Dan Luhring

Open question: Should this issue move to [anchore/grype](https://github.com/anchore/grype)? I know the implementation might involve Syft's decoders, but it seems like a Grype feature that we're talking about from the user's...

I think we should revisit this... Now that people are using Syft in more parts of the SDLC, it'd be really useful to have the additional support for more use...

IIUC, we should consider this issue "blocked" until the data is available for Syft to observe in the scan target. If I'm wrong here, just let me know! 😄

Hi @dmikusa-pivotal and @ryanmoran — this request makes sense. We've talked about supporting multiple **major** versions (latest of each) for several of the built-in formats, including Syft JSON. You've probably...

That sounds great! One option for discussion is that we have biweekly community meetings, where we chat through specific issues that need discussion. Are you available to join one of...

I think we might not need to pursue our own solution to creating a version for the main module. [This Go proposal](https://github.com/golang/go/issues/50603) was just **accepted**, so hopefully we can find...

Hi @fg-j and @ryanmoran — thanks for the feedback! To consolidate communication, we'll track the "missing `version` field" problem in #959. Thanks for raising this! 🙏

@robinbryce We'd love a contribution! A contribution is very likely to be accepted, once it gets through a code review and the CI checks pass. Check out our [CONTRIBUTING.md](https://github.com/anchore/syft/blob/main/CONTRIBUTING.md) for...

Hi, just a note here — Syft is inspecting different files for package evidence depending on whether Syft is scanning a local directory or a container image. For directory scans,...

Right, we can adjust Syft to enable that method of scanning — that's what we're talking about in #465 (see above).