Christopher Angelo Phillips

Hey @nikolaishields! Thanks for the offer. @juliosueiras did you still have the branch or draft of code from your screenshot above? If you open a draft I'm sure @nikolaishields and...

Tagging @cpendery

Thanks for the bug update here @gm7y8 - it looks like the flag is not being added during construction anymore which may have been caused during a recent refactor. Our...

Confirmed this is working in `v0.46.x` if you'd like to try it there: https://github.com/anchore/syft/releases/tag/v0.46.3 I'll try and get a release done that is a bug fix for v0.51.0 ==> v0.51.1...

Thanks @Dentrax! I suspect this is related to the conversations we're having here? https://github.com/anchore/syft/issues/1061 I'm a little hesitant to make this kind of breaking change even though we're pre v1.0...

I'm good with the above proposal from @joshbressers with deprecation and eventual sunset of the old flags. @wagoodman since we're still pre v1 I don't think this would be the...

I think first steps here is getting a readme update that clearly explains what Keith mentioned above. That will take away some of the confusion. We keep `--output` and deprecate...

We can pick this up on the basis if SPDX and CycloneDX support the ability to add these in the outer envelope. Patches are definitely encouraged if you see a...

@westonsteimel should we even introduce this into the app layer with `vulnerability_match_exclusion` now being a table where anchore can start managing these at the data layer? cc @wagoodman also for...

I'll start taking a look at this today to see how we can get more uniqueness in the ID, specifically the cases where `SPDXRef-Package-go-module-github.com/adrg/xdg-v0.3.3` is a repeat value.