Christopher Angelo Phillips
Christopher Angelo Phillips
**What would you like to be added**: When converting from `syft-json` to other SBOM formats (`spdx`, 'cyclonedx') users should be able to drop components that add to the size of...
# Description This PR adds a new flag to syft called `--source-supplier`. This flag allows syft users to associate an optional `supplier` to the root component of the final document....
## Description This PR adds a new field to the grype-db config: `build.ignore-provider-date` This field will be used when calculating the earliest timestamp when building the db. `grype-db` will ignore...
### Summary Syft needs a way where we can inject the scanner via API rather than injecting a config that then creates the scanner. It's either this or syft needs...
What would you like to be added: Integrate the [clio](https://github.com/anchore/clio) library into Grant TUI to provide richer command-line interface capabilities. Specifically: - Leverage clio’s structured event system to improve how...
# Description This PR follows up on #4279 by adding support for a new docker source `ocimodelsource` (naming pending 😄) With this change users can do the following: `syft -o...
## What would you like to be added: Update CycloneDX encoder so that people metadata discovered from package.json (and npm registry metadata where available) is emitted under the CycloneDX component.authors...
👋 Sorry if this is being handled in another thread. I tried to find all coverage of current licenses issues and didn't see this one. ### Reproduction You might need...