Skip to content

Commit b27ac60

Browse files
crazy-maxcrazy-max
authored
Merge pull request #125 from crazy-max/update-syft
vendor: update syft to v1.24.0
2 parents c402bee + a8e647d commit b27ac60

File tree

1,572 files changed

+1257834
-419998
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,572 files changed

+1257834
-419998
lines changed

go.mod

Lines changed: 84 additions & 73 deletions
Original file line numberDiff line numberDiff line change
@@ -1,103 +1,114 @@
11
module github.com/docker/buildkit-syft-scanner
22

3-
go 1.24.0
3+
go 1.24.1
44

55
require (
6-
github.com/anchore/go-logger v0.0.0-20230725134548-c21dafa1ec5a
7-
github.com/anchore/stereoscope v0.0.13
8-
github.com/anchore/syft v1.19.0
6+
github.com/anchore/go-logger v0.0.0-20250318195838-07ae343dd722
7+
github.com/anchore/stereoscope v0.1.4
8+
github.com/anchore/syft v1.24.0
99
github.com/in-toto/in-toto-golang v0.9.0
1010
github.com/pkg/errors v0.9.1
1111
github.com/sirupsen/logrus v1.9.3
12-
modernc.org/sqlite v1.34.5
12+
modernc.org/sqlite v1.37.0
1313
)
1414

1515
require (
1616
dario.cat/mergo v1.0.1 // indirect
1717
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
1818
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 // indirect
19-
github.com/BurntSushi/toml v1.4.0 // indirect
19+
github.com/BurntSushi/toml v1.5.0 // indirect
2020
github.com/CycloneDX/cyclonedx-go v0.9.2 // indirect
2121
github.com/DataDog/zstd v1.5.5 // indirect
2222
github.com/Masterminds/goutils v1.1.1 // indirect
23-
github.com/Masterminds/semver v1.5.0 // indirect
24-
github.com/Masterminds/semver/v3 v3.3.0 // indirect
23+
github.com/Masterminds/semver/v3 v3.3.1 // indirect
2524
github.com/Masterminds/sprig/v3 v3.3.0 // indirect
2625
github.com/Microsoft/go-winio v0.6.2 // indirect
2726
github.com/Microsoft/hcsshim v0.11.7 // indirect
28-
github.com/ProtonMail/go-crypto v1.1.3 // indirect
27+
github.com/ProtonMail/go-crypto v1.1.6 // indirect
28+
github.com/STARRY-S/zip v0.2.1 // indirect
2929
github.com/acobaugh/osrelease v0.1.0 // indirect
3030
github.com/adrg/xdg v0.5.3 // indirect
3131
github.com/agext/levenshtein v1.2.1 // indirect
3232
github.com/anchore/archiver/v3 v3.5.3-0.20241210171143-5b1d8d1c7c51 // indirect
33-
github.com/anchore/clio v0.0.0-20241115144204-29e89f9fa837 // indirect
34-
github.com/anchore/fangs v0.0.0-20241014201141-b6e4b3469f10 // indirect
33+
github.com/anchore/clio v0.0.0-20250319180342-2cfe4b0cb716 // indirect
34+
github.com/anchore/fangs v0.0.0-20250319222917-446a1e748ec2 // indirect
3535
github.com/anchore/go-collections v0.0.0-20240216171411-9321230ce537 // indirect
36+
github.com/anchore/go-homedir v0.0.0-20250319154043-c29668562e4d // indirect
3637
github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
3738
github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 // indirect
39+
github.com/anchore/go-sync v0.0.0-20250326131806-4eda43a485b6 // indirect
3840
github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b // indirect
39-
github.com/anchore/packageurl-go v0.1.1-0.20250117185454-edf36a908b10 // indirect
41+
github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115 // indirect
4042
github.com/andybalholm/brotli v1.1.1 // indirect
4143
github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
4244
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
4345
github.com/aquasecurity/go-pep440-version v0.0.1 // indirect
4446
github.com/aquasecurity/go-version v0.0.1 // indirect
4547
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
4648
github.com/becheran/wildmatch-go v1.0.0 // indirect
47-
github.com/bmatcuk/doublestar/v4 v4.8.0 // indirect
48-
github.com/charmbracelet/lipgloss v1.0.0 // indirect
49-
github.com/charmbracelet/x/ansi v0.4.5 // indirect
50-
github.com/cloudflare/circl v1.3.8 // indirect
49+
github.com/bitnami/go-version v0.0.0-20250131085805-b1f57a8634ef // indirect
50+
github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb // indirect
51+
github.com/bmatcuk/doublestar/v4 v4.8.1 // indirect
52+
github.com/bodgit/plumbing v1.3.0 // indirect
53+
github.com/bodgit/sevenzip v1.6.0 // indirect
54+
github.com/bodgit/windows v1.0.1 // indirect
55+
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
56+
github.com/charmbracelet/lipgloss v1.1.0 // indirect
57+
github.com/charmbracelet/x/ansi v0.8.0 // indirect
58+
github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd // indirect
59+
github.com/charmbracelet/x/term v0.2.1 // indirect
60+
github.com/cloudflare/circl v1.6.1 // indirect
5161
github.com/containerd/cgroups v1.1.0 // indirect
52-
github.com/containerd/containerd v1.7.24 // indirect
53-
github.com/containerd/containerd/api v1.7.19 // indirect
54-
github.com/containerd/continuity v0.4.2 // indirect
62+
github.com/containerd/containerd v1.7.27 // indirect
63+
github.com/containerd/containerd/api v1.8.0 // indirect
64+
github.com/containerd/continuity v0.4.4 // indirect
5565
github.com/containerd/errdefs v0.3.0 // indirect
5666
github.com/containerd/fifo v1.1.0 // indirect
5767
github.com/containerd/log v0.1.0 // indirect
5868
github.com/containerd/platforms v0.2.1 // indirect
5969
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
60-
github.com/containerd/ttrpc v1.2.5 // indirect
70+
github.com/containerd/ttrpc v1.2.7 // indirect
6171
github.com/containerd/typeurl/v2 v2.1.1 // indirect
62-
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
72+
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
6373
github.com/deitch/magic v0.0.0-20230404182410-1ff89d7342da // indirect
6474
github.com/distribution/reference v0.6.0 // indirect
65-
github.com/docker/cli v27.5.0+incompatible // indirect
75+
github.com/docker/cli v28.1.1+incompatible // indirect
6676
github.com/docker/distribution v2.8.3+incompatible // indirect
67-
github.com/docker/docker v27.5.0+incompatible // indirect
77+
github.com/docker/docker v28.1.1+incompatible // indirect
6878
github.com/docker/docker-credential-helpers v0.8.2 // indirect
6979
github.com/docker/go-connections v0.5.0 // indirect
7080
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
7181
github.com/docker/go-units v0.5.0 // indirect
72-
github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
82+
github.com/dsnet/compress v0.0.2-0.20230904184137-39efe44ab707 // indirect
7383
github.com/dustin/go-humanize v1.0.1 // indirect
74-
github.com/edsrzf/mmap-go v1.1.0 // indirect
7584
github.com/elliotchance/phpserialize v1.4.0 // indirect
7685
github.com/emirpasic/gods v1.18.1 // indirect
7786
github.com/facebookincubator/nvdtools v0.1.5 // indirect
78-
github.com/felixge/fgprof v0.9.3 // indirect
87+
github.com/felixge/fgprof v0.9.5 // indirect
7988
github.com/felixge/httpsnoop v1.0.4 // indirect
80-
github.com/fsnotify/fsnotify v1.7.0 // indirect
81-
github.com/gabriel-vasile/mimetype v1.4.8 // indirect
82-
github.com/github/go-spdx/v2 v2.3.2 // indirect
89+
github.com/fsnotify/fsnotify v1.8.0 // indirect
90+
github.com/gabriel-vasile/mimetype v1.4.9 // indirect
91+
github.com/github/go-spdx/v2 v2.3.3 // indirect
8392
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
8493
github.com/go-git/go-billy/v5 v5.6.2 // indirect
85-
github.com/go-git/go-git/v5 v5.13.1 // indirect
94+
github.com/go-git/go-git/v5 v5.16.0 // indirect
8695
github.com/go-logr/logr v1.4.2 // indirect
8796
github.com/go-logr/stdr v1.2.2 // indirect
8897
github.com/go-restruct/restruct v1.2.0-alpha // indirect
98+
github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
8999
github.com/gogo/protobuf v1.3.2 // indirect
90-
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
100+
github.com/gohugoio/hashstructure v0.5.0 // indirect
101+
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
91102
github.com/golang/snappy v0.0.4 // indirect
92-
github.com/google/go-cmp v0.6.0 // indirect
103+
github.com/google/go-cmp v0.7.0 // indirect
93104
github.com/google/go-containerregistry v0.20.3 // indirect
94105
github.com/google/licensecheck v0.3.1 // indirect
95-
github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd // indirect
106+
github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e // indirect
96107
github.com/google/uuid v1.6.0 // indirect
97108
github.com/gookit/color v1.5.4 // indirect
98109
github.com/hashicorp/errwrap v1.1.0 // indirect
99110
github.com/hashicorp/go-multierror v1.1.1 // indirect
100-
github.com/hashicorp/hcl v1.0.0 // indirect
111+
github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
101112
github.com/hashicorp/hcl/v2 v2.23.0 // indirect
102113
github.com/huandu/xstrings v1.5.0 // indirect
103114
github.com/iancoleman/strcase v0.3.0 // indirect
@@ -106,67 +117,67 @@ require (
106117
github.com/jinzhu/copier v0.4.0 // indirect
107118
github.com/kastenhq/goversion v0.0.0-20230811215019-93b2f8823953 // indirect
108119
github.com/kevinburke/ssh_config v1.2.0 // indirect
109-
github.com/klauspost/compress v1.17.11 // indirect
120+
github.com/klauspost/compress v1.18.0 // indirect
110121
github.com/klauspost/pgzip v1.2.6 // indirect
111122
github.com/knqyf263/go-rpmdb v0.1.1 // indirect
112123
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
113-
github.com/magiconair/properties v1.8.9 // indirect
114124
github.com/mattn/go-colorable v0.1.13 // indirect
115125
github.com/mattn/go-isatty v0.0.20 // indirect
116126
github.com/mattn/go-runewidth v0.0.16 // indirect
117127
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
118-
github.com/microsoft/go-rustaudit v0.0.0-20220730194248-4b17361d90a5 // indirect
128+
github.com/mholt/archives v0.1.1 // indirect
129+
github.com/minio/minlz v1.0.0 // indirect
119130
github.com/mitchellh/copystructure v1.2.0 // indirect
120131
github.com/mitchellh/go-homedir v1.1.0 // indirect
121-
github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 // indirect
122-
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
123-
github.com/mitchellh/mapstructure v1.5.0 // indirect
132+
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
124133
github.com/mitchellh/reflectwalk v1.0.2 // indirect
125134
github.com/moby/docker-image-spec v1.3.1 // indirect
126135
github.com/moby/locker v1.0.1 // indirect
127136
github.com/moby/sys/mountinfo v0.7.2 // indirect
128-
github.com/moby/sys/sequential v0.5.0 // indirect
137+
github.com/moby/sys/sequential v0.6.0 // indirect
129138
github.com/moby/sys/signal v0.7.0 // indirect
130139
github.com/moby/sys/user v0.3.0 // indirect
131140
github.com/moby/sys/userns v0.1.0 // indirect
132-
github.com/muesli/termenv v0.15.2 // indirect
141+
github.com/muesli/termenv v0.16.0 // indirect
133142
github.com/ncruces/go-strftime v0.1.9 // indirect
143+
github.com/nix-community/go-nix v0.0.0-20250101154619-4bdde671e0a1 // indirect
134144
github.com/nwaples/rardecode v1.1.3 // indirect
145+
github.com/nwaples/rardecode/v2 v2.1.0 // indirect
135146
github.com/olekukonko/tablewriter v0.0.5 // indirect
136147
github.com/opencontainers/go-digest v1.0.0 // indirect
137-
github.com/opencontainers/image-spec v1.1.0 // indirect
148+
github.com/opencontainers/image-spec v1.1.1 // indirect
138149
github.com/opencontainers/runtime-spec v1.1.0 // indirect
139150
github.com/opencontainers/selinux v1.11.0 // indirect
140151
github.com/pborman/indent v1.2.1 // indirect
141152
github.com/pelletier/go-toml v1.9.5 // indirect
142-
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
143-
github.com/pierrec/lz4/v4 v4.1.21 // indirect
144-
github.com/pjbgf/sha1cd v0.3.0 // indirect
153+
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
154+
github.com/pierrec/lz4/v4 v4.1.22 // indirect
155+
github.com/pjbgf/sha1cd v0.3.2 // indirect
145156
github.com/pkg/profile v1.7.0 // indirect
146157
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
147158
github.com/rivo/uniseg v0.4.7 // indirect
148-
github.com/saferwall/pe v1.5.6 // indirect
149-
github.com/sagikazarmark/locafero v0.4.0 // indirect
150-
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
159+
github.com/rust-secure-code/go-rustaudit v0.0.0-20250226111315-e20ec32e963c // indirect
160+
github.com/sagikazarmark/locafero v0.7.0 // indirect
151161
github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
152162
github.com/sassoftware/go-rpmutils v0.4.0 // indirect
153163
github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e // indirect
154-
github.com/secDre4mer/pkcs7 v0.0.0-20240322103146-665324a4461d // indirect
155-
github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect
164+
github.com/secure-systems-lab/go-securesystemslib v0.9.0 // indirect
156165
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
157166
github.com/shibumi/go-pathspec v1.3.0 // indirect
158167
github.com/shopspring/decimal v1.4.0 // indirect
159-
github.com/skeema/knownhosts v1.3.0 // indirect
168+
github.com/skeema/knownhosts v1.3.1 // indirect
169+
github.com/sorairolake/lzip-go v0.3.5 // indirect
160170
github.com/sourcegraph/conc v0.3.0 // indirect
171+
github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb // indirect
161172
github.com/spdx/tools-golang v0.5.5 // indirect
162-
github.com/spf13/afero v1.12.0 // indirect
163-
github.com/spf13/cast v1.7.0 // indirect
164-
github.com/spf13/cobra v1.8.1 // indirect
165-
github.com/spf13/pflag v1.0.5 // indirect
166-
github.com/spf13/viper v1.19.0 // indirect
173+
github.com/spf13/afero v1.14.0 // indirect
174+
github.com/spf13/cast v1.7.1 // indirect
175+
github.com/spf13/cobra v1.9.1 // indirect
176+
github.com/spf13/pflag v1.0.6 // indirect
177+
github.com/spf13/viper v1.20.0 // indirect
167178
github.com/subosito/gotenv v1.6.0 // indirect
168-
github.com/sylabs/sif/v2 v2.20.2 // indirect
169-
github.com/sylabs/squashfs v1.0.4 // indirect
179+
github.com/sylabs/sif/v2 v2.21.1 // indirect
180+
github.com/sylabs/squashfs v1.0.6 // indirect
170181
github.com/therootcompany/xz v1.0.1 // indirect
171182
github.com/ulikunitz/xz v0.5.12 // indirect
172183
github.com/vbatts/go-mtree v0.5.4 // indirect
@@ -186,25 +197,25 @@ require (
186197
go.opentelemetry.io/otel/trace v1.33.0 // indirect
187198
go.uber.org/atomic v1.9.0 // indirect
188199
go.uber.org/multierr v1.9.0 // indirect
189-
golang.org/x/crypto v0.32.0 // indirect
190-
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
191-
golang.org/x/mod v0.22.0 // indirect
192-
golang.org/x/net v0.34.0 // indirect
193-
golang.org/x/sync v0.10.0 // indirect
194-
golang.org/x/sys v0.29.0 // indirect
195-
golang.org/x/term v0.28.0 // indirect
196-
golang.org/x/text v0.21.0 // indirect
197-
golang.org/x/tools v0.29.0 // indirect
200+
go4.org v0.0.0-20230225012048-214862532bf5 // indirect
201+
golang.org/x/crypto v0.38.0 // indirect
202+
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
203+
golang.org/x/mod v0.24.0 // indirect
204+
golang.org/x/net v0.40.0 // indirect
205+
golang.org/x/sync v0.14.0 // indirect
206+
golang.org/x/sys v0.33.0 // indirect
207+
golang.org/x/term v0.32.0 // indirect
208+
golang.org/x/text v0.25.0 // indirect
209+
golang.org/x/tools v0.31.0 // indirect
198210
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
199211
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
200212
google.golang.org/genproto/googleapis/rpc v0.0.0-20241223144023-3abc09e42ca8 // indirect
201213
google.golang.org/grpc v1.67.3 // indirect
202-
google.golang.org/protobuf v1.36.3 // indirect
203-
gopkg.in/ini.v1 v1.67.0 // indirect
214+
google.golang.org/protobuf v1.36.4 // indirect
204215
gopkg.in/warnings.v0 v0.1.2 // indirect
205216
gopkg.in/yaml.v3 v3.0.1 // indirect
206217
gotest.tools/v3 v3.1.0 // indirect
207-
modernc.org/libc v1.55.3 // indirect
208-
modernc.org/mathutil v1.6.0 // indirect
209-
modernc.org/memory v1.8.0 // indirect
218+
modernc.org/libc v1.62.1 // indirect
219+
modernc.org/mathutil v1.7.1 // indirect
220+
modernc.org/memory v1.9.1 // indirect
210221
)

0 commit comments

Comments
 (0)