Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update latest cyclonedx library #1390

Merged
merged 1 commit into from
Dec 8, 2022
Merged

chore: update latest cyclonedx library #1390

merged 1 commit into from
Dec 8, 2022

Conversation

spiffcs
Copy link
Contributor

@spiffcs spiffcs commented Dec 7, 2022
edited
Loading

Blocked until changes incorporated into grype

Signed-off-by: Christopher Phillips [email protected]

@spiffcs spiffcs added the blocked Progress is being stopped by something label Dec 7, 2022
@github-actions
Copy link

github-actions bot commented Dec 7, 2022
edited
Loading

Benchmark Test Results

Benchmark results from the latest changes vs base branch 
name                                                       old time/op    new time/op    delta
ImagePackageCatalogers/alpmdb-cataloger-2                    11.2ms ± 1%    12.8ms ±32%  +13.67%  (p=0.016 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2              1.28ms ± 1%    1.26ms ± 0%   -1.69%  (p=0.016 n=4+5)
ImagePackageCatalogers/python-package-cataloger-2            3.19ms ± 1%    3.30ms ± 1%   +3.38%  (p=0.008 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2    1.06ms ± 0%    1.05ms ± 1%     ~     (p=0.151 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         742µs ± 1%     724µs ± 0%   -2.46%  (p=0.008 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     846µs ± 1%     828µs ± 0%   -2.04%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                    1.25ms ± 0%    1.22ms ± 1%   -2.64%  (p=0.008 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      14.3ms ± 2%    14.2ms ± 1%     ~     (p=0.222 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                      876µs ± 1%     851µs ± 1%   -2.80%  (p=0.008 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2          6.30µs ± 1%    6.49µs ± 1%   +3.09%  (p=0.008 n=5+5)
ImagePackageCatalogers/dotnet-deps-cataloger-2               1.32ms ± 1%    1.34ms ± 1%   +1.16%  (p=0.008 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    706µs ± 1%     680µs ± 0%   -3.66%  (p=0.016 n=5+4)
ImagePackageCatalogers/sbom-cataloger-2                      4.42ms ± 0%    4.31ms ± 0%   -2.35%  (p=0.008 n=5+5)
ImagePackageCatalogers/binary-cataloger-2                    2.74ms ± 0%    2.65ms ± 0%   -3.20%  (p=0.008 n=5+5)

name                                                       old alloc/op   new alloc/op   delta
ImagePackageCatalogers/alpmdb-cataloger-2                    5.27MB ± 0%    5.26MB ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               205kB ± 0%     205kB ± 0%     ~     (p=0.151 n=5+5)
ImagePackageCatalogers/python-package-cataloger-2             962kB ± 0%     964kB ± 0%   +0.23%  (p=0.008 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     218kB ± 0%     218kB ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         159kB ± 0%     159kB ± 0%   +0.10%  (p=0.032 n=5+5)
ImagePackageCatalogers/dpkgdb-cataloger-2                     199kB ± 0%     200kB ± 0%   +0.13%  (p=0.008 n=5+5)
ImagePackageCatalogers/rpm-db-cataloger-2                     303kB ± 0%     303kB ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/java-cataloger-2                      3.49MB ± 0%    3.49MB ± 0%     ~     (p=0.548 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                      182kB ± 0%     182kB ± 0%     ~     (p=0.841 n=5+5)
ImagePackageCatalogers/go-module-binary-cataloger-2          1.12kB ± 0%    1.12kB ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                374kB ± 0%     375kB ± 0%   +0.05%  (p=0.016 n=5+5)
ImagePackageCatalogers/portage-cataloger-2                    139kB ± 0%     139kB ± 0%     ~     (p=0.841 n=5+5)
ImagePackageCatalogers/sbom-cataloger-2                       722kB ± 0%     722kB ± 0%   -0.02%  (p=0.008 n=5+5)
ImagePackageCatalogers/binary-cataloger-2                     459kB ± 0%     459kB ± 0%   +0.00%  (p=0.008 n=5+5)

name                                                       old allocs/op  new allocs/op  delta
ImagePackageCatalogers/alpmdb-cataloger-2                     85.7k ± 0%     85.7k ± 0%     ~     (p=0.556 n=5+4)
ImagePackageCatalogers/ruby-gemspec-cataloger-2               4.25k ± 0%     4.25k ± 0%     ~     (all equal)
ImagePackageCatalogers/python-package-cataloger-2             16.5k ± 0%     16.5k ± 0%     ~     (p=0.119 n=5+5)
ImagePackageCatalogers/php-composer-installed-cataloger-2     5.50k ± 0%     5.50k ± 0%     ~     (p=1.000 n=5+5)
ImagePackageCatalogers/javascript-package-cataloger-2         3.33k ± 0%     3.33k ± 0%     ~     (all equal)
ImagePackageCatalogers/dpkgdb-cataloger-2                     4.47k ± 0%     4.47k ± 0%     ~     (all equal)
ImagePackageCatalogers/rpm-db-cataloger-2                     8.12k ± 0%     8.12k ± 0%     ~     (all equal)
ImagePackageCatalogers/java-cataloger-2                       57.5k ± 0%     57.5k ± 0%     ~     (p=0.690 n=5+5)
ImagePackageCatalogers/apkdb-cataloger-2                      5.23k ± 0%     5.23k ± 0%     ~     (p=0.095 n=5+4)
ImagePackageCatalogers/go-module-binary-cataloger-2            38.0 ± 0%      38.0 ± 0%     ~     (all equal)
ImagePackageCatalogers/dotnet-deps-cataloger-2                7.12k ± 0%     7.12k ± 0%     ~     (all equal)
ImagePackageCatalogers/portage-cataloger-2                    3.58k ± 0%     3.58k ± 0%     ~     (all equal)
ImagePackageCatalogers/sbom-cataloger-2                       24.4k ± 0%     24.4k ± 0%     ~     (all equal)
ImagePackageCatalogers/binary-cataloger-2                     15.5k ± 0%     15.5k ± 0%     ~     (all equal)

@spiffcs
Copy link
Contributor Author

spiffcs commented Dec 8, 2022

Changes have broken Test_imageAllLayersResolver_resolvesLinks/by_mimetype <-- Digging into this to see the cause of the panic with the new library additions

@spiffcs
chore: update latest cyclonedx library
598e3d3 
Signed-off-by: Christopher Phillips <[email protected]>
@spiffcs spiffcs marked this pull request as ready for review December 8, 2022 16:03
@spiffcs spiffcs requested a review from kzantow December 8, 2022 16:09
@spiffcs spiffcs merged commit 730d3e3 into main Dec 8, 2022
@spiffcs spiffcs deleted the upgrade-cyclonedx branch December 8, 2022 16:36
spiffcs added a commit to raboof/syft that referenced this pull request Dec 20, 2022
@spiffcs
Merge branch 'main' into prefer-known-vendor
160c7fe 
* main: (87 commits)
  feat: Add license parsing for java (anchore#1385)
  fix: cyclonedx component type for binaries (anchore#1406)
  fix: openjdk detection pattern (anchore#1415)
  bug: spdx checksum empty array; allow syft to generate SHA1 for spdx-tag-value documents (anchore#1404)
  Add NetBSD support. (anchore#1412)
  feat: add catalog delete (anchore#1377)
  docs: remove file classifier (anchore#1397)
  chore: update latest cyclonedx library (anchore#1390)
  feat: Add Java binary catalogers (anchore#1392)
  chore: Update SPDX license list to 3.19 (anchore#1389)
  fix: add manual vendor/product removal to fix false flags (anchore#1070)
  Update Stereoscope to c5ff155d72f166e2332e160a75c3ff2b8e9c7e2e (anchore#1395)
  chore: fix test busybox image sha (anchore#1393)
  fix: go version not properly identified in binary (anchore#1384)
  Update Stereoscope to 3b80d983223f6e6fc2d33b0ffa003d30268418e9 (anchore#1376)
  fix: Update node binary package name (anchore#1375)
  feat: Generic Binary Cataloger (anchore#1336)
  recover from bad parsing of golang binary (anchore#1371)
  Fix parsing of apk databases with large entries (anchore#1365)
  Update syft bootstrap tools to latest versions. (anchore#1369)
  ...
spiffcs added a commit to cpendery/syft that referenced this pull request Dec 20, 2022
@spiffcs
Merge branch 'main' into feat-mix
5828268 
* main: (189 commits)
  feat: add h1digest when scanning go.mod (anchore#1405)
  feat: Add license parsing for java (anchore#1385)
  fix: cyclonedx component type for binaries (anchore#1406)
  fix: openjdk detection pattern (anchore#1415)
  bug: spdx checksum empty array; allow syft to generate SHA1 for spdx-tag-value documents (anchore#1404)
  Add NetBSD support. (anchore#1412)
  feat: add catalog delete (anchore#1377)
  docs: remove file classifier (anchore#1397)
  chore: update latest cyclonedx library (anchore#1390)
  feat: Add Java binary catalogers (anchore#1392)
  chore: Update SPDX license list to 3.19 (anchore#1389)
  fix: add manual vendor/product removal to fix false flags (anchore#1070)
  Update Stereoscope to c5ff155d72f166e2332e160a75c3ff2b8e9c7e2e (anchore#1395)
  chore: fix test busybox image sha (anchore#1393)
  fix: go version not properly identified in binary (anchore#1384)
  Update Stereoscope to 3b80d983223f6e6fc2d33b0ffa003d30268418e9 (anchore#1376)
  fix: Update node binary package name (anchore#1375)
  feat: Generic Binary Cataloger (anchore#1336)
  recover from bad parsing of golang binary (anchore#1371)
  Fix parsing of apk databases with large entries (anchore#1365)
  ...
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@spiffcs
chore: update latest cyclonedx library (anchore#1390)
0bdfd99
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
blocked Progress is being stopped by something
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@spiffcs @kzantow