You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Not every image will have SBOMs attached to it (especially as it requires opt-in).
If an SBOM is requested, but one is not attached, we should attempt to create a scan of the image using one of the buildkit scanners as a fallback. This allows consumers of the library to more transparently consume SBOM results, and easily query it - this could be massively useful for the docker sbom command and similar.
We should probably only enable this behavior if there's some user-specified config to do this, so we should have a global config object for the loader that allows configuration of this behavior.
The text was updated successfully, but these errors were encountered:
Not every image will have SBOMs attached to it (especially as it requires opt-in).
If an SBOM is requested, but one is not attached, we should attempt to create a scan of the image using one of the buildkit scanners as a fallback. This allows consumers of the library to more transparently consume SBOM results, and easily query it - this could be massively useful for the
docker sbomcommand and similar.We should probably only enable this behavior if there's some user-specified config to do this, so we should have a global config object for the loader that allows configuration of this behavior.
The text was updated successfully, but these errors were encountered: