Comparing changes
Open a pull request
- 9 commits
- 25 files changed
- 6 contributors
Commits on Jul 14, 2025
-
chore(deps): Bump golang.org/x/sync from 0.15.0 to 0.16.0 (#598)
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.15.0 to 0.16.0. - [Commits](golang/sync@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-version: 0.16.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Jul 15, 2025
-
chore(deps): update anchore dependencies (#601)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: wagoodman <[email protected]>
Commits on Jul 16, 2025
-
chore: lint gh actions with zizmor (#602)
* chore: lint gh actions with zizmor Signed-off-by: Will Murphy <[email protected]> * chore: newline Signed-off-by: Will Murphy <[email protected]> * chore: validate gh yaml on pr Signed-off-by: Will Murphy <[email protected]> --------- Signed-off-by: Will Murphy <[email protected]>
-
fix: update workflow call block to avoid inheriting secrets (#603)
Otherwise calling this workflow with explicitly passed secrets will fail, and calling it with inherited secrets makes the linter unhappy. Signed-off-by: Will Murphy <[email protected]>
Commits on Jul 17, 2025
-
chore(deps): Bump github.com/spf13/pflag from 1.0.6 to 1.0.7 (#605)
Bumps [github.com/spf13/pflag](https://github.com/spf13/pflag) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.6...v1.0.7) --- updated-dependencies: - dependency-name: github.com/spf13/pflag dependency-version: 1.0.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Jul 21, 2025
-
chore(deps): Bump astral-sh/setup-uv in /.github/actions/bootstrap (#608
) Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 6.3.1 to 6.4.1. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@bd01e18...7edac99) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 6.4.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Jul 22, 2025
-
fix: incorrect associations between affected ranges and CPE (#609)
* test: add failing test case for CVE-2004-0377 Signed-off-by: Weston Steimel <[email protected]> * fix: incorrect associations between affected ranges and CPE Signed-off-by: Weston Steimel <[email protected]> --------- Signed-off-by: Weston Steimel <[email protected]>
-
Add support for RedHat EUS data (#540)
* wip: working prototype of distro falvors Signed-off-by: Will Murphy <[email protected]> * use channel over disignator/variant Signed-off-by: Alex Goodman <[email protected]> * add tests and finalize to semver metadata Signed-off-by: Alex Goodman <[email protected]> * getOsInfo returns a struct instead of fields Signed-off-by: Alex Goodman <[email protected]> * bump grype Signed-off-by: Alex Goodman <[email protected]> --------- Signed-off-by: Will Murphy <[email protected]> Signed-off-by: Alex Goodman <[email protected]> Co-authored-by: Alex Goodman <[email protected]>
-
persist github creds for tag step (#612)
Signed-off-by: Alex Goodman <[email protected]>
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v0.34.1...v0.35.0