1.30.0 to 1.31.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.30.0 to 1.31.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.30.0...v1.31.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 18, 2024
    Configuration menu
    Copy the full SHA
    dbbbbc5 View commit details
    Browse the repository at this point in the history

Commits on Jan 22, 2024

  1. Bump github.com/onsi/gomega from 1.31.0 to 1.31.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.0 to 1.31.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.31.0...v1.31.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 22, 2024
    Configuration menu
    Copy the full SHA
    b31dc83 View commit details
    Browse the repository at this point in the history

Commits on Jan 24, 2024

  1. Bump github.com/google/uuid from 1.5.0 to 1.6.0 

    Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Jan 24, 2024
    Configuration menu
    Copy the full SHA
    c1b785b View commit details
    Browse the repository at this point in the history

Commits on Mar 4, 2024

  1. Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 

    Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 4, 2024
    Configuration menu
    Copy the full SHA
    777a503 View commit details
    Browse the repository at this point in the history

Commits on Mar 19, 2024

  1. Bump github.com/onsi/gomega from 1.31.1 to 1.32.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.32.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.31.1...v1.32.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Mar 19, 2024
    Configuration menu
    Copy the full SHA
    95b8056 View commit details
    Browse the repository at this point in the history

Commits on Apr 4, 2024

  1. Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.12 

    Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.12.
- [Commits](ulikunitz/xz@v0.5.11...v0.5.12)

---
updated-dependencies:
- dependency-name: github.com/ulikunitz/xz
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 4, 2024
    Configuration menu
    Copy the full SHA
    dd77ec5 View commit details
    Browse the repository at this point in the history

Commits on Apr 19, 2024

  1. Bump github.com/onsi/gomega from 1.32.0 to 1.33.0 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.32.0 to 1.33.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.32.0...v1.33.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 19, 2024
    Configuration menu
    Copy the full SHA
    4e9c21d View commit details
    Browse the repository at this point in the history

Commits on Apr 22, 2024

  1. Allows users to set a dependency mirror (#563)

    @TisVictress
    TisVictress authored Apr 22, 2024
    Configuration menu
    Copy the full SHA
    4c9f338 View commit details
    Browse the repository at this point in the history

Commits on Apr 29, 2024

  1. Fixes mirror bug when originalHost is excluded (#569)

    @TisVictress
    TisVictress authored Apr 29, 2024
    Configuration menu
    Copy the full SHA
    ce376b7 View commit details
    Browse the repository at this point in the history

Commits on Apr 30, 2024

  1. Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 

    Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.0 to 1.33.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.33.0...v1.33.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed Apr 30, 2024
    Configuration menu
    Copy the full SHA
    35d8f76 View commit details
    Browse the repository at this point in the history

Commits on May 2, 2024

  1. Support reading service bindings from VCAP_SERVICES env var (#566) 

    Co-authored-by: Johannes Dillmann <[email protected]>
    @pbusko @modulo11
    pbusko and modulo11 authored May 2, 2024
    Configuration menu
    Copy the full SHA
    13393ec View commit details
    Browse the repository at this point in the history

Commits on May 24, 2024

  1. Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 

    Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.3.2...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 24, 2024
    Configuration menu
    Copy the full SHA
    4ff7347 View commit details
    Browse the repository at this point in the history

Commits on May 27, 2024

  1. Bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 

    Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @paketo-bot
    dependabot[bot] authored and paketo-bot committed May 27, 2024
    Configuration menu
    Copy the full SHA
    a8ac405 View commit details
    Browse the repository at this point in the history

Commits on Jun 5, 2024

  1. Updating github-config

    @paketo-bot
    paketo-bot committed Jun 5, 2024
    Configuration menu
    Copy the full SHA
    e366827 View commit details
    Browse the repository at this point in the history

Commits on Jun 10, 2024

  1. Updates go mod toolchain version to 1.22.4

    @paketo-bot
    paketo-bot committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    ec908a0 View commit details
    Browse the repository at this point in the history

Commits on Jul 8, 2024

  1. Updates go mod toolchain version to 1.22.5

    @paketo-bot
    paketo-bot committed Jul 8, 2024
    Configuration menu
    Copy the full SHA
    3336a3b View commit details
    Browse the repository at this point in the history