Open gireesh-kumar opened 2 years ago
Hey is this issue still happening?
Also we don't quite have enough information to figure what's happening here... do you have an container image or other asset that we can scan directly? It looks like you found a deb on a redhat system, which is one oddity. Another oddity is the java package without a name. We are working on getting Syft to fully comply with the minimum NTIA requirements for an SBOM, and this hints at being able to filter non compliant packages in grype before attempting to match.
We probably should add a section to the grype report about packages that were not considered (something that is not done today / there is no place in the report for).
Hi
We are seeing below WARN messages continuously reporting when running grype:
What does these errors means?
What is the impact of ignoring these messages?
Is there something we can do to avoid / fix such warnings?
Environment: Application: grype Version: 0.38.0 Syft Version: v0.46.2 BuildDate: 2022-05-23T14:41:50Z GitCommit: 06d28dad9f7e7d9aa65fc16d45c6ce785826664c GitDescription: v0.38.0 Platform: linux/amd64 GoVersion: go1.18.2 Compiler: gc Supported DB Schema: 3
OS: Red Hat Enterprise Linux Server release 7.9 (Maipo)
Note: we are running the container images as well from the host.