DmitriyLewen

> We don't have to re-implement all parsers. We might need to add similar logic for `npm` and `cargo` (we talked about adding a `workspace` field to the relationship), but...

User found similar case for `dpkg` - #8273 But this is strange case (there are 2 status dirs (libssl1 and libssl1.1) with same name/version/etc. (see https://github.com/aquasecurity/trivy/discussions/8273#discussioncomment-11925467). This looks like an...

hello @dpschier Can you share example for your case? dependencies shouldn't contain duplicates.

Hello @dpschier, Thanks for your example. I rechecked, and my answer is yes: fixing this issue will solve your problem. Two identical packages will use different `pkg.ID` values => different...

> Don't know if the way I merged the main code was ok or not... it looks like it added a lot of commits and contributors... Yeah, PR contains a...

But you use `licenseNotMatch` now: https://github.com/yutatokoi/trivy/blob/a1a0b0224579cd571a63003ec5868ba7614241f8/pkg/result/ignore.go#L214-L221 You don't need `extractFromExpression` anymore.

@yutatokoi can you fix error (it looks like you need to import `licensing` package)? and fix linter error please

Hello @krikera Can you update integration (`mage test:updateGolden` command may help) and unit tests?

okay, i will do that at this week

@masahiro331 I updated golden file - https://github.com/aquasecurity/trivy/pull/9007/commits/d59c5cc757a41b2edf1bdc2e086e97b26cef72c8 Also i refactored a little - https://github.com/aquasecurity/trivy/pull/9007/commits/49e4b7851041438a67bbae3cca7b78567a1327fb can you re-check these changes?