Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Abstract upstream package before matching #607

Merged
merged 8 commits into from Feb 10, 2022
Merged

Abstract upstream package before matching #607

merged 8 commits into from Feb 10, 2022

Commits on Feb 10, 2022

  1. add metadata extraction from pURLs 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    c419208 View commit details
    Browse the repository at this point in the history

  2. extract upstream packages before matching 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    50307b3 View commit details
    Browse the repository at this point in the history

  3. put pkg.UpstreamPackages under test 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    7e493a2 View commit details
    Browse the repository at this point in the history

  4. remove pURL related processing 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    5681b57 View commit details
    Browse the repository at this point in the history

  5. pull in syft spdx decoding 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    816944a View commit details
    Browse the repository at this point in the history

  6. allow for more flexible GHSA namespace and source extraction 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    e1a1444 View commit details
    Browse the repository at this point in the history

  7. add matching parity integration tests for all supported formats 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    8dca421 View commit details
    Browse the repository at this point in the history

  8. bump syft to get spdx tv fix 

    Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
    @wagoodman
    wagoodman committed Feb 10, 2022
    Copy the full SHA
    b7ebc9b View commit details
    Browse the repository at this point in the history