Tim Gerla

Hi @MPV, thanks for the suggestion. Usually Syft only scans one image at a time and produces an SBOM for a particular image, as opposed to a set of images....

I thought the easiest way might be with a jq query on the JSON version of the Kubernetes manifest. Here is a prototype bash script that you might start with:...

Thanks @markusmuellerusi for the report, we will take a look as soon as we can.

Hey @markusmuellerusi, we've done a bunch of digging here and it looks as though the dll files inside that package have some bad metadata, probably from Microsoft's own build process....

Thanks for the hints, @markusmuellerusi, this is very helpful. Can you help me understand where packages.config fits in a bit better? I unzipped the `microsoft.exchange.webservices.2.2.0.nupkg` to poke around after replicating...

Hi @jonjohnsonjr, thanks for the report! It looks like today we take that field as-is but we need to probably parse out the flags after the X:. We might need...

Hi @Dentrax, thanks for the report. We agree that this error message is confusing. We will need to do some investigation to figure out how to solve it.

Hi @josetirablaz, thanks for the report. Do you happen to have a publicly available image that we can use to reproduce this? That would help us a lot. Thanks!

Thanks @josetirablaz! We will take a look as soon as we can.

Hi @mithunms333, unfortunately we don't have a ready workaround for you in this case. We are discussing some improvements the binary catalogers and how to handle some special cases like...