Closed DmitriyLewen closed 11 months ago
@DmitriyLewen Do we need to bump the go-dep-parser version in Trivy?
True, but we are blocked by https://github.com/aquasecurity/trivy/pull/5630
Because we updated SearchByArtifactID
function in https://github.com/aquasecurity/go-dep-parser/pull/276
I created https://github.com/aquasecurity/trivy/pull/5837 to remember to update go-dep-parser in Trivy
Description
We need to check (and not overwrite)
Dev
field when retrieving uniq libs (utils.UniqueLibraries
function). See aquasecurity/trivy/issues/5532 for more details.