-
**Expected behavior and actual behavior:**
In the new v2.10 version, The replications function has a bug now. It replicates some error unknow image.
Result:
![CleanShot 2024-03-05 at 09 45 16@2x…
-
There is currently no support in Syft for this but it can be accomplished by executing multiple times. This is less than ideal, as scans have the potential to be slow. Once Syft has some support, we c…
-
Suggestion: Use a folder path as entry point instead of Project/Solution files
recursively search in the folder for the following files
* project.assets.json
or
* packages.lock.json
Backgroun…
-
### Current Behavior
![image](https://user-images.githubusercontent.com/46081558/233088075-6ca92442-e807-46d9-b95c-6ac7ecaa47f3.png)
Although, The Purl format on [Dependency Track](https://docs.…
-
- [x] 1. Newest elixir/phoenix/rest of dependancies
- [x] 2. dependabot updates
- [x] 3. new release
- [x] 4. with sbom
- [x] 5. into staging
- [x] 6. into alpha
- [x] 7. into production
-
Hello Team,
We noticed that when we have a "non-jar" artifact as one of the dependencies in our Gradle project, CycloneDX plugin doesn't generate the right information in the `dependencies` field …
-
**Description**
When using `cosign save` (and additionally `cosign load`) to download and upload images with oci artifacts, `cosign save` does not include the all oci artifacts.
`cosign copy` fro…
-
## Describe the bug (and Steps To Reproduce)
Building the following simple Dockerfile:
```dockerfile
# escape=`
FROM mcr.microsoft.com/dotnet/framework/sdk:4.8
ARG RepositoryPath
ENV Repos…
-
### Description
After updating to 4.25, Docker Desktop stops starting and gives the error "Updating wsl: update failed: wsl.exe --update --web-download not supported". None of the above solutions hel…
-
It would be ideal to have a `sha1` to `groupID, artifactID` for jars that do not have `pom.xml` and are hosted on maven. This would help with the following issues:
- [x] https://github.com/anchore/…