-
Notifications
You must be signed in to change notification settings - Fork 519
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added OpenSSL binary matcher #2416
Conversation
918437d
to
cdd7bcb
Compare
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
cdd7bcb
to
f22e88d
Compare
Thanks for this one as well! cc @anchore/tools if we're ok with also moving the testing of these classifiers up to |
So the suggestion is testing the binary classifiers against a test image instead of committing a binary @spiffcs? Just wanted to make sure I understood the suggestion. I agree we should avoid committing binaries and testing against a container with the target binary installed makes a lot of sense to me. If we wanted to keep unit tests around, we could also have a byte slice literal that contains a little noise plus the bytes the regex will match on. This might also be useful for debugging the regexes and checking them for edge cases. |
* main: (30 commits) Add binary classifier for the ERLang interpretter (anchore#2417) Add binary classifier for Julia lang (anchore#2427) Add binary detection for PHP composer (anchore#2432) chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 (anchore#2433) chore(deps): update CPE dictionary index (anchore#2442) chore(deps): update stereoscope to 4b999b76ca8901d15bb97aef445dc94c38d11d5c (anchore#2440) fix syft-json test to use pretty json for snapshot testing (anchore#2441) refactor pkg.Collection (anchore#2439) refactor javascript cataloger to use configuration options when creating packages (anchore#2438) use single source of truth for archive options (anchore#2437) fix file digest cataloger when passed coordinates (anchore#2436) chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0 (anchore#2413) Look for a maven version in a pom from a parent dependency management section (anchore#2423) Parse Python licenses from LicenseExpression entry in the Wheel Metadata (anchore#2431) chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11 (anchore#2430) chore(deps): bump modernc.org/sqlite from 1.27.0 to 1.28.0 (anchore#2429) chore(deps): update tools to latest versions (anchore#2428) Parse Python licenses from LicenseFile entry in the Wheel Metadata (anchore#2331) fix: use filepath instead of path for file source exclusions (anchore#2411) chore(deps): bump github.com/charmbracelet/bubbletea (anchore#2424) ...
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* Added OpenSSL binary matcher Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> * chore: strip binary to smaller detection Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> --------- Signed-off-by: Laurent Goderre <laurent.goderre@docker.com> Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
No description provided.