wolfictl
wolfictl copied to clipboard
wolfi-dev
A CLI used to work with the Wolfi OSS project
Bumps [github.com/anchore/grype](https://github.com/anchore/grype) from 0.79.6 to 0.80.0. Release notes Sourced from github.com/anchore/grype's releases. v0.80.0 Added Features Add info subcommand in order to query grype db vulnerabilities [#1629 #2031 @tomersein] Bug Fixes...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
I could not find any license information for the secdb data for wolfi and chainguard. Can you clarify what would be the license? These are the data published at: -...
Bumps [github.com/tmc/dot](https://github.com/tmc/dot) from 0.0.0-20210901225022-f9bc17da75c0 to 0.2.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: #...
Move a package's advisories into a new package. This command will move most advisories for the given package into a new package. And rename the package to the new package...
``` go run . scan my-custom-package --remote --repository https://my/custom/respository ``` ``` --repository string URL of the Wolfi package repository (default "https://packages.wolfi.dev/os") ```
This PR adds a new linter to check if version-stream correctly set for the given package: * With a ReGeX, it checks whether package name contains version stream suffix *...
The `guide` command was designed to solve for the issue of `wolfictl adv (create|update)` having very specific expectations for a user to have already cloned the relevant advisories repo and...
Today the command manages the clone and modification of advisory data in a temporary directory, in hopes of opening a PR with these changes on behalf of the user. But...
It seems that the "submit PR" function requires a GITHUB_TOKEN (correct?) so this PR allows the user to simply print the changed YAMLs to the console to submit to advisory...