Skip to content

chore: bump stereoscope to latest version#1741

Merged
westonsteimel merged 4 commits intomainfrom
bump-stereoscope
Apr 18, 2023
Merged

chore: bump stereoscope to latest version#1741
westonsteimel merged 4 commits intomainfrom
bump-stereoscope

Conversation

@westonsteimel
Copy link
Copy Markdown
Contributor

@westonsteimel westonsteimel commented Apr 17, 2023

Resolves reporting of GHSA-hw7c-3rfg-p46j

@westonsteimel
chore: bump stereoscope to latest version
2104050 
Resolves reporting of GHSA-hw7c-3rfg-p46j

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
@westonsteimel
Copy link
Copy Markdown
Contributor Author

westonsteimel commented Apr 17, 2023

I'm unsure why the stereoscope PR workflow isn't creating this one

@westonsteimel westonsteimel enabled auto-merge (squash) April 17, 2023 08:36
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 17, 2023
edited
Loading

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
goos: linux%0Agoarch: amd64%0Apkg: github.com/anchore/syft/test/integration%0Acpu: Intel(R) Xeon(R) Platinum 8171M CPU @ 2.60GHz%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │            sec/op            │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   14.32m ±  3%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             1.100m ±  3%25%0AImagePackageCatalogers/python-package-cataloger-2                           3.814m ±  4%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   940.3µ ±  1%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       484.6µ ±  2%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   708.9µ ±  1%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   638.0µ ± 21%25%0AImagePackageCatalogers/java-cataloger-2                                     16.01m ±  2%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     108.6µ ±  2%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    763.2µ ±  3%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         111.4µ ±  2%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              1.483m ±  3%25%0AImagePackageCatalogers/portage-cataloger-2                                  469.1µ ±  1%25%0AImagePackageCatalogers/nix-store-cataloger-2                                334.0µ ±  2%25%0AImagePackageCatalogers/sbom-cataloger-2                                     143.6µ ±  1%25%0AImagePackageCatalogers/binary-cataloger-2                                   252.9µ ±  1%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                             61.29m ±  6%25%0Ageomean                                                                     996.8µ%0A%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │             B/op             │%0AImagePackageCatalogers/alpmdb-cataloger-2                                   5.067Mi ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                             140.1Ki ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                           982.6Ki ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                   180.1Ki ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                       98.63Ki ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                   169.8Ki ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                   178.1Ki ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                     2.784Mi ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                     8.750Ki ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                    145.2Ki ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                         10.06Ki ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                              409.9Ki ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                  85.91Ki ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                48.91Ki ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                     14.20Ki ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                   31.95Ki ± 0%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                             62.65Mi ± 0%25%0Ageomean                                                                     192.8Ki%0A%0A                                                          │ ./.tmp/benchmark-c3d2a94.txt │%0A                                                          │          allocs/op           │%0AImagePackageCatalogers/alpmdb-cataloger-2                                    86.83k ± 0%25%0AImagePackageCatalogers/ruby-gemspec-cataloger-2                              2.280k ± 0%25%0AImagePackageCatalogers/python-package-cataloger-2                            15.94k ± 0%25%0AImagePackageCatalogers/php-composer-installed-cataloger-2                    3.796k ± 0%25%0AImagePackageCatalogers/javascript-package-cataloger-2                        1.321k ± 0%25%0AImagePackageCatalogers/dpkgdb-cataloger-2                                    2.989k ± 0%25%0AImagePackageCatalogers/rpm-db-cataloger-2                                    3.876k ± 0%25%0AImagePackageCatalogers/java-cataloger-2                                      39.46k ± 0%25%0AImagePackageCatalogers/graalvm-native-image-cataloger-2                       228.0 ± 0%25%0AImagePackageCatalogers/apkdb-cataloger-2                                     3.667k ± 0%25%0AImagePackageCatalogers/go-module-binary-cataloger-2                           281.0 ± 0%25%0AImagePackageCatalogers/dotnet-deps-cataloger-2                               6.326k ± 0%25%0AImagePackageCatalogers/portage-cataloger-2                                   1.660k ± 0%25%0AImagePackageCatalogers/nix-store-cataloger-2                                  884.0 ± 0%25%0AImagePackageCatalogers/sbom-cataloger-2                                       394.0 ± 0%25%0AImagePackageCatalogers/binary-cataloger-2                                     896.0 ± 0%25%0AImagePackageCatalogers/linux-kernel-cataloger-2                              2.796k ± 0%25%0Ageomean                                                                      2.649k

@westonsteimel
Copy link
Copy Markdown
Contributor Author

westonsteimel commented Apr 17, 2023
edited
Loading

I'm unsure why the stereoscope PR workflow isn't creating this one

Nevermind, it did create #1732, I just didn't find it before for some reason

@spiffcs
Merge branch 'main' into bump-stereoscope
6893f6d 
* main:
  Fix kernel cataloger test fixtures (#1742)
@spiffcs spiffcs mentioned this pull request Apr 17, 2023
Closed
spiffcs added 2 commits April 18, 2023 10:31
@spiffcs
Merge branch 'main' into bump-stereoscope
5671761 
* main:
  chore(deps): update bootstrap tools to latest versions (#1744)
  chore(deps): bump github.com/docker/docker (#1746)
  Create consul binary classifier (#1738)
  chore(deps): update bootstrap tools to latest versions (#1740)
@spiffcs
chore: redact ModTime from tested values
dd0db2c 
anchore/stereoscope@3282bc0
The above commit preserved time and updated the stereoscope linking strategy

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@westonsteimel westonsteimel merged commit ee80349 into main Apr 18, 2023
@westonsteimel westonsteimel deleted the bump-stereoscope branch April 18, 2023 15:44
This was referenced Apr 24, 2023
Closed
Closed
Merged
Closed
Closed
spiffcs added a commit that referenced this pull request Apr 24, 2023
@spiffcs
Merge branch 'main' into 1577-license-revamp
d2c7792 
* main:
  Add sections of interest for Gemfile.lock cataloger (#1749)
  fix: update cache.fingerprint file to java-builds dir (#1748)
  Add ALPM Metadata to CYCLONEDX and SPDX output formats (#1747)
  chore: bump stereoscope to latest version (#1741)
  chore(deps): update bootstrap tools to latest versions (#1744)
  chore(deps): bump github.com/docker/docker (#1746)
  Create consul binary classifier (#1738)
  chore(deps): update bootstrap tools to latest versions (#1740)

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@dependabot dependabot Bot mentioned this pull request Apr 24, 2023
Closed
This was referenced May 8, 2023
Closed
Merged
Closed
Closed
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@westonsteimel
chore: bump stereoscope to latest version (anchore#1741)
f719116 
Resolves reporting of GHSA-hw7c-3rfg-p46j

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@spiffcs spiffcs spiffcs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@westonsteimel @spiffcs