chore(deps): update tools to latest versions (#3413)

* chore(deps): update tools to latest versions Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <[email protected]> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Alex Goodman <[email protected]> Co-authored-by: spiffcs <[email protected]> Co-authored-by: Alex Goodman <[email protected]>
anchore · Nov 12, 2024 · ac8be4a · ac8be4a
1 parent abd6abe
commit ac8be4a
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 12 deletions.
diff --git a/.binny.yaml b/.binny.yaml
@@ -18,15 +18,15 @@ tools:
   # used to sign mac binaries at release
   - name: quill
     version:
-      want: v0.4.2
+      want: v0.5.0
     method: github-release
     with:
       repo: anchore/quill
 
   # used for linting
   - name: golangci-lint
     version:
-      want: v1.61.0
+      want: v1.62.0
     method: github-release
     with:
       repo: golangci/golangci-lint
@@ -58,7 +58,7 @@ tools:
   # used to release all artifacts
   - name: goreleaser
     version:
-      want: v2.3.2
+      want: v2.4.4
     method: github-release
     with:
       repo: goreleaser/goreleaser
@@ -103,15 +103,15 @@ tools:
   # used for running all local and CI tasks
   - name: task
     version:
-      want: v3.39.2
+      want: v3.40.0
     method: github-release
     with:
       repo: go-task/task
 
   # used for triggering a release
   - name: gh
     version:
-      want: v2.60.1
+      want: v2.61.0
     method: github-release
     with:
       repo: cli/cli

diff --git a/cmd/syft/internal/commands/scan.go b/cmd/syft/internal/commands/scan.go
@@ -156,13 +156,13 @@ func validateScanArgs(cmd *cobra.Command, args []string) error {
 	return validateArgs(cmd, args, "an image/directory argument is required")
 }
 
-func validateArgs(cmd *cobra.Command, args []string, error string) error {
+func validateArgs(cmd *cobra.Command, args []string, err string) error {
 	if len(args) == 0 {
 		// in the case that no arguments are given we want to show the help text and return with a non-0 return code.
 		if err := cmd.Help(); err != nil {
 			return fmt.Errorf("unable to display help: %w", err)
 		}
-		return fmt.Errorf("%v", error)
+		return fmt.Errorf("%v", err)
 	}
 
 	return cobra.MaximumNArgs(1)(cmd, args)

diff --git a/cmd/syft/internal/ui/capture.go b/cmd/syft/internal/ui/capture.go
@@ -17,11 +17,11 @@ const defaultStdoutLogBufferSize = 1024
 //	restore := CaptureStdoutToTraceLog()
 //	// here, stdout will be captured and redirected to the provided writer
 //	restore() // block until the output has all been sent to the writer and restore the original stdout
-func CaptureStdoutToTraceLog() (close func()) {
+func CaptureStdoutToTraceLog() func() {
 	return capture(&os.Stdout, newLogWriter(), defaultStdoutLogBufferSize)
 }
 
-func capture(target **os.File, writer io.Writer, bufSize int) (close func()) {
+func capture(target **os.File, writer io.Writer, bufSize int) func() {
 	original := *target
 
 	r, w, _ := os.Pipe()

diff --git a/test/install/1_download_snapshot_asset_test.sh b/test/install/1_download_snapshot_asset_test.sh
@@ -61,6 +61,11 @@ test_negative_snapshot_download_asset() {
 }
 
 test_sboms_have_packages() {
+  if ! command -v jq &> /dev/null; then
+    echo "jq command not found. Please install jq or ensure it is in your PATH."
+    exit 1
+  fi
+
   find "$(snapshot_dir)/" -name "*.sbom" -print0 | while IFS= read -r -d '' file; do
       count=$(cat "$file" | jq ".artifacts | length")
       if [ "$count" -lt 80 ]; then

diff --git a/test/install/3_install_asset_test.sh b/test/install/3_install_asset_test.sh
@@ -32,8 +32,14 @@ test_positive_snapshot_install_asset() {
 	  arch="amd64_v1"
   fi
 
+  # note: this is a change made in goreleaser v1.62.0
+  local_suffix=""
+  if [ "${arch}" == "arm64" ]; then
+    local_suffix="_v8.0"
+  fi
+
   assertFilesEqual \
-    "$(snapshot_dir)/${os}-build_${os}_${arch}/${binary}" \
+    "$(snapshot_dir)/${os}-build_${os}_${arch}${local_suffix}/${binary}" \
     "${expected_path}" \
     "unable to verify installation of os=${os} arch=${arch} format=${format}"
 

diff --git a/test/install/environments/Dockerfile-alpine-3.6 b/test/install/environments/Dockerfile-alpine-3.6
@@ -1,5 +1,5 @@
 FROM alpine:3.6
-RUN apk update && apk add python3 wget curl unzip make ca-certificates
+RUN apk update && apk add python3 wget curl unzip make ca-certificates jq
 RUN curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64" && \
     mv cosign-linux-amd64 /usr/local/bin/cosign && \
     chmod +x /usr/local/bin/cosign
diff --git a/test/install/environments/Dockerfile-ubuntu-20.04 b/test/install/environments/Dockerfile-ubuntu-20.04
@@ -1,5 +1,5 @@
 FROM --platform=linux/amd64 ubuntu:20.04@sha256:33a5cc25d22c45900796a1aca487ad7a7cb09f09ea00b779e3b2026b4fc2faba
-RUN apt update -y && apt install make python3 curl unzip -y
+RUN apt update -y && apt install make python3 curl unzip jq -y
 RUN LATEST_VERSION=$(curl https://api.github.com/repos/sigstore/cosign/releases/latest | grep tag_name | cut -d : -f2 | tr -d "v\", ") && \
     curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign_${LATEST_VERSION}_amd64.deb" && \
     dpkg -i cosign_${LATEST_VERSION}_amd64.deb