tally
tally copied to clipboard
jetstack
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.1 to 3.2.0. Release notes Sourced from sigstore/cosign-installer's releases. v3.2.0 Note: This release comes with a fix for CVE-2023-46737 described in this Github Security Advisory. Please upgrade...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.25.0 to 1.27.0. Commits a8c3eea update dependencies 46bf234 Merge branch 'master' into 'master' e1849f3 Add capi_linux_ppc64le.go to fix ppc64le build 12bc57f Allow registering custom collations 0bbf655 Allow...
Bumps [github.com/package-url/packageurl-go](https://github.com/package-url/packageurl-go) from 0.1.1 to 0.1.2. Release notes Sourced from github.com/package-url/packageurl-go's releases. v0.1.2 What's Changed Add Julia by @Octogonapus in package-url/packageurl-go#44 feat: add missing purl types by @mcombuechen in package-url/packageurl-go#43...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4 to 5. Release notes Sourced from goreleaser/goreleaser-action's releases. v5.0.0 What's Changed feat: node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in...
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0. Release notes Sourced from docker/login-action's releases. v3.0.0 Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in docker/login-action#593 Bump @actions/core...
Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.86.1 to 0.90.0. Release notes Sourced from github.com/anchore/syft's releases. v0.90.0 v0.90.0 (2023-09-11) Full Changelog Added Features Expose cobra command in cli package [[PR #2097](https://redirect.github.com/anchore/syft/pull/2097)] [wagoodman] Explicitly test...
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. Release notes Sourced from actions/checkout's releases. v4.0.0 What's Changed Update default runtime to node20 by @takost in actions/checkout#1436 Support fetching without the --progress option...
Bumps [github.com/ossf/scorecard-webapp](https://github.com/ossf/scorecard-webapp) from 1.0.5 to 1.0.7. Release notes Sourced from github.com/ossf/scorecard-webapp's releases. v1.0.7 What's Changed :bug: Specify badge endpoints returns content-type image/svg+xml by @spencerschrock in ossf/scorecard-webapp#463 Full Changelog: https://github.com/ossf/scorecard-webapp/compare/v1.0.6...v1.0.7 v1.0.6...
Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.7.1 to 0.7.2. Release notes Sourced from github.com/CycloneDX/cyclonedx-go's releases. v0.7.2 This is a bugfix release that ships with minimal support for the CycloneDX v1.5 specification. Full support...
If you run `tally -o cyclonedx-json bom.json` on a `syft-json` file, it will exit successfully but not print any repositories. This is because the JSON parsing succeeds but there's no...
