diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js
index b6b48b17..a9f41d5e 100644
--- a/dist/attachReleaseAssets/index.js
+++ b/dist/attachReleaseAssets/index.js
@@ -23385,7 +23385,7 @@ function wrappy (fn, cb) {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.VERSION = void 0;
-exports.VERSION = "v0.103.1";
+exports.VERSION = "v0.105.0";
/***/ }),
diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js
index 3b975355..79bf17d1 100644
--- a/dist/downloadSyft/index.js
+++ b/dist/downloadSyft/index.js
@@ -23385,7 +23385,7 @@ function wrappy (fn, cb) {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.VERSION = void 0;
-exports.VERSION = "v0.103.1";
+exports.VERSION = "v0.105.0";
/***/ }),
diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js
index 54f9ae0e..7e5fd7c8 100644
--- a/dist/runSyftAction/index.js
+++ b/dist/runSyftAction/index.js
@@ -23385,7 +23385,7 @@ function wrappy (fn, cb) {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.VERSION = void 0;
-exports.VERSION = "v0.103.1";
+exports.VERSION = "v0.105.0";
/***/ }),
diff --git a/src/SyftVersion.ts b/src/SyftVersion.ts
index 307025f0..15a9db05 100644
--- a/src/SyftVersion.ts
+++ b/src/SyftVersion.ts
@@ -1 +1 @@
-export const VERSION = "v0.103.1";
+export const VERSION = "v0.105.0";
diff --git a/tests/integration/__snapshots__/formatExports.test.ts.snap b/tests/integration/__snapshots__/formatExports.test.ts.snap
index bf809b41..fec6c779 100644
--- a/tests/integration/__snapshots__/formatExports.test.ts.snap
+++ b/tests/integration/__snapshots__/formatExports.test.ts.snap
@@ -125,6 +125,7 @@ exports[`CycloneDX JSON alpine 1`] = `
]
},
{
+ "bom-ref": "redacted",
"type": "operating-system",
"name": "alpine",
"version": "redacted",
@@ -807,6 +808,7 @@ exports[`CycloneDX JSON debian 1`] = `
]
},
{
+ "bom-ref": "redacted",
"type": "operating-system",
"name": "debian",
"version": "redacted",
@@ -1438,6 +1440,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:cpe23",
"value": "redacted"
@@ -1484,6 +1490,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:cpe23",
"value": "redacted"
@@ -1530,6 +1540,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:cpe23",
"value": "redacted"
@@ -1576,6 +1590,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:cpe23",
"value": "redacted"
@@ -1622,6 +1640,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:location:0:path",
"value": "redacted"
@@ -1648,6 +1670,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:cpe23",
"value": "redacted"
@@ -1694,6 +1720,10 @@ exports[`CycloneDX JSON yarn 1`] = `
"name": "syft:package:type",
"value": "redacted"
},
+ {
+ "name": "syft:package:metadataType",
+ "value": "redacted"
+ },
{
"name": "syft:location:0:path",
"value": "redacted"
@@ -1763,7 +1793,7 @@ exports[`CycloneDX XML alpine 1`] = `
166239
-
+
alpine
Alpine Linux v3.12
@@ -2030,7 +2060,7 @@ exports[`CycloneDX XML debian 1`] = `
-
+
debian
Debian GNU/Linux 8 (jessie)
@@ -2309,6 +2339,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
cpe:2.3:a:js-tokens:js_tokens:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:js_tokens:js-tokens:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:js_tokens:js_tokens:4.0.0:*:*:*:*:*:*:*
@@ -2326,6 +2357,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
cpe:2.3:a:loose-envify:loose_envify:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:loose_envify:loose-envify:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:loose_envify:loose_envify:1.4.0:*:*:*:*:*:*:*
@@ -2343,6 +2375,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
cpe:2.3:a:object-assign:object_assign:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:object_assign:object-assign:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:object_assign:object_assign:4.1.1:*:*:*:*:*:*:*
@@ -2360,6 +2393,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
cpe:2.3:a:prop-types:prop_types:15.7.2:*:*:*:*:*:*:*
cpe:2.3:a:prop_types:prop-types:15.7.2:*:*:*:*:*:*:*
cpe:2.3:a:prop_types:prop_types:15.7.2:*:*:*:*:*:*:*
@@ -2377,6 +2411,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
@@ -2389,6 +2424,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
cpe:2.3:a:react-is:react_is:16.13.1:*:*:*:*:*:*:*
cpe:2.3:a:react_is:react-is:16.13.1:*:*:*:*:*:*:*
cpe:2.3:a:react_is:react_is:16.13.1:*:*:*:*:*:*:*
@@ -2406,6 +2442,7 @@ exports[`CycloneDX XML yarn 1`] = `
javascript-lock-cataloger
javascript
npm
+ javascript-yarn-lock-entry
@@ -4617,11 +4654,11 @@ ExtractedText: BSD License
##### Relationships
-Relationship: SPDXRef-Package-java-archive-example-java-app-maven-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted
+Relationship: SPDXRef-Package-deb-apt-hash:redacted OTHER SPDXRef-File-var-lib-dpkg-status-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-java-archive-joda-time-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-deb-apt-hash:redacted OTHER SPDXRef-File-var-lib-dpkg-status-hash:redacted
+Relationship: SPDXRef-Package-java-archive-example-java-app-maven-hash:redacted OTHER SPDXRef-File-java-example-java-app-maven-0.1.0.jar-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-python-Pygments-hash:redacted OTHER SPDXRef-File-python-dist-info-METADATA-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
@@ -5097,17 +5134,17 @@ ExternalRef: PACKAGE-MANAGER purl pkg:npm/trim@0.0.2
Relationship: SPDXRef-Package-npm-loose-envify-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-npm-react-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
-RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-npm-prop-types-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
+Relationship: SPDXRef-Package-npm-trim-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-npm-js-tokens-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
+Relationship: SPDXRef-Package-npm-react-is-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-npm-trim-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
+Relationship: SPDXRef-Package-npm-prop-types-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-Package-npm-object-assign-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
-Relationship: SPDXRef-Package-npm-react-is-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
+Relationship: SPDXRef-Package-npm-js-tokens-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
+RelationshipComment: evident-by: indicates the package's existence is evident by the given file
+Relationship: SPDXRef-Package-npm-react-hash:redacted OTHER SPDXRef-File-yarn.lock-hash:redacted
RelationshipComment: evident-by: indicates the package's existence is evident by the given file
Relationship: SPDXRef-DocumentRoot-Directory-tests-fixtures-yarn-project CONTAINS SPDXRef-Package-npm-js-tokens-hash:redacted
Relationship: SPDXRef-DocumentRoot-Directory-tests-fixtures-yarn-project CONTAINS SPDXRef-Package-npm-loose-envify-hash:redacted