oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: omit records with empty PURL in GitHub format (#4312)

Browse Source 
Signed-off-by: Rez Moss <hi@rezmoss.com>
This commit is contained in:
Rez Moss 2025-10-28 18:34:10 -04:00 committed by GitHub
parent 9478cd974b
commit 45bf8b14ab
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 3 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
syft/format/github/internal/model/model.go
View File

@ -87,6 +87,9 @@ func toGithubManifests(s *sbom.SBOM) Manifests {
} }
name := dependencyName(p) name := dependencyName(p)
if name == "" || p.PURL == "" {
continue
}
manifest.Resolved[name] = DependencyNode{ manifest.Resolved[name] = DependencyNode{
PackageURL: p.PURL, PackageURL: p.PURL,
Metadata: toDependencyMetadata(p), Metadata: toDependencyMetadata(p),

5
syft/format/github/test-fixtures/snapshot/TestGithubDirectoryEncoder.golden
View File

@ -16,11 +16,6 @@
"source_location": "redacted/some/path/some/path/pkg1" "source_location": "redacted/some/path/some/path/pkg1"
}, },
"resolved": { "resolved": {
"": {
"package_url": "a-purl-2",
"relationship": "direct",
"scope": "runtime"
},
"pkg:deb/debian/package-2@2.0.1": { "pkg:deb/debian/package-2@2.0.1": {
"package_url": "pkg:deb/debian/package-2@2.0.1", "package_url": "pkg:deb/debian/package-2@2.0.1",
"relationship": "direct", "relationship": "direct",

7
syft/format/github/test-fixtures/snapshot/TestGithubImageEncoder.golden
View File

@ -17,13 +17,6 @@
}, },
"metadata": { "metadata": {
"syft:filesystem":"redacted" "syft:filesystem":"redacted"
},
"resolved": {
"": {
"package_url": "a-purl-1",
"relationship": "direct",
"scope": "runtime"
}
} }
}, },
"user-image-input:/somefile-2.txt": { "user-image-input:/somefile-2.txt": {