Tim Gerla
Tim Gerla
Can you run sha1sum on the jar file to make sure we are both working with the exact same thing? ``` tgerla@Timothys-MacBook-Pro-2 grype-1457 % sha1sum okio-jvm-3.0.0.jar 0ab5a73fa2ccb4a36b0b5c69fe10b16d0255bcf8 okio-jvm-3.0.0.jar ``` (I...
Hi @navzen2000, thanks. Where did you get that okio-jvm-3.0.0.jar that differs from mine? Can you provide a link or attach it? Thanks.
Could you attach your build, so we can compare the contents? Thanks!
Thanks, that helps. I think the problem here is that in your build, the META-INF/MANIFEST.MF file contains a lot less information than the build from Maven. Your build only contains:...
You are welcome!
Thank you, I will run this by the team!
Hi @abelsromero, thank you for the suggestion. We'll put this in the backlog for consideration. Are you interested in working on this? We'd be happy to point you in the...
That would be great! I think total time would be a good starting point. One thing that would be nice is if the setting cascaded--in other words, you could set...
Hi @evgenymo, thanks for the suggestion. Can you describe in more detail the mitigation information you would like added to the database? We are not exactly sure what you mean,...
Hi @evgenymo, thanks for the additional information. In some cases we do get fix version information and we do report it when we have it. For the other kinds of...