please add pkgsrc support

[0-wiz-0]

What would you like to be added: Please add support for pkgsrc, a portable packaging system Why is this needed: Generating the SBOM from the package database is much easier than e.g. crawling and recognizing C libraries and headers. Additional context:

On a system with recent pkgsrc,

pkg_info -Q CPE_URI \*

will print a list of CPE 2.3 URIs for all installed packages, one per line.

[tgerla]

Hi @0-wiz-0, thanks for the suggestion. We’re always happy to consider adding new sources of data for Syft. I'm going to tag this as a "good first issue" in case the community would like to try implementing it. If you are interested in taking it on yourself, please feel free to stop by our Slack and we can get you started. If not, that's fine and we will keep the issue open for the future. Thanks again.

[0-wiz-0]

Where's the Slack? What would be good examples to copy from? Thanks.

[tgerla]

You can join the Slack here: https://get.anchore.com/join-anchore-community/ -- we are working on some documentation right now to help people get started writing a new cataloger. I'll share that with you as soon as I can. Hope to see you on the Slack.