copacetic icon indicating copy to clipboard operation
copacetic copied to clipboard

Published 20 hours ago • verified publisher icon project-copacetic

[BUG] fix openvex report oci id

Open sozercan opened this issue 8 months ago • 0 comments

Version of copa

No response

Expected Behavior

it should be:

"@id": "pkg:oci/nginx@sha256....",

https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst#oci

However, I am not sure if we can do this since image is not at the registry at this time so sha256 will not be accurate

Actual Behavior

vex statement output has

"@id": "pkg:oci/docker.io/library/nginx:1.21.6-patched",

https://project-copacetic.github.io/copacetic/website/output

Steps To Reproduce

No response

Are you willing to submit PRs to contribute to this bug fix?

  • [ ] Yes, I am willing to implement it.

sozercan avatar Jun 17 '24 17:06 sozercan