From 79346964632449b1f377b2478f8074950c4b5154 Mon Sep 17 00:00:00 2001
From: "anchore-actions-token-generator[bot]"
 <102182147+anchore-actions-token-generator[bot]@users.noreply.github.com>
Date: Tue, 17 Sep 2024 12:30:07 -0400
Subject: [PATCH 1/5] chore(deps): update tools to latest versions (#3243)

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
---
 .binny.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.binny.yaml b/.binny.yaml
index e33ce2f70b4..1ecb1788028 100644
--- a/.binny.yaml
+++ b/.binny.yaml
@@ -111,7 +111,7 @@ tools:
   # used for triggering a release
   - name: gh
     version:
-      want: v2.56.0
+      want: v2.57.0
     method: github-release
     with:
       repo: cli/cli

From a2f12fef0c4244bb90204156d53267079bd4892d Mon Sep 17 00:00:00 2001
From: "anchore-actions-token-generator[bot]"
 <102182147+anchore-actions-token-generator[bot]@users.noreply.github.com>
Date: Wed, 18 Sep 2024 13:13:24 -0400
Subject: [PATCH 2/5] chore(deps): update tools to latest versions (#3247)

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
---
 .binny.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.binny.yaml b/.binny.yaml
index 1ecb1788028..aca15d746f5 100644
--- a/.binny.yaml
+++ b/.binny.yaml
@@ -58,7 +58,7 @@ tools:
   # used to release all artifacts
   - name: goreleaser
     version:
-      want: v2.3.1
+      want: v2.3.2
     method: github-release
     with:
       repo: goreleaser/goreleaser

From 50016c3172f55ef579f574622e64b672ee4384bf Mon Sep 17 00:00:00 2001
From: "anchore-actions-token-generator[bot]"
 <102182147+anchore-actions-token-generator[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 09:15:12 -0400
Subject: [PATCH 3/5] chore(deps): update tools to latest versions (#3251)

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: spiffcs <32073428+spiffcs@users.noreply.github.com>
---
 .binny.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.binny.yaml b/.binny.yaml
index aca15d746f5..49dc00d3d08 100644
--- a/.binny.yaml
+++ b/.binny.yaml
@@ -103,7 +103,7 @@ tools:
   # used for running all local and CI tasks
   - name: task
     version:
-      want: v3.39.0
+      want: v3.39.1
     method: github-release
     with:
       repo: go-task/task

From cb0de97bc3b6306c36e30359e7e7ac8000888c9d Mon Sep 17 00:00:00 2001
From: "Krystian G." <108719245+krysgor@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:15:54 +0200
Subject: [PATCH 4/5] fix: capture-snippet.sh can handle leading whitespaces
 now (#3249) (#3250)

Signed-off-by: Gorny Krystian <krystian.gorny@wipotec.com>
Co-authored-by: Gorny Krystian <krystian.gorny@wipotec.com>
---
 syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh b/syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh
index 2c7fb063ea8..088776f4870 100755
--- a/syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh
+++ b/syft/pkg/cataloger/binary/test-fixtures/capture-snippet.sh
@@ -69,6 +69,11 @@ if ! command -v xxd &> /dev/null; then
     exit 1
 fi
 
+# check if xargs is even installed
+if ! command -v xargs &> /dev/null; then
+    echo "xargs not found. Please install xargs."
+    exit 1
+fi
 
 PATTERN=${SEARCH_FOR:-$VERSION}
 
@@ -116,7 +121,7 @@ while $CONTINUE_LOOP; do
   fi
 
   # search for the pattern in the binary file and capture the offset
-  OFFSET=$(echo "${SELECTED_RESULT}" | cut -d ' ' -f 1)
+  OFFSET=$(echo "${SELECTED_RESULT}" | xargs | cut -d ' ' -f 1)
 
   if [ -z "$OFFSET" ]; then
       echo "Pattern not found."

From 6a95a5f2ed9ea35c8a718de859d9bf171854c5d5 Mon Sep 17 00:00:00 2001
From: "Krystian G." <108719245+krysgor@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:21:02 +0200
Subject: [PATCH 5/5] feat: add binary classifiers for lighttp, proftpd, zstd,
 xz, gzip, jq, and sqlcipher (#3252)

* feat: detect lighttpd binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect proftpd binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect zstd binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect xz utils binarie

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect gzip binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect sqlcipher binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* feat: detect jq binaries

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>

* add tests + snippets

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

---------

Signed-off-by: Krystian Gorny <krystian.gorny@wipotec.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Krystian Gorny <krystian.gorny@wipotec.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
---
 .../binary/classifier_cataloger_test.go       |  88 ++++++++++++++++++
 syft/pkg/cataloger/binary/classifiers.go      |  70 ++++++++++++++
 .../snippets/gzip/1.12/linux-amd64/gzip       | Bin 0 -> 346 bytes
 .../snippets/jq/1.7.1/linux-amd64/jq          | Bin 0 -> 346 bytes
 .../lighttpd/1.4.76/linux-amd64/lighttpd      | Bin 0 -> 351 bytes
 .../proftpd/1.3.8b/linux-amd64/proftpd        | Bin 0 -> 350 bytes
 .../sqlcipher/4.5.5/linux-amd64/sqlcipher     | Bin 0 -> 353 bytes
 .../snippets/xz/5.6.2/linux-amd64/xz          | Bin 0 -> 344 bytes
 .../snippets/zstd/1.5.6/linux-amd64/zstd      | Bin 0 -> 348 bytes
 .../binary/test-fixtures/config.yaml          |  55 +++++++++++
 10 files changed, 213 insertions(+)
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz
 create mode 100644 syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd

diff --git a/syft/pkg/cataloger/binary/classifier_cataloger_test.go b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
index c1bfbb322f0..22f59b1b39e 100644
--- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go
+++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
@@ -1082,6 +1082,94 @@ func Test_Cataloger_PositiveCases(t *testing.T) {
 				Metadata:  metadata("wordpress-cli-binary"),
 			},
 		},
+		{
+			logicalFixture: "lighttpd/1.4.76/linux-amd64",
+			expected: pkg.Package{
+				Name:      "lighttpd",
+				Version:   "1.4.76",
+				Type:      "binary",
+				PURL:      "pkg:generic/lighttpd@1.4.76",
+				Locations: locations("lighttpd"),
+				Metadata:  metadata("lighttpd-binary"),
+			},
+		},
+		{
+			logicalFixture: "proftpd/1.3.8b/linux-amd64",
+			expected: pkg.Package{
+				Name:      "proftpd",
+				Version:   "1.3.8b",
+				Type:      "binary",
+				PURL:      "pkg:generic/proftpd@1.3.8b",
+				Locations: locations("proftpd"),
+				Metadata:  metadata("proftpd-binary"),
+			},
+		},
+		{
+			logicalFixture: "zstd/1.5.6/linux-amd64",
+			expected: pkg.Package{
+				Name:      "zstd",
+				Version:   "1.5.6",
+				Type:      "binary",
+				PURL:      "pkg:generic/zstd@1.5.6",
+				Locations: locations("zstd"),
+				Metadata:  metadata("zstd-binary"),
+			},
+		},
+		{
+			logicalFixture: "zstd/1.5.6/linux-amd64",
+			expected: pkg.Package{
+				Name:      "zstd",
+				Version:   "1.5.6",
+				Type:      "binary",
+				PURL:      "pkg:generic/zstd@1.5.6",
+				Locations: locations("zstd"),
+				Metadata:  metadata("zstd-binary"),
+			},
+		},
+		{
+			logicalFixture: "xz/5.6.2/linux-amd64",
+			expected: pkg.Package{
+				Name:      "xz",
+				Version:   "5.6.2",
+				Type:      "binary",
+				PURL:      "pkg:generic/xz@5.6.2",
+				Locations: locations("xz"),
+				Metadata:  metadata("xz-binary"),
+			},
+		},
+		{
+			logicalFixture: "gzip/1.12/linux-amd64",
+			expected: pkg.Package{
+				Name:      "gzip",
+				Version:   "1.12",
+				Type:      "binary",
+				PURL:      "pkg:generic/gzip@1.12",
+				Locations: locations("gzip"),
+				Metadata:  metadata("gzip-binary"),
+			},
+		},
+		{
+			logicalFixture: "sqlcipher/4.5.5/linux-amd64",
+			expected: pkg.Package{
+				Name:      "sqlcipher",
+				Version:   "4.5.5",
+				Type:      "binary",
+				PURL:      "pkg:generic/sqlcipher@4.5.5",
+				Locations: locations("sqlcipher"),
+				Metadata:  metadata("sqlcipher-binary"),
+			},
+		},
+		{
+			logicalFixture: "jq/1.7.1/linux-amd64",
+			expected: pkg.Package{
+				Name:      "jq",
+				Version:   "1.7.1",
+				Type:      "binary",
+				PURL:      "pkg:generic/jq@1.7.1",
+				Locations: locations("jq"),
+				Metadata:  metadata("jq-binary"),
+			},
+		},
 	}
 
 	for _, test := range tests {
diff --git a/syft/pkg/cataloger/binary/classifiers.go b/syft/pkg/cataloger/binary/classifiers.go
index 5290b4d984e..0a2a1a9b856 100644
--- a/syft/pkg/cataloger/binary/classifiers.go
+++ b/syft/pkg/cataloger/binary/classifiers.go
@@ -574,6 +574,76 @@ func DefaultClassifiers() []Classifier {
 			PURL:    mustPURL("pkg:generic/curl@version"),
 			CPEs:    singleCPE("cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
 		},
+		{
+			Class:    "lighttpd-binary",
+			FileGlob: "**/lighttpd",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00lighttpd/(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`,
+			),
+			Package: "lighttpd",
+			PURL:    mustPURL("pkg:generic/lighttpd@version"),
+			CPEs:    singleCPE("cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "proftpd-binary",
+			FileGlob: "**/proftpd",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00ProFTPD Version (?P<version>[0-9]+\.[0-9]+\.[0-9]+[a-z]?)\x00`,
+			),
+			Package: "proftpd",
+			PURL:    mustPURL("pkg:generic/proftpd@version"),
+			CPEs:    singleCPE("cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "zstd-binary",
+			FileGlob: "**/zstd",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00v(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`,
+			),
+			Package: "zstd",
+			PURL:    mustPURL("pkg:generic/zstd@version"),
+			CPEs:    singleCPE("cpe:2.3:a:facebook:zstandard:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "xz-binary",
+			FileGlob: "**/xz",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00xz \(XZ Utils\) (?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`,
+			),
+			Package: "xz",
+			PURL:    mustPURL("pkg:generic/xz@version"),
+			CPEs:    singleCPE("cpe:2.3:a:tukaani:xz:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "gzip-binary",
+			FileGlob: "**/gzip",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00(?P<version>[0-9]+\.[0-9]+)\x00`,
+			),
+			Package: "gzip",
+			PURL:    mustPURL("pkg:generic/gzip@version"),
+			CPEs:    singleCPE("cpe:2.3:a:gnu:gzip:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "sqlcipher-binary",
+			FileGlob: "**/sqlcipher",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`[^0-9]\x00(?P<version>[0-9]+\.[0-9]+\.[0-9]+)\x00`,
+			),
+			Package: "sqlcipher",
+			PURL:    mustPURL("pkg:generic/sqlcipher@version"),
+			CPEs:    singleCPE("cpe:2.3:a:zetetic:sqlcipher:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
+		{
+			Class:    "jq-binary",
+			FileGlob: "**/jq",
+			EvidenceMatcher: FileContentsVersionMatcher(
+				`\x00(?P<version>[0-9]{1,3}\.[0-9]{1,3}(\.[0-9]+)?)\x00`,
+			),
+			Package: "jq",
+			PURL:    mustPURL("pkg:generic/jq@version"),
+			CPEs:    singleCPE("cpe:2.3:a:jqlang:jq:*:*:*:*:*:*:*:*", cpe.NVDDictionaryLookupSource),
+		},
 	}
 }
 
diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/gzip/1.12/linux-amd64/gzip
new file mode 100644
index 0000000000000000000000000000000000000000..64510d6c4de9f3b608baf906b49210a910c8ab55
GIT binary patch
literal 346
zcmZ{eOHRZv5JbK9DO!pm!DbY@<6o}93EFmhCL)QWi2=ds2_slii??~IQf;*I1lO;5
zm$j6G+XN1M@N(hp+HMmlJ;-C5_nq6zjkK{7=<Jh9ISyI}>sZ@teTl}9_l3@KB8Qen
zZ_pN|Fp@WxwL%Ooc+I0M^TK~)A$W&4gs2Lt;0nf(?V!dK66!c4<m?P#vX+^sjM^hc
z#xSa^eN;}$uInIvHiqAu&?=O=EcF9UC80m0h?HTc^a=~V^CHwmY0)1KwQ{@F43O>#
mev;{&f;O)w#oLzZy5IRYIE#n=2ckC@Rr+4QQ>%@Z<M|s^vt4ii

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/jq/1.7.1/linux-amd64/jq
new file mode 100644
index 0000000000000000000000000000000000000000..4adbcf60024d8f11c1f5ac6b98814183df6f1c56
GIT binary patch
literal 346
zcmYjM%Sr?>5X?CrA%Q{AgG)NEN#-buA0VD3nRIq%7$@_{viSE#SHW9#RZ(3v`w#5c
zxYC@`j-_LuWNU<>6VAtSs<+^DpND0^@_O<@n~tI3Mua{}E1Zix2MOLNZn$;IYQ@2D
z2;QW&H7fO50FNn3BeX!Jz11`g6aIy1r$p}pcT%ASj%WabM9D=f69k!1XjcQAbW(aJ
zW7}&REJSd<O-WPQGz|-%1=(*+Rx(R@n(~EJiL!hy%ek=R>(|(^+no|Pv<Dzh&yQ~}
y9l0UnT1RbL-q@Wl)o_1xZT|Azl<d=aTYk{Ez7O+It_-RA!!`UL<YdglT=_4_-DM>J

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/lighttpd/1.4.76/linux-amd64/lighttpd
new file mode 100644
index 0000000000000000000000000000000000000000..c6147b7a9bb095d9fe53316e3b6298c56be26119
GIT binary patch
literal 351
zcmXw!yKciU3`Mh6UqK*4r>1&X4|^#JWGT?42>JoEOvOf3NwAd${`)#;!{r`;yu4(>
zZ|WdU=dso@upGidwF9Z0m6k<H=Q?&EBxg&SN}+lhQEJlx3B|Fu<Tp^t2f>j{L+G3$
zWw}D-+O}_7ElCWB+_c_$s{}dYDfEGbDbjsetA$mXqv6{45O^@sYh?%RTeO;6gHkn0
zTfK2Z{g%)O9JF+s^v*lR_WM2bYbE$U6KaN#W6W3BT8uqB!Rh0Dx(!@P$#Z49`_s?j
z&>XDUEj0hoy!)%ynPANqNSC_63mkKLtbnD&6%bCJZ%62-dJC!Jv}~MkUfE{7;+&>*
K?!d?Fzu*@sSY~$s

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/proftpd/1.3.8b/linux-amd64/proftpd
new file mode 100644
index 0000000000000000000000000000000000000000..f9bc1cae5a539902b3716f2ad1230ba377c5fc66
GIT binary patch
literal 350
zcmXw!PfNrw6vTV(r+Bc)US!Rmwn=&uL@y$O;{7Fg*$sA+lBT=(?X9Bcnfc93!ZVF9
zmmKQs+Z@6|b%a4mCHi)vbgZWlxM1y);yhD*JE7=@5wu~NS<Q_y=u!3^22`k+auTI?
zJa{FPBBew?IWVp`7hW@AxYMrFtPOFZe^@~0I^hXB%RFOtU`A@^xNzhY$zGuFzTdD;
z8_PJ~>ZIv<CygSmoNe3PZU^?O68z1Cnjz$A%2(K=HeVCWShlZ~$_V?LW#7D({P_O*
z03TGAm=o}WJZRfI-@iOHS1c)};|Oc|Ok4PFP0KpZxm5D-;{ZyRSaLd3s&K&)(N6Ts
Oy@hy8xoqiXUA_Uf+-lGO

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/sqlcipher/4.5.5/linux-amd64/sqlcipher
new file mode 100644
index 0000000000000000000000000000000000000000..111cab34911f3f8e06a6892c26729163389cca1c
GIT binary patch
literal 353
zcma)2%WA_g5cFAJAqYMcLeQ=xOU`ff1A?^PjSY(J)(TDjzAk;7JGWtmVP@uZ<Fnr0
z3Qg<C?`jd*xSln5Ya>Qgc)r$g=V;V6PwUF{bxi2Hvra5zJ;VqZGG{9mvX_J~K+f5?
z0Bi@!J}@#cnZZXV95Wdw9aB^?75)v&0DXrPe6}G`Fd!0;hKLTO_eO{UXD3lQK<vHr
z7<=ba$9v6w095L5IOzPWtbc0ix@cKSSw8eGsr6`%Z7KJchL+pyK2P=8xRXEmrrmVA
iHDCC<;qv{)h3exn?bdzl9z>~5^HtL_SANug`ac04Uu|Rn

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/xz/5.6.2/linux-amd64/xz
new file mode 100644
index 0000000000000000000000000000000000000000..ed3dc45093f841a8eba7ea7305dae8f96d5713be
GIT binary patch
literal 344
zcmY+8J5R$f6h=GyS6rz=f~C54Y{$;T#L9q>5St&@jfE3OjS(fko|ebJdd{b#Z*~(6
zaNbx=X{9!R7RD%6Xg;=a04|WNb6yr|Poon`Uj{N6l*y-r&MMUr2}`0!)jK0avXZ)<
zc<>PslSw`*sZ3BlN}~z;$Wku!7wbGyQaXAHD!539T6f%P9;Eku2s(<ukt;5`P8*NG
zpw}U4Yc01<M#lF0J^0T?@Ou+lg;YzaA8=7@fQMWfogj=Z&jZ}7Y<J$^_T?3xTQ2Jz
ysDnO;UCF*|ll%7YxX{V9TxXbSq=D_&f0R?E)B3~Pc!}5Ly1tV0cHiFLocjWbb!G_w

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd b/syft/pkg/cataloger/binary/test-fixtures/classifiers/snippets/zstd/1.5.6/linux-amd64/zstd
new file mode 100644
index 0000000000000000000000000000000000000000..31944cb002b4d6d34487001356f1ef3211520d7c
GIT binary patch
literal 348
zcmZ9IyJ`b56hybyS6nb@oM7~pc3W40bg7a~(v|E5S-V)u2K(zH@@P`dnPC{FxJ#Vi
zUK^4nr5f7=j2foINOCNvcJ7)}Qp>!qvAv!hS9$`B0jXo2+JwSL;e+N@CTo}pDKO81
zpianOSvMr5BSlFqwUOzhxRxZ%IsTRPbQ+}-!E5i8N{KP4BaS{9jfpzN1EV|{g~4D%
z9fj@;t*~m;oFO5*-46V%MfjZwZGp7pynI5pNSl{ZCo;UbQsCHmY{SM5>Y#`B+FU_*
zML51Z5BvQd>c_e+*H(W{8J@nsfgDdR++d@J2YejvdG@fyYwgAGP|1+*@}Isq*uDT~
CC1;iZ

literal 0
HcmV?d00001

diff --git a/syft/pkg/cataloger/binary/test-fixtures/config.yaml b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
index 58408325be8..51607b51a96 100644
--- a/syft/pkg/cataloger/binary/test-fixtures/config.yaml
+++ b/syft/pkg/cataloger/binary/test-fixtures/config.yaml
@@ -610,3 +610,58 @@ from-images:
     paths:
       - /usr/bin/curl
 
+  - name: lighttpd
+    version: 1.4.76
+    images:
+      - ref: jitesoft/lighttpd:1.4.76-cgi@sha256:f5d4500bfb992a20ca39369ae1ca1d8a7a9463bb8c59ee8dd85ddb6d96fc9fc1
+        platform: linux/amd64
+    paths:
+      - /usr/local/sbin/lighttpd
+
+  - name: proftpd
+    version: 1.3.8b
+    images:
+      - ref: mekayelanik/proftpd-server-alpine:1.3.8b-r2@sha256:a1ef73a2de04999e53bf728b548ef9922febab8f5709037e40e0141cedcd66db
+        platform: linux/amd64
+    paths:
+      - /usr/sbin/proftpd
+
+  - name: zstd
+    version: 1.5.6
+    images:
+      - ref: danysk/zstd:1.5.6@sha256:5eceba085b3a399592755dd66a37b8adfb83538af3f56b51bec6e6cc955e3b5f
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/zstd
+
+  - name: xz
+    version: 5.6.2
+    images:
+      - ref: docker:27.2.1@sha256:c51fa20028ff6590588d9ed97d3b16865d503a3d7228aa885871c5c292afa5ca
+        platform: linux/amd64
+    paths:
+      - /usr/bin/xz
+
+  - name: gzip
+    version: 1.12
+    images:
+      - ref: ubuntu:24.04@sha256:d35dfc2fe3ef66bcc085ca00d3152b482e6cafb23cdda1864154caf3b19094ba
+        platform: linux/amd64
+    paths:
+      - /usr/bin/gzip
+
+  - name: sqlcipher
+    version: 4.5.5
+    images:
+      - ref: yspreen/sqlcipher@sha256:93189cc465661f16ad23f3ace4206179bdd19967deaf08c54da5ac1e34bb6fb7
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/sqlcipher
+
+  - name: jq
+    version: 1.7.1
+    images:
+      - ref: efrecon/jq:1.7.1@sha256:0ad05e2e6d1dea5fe0852ecc23114eb768d60c4ce0985d729eb958809e7f31dd
+        platform: linux/amd64
+    paths:
+      - /usr/local/bin/jq