Software packages installed in C:\ProgramData hidden directory on Windows are missing in SBOM.

[tsvirinkal-jsi]

What happened: Software packages installed in C:\ProgramData hidden directory on Windows are not included in SBOM.

What you expected to happen: All software packages installed on Windows should be included in SBOM.

How to reproduce it (as minimally and precisely as possible): Run syft packages C:/ProgramData/ -o spdx-json --file C:/temp/sbom.json on a Windows machine. The result file lists no packages at all. The json output file looks like this: { "SPDXID": "SPDXRef-DOCUMENT", "name": "C-/ProgramData", "spdxVersion": "SPDX-2.2", "creationInfo": { "created": "2022-04-25T15:54:01.6848241Z", "creators": [ "Organization: Anchore, Inc", "Tool: syft-0.43.0" ], "licenseListVersion": "3.16" }, "dataLicense": "CC0-1.0", "documentNamespace": "https://anchore.com/syft/dir/C-/ProgramData-885e79dd-6f7a-4fa6-bf3e-199da720e095", "packages": [] }

Anything else we need to know?: no

Environment:

• Output of syft version: 0.43.0
• OS (e.g: cat /etc/os-release or similar): Windows Server 2019 or newer

[yogesh1978]

Hi, Can you please share more info on how to reproduce this issue as with the given steps, i get the result where packages are listed Regards