Received: by mail.netbsd.org (Postfix, from userid 605) id 3B44E84DC2; Tue, 3 Jan 2023 14:42:56 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 6C51384CDC for ; Tue, 3 Jan 2023 14:42:55 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 4a0xDhbMUn74 for ; Tue, 3 Jan 2023 14:42:54 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id 3768B84CD9 for ; Tue, 3 Jan 2023 14:42:54 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 304FEFA90; Tue, 3 Jan 2023 14:42:54 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_167275697416620" MIME-Version: 1.0 Date: Tue, 3 Jan 2023 14:42:54 +0000 From: "Thomas Klausner" Subject: CVS commit: pkgsrc/devel/syft To: pkgsrc-changes@NetBSD.org Reply-To: wiz@netbsd.org X-Mailer: log_accum Message-Id: <20230103144254.304FEFA90@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_167275697416620 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: wiz Date: Tue Jan 3 14:42:54 UTC 2023 Modified Files: pkgsrc/devel/syft: Makefile distinfo go-modules.mk Removed Files: pkgsrc/devel/syft/patches: patch-internal_ui_ephemeral__terminal__ui.go patch-internal_ui_etui__event__handlers.go patch-internal_ui_select.go patch-syft_pkg_cataloger_python_parse__requirements.go patch-syft_source_file__details.go Log Message: syft: update to 0.64.0. Added Features License parsing for Java [PR #1385] Integration or association of binary and package [Issue #1411] Include go.sum h1 digest information in checksums [Issue #1277] Bug Fixes Clean package names found in python catalogers [PR #1417] [wagoodman] FilesAnalyzed wrong and missing SHA1 for files [Issue #1396] Binary executables identified as "library" type in CycloneDX [Issue #1402] Excessive "unable to read golang buildinfo error=not a Go executable file" warnings in versions after v0.62.1 [Issue #1403] Binary java detection [Issue #1410] To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 pkgsrc/devel/syft/Makefile cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/syft/distinfo cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/syft/go-modules.mk cvs rdiff -u -r1.1 -r0 \ pkgsrc/devel/syft/patches/patch-internal_ui_ephemeral__terminal__ui.go \ pkgsrc/devel/syft/patches/patch-internal_ui_etui__event__handlers.go \ pkgsrc/devel/syft/patches/patch-internal_ui_select.go \ pkgsrc/devel/syft/patches/patch-syft_pkg_cataloger_python_parse__requirements.go \ pkgsrc/devel/syft/patches/patch-syft_source_file__details.go Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_167275697416620 Content-Disposition: inline Content-Length: 11835 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/devel/syft/Makefile diff -u pkgsrc/devel/syft/Makefile:1.4 pkgsrc/devel/syft/Makefile:1.5 --- pkgsrc/devel/syft/Makefile:1.4 Sun Dec 25 18:11:03 2022 +++ pkgsrc/devel/syft/Makefile Tue Jan 3 14:42:53 2023 @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.4 2022/12/25 18:11:03 wiz Exp $ +# $NetBSD: Makefile,v 1.5 2023/01/03 14:42:53 wiz Exp $ -DISTNAME= syft-0.63.0 -PKGREVISION= 1 +DISTNAME= syft-0.64.0 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GITHUB:=anchore/} GITHUB_TAG= v${PKGVERSION_NOREV} Index: pkgsrc/devel/syft/distinfo diff -u pkgsrc/devel/syft/distinfo:1.2 pkgsrc/devel/syft/distinfo:1.3 --- pkgsrc/devel/syft/distinfo:1.2 Fri Dec 23 10:03:39 2022 +++ pkgsrc/devel/syft/distinfo Tue Jan 3 14:42:53 2023 @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.2 2022/12/23 10:03:39 wiz Exp $ +$NetBSD: distinfo,v 1.3 2023/01/03 14:42:53 wiz Exp $ BLAKE2s (4d63.com_gochecknoglobals_@v_v0.1.0.mod) = 44ce95e05c9f2bda0bad21d1c5df80fe04aa5a58d27d291a71c539fa5417c4b0 SHA512 (4d63.com_gochecknoglobals_@v_v0.1.0.mod) = fed1482cc4df3b59a2d9a2cb927c867779fdaa8428e4323ea1c063df61c66274e2d9a05230b7d827ba7c36d15fcbf575d617f2bae9109332acce4c5f82573655 @@ -450,12 +450,12 @@ Size (github.com__burnt_sushi_toml_@v_v0 BLAKE2s (github.com__burnt_sushi_xgb_@v_v0.0.0-20160522181843-27f122750802.mod) = 3aae55f1e64baee0b056bf90360c33c65231ecbd5a3a924ef9926aa6696b8ca1 SHA512 (github.com__burnt_sushi_xgb_@v_v0.0.0-20160522181843-27f122750802.mod) = dbfa64ac31b25fdbff12110c6f9815abfde65f281e40852e7165499a2cefb6656c74fe0b82f0f018304daa02b83b421e9c15654efabad39787c69c1b2996a79d Size (github.com__burnt_sushi_xgb_@v_v0.0.0-20160522181843-27f122750802.mod) = 33 bytes -BLAKE2s (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.mod) = 5347440142f93fe506859c63cfc59e144f04a573580ffd03e95b142bb6cf8288 -SHA512 (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.mod) = 7a859fb6bf691a3905061bfce928d8c7f08bf4faf1e4272de9d332eede5db05a210cbad8a1d37c0c50ee86f471f3ebd58fc25baa9c2a728e36eeab4d859200ea -Size (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.mod) = 289 bytes -BLAKE2s (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.zip) = 8fd072838c3b40cc7575e5f9e0d9a1705a242ba15bc496b59b6648828f7fc28d -SHA512 (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.zip) = 2359def0338225f34cc5af5b68bd8dccc032843290d40d425463d775bf61c8bd089912fa03cbfb963315b50d411e2799dbf072ab2a53013bcbd346319240b87c -Size (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.0.zip) = 188541 bytes +BLAKE2s (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.mod) = c0e40294659c21988e67656b122a94202a7e3031e51b7d38f2c6ed5ac9bfc4c0 +SHA512 (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.mod) = b57f895f43c6e9e37724d69100563e052f1b77e86b399281bb46f703d7cb331f6eb3869867acc9adcda7b77e47fb5aba3cfc3b877d054d8b372ad4066ceb1803 +Size (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.mod) = 289 bytes +BLAKE2s (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.zip) = 961e83baa035f864b5c5323c4465660a7f12711f8c09bb3723c3bf9b00b82942 +SHA512 (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.zip) = 4ddac8927f36cdc8d03d0222b1c7f756796943696effeb6de1073ad8ee157b9a6614f1f17bac88f670bed1e3340155d87e15a50ff23df3a999d6dbb9bcf80953 +Size (github.com__cyclone_d_x_cyclonedx-go_@v_v0.7.1-0.20221222100750-41a1ac565cce.zip) = 198942 bytes BLAKE2s (github.com__data_dog_zstd_@v_v1.4.5.mod) = b638a040dd998d09b23840e24343bb837036cc4b134167f1c9bc63bd8e913493 SHA512 (github.com__data_dog_zstd_@v_v1.4.5.mod) = 5d47517c29477f39a7f12d63ee80c1c64cbbe8065ede96732c133a0159e541b95bb17f10fea0ed5acde361deb84cbb66e79a38cf4be0dc7b28d8b8e342d45a88 Size (github.com__data_dog_zstd_@v_v1.4.5.mod) = 31 bytes @@ -5448,9 +5448,12 @@ Size (github.com_stretchr_objx_@v_v0.2.0 BLAKE2s (github.com_stretchr_objx_@v_v0.4.0.mod) = e5c1d6b824d1be53abbb3b8f906a3f0bf77e3447b39eb0d9f9f4319c55ebb20e SHA512 (github.com_stretchr_objx_@v_v0.4.0.mod) = 022706974a2aaaa604a814996d4307a0b0f4a408987ece5cb9d0fbd03d9a71bc9e5c4ae89877f9527858f4071829d85674732550a514562df1a406a95eed9d35 Size (github.com_stretchr_objx_@v_v0.4.0.mod) = 137 bytes -BLAKE2s (github.com_stretchr_objx_@v_v0.4.0.zip) = 40ccd40e2206d73e3b4fb942fd026b971c8310f55167f305b98b79147bce972a -SHA512 (github.com_stretchr_objx_@v_v0.4.0.zip) = 956d3d8d9f667d1ab31eddcbf663a573976827f91952d89e69c31e18b3398b6cde55ca02b1760b180d7fa4e535b2327d079f6f181720b18e3bb8187370bc05fa -Size (github.com_stretchr_objx_@v_v0.4.0.zip) = 44330 bytes +BLAKE2s (github.com_stretchr_objx_@v_v0.5.0.mod) = f7e6a80abd08386e00e3ee80803db84f0f5608240ecde454f96f92e2d4dbf7ff +SHA512 (github.com_stretchr_objx_@v_v0.5.0.mod) = 3725b66aadb0bd71f79264cb907fc13dbe969f00b5800e4dd1e331394858c39d191e57317228d7ef665a4fd4454bdab7b811632725537d6c9bc9fa2e29d34aca +Size (github.com_stretchr_objx_@v_v0.5.0.mod) = 85 bytes +BLAKE2s (github.com_stretchr_objx_@v_v0.5.0.zip) = 29bff95056684fdea15fe6c0f4d6bca7ae50e4adf3008754e27ede417755bffd +SHA512 (github.com_stretchr_objx_@v_v0.5.0.zip) = af7cf9a3145f189ef90dc1f9e890b2f9df92d2e5b9caeccf6336754e4ebea722b6521afec5ac4ea093188a95595cfbbdbeefa246b5a2b78b7be992de16e76778 +Size (github.com_stretchr_objx_@v_v0.5.0.zip) = 44362 bytes BLAKE2s (github.com_stretchr_testify_@v_v0.0.0-20170130113145-4d4bfba8f1d1.mod) = 0aab4ef6e84a9f79a057a2dd3c20af5527903ddca30e8e5207e0d64623d3121c SHA512 (github.com_stretchr_testify_@v_v0.0.0-20170130113145-4d4bfba8f1d1.mod) = 5b7ce867497852e4918b8cde5f75ecf2f24b9c95ad112478ac132322e904243f1cea3d16f5731646efb669256dbefc129ac70a499c8b1d25403a14c7e4fad10b Size (github.com_stretchr_testify_@v_v0.0.0-20170130113145-4d4bfba8f1d1.mod) = 35 bytes @@ -5490,9 +5493,12 @@ Size (github.com_stretchr_testify_@v_v1. BLAKE2s (github.com_stretchr_testify_@v_v1.8.0.mod) = 4b9f1b2997c84b26b08b9c2b5febd4d7dad875c2869013e0e87d1cebbaff04f0 SHA512 (github.com_stretchr_testify_@v_v1.8.0.mod) = 62122d19530516ad5a84d98ccb77f299c79bd0ad4da58314ce31d07696076de1b3d1150e603cb296e4ad8e5e839a9fd2241f1e8981fc3356379444d5062e0d26 Size (github.com_stretchr_testify_@v_v1.8.0.mod) = 188 bytes -BLAKE2s (github.com_stretchr_testify_@v_v1.8.0.zip) = 2b52e0d30465b83155591bdfa7a2fc0693f618b8d3e62bae48f77dff53e219a1 -SHA512 (github.com_stretchr_testify_@v_v1.8.0.zip) = e377f172ae47db1740efabc985ea0201ab7ca6c5db9763d75318de41fcce472ae79e1aaa8b1a4a920c74a5f44027d4f34af5f398ac4e692b210ca4cedf47b206 -Size (github.com_stretchr_testify_@v_v1.8.0.zip) = 113507 bytes +BLAKE2s (github.com_stretchr_testify_@v_v1.8.1.mod) = 9cba4c7e673fa366fcec4603d67030a0a278ca58afe2c8e4d74de88ed9d89dd8 +SHA512 (github.com_stretchr_testify_@v_v1.8.1.mod) = 0fe9325c142599f577ef2f281f09dce40b431b21bf32834e30fba68ae8896c0fdee66e93fa64ede86e326ec9d74a639233fe813f701387cacd27d19814c31351 +Size (github.com_stretchr_testify_@v_v1.8.1.mod) = 188 bytes +BLAKE2s (github.com_stretchr_testify_@v_v1.8.1.zip) = deb5414852ba1d12a77d6671792e6b89c132e94865cb80f4c1505468f30164f1 +SHA512 (github.com_stretchr_testify_@v_v1.8.1.zip) = b38c398c559b651d02c16d1c0bac2b9b54a19bee51fdd986359d5659c25bf2853cdac044c084ad0e086b78f638b3cc03733121e63480b555ab199c335f03109a +Size (github.com_stretchr_testify_@v_v1.8.1.zip) = 113583 bytes BLAKE2s (github.com_subosito_gotenv_@v_v1.2.0.mod) = 461c75d55213485e537d05f6f7cf1e172f195b603cb9bb216c0f1bbc60344d15 SHA512 (github.com_subosito_gotenv_@v_v1.2.0.mod) = 50b858817db72f0615a74431c9966f969d12a85fccc3f0dde25a72fbda32f77f3ac76cba50b12fdfd87ed7a7b3a337a291b1f9c86e1fbde81d2d0c2890c1c21d Size (github.com_subosito_gotenv_@v_v1.2.0.mod) = 34 bytes @@ -9231,11 +9237,6 @@ Size (sigs.k8s.io_yaml_@v_v1.3.0.zip) = BLAKE2s (sourcegraph.com_sourcegraph_appdash_@v_v0.0.0-20190731080439-ebfcffb1b5c0.mod) = 540120cf9a874588188b78b9cb2cb50598bfffd4f144e5fb2315313375937a3c SHA512 (sourcegraph.com_sourcegraph_appdash_@v_v0.0.0-20190731080439-ebfcffb1b5c0.mod) = 7d863e4af4e480a247bc767d1de96ff8050b12a13a182a9a8fa68c983c2f0b1a16b509d40de3cca552082535f876458034e1510f0f0feef383f16e1f84f81282 Size (sourcegraph.com_sourcegraph_appdash_@v_v0.0.0-20190731080439-ebfcffb1b5c0.mod) = 43 bytes -BLAKE2s (syft-0.63.0.tar.gz) = 6e0ae8d6bc9a8cf61790b724becdc15b409726cb337ae2a54289578c5e58ff60 -SHA512 (syft-0.63.0.tar.gz) = bf9d5177236b767b338ae4ffa5b4bd3647ebd690fa672c07980d9708df342cab83cbf03f2ec25d8d3807b38aa5bb891ce38eeacb17f0f3c7a7d568786bd2fbf6 -Size (syft-0.63.0.tar.gz) = 5409030 bytes -SHA1 (patch-internal_ui_ephemeral__terminal__ui.go) = 0d5ea0ae00429b8e45832f297e244b142be50764 -SHA1 (patch-internal_ui_etui__event__handlers.go) = a823a9738edc7481197b7360ecc5410183baefe1 -SHA1 (patch-internal_ui_select.go) = a856804e943dfd93611d4c7d23a020aa4e8f7f69 -SHA1 (patch-syft_pkg_cataloger_python_parse__requirements.go) = 4b9dd7156fe7d405ef670ec18acdf4378b588b11 -SHA1 (patch-syft_source_file__details.go) = 4c484112c9ab86e72b9d886f2bc28b1077e4effc +BLAKE2s (syft-0.64.0.tar.gz) = 9e9db74108aa2f97a86488573e59b8ed85dd442bee57eaf45c1f51e71ab9850a +SHA512 (syft-0.64.0.tar.gz) = d223c54467dadcae98828499da008e1119de585a8b54f20fe0fc90a85bbbf4dbaebdf4a38016c97108a16699151d1fb204f6eba3a3c3339aceb000983f6de95b +Size (syft-0.64.0.tar.gz) = 5422803 bytes Index: pkgsrc/devel/syft/go-modules.mk diff -u pkgsrc/devel/syft/go-modules.mk:1.1 pkgsrc/devel/syft/go-modules.mk:1.2 --- pkgsrc/devel/syft/go-modules.mk:1.1 Tue Dec 20 09:09:18 2022 +++ pkgsrc/devel/syft/go-modules.mk Tue Jan 3 14:42:53 2023 @@ -1,4 +1,4 @@ -# $NetBSD: go-modules.mk,v 1.1 2022/12/20 09:09:18 wiz Exp $ +# $NetBSD: go-modules.mk,v 1.2 2023/01/03 14:42:53 wiz Exp $ GO_MODULE_FILES+= 4d63.com/gochecknoglobals/@v/v0.1.0.mod GO_MODULE_FILES+= bazil.org/fuse/@v/v0.0.0-20160811212531-371fbbdaa898.mod @@ -150,8 +150,8 @@ GO_MODULE_FILES+= github.com/!azure/go-a GO_MODULE_FILES+= github.com/!burnt!sushi/toml/@v/v0.3.1.mod GO_MODULE_FILES+= github.com/!burnt!sushi/toml/@v/v0.4.1.mod GO_MODULE_FILES+= github.com/!burnt!sushi/xgb/@v/v0.0.0-20160522181843-27f122750802.mod -GO_MODULE_FILES+= github.com/!cyclone!d!x/cyclonedx-go/@v/v0.7.0.mod -GO_MODULE_FILES+= github.com/!cyclone!d!x/cyclonedx-go/@v/v0.7.0.zip +GO_MODULE_FILES+= github.com/!cyclone!d!x/cyclonedx-go/@v/v0.7.1-0.20221222100750-41a1ac565cce.mod +GO_MODULE_FILES+= github.com/!cyclone!d!x/cyclonedx-go/@v/v0.7.1-0.20221222100750-41a1ac565cce.zip GO_MODULE_FILES+= github.com/!data!dog/zstd/@v/v1.4.5.mod GO_MODULE_FILES+= github.com/!data!dog/zstd/@v/v1.4.5.zip GO_MODULE_FILES+= github.com/!djarvur/go-err113/@v/v0.0.0-20210108212216-aea10b59be24.mod @@ -1816,7 +1816,8 @@ GO_MODULE_FILES+= github.com/stretchr/ob GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.1.1.mod GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.2.0.mod GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.4.0.mod -GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.4.0.zip +GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.5.0.mod +GO_MODULE_FILES+= github.com/stretchr/objx/@v/v0.5.0.zip GO_MODULE_FILES+= github.com/stretchr/testify/@v/v0.0.0-20170130113145-4d4bfba8f1d1.mod GO_MODULE_FILES+= github.com/stretchr/testify/@v/v0.0.0-20180303142811-b89eecf5ca5d.mod GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.1.4.mod @@ -1830,7 +1831,8 @@ GO_MODULE_FILES+= github.com/stretchr/te GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.7.1.mod GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.7.2.mod GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.8.0.mod -GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.8.0.zip +GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.8.1.mod +GO_MODULE_FILES+= github.com/stretchr/testify/@v/v1.8.1.zip GO_MODULE_FILES+= github.com/subosito/gotenv/@v/v1.2.0.mod GO_MODULE_FILES+= github.com/subosito/gotenv/@v/v1.4.1.mod GO_MODULE_FILES+= github.com/subosito/gotenv/@v/v1.4.1.zip --_----------=_167275697416620--