We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It seems that grype is not behaving as syft does when passing individual files that are not sboms:
❯ syft -o json conan.lock > /tmp/sbom ✔ Indexed file system /Users/wagoodman/Downloads ✔ Cataloged contents 85cd69f3c5c005fcd8d7e7210d9a50ea8fe9768e2b9dda0440c525350af9dd7e ├── ✔ Packages [1 packages] └── ✔ Executables [0 executables] ❯ grype /tmp/sbom ✔ Vulnerability DB [no update available] ✔ Scanned for vulnerabilities [0 vulnerability matches] ├── by severity: 0 critical, 0 high, 0 medium, 0 low, 0 negligible └── by status: 0 fixed, 0 not-fixed, 0 ignored No vulnerabilities found ❯ grype conan.lock ✔ Vulnerability DB [no update available] failed to catalog: unable to decode sbom: sbom format not recognized
Expected behavior is for the conan.lock to be cataloged by syft then scanned by grype.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
It seems that grype is not behaving as syft does when passing individual files that are not sboms:
Expected behavior is for the conan.lock to be cataloged by syft then scanned by grype.
The text was updated successfully, but these errors were encountered: