-
Notifications
You must be signed in to change notification settings - Fork 760
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SBOM: the Syft preset could use a more suitable set of catalogers #5392
Labels
Comments
chmeliik
changed the title
SBOM: the Syft preset could use a more suitable set of cataloggers
SBOM: the Syft preset could use a more suitable set of catalogers
Mar 11, 2024
Sounds reasonable. Is the default of "--select-catalogers directory" the best one for build context directories? |
Yes, I think so |
A friendly reminder that this issue had no activity for 30 days. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The "syft" SBOM preset scans both the context directory and the rootfs as plain
dir:
s. Syft selects the default set of catalogers based on what it is scanning: https://github.com/anchore/syft?tab=readme-ov-file#package-cataloger-selectionYou can see the list of catalogers enabled for directory scanning and image scanning with:
And the list of catalogers enabled only for image scanning:
It would be suitable to use
--select-cataloggers image
when scanning the rootfs.The text was updated successfully, but these errors were encountered: