oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

update AltRpmDbGlob with comment and context (#1085)

Browse Source
This commit is contained in:
Christopher Angelo Phillips 2022-07-05 11:29:31 -04:00 committed by GitHub
parent 57323a1666
commit 47df66960f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
syft/pkg/relationships_by_file_ownership.go
View File

@ -7,13 +7,17 @@ import (
"github.com/scylladb/go-set/strset" "github.com/scylladb/go-set/strset"
) )
// AltRpmDBGlob allows db matches against new locations introduced in fedora:{36,37}
// See https://github.com/anchore/syft/issues/1077 for larger context
const AltRpmDBGlob = "**/rpm/{Packages,Packages.db,rpmdb.sqlite}"
var globsForbiddenFromBeingOwned = []string{ var globsForbiddenFromBeingOwned = []string{
// any OS DBs should automatically be ignored to prevent cyclic issues (e.g. the "rpm" RPM owns the path to the // any OS DBs should automatically be ignored to prevent cyclic issues (e.g. the "rpm" RPM owns the path to the
// RPM DB, so if not ignored that package would own all other packages on the system). // RPM DB, so if not ignored that package would own all other packages on the system).
ApkDBGlob, ApkDBGlob,
DpkgDBGlob, DpkgDBGlob,
RpmDBGlob, RpmDBGlob,
"**/rpm/{Packages,Packages.db,rpmdb.sqlite}", AltRpmDBGlob,
// DEB packages share common copyright info between, this does not mean that sharing these paths implies ownership. // DEB packages share common copyright info between, this does not mean that sharing these paths implies ownership.
"/usr/share/doc/**/copyright", "/usr/share/doc/**/copyright",
} }