Christopher Angelo Phillips
Christopher Angelo Phillips
updated static analysis to generate new schema because of the new metadata type This might need to be regenerated again as there are a couple schema PR in queue. I'll...
linking this to https://github.com/anchore/syft/pull/3450
Thanks @vprivat-ads - looks like we need the DCO to run for this. Can you sign off your commits? ``` To add your Signed-off-by line to every commit in this...
👋 thanks for the good repro steps @tomasr - when we get some cycles I think the best first step is to see if we can read more from that...
Awesome! Ok we talked about this during our livestream: https://www.youtube.com/watch?v=m0wG_LQUhPo I think what we're going to do here is move away from cpe generation for cataloger/packages here by trying to...
@willmurphyscode I set up the action locally on a local private/personal repository - Running it again today the fail-build option works as expected. - The registry-username and registry-password are correctly...
Just commenting back here I do still see this issue, but don't have the bandwidth at the moment to try and dig in and fix: ``` Run github/codeql-action/upload-sarif@v2 Warning: CodeQL...
@dependabot recreate
Hey @Atharex I generated the syft SBOM for the image you mentioned above: `mcr.microsoft.com/openjdk/jdk:11-mariner` Here is what I found: ``` "name": "util-linux", "version": "2.37.4", "type": "rpm", "foundBy": "elf-binary-package-cataloger", "locations": [...
@eric-desrochers this is the first time I've run into a case where the `.note` information conflicts in this example. As to your question: > The things we don't understand: why...