From da9f9d6a3eac1ea8639d2b2dc2d055786dd73c63 Mon Sep 17 00:00:00 2001 From: kzantow Date: Thu, 15 Feb 2024 07:09:59 +0000 Subject: [PATCH 1/2] chore(deps): update Syft to v0.105.0 Signed-off-by: GitHub --- dist/attachReleaseAssets/index.js | 2 +- dist/downloadSyft/index.js | 2 +- dist/runSyftAction/index.js | 2 +- src/SyftVersion.ts | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js index b6b48b17..a9f41d5e 100644 --- a/dist/attachReleaseAssets/index.js +++ b/dist/attachReleaseAssets/index.js @@ -23385,7 +23385,7 @@ function wrappy (fn, cb) { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.VERSION = void 0; -exports.VERSION = "v0.103.1"; +exports.VERSION = "v0.105.0"; /***/ }), diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js index 3b975355..79bf17d1 100644 --- a/dist/downloadSyft/index.js +++ b/dist/downloadSyft/index.js @@ -23385,7 +23385,7 @@ function wrappy (fn, cb) { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.VERSION = void 0; -exports.VERSION = "v0.103.1"; +exports.VERSION = "v0.105.0"; /***/ }), diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js index 54f9ae0e..7e5fd7c8 100644 --- a/dist/runSyftAction/index.js +++ b/dist/runSyftAction/index.js @@ -23385,7 +23385,7 @@ function wrappy (fn, cb) { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.VERSION = void 0; -exports.VERSION = "v0.103.1"; +exports.VERSION = "v0.105.0"; /***/ }), diff --git a/src/SyftVersion.ts b/src/SyftVersion.ts index 307025f0..15a9db05 100644 --- a/src/SyftVersion.ts +++ b/src/SyftVersion.ts @@ -1 +1 @@ -export const VERSION = "v0.103.1"; +export const VERSION = "v0.105.0"; From 54e0248539e260fc60d4aa6acfea4c52d63421d2 Mon Sep 17 00:00:00 2001 From: anchore-actions Date: Tue, 20 Feb 2024 19:10:42 +0000 Subject: [PATCH 2/2] chore(test): update snapshots Signed-off-by: anchore-actions --- .../__snapshots__/formatExports.test.ts.snap | 57 +++++++++++++++---- 1 file changed, 47 insertions(+), 10 deletions(-) diff --git a/tests/integration/__snapshots__/formatExports.test.ts.snap b/tests/integration/__snapshots__/formatExports.test.ts.snap index bf809b41..fec6c779 100644 --- a/tests/integration/__snapshots__/formatExports.test.ts.snap +++ b/tests/integration/__snapshots__/formatExports.test.ts.snap @@ -125,6 +125,7 @@ exports[`CycloneDX JSON alpine 1`] = ` ] }, { + "bom-ref": "redacted", "type": "operating-system", "name": "alpine", "version": "redacted", @@ -807,6 +808,7 @@ exports[`CycloneDX JSON debian 1`] = ` ] }, { + "bom-ref": "redacted", "type": "operating-system", "name": "debian", "version": "redacted", @@ -1438,6 +1440,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:cpe23", "value": "redacted" @@ -1484,6 +1490,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:cpe23", "value": "redacted" @@ -1530,6 +1540,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:cpe23", "value": "redacted" @@ -1576,6 +1590,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:cpe23", "value": "redacted" @@ -1622,6 +1640,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:location:0:path", "value": "redacted" @@ -1648,6 +1670,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:cpe23", "value": "redacted" @@ -1694,6 +1720,10 @@ exports[`CycloneDX JSON yarn 1`] = ` "name": "syft:package:type", "value": "redacted" }, + { + "name": "syft:package:metadataType", + "value": "redacted" + }, { "name": "syft:location:0:path", "value": "redacted" @@ -1763,7 +1793,7 @@ exports[`CycloneDX XML alpine 1`] = ` 166239 - + alpine Alpine Linux v3.12 @@ -2030,7 +2060,7 @@ exports[`CycloneDX XML debian 1`] = ` - + debian Debian GNU/Linux 8 (jessie) @@ -2309,6 +2339,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry cpe:2.3:a:js-tokens:js_tokens:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:js_tokens:js-tokens:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:js_tokens:js_tokens:4.0.0:*:*:*:*:*:*:* @@ -2326,6 +2357,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry cpe:2.3:a:loose-envify:loose_envify:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:loose_envify:loose-envify:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:loose_envify:loose_envify:1.4.0:*:*:*:*:*:*:* @@ -2343,6 +2375,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry cpe:2.3:a:object-assign:object_assign:4.1.1:*:*:*:*:*:*:* cpe:2.3:a:object_assign:object-assign:4.1.1:*:*:*:*:*:*:* cpe:2.3:a:object_assign:object_assign:4.1.1:*:*:*:*:*:*:* @@ -2360,6 +2393,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry cpe:2.3:a:prop-types:prop_types:15.7.2:*:*:*:*:*:*:* cpe:2.3:a:prop_types:prop-types:15.7.2:*:*:*:*:*:*:* cpe:2.3:a:prop_types:prop_types:15.7.2:*:*:*:*:*:*:* @@ -2377,6 +2411,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry @@ -2389,6 +2424,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry cpe:2.3:a:react-is:react_is:16.13.1:*:*:*:*:*:*:* cpe:2.3:a:react_is:react-is:16.13.1:*:*:*:*:*:*:* cpe:2.3:a:react_is:react_is:16.13.1:*:*:*:*:*:*:* @@ -2406,6 +2442,7 @@ exports[`CycloneDX XML yarn 1`] = ` javascript-lock-cataloger javascript npm + javascript-yarn-lock-entry @@ -4617,11 +4654,11 @@ ExtractedText: BSD License ##### Relationships -Relationship: SPDXRef-Package-java-archive-example-java-app-maven-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted +Relationship: SPDXRef-Package-deb-apt-hash:redacted OTHER SPDXRef-File-var-lib-dpkg-status-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file Relationship: SPDXRef-Package-java-archive-joda-time-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-deb-apt-hash:redacted OTHER SPDXRef-File-var-lib-dpkg-status-hash:redacted +Relationship: SPDXRef-Package-java-archive-example-java-app-maven-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file Relationship: SPDXRef-Package-python-Pygments-hash:redacted OTHER SPDXRef-File-python-dist-info-METADATA-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file @@ -5097,17 +5134,17 @@ ExternalRef: PACKAGE-MANAGER purl pkg:npm/trim@0.0.2 Relationship: SPDXRef-Package-npm-loose-envify-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-npm-react-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted -RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-npm-prop-types-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted +Relationship: SPDXRef-Package-npm-trim-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-npm-js-tokens-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted +Relationship: SPDXRef-Package-npm-react-is-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-npm-trim-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted +Relationship: SPDXRef-Package-npm-prop-types-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file Relationship: SPDXRef-Package-npm-object-assign-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file -Relationship: SPDXRef-Package-npm-react-is-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted +Relationship: SPDXRef-Package-npm-js-tokens-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted +RelationshipComment: evident-by: indicates the package's existence is evident by the given file +Relationship: SPDXRef-Package-npm-react-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted RelationshipComment: evident-by: indicates the package's existence is evident by the given file Relationship: SPDXRef-DocumentRoot-Directory-tests-fixtures-yarn-project CONTAINS SPDXRef-Package-npm-js-tokens-hash:redacted Relationship: SPDXRef-DocumentRoot-Directory-tests-fixtures-yarn-project CONTAINS SPDXRef-Package-npm-loose-envify-hash:redacted