Will Murphy

@wagoodman I think this is a fast follow for schema v6, since schema v6 will add more flexibility to how the database is queried, as well. Do you agree? Do...

From discussion on our livestream on 10 October 2024, we had the idea: Can we add `grype db search --since DATE` to print information about CVEs that were added or...

@kzantow or @wagoodman is this still needed? Anything to do here to get this in?

Another possibility is to do the following: 1. Make the "source" part of the SBOM be the source of the many images, e.g. a kubernetes manifest or a multi-image OCI...

Thanks for the report @TheOnlyJoey! If you run again with more logging, e.g. `-vv`, do you get anything more helpful?

Well that sounds like a bug we should work on. Thanks for giving it a try!

It might be helpful to you to look at how we use quill in our release, which is https://github.com/anchore/grype/blob/e64e1bac15c5438b3f03b19be972ddc9ce478ee1/.goreleaser.yaml#L46 called from https://github.com/anchore/grype/blob/e64e1bac15c5438b3f03b19be972ddc9ce478ee1/.github/workflows/release.yaml#L182 This use case is what we use quill...

It looks like the quality gate is failing because somehow there are a mix of Vulnerability dataclasses and dicts in `vuln_records`: ``` File "/home/runner/work/vunnel/vunnel/src/vunnel/providers/debian/parser.py", line 553, in get vuln_record["Vulnerability"].Severity =...

@westonsteimel that seems likely. I knew the Debian provider was downloading cached data. There must be a place where it's parsing that as dict instead of Vulnerability. Do you think...

This is waiting on #647 so that any differences in snapshots will be possible to review.