mirror of
https://github.com/anchore/grype
synced 2024-11-10 06:34:13 +00:00
3e0aa00242
* allow for RPM modularity to be optional Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * use latest syft from main Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * bump syft Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove lint ignores for CPEs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update snapshot tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix: treat oraclelinux default appstream rpm modularity as missing for now For oraclelinux, the default stream of an installed appstream package does not currently set the MODULARITYLABEL property in the rpm metadata; however, in their advisory data they do specify modularity information, so this ends up in a case where the vuln entries have modularity but the packages coming from the sbom won't, so for now we need to treat the constraint as satisfied when the modularity label from an oraclelinux package is "". Signed-off-by: Weston Steimel <weston.steimel@anchore.com> * test: add new appstream images to quality gate and bump labels Signed-off-by: Weston Steimel <weston.steimel@anchore.com> * chore: bump quality gate labels Signed-off-by: Weston Steimel <weston.steimel@anchore.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Weston Steimel <weston.steimel@anchore.com> Co-authored-by: Weston Steimel <weston.steimel@anchore.com> |
||
|---|---|---|
| .. | ||
| cli | ||
| install | ||
| integration | ||
| quality | ||
| grype-test-config.yaml | ||
| ignore-att-signature.yaml | ||
| validate-grype-db-schema.py | ||