trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 3 weeks ago verified publisher icon aquasecurity

reafactor(spdx): save undetected liceneses in `ExtractedLicensingInfo`

Open DmitriyLewen opened this issue 1 year ago • 0 comments

Description

There are cases when SPDX license list doesn't contain license of dependency/package. We need to use ExtractedLicensingInfo field. Example: https://github.com/spdx/tools-java/blob/master/testResources/SPDXJSONExample-v2.2.spdx.json

Discussed in https://github.com/aquasecurity/trivy/discussions/7366

DmitriyLewen avatar Aug 30 '24 04:08 DmitriyLewen