issues
search
anchore
/
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Apache License 2.0
7.22k
stars
674
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
feat: add streaming sbom support
#4020
dwindsor
opened
1 day ago
0
chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.2 to 2.9.3
#4019
dependabot[bot]
opened
1 day ago
0
chore(deps): bump urllib3 from 2.2.1 to 2.5.0 in /syft/pkg/cataloger/python/test-fixtures/poetry/simple-deps
#4018
dependabot[bot]
closed
3 days ago
1
Incorrectly reported dotnet package versions
#4017
s010xe
opened
3 days ago
0
chore(deps): update tools to latest versions
#4016
anchore-actions-token-generator[bot]
closed
2 days ago
0
chore(deps): bump sigstore/cosign-installer from 3.8.2 to 3.9.0
#4015
dependabot[bot]
closed
4 days ago
0
chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0
#4014
dependabot[bot]
closed
4 days ago
0
Sh 3985 cleanup images 2
#4013
houdini91
closed
4 days ago
0
chore(deps): update tools to latest versions
#4012
anchore-actions-token-generator[bot]
closed
4 days ago
0
Add ability to catalog Electron applications
#4011
wagoodman
opened
5 days ago
1
Add macOS `.app` cataloger
#4010
wagoodman
opened
5 days ago
0
chore(deps): bump github.com/google/go-containerregistry from 0.20.5 to 0.20.6
#4009
dependabot[bot]
closed
5 days ago
0
chore(deps): bump anchore/sbom-action from 0.20.0 to 0.20.1
#4008
dependabot[bot]
closed
5 days ago
0
chore(deps): update CPE dictionary index
#4007
anchore-actions-token-generator[bot]
closed
5 days ago
0
Mac .app SBOM doesnt contain sub-components
#4006
jayvdb
opened
1 week ago
1
Merge FileDigests with ones from SBOM cataloger
#4005
dsseng
opened
1 week ago
5
Enhance container tests
#4004
kzantow
opened
1 week ago
0
Add support for authors in package.json. Fixes #2250
#4003
popey
opened
1 week ago
0
Conda ecosystem support (basic)
#4002
SimeonStoykovQC
opened
1 week ago
1
Add ability to hint version format for binary packages
#4001
wagoodman
opened
1 week ago
0
chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0
#4000
dependabot[bot]
closed
1 week ago
0
MSI support
#3999
jayvdb
opened
1 week ago
2
fix: provide separate nonroot image
#3998
kzantow
closed
1 week ago
0
Allow decoding of enterprise-modified anchorectl json files
#3997
wagoodman
closed
1 week ago
0
Nuget package is not detected
#3996
absurd121
opened
1 week ago
0
Problems with detecting go modules archives
#3995
absurd121
opened
1 week ago
0
Feature: Add ffmpeg binary cataloger
#3994
popey
opened
1 week ago
3
Problems with detecting jar packages
#3993
absurd121
opened
1 week ago
0
chore(deps): update tools to latest versions
#3992
anchore-actions-token-generator[bot]
closed
1 week ago
0
chore(deps): bump github.com/anchore/stereoscope from 0.1.5-0.20250604132324-344e29f37f05 to 0.1.5
#3991
dependabot[bot]
closed
1 week ago
0
upgrade tablewriter
#3990
cpanato
opened
1 week ago
1
chore(deps): bump requests from 2.32.2 to 2.32.4 in /syft/pkg/cataloger/python/test-fixtures/poetry/simple-deps
#3989
dependabot[bot]
closed
1 week ago
2
When scanning the FFmpeg binary with Syft, it fails to be recognized as a component.
#3988
Jeongho10
opened
1 week ago
4
Undeprecate binary classifier type
#3987
LaurentGoderre
opened
1 week ago
0
Suggest Image cleanup flow
#3986
houdini91
opened
1 week ago
0
Clean up downloaded images from daemons
#3985
houdini91
opened
1 week ago
5
fix: exclude packages with SPDX described_by and related indications
#3984
kzantow
opened
1 week ago
0
Configuration files described in SPDX with DESCRIBED_BY relationships are imported as Syft packages
#3983
kzantow
opened
1 week ago
2
chore: remove benchmark utils
#3982
wagoodman
closed
1 week ago
0
fix: exclude packages with SPDX generated_from source package indication
#3981
kzantow
closed
1 week ago
0
SBOM generation can be tricked due to inherent trust of installed packages file
#3980
ivanchubb
opened
1 week ago
1
chore(deps): bump modernc.org/sqlite from 1.37.1 to 1.38.0
#3979
dependabot[bot]
closed
1 week ago
0
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.1 to 5.16.2
#3978
dependabot[bot]
closed
1 week ago
0
chore(deps): update tools to latest versions
#3977
anchore-actions-token-generator[bot]
closed
1 week ago
0
chore(deps): update CPE dictionary index
#3976
anchore-actions-token-generator[bot]
closed
1 week ago
0
Add license filename used by github.com/grafana/tempo
#3975
zecke
opened
2 weeks ago
2
feat: enhance architecture detection in Go binary cataloger
#3974
omkute10
opened
2 weeks ago
0
Allow decoding of anchorectl json files
#3973
wagoodman
closed
1 week ago
1
Expose binutils externally
#3972
LaurentGoderre
opened
2 weeks ago
1
chore(deps): bump github.com/sergi/go-diff from 1.3.2-0.20230802210424-5b0b94c5c0d3 to 1.4.0
#3971
dependabot[bot]
closed
2 weeks ago
0
Next