Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicate results #330

Closed
2 tasks
Feelemoon opened this issue Apr 3, 2023 · 2 comments · Fixed by #1289
Closed
2 tasks

Duplicate results #330

Feelemoon opened this issue Apr 3, 2023 · 2 comments · Fixed by #1289
Labels
backlog Important but currently unprioritized bug Something isn't working

Comments

@Feelemoon
Copy link

When parsing a hierarchical CycloneDX SBOM, there is the possibility of duplicate references to some components. These are evaluated (?) and reported multiple times, without a way to differentiate them (or trace the to the originating component).

The result represented by osv-scanner should:

  • not contain duplicate entries, and
  • allow to see, where the faulty component originates (ie. present a component tree like npm audit or cargo audit)
@oliverchang oliverchang added the bug Something isn't working label Apr 4, 2023
@github-actions GitHub Actions
Copy link

This issue has not had any activity for 60 days and will be automatically closed in two weeks

@github-actions github-actions bot added the stale The issue or PR is stale and pending automated closure label Jul 23, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 6, 2024

Automatically closing stale issue

@github-actions github-actions bot added the autoclosed Closed by automation label Aug 6, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Aug 6, 2024
@another-rex another-rex added backlog Important but currently unprioritized and removed stale The issue or PR is stale and pending automated closure autoclosed Closed by automation labels Aug 7, 2024
@another-rex another-rex reopened this Aug 7, 2024
@G-Rath G-Rath mentioned this issue Sep 30, 2024
Merged
@BrewTestBot BrewTestBot mentioned this issue Oct 31, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlog Important but currently unprioritized bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: warn about and ignore duplicate entries in SBOMs ackama/osv-scanner
3 participants
@oliverchang @Feelemoon @another-rex