1 Commits

Author SHA1 Message Date
Alex Goodman
ba661e83a7
detect Ubuntu Pro/ESM extended support
Mirrors the existing RHEL `ExtendedSupport` detector for Ubuntu so grype can
auto-enable its ESM distro channel on Pro/ESM-enabled scans.

`findUbuntuFeatures` sets `linux.Release.ExtendedSupport` when the scanned OS is
Ubuntu and any of these hold:

- an uncommented apt source (classic `.list` or DEB822 `.sources`, or the
  ubuntu-advantage auth entry) referencing `esm.ubuntu.com`
- an enabled `esm-infra`/`esm-apps` service in the ubuntu-advantage
  `status.json` cache
- an installed dpkg package whose version carries an `[~+]esm` pocket suffix
  (the usual in-image signal, since containers are rarely Pro-attached)

The package fallback reads `s.Artifacts.Packages` from the `DetectFeatures`
SBOM callback, which runs after package cataloging, so no new plumbing was
needed. Conservative by design: plain Ubuntu and disabled/commented ESM
evidence stay false.

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2026-07-02 14:34:37 -04:00