tern
tern copied to clipboard
tern-tools
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...
It could be useful to have a database backend so that data can be more easily organized and queried. I think SQLite would be a good fit (at least at...
**Description** We would like to run Tern in some number of persistent containers as a service in a K8s cluster, scaled to the resource environment. Ideally, something calls out to...
**Describe the Feature** When building and running tern using podman as a non-root user, the following error occurs: ``` 2022-02-03 15:28:04,409 - DEBUG - rootfs - Running command: mknod /root/.tern/temp/mergedir/dev/urandom...
**Describe the Feature** Tern can be package as a container. Next, let's make it run on Kubernetes so users can deploy and utilize Tern at scale or as part of...
**Describe the Feature** Source package name (`src_name`) and version (`src_version`) properties are available for Package objects for dpkg and rpm package managers collection methods. **Use Cases** It would be great...
**Describe the Feature** Currently Tern uses `ci/test_files_touched.py` to run various Tern tests based on which files were changed in a commit. This way of testing has proved to be porous,...
**Describe the Feature** In order to test the Dockerfile lock functionality in Tern we need to be able to have a consistent sha sum for the base OS and consistent...
**Description** Potentially revert or modify https://github.com/tern-tools/tern/commit/ce5c76305c577e089879d28c7e9e0fdeac20045e when resolution has been reached for https://github.com/nexB/scancode-toolkit/issues/2803. The `declared_license` naming field is perhaps not something Tern should collect as it is currently only the...
**Describe the Feature** Currently, tern will invoke exactly the commands in the `base.yml` file: ``` 436 go: 437 pkg_format: 'go' 438 os_guess: 439 - 'None' 440 path: 441 - 'usr/local/go/bin'...
My understanding: Tern relies on ScanCode Toolkit to automatically detect the licenses mentioned in the source code of packages, and stores new detected licenses in a central cache for performance...
Metadata
Owner
Metadata
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...