-
Notifications
You must be signed in to change notification settings - Fork 575
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SBOM for MySQL:8.x doesn't include rpm packages #3234
Comments
👋 Thanks for the issue @davidkesoshvili - I tried reproducing this against an
As you can see we are able to discover 142 packages and a large number of the are of type Is your image from another source? |
Hi @spiffcs Thanks for the quick response. The packages are missing only when using Syft Go module. Running syft command using the command line works as expected. |
@davidkesoshvili your code does not show where
Generally speaking, you should obtain this with the default configuration: |
Hi @kzantow |
@davidkesoshvili ah yes, this is right -- A couple suggestions: you may have better results with the If you're getting significantly different results, I suspect it is related to the cataloger selection. Syft defaults to a different set of catalogers depending on using an image or directory scan. Perhaps look at what's happening here, though this should be the same as a default |
The SBOM generated for the MySQL:8.x container does not include the RPM packages. It seems that important package information is missing
the code for generating the SBOM:
Other images with RPMs are getting scanned correctly, but this issue seems specific to MySQL:8.x.
Environment:
The text was updated successfully, but these errors were encountered: