tgerla
commented
1 year ago Hi @fi0rini, thanks for the suggestion. We are a little hesitant to allow the globs to be fully configurable at runtime. We need to do some more investigation and research around the implications of detaching the set of globs from Syft itself.
For this particular problem with Conan, would it make sense for us to add the -win64.lock, -linux64.lock, etc, to the cataloger itself?
What would you like to be added: configuring individual catalogers with globs. specifically conan is where this issue came up for building and managing different platforms.
in config we could have.
Why is this needed: this is needed because with conan for example there are windows 64, linux 64, and additional possible profiles with windows 64 with varying vs code versions (2013,2015,2017, etc.) so when conan.lock is generated the file will be renamed to be conan-win64.lock or conan-linux64.lock etc.
Additional context: Current conan cataloger only looks for conan.lock and so with different lock file names for different conan profiles arent being discovered because their filenames have deviated . So adding a glob or convention specific to a project would be necessary to find all the lock files for each profile.