Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump stereoscope to latest version #1741

Merged
merged 4 commits into from
Apr 18, 2023
Merged

chore: bump stereoscope to latest version #1741

merged 4 commits into from
Apr 18, 2023

Conversation

westonsteimel
Copy link
Contributor

Resolves reporting of GHSA-hw7c-3rfg-p46j

@westonsteimel
chore: bump stereoscope to latest version
2104050 
Resolves reporting of GHSA-hw7c-3rfg-p46j

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
@westonsteimel
Copy link
Contributor Author

I'm unsure why the stereoscope PR workflow isn't creating this one

@westonsteimel westonsteimel enabled auto-merge (squash) April 17, 2023 08:36
@github-actions
Copy link

github-actions bot commented Apr 17, 2023
edited

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
goos: linux%0Agoarch: amd64%0Apkg: github.com/anchore/syft/test/integration%0Acpu: Intel(R) Xeon(R) Platinum 8171M CPU @ 2.60GHz%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │            sec/op            │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   14.32m ±  3%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             1.100m ±  3%25%0AImagePackageCatalogers/python-package-cataloger-2                           3.814m ±  4%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   940.3µ ±  1%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       484.6µ ±  2%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   708.9µ ±  1%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   638.0µ ± 21%25%0AImagePackageCatalogers/java-cataloger-2                                     16.01m ±  2%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     108.6µ ±  2%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    763.2µ ±  3%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         111.4µ ±  2%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              1.483m ±  3%25%0AImagePackageCatalogers/portage-cataloger-2                                  469.1µ ±  1%25%0AImagePackageCatalogers/nix-store-cataloger-2                                334.0µ ±  2%25%0AImagePackageCatalogers/sbom-cataloger-2                                     143.6µ ±  1%25%0AImagePackageCatalogers/binary-cataloger-2                                   252.9µ ±  1%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                             61.29m ±  6%25%0Ageomean                                                                     996.8µ%0A%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │             B/op             │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   5.067Mi ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             140.1Ki ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                           982.6Ki ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   180.1Ki ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       98.63Ki ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   169.8Ki ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   178.1Ki ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                     2.784Mi ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     8.750Ki ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    145.2Ki ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         10.06Ki ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              409.9Ki ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                  85.91Ki ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                48.91Ki ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                     14.20Ki ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                   31.95Ki ± 0%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                             62.65Mi ± 0%25%0Ageomean                                                                     192.8Ki%0A%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │          allocs/op           │%0AImagePackageCatalogers/alpmdb-cataloger-2                                    86.83k ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                              2.280k ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                            15.94k ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                    3.796k ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                        1.321k ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                    2.989k ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                    3.876k ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                      39.46k ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                       228.0 ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                     3.667k ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                           281.0 ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                               6.326k ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                   1.660k ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                  884.0 ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                       394.0 ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                     896.0 ± 0%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                              2.796k ± 0%25%0Ageomean                                                                      2.649k

@westonsteimel
Copy link
Contributor Author

westonsteimel commented Apr 17, 2023
edited

I'm unsure why the stereoscope PR workflow isn't creating this one

Nevermind, it did create #1732, I just didn't find it before for some reason

@spiffcs
Merge branch 'main' into bump-stereoscope
6893f6d 
* main:
  Fix kernel cataloger test fixtures (#1742)
@spiffcs spiffcs mentioned this pull request Apr 17, 2023
Closed
@spiffcs
Merge branch 'main' into bump-stereoscope
5671761 
* main:
  chore(deps): update bootstrap tools to latest versions (#1744)
  chore(deps): bump github.com/docker/docker (#1746)
  Create consul binary classifier (#1738)
  chore(deps): update bootstrap tools to latest versions (#1740)
@spiffcs
chore: redact ModTime from tested values
dd0db2c 
anchore/stereoscope@3282bc0
The above commit preserved time and updated the stereoscope linking strategy

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@westonsteimel westonsteimel merged commit ee80349 into main Apr 18, 2023
9 checks passed
@westonsteimel westonsteimel deleted the bump-stereoscope branch April 18, 2023 15:44
This was referenced Apr 24, 2023
Closed
Closed
Merged
Closed
Closed
spiffcs added a commit that referenced this pull request Apr 24, 2023
@spiffcs
Merge branch 'main' into 1577-license-revamp
d2c7792 
* main:
  Add sections of interest for Gemfile.lock cataloger (#1749)
  fix: update cache.fingerprint file to java-builds dir (#1748)
  Add ALPM Metadata to CYCLONEDX and SPDX output formats (#1747)
  chore: bump stereoscope to latest version (#1741)
  chore(deps): update bootstrap tools to latest versions (#1744)
  chore(deps): bump github.com/docker/docker (#1746)
  Create consul binary classifier (#1738)
  chore(deps): update bootstrap tools to latest versions (#1740)

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@dependabot dependabot bot mentioned this pull request Apr 24, 2023
Closed
This was referenced May 8, 2023
Closed
Merged
Closed
Closed
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@westonsteimel
chore: bump stereoscope to latest version (anchore#1741)
f719116 
Resolves reporting of GHSA-hw7c-3rfg-p46j

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spiffcs spiffcs spiffcs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@westonsteimel @spiffcs