afdesk
afdesk
> > > I want to show "unknown" for the license text. > I don't want to show the license text there as it's too long. I thought we would...
@DmitriyLewen that's an interesting idea. there are next cases for perl and python packages: perl: ```sh License: GPL-1+ or Artistic or Artistic-dist ``` python3.9: ```sh License: This software is provided...
@knqyf263 @DmitriyLewen I tried severel ways to separate a long license text from a license name, and the best result for me is a detection by keywords. There were selected...
> > I tried severel ways to separate a long license text from a license name, and the best result for me is a detection by keywords. > > Can...
> > I tried severel ways to separate a long license text from a license name, and the best result for me is a detection by keywords. > > OK,...
> but realized there was no test. I'm not sure my changes work as expected. @afdesk Could you add a test for license texts? yeh, sure. the test is added
@LucasVanHaaren thanks for your contribution! LGTM!
> I just noticed that no new chart versions have been released with this modification. Do you plan to release a new revision of the helm chart with only this...
> We should add a new test to ensure original BOM-Refs are kept as-is. The testcase is added now.
Now Trivy builds new SBOM components from the result: https://github.com/aquasecurity/trivy/blob/98e136eb7baa2b66f4233d96875c1490144e1594/pkg/sbom/io/encode.go#L260 to keep existing BOM-refs we should look for this one (if report.BOM != nil) by name and save it. it...