fix(input): Avoid reading from stdin if --value is being used
#448
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate bot
added a commit
to scottames/dots
that referenced
this pull request
Nov 28, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [aquaproj/aqua-registry](https://togithub.com/aquaproj/aqua-registry) | minor | `v4.88.0` -> `v4.92.2` | | [charmbracelet/gum](https://togithub.com/charmbracelet/gum) | minor | `v0.11.0` -> `v0.12.0` | | [cli/cli](https://togithub.com/cli/cli) | patch | `v2.39.1` -> `v2.39.2` | | [mikefarah/yq](https://togithub.com/mikefarah/yq) | minor | `v4.35.2` -> `v4.40.3` | | [simulot/immich-go](https://togithub.com/simulot/immich-go) | patch | `0.8.3` -> `0.8.7` | | [twpayne/chezmoi](https://togithub.com/twpayne/chezmoi) | minor | `v2.41.0` -> `v2.42.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>aquaproj/aqua-registry (aquaproj/aqua-registry)</summary> ### [`v4.92.2`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.92.2) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.92.1...v4.92.2) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.92.2) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.92.2) | aquaproj/aqua-registry@v4.92.1...v4.92.2 #### Fixes [#​17677](https://togithub.com/aquaproj/aqua-registry/issues/17677) MordechaiHadad/bob: Follow up changes of bob v2.7.0 [#​17678](https://togithub.com/aquaproj/aqua-registry/issues/17678) particledecay/kconf: Fix old versions [#​17679](https://togithub.com/aquaproj/aqua-registry/issues/17679) blst-security/cherrybomb: Follow up changes of cherrybomb v1.0.1 Related issue: [blst-security/cherrybomb#153 ### [`v4.92.1`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.92.1) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.92.0...v4.92.1) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.92.1) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.92.1) | aquaproj/aqua-registry@v4.92.0...v4.92.1 #### Fixes [#​17667](https://togithub.com/aquaproj/aqua-registry/issues/17667) git-town/git-town: Follow up changes of git-town v10.0.3 [#​17653](https://togithub.com/aquaproj/aqua-registry/issues/17653) hktalent/scan4all: Transfer the repository to GhostTroops/scan4all The GitHub Repository of the package "hktalent/scan4all" was transferred from [hktalent/scan4all](https://togithub.com/hktalent/scan4all) to [GhostTroops/scan4all](https://togithub.com/GhostTroops/scan4all) [#​17622](https://togithub.com/aquaproj/aqua-registry/issues/17622) FiloSottile/age: Enable windows_arm_emulation ### [`v4.92.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.92.0) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.91.0...v4.92.0) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.92.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.92.0) | aquaproj/aqua-registry@v4.91.0...v4.92.0 #### 🎉 New Packages [#​17534](https://togithub.com/aquaproj/aqua-registry/issues/17534) [bensadeh/tailspin](https://togithub.com/bensadeh/tailspin): A log file highlighter [@​hituzi-no-sippo](https://togithub.com/hituzi-no-sippo) :warning: The package `crates.io/tailspin` was merged to `bensadeh/tailspin`. [#​17565](https://togithub.com/aquaproj/aqua-registry/issues/17565) [suzuki-shunsuke/nllint](https://togithub.com/suzuki-shunsuke/nllint): Linter to check newlines at the end of files ### [`v4.91.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.91.0) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.90.0...v4.91.0) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.91.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.91.0) | aquaproj/aqua-registry@v4.90.0...v4.91.0 #### 🎉 New Packages [#​17529](https://togithub.com/aquaproj/aqua-registry/issues/17529) [bazelbuild/bazelisk](https://togithub.com/bazelbuild/bazelisk): A user-friendly launcher for Bazel [@​monaka](https://togithub.com/monaka) #### Others [#​17528](https://togithub.com/aquaproj/aqua-registry/issues/17528) chore(cmdx): fix cmdx remove to be able to delete Docker container [@​hituzi-no-sippo](https://togithub.com/hituzi-no-sippo) ### [`v4.90.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.90.0) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.89.0...v4.90.0) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.90.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.90.0) | aquaproj/aqua-registry@v4.89.0...v4.90.0 #### 🎉 New Packages [#​17521](https://togithub.com/aquaproj/aqua-registry/issues/17521) [fujiwara/grpcp](https://togithub.com/fujiwara/grpcp): gRPC stream file transfer server/client [@​ponkio-o](https://togithub.com/ponkio-o) #### Fixes [#​17526](https://togithub.com/aquaproj/aqua-registry/issues/17526) Melkeydev/go-blueprint: Follow up changes of go-blueprint v0.3.1 Asset names were changed. [Melkeydev/go-blueprint#117 #### Others [#​17525](https://togithub.com/aquaproj/aqua-registry/issues/17525) style(scripts): convert indent from spaces to tabs [@​hituzi-no-sippo](https://togithub.com/hituzi-no-sippo) ### [`v4.89.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.89.0) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.88.0...v4.89.0) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.89.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.89.0) | aquaproj/aqua-registry@v4.88.0...v4.89.0 #### 🎉 New Packages [#​17466](https://togithub.com/aquaproj/aqua-registry/issues/17466) [self-actuated/actuated-cli](https://togithub.com/self-actuated/actuated-cli): CLI for actuated [@​ponkio-o](https://togithub.com/ponkio-o) </details> <details> <summary>charmbracelet/gum (charmbracelet/gum)</summary> ### [`v0.12.0`](https://togithub.com/charmbracelet/gum/releases/tag/v0.12.0) [Compare Source](https://togithub.com/charmbracelet/gum/compare/v0.11.0...v0.12.0) ### Gum Log 🪵 Version 0.12.0 of gum features a brand new `log` command. Gum `log` logs messages to the terminal at using different levels and styling using the [`charmbracelet/log`](https://togithub.com/charmbracelet/log) library. To get started, simply run: gum log ```bash ### Log some debug information. gum log --structured --level debug "Creating file..." name file.txt ### DEBUG Unable to create file. name=temp.txt ### Log some error. gum log --structured --level error "Unable to create file." name file.txt ### ERROR Unable to create file. name=temp.txt ``` See [`charmbracelet/log`](https://togithub.com/charmbracelet/log) for more usage. <img src="https://vhs.charm.sh/vhs-6jupuFM0s2fXiUrBE0I1vU.gif" width="600" alt="Running gum log with debug and error levels" /> #### What's Changed - Pretty Table Print by [@​maaslalani](https://togithub.com/maaslalani) in [charmbracelet/gum#436 - Log command by [@​aymanbagabas](https://togithub.com/aymanbagabas) in [charmbracelet/gum#449 - Avoid reading from stdin if `--value` is being used by [@​piero-vic](https://togithub.com/piero-vic) in [charmbracelet/gum#448 - Made filter work with lists as choose by [@​MikaelFangel](https://togithub.com/MikaelFangel) in [charmbracelet/gum#424 #### New Contributors - [@​cglong](https://togithub.com/cglong) made their first contribution in [charmbracelet/gum#401 - [@​docwhat](https://togithub.com/docwhat) made their first contribution in [charmbracelet/gum#433 - [@​piero-vic](https://togithub.com/piero-vic) made their first contribution in [charmbracelet/gum#448 **Full Changelog**: charmbracelet/gum@v0.11.0...v0.12.0 *** <a href="https://charm.sh/"><img alt="The Charm logo" src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a> Thoughts? Questions? We love hearing from you. Feel free to reach out on [Twitter](https://twitter.com/charmcli), [The Fediverse](https://mastodon.technology/@​charm), or on [Discord](https://charm.sh/chat). </details> <details> <summary>cli/cli (cli/cli)</summary> ### [`v2.39.2`](https://togithub.com/cli/cli/releases/tag/v2.39.2): GitHub CLI 2.39.2 [Compare Source](https://togithub.com/cli/cli/compare/v2.39.1...v2.39.2) #### What's Changed - build(deps): bump github.com/creack/pty from 1.1.20 to 1.1.21 by [@​dependabot](https://togithub.com/dependabot) in [cli/cli#8345 - `gh repo sync` should be able to sync a local branch with an upstream remote by [@​benebsiny](https://togithub.com/benebsiny) in [cli/cli#8229 - Update to latest go-gh by [@​samcoe](https://togithub.com/samcoe) in [cli/cli#8359 - Fix project status unmarshaling by [@​williammartin](https://togithub.com/williammartin) in [cli/cli#8384 **Full Changelog**: cli/cli@v2.39.1...v2.39.2 </details> <details> <summary>mikefarah/yq (mikefarah/yq)</summary> ### [`v4.40.3`](https://togithub.com/mikefarah/yq/releases/tag/v4.40.3): - Fixes JSON empty array bug [Compare Source](https://togithub.com/mikefarah/yq/compare/v4.40.2...v4.40.3) - Fixed JSON output issue with empty arrays [#​1880](https://togithub.com/mikefarah/yq/issues/1880) ### [`v4.40.2`](https://togithub.com/mikefarah/yq/releases/tag/v4.40.2): - Official [Compare Source](https://togithub.com/mikefarah/yq/compare/v4.40.1...v4.40.2) Thank you for all your support! I've fixed some of the issues that were kindly raised :) Happy to make the release official! - Do not panic when StdIn is closed ([#​1867](https://togithub.com/mikefarah/yq/issues/1867)) Thanks [@​aleskandro](https://togithub.com/aleskandro)! - Fixed issue when update against self [#​1869](https://togithub.com/mikefarah/yq/issues/1869) - Fixed multi doc anchor bug [#​1861](https://togithub.com/mikefarah/yq/issues/1861) - Fixes doc line separator issue when reading expression file [#​1860](https://togithub.com/mikefarah/yq/issues/1860) - Bumped dependencies ### [`v4.40.1`](https://togithub.com/mikefarah/yq/releases/tag/v4.40.1): - Engine refactor [Compare Source](https://togithub.com/mikefarah/yq/compare/v4.35.2...v4.40.1) I've done some overdue work on refactoring the core engine - pulling out the dependency on go-yaml. There are a couple of slight output changes (whitespace / document separators) in some niche scenarios - I think they are improvements, Bit nervous on releasing this, but all the tests are passing and I've added more tests! Love some early feedback :) - Added tonumber support - Added kind operator - Lua output fixes ([#​1811](https://togithub.com/mikefarah/yq/issues/1811)) - Thanks [@​Zash](https://togithub.com/Zash)! - Add support for Lua input ([#​1810](https://togithub.com/mikefarah/yq/issues/1810)) - Thanks [@​Zash](https://togithub.com/Zash)! - Bumped dependencies </details> <details> <summary>simulot/immich-go (simulot/immich-go)</summary> ### [`v0.8.7`](https://togithub.com/simulot/immich-go/releases/tag/0.8.7) [Compare Source](https://togithub.com/simulot/immich-go/compare/0.8.6...0.8.7) #### Changelog - [`875d965`](https://togithub.com/simulot/immich-go/commit/875d965) improvment: log can be written to log files - [`2546712`](https://togithub.com/simulot/immich-go/commit/2546712) more information on the log - [`7cd5d6e`](https://togithub.com/simulot/immich-go/commit/7cd5d6e) remove .MP from accepted files ### [`v0.8.6`](https://togithub.com/simulot/immich-go/releases/tag/0.8.6) [Compare Source](https://togithub.com/simulot/immich-go/compare/0.8.5...0.8.6) #### Release 0.8.6 ##### fix for [#​68](https://togithub.com/simulot/immich-go/issues/68): A lot of images skipped from Google Photos Takeout The Google takeout archive is full of traps. The difficulty is to associate all images with a JSON. Now more files are now imported. There still few missing files, but they are now listed. The program now reports how files are handled, or discarded. Upload report: 53998 scanned files 53993 handled files 26937 metadata files 535 uploaded files on the server 49 upgraded files on the server 1540 duplicated files in the input 8382 files already on the server 77 discarded files because in folder failed videos 1 discarded files because of options 16470 discarded files because server has a better image 1 files type not supported 1 errors 5 files without metadata file 7 files can't be handled File: Takeout/Google Photos/Photos from 2019/1556189729458-8d2e2d13-bca5-467e-a242-9e4cb238e(1).jpg File unhandled, missing JSON File: Takeout/Google Photos/Photos from 2022/original_1d4caa6f-16c6-4c3d-901b-9387de10e528_P(1).jpg File unhandled, missing JSON File: Takeout/Google Photos/Photos from 2022/original_af12c386-e334-4c57-88be-fdfadea71f16_P(1).jpg File unhandled, missing JSON File: Takeout/Google Photos/Photos from 2022/original_ec8d7b93-cbec-49c8-8707-38841db5e37d_P(1).jpg File unhandled, missing JSON File: Takeout/Google Photos/Photos from 2023/original_d3671642-c937-49c0-917a-8ef9cbb449c5_P(1).jpg File unhandled, missing JSON File: Takeout/Google Photos/user-generated-memory-titles.json Error , json: cannot unmarshal array into Go struct field GoogleMetaData.title of type string File: Takeout/archive_browser.html File type not supported Done. The plenty of rules for associating image to JSON are somewhat contradictory. I have to rethink the system for applying\ rules from the most common to the strangest ones. Still lot of work to deliver. #### Changelog - [`fde9232`](https://togithub.com/simulot/immich-go/commit/fde9232) [#​68](https://togithub.com/simulot/immich-go/issues/68): MP files - [`1e7e316`](https://togithub.com/simulot/immich-go/commit/1e7e316) [#​68](https://togithub.com/simulot/immich-go/issues/68): better error report - [`ef9958a`](https://togithub.com/simulot/immich-go/commit/ef9958a) [#​68](https://togithub.com/simulot/immich-go/issues/68): handling edge cases - [`9a09501`](https://togithub.com/simulot/immich-go/commit/9a09501) Merge branch 'Fix-for-[#​78](https://togithub.com/simulot/immich-go/issues/78)-mp4-files-do-not-get-imported' into [#​68](https://togithub.com/simulot/immich-go/issues/68)-Lot-of-images-is-missing - [`50c5bdf`](https://togithub.com/simulot/immich-go/commit/50c5bdf) WIP [#​68](https://togithub.com/simulot/immich-go/issues/68) - [`68d4d40`](https://togithub.com/simulot/immich-go/commit/68d4d40) edit release.md - [`6f26ece`](https://togithub.com/simulot/immich-go/commit/6f26ece) wip: better upload report ### [`v0.8.5`](https://togithub.com/simulot/immich-go/releases/tag/0.8.5) [Compare Source](https://togithub.com/simulot/immich-go/compare/0.8.4...0.8.5) #### Changelog - [`b8827c8`](https://togithub.com/simulot/immich-go/commit/b8827c8) fix for [#​78](https://togithub.com/simulot/immich-go/issues/78): mp4-files do not get imported ### [`v0.8.4`](https://togithub.com/simulot/immich-go/releases/tag/0.8.4) [Compare Source](https://togithub.com/simulot/immich-go/compare/0.8.3...0.8.4) #### Changelog - [`edc40a3`](https://togithub.com/simulot/immich-go/commit/edc40a3) doc: edit release.md - [`071b52d`](https://togithub.com/simulot/immich-go/commit/071b52d) fix [#​67](https://togithub.com/simulot/immich-go/issues/67): Live photos files are stacked and not recognized as live photos - [`fd62fa8`](https://togithub.com/simulot/immich-go/commit/fd62fa8) implement include / exclude options - [`f36888b`](https://togithub.com/simulot/immich-go/commit/f36888b) wip [#​67](https://togithub.com/simulot/immich-go/issues/67) - [`b93ceab`](https://togithub.com/simulot/immich-go/commit/b93ceab) wip [#​67](https://togithub.com/simulot/immich-go/issues/67): implement Live photos for folders - [`d959c75`](https://togithub.com/simulot/immich-go/commit/d959c75) wip [#​67](https://togithub.com/simulot/immich-go/issues/67): implement live photos for google takeouts - [`c214a49`](https://togithub.com/simulot/immich-go/commit/c214a49) wip: rename package assets in browser </details> <details> <summary>twpayne/chezmoi (twpayne/chezmoi)</summary> ### [`v2.42.0`](https://togithub.com/twpayne/chezmoi/releases/tag/v2.42.0) [Compare Source](https://togithub.com/twpayne/chezmoi/compare/v2.41.0...v2.42.0) #### Changelog ##### Features - [`694977b`](https://togithub.com/twpayne/chezmoi/commit/694977b90) feat: Preserve numeric types when reading from .chezmoidata JSON and JSONC files - [`1f11386`](https://togithub.com/twpayne/chezmoi/commit/1f1138688) feat: Preserve integer values in fromJson and fromJsonc template funcs - [`711a39a`](https://togithub.com/twpayne/chezmoi/commit/711a39a73) feat: Add read-source-state hook ##### Documentation updates - [`47609a3`](https://togithub.com/twpayne/chezmoi/commit/47609a3d7) docs: Add admonitions linking remove and forget - [`8784a67`](https://togithub.com/twpayne/chezmoi/commit/8784a6713) docs: Add links to blog posts </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 4pm on thursday" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/scottames/dots). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41OS44IiwidXBkYXRlZEluVmVyIjoiMzcuNTkuOCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
mend-for-github-com bot
added a commit
to DelineaXPM/dsv-cli
that referenced
this pull request
Dec 21, 2023
](https://renovatebot.com){kind=link}
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [anchore/grype](https://togithub.com/anchore/grype) | minor |
`v0.65.1` -> `v0.73.4` |
| [anchore/quill](https://togithub.com/anchore/quill) | patch | `v0.4.0`
-> `v0.4.1` |
| [anchore/syft](https://togithub.com/anchore/syft) | minor | `v0.87.0`
-> `v0.98.0` |
| [charmbracelet/gum](https://togithub.com/charmbracelet/gum) | minor |
`v0.11.0` -> `v0.13.0` |
| [charmbracelet/vhs](https://togithub.com/charmbracelet/vhs) | minor |
`v0.6.0` -> `v0.7.1` |
| [direnv/direnv](https://togithub.com/direnv/direnv) | minor |
`v2.32.3` -> `v2.33.0` |
| [golang/go](https://togithub.com/golang/go) | patch | `1.21.0` ->
`1.21.5` |
| [goreleaser/goreleaser](https://togithub.com/goreleaser/goreleaser) |
minor | `v1.20.0` -> `v1.22.1` |
|
[gotestyourself/gotestsum](https://togithub.com/gotestyourself/gotestsum)
| minor | `v1.10.1` -> `v1.11.0` |
| [mikefarah/yq](https://togithub.com/mikefarah/yq) | minor | `v4.35.1`
-> `v4.40.5` |
| [miniscruff/changie](https://togithub.com/miniscruff/changie) | minor
| `v1.12.0` -> `v1.17.0` |
| [sharkdp/hyperfine](https://togithub.com/sharkdp/hyperfine) | minor |
`v1.17.0` -> `v1.18.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
<details>
<summary>anchore/grype (anchore/grype)</summary>
### [`v0.73.4`](https://togithub.com/anchore/grype/releases/tag/v0.73.4)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.73.3...v0.73.4)
##### Additional Changes
- bump to syft v0.98.0 in quality gate tests
\[[#​1623](https://togithub.com/anchore/grype/pull/1623)
[@​westonsteimel](https://togithub.com/westonsteimel)]
- update syft to v0.98.0; go mod tidy
\[[#​1621](https://togithub.com/anchore/grype/pull/1621)
[@​spiffcs](https://togithub.com/spiffcs)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.73.3...v0.73.4)**
### [`v0.73.3`](https://togithub.com/anchore/grype/releases/tag/v0.73.3)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.73.2...v0.73.3)
##### Additional Changes
- update Syft to v0.97.1
\[[#​1610](https://togithub.com/anchore/grype/pull/1610)
[@​anchore-actions-token-generator](https://togithub.com/anchore-actions-token-generator)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.73.2...v0.73.3)**
### [`v0.73.2`](https://togithub.com/anchore/grype/releases/tag/v0.73.2)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.73.1...v0.73.2)
##### Bug Fixes
- Vulnerabilities in go packages without go modules are not detected
\[[#​1581](https://togithub.com/anchore/grype/issues/1581)
[#​1599](https://togithub.com/anchore/grype/pull/1599)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.73.1...v0.73.2)**
### [`v0.73.1`](https://togithub.com/anchore/grype/releases/tag/v0.73.1)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.73.0...v0.73.1)
##### Bug Fixes
- CycloneDX based analysis failing
\[[#​1594](https://togithub.com/anchore/grype/issues/1594)
[#​1596](https://togithub.com/anchore/grype/pull/1596)
[@​anchore-actions-token-generator](https://togithub.com/anchore-actions-token-generator)]
- False negatives when scanning debian trixie/sid images from Dockerhub
\[[#​1446](https://togithub.com/anchore/grype/issues/1446)
[#​1593](https://togithub.com/anchore/grype/pull/1593)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
##### Additional Changes
- avoid allocations with `(*regexp.Regexp).MatchString`
\[[#​1592](https://togithub.com/anchore/grype/pull/1592)
[@​Juneezee](https://togithub.com/Juneezee)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.73.0...v0.73.1)**
### [`v0.73.0`](https://togithub.com/anchore/grype/releases/tag/v0.73.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.72.0...v0.73.0)
##### Added Features
- Add a reason field to ignore config
\[[#​1337](https://togithub.com/anchore/grype/issues/1337)
[#​1532](https://togithub.com/anchore/grype/pull/1532)
[@​shanduur](https://togithub.com/shanduur)]
- Colorize severity in table output
\[[#​225](https://togithub.com/anchore/grype/issues/225)
[#​1284](https://togithub.com/anchore/grype/pull/1284)
[@​shanedell](https://togithub.com/shanedell)]
##### Bug Fixes
- Enable setting golang CPE config using env var
\[[#​1585](https://togithub.com/anchore/grype/pull/1585)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Incorrect version comparisons for maven packages
\[[#​1526](https://togithub.com/anchore/grype/issues/1526)
[#​1571](https://togithub.com/anchore/grype/pull/1571)
[@​spiffcs](https://togithub.com/spiffcs)]
- Grype fails to detect postgresql jdbc driver CVEs when scanning .jar
\[[#​1482](https://togithub.com/anchore/grype/issues/1482)]
##### Additional Changes
- Incorporate format API changes from syft
\[[#​1582](https://togithub.com/anchore/grype/pull/1582)
[@​wagoodman](https://togithub.com/wagoodman)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.72.0...v0.73.0)**
### [`v0.72.0`](https://togithub.com/anchore/grype/releases/tag/v0.72.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.71.0...v0.72.0)
##### Added Features
- Add --ignore-states flag for ignoring findings with specific fix
states \[[#​1473](https://togithub.com/anchore/grype/pull/1473)
[@​jhebden-gl](https://togithub.com/jhebden-gl)]
- Implement checksum & artifact signing
\[[#​1513](https://togithub.com/anchore/grype/issues/1513)
[#​1535](https://togithub.com/anchore/grype/pull/1535)
[@​hibare](https://togithub.com/hibare)]
##### Bug Fixes
- Report errors to stderr not stdout
\[[#​1561](https://togithub.com/anchore/grype/pull/1561)
[@​wagoodman](https://togithub.com/wagoodman)]
- grype v0.71.0 stopped showing vulnerabilities for Go stdlib
\[[#​1562](https://togithub.com/anchore/grype/issues/1562)
[#​1565](https://togithub.com/anchore/grype/pull/1565)
[@​wagoodman](https://togithub.com/wagoodman)]
- SARIF output not compatible with GitHub
\[[#​1518](https://togithub.com/anchore/grype/issues/1518)
[#​1563](https://togithub.com/anchore/grype/pull/1563)
[@​spiffcs](https://togithub.com/spiffcs)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.71.0...v0.72.0)**
### [`v0.71.0`](https://togithub.com/anchore/grype/releases/tag/v0.71.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.70.0...v0.71.0)
##### Added Features
- use ghsa to improve matching for cpes
\[[#​811](https://togithub.com/anchore/grype/issues/811)
[#​1412](https://togithub.com/anchore/grype/pull/1412)
[@​westonsteimel](https://togithub.com/westonsteimel)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.70.0...v0.71.0)**
### [`v0.70.0`](https://togithub.com/anchore/grype/releases/tag/v0.70.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.69.1...v0.70.0)
##### Added Features
- Update Syft to v0.93.0 + enable golang stdlib matching
\[[#​1550](https://togithub.com/anchore/grype/pull/1550)
[@​spiffcs](https://togithub.com/spiffcs) ]
##### Bug Fixes
- JSON output: descriptor name is missing "grype" value
\[[#​1538](https://togithub.com/anchore/grype/issues/1538)
[#​1542](https://togithub.com/anchore/grype/pull/1542)
[@​kzantow](https://togithub.com/kzantow)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.69.1...v0.70.0)**
### [`v0.69.1`](https://togithub.com/anchore/grype/releases/tag/v0.69.1)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.69.0...v0.69.1)
##### Bug Fixes
- Incorrect python version comparisons for rc releases
\[[#​986](https://togithub.com/anchore/grype/issues/986)
[#​1510](https://togithub.com/anchore/grype/pull/1510)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- False Positive: CVE-2023-37920 reported for certifi library in python
\[[#​1417](https://togithub.com/anchore/grype/issues/1417)
[#​1510](https://togithub.com/anchore/grype/pull/1510)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Grype is not recognizing python-certifi is patched for
GHSA-43fp-rhv2-5gv8
\[[#​1172](https://togithub.com/anchore/grype/issues/1172)
[#​1510](https://togithub.com/anchore/grype/pull/1510)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- False positive on certifi 2022.12.07
\[[#​1034](https://togithub.com/anchore/grype/issues/1034)
[#​1510](https://togithub.com/anchore/grype/pull/1510)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Leading zeros seen as difference in version numbers
\[[#​1430](https://togithub.com/anchore/grype/issues/1430)
[#​1510](https://togithub.com/anchore/grype/pull/1510)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
##### Additional Changes
- add OpenSSF Best Practices badge
\[[#​1523](https://togithub.com/anchore/grype/pull/1523)
[@​spiffcs](https://togithub.com/spiffcs)]
- Bump vulnerability match labels
\[[#​1525](https://togithub.com/anchore/grype/pull/1525)
[@​wagoodman](https://togithub.com/wagoodman)]
- bump stereoscope to fix data race in UI
\[[#​1517](https://togithub.com/anchore/grype/pull/1517)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.69.0...v0.69.1)**
### [`v0.69.0`](https://togithub.com/anchore/grype/releases/tag/v0.69.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.68.1...v0.69.0)
##### Added Features
- Upgrade syft to v0.91.0 (and CycloneDX to v1.5)
\[[#​1508](https://togithub.com/anchore/grype/pull/1508)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Bug Fixes
- Grype doesn't exit cleanly on error
\[[#​1492](https://togithub.com/anchore/grype/issues/1492)
[#​1505](https://togithub.com/anchore/grype/pull/1505)
[@​kzantow](https://togithub.com/kzantow)]
##### Additional Changes
- Fix typo in flag on Readme
\[[#​1501](https://togithub.com/anchore/grype/pull/1501)
[@​robszumski](https://togithub.com/robszumski)]
- pin cache versions
\[[#​1495](https://togithub.com/anchore/grype/pull/1495)
[@​spiffcs](https://togithub.com/spiffcs)]
**[(Full
Changelog)](https://togithub.com/anchore/grype/compare/v0.68.1...v0.69.0)**
### [`v0.68.1`](https://togithub.com/anchore/grype/releases/tag/v0.68.1)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.68.0...v0.68.1)
###
#### [v0.68.1](https://togithub.com/anchore/grype/tree/v0.68.1)
(2023-09-15)
[Full
Changelog](https://togithub.com/anchore/grype/compare/v0.68.0...v0.68.1)
##### Bug Fixes
- Version output was not including supported db schema \[[PR
#​1494](https://togithub.com/anchore/grype/pull/1494)]
\[[kzantow](https://togithub.com/kzantow)]
### [`v0.68.0`](https://togithub.com/anchore/grype/releases/tag/v0.68.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.67.0...v0.68.0)
###
#### [v0.68.0](https://togithub.com/anchore/grype/tree/v0.68.0)
(2023-09-14)
[Full
Changelog](https://togithub.com/anchore/grype/compare/v0.67.0...v0.68.0)
##### Added Features
- Ignore/add match results based on OpenVEX documents \[[PR
#​1397](https://togithub.com/anchore/grype/pull/1397)]
\[[puerco](https://togithub.com/puerco)]
- Introduce exit code failure option for db update check \[[PR
#​1463](https://togithub.com/anchore/grype/pull/1463)]
\[[devfbe](https://togithub.com/devfbe)]
##### Bug Fixes
- Fix race conditions around stager, enable detector \[[PR
#​1489](https://togithub.com/anchore/grype/pull/1489)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- Grype hangs forever if gets interrupted during work (in rare cases)
\[[Issue #​1427](https://togithub.com/anchore/grype/issues/1427)]
\[[PR #​1437](https://togithub.com/anchore/grype/pull/1437)]
\[[kzantow](https://togithub.com/kzantow)]
### [`v0.67.0`](https://togithub.com/anchore/grype/releases/tag/v0.67.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.66.0...v0.67.0)
###
#### [v0.67.0](https://togithub.com/anchore/grype/tree/v0.67.0)
(2023-09-11)
[Full
Changelog](https://togithub.com/anchore/grype/compare/v0.66.0...v0.67.0)
##### Additional Changes
- chore: bump quality gate to use syft v0.89.0 \[[PR
#​1479](https://togithub.com/anchore/grype/pull/1479)]
\[[westonsteimel](https://togithub.com/westonsteimel)]
- chore: update grype to use Go v1.21 \[[PR
#​1480](https://togithub.com/anchore/grype/pull/1480)]
\[[spiffcs](https://togithub.com/spiffcs)]
### [`v0.66.0`](https://togithub.com/anchore/grype/releases/tag/v0.66.0)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.65.2...v0.66.0)
###
#### [v0.66.0](https://togithub.com/anchore/grype/tree/v0.66.0)
(2023-08-31)
[Full
Changelog](https://togithub.com/anchore/grype/compare/v0.65.2...v0.66.0)
##### Added Features
- Allow for access to private CAs securely \[[Issue
#​1226](https://togithub.com/anchore/grype/issues/1226)] \[[PR
#​1232](https://togithub.com/anchore/grype/pull/1232)]
\[[5p2O5pe25ouT](https://togithub.com/5p2O5pe25ouT)]
- Filter out packages that are owned by OS packages (ownership overlap)
\[[Issue #​1373](https://togithub.com/anchore/grype/issues/1373)]
\[[PR #​1387](https://togithub.com/anchore/grype/pull/1387)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
##### Bug Fixes
- fix: Only remove packages by binary overlap \[[PR
#​1444](https://togithub.com/anchore/grype/pull/1444)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- New version notice only showing the version and no text \[[PR
#​1445](https://togithub.com/anchore/grype/pull/1445)]
\[[wagoodman](https://togithub.com/wagoodman)]
- fix: set correct default to exclude overlapping binaries \[[PR
#​1452](https://togithub.com/anchore/grype/pull/1452)]
\[[kzantow](https://togithub.com/kzantow)]
- Portage version comparison is not working \[[Issue
#​1459](https://togithub.com/anchore/grype/issues/1459)] \[[PR
#​1468](https://togithub.com/anchore/grype/pull/1468)]
\[[barnuri](https://togithub.com/barnuri)]
##### Additional Changes
- Update Syft to 0.89.0
### [`v0.65.2`](https://togithub.com/anchore/grype/releases/tag/v0.65.2)
[Compare
Source](https://togithub.com/anchore/grype/compare/v0.65.1...v0.65.2)
###
#### [v0.65.2](https://togithub.com/anchore/grype/tree/v0.65.2)
(2023-08-17)
[Full
Changelog](https://togithub.com/anchore/grype/compare/v0.65.1...v0.65.2)
##### Additional Changes
- Update Syft to v0.87.1
- Add a simple JUnit XML template \[[PR
#​1422](https://togithub.com/anchore/grype/pull/1422)]
\[[YevheniiPokhvalii](https://togithub.com/YevheniiPokhvalii)]
- Update semver regular expression constraint to allow for 1.20rc1 cases
no '-' \[[PR
#​1434](https://togithub.com/anchore/grype/pull/1434)]
\[[spiffcs](https://togithub.com/spiffcs)]
</details>
<details>
<summary>anchore/quill (anchore/quill)</summary>
### [`v0.4.1`](https://togithub.com/anchore/quill/releases/tag/v0.4.1)
[Compare
Source](https://togithub.com/anchore/quill/compare/v0.4.0...v0.4.1)
### Changelog
#### [v0.4.1](https://togithub.com/anchore/quill/tree/v0.4.1)
(2023-08-25)
[Full
Changelog](https://togithub.com/anchore/quill/compare/v0.4.0...v0.4.1)
##### Bug Fixes
- Quill notarization failed \[[Issue
#​118](https://togithub.com/anchore/quill/issues/118)] \[[PR
#​119](https://togithub.com/anchore/quill/pull/119)]
\[[wagoodman](https://togithub.com/wagoodman)]
##### Additional Changes
- Port to clio \[[PR
#​53](https://togithub.com/anchore/quill/pull/53)]
\[[wagoodman](https://togithub.com/wagoodman)]
- chore: update to latest clio \[[PR
#​98](https://togithub.com/anchore/quill/pull/98)]
\[[kzantow](https://togithub.com/kzantow)]
</details>
<details>
<summary>anchore/syft (anchore/syft)</summary>
### [`v0.98.0`](https://togithub.com/anchore/syft/releases/tag/v0.98.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.97.1...v0.98.0)
##### Added Features
- Add binary classifiers for MySQL and MariaDB
\[[#​2316](https://togithub.com/anchore/syft/pull/2316)
[@​duanemay](https://togithub.com/duanemay)]
- Enhance redis binary classifier to support additional versions
\[[#​2329](https://togithub.com/anchore/syft/pull/2329)
[@​whalelines](https://togithub.com/whalelines)]
- Expose compact JSON and XML format configuration
\[[#​561](https://togithub.com/anchore/syft/issues/561)
[#​2275](https://togithub.com/anchore/syft/pull/2275)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Bug Fixes
- Fix file metadata cataloger when passed explicit coordinates
\[[#​2370](https://togithub.com/anchore/syft/pull/2370)
[@​wagoodman](https://togithub.com/wagoodman)]
- hardcode xalan group ID
\[[#​2368](https://togithub.com/anchore/syft/pull/2368)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- logging level for parsing potential PE files
\[[#​2367](https://togithub.com/anchore/syft/pull/2367)
[@​kzantow](https://togithub.com/kzantow)]
- Use read lock in `pkg.Collection`
\[[#​2341](https://togithub.com/anchore/syft/pull/2341)
[@​wagoodman](https://togithub.com/wagoodman)]
- add manual namespace mapping for org.springframework jars
\[[#​2345](https://togithub.com/anchore/syft/pull/2345)
[@​westonsteimel](https://togithub.com/westonsteimel)]
- add manual namespace mapping for org.springframework.security jars
\[[#​2343](https://togithub.com/anchore/syft/pull/2343)
[@​westonsteimel](https://togithub.com/westonsteimel)]
- errors are printed into the stdout in syft 0.97.1
\[[#​2356](https://togithub.com/anchore/syft/issues/2356)
[#​2364](https://togithub.com/anchore/syft/pull/2364)
[@​kzantow](https://togithub.com/kzantow)]
- `syft some-jar.jar` fails to find packages if PWD is a symlink
\[[#​2355](https://togithub.com/anchore/syft/issues/2355)
[#​2359](https://togithub.com/anchore/syft/pull/2359)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Default for recently added base path, `""`, disables detection of
symlinked `*.jar` files
\[[#​1962](https://togithub.com/anchore/syft/issues/1962)
[#​2359](https://togithub.com/anchore/syft/pull/2359)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- `syft attest` broken since 0.85.0
\[[#​2333](https://togithub.com/anchore/syft/issues/2333)
[#​2337](https://togithub.com/anchore/syft/pull/2337)
[@​wagoodman](https://togithub.com/wagoodman)]
- Incorrect Java PURL for org.bouncycastle jars
\[[#​2339](https://togithub.com/anchore/syft/issues/2339)
[#​2342](https://togithub.com/anchore/syft/pull/2342)
[@​westonsteimel](https://togithub.com/westonsteimel)]
##### Breaking Changes
- Remove power-user command and related catalogers
\[[#​1419](https://togithub.com/anchore/syft/issues/1419)
[#​2306](https://togithub.com/anchore/syft/pull/2306)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Additional Changes
- Normalize cataloger configuration patterns
\[[#​2365](https://togithub.com/anchore/syft/pull/2365)
[@​wagoodman](https://togithub.com/wagoodman)]
- Normalize enums to lowercase with hyphens
\[[#​2363](https://togithub.com/anchore/syft/pull/2363)
[@​wagoodman](https://togithub.com/wagoodman)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.97.1...v0.98.0)**
##### Special Thanks
Thanks [@​duanemay](https://togithub.com/duanemay) and
[@​whalelines](https://togithub.com/whalelines) for the enhanced
binary classifier support 👍
### [`v0.97.1`](https://togithub.com/anchore/syft/releases/tag/v0.97.1)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.97.0...v0.97.1)
##### Bug Fixes
- Syft does not use HTTP proxy when downloading the Docker image itself
\[[#​2203](https://togithub.com/anchore/syft/issues/2203)
[#​2336](https://togithub.com/anchore/syft/pull/2336)
[@​anchore-actions-token-generator](https://togithub.com/anchore-actions-token-generator)]
##### Additional Changes
- `syft version` report is broken with 0.97.0 release
\[[#​2334](https://togithub.com/anchore/syft/issues/2334)
[#​2335](https://togithub.com/anchore/syft/pull/2335)
[@​spiffcs](https://togithub.com/spiffcs)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.97.0...v0.97.1)**
### [`v0.97.0`](https://togithub.com/anchore/syft/releases/tag/v0.97.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.96.0...v0.97.0)
##### Added Features
- Add license for golang stdlib package
\[[#​2317](https://togithub.com/anchore/syft/pull/2317)
[@​coheigea](https://togithub.com/coheigea)]
- Fall back to searching maven central using groupIDFromJavaMetadata
\[[#​2295](https://togithub.com/anchore/syft/pull/2295)
[@​coheigea](https://togithub.com/coheigea)]
##### Bug Fixes
- Refine license search from groupIDFromJavaMetadata to account for
artfactId in the groupId
\[[#​2313](https://togithub.com/anchore/syft/pull/2313)
[@​coheigea](https://togithub.com/coheigea)]
- capture content written to stdout outside of report
\[[#​2324](https://togithub.com/anchore/syft/pull/2324)
[@​kzantow](https://togithub.com/kzantow)]
- add manual groupid mappings for org.apache.velocity jars
\[[#​2327](https://togithub.com/anchore/syft/pull/2327)
[@​westonsteimel](https://togithub.com/westonsteimel)]
- skip maven bundle plugin logic if vendor id and symbolic name match
\[[#​2326](https://togithub.com/anchore/syft/pull/2326)
[@​westonsteimel](https://togithub.com/westonsteimel)]
- cataloger `dpkg-db-cataloger` not working
\[[#​2323](https://togithub.com/anchore/syft/issues/2323)]
##### Breaking Changes
- Rename Location virtualPath to accessPath
\[[#​1835](https://togithub.com/anchore/syft/issues/1835)
[#​2288](https://togithub.com/anchore/syft/pull/2288)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Additional Changes
- Export syft-json format package metadata type helper
\[[#​2328](https://togithub.com/anchore/syft/pull/2328)
[@​wagoodman](https://togithub.com/wagoodman)]
- Add dotnet-portable-executable-cataloger to README
\[[#​2322](https://togithub.com/anchore/syft/pull/2322)
[@​noqcks](https://togithub.com/noqcks)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.96.0...v0.97.0)**
### [`v0.96.0`](https://togithub.com/anchore/syft/releases/tag/v0.96.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.95.0...v0.96.0)
##### Added Features
- Check maven central as well for licenses in parents poms for nested
jars \[[#​2302](https://togithub.com/anchore/syft/pull/2302)
[@​coheigea](https://togithub.com/coheigea)]
- store image annotations inside the SBOM
\[[#​2267](https://togithub.com/anchore/syft/issues/2267)
[#​2294](https://togithub.com/anchore/syft/pull/2294)
[@​noqcks](https://togithub.com/noqcks)]
- Support parsing license information in Maven projects via parent poms
\[[#​2103](https://togithub.com/anchore/syft/issues/2103)]
##### Bug Fixes
- SPDX file has duplicate sha256 tag in versionInfo
\[[#​2300](https://togithub.com/anchore/syft/pull/2300)
[@​coheigea](https://togithub.com/coheigea)]
- Report virtual path consistently between file.Resolvers
\[[#​1836](https://togithub.com/anchore/syft/issues/1836)
[#​2287](https://togithub.com/anchore/syft/pull/2287)
[@​wagoodman](https://togithub.com/wagoodman)]
- Unable to identify CycloneDX JSON documents without $schema property
\[[#​2299](https://togithub.com/anchore/syft/issues/2299)
[#​2303](https://togithub.com/anchore/syft/pull/2303)
[@​kzantow](https://togithub.com/kzantow)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.95.0...v0.96.0)**
### [`v0.95.0`](https://togithub.com/anchore/syft/releases/tag/v0.95.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.94.0...v0.95.0)
##### Added Features
- Use case-insensitive matching for Go license files
\[[#​2286](https://togithub.com/anchore/syft/pull/2286)
[@​miquella](https://togithub.com/miquella)]
- Add conaninfo.txt parser to detect conan packages in docker images
\[[#​2234](https://togithub.com/anchore/syft/pull/2234)
[@​Pro](https://togithub.com/Pro)]
- Perform case insensitive matching on Java License files
\[[#​2235](https://togithub.com/anchore/syft/pull/2235)
[@​coheigea](https://togithub.com/coheigea)]
- Read a license from a parent pom stored in Maven Central
\[[#​2228](https://togithub.com/anchore/syft/pull/2228)
[@​coheigea](https://togithub.com/coheigea)]
- Add PURLs when scanning Gradle lock files
\[[#​2278](https://togithub.com/anchore/syft/pull/2278)
[@​robbiev](https://togithub.com/robbiev)]
##### Bug Fixes
- Fix CPE index workflow
\[[#​2252](https://togithub.com/anchore/syft/pull/2252)
[@​wagoodman](https://togithub.com/wagoodman)]
- Fix cpe generation task
\[[#​2270](https://togithub.com/anchore/syft/pull/2270)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Introduce cataloger naming conventions
\[[#​1578](https://togithub.com/anchore/syft/issues/1578)
[#​2277](https://togithub.com/anchore/syft/pull/2277)
[@​wagoodman](https://togithub.com/wagoodman)]
- .NET / nuget - invalid SBOM generated after parsing
\[[#​2255](https://togithub.com/anchore/syft/issues/2255)
[#​2273](https://togithub.com/anchore/syft/pull/2273)
[@​spiffcs](https://togithub.com/spiffcs)]
- Wrong parsing after v0.85.0 syft for some components
\[[#​2241](https://togithub.com/anchore/syft/issues/2241)
[#​2273](https://togithub.com/anchore/syft/pull/2273)
[@​spiffcs](https://togithub.com/spiffcs)]
- SPDX-2.3 is misidentified as SPDX-2.2
\[[#​2112](https://togithub.com/anchore/syft/issues/2112)
[#​2186](https://togithub.com/anchore/syft/pull/2186)
[@​wagoodman](https://togithub.com/wagoodman)]
- Jar parser chokes on empty lines
\[[#​2179](https://togithub.com/anchore/syft/issues/2179)
[#​2254](https://togithub.com/anchore/syft/pull/2254)
[@​spiffcs](https://togithub.com/spiffcs)]
- Add a new Java configuration option to recursively search parent poms…
\[[#​2274](https://togithub.com/anchore/syft/pull/2274)
[@​coheigea](https://togithub.com/coheigea)]
- Fix directory resolver to always return virtual path
\[[#​2259](https://togithub.com/anchore/syft/pull/2259)
[@​wagoodman](https://togithub.com/wagoodman)]
- Syft can now handle the case of parsing a jar with multiple poms
\[[#​2231](https://togithub.com/anchore/syft/pull/2231)
[@​coheigea](https://togithub.com/coheigea)]
- Add ruby.NewGemSpecCataloger to DirectoryCatalogers
\[[#​1971](https://togithub.com/anchore/syft/pull/1971)
[@​evanchaoli](https://togithub.com/evanchaoli)]
##### Breaking Changes
- Introduce cataloger naming conventions
\[[#​1578](https://togithub.com/anchore/syft/issues/1578)
[#​2277](https://togithub.com/anchore/syft/pull/2277)
[@​wagoodman](https://togithub.com/wagoodman)]
- Remove MetadataType from the core package struct
\[[#​1735](https://togithub.com/anchore/syft/issues/1735)
[#​1983](https://togithub.com/anchore/syft/pull/1983)
[@​wagoodman](https://togithub.com/wagoodman)]
- Add convention for JSON metadata type names and port existing values
to the new convention
\[[#​1844](https://togithub.com/anchore/syft/issues/1844)
[#​1983](https://togithub.com/anchore/syft/pull/1983)
[@​wagoodman](https://togithub.com/wagoodman)]
- Remove deprecated syft.Format functions
\[[#​1344](https://togithub.com/anchore/syft/issues/1344)
[#​2186](https://togithub.com/anchore/syft/pull/2186)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Additional Changes
- Upgrade tool management
\[[#​2188](https://togithub.com/anchore/syft/pull/2188)
[@​wagoodman](https://togithub.com/wagoodman)]
- Fix homebrew post-release workflow
\[[#​2242](https://togithub.com/anchore/syft/pull/2242)
[@​wagoodman](https://togithub.com/wagoodman)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.94.0...v0.95.0)**
### [`v0.94.0`](https://togithub.com/anchore/syft/releases/tag/v0.94.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.93.0...v0.94.0)
##### Added Features
- Add additional license filenames
\[[#​2227](https://togithub.com/anchore/syft/pull/2227)
[@​coheigea](https://togithub.com/coheigea)]
- Parse donet dependency trees
\[[#​2143](https://togithub.com/anchore/syft/pull/2143)
[@​noqcks](https://togithub.com/noqcks)]
- Find license by embedded license text
\[[#​2147](https://togithub.com/anchore/syft/issues/2147)
[#​2213](https://togithub.com/anchore/syft/pull/2213)
[@​coheigea](https://togithub.com/coheigea)]
- Add support for dpkg dependency relationships
\[[#​2040](https://togithub.com/anchore/syft/issues/2040)
[#​2212](https://togithub.com/anchore/syft/pull/2212)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Bug Fixes
- Report errors to stderr not stdout
\[[#​2232](https://togithub.com/anchore/syft/pull/2232)
[@​wagoodman](https://togithub.com/wagoodman)]
- Python egg packages are not parsed for SBOM
\[[#​1761](https://togithub.com/anchore/syft/issues/1761)
[#​2239](https://togithub.com/anchore/syft/pull/2239)
[@​spiffcs](https://togithub.com/spiffcs)]
- Java archive is listed twice
\[[#​2130](https://togithub.com/anchore/syft/issues/2130)
[#​2220](https://togithub.com/anchore/syft/pull/2220)
[@​wagoodman](https://togithub.com/wagoodman)]
- Java archives not from Maven
\[[#​2217](https://togithub.com/anchore/syft/issues/2217)
[#​2220](https://togithub.com/anchore/syft/pull/2220)
[@​wagoodman](https://togithub.com/wagoodman)]
- Remove internal.StringSet
\[[#​2209](https://togithub.com/anchore/syft/issues/2209)
[#​2219](https://togithub.com/anchore/syft/pull/2219)
[@​wagoodman](https://togithub.com/wagoodman)]
- Invalid interface conversion in Swift cataloger
\[[#​2225](https://togithub.com/anchore/syft/issues/2225)
[#​2226](https://togithub.com/anchore/syft/pull/2226)
[@​wagoodman](https://togithub.com/wagoodman)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.93.0...v0.94.0)**
### [`v0.93.0`](https://togithub.com/anchore/syft/releases/tag/v0.93.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.92.0...v0.93.0)
##### Added Features
- Parse license from the pom.xml if not contained in the manifest
\[[#​2115](https://togithub.com/anchore/syft/pull/2115)
[@​coheigea](https://togithub.com/coheigea)]
- Add Golang STD library package given a Golang binary has been
discovered compiled with that go binary
\[[#​1853](https://togithub.com/anchore/syft/issues/1853)
[#​2195](https://togithub.com/anchore/syft/pull/2195)
[@​spiffcs](https://togithub.com/spiffcs)]
- Improve --output CLI help and deprecate --file
\[[#​2165](https://togithub.com/anchore/syft/issues/2165)
[#​2187](https://togithub.com/anchore/syft/pull/2187)
[@​sharief007](https://togithub.com/sharief007)]
##### Bug Fixes
- Converting a SBOM looses the algorithm type for added checksums
\[[#​2183](https://togithub.com/anchore/syft/issues/2183)
[#​2207](https://togithub.com/anchore/syft/pull/2207)
[@​sharief007](https://togithub.com/sharief007)]
##### Additional Changes
- Refine the docs for building a cataloger
\[[#​2175](https://togithub.com/anchore/syft/pull/2175)
[@​wagoodman](https://togithub.com/wagoodman)]
- update license list to 3.22
\[[#​2201](https://togithub.com/anchore/syft/pull/2201)
[@​spiffcs](https://togithub.com/spiffcs)]
- Add exact syntax of the conversion formats
\[[#​2196](https://togithub.com/anchore/syft/pull/2196)
[@​vargenau](https://togithub.com/vargenau)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.92.0...v0.93.0)**
### [`v0.92.0`](https://togithub.com/anchore/syft/releases/tag/v0.92.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.91.0...v0.92.0)
##### Added Features
- Support for multiple image refs of same sha in OCI layout
\[[#​1544](https://togithub.com/anchore/syft/issues/1544)]
##### Bug Fixes
- Generated purls are different between runs of syft against the same
image and artifact
\[[#​2169](https://togithub.com/anchore/syft/issues/2169)
[#​2170](https://togithub.com/anchore/syft/pull/2170)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
##### Additional Changes
- bump stereoscope to fix data race in UI code
\[[#​2173](https://togithub.com/anchore/syft/pull/2173)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.91.0...v0.92.0)**
### [`v0.91.0`](https://togithub.com/anchore/syft/releases/tag/v0.91.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.90.0...v0.91.0)
##### Added Features
- Add support for CycloneDX 1.5
\[[#​2120](https://togithub.com/anchore/syft/issues/2120)
[#​2123](https://togithub.com/anchore/syft/pull/2123)
[@​spiffcs](https://togithub.com/spiffcs)]
- Add support for containerd as an image source
\[[#​201](https://togithub.com/anchore/syft/issues/201)
[#​1793](https://togithub.com/anchore/syft/pull/1793)
[@​shanedell](https://togithub.com/shanedell)]
- Support cataloging github workflow & github action usages
\[[#​1896](https://togithub.com/anchore/syft/issues/1896)
[#​2140](https://togithub.com/anchore/syft/pull/2140)
[@​wagoodman](https://togithub.com/wagoodman)]
##### Bug Fixes
- Allow CycloneDX json input with no components
\[[#​2127](https://togithub.com/anchore/syft/pull/2127)
[@​ahoz](https://togithub.com/ahoz)]
- Prevent errors from clobbering terminal
\[[#​2161](https://togithub.com/anchore/syft/pull/2161)
[@​kzantow](https://togithub.com/kzantow)]
- Using syft as a go library to decode a syft json has incomplete data
\[[#​2069](https://togithub.com/anchore/syft/issues/2069)
[#​2083](https://togithub.com/anchore/syft/pull/2083)
[@​kzantow](https://togithub.com/kzantow)]
- SBOMs are not the same on multiple runs of syft
\[[#​1944](https://togithub.com/anchore/syft/issues/1944)]
##### Additional Changes
- Switch to stdlib's slices pkg
\[[#​2148](https://togithub.com/anchore/syft/pull/2148)
[@​hainenber](https://togithub.com/hainenber)]
- Remove unneeded arch switch in unit test
\[[#​2156](https://togithub.com/anchore/syft/pull/2156)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
- Update chronicle to v0.8.0
\[[#​2154](https://togithub.com/anchore/syft/pull/2154)
[@​wagoodman](https://togithub.com/wagoodman)]
- Update to latest stereoscope
\[[#​2151](https://togithub.com/anchore/syft/pull/2151)
[@​spiffcs](https://togithub.com/spiffcs)]
- Pin workflow checkout for cpe update-cpe-dictionary-index
\[[#​2141](https://togithub.com/anchore/syft/pull/2141)
[@​spiffcs](https://togithub.com/spiffcs)]
- Add dependency information to conan lockfile parser
\[[#​2131](https://togithub.com/anchore/syft/pull/2131)
[@​Pro](https://togithub.com/Pro)]
- Pin and update all workflow dependencies; add permission scopes
\[[#​2138](https://togithub.com/anchore/syft/pull/2138)
[@​spiffcs](https://togithub.com/spiffcs)]
- Enforce race detector
\[[#​2122](https://togithub.com/anchore/syft/pull/2122)
[@​willmurphyscode](https://togithub.com/willmurphyscode)]
**[(Full
Changelog)](https://togithub.com/anchore/syft/compare/v0.90.0...v0.91.0)**
### [`v0.90.0`](https://togithub.com/anchore/syft/releases/tag/v0.90.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.89.0...v0.90.0)
###
#### [v0.90.0](https://togithub.com/anchore/syft/tree/v0.90.0)
(2023-09-11)
[Full
Changelog](https://togithub.com/anchore/syft/compare/v0.89.0...v0.90.0)
##### Added Features
- Expose cobra command in cli package \[[PR
#​2097](https://togithub.com/anchore/syft/pull/2097)]
\[[wagoodman](https://togithub.com/wagoodman)]
- Explicitly test PURL generation against key packages \[[Issue
#​2071](https://togithub.com/anchore/syft/issues/2071)]
- Add User-Agent with Syft version during update check \[[Issue
#​2072](https://togithub.com/anchore/syft/issues/2072)] \[[PR
#​2100](https://togithub.com/anchore/syft/pull/2100)]
\[[hainenber](https://togithub.com/hainenber)]
##### Bug Fixes
- fix: correct group IDs for commons-codec, okhttp, okio, and add
integration tests for Java PURL generation \[[PR
#​2075](https://togithub.com/anchore/syft/pull/2075)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- Cyclonedx external reference URLs are not validated when encoding
\[[Issue #​2079](https://togithub.com/anchore/syft/issues/2079)]
\[[PR #​2091](https://togithub.com/anchore/syft/pull/2091)]
\[[hainenber](https://togithub.com/hainenber)]
##### Additional Changes
- Bump the golang.org/x/exp dependency and fix a build breakage. \[[PR
#​2088](https://togithub.com/anchore/syft/pull/2088)]
\[[dlorenc](https://togithub.com/dlorenc)]
- fix: update codeql-analysis for go 1.21 \[[PR
#​2108](https://togithub.com/anchore/syft/pull/2108)]
\[[spiffcs](https://togithub.com/spiffcs)]
### [`v0.89.0`](https://togithub.com/anchore/syft/releases/tag/v0.89.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.88.0...v0.89.0)
###
#### [v0.89.0](https://togithub.com/anchore/syft/tree/v0.89.0)
(2023-08-31)
[Full
Changelog](https://togithub.com/anchore/syft/compare/v0.88.0...v0.89.0)
##### Added Features
- Add registry certificate verification support \[[PR
#​1734](https://togithub.com/anchore/syft/pull/1734)]
\[[5p2O5pe25ouT](https://togithub.com/5p2O5pe25ouT)]
- Add SYFT_CONFIG environment variable for configuration file path
\[[Issue #​1986](https://togithub.com/anchore/syft/issues/1986)]
\[[PR #​2001](https://togithub.com/anchore/syft/pull/2001)]
\[[kzantow](https://togithub.com/kzantow)]
##### Bug Fixes
- Fix quiet flag \[[PR
#​2081](https://togithub.com/anchore/syft/pull/2081)]
\[[wagoodman](https://togithub.com/wagoodman)]
- Command line flags not overriding configuration file values \[[Issue
#​1143](https://togithub.com/anchore/syft/issues/1143)] \[[PR
#​2001](https://togithub.com/anchore/syft/pull/2001)]
\[[kzantow](https://togithub.com/kzantow)]
- Django package CPE is not correct \[[Issue
#​1298](https://togithub.com/anchore/syft/issues/1298)] \[[PR
#​2068](https://togithub.com/anchore/syft/pull/2068)]
\[[witchcraze](https://togithub.com/witchcraze)]
- Config parsing includes `config.yaml` in working dir \[[Issue
#​1634](https://togithub.com/anchore/syft/issues/1634)] \[[PR
#​2001](https://togithub.com/anchore/syft/pull/2001)]
\[[kzantow](https://togithub.com/kzantow)]
- Fix a possible panic on universal go binaries \[[Issue
#​2073](https://togithub.com/anchore/syft/issues/2073)] \[[PR
#​2078](https://togithub.com/anchore/syft/pull/2078)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- Disabling catalogers is not working in power user command \[[Issue
#​2074](https://togithub.com/anchore/syft/issues/2074)] \[[PR
#​2001](https://togithub.com/anchore/syft/pull/2001)]
\[[kzantow](https://togithub.com/kzantow)]
- Virtual path changes to java cataloger causing creation of extra
incorrect packages when jars are renamed \[[Issue
#​2077](https://togithub.com/anchore/syft/issues/2077)] \[[PR
#​2080](https://togithub.com/anchore/syft/pull/2080)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
### [`v0.88.0`](https://togithub.com/anchore/syft/releases/tag/v0.88.0)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.87.1...v0.88.0)
###
#### [v0.88.0](https://togithub.com/anchore/syft/tree/v0.88.0)
(2023-08-25)
[Full
Changelog](https://togithub.com/anchore/syft/compare/v0.87.1...v0.88.0)
##### Added Features
- Detect golang boring crypto and fipsonly modules \[[PR
#​2021](https://togithub.com/anchore/syft/pull/2021)]
\[[bathina2](https://togithub.com/bathina2)]
- feat: 1944 - update purl generation to use a consistent groupID \[[PR
#​2033](https://togithub.com/anchore/syft/pull/2033)]
\[[spiffcs](https://togithub.com/spiffcs)]
- Add support to detect bash binaries \[[Issue
#​1963](https://togithub.com/anchore/syft/issues/1963)] \[[PR
#​2055](https://togithub.com/anchore/syft/pull/2055)]
\[[witchcraze](https://togithub.com/witchcraze)]
##### Bug Fixes
- fix: properly parse conan ref and include user and channel \[[PR
#​2034](https://togithub.com/anchore/syft/pull/2034)]
\[[Pro](https://togithub.com/Pro)]
- New version notice only showing the version and no text \[[PR
#​2042](https://togithub.com/anchore/syft/pull/2042)]
\[[wagoodman](https://togithub.com/wagoodman)]
- Fix: don't validate pom declared group \[[PR
#​2054](https://togithub.com/anchore/syft/pull/2054)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- Errors when handling symlinks on Windows with syft v0.85.0 \[[Issue
#​1950](https://togithub.com/anchore/syft/issues/1950)] \[[PR
#​2051](https://togithub.com/anchore/syft/pull/2051)]
\[[selzoc](https://togithub.com/selzoc)]
- Syft seems unable to parse non UTF-8 pom.xml files \[[Issue
#​2044](https://togithub.com/anchore/syft/issues/2044)] \[[PR
#​2047](https://togithub.com/anchore/syft/pull/2047)]
\[[wagoodman](https://togithub.com/wagoodman)]
- Error parsing pom.xml with v0.87.1 \[[Issue
#​2060](https://togithub.com/anchore/syft/issues/2060)] \[[PR
#​2064](https://togithub.com/anchore/syft/pull/2064)]
\[[willmurphyscode](https://togithub.com/willmurphyscode)]
- Invalid CycloneDX: duplicates in relationships section \[[Issue
#​2062](https://togithub.com/anchore/syft/issues/2062)] \[[PR
#​2063](https://togithub.com/anchore/syft/pull/2063)]
\[[kzantow](https://togithub.com/kzantow)]
### [`v0.87.1`](https://togithub.com/anchore/syft/releases/tag/v0.87.1)
[Compare
Source](https://togithub.com/anchore/syft/compare/v0.87.0...v0.87.1)
###
#### [v0.87.1](https://togithub.com/anchore/syft/tree/v0.87.1)
(2023-08-17)
[Full
Changelog](https://togithub.com/anchore/syft/compare/v0.87.0...v0.87.1)
##### Bug Fixes
- Use Java package names to determine known groupIDs \[[PR
#​2032](https://togithub.com/anchore/syft/pull/2032)]
\[[kzantow](https://togithub.com/kzantow)]
- Relationships section of CycloneDX is not outputting even when the
data is present \[[Issue
#​1972](https://togithub.com/anchore/syft/issues/1972)] \[[PR
#​1974](https://togithub.com/anchore/syft/pull/1974)]
\[[markgalpin](https://togithub.com/markgalpin)]
\[[kzantow](https://togithub.com/kzantow)]
- SPDX Tag-Value conversion not handling files directly set on packages
\[[Issue #​2013](https://togithub.com/anchore/syft/issues/2013)]
\[[PR #​2014](https://togithub.com/anchore/syft/pull/2014)]
\[[kzantow](https://togithub.com/kzantow)]
- Intermittent binary listings, different results every time \[[Issue
#​2035](https://togithub.com/anchore/syft/issues/2035)] \[[PR
#​2036](https://togithub.com/anchore/syft/pull/2036)]
\[[kzantow](https://togithub.com/kzantow)]
</details>
<details>
<summary>charmbracelet/gum (charmbracelet/gum)</summary>
###
[`v0.13.0`](https://togithub.com/charmbracelet/gum/releases/tag/v0.13.0)
[Compare
Source](https://togithub.com/charmbracelet/gum/compare/v0.12.0...v0.13.0)
#### Changelog
##### New Features
Add `--select-if-one` flag to `gum choose` and `gum filter`.
```bash
> gum choose --select-if-one "option"
> option
```
-
[`fb6849c`](https://togithub.com/charmbracelet/gum/commit/fb6849ca163779e5fa33786568b78592f433470a):
`--select-if-one` flag to `choose`/`filter`.
([#​398](https://togithub.com/charmbracelet/gum/issues/398))
([@​kennyp](https://togithub.com/kennyp))
##### Bug fixes
-
[`5c65944`](https://togithub.com/charmbracelet/gum/commit/5c65944c66156df9eeba7fe742d6837e7869292d):
(fix): ShowOutput flag displays in realtime
([#​405](https://togithub.com/charmbracelet/gum/issues/405))
([@​hopefulTex](https://togithub.com/hopefulTex))
***
<details>
<summary>Verifying the artifacts</summary>
First, download the [`checksums.txt`
file](https://togithub.com/charmbracelet/gum/releases/download/0.13.0/checksums.txt),
for example, with `wget`:
```bash
wget 'https://github.com/charmbracelet/gum/releases/download/v0.13.0/checksums.txt'
```
Then, verify it using [`cosign`](https://togithub.com/sigstore/cosign):
```bash
cosign verify-blob \
--certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--cert 'https://github.com/charmbracelet/gum/releases/download/v0.13.0/checksums.txt.pem' \
--signature 'https://github.com/charmbracelet/gum/releases/download/v0.13.0/checksums.txt.sig' \
./checksums.txt
```
If the output is `Verified OK`, you can safely use it to verify the
checksums of other artifacts you downloaded from the release using
`sha256sum`:
```bash
sha256sum --ignore-missing -c checksums.txt
```
Done! You artifacts are now verified!
</details>
<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>
Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.technology/@​charm), or on
[Discord](https://charm.sh/chat).
###
[`v0.12.0`](https://togithub.com/charmbracelet/gum/releases/tag/v0.12.0)
[Compare
Source](https://togithub.com/charmbracelet/gum/compare/v0.11.0...v0.12.0)
### Gum Log 🪵
Version 0.12.0 of gum features a brand new `log` command. Gum `log` logs
messages to the terminal at using different levels and styling using the
[`charmbracelet/log`](https://togithub.com/charmbracelet/log) library.
To get started, simply run:
gum log
```bash
### Log some debug information.
gum log --structured --level debug "Creating file..." name file.txt
### DEBUG Unable to create file. name=temp.txt
### Log some error.
gum log --structured --level error "Unable to create file." name file.txt
### ERROR Unable to create file. name=temp.txt
```
See [`charmbracelet/log`](https://togithub.com/charmbracelet/log) for
more usage.
<img src="https://vhs.charm.sh/vhs-6jupuFM0s2fXiUrBE0I1vU.gif"
width="600" alt="Running gum log with debug and error levels" />
#### What's Changed
- Pretty Table Print by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/436](https://togithub.com/charmbracelet/gum/pull/436)
- Log command by
[@​aymanbagabas](https://togithub.com/aymanbagabas) in
[https://github.com/charmbracelet/gum/pull/449](https://togithub.com/charmbracelet/gum/pull/449)
- Avoid reading from stdin if `--value` is being used by
[@​piero-vic](https://togithub.com/piero-vic) in
[https://github.com/charmbracelet/gum/pull/448](https://togithub.com/charmbracelet/gum/pull/448)
- Made filter work with lists as choose by
[@​MikaelFangel](https://togithub.com/MikaelFangel) in
[https://github.com/charmbracelet/gum/pull/424](https://togithub.com/charmbracelet/gum/pull/424)
#### New Contributors
- [@​cglong](https://togithub.com/cglong) made their first
contribution in
[https://github.com/charmbracelet/gum/pull/401](https://togithub.com/charmbracelet/gum/pull/401)
- [@​docwhat](https://togithub.com/docwhat) made their first
contribution in
[https://github.com/charmbracelet/gum/pull/433](https://togithub.com/charmbracelet/gum/pull/433)
- [@​piero-vic](https://togithub.com/piero-vic) made their first
contribution in
[https://github.com/charmbracelet/gum/pull/448](https://togithub.com/charmbracelet/gum/pull/448)
**Full Changelog**:
https://github.com/charmbracelet/gum/compare/v0.11.0...v0.12.0
***
<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>
Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.technology/@​charm), or on
[Discord](https://charm.sh/chat).
</details>
<details>
<summary>charmbracelet/vhs (charmbracelet/vhs)</summary>
###
[`v0.7.1`](https://togithub.com/charmbracelet/vhs/releases/tag/v0.7.1)
[Compare
Source](https://togithub.com/charmbracelet/vhs/compare/v0.7.0...v0.7.1)
### Freeze Frame ❄️ 📸
With VHS `v0.7.0`, you can capture the any moment during tape execution.
Just add in `Screenshot <filename>.png` to your tapes:
```elixir
Type ls
Enter
### Capture the output of 'ls'
Screenshot files.png
### Now, continue as you normally would
Type 'cd ..'
Enter
```
Your tape outputs a GIF, and outputs a file named `files.png`.
##### Copy-Paste Functionality!
VHS can now talk to your system clipboard. Please keep this in mind when
executing tapes from unknown sources.
> \[!WARNING]
> You should never `curl` pipe into VHS, it's similar to executing a
bash script on your computer!
```elixir
Copy "https://github.com/charmbracelet/huh"
Type 'curl '
Paste
Enter
```
#### New Modifiers + Keys Alert!
VHS `v0.7.0` has some new additions: introducing the top level `Shift+`
modifier and the `Insert` + `Delete` keys!
```elixir
### Shift things up a bit!
Shift+A
Shift+Tab
Shift+Enter
### Insert and delete to your hearts desire:
Insert
Delete
```
***
<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>
Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.social/@​charmcli), or
[Discord](https://charm.sh/chat).
###
[`v0.7.0`](https://togithub.com/charmbracelet/vhs/releases/tag/v0.7.0)
[Compare
Source](https://togithub.com/charmbracelet/vhs/compare/v0.6.0...v0.7.0)
### Freeze Frame ❄️ 📸
With VHS `v0.7.0`, you can capture the any moment during tape execution.
Just add in `Screenshot <filename>.png` to your tapes:
```elixir
Type ls
Enter
### Capture the output of 'ls'
Screenshot files.png
### Now, continue as you normally would
Type 'cd ..'
Enter
```
Your tape outputs a GIF, and outputs a file named `files.png`.
##### Copy-Paste Functionality!
VHS can now talk to your system clipboard. Please keep this in mind when
executing tapes from unknown sources.
> \[!WARNING]
> You should never `curl` pipe into VHS, it's similar to executing a
bash script on your computer!
```elixir
Copy "https://github.com/charmbracelet/huh"
Type 'curl '
Paste
Enter
```
#### New Modifiers + Keys Alert!
VHS `v0.7.0` has some new additions: introducing the top level `Shift+`
modifier and the `Insert` + `Delete` keys!
```elixir
### Shift things up a bit!
Shift+A
Shift+Tab
Shift+Enter
### Insert and delete to your hearts desire:
Insert
Delete
```
***
<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>
Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.social/@​charmcli), or
[Discord](https://charm.sh/chat).
</details>
<details>
<summary>direnv/direnv (direnv/direnv)</summary>
### [`v2.33.0`](https://togithub.com/direnv/direnv/releases/tag/v2.33.0)
[Compare
Source](https://togithub.com/direnv/direnv/compare/v2.32.3...v2.33.0)
- doc: add a Nushell section to `hook.md` by
[@​amtoine](https://togithub.com/amtoine) in
[https://github.com/direnv/direnv/pull/1175](https://togithub.com/direnv/direnv/pull/1175)
- doc: fix broken links in installation.md by
[@​just1602](https://togithub.com/just1602) in
[https://github.com/direnv/direnv/pull/1110](https://togithub.com/direnv/direnv/pull/1110)
- doc: show how to run tests by
[@​bukzor-sentryio](https://togithub.com/bukzor-sentryio) in
[https://github.com/direnv/direnv/pull/1137](https://togithub.com/direnv/direnv/pull/1137)
- doc: update NixOS installation instructions by
[@​Gerg-L](https://togithub.com/Gerg-L) in
[https://github.com/direnv/direnv/pull/1172](https://togithub.com/direnv/direnv/pull/1172)
- doc: update direnv.toml.1.md by
[@​Ativerc](https://togithub.com/Ativerc) in
[https://github.com/direnv/direnv/pull/1099](https://togithub.com/direnv/direnv/pull/1099)
- feat: `direnv status --json` by
[@​shivaraj-bh](https://togithub.com/shivaraj-bh) in
[https://github.com/direnv/direnv/pull/1142](https://togithub.com/direnv/direnv/pull/1142)
- feat: add PowerShell Support by
[@​bamsammich](https://togithub.com/bamsammich) in
[https://github.com/direnv/direnv/pull/1171](https://togithub.com/direnv/direnv/pull/1171)
- feat: add mergify configuration by
[@​Mic92](https://togithub.com/Mic92) in
[https://github.com/direnv/direnv/pull/1147](https://togithub.com/direnv/direnv/pull/1147)
- feat: add support for armv7l platform in install.sh by
[@​ardje](https://togithub.com/ardje) in
[https://github.com/direnv/direnv/pull/1162](https://togithub.com/direnv/direnv/pull/1162)
- feat: add watch print command by
[@​Mic92](https://togithub.com/Mic92) in
[https://github.com/direnv/direnv/pull/1198](https://togithub.com/direnv/direnv/pull/1198)
- feat: alias `direnv disallow` to deny by
[@​will](https://togithub.com/will) in
[https://github.com/direnv/direnv/pull/1182](https://togithub.com/direnv/direnv/pull/1182)
- feat: stdlib: create CACHEDIR.TAG inside .direnv by
[@​Mic92](https://togithub.com/Mic92) in
[https://github.com/direnv/direnv/pull/1148](https://togithub.com/direnv/direnv/pull/1148)
- fix: `allowPath` for `LoadedRC` by
[@​shivaraj-bh](https://togithub.com/shivaraj-bh) in
[https://github.com/direnv/direnv/pull/1157](https://togithub.com/direnv/direnv/pull/1157)
- fix: don't prompt to allow if user explicitly denied by
[@​Gabriella439](https://togithub.com/Gabriella439) in
[https://github.com/direnv/direnv/pull/1158](https://togithub.com/direnv/direnv/pull/1158)
- fix: man/direnv-stdlib: fix obsolete opam-env example by
[@​mzacho](https://togithub.com/mzacho) in
[https://github.com/direnv/direnv/pull/1170](https://togithub.com/direnv/direnv/pull/1170)
- fix: print correct path in source_env log message by
[@​wentasah](https://togithub.com/wentasah) in
[https://github.com/direnv/direnv/pull/1144](https://togithub.com/direnv/direnv/pull/1144)
- fix: quote tcsh $PATH, to avoid failure on whitespace by
[@​bukzor-sentryio](https://togithub.com/bukzor-sentryio) in
[https://github.com/direnv/direnv/pull/1139](https://togithub.com/direnv/direnv/pull/1139)
- fix: remove redundant nil check in `CommandsDispatch` by
[@​Juneezee](https://togithub.com/Juneezee) in
[https://github.com/direnv/direnv/pull/1166](https://togithub.com/direnv/direnv/pull/1166)
- fix: update nixpkgs and shellcheck by
[@​Mic92](https://togithub.com/Mic92) in
[https://github.com/direnv/direnv/pull/1146](https://togithub.com/direnv/direnv/pull/1146)
</details>
<details>
<summary>golang/go (golang/go)</summary>
###
[`v1.21.5`](https://togithub.com/golang/go/compare/go1.21.4...go1.21.5)
[Compare
Source](https://togithub.com/golang/go/compare/go1.21.4...go1.21.5)
###
[`v1.21.4`](https://togithub.com/golang/go/compare/go1.21.3...go1.21.4)
[Compare
Source](https://togithub.com/golang/go/compare/go1.21.3...go1.21.4)
###
[`v1.21.3`](https://togithub.com/golang/go/compare/go1.21.2...go1.21.3)
[Compare
Source](https://togithub.com/golang/go/compare/go1.21.2...go1.21.3)
###
[`v1.21.2`](https://togithub.com/golang/go/compare/go1.21.1...go1.21.2)
[Compare
Source](https://togithub.com/golang/go/compare/go1.21.1...go1.21.2)
###
[`v1.21.1`](https://togithub.com/golang/go/compare/go1.21.0...go1.21.1)
[Compare
Source](https://togithub.com/golang/go/compare/go1.21.0...go1.21.1)
</details>
<details>
<summary>goreleaser/goreleaser (goreleaser/goreleaser)</summary>
###
[`v1.22.1`](https://togithub.com/goreleaser/goreleaser/releases/tag/v1.22.1)
[Compare
Source](https://togithub.com/goreleaser/goreleaser/compare/v1.22.0...v1.22.1)
#### Changelog
##### Bug fixes
-
[`e33d053`](https://togithub.com/goreleaser/goreleaser/commit/e33d0536129abeee90f46fbde5950403ba37cee1):
fix: --single-target when no match
([@​caarlos0](https://togithub.com/caarlos0))
-
[`c0b2be3`](https://togithub.com/goreleaser/goreleaser/commit/c0b2be344fca8c66fda35391ca76d9c3ca9753c8):
fix: handle configs with no explicit targets on --single-target
([@​caarlos0](https://togithub.com/caarlos0))
##### Build process updates
-
[`4f17fba`](https://togithub.com/goreleaser/goreleaser/commit/4f17fba173ec6d8feb93b15607fc692dd2b64533):
build: fix setup-task rate limit
([@​caarlos0](https://togithub.com/caarlos0))
-
[`be9ad4d`](https://togithub.com/goreleaser/goreleaser/commit/be9ad4d47dd09c218c8fd32b321a99ff7eb5956d):
build: update workflow
([@​caarlos0](https://togithub.com/caarlos0))
**Full Changelog**:
https://github.com/goreleaser/goreleaser/compare/v1.22.0...v1.22.1
#### Helping out
This release is only possible thanks to **all** the support of some
**awesome people**!
Want to be one of them?
You can [sponsor](https://goreleaser.com/sponsors/), get a [Pro
License](https://goreleaser.com/pro) or [contribute with
code](https://goreleaser.com/contributing).
#### Where to go next?
- Find
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "every weekday" (UTC), Automerge - At
any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41Mi4wIiwidXBkYXRlZEluVmVyIjoiMzcuNTIuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently,
gum inputreads from stdin even if we set a value with the--valueflag. This can cause some issues if we are piping a script into a shell ($ cat script.sh | bash) as seen in #447.Changes
--valueis being usedgum inputwould not read from stdin.