anchore/syft issues and pull requests

#3298 - chore(deps): bump github/codeql-action from 3.26.10 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#3297 - MySQL binary classifier should distinguish between MySQL Cluster (ndb) and MySQL

Issue - State: open - Opened by westonsteimel 4 months ago - 4 comments
Labels: enhancement, needs-investigation

#3296 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 4 months ago
Labels: dependencies

#3295 - Incorrect crypto version when scanning Go binary

Issue - State: open - Opened by learnitall 4 months ago - 2 comments
Labels: bug

#3294 - chore: add pull request template

Pull Request - State: closed - Opened by willmurphyscode 4 months ago

#3293 - chore(deps): bump github.com/jedib0t/go-pretty/v6 from 6.5.9 to 6.6.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#3292 - Add cataloger for Dart pubspec

Pull Request - State: open - Opened by LaurentGoderre 4 months ago
Labels: json-schema

#3291 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 4 months ago
Labels: dependencies

#3290 - performance: instantiate license check scanner to prevent memory leak

Pull Request - State: closed - Opened by govrin 4 months ago - 1 comment
Labels: bug, performance

#3289 - chore(deps): bump github/codeql-action from 3.26.9 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#3288 - chore(deps): update CPE dictionary index

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 4 months ago
Labels: dependencies

#3287 - Revisit relationship naming / model

Issue - State: open - Opened by kzantow 4 months ago
Labels: enhancement

#3286 - Survive indexing not accessible files

Issue - State: open - Opened by edhinard 4 months ago - 1 comment
Labels: bug

#3285 - update ruby classifier

Pull Request - State: closed - Opened by witchcraze 4 months ago - 1 comment

#3284 - update node classifier

Pull Request - State: closed - Opened by witchcraze 4 months ago

#3283 - chore(deps): bump actions/checkout from 4.1.7 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#3282 - Dotnet-Portable-Executable-Cataloger uses wrong component version for dotnet runtime libraries

Issue - State: open - Opened by AndreasAndoerfer 4 months ago - 3 comments
Labels: bug

#3281 - update redis classifier

Pull Request - State: closed - Opened by witchcraze 4 months ago

#3280 - chore(deps): update stereoscope to dc10ea61fd18efa45b516eda4de8bc19d8322429

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 4 months ago
Labels: dependencies

#3279 - Support Redis arm/v5, arm/v7, 386 in 7.2, 7.4, 8.0

Issue - State: closed - Opened by witchcraze 4 months ago
Labels: enhancement

#3278 - Support Dart arm/v7 in 3.x and 2.x

Issue - State: closed - Opened by witchcraze 4 months ago
Labels: enhancement

#3277 - update haproxy classifier

Pull Request - State: closed - Opened by witchcraze 4 months ago

#3276 - Where is the docs of syft's own format ?

Issue - State: open - Opened by WestFarmer 4 months ago - 2 comments
Labels: enhancement

#3275 - chore(deps): bump github/codeql-action from 3.26.8 to 3.26.9

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#3274 - [Question] Syft format bom, how to distinguish devDependency and normal dependency for npm ?

Issue - State: closed - Opened by WestFarmer 4 months ago - 1 comment
Labels: changelog-ignore

#3273 - fix: add dependency relationships for Java archives and Maven sources

Pull Request - State: open - Opened by kzantow 5 months ago

#3272 - Add awaiting response management

Pull Request - State: closed - Opened by wagoodman 5 months ago
Labels: changelog-ignore

#3271 - Enhance CPE generation for packaged JVMs

Issue - State: open - Opened by wagoodman 5 months ago
Labels: enhancement, ecosystem:java

#3270 - feat: add binary classifiers for avahi, syslog-ng, openssh

Pull Request - State: closed - Opened by krysgor 5 months ago

#3269 - Improve subpath to mount matching

Pull Request - State: closed - Opened by cdupuis 5 months ago - 4 comments
Labels: bug

#3268 - Catalog python `uv.lock` files

Issue - State: open - Opened by willmurphyscode 5 months ago
Labels: enhancement, new-cataloger

#3267 - Java maven project, too many errors and warnings.

Issue - State: closed - Opened by WestFarmer 5 months ago - 7 comments
Labels: bug

#3266 - Allow for concurrent cataloger parser calls

Pull Request - State: open - Opened by wagoodman 5 months ago
Labels: enhancement

#3265 - Add classifier for Dart lang

Pull Request - State: closed - Opened by LaurentGoderre 5 months ago - 1 comment
Labels: enhancement

#3264 - chore(deps): bump github.com/docker/docker from 27.3.0+incompatible to 27.3.1+incompatible

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3263 - Proposal: Stream sbom to disk (avoiding large memory footprint and OOMs)

Issue - State: open - Opened by HairyMike 5 months ago - 7 comments
Labels: enhancement, performance, needs-proposal

#3262 - chore(deps): update CPE dictionary index

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3261 - Publish official linux syft (and friends) in a repo

Issue - State: open - Opened by popey 5 months ago
Labels: enhancement, release

#3260 - chore(deps): bump github.com/docker/docker from 27.2.1+incompatible to 27.3.0+incompatible

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3259 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3258 - Excluded paths are still scanned and cause syft to crash.

Issue - State: open - Opened by reure1 5 months ago - 15 comments
Labels: bug

#3257 - Add compliance policy for empty name and version

Pull Request - State: closed - Opened by wagoodman 5 months ago - 3 comments
Labels: enhancement

#3256 - chore(deps): bump github/codeql-action from 3.26.7 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3255 - chore(deps): bump peter-evans/create-pull-request from 7.0.3 to 7.0.5

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3254 - chore(deps): bump github.com/github/go-spdx/v2 from 2.3.1 to 2.3.2

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3253 - Detect linux distro when not scanning root

Issue - State: open - Opened by chovanecadam 5 months ago - 1 comment
Labels: enhancement

#3252 - feat: add binary classifiers for lighttp, proftpd, zstd, xz, gzip, jq, and sqlcipher

Pull Request - State: closed - Opened by krysgor 5 months ago - 1 comment
Labels: enhancement

#3251 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3250 - fix: capture-snippet.sh can handle leading whitespaces now (#3249)

Pull Request - State: closed - Opened by krysgor 5 months ago
Labels: changelog-ignore

#3249 - Command `make add-snippet` can fail in some cases

Issue - State: closed - Opened by krysgor 5 months ago - 1 comment
Labels: bug

#3248 - chore: move cache to external library, add API-level configuration

Pull Request - State: open - Opened by kzantow 5 months ago

#3247 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3246 - Catalog git repos natively

Issue - State: open - Opened by wagoodman 5 months ago
Labels: enhancement

#3245 - Catalog VM images directly

Issue - State: open - Opened by wagoodman 5 months ago - 1 comment
Labels: enhancement

#3244 - draft: 3088 full license description

Pull Request - State: closed - Opened by spiffcs 5 months ago - 1 comment
Labels: json-schema

#3243 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3242 - chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.0 to 0.9.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3241 - chore(deps): bump github/codeql-action from 3.26.6 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3240 - chore(deps): bump peter-evans/create-pull-request from 7.0.2 to 7.0.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3239 - Support rubylang/ruby dev versions

Issue - State: closed - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3238 - Support ruby rc, preview

Issue - State: closed - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3237 - Support haskell old versions

Issue - State: open - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3236 - Support node old versions

Issue - State: closed - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3235 - Support erlang ols versions

Issue - State: open - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3234 - SBOM for MySQL:8.x doesn't include rpm packages

Issue - State: open - Opened by davidkesoshvili 5 months ago - 5 comments
Labels: bug

#3233 - Support HAProxy rc and some old versions

Issue - State: closed - Opened by witchcraze 5 months ago
Labels: enhancement, binary-analysis

#3232 - chore(deps): update CPE dictionary index

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3231 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3230 - chore: generate licenses from latest spdx list

Pull Request - State: closed - Opened by spiffcs 5 months ago

#3229 - chore(deps): bump modernc.org/sqlite from 1.33.0 to 1.33.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3228 - Track supporting DPKG evidence

Pull Request - State: closed - Opened by wagoodman 5 months ago

#3227 - Syft overzealous in constructing CPE list

Issue - State: open - Opened by joshbressers 5 months ago - 3 comments
Labels: bug

#3226 - chore(deps): bump peter-evans/create-pull-request from 7.0.1 to 7.0.2

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3225 - chore(deps): bump github.com/charmbracelet/bubbletea from 1.1.0 to 1.1.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3224 - Add Rakudo Star binaries cataloger

Pull Request - State: closed - Opened by gdams 5 months ago - 5 comments

#3223 - Identify gconv libraries

Issue - State: open - Opened by kzantow 5 months ago
Labels: enhancement, unknowns

#3222 - chore: ci-check.sh script +x

Pull Request - State: closed - Opened by kzantow 5 months ago

#3221 - Unable to resolve property ... ${cuda.version}-SNAPSHOT

Issue - State: closed - Opened by jacobfriedman 5 months ago - 6 comments
Labels: bug

#3220 - chore: make ci-check.sh an executable file

Pull Request - State: closed - Opened by okuryu 5 months ago
Labels: changelog-ignore

#3219 - chore(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.14

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3218 - chore: restore ci-check.sh script

Pull Request - State: closed - Opened by kzantow 5 months ago
Labels: changelog-ignore

#3217 - Add JVM cataloger

Pull Request - State: closed - Opened by wagoodman 5 months ago - 1 comment
Labels: blocked, ecosystem:java, json-schema

#3216 - binary detection: openbsd OpenSSH and portable OpenSSH

Issue - State: open - Opened by krysgor 5 months ago - 3 comments
Labels: enhancement, binary-analysis

#3215 - lighttpd and proftpd binarie detection added

Pull Request - State: closed - Opened by krysgor 5 months ago

#3214 - Don't cleanup cache in forks

Pull Request - State: closed - Opened by wagoodman 5 months ago
Labels: changelog-ignore

#3212 - chore(deps): bump github.com/dave/jennifer from 1.7.0 to 1.7.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#3211 - chore(deps): bump github.com/docker/docker from 27.2.0+incompatible to 27.2.1+incompatible

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#3210 - chore(deps): bump modernc.org/sqlite from 1.32.0 to 1.33.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#3209 - chore(deps): bump github.com/charmbracelet/bubbles from 0.19.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#3208 - Less verbose java logging when non-fatal issues arise

Pull Request - State: closed - Opened by wagoodman 5 months ago

#3207 - Maven versions still blank in syft output when using specific search context

Issue - State: closed - Opened by rvesse 5 months ago - 5 comments
Labels: bug

#3206 - chore(deps): update CPE dictionary index

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago
Labels: dependencies

#3205 - chore(deps): update tools to latest versions

Pull Request - State: closed - Opened by anchore-actions-token-generator[bot] 5 months ago - 1 comment
Labels: dependencies

#3204 - SBOM generated from poetry lock file contains no license information on any dependencies

Issue - State: closed - Opened by nfelt14 5 months ago - 6 comments
Labels: bug

#3203 - chore(deps): bump golang.org/x/net from 0.28.0 to 0.29.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#3202 - OCI SBOM inheritance

Issue - State: closed - Opened by p5 5 months ago - 2 comments
Labels: enhancement, awaiting-response

#3201 - goroutine stack problems

Issue - State: open - Opened by Carlson-JLQ 5 months ago - 3 comments
Labels: bug

#3194 - empty name

Issue - State: open - Opened by idefixcert 5 months ago - 4 comments
Labels: bug

#3191 - Identify `bash.preinst`

Issue - State: closed - Opened by kzantow 5 months ago - 1 comment
Labels: enhancement, unknowns

#3190 - Slim down docker cache size

Pull Request - State: closed - Opened by wagoodman 5 months ago
Labels: changelog-ignore

GitHub / anchore/syft issues and pull requests