oss/syft - syft - Sa' Rocí Solutions

oss/syft

Fork 0

mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00

Commit Graph

Author	SHA1	Message	Date
William Murphy	b7a6d5e946	feat: Record where CPEs come from (#2552 ) Syft can get CPEs from several source, including generating them based on package data, finding them in the NVD CPE dictionary, or finding them declared in a manifest or existing SBOM. Record where Syft got CPEs so that consumers of SBOMs can reason about how trustworthy they are. Signed-off-by: Will Murphy <will.murphy@anchore.com>	2024-02-02 16:17:52 +00:00
Alex Goodman	8ee209a5ae	use read lock in pkg collection (#2341 ) Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>	2023-11-21 13:48:25 -05:00

Author

SHA1

Message

Date

William Murphy

b7a6d5e946

feat: Record where CPEs come from (#2552 )

Syft can get CPEs from several source, including generating them based on
package data, finding them in the NVD CPE dictionary, or finding them declared
in a manifest or existing SBOM. Record where Syft got CPEs so that consumers of
SBOMs can reason about how trustworthy they are.

Signed-off-by: Will Murphy <will.murphy@anchore.com>

2024-02-02 16:17:52 +00:00

Alex Goodman

8ee209a5ae

use read lock in pkg collection (#2341 )

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

2023-11-21 13:48:25 -05:00

2 Commits