osv-scanner icon indicating copy to clipboard operation
osv-scanner copied to clipboard

Published 20 hours ago verified publisher icon google

Update documentation on how to scan local Debian/Ubuntu OS

Open KoenDG opened this issue 2 years ago • 1 comments

The documentation here: https://google.github.io/osv-scanner/usage/

Claims this is a preview and doesn't describe how to do it, skipping to the scanning of Docker containers.

Looking at the code a bit, it's not clear to me how it would be done.

KoenDG avatar Mar 05 '23 17:03 KoenDG

Thank you for opening an issue. We'll look into it.

hayleycd avatar Mar 10 '23 00:03 hayleycd

This issue has not had any activity for 60 days and will be automatically closed in two weeks

github-actions[bot] avatar Jul 23 '24 18:07 github-actions[bot]

Automatically closing stale issue

github-actions[bot] avatar Aug 06 '24 19:08 github-actions[bot]

I believe this is resolved in the documentation here: https://google.github.io/osv-scanner/supported-languages-and-lockfiles/#alpine-package-keeper-and-debian-package-manager

Essentially, you have to specify the lockfile type:

osv-scanner --lockfile 'apk-installed:/lib/apk/db/installed'

another-rex avatar Aug 07 '24 04:08 another-rex