Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
wagoodman created a review comment on a pull request on anchore/syft
what this is trying to convey is what to do next when there is surprising behavior. The rule of thumb for logging here is to only use warn when we have something to direct the user to do to correct...
wagoodman created a comment on a pull request on anchore/syft
Good point -- though it's similar to having a package cataloger configuration to enable data enrichment then de-selecting the cataloger. I think we should allow the action to occur (override config...
wagoodman pushed 1 commit to main anchore/grype
- deduplicate vulns on store write (#2319) Signed-off-by: Alex Goodman <[email protected]> d054e68
wagoodman closed a pull request on anchore/grype
v6 deduplicate vulnerabilities when adding to DB
Today when writing vulns to the store there may be duplciates: ``` CVE-2020-13956 debian CVE-2020-13956 debian ...
wagoodman opened a pull request on anchore/grype
v6 deduplicate vulnerabilities when adding to DB
Today when writing vulns to the store there may be duplciates: ``` CVE-2020-13956 debian CVE-2020-13956 debian ...
wagoodman created a branch on anchore/grype
v6-dedup-vuln-handles - A vulnerability scanner for container images and filesystems
wagoodman created a review comment on a pull request on anchore/syft
I think this section will need to be updated already to account for filtering out "FullText" values. In that same way, can't we do the same for an empty value and the full text is specified in the ...
wagoodman pushed 2 commits to v6-search anchore/grype
- [wip] split pkg and vuln Signed-off-by: Alex Goodman <[email protected]> a7f58ac
- search by plural conditions Signed-off-by: Alex Goodman <[email protected]> 6f765ac
wagoodman created a comment on a pull request on anchore/syft
That is correct. I also think it's pretty non-obvious to folks that `SYFT_FILE_METADATA_SELECTION` affects more than just the file metadata cataloger. This PR addresses only this.
wagoodman created a comment on an issue on anchore/syft
The issue description reads that syft v1.11.0 source tree was scanned, which has golangci-lint pinned at [v1.59.1](https://github.com/anchore/syft/blob/19cc664cf8e7020dd692a62efcbba98ab670bde9/.bin...
wagoodman pushed 3 commits to main anchore/grype-vscode
- chore(deps): update upload-artifact to v4 Signed-off-by: Keith Zantow <[email protected]> d0d6575
- chore: format Signed-off-by: Keith Zantow <[email protected]> e5b6864
- Merge pull request #52 from anchore/chore/update-upload-action * chore(deps): update upload-artifact to v4 Signed-o... 62a8e09
wagoodman pushed 1 commit to main anchore/vunnel
- chore(deps): update upload-artifact to v4 (#745) Signed-off-by: Keith Zantow <[email protected]> 0bbbab0
wagoodman pushed 1 commit to main anchore/grype
- add update anchore dependencies workflow (#2312) Signed-off-by: Alex Goodman <[email protected]> 4d1af3f
wagoodman closed a pull request on anchore/grype
Make pre-release integration PRs
This updates the existing syft workflow into a generic "update anchore deps" workflow, leveraging the work done in https://github.com/anchore/workflows/pull/11 .
wagoodman pushed 1 commit to main anchore/grype-db
- add update anchore dependencies workflow (#452) Signed-off-by: Alex Goodman <[email protected]> bea7c96
wagoodman closed a pull request on anchore/grype-db
Make pre-release integration PRs
This updates the existing update workflow into a generic "update anchore deps" workflow, leveraging the work done in https://github.com/anchore/workflows/pull/11 .