From bb3e7dc70651ced98ce37b18732d520e23da329a Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Thu, 31 Aug 2023 17:08:21 +0000 Subject: [PATCH 1/2] grype/0.66.0 package update --- grype.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/grype.yaml b/grype.yaml index 9fdeedaf7ea..6b3b6087b16 100644 --- a/grype.yaml +++ b/grype.yaml @@ -1,6 +1,6 @@ package: name: grype - version: 0.65.2 + version: 0.66.0 epoch: 0 description: Vulnerability scanner for container images, filesystems, and SBOMs copyright: @@ -17,7 +17,7 @@ pipeline: - uses: fetch with: uri: https://github.com/anchore/grype/archive/v${{package.version}}/grype-${{package.version}}.tar.gz - expected-sha512: 6971be4ee08407feb40474164e2b33d8f864e7171256ca9d9615ed3690eca8210820e89c8671864e416624057086a1f25fe0fb287dedcff2c865876cf7346bde + expected-sha512: 5569c02ac6ec93922aa0f8d1f107461cb4768f93bf74276f0cff38c623f595a202c8a48baa3e415cde09715b28dc5d9b8f53b984a6d2263244722fe9ae40fa3c - runs: | CGO_ENABLED=0 go build \ From 36d363c09293a882c68d57fb67b7bbca8e50048b Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Thu, 31 Aug 2023 18:15:05 -0700 Subject: [PATCH 2/2] grype: run go mod tidy Signed-off-by: Ariadne Conill --- grype.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/grype.yaml b/grype.yaml index 6b3b6087b16..a74845056c5 100644 --- a/grype.yaml +++ b/grype.yaml @@ -19,6 +19,10 @@ pipeline: uri: https://github.com/anchore/grype/archive/v${{package.version}}/grype-${{package.version}}.tar.gz expected-sha512: 5569c02ac6ec93922aa0f8d1f107461cb4768f93bf74276f0cff38c623f595a202c8a48baa3e415cde09715b28dc5d9b8f53b984a6d2263244722fe9ae40fa3c + # Update go.mod files, which are apparently stale in the 0.66.0 release + - runs: | + go mod tidy + - runs: | CGO_ENABLED=0 go build \ -ldflags "-s -w -X github.com/anchore/grype/internal/version.version=${{package.version}}" \