CycloneDX/cyclonedx-gomod issues and pull requests

#475 - build(deps): bump docker/login-action from 3.1.0 to 3.2.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#474 - build(deps): bump github/codeql-action from 2.13.4 to 3.25.6

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#473 - build(deps): bump golang from `4531927` to `d1a601b`

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, docker

#472 - build(deps): bump gitpod/workspace-go from `1fd550f` to `8d15123`

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, docker

#471 - fix: linter errors

Pull Request - State: closed - Opened by nscuro 4 months ago
Labels: bug

#470 - build(deps): bump aquasecurity/trivy-action from 0.19.0 to 0.21.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#469 - build(deps): bump github.com/rs/zerolog from 1.32.0 to 1.33.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, go

#468 - build(deps): bump actions/checkout from 4.1.4 to 4.1.6

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#467 - build(deps): bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#466 - build(deps): bump golang from 1.22.2-alpine3.18 to 1.22.3-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, docker

#465 - build(deps): bump golangci/golangci-lint-action from 5.1.0 to 6.0.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#464 - build(deps): bump aquasecurity/trivy-action from 0.19.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#463 - build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, go

#462 - build(deps): bump golangci/golangci-lint-action from 5.1.0 to 6.0.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#461 - build(deps): bump actions/checkout from 4.1.4 to 4.1.5

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#460 - build(deps): bump gitpod/workspace-go from `769e7b0` to `1fd550f`

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, docker

#459 - build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#458 - chore: CodeQL run scheduled and manual

Pull Request - State: closed - Opened by jkowalleck 5 months ago

#457 - fix: incorrect `go` directive in `go.mod`

Pull Request - State: closed - Opened by nscuro 5 months ago

#456 - build(deps): bump actions/setup-go from 5.0.0 to 5.0.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#455 - build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#454 - build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#453 - build(deps): bump actions/checkout from 4.1.2 to 4.1.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#452 - build(deps): bump actions/checkout from 4.1.2 to 4.1.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#451 - build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, go

#450 - build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#449 - build(deps): bump gitpod/workspace-go from `02cae32` to `769e7b0`

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, docker

#448 - build(deps): bump apache/skywalking-eyes from 0.4.0 to 0.6.0

Pull Request - State: open - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#447 - build(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, go

#446 - build(deps): bump gitpod/workspace-go from `b746928` to `02cae32`

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago
Labels: dependencies, docker

#445 - fix: spec version validation

Pull Request - State: closed - Opened by nscuro 6 months ago
Labels: bug

#444 - Bump baseline Go version to 1.21

Pull Request - State: closed - Opened by nscuro 6 months ago
Labels: enhancement

#443 - fix: work around broken `#nosec` in gosec

Pull Request - State: closed - Opened by nscuro 6 months ago
Labels: bug

#442 - build(deps): bump golang.org/x/crypto from 0.19.0 to 0.22.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, go

#441 - build(deps): bump golang.org/x/mod from 0.15.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, go

#440 - build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.2-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, docker

#439 - cyclonedx-gomod:latest doesn't support go project with version 1.22 ?

Issue - State: closed - Opened by shubhit7 6 months ago - 1 comment

#438 - build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.19.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#437 - build(deps): bump docker/login-action from 3.0.0 to 3.1.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#436 - Module cloned with --shared fails version retrieval

Issue - State: open - Opened by svenschwermer 7 months ago

#435 - build(deps): bump actions/checkout from 4.1.1 to 4.1.2

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#434 - build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.1-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, docker

#433 - build(deps): bump golang.org/x/crypto from 0.19.0 to 0.21.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, go

#432 - build(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, go

#431 - build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 2 comments
Labels: dependencies, go

#430 - build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#429 - build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, go

#428 - build(deps): bump gitpod/workspace-go from `817abc4` to `b746928`

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, docker

#427 - build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, github_actions

#426 - build(deps): bump golangci/golangci-lint-action from 3.7.0 to 3.7.1

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, github_actions

#425 - build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.0-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 2 comments
Labels: dependencies, docker

#424 - build(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, go

#423 - Failed to load stdlib module when executing cyclonedx-gomod

Issue - State: open - Opened by emacampolo 8 months ago - 3 comments

#422 - build(deps): bump golang.org/x/mod from 0.14.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, go

#421 - build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, github_actions

#420 - build(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, go

#419 - Last repository tag picked over first reachable when determining version

Issue - State: open - Opened by jxlambda 8 months ago - 3 comments

#418 - build(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, github_actions

#417 - build(deps): bump gitpod/workspace-go from `d608afb` to `817abc4`

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, docker

#416 - build(deps): bump golang from `3bd4475` to `3354c3a`

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, docker

#415 - build(deps): bump gitpod/workspace-go from `28c97d8` to `d608afb`

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, docker

#414 - build(deps): bump golang from `869193e` to `3bd4475`

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, docker

#413 - build(deps): bump github.com/google/uuid from 1.4.0 to 1.6.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, go

#412 - Support storing file paths relative to module root

Pull Request - State: closed - Opened by SweetVishnya 8 months ago - 3 comments

#411 - build(deps): bump golang from 1.21.5-alpine3.18 to 1.21.6-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, docker

#410 - build(deps): bump golang.org/x/crypto from 0.16.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, go

#409 - build(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, go

#408 - build(deps): bump aquasecurity/trivy-action from 0.16.0 to 0.16.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions

#407 - build(deps): bump golang from `9390a99` to `d8b9994`

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, docker

#406 - build(deps): bump gitpod/workspace-go from `05594b7` to `28c97d8`

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, docker

#405 - build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 2 comments
Labels: dependencies, go

#404 - build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 2 comments
Labels: dependencies, go

#403 - build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#402 - build(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, go

#401 - build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.8.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, go

#400 - build(deps): bump golang from `5c1cabd` to `9390a99`

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, docker

#399 - build(deps): bump aquasecurity/trivy-action from 0.15.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#398 - cyclonedx-gomod mod -licenses -json -output ./sbom.json 生成的许可证信息为什么是这种 "evidence": { "licenses": [ { "license": { "id": "MIT" } } ] }而不是 "licenses": [ { "license": { "id": "MIT" } } ]

Issue - State: closed - Opened by wujunhuge 10 months ago - 1 comment

#397 - build(deps): bump actions/setup-go from 4.1.0 to 5.0.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#396 - ci: fix deprecated goreleaser flags

Pull Request - State: closed - Opened by nscuro 10 months ago
Labels: ci

#395 - ci: bump cyclonedx-cli to `v0.25.0`

Pull Request - State: closed - Opened by nscuro 10 months ago
Labels: ci

#394 - chore: raise baseline go version to `1.20`

Pull Request - State: closed - Opened by nscuro 10 months ago
Labels: go, ci

#393 - build(deps): bump golang from 1.20.7-alpine3.18 to 1.21.5-alpine3.18

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 3 comments
Labels: dependencies, docker

#392 - Add license text and copyright to SBOM

Issue - State: open - Opened by alex1891 10 months ago

#391 - build(deps): bump aquasecurity/trivy-action from 0.14.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#390 - build(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, go

#388 - No Author information in SBOM

Issue - State: open - Opened by CameronGo 10 months ago - 2 comments
Labels: enhancement

#386 - I just want to plug in SBOM for my project, use cyclonedx-gomd command why download cyclonedx-go first, how to solve this problem

Issue - State: open - Opened by monkeylijin 10 months ago - 3 comments

GitHub / CycloneDX/cyclonedx-gomod issues and pull requests