80c1cc4e (HEAD -> v0.9.0-dev, tag: v0.9.0-rc5, origin/v0.9.0-dev) Merge pull request #829 from zhill/async_notifications_fix
e44ec030 Remove notification schema validation call since it relies on context not available in the catalog monitor threads and that is an internal dispatch
c4273ba1 (tag: v0.9.0-rc4) Merge pull request #828 from anchore/bump-syft-fix-mappers
3c709856 bump syft to v0.12.2
466bf045 fix rpm origin default
c1599b28 Merge pull request #826 from zhill/issue-789
2a975f6b ensure rpm size=0 shows as value, not n/a
5d91aa8b Initial changelog draft
e258430e (tag: v0.9.0-rc3) Merge pull request #822 from anchore/bump-syft-v0.12.0
90ff8a45 (origin/bump-syft-v0.12.0) bump syft from v0.12.0 to v0.12.1
f77a8429 bump syft from v0.11.1 to v0.12.0
21a303b4 Merge pull request #817 from anchore/syft-to-v0.11.1
2fa6d28d Merge pull request #816 from zhill/import_resource_cleanup
483d427c Adds image import resource cleanup during account deletion
aa249514 (origin/syft-to-v0.11.1) Upgrade syft version to v0.11.1
5adc73b2 corrected: uncommented a function within the rpm handler and correcte… (#814)
2a0c11a5 (tag: v0.9.0-rc2) Merge pull request #811 from anchore/migrate-binary-analyzer
d051e188 migrate hints processing out of syft path + leave metadata json string
9efa6496 reorganize analyzers entrypoint to anchore_engine.analyzers.run()
57184c05 add functional test for binary analyzer module
24964e83 migrate binary analyzer to in-process
f3ff8ebf Merge pull request #809 from anchore/debian_src_pkg_fix
f3ca10ad fix functional tests to account for deb src version + cpe sorting
79d80348 bump syft to v0.11.0
133fdeef enhance deb source version processing
c91c6e43 ensure top level python package is processed as optional
bb3f1a62 Fix to use a split source and sourceVersion field from syft
5a66cc81 Merge pull request #801 from zhill/analysis_q_msg_fix
e83df1a8 Make parent_manifest field not required in queue message
dc026e45 (tag: v0.9.0-rc1) Merge pull request #798 from anchore/fix-archive-rule-bug
314ed11e (origin/fix-archive-rule-bug) only validate rule if appropariate
58bf6b7c Merge pull request #794 from anchore/fix-dockerfile-for-p1
130b335e Merge pull request #793 from anchore/update_api_version
94b4dc60 Merge pull request #784 from zhill/issue-733
3b34ccf5 (origin/update_api_version) Bump external api version to 0.1.16
6c177b58 Silence deprecated escape sequence warnings
49624160 Update Authlib dependency to get fixes and updated cryptography lib. Fixes #733
ab36d93b use build_output for all dep binaries
d4a524fb Merge pull request #792 from anchore/analysis_events_fix
1e24b36c (origin/analysis_events_fix) Ensure events are sent on analysis and import success
7c8c45f4 (tag: v0.9.0-rc0) Bump versions in Dockerfile and circle config
c77385ae Merge pull request #790 from anchore/fix-anchore-image-post
2e056e3b fix docker tag validation & fix rfc3339 extapi ref
5813c000 Merge pull request #779 from anchore/image_import_v2
c6451a66 (origin/image_import_v2) Improvements to docker utils from review feedback
f7a7a003 Revert change to feed download test introduced in rfc3339 conversion but not needed now
03b962db Remove no-op exception handler in catalog default controller
b8b4ca67 Remove more assert statements to replace with ValueError or other exception
f0708672 Remove assert statements from utils for input checks, use ValueError instead
1f8c8f47 Fix catalog client to handle empty annotations on import call
e362c41e Fix swagger change on POST /images response back to array type instead of object
8d99d7c3 Remove change to default db entity datetime serialization to revert to iso8601 instead of rfc3339, will reconsider later
a3204932 Fix linter issues
89b2d465 Remove unused dao code that was work in progress
46a499df Add multi-tag and annotation in upload test script
8e53126a Add support for existing record state changes in analysis upload cases
e4e7929c Implements new image analysis import API to import data from external Syft execution.
099a469d Refactor catalog eval lookup logic
94d27611 Merge pull request #751 from ssthom/packagePathExclude
2e08f6ee Merge branch 'master' into packagePathExclude
21645b81 Add a shim to make CPE layering extendable (#769)
83afa8e4 Merge pull request #755 from anchore/issue-712
5b60d0ce (origin/issue-712) Merge branch 'master' into issue-712
aec59368 Merge pull request #761 from dspalmer99/issue-720
2ec93e43 Bump db version to 0.0.14 and add upgrade code to remove length hints for varchars
f0f8b230 Remove varchar length hints in policy engine db entities
c744a151 Fix linting.
9c131bed Refactor based on code review comments.
de7dd5c4 More linting changes.
cf53a162 Additional linting changes.
dd7ef603 Linting changes.
902ecb7c Add comments and tidy up
24535b78 Add more test cases.
74403438 Refactor to consolidate duplicate code for processing bundles, with a basic test to be expanded upon.
fbfe2e49 Load multiple policy bundles into the db, if present at startup.
2e447ec9 Look for all included policy bundles, instead of just the default.
8d34e693 intial implementation of moving image content retrieval to catalog (#744)
8441d671 Implementation of max images per account as part of Archive rule, and fixes for exclude logic (#764)
b0ff9f63 fix: lint errors
a2e6ef6f fix: merge conflicts
c6d34d62 Include fix version in check output message if one is available regardless of the gate parameter
535d2458 Merge pull request #773 from dspalmer99/issue-711
80220d8b Add remove-signatures to both skopeo copy commands.
608024fe Add remove-signatures to skopeo copy command.
a09132e0 Merge pull request #770 from anchore/bump-syft
47aa05a4 bump syft to latest 0.9.2
0dfbbe47 Merge pull request #749 from anchore/zb-add-unit-tests-for-secrets-gate
8a2ba36f Merge branch 'master' into zb-add-unit-tests-for-secrets-gate
ce03dec7 Merge pull request #767 from anchore/zb-725-fix-npms-gems-gate-and-add-tests
6bf09c69 (origin/zb-725-fix-npms-gems-gate-and-add-tests) Merge branch 'master' into zb-725-fix-npms-gems-gate-and-add-tests
1e44dd10 Merge pull request #765 from anchore/zb-756-fix-files-gate-and-add-unit-tests
1297be4e Added unit tests for gems and npms gate
5d8b6372 Fixed condition to return when feed is not present
4f34c9b7 (origin/zb-756-fix-files-gate-and-add-unit-tests) Added unit tests for file gate
98133561 Fixed ContentMatchTrigger conditions
4f60d504 Merge pull request #618 from anchore/additional-archival-rules
ef5a99d0 (origin/additional-archival-rules) Add exclude block so that archive rules can ignore iamges, and also allow a global max Add db upgrade function
08c5fc09 Updates to subscription type handling
48a621e6 Check format on PR, push (#752)
186e26c2 feat: ability to exclude packages by their path
4604cf59 Added unit tests for secrets gate
c0ac0e12 Merge pull request #740 from anchore/issue-722
eabe871e tests: update localanchore to not use removed exception
378eb631 tests: validate new run_check utility
e69d5ff6 clients: remove unneeded exception handlers and errors from localanchore
3e6fc927 clients: syft uses run_check with enhanced logging
d291efa4 utils: add a run_check helper to handle subprocess with non-zero code handling
d8bf9aec Merge pull request #746 from anchore/safely-dig-for-collections
4fa0cd9c safely dig for collections in syft analyzer mappers
bb3d41ff Merge pull request #741 from zhill/feed_api_marshalling
21104e34 Update marshalling logic to prevent double marshalling
5bbbe6b9 Code formatting with https://github.com/psf/black (#743)
c10a32d9 Merge pull request #738 from anchore/syft-integration
88c27e49 add functional test parameters
79fcb315 added: updated hints file call to perform a destructive update of pkg_values
7f1b9f0f tests: add hintsfile tests for analyzers
57d1c303 created content_hint function for handlers.
62458f27 Restore content hints functionality for removed analyzer modules
e02eaa1d analyzers: remove 10_package_list
c1d7af47 analyzers: use syft to populate busybox information
3740ad75 tests: add functional tests for busybox packages
c397b729 Replace dpkg analyzer module with syft call (#710)
a94e31cf Rpm handler syft package. (#701)
46790c72 Replace Alpine analyzer module with Syft call (#697)
78abf0b8 Add functional tests for alpine (#695)
e944e295 tests: add centos/rpm tests
2cc88e2a tests: add functional analyzer tests for debian packages
f0aa1843 pin syft to v0.5.0
544b38fd add unit tests for dig function
e611ea39 update java test fixtures with extra syft versions found
b045c7ec remove java metdata from loaders
299de58e improve java metadata matching for name, type, location, and maven-version fields
5c612ad6 Added java handler function for syft integration.
57c49e05 add functional tests for java
3fb4fb8a bump syft version to 0.4.1
5c877bbe analyzers: replace npm with syft
c8161895 tests: update npm fixtures to use latest
428e38c5 tests: remove assert helper, not needed
498b37b5 tests: use better parametrize identifiers in paths
89a06404 add syft integration for python analyzer module (#685)
daf80355 Always copy images to OCI format and fetch any foreign diffs (#684)
acc16ab5 Add syft integration & replace gem analyzer with syft call (#679)
799dcf00 Merge pull request #732 from anchore/zb-add-unit-tests-for-retrieved-files-gate
2fc5aeb5 Added unit tests for retrieved_files gate
90298f72 Merge pull request #731 from anchore/zb-add-unit-tests-for-always-gate
839425fe Added unit tests for always gate
e6c49303 Merge pull request #730 from anchore/zb-add-image-metadata-gate-tests
2e1e38ea Added unit tests for image_metadata gate
cf8181af Merge pull request #729 from anchore/zb-add-license-gate-unit-tests
4b371cc8 Added unit tests for license gate
3b4da9ea Merge pull request #719 from anchore/zb-add-passwd-file-test
996e11a9 Merge branch 'master' into zb-add-passwd-file-test
19fa81da Merge pull request #716 from anchore/zb-add-dockerfile-gate-unit-tests
2c166935 Merge branch 'master' into zb-add-dockerfile-gate-unit-tests
db6de08d Merge pull request #709 from zhill/issue-692
3cd9bce1 Added unit tests for passwd file gate
b732bdb4 Parameterized all tests to a single test function
6f6f9690 Added unit tests for dockerfile gate
a6e9057e Replaces older swagger-codegen models with marshmallow serialized objects for policy engine api
9803e863 Merge pull request #708 from anchore/issue-704
3943cb60 circle: add validation to prevent swagger schema fails
07807910 swagger: ensure that item types are defined for arrays, passes validation
8c61318b Parameterize CI for python version/tox env (#698)
b8ecd596 Merge pull request #676 from juanjolmm/master
6017d6b0 Merge branch 'master' into master
969cd9b4 Merge pull request #620 from pvnovarese/pvn_update
e5ae3b9f Merge branch 'master' into pvn_update
4e6ab87f Merge pull request #607 from anchore/dev/nurmi/python38
1f11386c (origin/dev/nurmi/python38) Merge branch 'master' into dev/nurmi/python38
ae1f38fe Merge pull request #614 from anchore/issue-611
6aa84a9d Merge branch 'master' into issue-611
28e22e4a Merge pull request #617 from anchore/timebased-whitelists
afcb9e3c (origin/timebased-whitelists) Merge branch 'master' into timebased-whitelists
a73caece tests: minimal validataion for deserialization changes
98f48309 policy_engine: make deserialization compatible with Python 3.8
7446690c Merge pull request #691 from anchore/bad_greeting_bad
3339264f (origin/bad_greeting_bad) Merge branch 'master' into bad_greeting_bad
b73acca0 Merge pull request #610 from anchore/issue-609
47dde838 (origin/issue-609) bump zope.interface to 4.7.2 which addresses incompatible changes
44ea04cc Greeting action is broken for forks; excise it!
ca613ec0 Add expiration to Whitelist sets Change expires on to be on the whitelist item instead of the set of items add unit test, and move is_expired logic to its own method
053caa99 Merge pull request #678 from zhill/issue-677
2e0431bf Merge branch 'master' into dev/nurmi/python38
605d1e10 Merge branch 'master' into issue-677
067ae355 Merge pull request #675 from anchore/test-js-packages
8b8f60ed tests: move package_list tests into a module
08a2a341 tests: add npm container for package list testing
58b5c26c tests: functional pkg list verification of npms
a7b3d0cd Merge branch 'master' into master
6f2cd220 Raise exception if image size is greater than the configured max clamscan size. Fixes #677
6d237268 Merge pull request #671 from anchore/v0.8.2-dev
ee713cb1 Added successes and errors Prometheus metrics
c0a677f2 (origin/v0.8.2-dev) Merge branch 'master' into v0.8.2-dev
63d1d690 Merge pull request #669 from anchore/test-python-packages
b4e16f91 tests: add Python 3.8 container for package list testing
d6cd7107 tests: include bundler in ruby gem fixtures
10381b80 tests: add python packages functional tests
4bec68ef Merge pull request #668 from anchore/quicker-builds-in-circleci
6a1bc6f2 (origin/quicker-builds-in-circleci) remove targeted build since we are not using docker_layer_caching option in circleci
e5777cfc Move top-level conftest into api level (#659)
ada3bb6d Allow for analyzer output to optionally be json encoded (#646)
25395da6 Add error handling to archives query logic (#599)
595770fb Provide the ability to test a webhook delivery (for the admin account), and expose the possible webhook schemas in the swagger spec (#569)
f1bb52ac Merge pull request #653 from anchore/add-functional-tests-from-enterprise
bbed088c (origin/add-functional-tests-from-enterprise) improve handling based on type of error_json, catch typeerror as well use getattr/hasattr
78f5ec10 Add keyword arguments so swagger can route the request to the api controller add comment to clarify unused method params
94debfb2 Working Functional tests execution
e122d7c1 Merge pull request #651 from anchore/test-gem-packages
cb57ff7e tests: initial package validation for gems
d9b9c185 tests: add functional checks for gem packages from the analyzers
2aa137df Merge pull request #650 from anchore/bump-urllib3
246d5f07 (origin/bump-urllib3) Fixes vulnerability reported and fixed with:
7c12d97f Merge pull request #616 from anchore/rprince/nightly-build
c4f03f4a (origin/rprince/nightly-build) Merge branch 'rprince/nightly-build' of github.com:anchore/anchore-engine into rprince/nightly-build
7bb42bff Merge branch 'master' into rprince/nightly-build
ccc8a174 Merge branch 'master' into rprince/nightly-build
21316ac4 Merge pull request #624 from anchore/rprince/first-pr
460a35e0 Merge branch 'master' into rprince/nightly-build
8a5b06cb Add nightly filter to all jobs in nightly workflow; remove make target
ae6f6efe Add the first PR message trigger
45f17394 Merge pull request #619 from anchore/rprince/first-issue-message
6a9899b8 Merge branch 'master' into rprince/first-issue-message
5410273c Once again: use master
fd749415 Use master for nightly build, at 3 AM Pacific
54859008 Merge branch 'master' into rprince/nightly-build
11ea6cf4 explanitory 'which is explicitly not allowed list' is nonsensical, simplifying it a bit
15454c11 Add first issue action
a9b65b4a Merge pull request #593 from anchore/fix-http-resp-code-archive-restore
14fa5964 Fix exception response handler and create dedicated exception for image conflict errors
5c98aeab Merge branch 'master' into rprince/nightly-build
47e11e2d Merge pull request #598 from anchore/improve-oauth-swagger-spec
8bcfc66f Run w/cli driver as e2e test
0629d4f9 Tolerate longer period w/out output
4e34c394 Invoke the CLI tests through the CI harness
c519ed3f Try the nightly w/cli tests
b34e9388 Try out cli driven tests and new chart repo
66f316b1 Use the correct branch to trigger the nightly build test
d455d51c Oh, it's after 8 PM in UTC right now
995442da Set up schedule to trigger nightly in a few minutes
22e5b034 Remove e2e from default workflow; add trigger to nightly
96633f57 [WIP] Set up nightly build
78be37fa Add input parameters to Oauth swagger spec
d5434ef0 update dockerfile to use python38 from python36. Fixes #605.