You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What would you like to be added:
I would like to add Conan (C/C++ package manager) CVEs on Grype
Why is this needed:
Syft support Conan scanning.
GITLAB Advisory database manage conan CVE.
Additional context:
URL to GITLAB Advisory : https://gitlab.com/gitlab-org/advisories-community
GITLAB Advisory support also GEM/GO/MAVEN/NPM/NUGET/PYPI, maybe it is possible to add complementary information for these ecosystem...
Thanks in advance.
The text was updated successfully, but these errors were encountered:
Hey @jacky92, thank you for the request. This is probably something we could do by implementing a new provider in https://github.com/anchore/vunnel to parse the publicly-available GitLab data. Note: if we implemented that, we'd need to also implement a per-ecosystem filter to prevent duplicates of vulnerabilities from GHSA that we would also be using to match in Grype. If you are interested in working on the Vunnel provider, please let us know! We would be happy to help get you pointed in the right direction.
Hello,
What would you like to be added:
I would like to add Conan (C/C++ package manager) CVEs on Grype
Why is this needed:
Syft support Conan scanning.
GITLAB Advisory database manage conan CVE.
Additional context:
URL to GITLAB Advisory : https://gitlab.com/gitlab-org/advisories-community
GITLAB Advisory support also GEM/GO/MAVEN/NPM/NUGET/PYPI, maybe it is possible to add complementary information for these ecosystem...
Thanks in advance.
The text was updated successfully, but these errors were encountered: