This website requires JavaScript.
Explore
Help
Sign In
Mirrors
/
grype
Watch
2
Star
0
Fork
You've already forked grype
0
mirror of
https://github.com/anchore/grype
synced
2024-09-20 06:21:56 +00:00
Code
Issues
Projects
Releases
Packages
Wiki
Activity
b8dc27ccac
grype
/
test
/
grype-test-config.yaml
3 lines
29 B
YAML
Raw
Normal View
History
Unescape
Escape
implement v5 db schema to support improved matching between rpm appstream modules (#944) Adds support for a `package_qualifiers` column to allow evaluating package matches to vulnerabilities based on more than just version constraints. Currently adds an rpm-modularity qualifier in order to support matching to correct app stream module in order to reduce false positives within rpm-based distro ecosystems. In order to prevent an increase in false positive matches for previous versions of grype using the v4 schema, this change (along with the vulnerability source driver parser updates) requires bumping the schema to v5. Signed-off-by: Weston Steimel <weston.steimel@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2022-10-17 23:34:47 +00:00
check-for-app-update
:
false
feat: disable CPE-based matching for GHSA ecosystems by default (#1412) * feat: disable CPE-based matching for GHSA ecosystems by default Disables CPE-based matching for ecosystems which are covered by GitHub Security Advisories. Also adds a separate rust matcher and related configuration to allow configuring CPE-based matching off for it while still leaving it on for the stock matcher. Signed-off-by: Weston Steimel <weston.steimel@anchore.com> * chore: use --by-cve with quality gate comparison Signed-off-by: Weston Steimel <weston.steimel@anchore.com> * chore: add rust auditable binary match integration test Signed-off-by: Weston Steimel <weston.steimel@anchore.com> --------- Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
2023-10-12 13:07:33 +00:00
Reference in a new issue
Copy permalink