Open tomerse-sg opened 8 months ago
I also really need this feature
Nice! Thanks for the feedback on this.
https://github.com/anchore/syft/issues/15 ^ This is blocked since grant uses syft and would need 15 to be fulfilled
This would allow files to be associated to the individual layers and then we could disqualify base image layer licenses and ONLY find licenses added by our own software
what about it? https://github.com/anchore/syft/pull/3138
this PR will provide a resolver which can find out which file \ package exists in each layer @spiffcs
Hello,
When I want to check the licenses of a given images, it is important to me to understand in which layer the package exists. This information is already provided by syft, is it possible to display it in grant as well?
Thanks for your time!