anchore/syft issues and pull requests

#1344 - Remove deprecated syft.Format functions

Issue - State: closed - Opened by wagoodman about 2 years ago
Labels: breaking-change

#1307 - Decode binary and unknown metadata

Pull Request - State: closed - Opened by kzantow over 2 years ago

#1298 - Django package CPE is not correct

Issue - State: closed - Opened by AndrewR777 over 2 years ago - 2 comments
Labels: bug, cpe

#1294 - feat: prefer known CPE vendors over other candidates

Pull Request - State: closed - Opened by raboof over 2 years ago - 5 comments

#1291 - Add Rekor file cataloger

Pull Request - State: closed - Opened by spiffcs over 2 years ago - 3 comments
Labels: blocked, WIP

#1271 - Cannot Generating SBOM file from Windows Container

Issue - State: closed - Opened by miftacul over 2 years ago - 4 comments
Labels: bug

#1260 - SBOM from a source code repos have missing or repetitive component inventory

Issue - State: closed - Opened by sprathod369 over 2 years ago - 6 comments

#1241 - SPDX element/relationships should be defined for the container image being described

Issue - State: closed - Opened by lumjjb over 2 years ago - 6 comments
Labels: enhancement

#1237 - bump containerd to v1.6.8

Pull Request - State: closed - Opened by westonsteimel over 2 years ago - 1 comment

#1229 - --exclude-pkgs option

Issue - State: open - Opened by rchincha over 2 years ago - 13 comments
Labels: enhancement

#1227 - Get licenses for NuGet packages

Issue - State: open - Opened by fg-j over 2 years ago - 7 comments
Labels: enhancement, good-first-issue

#1222 - Support for Conan lockfiles

Issue - State: open - Opened by kzantow over 2 years ago - 2 comments
Labels: enhancement

#1207 - Support accessing individual CPE fields from templates

Issue - State: open - Opened by abderrahim over 2 years ago - 2 comments
Labels: enhancement, good-first-issue

#1202 - Syft is dropping the "group" field from imported CycloneDX

Issue - State: open - Opened by kairabiensda over 2 years ago - 2 comments
Labels: bug, format:cyclonedx

#1199 - Docker base images should be included in the BOM

Issue - State: open - Opened by captn3m0 over 2 years ago - 14 comments
Labels: enhancement, blocked, needs-discussion, needs-investigation

#1197 - Syft does not detect some software in Docker Official Images

Issue - State: closed - Opened by captn3m0 over 2 years ago - 6 comments
Labels: bug

#1173 - Analyze with Non-Daemon podman

Issue - State: open - Opened by dja-fr over 2 years ago - 3 comments
Labels: enhancement

#1146 - Update README.md

Pull Request - State: closed - Opened by nwl over 2 years ago

#1143 - Command line flags not overriding configuration file values

Issue - State: closed - Opened by spiffcs over 2 years ago - 2 comments
Labels: bug, good first issue, community-meeting

#1139 - Debian packages CPE

Issue - State: open - Opened by xpicio over 2 years ago - 2 comments
Labels: bug, good first issue

#1129 - Empty version field on some dependencies when reading pom.xml

Issue - State: closed - Opened by willyw0nka over 2 years ago - 11 comments
Labels: bug

#1115 - Online verification of artifacts

Issue - State: closed - Opened by wagoodman over 2 years ago - 4 comments
Labels: enhancement, question, changelog-ignore, online

#1109 - Support scanning single packages

Issue - State: open - Opened by dmuhamedagic over 2 years ago - 9 comments
Labels: enhancement

#1104 - Add asdf support

Issue - State: open - Opened by sambhav over 2 years ago - 3 comments
Labels: enhancement, good-first-issue, new-cataloger

#1100 - Reproducible SBOMs

Issue - State: open - Opened by fg-j over 2 years ago - 4 comments
Labels: discussion, needs-discussion

#1088 - add native support for flatpak and snap images

Issue - State: open - Opened by ciphernaut-rh over 2 years ago - 9 comments
Labels: enhancement, needs-investigation

#1074 - Possiblity to run Syft on a Dockerfile

Issue - State: closed - Opened by vargenau over 2 years ago - 7 comments
Labels: enhancement

#1073 - feat: add Elixir and Erlang (Hex package) support

Pull Request - State: closed - Opened by cpendery over 2 years ago - 10 comments
Labels: enhancement

#1062 - Rename `--output` and `--file` flags for better understanding

Issue - State: closed - Opened by Dentrax over 2 years ago - 7 comments
Labels: enhancement

#1059 - support OciDirectory for syft attest cmd

Issue - State: closed - Opened by developer-guy over 2 years ago - 3 comments
Labels: enhancement

#1054 - docker-archive: support scanning a single image inside the archive

Issue - State: open - Opened by bcmedeiros over 2 years ago - 1 comment
Labels: enhancement

#1048 - syft is unable to locate image locally in k8s with containerd runtime

Issue - State: closed - Opened by ibreakthecloud over 2 years ago - 5 comments
Labels: bug

#1039 - Improve cataloger selection capabilities

Issue - State: open - Opened by wagoodman over 2 years ago - 2 comments
Labels: enhancement

#1037 - Add ALPM Metadata to CYCLONEDX and SPDX output formats

Issue - State: closed - Opened by spiffcs over 2 years ago - 5 comments
Labels: enhancement, good first issue

#1024 - Excluding a directory does not work on Windows

Issue - State: open - Opened by UnitedHaxor over 2 years ago - 7 comments
Labels: bug

#1015 - fix: add component list to prevent cyclone-dx panic

Pull Request - State: closed - Opened by cpendery over 2 years ago - 1 comment

#1015 - fix: add component list to prevent cyclone-dx panic

Pull Request - State: closed - Opened by cpendery over 2 years ago - 1 comment

#973 - Software packages installed in C:\ProgramData hidden directory on Windows are missing in SBOM.

Issue - State: open - Opened by tsvirinkal-jsi almost 3 years ago - 1 comment
Labels: bug, good-first-issue, ecosystem:windows

#932 - Conda ecosystem support

Issue - State: open - Opened by rigzba21 almost 3 years ago - 16 comments
Labels: enhancement, good-first-issue, new-cataloger, needs-discussion

#931 - Package duplicated by different cataloger

Issue - State: closed - Opened by WhyJee almost 3 years ago - 22 comments
Labels: enhancement, filtering

#886 - SHA-256 mismatch when installing via Homebrew

Issue - State: closed - Opened by jscheid almost 3 years ago - 9 comments
Labels: bug, changelog-ignore

#849 - Update CycloneDX to use syft namespace and output multiple CPEs

Pull Request - State: closed - Opened by kzantow almost 3 years ago - 1 comment

#849 - Update CycloneDX to use syft namespace and output multiple CPEs

Pull Request - State: closed - Opened by kzantow almost 3 years ago - 1 comment

#824 - SBOM input

Pull Request - State: closed - Opened by kzantow almost 3 years ago - 3 comments
Labels: WIP

#774 - Support for Elixir programming language

Issue - State: closed - Opened by mbihoop about 3 years ago - 2 comments
Labels: enhancement, changelog-ignore, new-cataloger

#730 - Support cataloging R packages

Issue - State: closed - Opened by westonsteimel about 3 years ago - 2 comments
Labels: enhancement, new-cataloger

#725 - PackageLicenseDeclared is not generated correctly

Issue - State: open - Opened by muzammil786 about 3 years ago - 6 comments
Labels: bug, I/O, license

#680 - pip cataloger should support repository url

Issue - State: open - Opened by sambhav about 3 years ago - 8 comments
Labels: enhancement, blocked, ecosystem:python

#674 - An option to limit to a single filesystem (like -xdev)

Issue - State: closed - Opened by richlv about 3 years ago - 9 comments
Labels: enhancement

#662 - Create project website

Issue - State: open - Opened by wagoodman about 3 years ago - 2 comments
Labels: documentation, good-first-issue

#661 - Map shared lib / executable dependencies

Issue - State: open - Opened by wagoodman about 3 years ago - 7 comments
Labels: enhancement, binary-analysis, new-cataloger

#656 - Classify licenses based on file contents

Issue - State: open - Opened by wagoodman about 3 years ago - 2 comments
Labels: enhancement, license, needs-discussion

#632 - Support for NTIA minimum elements for an SBOM

Issue - State: open - Opened by luhring about 3 years ago - 13 comments
Labels: enhancement

#592 - Upload SBOM directly to OCI registry

Issue - State: open - Opened by developer-guy over 3 years ago - 17 comments
Labels: enhancement, needs-investigation

#572 - Add support for package dependency relationships

Issue - State: open - Opened by wagoodman over 3 years ago - 14 comments
Labels: enhancement, ecosystem:java, ecosystem:python, ecosystem:go, ecosystem:rust, ecosystem:javascript, ecosystem:ruby, ecosystem:os, planning

#565 - Identify SPDX license identifiers

Issue - State: open - Opened by wagoodman over 3 years ago
Labels: enhancement, format:spdx, license

#561 - Expose compact JSON and XML format configuration

Issue - State: closed - Opened by wagoodman over 3 years ago - 1 comment
Labels: enhancement, json

#558 - Top-level API should be more composable

Issue - State: open - Opened by wagoodman over 3 years ago - 26 comments
Labels: enhancement, breaking change

#518 - Report known unknowns directly in the output SBOM

Issue - State: closed - Opened by wagoodman over 3 years ago - 1 comment
Labels: enhancement

#516 - Syft command restructure

Issue - State: closed - Opened by spiffcs over 3 years ago - 8 comments
Labels: enhancement, changelog-ignore

#477 - Expose file metadata for image contents

Issue - State: open - Opened by wagoodman over 3 years ago - 3 comments
Labels: enhancement, I/O, format:spdx

#475 - Consider renaming "deb" to "dpkg"

Issue - State: open - Opened by wagoodman over 3 years ago

#416 - Disk space not freed after syft command

Issue - State: closed - Opened by rmkanda over 3 years ago - 9 comments
Labels: bug, needs-reproduction

#416 - Disk space not freed after syft command

Issue - State: closed - Opened by rmkanda over 3 years ago - 9 comments
Labels: bug, needs-reproduction

#373 - Support cataloging NuGet packages

Issue - State: closed - Opened by wagoodman almost 4 years ago - 13 comments
Labels: enhancement, good-first-issue, new-cataloger

#347 - Add ability to append labels to SBOM

Issue - State: open - Opened by hev almost 4 years ago - 3 comments
Labels: enhancement, good-first-issue

#246 - Full cataloging of archive contents

Issue - State: open - Opened by luhring over 4 years ago - 6 comments
Labels: enhancement

#201 - Add support for containerd as an image source

Issue - State: closed - Opened by zhill over 4 years ago
Labels: enhancement

#31 - Add support for user provided content "hints" file

Issue - State: open - Opened by wagoodman over 4 years ago - 11 comments
Labels: I/O

#15 - Enhance scoping selections

Issue - State: open - Opened by wagoodman over 4 years ago - 10 comments
Labels: enhancement

GitHub / anchore/syft issues and pull requests