diff --git a/.github/actions/install-tools/action.yaml b/.github/actions/install-tools/action.yaml index 21e346048d..64a78402d7 100644 --- a/.github/actions/install-tools/action.yaml +++ b/.github/actions/install-tools/action.yaml @@ -8,7 +8,7 @@ runs: - uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 - - run: "curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin" + - run: "curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin --tag v0.64.2" shell: bash - uses: docker/setup-buildx-action@16c0bc4a6e6ada2cfd8afd41d22d95379cf7c32a # v2.8.0 diff --git a/go.mod b/go.mod index a53b418695..b99cf6bae8 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/AlecAivazis/survey/v2 v2.3.7 github.com/Masterminds/semver/v3 v3.2.1 github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b - github.com/anchore/stereoscope v0.0.0-20230627195312-cd49355d934e + github.com/anchore/stereoscope v0.0.0-20230727211946-d1f3d766295e github.com/anchore/syft v0.84.0 github.com/derailed/k9s v0.27.4 github.com/distribution/distribution v2.8.2+incompatible @@ -29,6 +29,7 @@ require ( github.com/opencontainers/image-spec v1.1.0-rc3 github.com/otiai10/copy v1.12.0 github.com/pkg/errors v0.9.1 + github.com/prometheus/client_golang v1.15.1 github.com/pterm/pterm v0.12.62 github.com/sergi/go-diff v1.3.1 github.com/sigstore/cosign v1.13.1 @@ -314,7 +315,6 @@ require ( github.com/pierrec/lz4/v4 v4.1.15 // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_golang v1.15.1 // indirect github.com/prometheus/client_model v0.4.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect diff --git a/go.sum b/go.sum index 6dc2792f57..83bf738903 100644 --- a/go.sum +++ b/go.sum @@ -236,8 +236,8 @@ github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZV github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= github.com/anchore/packageurl-go v0.1.1-0.20230104203445-02e0a6721501 h1:AV7qjwMcM4r8wFhJq3jLRztew3ywIyPTRapl2T1s9o8= github.com/anchore/packageurl-go v0.1.1-0.20230104203445-02e0a6721501/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4= -github.com/anchore/stereoscope v0.0.0-20230627195312-cd49355d934e h1:zhk3ZLtomMJ750nNCE+c24PonMzoO/SeL/4uTr1L9kM= -github.com/anchore/stereoscope v0.0.0-20230627195312-cd49355d934e/go.mod h1:0LsgHgXO4QFnk2hsYwtqd3fR18PIZXlFLIl2qb9tu3g= +github.com/anchore/stereoscope v0.0.0-20230727211946-d1f3d766295e h1:S6IhYpsBCpvphlHA1tN0glSG/kjVvFzC6OJuU2qW5Pc= +github.com/anchore/stereoscope v0.0.0-20230727211946-d1f3d766295e/go.mod h1:0LsgHgXO4QFnk2hsYwtqd3fR18PIZXlFLIl2qb9tu3g= github.com/anchore/syft v0.84.0 h1:mU0xTGVFjuJDIr9pGjZfjcRmCdpSKsQxghZmWihdPDc= github.com/anchore/syft v0.84.0/go.mod h1:QM2WJFbV/mvBnb7nR1yYLm0mIw0MVhjzgd/QaxYMA/g= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=