You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should extend this to the core packages we commonly use in Docker projects so we can check this works 🎉
Go packages
Debian/Ubuntu packages
Alpine packages
We should also ideally rework the structures to be unique for each package, since packages of type X may allow different fields than packages of type Y. They should have a common base though, since many fields are shared.
If we can, it would be good to capture the graph-relationships between packages, which syft/other scanners have the potential to generate.
The text was updated successfully, but these errors were encountered:
We have basic support for typed packages:
go-imageinspect/sbom.go
Lines 33 to 36 in 94b9479
We should extend this to the core packages we commonly use in Docker projects so we can check this works 🎉
We should also ideally rework the structures to be unique for each package, since packages of type X may allow different fields than packages of type Y. They should have a common base though, since many fields are shared.
If we can, it would be good to capture the graph-relationships between packages, which syft/other scanners have the potential to generate.
The text was updated successfully, but these errors were encountered: