Will Murphy
Will Murphy
Just noting that https://github.com/anchore/grype/issues/1012#issuecomment-2317621790 is good signal that we need to do this. TL;DR - users should be able to tell grype to tell syft it's allowed to make network...
Hi @eric-desrochers I believe syft support is already done (syft doesn't need to be explicitly told about new distros that use `/etc/os-release` to identify themselves): ``` sh $ syft version...
Hi @eric-desrochers this is ready for you all to test. To test this, you need to pull down branches of 3 repos: grype, grype-db, and vunnel. You'll also need to...
Implemented by https://github.com/anchore/grype/pull/1848 - will be in the next release.
Hi @sekveaja, Thanks for the report? It sounds like there is some subtlety to producing this artifact correctly to exhibit the false positive you reported. It sounds like, basically, I...
Hi @bhreddy83, thanks very much for the report. I'm not super familiar with Wildly. I did a quick search on DockerHub, and there are a lot of images with wildfly...
Hi @Atharex thanks for the report! I've reproduced the issue and will move it to our backlog. Details below. I think there are two things going on here: ``` sh...
Here's a quick implementation that could be wired up to golangci-lint. It hard-codes the name of the function that must defer for now, but that could be passed via config....
Fixed by https://github.com/anchore/syft/pull/2837
Hi @saisatishkarra there isn't currently a metrics page, but that request is a good idea. We've had a couple other complaints about the CDN, so I'll re-open this. Thanks for...