Will Murphy
Will Murphy
Found another issue that is part of the same cluster of issues: https://github.com/anchore/grype/issues/2037
It looks like API docs are up now! https://euvd.enisa.europa.eu/apidoc That means we're unblocked here as far as I know.
Hi @bergernir thanks for the report! I'm trying to investigate, and I haven't been able to trigger this error behavior. It looks like you're scanning a particular Alpine image with...
Thanks for letting us know!
Hi @de4Ru - the issue you're facing is with Python packages, not APKs, so I made it it's own issue, #2229, but the error messages do look very similar. Thanks...
Hi @WesHaze, It sounds like you're scanning a directory with a dotnet project in it with a deps.json, and you'd like Syft to rely only on the deps.json instead of...
Hi @shakedembo and @benjifin, Thanks for the PR! In order to test this, we need images that Grype can scan to test this data. These will be added to tests/quality/config.yaml...
@benjifin I don't have a PR to exactly imitate, since this is the first vulnerability feed that is meant to affect matching on more than one distro and distro package...
Hi @benjifin, I'm not finding any `root` version packages in the sample image: ``` ❯ syft -q rootpublic/ubuntu:20.04_rootio | rg -e NAME -e root NAME VERSION TYPE ``` I would...
@chait-slim yes, Syft finds these packages. Thanks! I was very confused when there were no root-io packages in the first example :) I want to step back and talk about...