feat: report unknowns in sbom (#2998)

Signed-off-by: Keith Zantow <kzantow@gmail.com> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2025-11-17 16:33:21 +01:00 · 2024-10-07 16:11:37 -04:00 · 2024-10-07 16:11:37 -04:00 · ccbee94b87
commit ccbee94b87
parent 4d7ed9f749
145 changed files with 4420 additions and 233 deletions
--- a/cmd/syft/internal/options/catalog.go
+++ b/cmd/syft/internal/options/catalog.go
@ -53,6 +53,9 @@ type Catalog struct {
 	Platform   string         `yaml:"platform" json:"platform" mapstructure:"platform"`
 	Source     sourceConfig   `yaml:"source" json:"source" mapstructure:"source"`
 	Exclusions []string       `yaml:"exclude" json:"exclude" mapstructure:"exclude"`
+
+	// configuration for inclusion of unknown information within elements
+	Unknowns unknownsConfig `yaml:"unknowns" mapstructure:"unknowns"`
 }

 var _ interface {
@ -71,6 +74,7 @@ func DefaultCatalog() Catalog {
 		Java:          defaultJavaConfig(),
 		File:          defaultFileConfig(),
 		Relationships: defaultRelationshipsConfig(),
+		Unknowns:      defaultUnknowns(),
 		Source:        defaultSourceConfig(),
 		Parallelism:   1,
 	}
@ -82,6 +86,7 @@ func (cfg Catalog) ToSBOMConfig(id clio.Identification) *syft.CreateSBOMConfig {
 		WithParallelism(cfg.Parallelism).
 		WithRelationshipsConfig(cfg.ToRelationshipsConfig()).
 		WithComplianceConfig(cfg.ToComplianceConfig()).
+		WithUnknownsConfig(cfg.ToUnknownsConfig()).
 		WithSearchConfig(cfg.ToSearchConfig()).
 		WithPackagesConfig(cfg.ToPackagesConfig()).
 		WithFilesConfig(cfg.ToFilesConfig()).
@ -114,6 +119,13 @@ func (cfg Catalog) ToComplianceConfig() cataloging.ComplianceConfig {
 	}
 }

+func (cfg Catalog) ToUnknownsConfig() cataloging.UnknownsConfig {
+	return cataloging.UnknownsConfig{
+		IncludeExecutablesWithoutPackages: cfg.Unknowns.ExecutablesWithoutPackages,
+		IncludeUnexpandedArchives:         cfg.Unknowns.UnexpandedArchives,
+	}
+}
+
 func (cfg Catalog) ToFilesConfig() filecataloging.Config {
 	hashers, err := intFile.Hashers(cfg.File.Metadata.Digests...)
 	if err != nil {
--- a/cmd/syft/internal/options/unknowns.go
+++ b/cmd/syft/internal/options/unknowns.go
@ -0,0 +1,31 @@
+package options
+
+import (
+	"github.com/anchore/clio"
+	"github.com/anchore/syft/syft/cataloging"
+)
+
+type unknownsConfig struct {
+	RemoveWhenPackagesDefined  bool `json:"remove-when-packages-defined" yaml:"remove-when-packages-defined" mapstructure:"remove-when-packages-defined"`
+	ExecutablesWithoutPackages bool `json:"executables-without-packages" yaml:"executables-without-packages" mapstructure:"executables-without-packages"`
+	UnexpandedArchives         bool `json:"unexpanded-archives" yaml:"unexpanded-archives" mapstructure:"unexpanded-archives"`
+}
+
+var _ interface {
+	clio.FieldDescriber
+} = (*unknownsConfig)(nil)
+
+func (o *unknownsConfig) DescribeFields(descriptions clio.FieldDescriptionSet) {
+	descriptions.Add(&o.RemoveWhenPackagesDefined, `remove unknown errors on files with discovered packages`)
+	descriptions.Add(&o.ExecutablesWithoutPackages, `include executables without any identified packages`)
+	descriptions.Add(&o.UnexpandedArchives, `include archives which were not expanded and searched`)
+}
+
+func defaultUnknowns() unknownsConfig {
+	def := cataloging.DefaultUnknownsConfig()
+	return unknownsConfig{
+		RemoveWhenPackagesDefined:  def.RemoveWhenPackagesDefined,
+		ExecutablesWithoutPackages: def.IncludeExecutablesWithoutPackages,
+		UnexpandedArchives:         def.IncludeUnexpandedArchives,
+	}
+}
--- a/internal/constants.go
+++ b/internal/constants.go
@ -3,5 +3,5 @@ package internal
 const (
 	// JSONSchemaVersion is the current schema version output by the JSON encoder
 	// This is roughly following the "SchemaVer" guidelines for versioning the JSON schema. Please see schema/json/README.md for details on how to increment.
-	JSONSchemaVersion = "16.0.17"
+	JSONSchemaVersion = "16.0.18"
 )
--- a/internal/file/zip_file_manifest.go
+++ b/internal/file/zip_file_manifest.go
@ -1,7 +1,6 @@
 package file

 import (
-	"fmt"
 	"os"
 	"sort"
 	"strings"
@ -19,12 +18,13 @@ func NewZipFileManifest(archivePath string) (ZipFileManifest, error) {
 	zipReader, err := OpenZip(archivePath)
 	manifest := make(ZipFileManifest)
 	if err != nil {
-		return manifest, fmt.Errorf("unable to open zip archive (%s): %w", archivePath, err)
+		log.Debugf("unable to open zip archive (%s): %v", archivePath, err)
+		return manifest, err
 	}
 	defer func() {
 		err = zipReader.Close()
 		if err != nil {
-			log.Warnf("unable to close zip archive (%s): %+v", archivePath, err)
+			log.Debugf("unable to close zip archive (%s): %+v", archivePath, err)
 		}
 	}()

--- a/internal/file/zip_read_closer.go
+++ b/internal/file/zip_read_closer.go
@ -8,6 +8,8 @@ import (
 	"io"
 	"math"
 	"os"
+
+	"github.com/anchore/syft/internal/log"
 )

 // directoryEndLen, readByf, directoryEnd, and findSignatureInBlock were copied from the golang stdlib, specifically:
@ -46,7 +48,8 @@ func OpenZip(filepath string) (*ZipReadCloser, error) {
 	// need to find the start of the archive and keep track of this offset.
 	offset, err := findArchiveStartOffset(f, fi.Size())
 	if err != nil {
-		return nil, fmt.Errorf("cannot find beginning of zip archive=%q : %w", filepath, err)
+		log.Debugf("cannot find beginning of zip archive=%q : %v", filepath, err)
+		return nil, err
 	}

 	if _, err := f.Seek(0, io.SeekStart); err != nil {
@ -62,7 +65,8 @@ func OpenZip(filepath string) (*ZipReadCloser, error) {

 	r, err := zip.NewReader(io.NewSectionReader(f, offset64, size), size)
 	if err != nil {
-		return nil, fmt.Errorf("unable to open ZipReadCloser @ %q: %w", filepath, err)
+		log.Debugf("unable to open ZipReadCloser @ %q: %v", filepath, err)
+		return nil, err
 	}

 	return &ZipReadCloser{
--- a/internal/task/executor.go
+++ b/internal/task/executor.go
@ -11,8 +11,10 @@ import (

 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/internal/sbomsync"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/event/monitor"
 	"github.com/anchore/syft/syft/file"
+	"github.com/anchore/syft/syft/sbom"
 )

 type Executor struct {
@ -35,6 +37,12 @@ func NewTaskExecutor(tasks []Task, numWorkers int) *Executor {
 }

 func (p *Executor) Execute(ctx context.Context, resolver file.Resolver, s sbomsync.Builder, prog *monitor.CatalogerTaskProgress) error {
+	var lock sync.Mutex
+	withLock := func(fn func()) {
+		lock.Lock()
+		defer lock.Unlock()
+		fn()
+	}
 	var errs error
 	wg := &sync.WaitGroup{}
 	for i := 0; i < p.numWorkers; i++ {
@ -48,9 +56,16 @@ func (p *Executor) Execute(ctx context.Context, resolver file.Resolver, s sbomsy
 					return
 				}

-				if err := runTaskSafely(ctx, tsk, resolver, s); err != nil {
-					errs = multierror.Append(errs, fmt.Errorf("failed to run task: %w", err))
-					prog.SetError(err)
+				err := runTaskSafely(ctx, tsk, resolver, s)
+				unknowns, err := unknown.ExtractCoordinateErrors(err)
+				if len(unknowns) > 0 {
+					appendUnknowns(s, tsk.Name(), unknowns)
+				}
+				if err != nil {
+					withLock(func() {
+						errs = multierror.Append(errs, fmt.Errorf("failed to run task: %w", err))
+						prog.SetError(err)
+					})
 				}
 				prog.Increment()
 			}
@ -62,6 +77,19 @@ func (p *Executor) Execute(ctx context.Context, resolver file.Resolver, s sbomsy
 	return errs
 }

+func appendUnknowns(builder sbomsync.Builder, taskName string, unknowns []unknown.CoordinateError) {
+	if accessor, ok := builder.(sbomsync.Accessor); ok {
+		accessor.WriteToSBOM(func(sb *sbom.SBOM) {
+			for _, u := range unknowns {
+				if sb.Artifacts.Unknowns == nil {
+					sb.Artifacts.Unknowns = map[file.Coordinates][]string{}
+				}
+				sb.Artifacts.Unknowns[u.Coordinates] = append(sb.Artifacts.Unknowns[u.Coordinates], formatUnknown(u.Reason.Error(), taskName))
+			}
+		})
+	}
+}
+
 func runTaskSafely(ctx context.Context, t Task, resolver file.Resolver, s sbomsync.Builder) (err error) {
 	// handle individual cataloger panics
 	defer func() {
--- a/internal/task/file_tasks.go
+++ b/internal/task/file_tasks.go
@ -3,7 +3,6 @@ package task
 import (
 	"context"
 	"crypto"
-	"fmt"

 	"github.com/anchore/syft/internal/sbomsync"
 	"github.com/anchore/syft/syft/artifact"
@ -32,15 +31,12 @@ func NewFileDigestCatalogerTask(selection file.Selection, hashers ...crypto.Hash
 		}

 		result, err := digestsCataloger.Catalog(ctx, resolver, coordinates...)
-		if err != nil {
-			return fmt.Errorf("unable to catalog file digests: %w", err)
-		}

 		accessor.WriteToSBOM(func(sbom *sbom.SBOM) {
 			sbom.Artifacts.FileDigests = result
 		})

-		return nil
+		return err
 	}

 	return NewTask("file-digest-cataloger", fn)
@ -62,15 +58,12 @@ func NewFileMetadataCatalogerTask(selection file.Selection) Task {
 		}

 		result, err := metadataCataloger.Catalog(ctx, resolver, coordinates...)
-		if err != nil {
-			return err
-		}

 		accessor.WriteToSBOM(func(sbom *sbom.SBOM) {
 			sbom.Artifacts.FileMetadata = result
 		})

-		return nil
+		return err
 	}

 	return NewTask("file-metadata-cataloger", fn)
@ -87,15 +80,12 @@ func NewFileContentCatalogerTask(cfg filecontent.Config) Task {
 		accessor := builder.(sbomsync.Accessor)

 		result, err := cat.Catalog(ctx, resolver)
-		if err != nil {
-			return err
-		}

 		accessor.WriteToSBOM(func(sbom *sbom.SBOM) {
 			sbom.Artifacts.FileContents = result
 		})

-		return nil
+		return err
 	}

 	return NewTask("file-content-cataloger", fn)
@ -112,15 +102,12 @@ func NewExecutableCatalogerTask(selection file.Selection, cfg executable.Config)
 		accessor := builder.(sbomsync.Accessor)

 		result, err := cat.Catalog(resolver)
-		if err != nil {
-			return err
-		}

 		accessor.WriteToSBOM(func(sbom *sbom.SBOM) {
 			sbom.Artifacts.Executables = result
 		})

-		return nil
+		return err
 	}

 	return NewTask("file-executable-cataloger", fn)
--- a/internal/task/package_task_factory.go
+++ b/internal/task/package_task_factory.go
@ -103,9 +103,6 @@ func NewPackageTask(cfg CatalogingFactoryConfig, c pkg.Cataloger, tags ...string
 		t := bus.StartCatalogerTask(info, -1, "")

 		pkgs, relationships, err := c.Catalog(ctx, resolver)
-		if err != nil {
-			return fmt.Errorf("unable to catalog packages with %q: %w", catalogerName, err)
-		}

 		log.WithFields("cataloger", catalogerName).Debugf("discovered %d packages", len(pkgs))

@ -120,7 +117,7 @@ func NewPackageTask(cfg CatalogingFactoryConfig, c pkg.Cataloger, tags ...string
 		t.SetCompleted()
 		log.WithFields("name", catalogerName).Trace("package cataloger completed")

-		return nil
+		return err
 	}
 	tags = append(tags, pkgcataloging.PackageTag)

--- a/internal/task/unknowns_tasks.go
+++ b/internal/task/unknowns_tasks.go
@ -0,0 +1,114 @@
+package task
+
+import (
+	"context"
+	"strings"
+
+	"github.com/mholt/archiver/v3"
+
+	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/sbomsync"
+	"github.com/anchore/syft/syft/cataloging"
+	"github.com/anchore/syft/syft/file"
+	"github.com/anchore/syft/syft/pkg"
+	"github.com/anchore/syft/syft/sbom"
+)
+
+const unknownsLabelerTaskName = "unknowns-labeler"
+
+func NewUnknownsLabelerTask(cfg cataloging.UnknownsConfig) Task {
+	return NewTask(unknownsLabelerTaskName, unknownsLabelerTask{cfg}.processUnknowns)
+}
+
+type unknownsLabelerTask struct {
+	cataloging.UnknownsConfig
+}
+
+// processUnknowns removes unknown entries that have valid packages reported for the locations
+func (c unknownsLabelerTask) processUnknowns(_ context.Context, resolver file.Resolver, builder sbomsync.Builder) error {
+	accessor := builder.(sbomsync.Accessor)
+	accessor.WriteToSBOM(func(s *sbom.SBOM) {
+		c.finalize(resolver, s)
+	})
+	return nil
+}
+
+func (c unknownsLabelerTask) finalize(resolver file.Resolver, s *sbom.SBOM) {
+	hasPackageReference := coordinateReferenceLookup(resolver, s)
+
+	if c.RemoveWhenPackagesDefined {
+		for coords := range s.Artifacts.Unknowns {
+			if !hasPackageReference(coords) {
+				continue
+			}
+			delete(s.Artifacts.Unknowns, coords)
+		}
+	}
+
+	if s.Artifacts.Unknowns == nil {
+		s.Artifacts.Unknowns = map[file.Coordinates][]string{}
+	}
+
+	if c.IncludeExecutablesWithoutPackages {
+		for coords := range s.Artifacts.Executables {
+			if !hasPackageReference(coords) {
+				s.Artifacts.Unknowns[coords] = append(s.Artifacts.Unknowns[coords], formatUnknown("no package identified in executable file", unknownsLabelerTaskName))
+			}
+		}
+	}
+
+	if c.IncludeUnexpandedArchives {
+		for coords := range s.Artifacts.FileMetadata {
+			unarchiver, notArchiveErr := archiver.ByExtension(coords.RealPath)
+			if unarchiver != nil && notArchiveErr == nil && !hasPackageReference(coords) {
+				s.Artifacts.Unknowns[coords] = append(s.Artifacts.Unknowns[coords], "archive not cataloged")
+			}
+		}
+	}
+}
+
+func formatUnknown(err string, task ...string) string {
+	return strings.Join(task, "/") + ": " + err
+}
+
+func coordinateReferenceLookup(resolver file.Resolver, s *sbom.SBOM) func(coords file.Coordinates) bool {
+	allPackageCoords := file.NewCoordinateSet()
+
+	// include all directly included locations that result in packages
+	for p := range s.Artifacts.Packages.Enumerate() {
+		allPackageCoords.Add(p.Locations.CoordinateSet().ToSlice()...)
+	}
+
+	// include owned files, for example specified by package managers.
+	// relationships for these owned files may be disabled, but we always want to include them
+	for p := range s.Artifacts.Packages.Enumerate() {
+		if f, ok := p.Metadata.(pkg.FileOwner); ok {
+			for _, ownedFilePath := range f.OwnedFiles() {
+				// resolve these owned files, as they may have symlinks
+				// but coordinates we will test against are always absolute paths
+				locations, err := resolver.FilesByPath(ownedFilePath)
+				if err != nil {
+					log.Debugf("unable to resolve owned file '%s': %v", ownedFilePath, err)
+				}
+				for _, loc := range locations {
+					allPackageCoords.Add(loc.Coordinates)
+				}
+			}
+		}
+	}
+
+	// include relationships
+	for _, r := range s.Relationships {
+		_, fromPkgOk := r.From.(pkg.Package)
+		fromFile, fromFileOk := r.From.(file.Coordinates)
+		_, toPkgOk := r.To.(pkg.Package)
+		toFile, toFileOk := r.To.(file.Coordinates)
+		if fromPkgOk && toFileOk {
+			allPackageCoords.Add(toFile)
+		} else if fromFileOk && toPkgOk {
+			allPackageCoords.Add(fromFile)
+		}
+	}
+
+	return allPackageCoords.Contains
+}
--- a/internal/unknown/coordinate_error.go
+++ b/internal/unknown/coordinate_error.go
@ -0,0 +1,201 @@
+package unknown
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/syft/file"
+)
+
+type hasCoordinates interface {
+	GetCoordinates() file.Coordinates
+}
+
+type CoordinateError struct {
+	Coordinates file.Coordinates
+	Reason      error
+}
+
+var _ error = (*CoordinateError)(nil)
+
+func (u *CoordinateError) Error() string {
+	if u.Coordinates.FileSystemID == "" {
+		return fmt.Sprintf("%s: %v", u.Coordinates.RealPath, u.Reason)
+	}
+	return fmt.Sprintf("%s (%s): %v", u.Coordinates.RealPath, u.Coordinates.FileSystemID, u.Reason)
+}
+
+// New returns a new CoordinateError unless the reason is a CoordinateError itself, in which case
+// reason will be returned directly or if reason is nil, nil will be returned
+func New(coords hasCoordinates, reason error) *CoordinateError {
+	if reason == nil {
+		return nil
+	}
+	coordinates := coords.GetCoordinates()
+	reasonCoordinateError := &CoordinateError{}
+	if errors.As(reason, &reasonCoordinateError) {
+		// if the reason is already a coordinate error, it is potentially for a different location,
+		// so we do not want to surface this location having an error
+		return reasonCoordinateError
+	}
+	return &CoordinateError{
+		Coordinates: coordinates,
+		Reason:      reason,
+	}
+}
+
+// Newf returns a new CoordinateError with a reason of an error created from given format and args
+func Newf(coords hasCoordinates, format string, args ...any) *CoordinateError {
+	return New(coords, fmt.Errorf(format, args...))
+}
+
+// Append returns an error joined to the first error/set of errors, with a new CoordinateError appended to the end
+func Append(errs error, coords hasCoordinates, reason error) error {
+	return Join(errs, New(coords, reason))
+}
+
+// Appendf returns an error joined to the first error/set of errors, with a new CoordinateError appended to the end,
+// created from the given reason and args
+func Appendf(errs error, coords hasCoordinates, format string, args ...any) error {
+	return Append(errs, coords, fmt.Errorf(format, args...))
+}
+
+// Join joins the provided sets of errors together in a flattened manner, taking into account nested errors created
+// from other sources, including errors.Join, multierror.Append, and unknown.Join
+func Join(errs ...error) error {
+	var out []error
+	for _, err := range errs {
+		// append errors, de-duplicated
+		for _, e := range flatten(err) {
+			if containsErr(out, e) {
+				continue
+			}
+			out = append(out, e)
+		}
+	}
+	if len(out) == 1 {
+		return out[0]
+	}
+	if len(out) == 0 {
+		return nil
+	}
+	return errors.Join(out...)
+}
+
+// Joinf joins the provided sets of errors together in a flattened manner, taking into account nested errors created
+// from other sources, including errors.Join, multierror.Append, and unknown.Join and appending a new error,
+// created from the format and args provided -- the error is NOT a CoordinateError
+func Joinf(errs error, format string, args ...any) error {
+	return Join(errs, fmt.Errorf(format, args...))
+}
+
+// IfEmptyf returns a new Errorf-formatted error, only when the provided slice is empty or nil when
+// the slice has entries
+func IfEmptyf[T any](emptyTest []T, format string, args ...any) error {
+	if len(emptyTest) == 0 {
+		return fmt.Errorf(format, args...)
+	}
+	return nil
+}
+
+// ExtractCoordinateErrors extracts all coordinate errors returned, and any _additional_ errors in the graph
+// are encapsulated in the second, error return parameter
+func ExtractCoordinateErrors(err error) (coordinateErrors []CoordinateError, remainingErrors error) {
+	remainingErrors = visitErrors(err, func(e error) error {
+		if coordinateError, _ := e.(*CoordinateError); coordinateError != nil {
+			coordinateErrors = append(coordinateErrors, *coordinateError)
+			return nil
+		}
+		return e
+	})
+	return coordinateErrors, remainingErrors
+}
+
+func flatten(errs ...error) []error {
+	var out []error
+	for _, err := range errs {
+		if err == nil {
+			continue
+		}
+		// turn all errors nested under a coordinate error to individual coordinate errors
+		if e, ok := err.(*CoordinateError); ok {
+			if e == nil {
+				continue
+			}
+			for _, r := range flatten(e.Reason) {
+				out = append(out, New(e.Coordinates, r))
+			}
+		} else
+		// from multierror.Append
+		if e, ok := err.(interface{ WrappedErrors() []error }); ok {
+			if e == nil {
+				continue
+			}
+			out = append(out, flatten(e.WrappedErrors()...)...)
+		} else
+		// from errors.Join
+		if e, ok := err.(interface{ Unwrap() []error }); ok {
+			if e == nil {
+				continue
+			}
+			out = append(out, flatten(e.Unwrap()...)...)
+		} else {
+			out = append(out, err)
+		}
+	}
+	return out
+}
+
+// containsErr returns true if a duplicate error is found
+func containsErr(out []error, err error) bool {
+	defer func() {
+		if err := recover(); err != nil {
+			log.Tracef("error comparing errors: %v", err)
+		}
+	}()
+	for _, e := range out {
+		if e == err {
+			return true
+		}
+	}
+	return false
+}
+
+// visitErrors visits every wrapped error. the returned error replaces the provided error, null errors are omitted from
+// the object graph
+func visitErrors(err error, fn func(error) error) error {
+	// unwrap errors from errors.Join
+	if errs, ok := err.(interface{ Unwrap() []error }); ok {
+		var out []error
+		for _, e := range errs.Unwrap() {
+			out = append(out, visitErrors(e, fn))
+		}
+		// errors.Join omits nil errors and will return nil if all passed errors are nil
+		return errors.Join(out...)
+	}
+	// unwrap errors from multierror.Append -- these also implement Unwrap() error, so check this first
+	if errs, ok := err.(interface{ WrappedErrors() []error }); ok {
+		var out []error
+		for _, e := range errs.WrappedErrors() {
+			out = append(out, visitErrors(e, fn))
+		}
+		// errors.Join omits nil errors and will return nil if all passed errors are nil
+		return errors.Join(out...)
+	}
+	// unwrap singly wrapped errors
+	if e, ok := err.(interface{ Unwrap() error }); ok {
+		wrapped := e.Unwrap()
+		got := visitErrors(wrapped, fn)
+		if got == nil {
+			return nil
+		}
+		if wrapped.Error() != got.Error() {
+			prefix := strings.TrimSuffix(err.Error(), wrapped.Error())
+			return fmt.Errorf("%s%w", prefix, got)
+		}
+		return err
+	}
+	return fn(err)
+}
--- a/internal/unknown/coordinate_error_test.go
+++ b/internal/unknown/coordinate_error_test.go
@ -0,0 +1,236 @@
+package unknown
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/anchore/syft/syft/file"
+)
+
+func Test_visitErrors(t *testing.T) {
+	tests := []struct {
+		name      string
+		in        error
+		transform func(error) error
+		expected  string
+	}{
+		{
+			name: "return",
+			in:   fmt.Errorf("err1"),
+			transform: func(e error) error {
+				return e
+			},
+			expected: "err1",
+		},
+		{
+			name: "omit",
+			in:   fmt.Errorf("err1"),
+			transform: func(_ error) error {
+				return nil
+			},
+			expected: "<nil>",
+		},
+		{
+			name: "wrapped return",
+			in:   fmt.Errorf("wrapped: %w", fmt.Errorf("err1")),
+			transform: func(e error) error {
+				return e
+			},
+			expected: "wrapped: err1",
+		},
+		{
+			name: "wrapped omit",
+			in:   fmt.Errorf("wrapped: %w", fmt.Errorf("err1")),
+			transform: func(e error) error {
+				if e.Error() == "err1" {
+					return nil
+				}
+				return e
+			},
+			expected: "<nil>",
+		},
+		{
+			name: "joined return",
+			in:   errors.Join(fmt.Errorf("err1"), fmt.Errorf("err2")),
+			transform: func(e error) error {
+				return e
+			},
+			expected: "err1\nerr2",
+		},
+		{
+			name: "joined omit",
+			in:   errors.Join(fmt.Errorf("err1"), fmt.Errorf("err2")),
+			transform: func(_ error) error {
+				return nil
+			},
+			expected: "<nil>",
+		},
+		{
+			name: "joined omit first",
+			in:   errors.Join(fmt.Errorf("err1"), fmt.Errorf("err2")),
+			transform: func(e error) error {
+				if e.Error() == "err1" {
+					return nil
+				}
+				return e
+			},
+			expected: "err2",
+		},
+		{
+			name: "joined wrapped return",
+			in:   errors.Join(fmt.Errorf("wrapped: %w", fmt.Errorf("err1")), fmt.Errorf("err2")),
+			transform: func(e error) error {
+				return e
+			},
+			expected: "wrapped: err1\nerr2",
+		},
+		{
+			name: "joined wrapped omit first",
+			in:   errors.Join(fmt.Errorf("wrapped: %w", fmt.Errorf("err1")), fmt.Errorf("err2")),
+			transform: func(e error) error {
+				if e.Error() == "err1" {
+					return nil
+				}
+				return e
+			},
+			expected: "err2",
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			gotErr := visitErrors(test.in, test.transform)
+			got := fmt.Sprintf("%v", gotErr)
+			require.Equal(t, test.expected, got)
+		})
+	}
+}
+
+func Test_Join(t *testing.T) {
+	err1 := fmt.Errorf("err1")
+	err2 := fmt.Errorf("err2")
+
+	tests := []struct {
+		name     string ``
+		in       []error
+		expected string
+	}{
+		{
+			name:     "basic",
+			in:       []error{fmt.Errorf("err")},
+			expected: "err",
+		},
+		{
+			name:     "wrapped",
+			in:       []error{fmt.Errorf("outer: %w", fmt.Errorf("err"))},
+			expected: "outer: err",
+		},
+		{
+			name:     "wrapped joined",
+			in:       []error{errors.Join(fmt.Errorf("outer: %w", fmt.Errorf("err1")), fmt.Errorf("err2"))},
+			expected: "outer: err1\nerr2",
+		},
+		{
+			name:     "duplicates",
+			in:       []error{err1, err1, err2},
+			expected: "err1\nerr2",
+		},
+		{
+			name:     "nested duplicates",
+			in:       []error{errors.Join(err1, err2), err1, err2},
+			expected: "err1\nerr2",
+		},
+		{
+			name:     "nested duplicates coords",
+			in:       []error{New(file.NewLocation("l1"), errors.Join(fmt.Errorf("err1"), fmt.Errorf("err2"))), fmt.Errorf("err1"), fmt.Errorf("err2")},
+			expected: "l1: err1\nl1: err2\nerr1\nerr2",
+		},
+		{
+			name:     "all nil",
+			in:       []error{nil, nil, nil},
+			expected: "",
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			got := Join(test.in...)
+			if test.expected == "" {
+				require.Nil(t, got)
+				return
+			}
+			require.NotNil(t, got)
+			require.Equal(t, test.expected, got.Error())
+		})
+	}
+}
+
+func Test_flatten(t *testing.T) {
+	coords := file.Coordinates{
+		RealPath: "real/path",
+	}
+	e1 := fmt.Errorf("e1")
+	e2 := fmt.Errorf("e2")
+	c1 := New(coords, fmt.Errorf("c1"))
+	c2 := New(coords, fmt.Errorf("c2"))
+	tests := []struct {
+		name     string ``
+		in       error
+		expected string
+	}{
+		{
+			name:     "basic",
+			in:       errors.Join(e1, e2),
+			expected: "e1//e2",
+		},
+		{
+			name:     "coords",
+			in:       New(coords, e1),
+			expected: "real/path: e1",
+		},
+		{
+			name:     "coords with joined children",
+			in:       New(coords, errors.Join(e1, e2)),
+			expected: "real/path: e1//real/path: e2",
+		},
+		{
+			name:     "very nested",
+			in:       errors.Join(errors.Join(errors.Join(errors.Join(e1, c1), e2), c2), e2),
+			expected: "e1//real/path: c1//e2//real/path: c2//e2",
+		},
+	}
+	toString := func(errs ...error) string {
+		var parts []string
+		for _, e := range errs {
+			parts = append(parts, e.Error())
+		}
+		return strings.Join(parts, "//")
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			got := flatten(test.in)
+			require.NotNil(t, got)
+			require.Equal(t, test.expected, toString(got...))
+		})
+	}
+}
+
+func Test_Append(t *testing.T) {
+	e1 := New(file.NewLocation("l1"), fmt.Errorf("e1"))
+	e2 := Append(e1, file.NewLocation("l2"), fmt.Errorf("e2"))
+	e3 := Appendf(e2, file.NewLocation("l3"), "%s", "e3")
+	require.Equal(t, "l1: e1\nl2: e2\nl3: e3", e3.Error())
+
+	e1 = New(file.NewLocation("l1"), nil)
+	require.Nil(t, e1)
+	e2 = Append(e1, file.NewLocation("l2"), fmt.Errorf("e2"))
+	e3 = Appendf(e2, file.NewLocation("l3"), "%s", "e3")
+	require.Equal(t, "l2: e2\nl3: e3", e3.Error())
+
+	e1 = New(file.NewLocation("l1"), fmt.Errorf("e1"))
+	e2 = Append(e1, file.NewLocation("l2"), nil)
+	e3 = Appendf(e2, file.NewLocation("l3"), "%s", "e3")
+	require.Equal(t, "l1: e1\nl3: e3", e3.Error())
+}
--- a/schema/json/schema-16.0.18.json
+++ b/schema/json/schema-16.0.18.json
--- a/schema/json/schema-latest.json
+++ b/schema/json/schema-latest.json
@ -1,6 +1,6 @@
 {
  "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "$id": "anchore.io/schema/syft/json/16.0.17/document",
+  "$id": "anchore.io/schema/syft/json/16.0.18/document",
  "$ref": "#/$defs/Document",
  "$defs": {
    "AlpmDbEntry": {
@ -777,6 +777,12 @@
        },
        "executable": {
          "$ref": "#/$defs/Executable"
+        },
+        "unknowns": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
        }
      },
      "type": "object",
--- a/syft/cataloging/unknowns.go
+++ b/syft/cataloging/unknowns.go
@ -0,0 +1,15 @@
+package cataloging
+
+type UnknownsConfig struct {
+	RemoveWhenPackagesDefined         bool
+	IncludeExecutablesWithoutPackages bool
+	IncludeUnexpandedArchives         bool
+}
+
+func DefaultUnknownsConfig() UnknownsConfig {
+	return UnknownsConfig{
+		RemoveWhenPackagesDefined:         true,
+		IncludeExecutablesWithoutPackages: true,
+		IncludeUnexpandedArchives:         true,
+	}
+}
--- a/syft/create_sbom_config.go
+++ b/syft/create_sbom_config.go
@ -22,6 +22,7 @@ type CreateSBOMConfig struct {
 	Compliance         cataloging.ComplianceConfig
 	Search             cataloging.SearchConfig
 	Relationships      cataloging.RelationshipsConfig
+	Unknowns           cataloging.UnknownsConfig
 	DataGeneration     cataloging.DataGenerationConfig
 	Packages           pkgcataloging.Config
 	Files              filecataloging.Config
@ -113,6 +114,12 @@ func (c *CreateSBOMConfig) WithRelationshipsConfig(cfg cataloging.RelationshipsC
 	return c
 }

+// WithUnknownsConfig allows for defining the specific behavior dealing with unknowns
+func (c *CreateSBOMConfig) WithUnknownsConfig(cfg cataloging.UnknownsConfig) *CreateSBOMConfig {
+	c.Unknowns = cfg
+	return c
+}
+
 // WithDataGenerationConfig allows for defining what data elements that cannot be discovered from the underlying
 // target being scanned that should be generated after package creation.
 func (c *CreateSBOMConfig) WithDataGenerationConfig(cfg cataloging.DataGenerationConfig) *CreateSBOMConfig {
@ -173,6 +180,7 @@ func (c *CreateSBOMConfig) makeTaskGroups(src source.Description) ([][]task.Task
 	// generate package and file tasks based on the configuration
 	environmentTasks := c.environmentTasks()
 	relationshipsTasks := c.relationshipTasks(src)
+	unknownTasks := c.unknownsTasks()
 	fileTasks := c.fileTasks()
 	pkgTasks, selectionEvidence, err := c.packageTasks(src)
 	if err != nil {
@ -192,6 +200,11 @@ func (c *CreateSBOMConfig) makeTaskGroups(src source.Description) ([][]task.Task
 		taskGroups = append(taskGroups, relationshipsTasks)
 	}

+	// all unknowns tasks should happen after all scanning is complete
+	if len(unknownTasks) > 0 {
+		taskGroups = append(taskGroups, unknownTasks)
+	}
+
 	// identifying the environment (i.e. the linux release) must be done first as this is required for package cataloging
 	taskGroups = append(
 		[][]task.Task{
@ -338,6 +351,18 @@ func (c *CreateSBOMConfig) environmentTasks() []task.Task {
 	return tsks
 }

+// unknownsTasks returns a set of tasks that perform any necessary post-processing
+// to identify SBOM elements as unknowns
+func (c *CreateSBOMConfig) unknownsTasks() []task.Task {
+	var tasks []task.Task
+
+	if t := task.NewUnknownsLabelerTask(c.Unknowns); t != nil {
+		tasks = append(tasks, t)
+	}
+
+	return tasks
+}
+
 func (c *CreateSBOMConfig) validate() error {
 	if c.Relationships.ExcludeBinaryPackagesWithFileOwnershipOverlap {
 		if !c.Relationships.PackageFileOwnershipOverlap {
--- a/syft/create_sbom_config_test.go
+++ b/syft/create_sbom_config_test.go
@ -90,6 +90,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "image"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -108,6 +109,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "directory"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -127,6 +129,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "directory"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -145,6 +148,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "image"),
 				fileCatalogerNames(false, true, true), // note: the digest cataloger is not included
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -163,6 +167,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "image"),
 				// note: there are no file catalogers in their own group
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -184,6 +189,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 					fileCatalogerNames(true, true, true)...,
 				),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -204,6 +210,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				addTo(pkgCatalogerNamesWithTagOrName(t, "image"), "persistent"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -224,6 +231,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				addTo(pkgCatalogerNamesWithTagOrName(t, "directory"), "persistent"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -244,6 +252,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				addTo(pkgIntersect("image", "javascript"), "persistent"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -265,6 +274,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				addTo(pkgCatalogerNamesWithTagOrName(t, "image"), "user-provided"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -285,6 +295,7 @@ func TestCreateSBOMConfig_makeTaskGroups(t *testing.T) {
 				pkgCatalogerNamesWithTagOrName(t, "image"),
 				fileCatalogerNames(true, true, true),
 				relationshipCatalogerNames(),
+				unknownsTaskNames(),
 			},
 			wantManifest: &catalogerManifest{
 				Requested: pkgcataloging.SelectionRequest{
@ -385,6 +396,10 @@ func relationshipCatalogerNames() []string {
 	return []string{"relationships-cataloger"}
 }

+func unknownsTaskNames() []string {
+	return []string{"unknowns-labeler"}
+}
+
 func environmentCatalogerNames() []string {
 	return []string{"environment-cataloger"}
 }
--- a/syft/file/cataloger/executable/cataloger.go
+++ b/syft/file/cataloger/executable/cataloger.go
@ -15,6 +15,7 @@ import (
 	"github.com/anchore/syft/internal/bus"
 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/internal/mimetype"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/event/monitor"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/internal/unionreader"
@ -45,6 +46,8 @@ func NewCataloger(cfg Config) *Cataloger {
 }

 func (i *Cataloger) Catalog(resolver file.Resolver) (map[file.Coordinates]file.Executable, error) {
+	var errs error
+
 	locs, err := resolver.FilesByMIMEType(i.config.MIMETypes...)
 	if err != nil {
 		return nil, fmt.Errorf("unable to get file locations for binaries: %w", err)
@ -61,7 +64,10 @@ func (i *Cataloger) Catalog(resolver file.Resolver) (map[file.Coordinates]file.E
 	for _, loc := range locs {
 		prog.AtomicStage.Set(loc.Path())

-		exec := processExecutableLocation(loc, resolver)
+		exec, err := processExecutableLocation(loc, resolver)
+		if err != nil {
+			errs = unknown.Append(errs, loc, err)
+		}

 		if exec != nil {
 			prog.Increment()
@ -74,30 +80,24 @@ func (i *Cataloger) Catalog(resolver file.Resolver) (map[file.Coordinates]file.E
 	prog.AtomicStage.Set(fmt.Sprintf("%s executables", humanize.Comma(prog.Current())))
 	prog.SetCompleted()

-	return results, nil
+	return results, errs
 }

-func processExecutableLocation(loc file.Location, resolver file.Resolver) *file.Executable {
+func processExecutableLocation(loc file.Location, resolver file.Resolver) (*file.Executable, error) {
 	reader, err := resolver.FileContentsByLocation(loc)
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Warnf("unable to get file contents for %q", loc.RealPath)
-		return nil
+		return nil, fmt.Errorf("unable to get file contents: %w", err)
 	}
 	defer internal.CloseAndLogError(reader, loc.RealPath)

 	uReader, err := unionreader.GetUnionReader(reader)
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Warnf("unable to get union reader for %q", loc.RealPath)
-		return nil
+		return nil, fmt.Errorf("unable to get union reader: %w", err)
 	}

-	exec, err := processExecutable(loc, uReader)
-	if err != nil {
-		log.WithFields("error", err).Warnf("unable to process executable %q", loc.RealPath)
-	}
-	return exec
+	return processExecutable(loc, uReader)
 }

 func catalogingProgress(locations int64) *monitor.CatalogerTaskProgress {
@ -153,10 +153,12 @@ func processExecutable(loc file.Location, reader unionreader.UnionReader) (*file

 	format, err := findExecutableFormat(reader)
 	if err != nil {
+		log.Debugf("unable to determine executable kind for %v: %v", loc.RealPath, err)
 		return nil, fmt.Errorf("unable to determine executable kind: %w", err)
 	}

 	if format == "" {
+		// this is not an "unknown", so just log -- this binary does not have parseable data in it
 		log.Debugf("unable to determine executable format for %q", loc.RealPath)
 		return nil, nil
 	}
@ -165,16 +167,19 @@ func processExecutable(loc file.Location, reader unionreader.UnionReader) (*file

 	switch format {
 	case file.ELF:
-		if err := findELFFeatures(&data, reader); err != nil {
+		if err = findELFFeatures(&data, reader); err != nil {
 			log.WithFields("error", err).Tracef("unable to determine ELF features for %q", loc.RealPath)
+			err = fmt.Errorf("unable to determine ELF features: %w", err)
 		}
 	case file.PE:
-		if err := findPEFeatures(&data, reader); err != nil {
+		if err = findPEFeatures(&data, reader); err != nil {
 			log.WithFields("error", err).Tracef("unable to determine PE features for %q", loc.RealPath)
+			err = fmt.Errorf("unable to determine PE features: %w", err)
 		}
 	case file.MachO:
-		if err := findMachoFeatures(&data, reader); err != nil {
+		if err = findMachoFeatures(&data, reader); err != nil {
 			log.WithFields("error", err).Tracef("unable to determine Macho features for %q", loc.RealPath)
+			err = fmt.Errorf("unable to determine Macho features: %w", err)
 		}
 	}

@ -183,7 +188,7 @@ func processExecutable(loc file.Location, reader unionreader.UnionReader) (*file
 		data.ImportedLibraries = []string{}
 	}

-	return &data, nil
+	return &data, err
 }

 func findExecutableFormat(reader unionreader.UnionReader) (file.ExecutableFormat, error) {
--- a/syft/file/cataloger/executable/elf.go
+++ b/syft/file/cataloger/executable/elf.go
@ -8,6 +8,7 @@ import (
 	"github.com/scylladb/go-set/strset"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/internal/unionreader"
 )
@ -20,8 +21,8 @@ func findELFFeatures(data *file.Executable, reader unionreader.UnionReader) erro

 	libs, err := f.ImportedLibraries()
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read imported libraries from elf file")
+		err = unknown.Joinf(err, "unable to read imported libraries from elf file: %w", err)
 		libs = nil
 	}

@ -34,7 +35,7 @@ func findELFFeatures(data *file.Executable, reader unionreader.UnionReader) erro
 	data.HasEntrypoint = elfHasEntrypoint(f)
 	data.HasExports = elfHasExports(f)

-	return nil
+	return err
 }

 func findELFSecurityFeatures(f *elf.File) *file.ELFSecurityFeatures {
@ -62,7 +63,6 @@ func checkElfStackCanary(file *elf.File) *bool {
 func hasAnyDynamicSymbols(file *elf.File, symbolNames ...string) *bool {
 	dynSyms, err := file.DynamicSymbols()
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read dynamic symbols from elf file")
 		return nil
 	}
@ -129,7 +129,6 @@ func hasBindNowDynTagOrFlag(f *elf.File) bool {
 func hasElfDynFlag(f *elf.File, flag elf.DynFlag) bool {
 	vals, err := f.DynValue(elf.DT_FLAGS)
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read DT_FLAGS from elf file")
 		return false
 	}
@ -144,7 +143,6 @@ func hasElfDynFlag(f *elf.File, flag elf.DynFlag) bool {
 func hasElfDynFlag1(f *elf.File, flag elf.DynFlag1) bool {
 	vals, err := f.DynValue(elf.DT_FLAGS_1)
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read DT_FLAGS_1 from elf file")
 		return false
 	}
@ -203,7 +201,6 @@ func checkLLVMControlFlowIntegrity(file *elf.File) *bool {
 	// look for any symbols that are functions and end with ".cfi"
 	dynSyms, err := file.Symbols()
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read symbols from elf file")
 		return nil
 	}
@ -225,7 +222,6 @@ var fortifyPattern = regexp.MustCompile(`__\w+_chk@.+`)
 func checkClangFortifySource(file *elf.File) *bool {
 	dynSyms, err := file.Symbols()
 	if err != nil {
-		// TODO: known-unknowns
 		log.WithFields("error", err).Trace("unable to read symbols from elf file")
 		return nil
 	}
@ -254,7 +250,7 @@ func elfHasExports(f *elf.File) bool {
 	// really anything that is not marked with 'U' (undefined) is considered an export.
 	symbols, err := f.DynamicSymbols()
 	if err != nil {
-		// TODO: known-unknowns?
+		log.WithFields("error", err).Trace("unable to get ELF dynamic symbols")
 		return false
 	}

--- a/syft/file/cataloger/executable/elf_test.go
+++ b/syft/file/cataloger/executable/elf_test.go
@ -27,6 +27,7 @@ func Test_findELFSecurityFeatures(t *testing.T) {
 		name         string
 		fixture      string
 		want         *file.ELFSecurityFeatures
+		wantErr      require.ErrorAssertionFunc
 		wantStripped bool
 	}{
 		{
@ -221,6 +222,7 @@ func Test_elfHasExports(t *testing.T) {
 			f, err := elf.NewFile(readerForFixture(t, tt.fixture))
 			require.NoError(t, err)
 			assert.Equal(t, tt.want, elfHasExports(f))
+			require.NoError(t, err)
 		})
 	}
 }
--- a/syft/file/cataloger/filecontent/cataloger.go
+++ b/syft/file/cataloger/filecontent/cataloger.go
@ -13,6 +13,7 @@ import (
 	"github.com/anchore/syft/internal/bus"
 	intFile "github.com/anchore/syft/internal/file"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/event/monitor"
 	"github.com/anchore/syft/syft/file"
 )
@ -46,6 +47,7 @@ func NewCataloger(cfg Config) *Cataloger {
 func (i *Cataloger) Catalog(_ context.Context, resolver file.Resolver) (map[file.Coordinates]string, error) {
 	results := make(map[file.Coordinates]string)
 	var locations []file.Location
+	var errs error

 	locations, err := resolver.FilesByGlob(i.globs...)
 	if err != nil {
@ -59,8 +61,9 @@ func (i *Cataloger) Catalog(_ context.Context, resolver file.Resolver) (map[file

 		metadata, err := resolver.FileMetadataByLocation(location)
 		if err != nil {
+			errs = unknown.Append(errs, location, err)
 			prog.SetError(err)
-			return nil, err
+			continue
 		}

 		if i.skipFilesAboveSizeInBytes > 0 && metadata.Size() > i.skipFilesAboveSizeInBytes {
@ -69,12 +72,12 @@ func (i *Cataloger) Catalog(_ context.Context, resolver file.Resolver) (map[file

 		result, err := i.catalogLocation(resolver, location)
 		if internal.IsErrPathPermission(err) {
-			log.Debugf("file contents cataloger skipping - %+v", err)
+			errs = unknown.Append(errs, location, fmt.Errorf("permission error reading file contents: %w", err))
 			continue
 		}
 		if err != nil {
-			prog.SetError(err)
-			return nil, err
+			errs = unknown.Append(errs, location, err)
+			continue
 		}

 		prog.Increment()
@ -87,7 +90,7 @@ func (i *Cataloger) Catalog(_ context.Context, resolver file.Resolver) (map[file
 	prog.AtomicStage.Set(fmt.Sprintf("%s files", humanize.Comma(prog.Current())))
 	prog.SetCompleted()

-	return results, nil
+	return results, errs
 }

 func (i *Cataloger) catalogLocation(resolver file.Resolver, location file.Location) (string, error) {
--- a/syft/file/cataloger/filedigest/cataloger.go
+++ b/syft/file/cataloger/filedigest/cataloger.go
@ -13,6 +13,7 @@ import (
 	"github.com/anchore/syft/internal/bus"
 	intFile "github.com/anchore/syft/internal/file"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/event/monitor"
 	"github.com/anchore/syft/syft/file"
 	intCataloger "github.com/anchore/syft/syft/file/cataloger/internal"
@ -33,6 +34,7 @@ func NewCataloger(hashes []crypto.Hash) *Cataloger {
 func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordinates ...file.Coordinates) (map[file.Coordinates][]file.Digest, error) {
 	results := make(map[file.Coordinates][]file.Digest)
 	var locations []file.Location
+	var errs error

 	if len(coordinates) == 0 {
 		locations = intCataloger.AllRegularFiles(ctx, resolver)
@ -58,12 +60,14 @@ func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordin

 		if internal.IsErrPathPermission(err) {
 			log.Debugf("file digests cataloger skipping %q: %+v", location.RealPath, err)
+			errs = unknown.Append(errs, location, err)
 			continue
 		}

 		if err != nil {
 			prog.SetError(err)
-			return nil, fmt.Errorf("failed to process file %q: %w", location.RealPath, err)
+			errs = unknown.Append(errs, location, err)
+			continue
 		}

 		prog.Increment()
@ -76,7 +80,7 @@ func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordin
 	prog.AtomicStage.Set(fmt.Sprintf("%s files", humanize.Comma(prog.Current())))
 	prog.SetCompleted()

-	return results, nil
+	return results, errs
 }

 func (i *Cataloger) catalogLocation(resolver file.Resolver, location file.Location) ([]file.Digest, error) {
--- a/syft/file/cataloger/filemetadata/cataloger.go
+++ b/syft/file/cataloger/filemetadata/cataloger.go
@ -8,6 +8,7 @@ import (

 	"github.com/anchore/syft/internal/bus"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/event/monitor"
 	"github.com/anchore/syft/syft/file"
 )
@ -20,6 +21,7 @@ func NewCataloger() *Cataloger {
 }

 func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordinates ...file.Coordinates) (map[file.Coordinates]file.Metadata, error) {
+	var errs error
 	results := make(map[file.Coordinates]file.Metadata)
 	var locations <-chan file.Location
 	ctx, cancel := context.WithCancel(ctx)
@ -34,7 +36,7 @@ func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordin
 				for _, c := range coordinates {
 					locs, err := resolver.FilesByPath(c.RealPath)
 					if err != nil {
-						log.Warn("unable to get file locations for path %q: %w", c.RealPath, err)
+						errs = unknown.Append(errs, c, err)
 						continue
 					}
 					for _, loc := range locs {
@ -71,7 +73,7 @@ func (i *Cataloger) Catalog(ctx context.Context, resolver file.Resolver, coordin
 	prog.AtomicStage.Set(fmt.Sprintf("%s locations", humanize.Comma(prog.Current())))
 	prog.SetCompleted()

-	return results, nil
+	return results, errs
 }

 func catalogingProgress(locations int64) *monitor.CatalogerTaskProgress {
--- a/syft/file/coordinates.go
+++ b/syft/file/coordinates.go
@ -39,3 +39,7 @@ func (c Coordinates) String() string {
 	}
 	return fmt.Sprintf("Location<%s>", str)
 }
+
+func (c Coordinates) GetCoordinates() Coordinates {
+	return c
+}
--- a/syft/format/syftjson/decoder_test.go
+++ b/syft/format/syftjson/decoder_test.go
@ -221,6 +221,7 @@ func Test_encodeDecodeFileMetadata(t *testing.T) {
 					},
 				},
 			},
+			Unknowns: map[file.Coordinates][]string{},
 			Executables: map[file.Coordinates]file.Executable{
 				c: {
 					Format: file.ELF,
--- a/syft/format/syftjson/model/file.go
+++ b/syft/format/syftjson/model/file.go
@ -13,6 +13,7 @@ type File struct {
 	Digests    []file.Digest      `json:"digests,omitempty"`
 	Licenses   []FileLicense      `json:"licenses,omitempty"`
 	Executable *file.Executable   `json:"executable,omitempty"`
+	Unknowns   []string           `json:"unknowns,omitempty"`
 }

 type FileMetadataEntry struct {
--- a/syft/format/syftjson/to_format_model.go
+++ b/syft/format/syftjson/to_format_model.go
@ -101,6 +101,11 @@ func toFile(s sbom.SBOM) []model.File {
 			contents = contentsForLocation
 		}

+		var unknowns []string
+		if unknownsForLocation, exists := artifacts.Unknowns[coordinates]; exists {
+			unknowns = unknownsForLocation
+		}
+
 		var licenses []model.FileLicense
 		for _, l := range artifacts.FileLicenses[coordinates] {
 			var evidence *model.FileLicenseEvidence
@ -132,6 +137,7 @@ func toFile(s sbom.SBOM) []model.File {
 			Contents:   contents,
 			Licenses:   licenses,
 			Executable: executable,
+			Unknowns:   unknowns,
 		})
 	}

--- a/syft/format/syftjson/to_syft_model.go
+++ b/syft/format/syftjson/to_syft_model.go
@ -38,6 +38,7 @@ func toSyftModel(doc model.Document) *sbom.SBOM {
 			FileContents:      fileArtifacts.FileContents,
 			FileLicenses:      fileArtifacts.FileLicenses,
 			Executables:       fileArtifacts.Executables,
+			Unknowns:          fileArtifacts.Unknowns,
 			LinuxDistribution: toSyftLinuxRelease(doc.Distro),
 		},
 		Source:        *toSyftSourceData(doc.Source),
@ -66,6 +67,7 @@ func deduplicateErrors(errors []error) []string {
 	return errorMessages
 }

+//nolint:funlen
 func toSyftFiles(files []model.File) sbom.Artifacts {
 	ret := sbom.Artifacts{
 		FileMetadata: make(map[file.Coordinates]file.Metadata),
@ -73,6 +75,7 @@ func toSyftFiles(files []model.File) sbom.Artifacts {
 		FileContents: make(map[file.Coordinates]string),
 		FileLicenses: make(map[file.Coordinates][]file.License),
 		Executables:  make(map[file.Coordinates]file.Executable),
+		Unknowns:     make(map[file.Coordinates][]string),
 	}

 	for _, f := range files {
@ -130,6 +133,10 @@ func toSyftFiles(files []model.File) sbom.Artifacts {
 		if f.Executable != nil {
 			ret.Executables[coord] = *f.Executable
 		}
+
+		if len(f.Unknowns) > 0 {
+			ret.Unknowns[coord] = f.Unknowns
+		}
 	}

 	return ret
--- a/syft/format/syftjson/to_syft_model_test.go
+++ b/syft/format/syftjson/to_syft_model_test.go
@ -234,6 +234,7 @@ func Test_toSyftFiles(t *testing.T) {
 				FileMetadata: map[file.Coordinates]file.Metadata{},
 				FileDigests:  map[file.Coordinates][]file.Digest{},
 				Executables:  map[file.Coordinates]file.Executable{},
+				Unknowns:     make(map[file.Coordinates][]string),
 			},
 		},
 		{
@ -349,6 +350,7 @@ func Test_toSyftFiles(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			tt.want.FileContents = make(map[file.Coordinates]string)
 			tt.want.FileLicenses = make(map[file.Coordinates][]file.License)
+			tt.want.Unknowns = make(map[file.Coordinates][]string)
 			assert.Equal(t, tt.want, toSyftFiles(tt.files))
 		})
 	}
--- a/syft/pkg/cataloger/alpine/cataloger_test.go
+++ b/syft/pkg/cataloger/alpine/cataloger_test.go
@ -190,6 +190,14 @@ func TestApkDBCataloger(t *testing.T) {

 }

+func Test_corruptDb(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromDirectory(t, "test-fixtures/corrupt").
+		WithCompareOptions(cmpopts.IgnoreFields(pkg.ApkDBEntry{}, "Files", "GitCommit", "Checksum")).
+		WithError().
+		TestCataloger(t, NewDBCataloger())
+}
+
 func TestCatalogerDependencyTree(t *testing.T) {
 	assertion := func(t *testing.T, pkgs []pkg.Package, relationships []artifact.Relationship) {
 		expected := map[string][]string{
--- a/syft/pkg/cataloger/alpine/parse_apk_db.go
+++ b/syft/pkg/cataloger/alpine/parse_apk_db.go
@ -12,6 +12,7 @@ import (

 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/linux"
@ -38,6 +39,7 @@ type parsedData struct {
 func parseApkDB(_ context.Context, resolver file.Resolver, env *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
 	scanner := bufio.NewScanner(reader)

+	var errs error
 	var apks []parsedData
 	var currentEntry parsedData
 	entryParsingInProgress := false
@ -81,10 +83,12 @@ func parseApkDB(_ context.Context, resolver file.Resolver, env *generic.Environm
 		field := parseApkField(line)
 		if field == nil {
 			log.Warnf("unable to parse field data from line %q", line)
+			errs = unknown.Appendf(errs, reader, "unable to parse field data from line %q", line)
 			continue
 		}
 		if len(field.name) == 0 {
 			log.Warnf("failed to parse field name from line %q", line)
+			errs = unknown.Appendf(errs, reader, "failed to parse field name from line %q", line)
 			continue
 		}
 		if len(field.value) == 0 {
@ -131,7 +135,7 @@ func parseApkDB(_ context.Context, resolver file.Resolver, env *generic.Environm
 		pkgs = append(pkgs, newPackage(apk, r, reader.Location))
 	}

-	return pkgs, nil, nil
+	return pkgs, nil, errs
 }

 func findReleases(resolver file.Resolver, dbPath string) []linux.Release {
--- a/syft/pkg/cataloger/alpine/test-fixtures/corrupt/lib/apk/db/installed
+++ b/syft/pkg/cataloger/alpine/test-fixtures/corrupt/lib/apk/db/installed
@ -0,0 +1,43 @@
+this is a corrupt db
+
+C:Q1v4QhLje3kWlC8DJj+ZfJTjlJRSU=
+P:alpine-baselayout-data
+V:3.2.0-r22
+A:x86_64
+S:11435
+I:73728
+o:alpine-baselayout
+t:1655134784
+c:cb70ca5c6d6db0399d2dd09189c5d57827bce5cd
+r:alpine-baselayout
+F:etc
+R:fstab
+Z:Q11Q7hNe8QpDS531guqCdrXBzoA/o=
+R:group
+Z:Q13K+olJg5ayzHSVNUkggZJXuB+9Y=
+R:hostname
+Z:Q16nVwYVXP/tChvUPdukVD2ifXOmc=
+R:hosts
+Z:Q1BD6zJKZTRWyqGnPi4tSfd3krsMU=
+R:inittab
+Z:Q1TsthbhW7QzWRe1E/NKwTOuD4pHc=
+R:modules
+Z:Q1toogjUipHGcMgECgPJX64SwUT1M=
+R:mtab
+a:0:0:777
+Z:Q1kiljhXXH1LlQroHsEJIkPZg2eiw=
+R:passwd
+Z:Q1TchuuLUfur0izvfZQZxgN/LJhB8=
+R:profile
+Z:Q1F3DgXUP+jNZDknmQPPb5t9FSfDg=
+R:protocols
+Z:Q1omKlp3vgGq2ZqYzyD/KHNdo8rDc=
+R:services
+Z:Q19WLCv5ItKg4MH7RWfNRh1I7byQc=
+R:shadow
+a:0:42:640
+Z:Q1ltrPIAW2zHeDiajsex2Bdmq3uqA=
+R:shells
+Z:Q1ojm2YdpCJ6B/apGDaZ/Sdb2xJkA=
+R:sysctl.conf
+Z:Q14upz3tfnNxZkIEsUhWn7Xoiw96g=
--- a/syft/pkg/cataloger/arch/cataloger_test.go
+++ b/syft/pkg/cataloger/arch/cataloger_test.go
@ -11,6 +11,14 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/internal/pkgtest"
 )

+func TestAlpmUnknowns(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromDirectory(t, "test-fixtures/installed").
+		WithCompareOptions(cmpopts.IgnoreFields(pkg.AlpmFileRecord{}, "Time")).
+		WithError().
+		TestCataloger(t, NewDBCataloger())
+}
+
 func TestAlpmCataloger(t *testing.T) {
 	gmpDbLocation := file.NewLocation("var/lib/pacman/local/gmp-6.2.1-2/desc")
 	treeSitterDbLocation := file.NewLocation("var/lib/pacman/local/tree-sitter-0.22.6-1/desc")
--- a/syft/pkg/cataloger/arch/parse_alpm_db.go
+++ b/syft/pkg/cataloger/arch/parse_alpm_db.go
@ -17,6 +17,7 @@ import (

 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -41,6 +42,8 @@ type parsedData struct {

 // parseAlpmDB parses the arch linux pacman database flat-files and returns the packages and relationships found within.
 func parseAlpmDB(_ context.Context, resolver file.Resolver, env *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
+	var errs error
+
 	data, err := parseAlpmDBEntry(reader)
 	if err != nil {
 		return nil, nil, err
@ -52,24 +55,25 @@ func parseAlpmDB(_ context.Context, resolver file.Resolver, env *generic.Environ

 	base := path.Dir(reader.RealPath)

+	var locs []file.Location
+
 	// replace the files found the pacman database with the files from the mtree These contain more metadata and
 	// thus more useful.
-	files, fileLoc := fetchPkgFiles(base, resolver)
-	backups, backupLoc := fetchBackupFiles(base, resolver)
-
-	var locs []file.Location
-	if fileLoc != nil {
+	files, fileLoc, err := fetchPkgFiles(base, resolver)
+	errs = unknown.Join(errs, err)
+	if err == nil {
 		locs = append(locs, fileLoc.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.SupportingEvidenceAnnotation))
 		data.Files = files
 	}
-
-	if backupLoc != nil {
+	backups, backupLoc, err := fetchBackupFiles(base, resolver)
+	errs = unknown.Join(errs, err)
+	if err == nil {
 		locs = append(locs, backupLoc.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.SupportingEvidenceAnnotation))
 		data.Backup = backups
 	}

 	if data.Package == "" {
-		return nil, nil, nil
+		return nil, nil, errs
 	}

 	return []pkg.Package{
@ -79,63 +83,56 @@ func parseAlpmDB(_ context.Context, resolver file.Resolver, env *generic.Environ
 			reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation),
 			locs...,
 		),
-	}, nil, nil
+	}, nil, errs
 }

-func fetchPkgFiles(base string, resolver file.Resolver) ([]pkg.AlpmFileRecord, *file.Location) {
+func fetchPkgFiles(base string, resolver file.Resolver) ([]pkg.AlpmFileRecord, file.Location, error) {
 	// TODO: probably want to use MTREE and PKGINFO here
 	target := path.Join(base, "mtree")

 	loc, err := getLocation(target, resolver)
 	if err != nil {
 		log.WithFields("error", err, "path", target).Trace("failed to find mtree file")
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to find mtree file: %w", err))
 	}
-	if loc == nil {
-		return []pkg.AlpmFileRecord{}, nil
-	}
-
-	reader, err := resolver.FileContentsByLocation(*loc)
+	reader, err := resolver.FileContentsByLocation(loc)
 	if err != nil {
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to get contents: %w", err))
 	}
 	defer internal.CloseAndLogError(reader, loc.RealPath)

 	pkgFiles, err := parseMtree(reader)
 	if err != nil {
 		log.WithFields("error", err, "path", target).Trace("failed to parse mtree file")
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to parse mtree: %w", err))
 	}
-	return pkgFiles, loc
+	return pkgFiles, loc, nil
 }

-func fetchBackupFiles(base string, resolver file.Resolver) ([]pkg.AlpmFileRecord, *file.Location) {
+func fetchBackupFiles(base string, resolver file.Resolver) ([]pkg.AlpmFileRecord, file.Location, error) {
 	// We only really do this to get any backup database entries from the files database
 	target := filepath.Join(base, "files")

 	loc, err := getLocation(target, resolver)
 	if err != nil {
 		log.WithFields("error", err, "path", target).Trace("failed to find alpm files")
-		return []pkg.AlpmFileRecord{}, nil
-	}
-	if loc == nil {
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to find alpm files: %w", err))
 	}

-	reader, err := resolver.FileContentsByLocation(*loc)
+	reader, err := resolver.FileContentsByLocation(loc)
 	if err != nil {
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to get contents: %w", err))
 	}
 	defer internal.CloseAndLogError(reader, loc.RealPath)

 	filesMetadata, err := parseAlpmDBEntry(reader)
 	if err != nil {
-		return []pkg.AlpmFileRecord{}, nil
+		return []pkg.AlpmFileRecord{}, loc, unknown.New(loc, fmt.Errorf("failed to parse alpm db entry: %w", err))
 	}
 	if filesMetadata != nil {
-		return filesMetadata.Backup, loc
+		return filesMetadata.Backup, loc, nil
 	}
-	return []pkg.AlpmFileRecord{}, loc
+	return []pkg.AlpmFileRecord{}, loc, nil
 }

 func parseAlpmDBEntry(reader io.Reader) (*parsedData, error) {
@ -171,20 +168,21 @@ func newScanner(reader io.Reader) *bufio.Scanner {
 	return scanner
 }

-func getLocation(path string, resolver file.Resolver) (*file.Location, error) {
+func getLocation(path string, resolver file.Resolver) (file.Location, error) {
+	loc := file.NewLocation(path)
 	locs, err := resolver.FilesByPath(path)
 	if err != nil {
-		return nil, err
+		return loc, err
 	}

 	if len(locs) == 0 {
-		return nil, fmt.Errorf("could not find file: %s", path)
+		return loc, fmt.Errorf("could not find file: %s", path)
 	}

 	if len(locs) > 1 {
 		log.WithFields("path", path).Trace("multiple files found for path, using first path")
 	}
-	return &locs[0], nil
+	return locs[0], nil
 }

 func parseDatabase(b *bufio.Scanner) (*parsedData, error) {
--- a/syft/pkg/cataloger/arch/test-fixtures/installed/var/lib/pacman/local/corrupt-0.2.1-3/desc
+++ b/syft/pkg/cataloger/arch/test-fixtures/installed/var/lib/pacman/local/corrupt-0.2.1-3/desc
@ -0,0 +1,34 @@
+%NME%
+tree-sitter
+
+%VER.6-1
+
+%BASE%
+tree-sitter
+
+%DESC%
+Incremental parsing library
+
+
+%BUILDDATE%
+1714945746
+
+%INSTALLDATE%
+1715026360
+
+%PACKA@archlinux.org>
+
+%SIZE%
+223539
+
+%REASON%
+1
+
+%LICENSE%
+MIT
+
+%VALIDATION%
+pgp
+
+%PROVIDE
+libtree-sitter.so=0-64
--- a/syft/pkg/cataloger/binary/classifier_cataloger.go
+++ b/syft/pkg/cataloger/binary/classifier_cataloger.go
@ -6,8 +6,10 @@ package binary
 import (
 	"context"
 	"encoding/json"
+	"fmt"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -59,12 +61,14 @@ func (c cataloger) Name() string {
 func (c cataloger) Catalog(_ context.Context, resolver file.Resolver) ([]pkg.Package, []artifact.Relationship, error) {
 	var packages []pkg.Package
 	var relationships []artifact.Relationship
+	var errs error

 	for _, cls := range c.classifiers {
 		log.WithFields("classifier", cls.Class).Trace("cataloging binaries")
 		newPkgs, err := catalog(resolver, cls)
 		if err != nil {
-			log.WithFields("error", err, "classifier", cls.Class).Warn("unable to catalog binary package: %w", err)
+			log.WithFields("error", err, "classifier", cls.Class).Debugf("unable to catalog binary package: %v", err)
+			errs = unknown.Join(errs, fmt.Errorf("%s: %w", cls.Class, err))
 			continue
 		}
 	newPackages:
@ -82,7 +86,7 @@ func (c cataloger) Catalog(_ context.Context, resolver file.Resolver) ([]pkg.Pac
 		}
 	}

-	return packages, relationships, nil
+	return packages, relationships, errs
 }

 // mergePackages merges information from the extra package into the target package
@ -98,6 +102,7 @@ func mergePackages(target *pkg.Package, extra *pkg.Package) {
 }

 func catalog(resolver file.Resolver, cls Classifier) (packages []pkg.Package, err error) {
+	var errs error
 	locations, err := resolver.FilesByGlob(cls.FileGlob)
 	if err != nil {
 		return nil, err
@ -105,11 +110,12 @@ func catalog(resolver file.Resolver, cls Classifier) (packages []pkg.Package, er
 	for _, location := range locations {
 		pkgs, err := cls.EvidenceMatcher(cls, matcherContext{resolver: resolver, location: location})
 		if err != nil {
-			return nil, err
+			errs = unknown.Append(errs, location, err)
+			continue
 		}
 		packages = append(packages, pkgs...)
 	}
-	return packages, nil
+	return packages, errs
 }

 // packagesMatch returns true if the binary packages "match" based on basic criteria
--- a/syft/pkg/cataloger/binary/classifier_cataloger_test.go
+++ b/syft/pkg/cataloger/binary/classifier_cataloger_test.go
@ -1668,7 +1668,7 @@ func Test_Cataloger_ResilientToErrors(t *testing.T) {

 	resolver := &panicyResolver{}
 	_, _, err := c.Catalog(context.Background(), resolver)
-	assert.NoError(t, err)
+	assert.Error(t, err)
 	assert.True(t, resolver.searchCalled)
 }

--- a/syft/pkg/cataloger/binary/elf_package_cataloger.go
+++ b/syft/pkg/cataloger/binary/elf_package_cataloger.go
@ -11,6 +11,7 @@ import (
 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/internal/mimetype"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/internal/unionreader"
@ -52,6 +53,7 @@ func (c *elfPackageCataloger) Name() string {
 }

 func (c *elfPackageCataloger) Catalog(_ context.Context, resolver file.Resolver) ([]pkg.Package, []artifact.Relationship, error) {
+	var errs error
 	locations, err := resolver.FilesByMIMEType(mimetype.ExecutableMIMETypeSet.List()...)
 	if err != nil {
 		return nil, nil, fmt.Errorf("unable to get binary files by mime type: %w", err)
@ -62,7 +64,8 @@ func (c *elfPackageCataloger) Catalog(_ context.Context, resolver file.Resolver)
 	for _, location := range locations {
 		notes, key, err := parseElfPackageNotes(resolver, location, c)
 		if err != nil {
-			return nil, nil, err
+			errs = unknown.Append(errs, location, err)
+			continue
 		}
 		if notes == nil {
 			continue
@ -87,7 +90,7 @@ func (c *elfPackageCataloger) Catalog(_ context.Context, resolver file.Resolver)
 	// why not return relationships? We have an executable cataloger that will note the dynamic libraries imported by
 	// each binary. After all files and packages are processed there is a final task that creates package-to-package
 	// and package-to-file relationships based on the dynamic libraries imported by each binary.
-	return pkgs, nil, nil
+	return pkgs, nil, errs
 }

 func parseElfPackageNotes(resolver file.Resolver, location file.Location, c *elfPackageCataloger) (*elfBinaryPackageNotes, elfPackageKey, error) {
@ -104,7 +107,7 @@ func parseElfPackageNotes(resolver file.Resolver, location file.Location, c *elf

 	if err != nil {
 		log.WithFields("file", location.Path(), "error", err).Trace("unable to parse ELF notes")
-		return nil, elfPackageKey{}, nil
+		return nil, elfPackageKey{}, err
 	}

 	if notes == nil {
@ -173,7 +176,7 @@ func getELFNotes(r file.LocationReadCloser) (*elfBinaryPackageNotes, error) {
 		if len(notes) > headerSize {
 			var metadata elfBinaryPackageNotes
 			newPayload := bytes.TrimRight(notes[headerSize:], "\x00")
-			if err := json.Unmarshal(newPayload, &metadata); err == nil {
+			if err = json.Unmarshal(newPayload, &metadata); err == nil {
 				return &metadata, nil
 			}
 			log.WithFields("file", r.Location.Path(), "error", err).Trace("unable to unmarshal ELF package notes as JSON")
--- a/syft/pkg/cataloger/binary/elf_package_cataloger_test.go
+++ b/syft/pkg/cataloger/binary/elf_package_cataloger_test.go
@ -3,6 +3,8 @@ package binary
 import (
 	"testing"

+	"github.com/stretchr/testify/require"
+
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
 	"github.com/anchore/syft/syft/pkg/cataloger/internal/pkgtest"
@ -14,6 +16,7 @@ func Test_ELF_Package_Cataloger(t *testing.T) {
 		name     string
 		fixture  string
 		expected []pkg.Package
+		wantErr  require.ErrorAssertionFunc
 	}{
 		{
 			name:    "go case",
@ -63,6 +66,7 @@ func Test_ELF_Package_Cataloger(t *testing.T) {
 					},
 				},
 			},
+			wantErr: require.Error,
 		},
 		{
 			name:    "fedora 64 bit binaries",
@ -116,6 +120,7 @@ func Test_ELF_Package_Cataloger(t *testing.T) {
 				WithImageResolver(t, v.fixture).
 				IgnoreLocationLayer(). // this fixture can be rebuilt, thus the layer ID will change
 				Expects(v.expected, nil).
+				WithErrorAssertion(v.wantErr).
 				TestCataloger(t, NewELFPackageCataloger())
 		})
 	}
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/Dockerfile
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/Dockerfile
@ -5,9 +5,11 @@ RUN dnf update -y; \
 	dnf clean all
 RUN mkdir -p /usr/local/bin/elftests/elfbinwithnestedlib
 RUN mkdir -p /usr/local/bin/elftests/elfbinwithsisterlib
+RUN mkdir -p /usr/local/bin/elftests/elfbinwithcorrupt

 COPY ./elfbinwithnestedlib /usr/local/bin/elftests/elfbinwithnestedlib
 COPY ./elfbinwithsisterlib /usr/local/bin/elftests/elfbinwithsisterlib
+COPY ./elfbinwithcorrupt /usr/local/bin/elftests/elfbinwithcorrupt

 ENV LD_LIBRARY_PATH=/usr/local/bin/elftests/elfbinwithnestedlib/bin/lib

@ -16,6 +18,8 @@ RUN make

 WORKDIR /usr/local/bin/elftests/elfbinwithsisterlib
 RUN make
+WORKDIR /usr/local/bin/elftests/elfbinwithcorrupt
+RUN make

 # let's make the test image smaller, since we only require the built binaries and supporting libraries
 FROM busybox:1.36.1-musl
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/hello_world.cpp
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/hello_world.cpp
@ -0,0 +1,6 @@
+#include <iostream>
+#include "hello_world.h"
+
+void print_hello_world() {
+    std::cout << "Hello, World!" << std::endl;
+}
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/hello_world.h
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/hello_world.h
@ -0,0 +1,8 @@
+
+#ifndef HELLO_WORLD_H
+#define HELLO_WORLD_H
+
+// Function declaration for printing "Hello, World!" to stdout
+void print_hello_world();
+
+#endif // HELLO_WORLD_H
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/makefile
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/makefile
@ -0,0 +1,48 @@
+LDFLAGS := -L/lib64 -lstdc++
+
+SRC_DIR := ./
+BUILD_DIR := ../build
+BIN_DIR := ../bin
+LIB_DIR := $(BIN_DIR)/lib
+
+LIB_NAME := hello_world
+LIB_SRC := $(SRC_DIR)/hello_world.cpp
+LIB_OBJ := $(BUILD_DIR)/$(LIB_NAME).o
+LIB_SO := $(LIB_DIR)/lib$(LIB_NAME).so
+
+EXECUTABLE := elfbinwithnestedlib
+EXEC_SRC := $(SRC_DIR)/testbin.cpp
+EXEC_OBJ := $(BUILD_DIR)/$(EXECUTABLE).o
+
+
+
+all: testfixture
+
+$(LIB_SO): $(LIB_OBJ) | $(LIB_DIR)
+	$(CC) -shared -o $@ $<
+	echo '{ corrupt json "system": "syftsys","name": "libhello_world.so","version": "0.01","pure:0.01"}' | objcopy --add-section .note.package=/dev/stdin --set-section-flags .note.package=noload,readonly $@
+
+$(LIB_OBJ): $(LIB_SRC) | $(BUILD_DIR)
+	$(CC) $(CFLAGS) -fPIC -c $< -o $@
+
+$(EXEC_OBJ): $(EXEC_SRC) | $(BUILD_DIR)
+	$(CC) $(CFLAGS) -c $< -o $@
+
+$(BIN_DIR):
+	mkdir -p $(BIN_DIR)
+$(BUILD_DIR):
+	mkdir -p $(BUILD_DIR)
+$(LIB_DIR):
+	mkdir -p $(LIB_DIR)
+
+$(BIN_DIR)/$(EXECUTABLE): $(EXEC_OBJ) $(LIB_SO) | $(BIN_DIR)
+	$(CC) $(CFLAGS) -o $@ $^ -L$(LIB_DIR) -l$(LIB_NAME) $(LDFLAGS)
+	echo '{corrupt json ..._syfttestfixture:0.01"}' | objcopy --add-section .note.package=/dev/stdin --set-section-flags .note.package=noload,readonly $@
+
+testfixture: $(BIN_DIR)/$(EXECUTABLE)
+
+clean:
+	rm -rf $(BUILD_DIR) $(LIB_DIR) $(BIN_DIR) $(EXECUTABLE)
+
+.PHONY: all clean 
+
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/testbin.cpp
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/elfsrc/testbin.cpp
@ -0,0 +1,8 @@
+#include "hello_world.h"
+
+int main() {
+    // Call the function from the shared library
+    print_hello_world();
+
+    return 0;
+}
--- a/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/makefile
+++ b/syft/pkg/cataloger/binary/test-fixtures/elf-test-fixtures/elfbinwithcorrupt/makefile
@ -0,0 +1,18 @@
+CC = g++
+CFLAGS = -std=c++17 -Wall -Wextra -pedantic
+BUILD_DIR := ./build
+BIN_DIR := ./bin
+LIB_DIR := $(BIN_DIR)/lib
+
+
+
+all: testfixtures
+
+testfixtures: 
+	$(MAKE) -C elfsrc
+	
+clean:
+	rm -rf $(BUILD_DIR) $(BIN_DIR)
+
+.PHONY: all clean testfixtures
+
--- a/syft/pkg/cataloger/cpp/parse_conanfile.go
+++ b/syft/pkg/cataloger/cpp/parse_conanfile.go
@ -8,6 +8,7 @@ import (
 	"io"
 	"strings"

+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -25,7 +26,7 @@ func parseConanfile(_ context.Context, _ file.Resolver, _ *generic.Environment,
 		line, err := r.ReadString('\n')
 		switch {
 		case errors.Is(err, io.EOF):
-			return pkgs, nil, nil
+			return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 		case err != nil:
 			return nil, nil, fmt.Errorf("failed to parse conanfile.txt file: %w", err)
 		}
--- a/syft/pkg/cataloger/cpp/parse_conanlock.go
+++ b/syft/pkg/cataloger/cpp/parse_conanlock.go
@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"strings"

+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -72,7 +73,7 @@ func parseConanLock(_ context.Context, _ file.Resolver, _ *generic.Environment,
 		}
 	}

-	return pkgs, relationships, nil
+	return pkgs, relationships, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }

 // handleConanLockV1 handles the parsing of conan lock v1 files (aka v0.4)
--- a/syft/pkg/cataloger/cpp/parse_conanlock_test.go
+++ b/syft/pkg/cataloger/cpp/parse_conanlock_test.go
@ -373,3 +373,10 @@ func TestParseConanLockV2(t *testing.T) {

 	pkgtest.TestFileParser(t, fixture, parseConanLock, expected, expectedRelationships)
 }
+
+func Test_corruptConanlock(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/conan.lock").
+		WithError().
+		TestParser(t, parseConanLock)
+}
--- a/syft/pkg/cataloger/cpp/test-fixtures/corrupt/conan.lock
+++ b/syft/pkg/cataloger/cpp/test-fixtures/corrupt/conan.lock
@ -0,0 +1,10 @@
+{
+    corrupt json
+    version": "0.5",
+    "requires": [
+        "sound32/1.0#83d4b7bf607b3b60a6546f8b58b5cdd7%1675278904.0791488",
+        "matrix/1.1#905c3f0babc520684c84127378fefdd0%1675278901.7527816"
+    ],
+    "build_requires": [],
+    "python_requires": []
+}
--- a/syft/pkg/cataloger/dart/parse_pubspec_lock.go
+++ b/syft/pkg/cataloger/dart/parse_pubspec_lock.go
@ -9,6 +9,7 @@ import (
 	"gopkg.in/yaml.v3"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -85,7 +86,7 @@ func parsePubspecLock(_ context.Context, _ file.Resolver, _ *generic.Environment
 		)
 	}

-	return pkgs, nil, nil
+	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }

 func (p *pubspecLockPackage) getVcsURL() string {
--- a/syft/pkg/cataloger/dart/parse_pubspec_lock_test.go
+++ b/syft/pkg/cataloger/dart/parse_pubspec_lock_test.go
@ -106,3 +106,10 @@ func TestParsePubspecLock(t *testing.T) {

 	pkgtest.TestFileParser(t, fixture, parsePubspecLock, expected, expectedRelationships)
 }
+
+func Test_corruptPubspecLock(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/pubspec.lock").
+		WithError().
+		TestParser(t, parsePubspecLock)
+}
--- a/syft/pkg/cataloger/dart/test-fixtures/corrupt/pubspec.lock
+++ b/syft/pkg/cataloger/dart/test-fixtures/corrupt/pubspec.lock
@ -0,0 +1,7 @@
+pa
+kages:
+  ale:
+    dependency: transitive
+    descr
+s  ps:
+  dart: ">=2.12.0 <3.0.0"
--- a/syft/pkg/cataloger/debian/parse_dpkg_db.go
+++ b/syft/pkg/cataloger/debian/parse_dpkg_db.go
@ -15,6 +15,7 @@ import (

 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -39,7 +40,7 @@ func parseDpkgDB(_ context.Context, resolver file.Resolver, env *generic.Environ
 		pkgs = append(pkgs, p)
 	}

-	return pkgs, nil, nil
+	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }

 func findDpkgInfoFiles(name string, resolver file.Resolver, dbLocation file.Location) []file.Location {
--- a/syft/pkg/cataloger/debian/parse_dpkg_db_test.go
+++ b/syft/pkg/cataloger/debian/parse_dpkg_db_test.go
@ -257,6 +257,17 @@ func Test_parseDpkgStatus(t *testing.T) {
 	}
 }

+func Test_corruptEntry(t *testing.T) {
+	f, err := os.Open("test-fixtures/var/lib/dpkg/status.d/corrupt")
+	require.NoError(t, err)
+	t.Cleanup(func() { require.NoError(t, f.Close()) })
+
+	reader := bufio.NewReader(f)
+
+	_, err = parseDpkgStatus(reader)
+	require.Error(t, err)
+}
+
 func TestSourceVersionExtract(t *testing.T) {
 	tests := []struct {
 		name     string
@ -312,7 +323,7 @@ func Test_parseDpkgStatus_negativeCases(t *testing.T) {
 		{
 			name:    "no more packages",
 			input:   `Package: apt`,
-			wantErr: require.NoError,
+			wantErr: requireAs(errors.New("unable to determine packages")),
 		},
 		{
 			name: "duplicated key",
--- a/syft/pkg/cataloger/debian/test-fixtures/var/lib/dpkg/status.d/corrupt
+++ b/syft/pkg/cataloger/debian/test-fixtures/var/lib/dpkg/status.d/corrupt
@ -0,0 +1,6 @@
+Pakij: apt
+Stratus: install ok installed
+Prioority: required
+Section: admin
+Insterface to the configuration settings
+  * apt-key as an interface to manage authentication keys
--- a/syft/pkg/cataloger/dotnet/parse_dotnet_deps.go
+++ b/syft/pkg/cataloger/dotnet/parse_dotnet_deps.go
@ -8,6 +8,7 @@ import (

 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/internal/relationship"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -126,5 +127,5 @@ func parseDotnetDeps(_ context.Context, _ file.Resolver, _ *generic.Environment,
 	// this will only consider package-to-package relationships.
 	relationship.Sort(relationships)

-	return pkgs, relationships, nil
+	return pkgs, relationships, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }
--- a/syft/pkg/cataloger/dotnet/parse_dotnet_deps_test.go
+++ b/syft/pkg/cataloger/dotnet/parse_dotnet_deps_test.go
@ -9,6 +9,13 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/internal/pkgtest"
 )

+func Test_corruptDotnetDeps(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/glob-paths/src/something.deps.json").
+		WithError().
+		TestParser(t, parseDotnetDeps)
+}
+
 func TestParseDotnetDeps(t *testing.T) {
 	fixture := "test-fixtures/TestLibrary.deps.json"
 	fixtureLocationSet := file.NewLocationSet(file.NewLocation(fixture))
--- a/syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable.go
+++ b/syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable.go
@ -28,30 +28,26 @@ func parseDotnetPortableExecutable(_ context.Context, _ file.Resolver, _ *generi

 	peFile, err := pe.NewBytes(by, &pe.Options{})
 	if err != nil {
-		// TODO: known-unknown
 		log.Tracef("unable to create PE instance for file '%s': %v", f.RealPath, err)
-		return nil, nil, nil
+		return nil, nil, err
 	}

 	err = peFile.Parse()
 	if err != nil {
-		// TODO: known-unknown
 		log.Tracef("unable to parse PE file '%s': %v", f.RealPath, err)
-		return nil, nil, nil
+		return nil, nil, err
 	}

 	versionResources, err := peFile.ParseVersionResources()
 	if err != nil {
-		// TODO: known-unknown
 		log.Tracef("unable to parse version resources in PE file: %s: %v", f.RealPath, err)
-		return nil, nil, nil
+		return nil, nil, fmt.Errorf("unable to parse version resources in PE file: %w", err)
 	}

 	dotNetPkg, err := buildDotNetPackage(versionResources, f)
 	if err != nil {
-		// TODO: known-unknown
-		log.Tracef("unable to build dotnet package: %v", err)
-		return nil, nil, nil
+		log.Tracef("unable to build dotnet package for: %v %v", f.RealPath, err)
+		return nil, nil, err
 	}

 	return []pkg.Package{dotNetPkg}, nil, nil
@ -60,12 +56,12 @@ func parseDotnetPortableExecutable(_ context.Context, _ file.Resolver, _ *generi
 func buildDotNetPackage(versionResources map[string]string, f file.LocationReadCloser) (dnpkg pkg.Package, err error) {
 	name := findName(versionResources)
 	if name == "" {
-		return dnpkg, fmt.Errorf("unable to find PE name in file: %s", f.RealPath)
+		return dnpkg, fmt.Errorf("unable to find PE name in file")
 	}

 	version := findVersion(versionResources)
 	if version == "" {
-		return dnpkg, fmt.Errorf("unable to find PE version in file: %s", f.RealPath)
+		return dnpkg, fmt.Errorf("unable to find PE version in file")
 	}

 	metadata := pkg.DotnetPortableExecutableEntry{
--- a/syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable_test.go
+++ b/syft/pkg/cataloger/dotnet/parse_dotnet_portable_executable_test.go
@ -297,6 +297,13 @@ func TestParseDotnetPortableExecutable(t *testing.T) {
 	}
 }

+func Test_corruptDotnetPE(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/glob-paths/src/something.exe").
+		WithError().
+		TestParser(t, parseDotnetPortableExecutable)
+}
+
 func Test_extractVersion(t *testing.T) {
 	tests := []struct {
 		input    string
--- a/syft/pkg/cataloger/elixir/parse_mix_lock.go
+++ b/syft/pkg/cataloger/elixir/parse_mix_lock.go
@ -9,6 +9,7 @@ import (
 	"regexp"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -22,25 +23,33 @@ var mixLockDelimiter = regexp.MustCompile(`[%{}\n" ,:]+`)

 // parseMixLock parses a mix.lock and returns the discovered Elixir packages.
 func parseMixLock(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
+	var errs error
 	r := bufio.NewReader(reader)

 	var packages []pkg.Package
+	lineNum := 0
 	for {
+		lineNum++
 		line, err := r.ReadString('\n')
 		switch {
 		case errors.Is(err, io.EOF):
-			return packages, nil, nil
+			if errs == nil {
+				errs = unknown.IfEmptyf(packages, "unable to determine packages")
+			}
+			return packages, nil, errs
 		case err != nil:
 			return nil, nil, fmt.Errorf("failed to parse mix.lock file: %w", err)
 		}
 		tokens := mixLockDelimiter.Split(line, -1)
 		if len(tokens) < 6 {
+			errs = unknown.Appendf(errs, reader, "unable to read mix lock line %d: %s", lineNum, line)
 			continue
 		}
 		name, version, hash, hashExt := tokens[1], tokens[4], tokens[5], tokens[len(tokens)-2]

 		if name == "" {
 			log.WithFields("path", reader.RealPath).Debug("skipping empty package name from mix.lock file")
+			errs = unknown.Appendf(errs, reader, "skipping empty package name from mix.lock file, for line: %d: %s", lineNum, line)
 			continue
 		}

--- a/syft/pkg/cataloger/erlang/parse_otp_app.go
+++ b/syft/pkg/cataloger/erlang/parse_otp_app.go
@ -2,6 +2,7 @@ package erlang

 import (
 	"context"
+	"fmt"

 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/syft/artifact"
@ -17,7 +18,7 @@ func parseOTPApp(_ context.Context, _ file.Resolver, _ *generic.Environment, rea
 		// there are multiple file formats that use the *.app extension, so it's possible that this is not an OTP app file at all
 		// ... which means we should not return an error here
 		log.WithFields("error", err).Trace("unable to parse Erlang OTP app")
-		return nil, nil, nil
+		return nil, nil, fmt.Errorf("unable to parse Erlang OTP app")
 	}

 	var packages []pkg.Package
--- a/syft/pkg/cataloger/erlang/parse_otp_app_test.go
+++ b/syft/pkg/cataloger/erlang/parse_otp_app_test.go
@ -41,3 +41,10 @@ func TestParseOTPApplication(t *testing.T) {
 		})
 	}
 }
+
+func Test_corruptOtpApp(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/rabbitmq.app").
+		WithError().
+		TestParser(t, parseOTPApp)
+}
--- a/syft/pkg/cataloger/erlang/parse_rebar_lock.go
+++ b/syft/pkg/cataloger/erlang/parse_rebar_lock.go
@ -4,6 +4,7 @@ import (
 	"context"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -95,7 +96,7 @@ func parseRebarLock(_ context.Context, _ file.Resolver, _ *generic.Environment,
 		p.SetID()
 		packages = append(packages, *p)
 	}
-	return packages, nil, nil
+	return packages, nil, unknown.IfEmptyf(packages, "unable to determine packages")
 }

 // integrity check
--- a/syft/pkg/cataloger/erlang/parse_rebar_lock_test.go
+++ b/syft/pkg/cataloger/erlang/parse_rebar_lock_test.go
@ -255,3 +255,10 @@ func TestParseRebarLock(t *testing.T) {
 		})
 	}
 }
+
+func Test_corruptRebarLock(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/rebar.lock").
+		WithError().
+		TestParser(t, parseRebarLock)
+}
--- a/syft/pkg/cataloger/erlang/test-fixtures/corrupt/rabbitmq.app
+++ b/syft/pkg/cataloger/erlang/test-fixtures/corrupt/rabbitmq.app
@ -0,0 +1,9 @@
+cation, 'rabbit', [
+	{description, "RabbitMQ"},
+	{vsn, "3.12.10"},
+	{id, "v3.12.9-9-g1f61ca8"},
+	{modules, ['amqqueue','background_gc']},
+	{optional_itmq-server#1593
+	    {channel_max, 2047}
+	  ]}
+]}.
--- a/syft/pkg/cataloger/erlang/test-fixtures/corrupt/rebar.lock
+++ b/syft/pkg/cataloger/erlang/test-fixtures/corrupt/rebar.lock
@ -0,0 +1,11 @@
+{"1.2.0",
+[{<<"certifi{pkg,<<"certifi">>,<<"2.9.0">>},0},
+ {<<"idna">>,{pkg,<<"idpkg,<<"parse_trans">>,<<"3.3.1">>},0},
+ {<<"ssl_verify_fun">>,{pkg,<<"ssl_verify_fun">>,<<"1.1.6">>},0},
+ {<<"unicode_util_compat">>,{pkg,<<"unicode_util_compat">>,<<"0.7.0">>},0}]}.
+[
+{pkg_hash,[
+ {<<"certifi">>, <<"6F2A475689DD47F19FB74334859D460A2DC4E3252A3324BD2111B8F0429E7E21">>},
+ {<<"idna">>, <<"8A63070E9F7D0C62EB9D9FCB360A7DE382448200FBBD1B106CC96D3D8099DF8D">>},
+ {<<"metrics">>, <<"25F094DEA2CDA98213CECC3AEFF09E940299D950904393B2A29D191C346A8486">>},
+ {<<"mimerl
--- a/syft/pkg/cataloger/generic/cataloger.go
+++ b/syft/pkg/cataloger/generic/cataloger.go
@ -6,6 +6,7 @@ import (
 	"github.com/anchore/go-logger"
 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/linux"
@ -151,6 +152,7 @@ func (c *Cataloger) Name() string {
 func (c *Cataloger) Catalog(ctx context.Context, resolver file.Resolver) ([]pkg.Package, []artifact.Relationship, error) {
 	var packages []pkg.Package
 	var relationships []artifact.Relationship
+	var errs error

 	logger := log.Nested("cataloger", c.upstreamCataloger)

@ -166,7 +168,8 @@ func (c *Cataloger) Catalog(ctx context.Context, resolver file.Resolver) ([]pkg.

 		discoveredPackages, discoveredRelationships, err := invokeParser(ctx, resolver, location, logger, parser, &env)
 		if err != nil {
-			continue // logging is handled within invokeParser
+			// parsers may return errors and valid packages / relationships
+			errs = unknown.Append(errs, location, err)
 		}

 		for _, p := range discoveredPackages {
@ -176,7 +179,7 @@ func (c *Cataloger) Catalog(ctx context.Context, resolver file.Resolver) ([]pkg.

 		relationships = append(relationships, discoveredRelationships...)
 	}
-	return c.process(ctx, resolver, packages, relationships, nil)
+	return c.process(ctx, resolver, packages, relationships, errs)
 }

 func (c *Cataloger) process(ctx context.Context, resolver file.Resolver, pkgs []pkg.Package, rels []artifact.Relationship, err error) ([]pkg.Package, []artifact.Relationship, error) {
@ -196,11 +199,11 @@ func invokeParser(ctx context.Context, resolver file.Resolver, location file.Loc

 	discoveredPackages, discoveredRelationships, err := parser(ctx, resolver, env, file.NewLocationReadCloser(location, contentReader))
 	if err != nil {
-		logger.WithFields("location", location.RealPath, "error", err).Warnf("cataloger failed")
-		return nil, nil, err
+		// these errors are propagated up, and are likely to be coordinate errors
+		logger.WithFields("location", location.RealPath, "error", err).Trace("cataloger returned errors")
 	}

-	return discoveredPackages, discoveredRelationships, nil
+	return discoveredPackages, discoveredRelationships, err
 }

 // selectFiles takes a set of file trees and resolves and file references of interest for future cataloging
--- a/syft/pkg/cataloger/generic/cataloger_test.go
+++ b/syft/pkg/cataloger/generic/cataloger_test.go
@ -10,6 +10,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -187,3 +188,27 @@ func TestClosesFileOnParserPanic(t *testing.T) {
 	})
 	require.True(t, spy.closed)
 }
+
+func Test_genericCatalogerReturnsErrors(t *testing.T) {
+	genericErrorReturning := NewCataloger("error returning").WithParserByGlobs(func(ctx context.Context, resolver file.Resolver, environment *Environment, locationReader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
+		return []pkg.Package{
+			{
+				Name: "some-package-" + locationReader.Path(),
+			},
+		}, nil, unknown.Newf(locationReader, "unable to read")
+	}, "**/*")
+
+	m := file.NewMockResolverForPaths(
+		"test-fixtures/a-path.txt",
+		"test-fixtures/empty.txt",
+	)
+
+	got, _, errs := genericErrorReturning.Catalog(context.TODO(), m)
+
+	// require packages and errors
+	require.NotEmpty(t, got)
+
+	unknowns, others := unknown.ExtractCoordinateErrors(errs)
+	require.NotEmpty(t, unknowns)
+	require.Empty(t, others)
+}
--- a/syft/pkg/cataloger/gentoo/parse_portage_contents.go
+++ b/syft/pkg/cataloger/gentoo/parse_portage_contents.go
@ -35,7 +35,7 @@ func parsePortageContents(_ context.Context, resolver file.Resolver, _ *generic.
 	name, version := cpvMatch[1], cpvMatch[2]
 	if name == "" || version == "" {
 		log.WithFields("path", reader.Location.RealPath).Warnf("failed to parse portage name and version")
-		return nil, nil, nil
+		return nil, nil, fmt.Errorf("failed to parse portage name and version")
 	}

 	p := pkg.Package{
--- a/syft/pkg/cataloger/githubactions/package.go
+++ b/syft/pkg/cataloger/githubactions/package.go
@ -1,6 +1,7 @@
 package githubactions

 import (
+	"fmt"
 	"strings"

 	"github.com/anchore/packageurl-go"
@ -9,19 +10,19 @@ import (
 	"github.com/anchore/syft/syft/pkg"
 )

-func newPackageFromUsageStatement(use string, location file.Location) *pkg.Package {
+func newPackageFromUsageStatement(use string, location file.Location) (*pkg.Package, error) {
 	name, version := parseStepUsageStatement(use)

 	if name == "" {
 		log.WithFields("file", location.RealPath, "statement", use).Trace("unable to parse github action usage statement")
-		return nil
+		return nil, fmt.Errorf("unable to parse github action usage statement")
 	}

 	if strings.Contains(name, ".github/workflows/") {
-		return newGithubActionWorkflowPackageUsage(name, version, location)
+		return newGithubActionWorkflowPackageUsage(name, version, location), nil
 	}

-	return newGithubActionPackageUsage(name, version, location)
+	return newGithubActionPackageUsage(name, version, location), nil
 }

 func newGithubActionWorkflowPackageUsage(name, version string, workflowLocation file.Location) *pkg.Package {
--- a/syft/pkg/cataloger/githubactions/parse_composite_action.go
+++ b/syft/pkg/cataloger/githubactions/parse_composite_action.go
@ -7,6 +7,7 @@ import (

 	"gopkg.in/yaml.v3"

+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -24,14 +25,14 @@ type compositeActionRunsDef struct {
 }

 func parseCompositeActionForActionUsage(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
-	contents, err := io.ReadAll(reader)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to read yaml composite action file: %w", err)
+	contents, errs := io.ReadAll(reader)
+	if errs != nil {
+		return nil, nil, fmt.Errorf("unable to read yaml composite action file: %w", errs)
 	}

 	var ca compositeActionDef
-	if err = yaml.Unmarshal(contents, &ca); err != nil {
-		return nil, nil, fmt.Errorf("unable to parse yaml composite action file: %w", err)
+	if errs = yaml.Unmarshal(contents, &ca); errs != nil {
+		return nil, nil, fmt.Errorf("unable to parse yaml composite action file: %w", errs)
 	}

 	// we use a collection to help with deduplication before raising to higher level processing
@ -42,11 +43,14 @@ func parseCompositeActionForActionUsage(_ context.Context, _ file.Resolver, _ *g
 			continue
 		}

-		p := newPackageFromUsageStatement(step.Uses, reader.Location)
+		p, err := newPackageFromUsageStatement(step.Uses, reader.Location)
+		if err != nil {
+			errs = unknown.Append(errs, reader, err)
+		}
 		if p != nil {
 			pkgs.Add(*p)
 		}
 	}

-	return pkgs.Sorted(), nil, nil
+	return pkgs.Sorted(), nil, errs
 }
--- a/syft/pkg/cataloger/githubactions/parse_composite_action_test.go
+++ b/syft/pkg/cataloger/githubactions/parse_composite_action_test.go
@ -33,3 +33,10 @@ func Test_parseCompositeActionForActionUsage(t *testing.T) {
 	var expectedRelationships []artifact.Relationship
 	pkgtest.TestFileParser(t, fixture, parseCompositeActionForActionUsage, expected, expectedRelationships)
 }
+
+func Test_corruptCompositeAction(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/composite-action.yaml").
+		WithError().
+		TestParser(t, parseCompositeActionForActionUsage)
+}
--- a/syft/pkg/cataloger/githubactions/parse_workflow.go
+++ b/syft/pkg/cataloger/githubactions/parse_workflow.go
@ -7,6 +7,7 @@ import (

 	"gopkg.in/yaml.v3"

+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -37,14 +38,14 @@ type stepDef struct {
 }

 func parseWorkflowForWorkflowUsage(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
-	contents, err := io.ReadAll(reader)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to read yaml workflow file: %w", err)
+	contents, errs := io.ReadAll(reader)
+	if errs != nil {
+		return nil, nil, fmt.Errorf("unable to read yaml workflow file: %w", errs)
 	}

 	var wf workflowDef
-	if err = yaml.Unmarshal(contents, &wf); err != nil {
-		return nil, nil, fmt.Errorf("unable to parse yaml workflow file: %w", err)
+	if errs = yaml.Unmarshal(contents, &wf); errs != nil {
+		return nil, nil, fmt.Errorf("unable to parse yaml workflow file: %w", errs)
 	}

 	// we use a collection to help with deduplication before raising to higher level processing
@ -52,25 +53,28 @@ func parseWorkflowForWorkflowUsage(_ context.Context, _ file.Resolver, _ *generi

 	for _, job := range wf.Jobs {
 		if job.Uses != "" {
-			p := newPackageFromUsageStatement(job.Uses, reader.Location)
+			p, err := newPackageFromUsageStatement(job.Uses, reader.Location)
+			if err != nil {
+				errs = unknown.Append(errs, reader, err)
+			}
 			if p != nil {
 				pkgs.Add(*p)
 			}
 		}
 	}

-	return pkgs.Sorted(), nil, nil
+	return pkgs.Sorted(), nil, errs
 }

 func parseWorkflowForActionUsage(_ context.Context, _ file.Resolver, _ *generic.Environment, reader file.LocationReadCloser) ([]pkg.Package, []artifact.Relationship, error) {
-	contents, err := io.ReadAll(reader)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to read yaml workflow file: %w", err)
+	contents, errs := io.ReadAll(reader)
+	if errs != nil {
+		return nil, nil, fmt.Errorf("unable to read yaml workflow file: %w", errs)
 	}

 	var wf workflowDef
-	if err = yaml.Unmarshal(contents, &wf); err != nil {
-		return nil, nil, fmt.Errorf("unable to parse yaml workflow file: %w", err)
+	if errs = yaml.Unmarshal(contents, &wf); errs != nil {
+		return nil, nil, fmt.Errorf("unable to parse yaml workflow file: %w", errs)
 	}

 	// we use a collection to help with deduplication before raising to higher level processing
@ -81,12 +85,15 @@ func parseWorkflowForActionUsage(_ context.Context, _ file.Resolver, _ *generic.
 			if step.Uses == "" {
 				continue
 			}
-			p := newPackageFromUsageStatement(step.Uses, reader.Location)
+			p, err := newPackageFromUsageStatement(step.Uses, reader.Location)
+			if err != nil {
+				errs = unknown.Append(errs, reader, err)
+			}
 			if p != nil {
 				pkgs.Add(*p)
 			}
 		}
 	}

-	return pkgs.Sorted(), nil, nil
+	return pkgs.Sorted(), nil, errs
 }
--- a/syft/pkg/cataloger/githubactions/parse_workflow_test.go
+++ b/syft/pkg/cataloger/githubactions/parse_workflow_test.go
@ -86,3 +86,17 @@ func Test_parseWorkflowForWorkflowUsage(t *testing.T) {
 	var expectedRelationships []artifact.Relationship
 	pkgtest.TestFileParser(t, fixture, parseWorkflowForWorkflowUsage, expected, expectedRelationships)
 }
+
+func Test_corruptActionWorkflow(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/workflow-multi-job.yaml").
+		WithError().
+		TestParser(t, parseWorkflowForActionUsage)
+}
+
+func Test_corruptWorkflowWorkflow(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/workflow-multi-job.yaml").
+		WithError().
+		TestParser(t, parseWorkflowForWorkflowUsage)
+}
--- a/syft/pkg/cataloger/githubactions/test-fixtures/corrupt/composite-action.yaml
+++ b/syft/pkg/cataloger/githubactions/test-fixtures/corrupt/composite-action.yaml
@ -0,0 +1,13 @@
+name: "Bootstrap"
+description: "Bootstrap all tools and dependencies"
+ints:
+  go-version:
+    descrapt-packages:
+    description: "Space delimited list of tools to install via apt"
+    default: "libxml2-utils"
+
+rns:
+  us all cache fingerprints
+      shell: bash
+      run: make fingerprints
+
--- a/syft/pkg/cataloger/githubactions/test-fixtures/corrupt/workflow-multi-job.yaml
+++ b/syft/pkg/cataloger/githubactions/test-fixtures/corrupt/workflow-multi-job.yaml
@ -0,0 +1,16 @@
+name: "Validations"
+
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jbs
+
+  Statnapshot
+          key: snapshot-build-${{ github.run_id }}
+
+      - name: Run CLI Tests (Linux)
+        run: make cli
--- a/syft/pkg/cataloger/golang/parse_go_binary.go
+++ b/syft/pkg/cataloger/golang/parse_go_binary.go
@ -66,9 +66,9 @@ func (c *goBinaryCataloger) parseGoBinary(_ context.Context, resolver file.Resol
 	if err != nil {
 		return nil, nil, err
 	}
+	defer internal.CloseAndLogError(reader.ReadCloser, reader.RealPath)

-	mods := scanFile(unionReader, reader.RealPath)
-	internal.CloseAndLogError(reader.ReadCloser, reader.RealPath)
+	mods, errs := scanFile(reader.Location, unionReader)

 	var rels []artifact.Relationship
 	for _, mod := range mods {
@ -81,7 +81,7 @@ func (c *goBinaryCataloger) parseGoBinary(_ context.Context, resolver file.Resol
 		pkgs = append(pkgs, depPkgs...)
 	}

-	return pkgs, rels, nil
+	return pkgs, rels, errs
 }

 func createModuleRelationships(main pkg.Package, deps []pkg.Package) []artifact.Relationship {
--- a/syft/pkg/cataloger/golang/parse_go_mod_test.go
+++ b/syft/pkg/cataloger/golang/parse_go_mod_test.go
@ -157,3 +157,11 @@ func Test_GoSumHashes(t *testing.T) {
 		})
 	}
 }
+
+func Test_corruptGoMod(t *testing.T) {
+	c := NewGoModuleFileCataloger(DefaultCatalogerConfig().WithSearchRemoteLicenses(false))
+	pkgtest.NewCatalogTester().
+		FromDirectory(t, "test-fixtures/corrupt").
+		WithError().
+		TestCataloger(t, c)
+}
--- a/syft/pkg/cataloger/golang/scan_binary.go
+++ b/syft/pkg/cataloger/golang/scan_binary.go
@ -9,6 +9,8 @@ import (
 	"github.com/kastenhq/goversion/version"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
+	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/internal/unionreader"
 )

@ -19,20 +21,21 @@ type extendedBuildInfo struct {
 }

 // scanFile scans file to try to report the Go and module versions.
-func scanFile(reader unionreader.UnionReader, filename string) []*extendedBuildInfo {
+func scanFile(location file.Location, reader unionreader.UnionReader) ([]*extendedBuildInfo, error) {
 	// NOTE: multiple readers are returned to cover universal binaries, which are files
 	// with more than one binary
-	readers, err := unionreader.GetReaders(reader)
-	if err != nil {
-		log.WithFields("error", err).Warnf("failed to open a golang binary")
-		return nil
+	readers, errs := unionreader.GetReaders(reader)
+	if errs != nil {
+		log.WithFields("error", errs).Warnf("failed to open a golang binary")
+		return nil, fmt.Errorf("failed to open a golang binary: %w", errs)
 	}

 	var builds []*extendedBuildInfo
 	for _, r := range readers {
 		bi, err := getBuildInfo(r)
 		if err != nil {
-			log.WithFields("file", filename, "error", err).Trace("unable to read golang buildinfo")
+			log.WithFields("file", location.RealPath, "error", err).Trace("unable to read golang buildinfo")
+
 			continue
 		}
 		// it's possible the reader just isn't a go binary, in which case just skip it
@ -42,23 +45,25 @@ func scanFile(reader unionreader.UnionReader, filename string) []*extendedBuildI

 		v, err := getCryptoInformation(r)
 		if err != nil {
-			log.WithFields("file", filename, "error", err).Trace("unable to read golang version info")
+			log.WithFields("file", location.RealPath, "error", err).Trace("unable to read golang version info")
 			// don't skip this build info.
 			// we can still catalog packages, even if we can't get the crypto information
+			errs = unknown.Appendf(errs, location, "unable to read golang version info: %w", err)
 		}
 		arch := getGOARCH(bi.Settings)
 		if arch == "" {
 			arch, err = getGOARCHFromBin(r)
 			if err != nil {
-				log.WithFields("file", filename, "error", err).Trace("unable to read golang arch info")
+				log.WithFields("file", location.RealPath, "error", err).Trace("unable to read golang arch info")
 				// don't skip this build info.
 				// we can still catalog packages, even if we can't get the arch information
+				errs = unknown.Appendf(errs, location, "unable to read golang arch info: %w", err)
 			}
 		}

 		builds = append(builds, &extendedBuildInfo{BuildInfo: bi, cryptoSettings: v, arch: arch})
 	}
-	return builds
+	return builds, errs
 }

 func getCryptoInformation(reader io.ReaderAt) ([]string, error) {
--- a/syft/pkg/cataloger/golang/test-fixtures/corrupt/go.mod
+++ b/syft/pkg/cataloger/golang/test-fixtures/corrupt/go.mod
@ -0,0 +1,11 @@
+module github.com/anchore/syft
+
+go 1.18
+
+ruire (
+	github.com/CycloneDX/cyclonedx-go v0.7.0
+	github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
+	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
+)
+
+replace github.com/CycloneDX/cyclonedx-go => github.com/CycloneDX/cyclonedx-go v0.6.0
--- a/syft/pkg/cataloger/golang/test-fixtures/corrupt/go.sum
+++ b/syft/pkg/cataloger/golang/test-fixtures/corrupt/go.sum
@ -0,0 +1,4 @@
+github.com/CycloneDX/cyclonedx-go v0.6.0/go.mod h1:nQCiF4Tvrg5Ieu8qPhYMvzPGMu5I7fANZkrSsJjl5mg=
+github.com/Cycpansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8=
+github6IF
+github.com/stretchr/test4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/syft/pkg/cataloger/haskell/parse_stack_lock.go
+++ b/syft/pkg/cataloger/haskell/parse_stack_lock.go
@ -9,6 +9,7 @@ import (
 	"gopkg.in/yaml.v3"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -50,7 +51,7 @@ func parseStackLock(_ context.Context, _ file.Resolver, _ *generic.Environment,

 	if err := yaml.Unmarshal(bytes, &lockFile); err != nil {
 		log.WithFields("error", err).Tracef("failed to parse stack.yaml.lock file %q", reader.RealPath)
-		return nil, nil, nil
+		return nil, nil, fmt.Errorf("failed to parse stack.yaml.lock file")
 	}

 	var (
@ -82,7 +83,7 @@ func parseStackLock(_ context.Context, _ file.Resolver, _ *generic.Environment,
 		)
 	}

-	return pkgs, nil, nil
+	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }

 func parseStackPackageEncoding(pkgEncoding string) (name, version, hash string) {
--- a/syft/pkg/cataloger/haskell/parse_stack_lock_test.go
+++ b/syft/pkg/cataloger/haskell/parse_stack_lock_test.go
@ -130,3 +130,10 @@ func TestParseStackLock(t *testing.T) {

 	pkgtest.TestFileParser(t, fixture, parseStackLock, expectedPkgs, expectedRelationships)
 }
+
+func Test_corruptStackLock(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/stack.yaml.lock").
+		WithError().
+		TestParser(t, parseStackLock)
+}
--- a/syft/pkg/cataloger/haskell/parse_stack_yaml.go
+++ b/syft/pkg/cataloger/haskell/parse_stack_yaml.go
@ -8,6 +8,7 @@ import (
 	"gopkg.in/yaml.v3"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -31,7 +32,7 @@ func parseStackYaml(_ context.Context, _ file.Resolver, _ *generic.Environment,

 	if err := yaml.Unmarshal(bytes, &stackFile); err != nil {
 		log.WithFields("error", err).Tracef("failed to parse stack.yaml file %q", reader.RealPath)
-		return nil, nil, nil
+		return nil, nil, fmt.Errorf("failed to parse stack.yaml file")
 	}

 	var pkgs []pkg.Package
@ -50,5 +51,5 @@ func parseStackYaml(_ context.Context, _ file.Resolver, _ *generic.Environment,
 		)
 	}

-	return pkgs, nil, nil
+	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }
--- a/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go
+++ b/syft/pkg/cataloger/haskell/parse_stack_yaml_test.go
@ -110,3 +110,10 @@ func TestParseStackYaml(t *testing.T) {
 	pkgtest.TestFileParser(t, fixture, parseStackYaml, expectedPkgs, expectedRelationships)

 }
+
+func Test_corruptStackYaml(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/stack.yaml").
+		WithError().
+		TestParser(t, parseStackYaml)
+}
--- a/syft/pkg/cataloger/haskell/test-fixtures/corrupt/stack.yaml
+++ b/syft/pkg/cataloger/haskell/test-fixtures/corrupt/stack.yaml
@ -0,0 +1,6 @@
+flag
+extra-package-dbs: []
+packa@sha256:fbcf49ecfc3d4da53e797fd0275264cba776ffa324ee223e2a3f4ec2d2c9c4a6,2165
+  - stm-2.5.0.2@sha256:e4dc6473faaa75fbd7eccab4e3ee1d651d75bb0e49946ef0b8b751ccde771a55,2314
+ghc-options:
+  "$everything": -haddock
--- a/syft/pkg/cataloger/haskell/test-fixtures/corrupt/stack.yaml.lock
+++ b/syft/pkg/cataloger/haskell/test-fixtures/corrupt/stack.yaml.lock
@ -0,0 +1,8 @@
+packages
+-comp
+al:
+    commit: a5847301404583e16d55cd4d051b8e605d704fbc
+    git: https://github.com/runtimeverification/haskell-backend.git
+    subdir: kore
+snapshots
+- complete//raw.github
--- a/syft/pkg/cataloger/internal/pkgtest/test_generic_parser.go
+++ b/syft/pkg/cataloger/internal/pkgtest/test_generic_parser.go
@ -48,7 +48,6 @@ type CatalogTester struct {

 func NewCatalogTester() *CatalogTester {
 	return &CatalogTester{
-		wantErr:          require.NoError,
 		locationComparer: cmptest.DefaultLocationComparer,
 		licenseComparer:  cmptest.DefaultLicenseComparer,
 		packageStringer:  stringPackage,
@ -113,7 +112,6 @@ func (p *CatalogTester) WithEnv(env *generic.Environment) *CatalogTester {
 }

 func (p *CatalogTester) WithError() *CatalogTester {
-	p.assertResultExpectations = true
 	p.wantErr = require.Error
 	return p
 }
@ -226,7 +224,10 @@ func (p *CatalogTester) IgnoreUnfulfilledPathResponses(paths ...string) *Catalog
 func (p *CatalogTester) TestParser(t *testing.T, parser generic.Parser) {
 	t.Helper()
 	pkgs, relationships, err := parser(context.Background(), p.resolver, p.env, p.reader)
-	p.wantErr(t, err)
+	// only test for errors if explicitly requested
+	if p.wantErr != nil {
+		p.wantErr(t, err)
+	}
 	p.assertPkgs(t, pkgs, relationships)
 }

@ -247,8 +248,12 @@ func (p *CatalogTester) TestCataloger(t *testing.T, cataloger pkg.Cataloger) {
 		assert.ElementsMatchf(t, p.expectedContentQueries, resolver.AllContentQueries(), "unexpected content queries observed: diff %s", cmp.Diff(p.expectedContentQueries, resolver.AllContentQueries()))
 	}

-	if p.assertResultExpectations {
+	// only test for errors if explicitly requested
+	if p.wantErr != nil {
 		p.wantErr(t, err)
+	}
+
+	if p.assertResultExpectations {
 		p.assertPkgs(t, pkgs, relationships)
 	}

@ -256,7 +261,7 @@ func (p *CatalogTester) TestCataloger(t *testing.T, cataloger pkg.Cataloger) {
 		a(t, pkgs, relationships)
 	}

-	if !p.assertResultExpectations && len(p.customAssertions) == 0 {
+	if !p.assertResultExpectations && len(p.customAssertions) == 0 && p.wantErr == nil {
 		resolver.PruneUnfulfilledPathResponses(p.ignoreUnfulfilledPathResponses, p.ignoreAnyUnfulfilledPaths...)

 		// if we aren't testing the results, we should focus on what was searched for (for glob-centric tests)
--- a/syft/pkg/cataloger/java/archive_parser.go
+++ b/syft/pkg/cataloger/java/archive_parser.go
@ -16,6 +16,7 @@ import (
 	intFile "github.com/anchore/syft/internal/file"
 	"github.com/anchore/syft/internal/licenses"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -133,14 +134,22 @@ func (j *archiveParser) parse(ctx context.Context) ([]pkg.Package, []artifact.Re
 	}
 	pkgs = append(pkgs, auxPkgs...)

+	var errs error
 	if j.detectNested {
 		// find nested java archive packages
 		nestedPkgs, nestedRelationships, err := j.discoverPkgsFromNestedArchives(ctx, parentPkg)
 		if err != nil {
-			return nil, nil, err
+			errs = unknown.Append(errs, j.location, err)
 		}
 		pkgs = append(pkgs, nestedPkgs...)
 		relationships = append(relationships, nestedRelationships...)
+	} else {
+		// .jar and .war files are present in archives, are others? or generally just consider them top-level?
+		nestedArchives := j.fileManifest.GlobMatch(true, "*.jar", "*.war")
+		if len(nestedArchives) > 0 {
+			slices.Sort(nestedArchives)
+			errs = unknown.Appendf(errs, j.location, "nested archives not cataloged: %v", strings.Join(nestedArchives, ", "))
+		}
 	}

 	// lastly, add the parent package to the list (assuming the parent exists)
@ -166,7 +175,11 @@ func (j *archiveParser) parse(ctx context.Context) ([]pkg.Package, []artifact.Re
 		p.SetID()
 	}

-	return pkgs, relationships, nil
+	if len(pkgs) == 0 {
+		errs = unknown.Appendf(errs, j.location, "no package identified in archive")
+	}
+
+	return pkgs, relationships, errs
 }

 // discoverMainPackage parses the root Java manifest used as the parent package to all discovered nested packages.
@ -283,14 +296,14 @@ func (j *archiveParser) findLicenseFromJavaMetadata(ctx context.Context, groupID
 	if parsedPom != nil {
 		pomLicenses, err = j.maven.resolveLicenses(ctx, parsedPom.project)
 		if err != nil {
-			log.WithFields("error", err, "mavenID", j.maven.getMavenID(ctx, parsedPom.project)).Debug("error attempting to resolve pom licenses")
+			log.WithFields("error", err, "mavenID", j.maven.getMavenID(ctx, parsedPom.project)).Trace("error attempting to resolve pom licenses")
 		}
 	}

 	if err == nil && len(pomLicenses) == 0 {
 		pomLicenses, err = j.maven.findLicenses(ctx, groupID, artifactID, version)
 		if err != nil {
-			log.WithFields("error", err, "mavenID", mavenID{groupID, artifactID, version}).Debug("error attempting to find licenses")
+			log.WithFields("error", err, "mavenID", mavenID{groupID, artifactID, version}).Trace("error attempting to find licenses")
 		}
 	}

@ -300,7 +313,7 @@ func (j *archiveParser) findLicenseFromJavaMetadata(ctx context.Context, groupID
 		groupID = strings.Join(packages[:len(packages)-1], ".")
 		pomLicenses, err = j.maven.findLicenses(ctx, groupID, artifactID, version)
 		if err != nil {
-			log.WithFields("error", err, "mavenID", mavenID{groupID, artifactID, version}).Debug("error attempting to find sub-group licenses")
+			log.WithFields("error", err, "mavenID", mavenID{groupID, artifactID, version}).Trace("error attempting to find sub-group licenses")
 		}
 	}

@ -630,7 +643,7 @@ func newPackageFromMavenData(ctx context.Context, r *mavenResolver, pomPropertie
 	}

 	if err != nil {
-		log.WithFields("error", err, "mavenID", mavenID{pomProperties.GroupID, pomProperties.ArtifactID, pomProperties.Version}).Debug("error attempting to resolve licenses")
+		log.WithFields("error", err, "mavenID", mavenID{pomProperties.GroupID, pomProperties.ArtifactID, pomProperties.Version}).Trace("error attempting to resolve licenses")
 	}

 	licenses := make([]pkg.License, 0)
--- a/syft/pkg/cataloger/java/archive_parser_test.go
+++ b/syft/pkg/cataloger/java/archive_parser_test.go
@ -91,10 +91,12 @@ func TestParseJar(t *testing.T) {
 		fixture      string
 		expected     map[string]pkg.Package
 		ignoreExtras []string
+		wantErr      require.ErrorAssertionFunc
 	}{
 		{
 			name:    "example-jenkins-plugin",
 			fixture: "test-fixtures/java-builds/packages/example-jenkins-plugin.hpi",
+			wantErr: require.Error, // there are nested jars, which are not scanned and result in unknown errors
 			ignoreExtras: []string{
 				"Plugin-Version", // has dynamic date
 				"Built-By",       // podman returns the real UID
@ -153,6 +155,7 @@ func TestParseJar(t *testing.T) {
 		{
 			name:    "example-java-app-gradle",
 			fixture: "test-fixtures/java-builds/packages/example-java-app-gradle-0.1.0.jar",
+			wantErr: require.NoError, // no nested jars
 			expected: map[string]pkg.Package{
 				"example-java-app-gradle": {
 					Name:     "example-java-app-gradle",
@ -226,6 +229,7 @@ func TestParseJar(t *testing.T) {
 		{
 			name:    "example-java-app-maven",
 			fixture: "test-fixtures/java-builds/packages/example-java-app-maven-0.1.0.jar",
+			wantErr: require.NoError, // no nested jars
 			ignoreExtras: []string{
 				"Build-Jdk", // can't guarantee the JDK used at build time
 				"Built-By",  // podman returns the real UID
@ -351,13 +355,15 @@ func TestParseJar(t *testing.T) {
 			require.NoError(t, err)

 			actual, _, err := parser.parse(context.Background())
-			require.NoError(t, err)
+			if test.wantErr != nil {
+				test.wantErr(t, err)
+			}

 			if len(actual) != len(test.expected) {
 				for _, a := range actual {
 					t.Log("   ", a)
 				}
-				t.Fatalf("unexpected package count: %d!=%d", len(actual), len(test.expected))
+				t.Fatalf("unexpected package count; expected: %d got: %d", len(test.expected), len(actual))
 			}

 			var parent *pkg.Package
@ -1488,3 +1494,11 @@ func run(t testing.TB, cmd *exec.Cmd) {
 func ptr[T any](value T) *T {
 	return &value
 }
+
+func Test_corruptJarArchive(t *testing.T) {
+	ap := newGenericArchiveParserAdapter(DefaultArchiveCatalogerConfig())
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/example.jar").
+		WithError().
+		TestParser(t, ap.parseJavaArchive)
+}
--- a/syft/pkg/cataloger/java/maven_resolver.go
+++ b/syft/pkg/cataloger/java/maven_resolver.go
@ -79,7 +79,7 @@ func (r *mavenResolver) resolvePropertyValue(ctx context.Context, propertyValue
 	}
 	resolved, err := r.resolveExpression(ctx, resolutionContext, *propertyValue, resolvingProperties)
 	if err != nil {
-		log.WithFields("error", err, "propertyValue", *propertyValue).Debug("error resolving maven property")
+		log.WithFields("error", err, "propertyValue", *propertyValue).Trace("error resolving maven property")
 		return ""
 	}
 	return resolved
--- a/syft/pkg/cataloger/java/parse_pom_xml.go
+++ b/syft/pkg/cataloger/java/parse_pom_xml.go
@ -15,6 +15,7 @@ import (

 	"github.com/anchore/syft/internal"
 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -41,11 +42,13 @@ func (p pomXMLCataloger) Catalog(ctx context.Context, fileResolver file.Resolver

 	r := newMavenResolver(fileResolver, p.cfg)

+	var errs error
 	var poms []*gopom.Project
 	for _, pomLocation := range locations {
 		pom, err := readPomFromLocation(fileResolver, pomLocation)
 		if err != nil || pom == nil {
 			log.WithFields("error", err, "pomLocation", pomLocation).Debug("error while reading pom")
+			errs = unknown.Appendf(errs, pomLocation, "error reading pom.xml: %w", err)
 			continue
 		}

@ -60,7 +63,7 @@ func (p pomXMLCataloger) Catalog(ctx context.Context, fileResolver file.Resolver
 	for _, pom := range poms {
 		pkgs = append(pkgs, processPomXML(ctx, r, pom, r.pomLocations[pom])...)
 	}
-	return pkgs, nil, nil
+	return pkgs, nil, errs
 }

 func readPomFromLocation(fileResolver file.Resolver, pomLocation file.Location) (*gopom.Project, error) {
--- a/syft/pkg/cataloger/java/parse_pom_xml_test.go
+++ b/syft/pkg/cataloger/java/parse_pom_xml_test.go
@ -705,3 +705,11 @@ func getCommonsTextExpectedPackages() []pkg.Package {
 		},
 	}
 }
+
+func Test_corruptPomXml(t *testing.T) {
+	c := NewPomCataloger(DefaultArchiveCatalogerConfig())
+	pkgtest.NewCatalogTester().
+		FromDirectory(t, "test-fixtures/corrupt").
+		WithError().
+		TestCataloger(t, c)
+}
--- a/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go
+++ b/syft/pkg/cataloger/java/tar_wrapped_archive_parser_test.go
@ -10,6 +10,7 @@ import (
 	"github.com/stretchr/testify/require"

 	"github.com/anchore/syft/syft/file"
+	"github.com/anchore/syft/syft/pkg/cataloger/internal/pkgtest"
 )

 func Test_parseTarWrappedJavaArchive(t *testing.T) {
@ -57,3 +58,11 @@ func Test_parseTarWrappedJavaArchive(t *testing.T) {
 		})
 	}
 }
+
+func Test_corruptTarArchive(t *testing.T) {
+	ap := newGenericTarWrappedJavaArchiveParser(DefaultArchiveCatalogerConfig())
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/example.tar").
+		WithError().
+		TestParser(t, ap.parseTarWrappedJavaArchive)
+}
--- a/syft/pkg/cataloger/java/test-fixtures/corrupt/example.jar
+++ b/syft/pkg/cataloger/java/test-fixtures/corrupt/example.jar
@ -0,0 +1 @@
+example archive
--- a/syft/pkg/cataloger/java/test-fixtures/corrupt/example.tar
+++ b/syft/pkg/cataloger/java/test-fixtures/corrupt/example.tar
@ -0,0 +1 @@
+example archive
--- a/syft/pkg/cataloger/java/test-fixtures/corrupt/pom.xml
+++ b/syft/pkg/cataloger/java/test-fixtures/corrupt/pom.xml
@ -0,0 +1 @@
+<this is not a valid pom xml>
--- a/syft/pkg/cataloger/javascript/parse_package_json.go
+++ b/syft/pkg/cataloger/javascript/parse_package_json.go
@ -11,7 +11,6 @@ import (
 	"github.com/mitchellh/mapstructure"

 	"github.com/anchore/syft/internal"
-	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -64,11 +63,8 @@ func parsePackageJSON(_ context.Context, _ file.Resolver, _ *generic.Environment
 			return nil, nil, fmt.Errorf("failed to parse package.json file: %w", err)
 		}

-		if !p.hasNameAndVersionValues() {
-			log.Debugf("encountered package.json file without a name and/or version field, ignoring (path=%q)", reader.Path())
-			return nil, nil, nil
-		}
-
+		// always create a package, regardless of having a valid name and/or version,
+		// a compliance filter later will remove these packages based on compliance rules
 		pkgs = append(
 			pkgs,
 			newPackageJSONPackage(p, reader.Location.WithAnnotation(pkg.EvidenceAnnotationKey, pkg.PrimaryEvidenceAnnotation)),
@ -203,10 +199,6 @@ func licensesFromJSON(b []byte) ([]npmPackageLicense, error) {
 	return nil, errors.New("unmarshal failed")
 }

-func (p packageJSON) hasNameAndVersionValues() bool {
-	return p.Name != "" && p.Version != ""
-}
-
 // this supports both windows and unix paths
 var filepathSeparator = regexp.MustCompile(`[\\/]`)

--- a/syft/pkg/cataloger/javascript/parse_package_json_test.go
+++ b/syft/pkg/cataloger/javascript/parse_package_json_test.go
@ -210,10 +210,28 @@ func TestParsePackageJSON(t *testing.T) {
 	}
 }

+func Test_corruptPackageJSON(t *testing.T) {
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/package.json").
+		WithError().
+		TestParser(t, parsePackageJSON)
+}
+
 func TestParsePackageJSON_Partial(t *testing.T) { // see https://github.com/anchore/syft/issues/311
 	const fixtureFile = "test-fixtures/pkg-json/package-partial.json"

-	pkgtest.TestFileParser(t, fixtureFile, parsePackageJSON, nil, nil)
+	// raise package.json files as packages with any information we find, these will be filtered out
+	// according to compliance rules later
+	expectedPkgs := []pkg.Package{
+		{
+			Language:  pkg.JavaScript,
+			Type:      pkg.NpmPkg,
+			PURL:      packageURL("", ""),
+			Metadata:  pkg.NpmPackage{},
+			Locations: file.NewLocationSet(file.NewLocation(fixtureFile)),
+		},
+	}
+	pkgtest.TestFileParser(t, fixtureFile, parsePackageJSON, expectedPkgs, nil)
 }

 func Test_pathContainsNodeModulesDirectory(t *testing.T) {
--- a/syft/pkg/cataloger/javascript/parse_package_lock.go
+++ b/syft/pkg/cataloger/javascript/parse_package_lock.go
@ -9,6 +9,7 @@ import (
 	"strings"

 	"github.com/anchore/syft/internal/log"
+	"github.com/anchore/syft/internal/unknown"
 	"github.com/anchore/syft/syft/artifact"
 	"github.com/anchore/syft/syft/file"
 	"github.com/anchore/syft/syft/pkg"
@ -100,7 +101,7 @@ func (a genericPackageLockAdapter) parsePackageLock(_ context.Context, resolver

 	pkg.Sort(pkgs)

-	return pkgs, nil, nil
+	return pkgs, nil, unknown.IfEmptyf(pkgs, "unable to determine packages")
 }

 func (licenses *packageLockLicense) UnmarshalJSON(data []byte) (err error) {
--- a/syft/pkg/cataloger/javascript/parse_package_lock_test.go
+++ b/syft/pkg/cataloger/javascript/parse_package_lock_test.go
@ -333,3 +333,11 @@ func TestParsePackageLockLicenseWithArray(t *testing.T) {
 	adapter := newGenericPackageLockAdapter(CatalogerConfig{})
 	pkgtest.TestFileParser(t, fixture, adapter.parsePackageLock, expectedPkgs, expectedRelationships)
 }
+
+func Test_corruptPackageLock(t *testing.T) {
+	gap := newGenericPackageLockAdapter(DefaultCatalogerConfig())
+	pkgtest.NewCatalogTester().
+		FromFile(t, "test-fixtures/corrupt/package-lock.json").
+		WithError().
+		TestParser(t, gap.parsePackageLock)
+}
--- a/Show More
+++ b/Show More