aquasecurity / go-dep-parser

Dependency Parser for Multiple Programming Languages
MIT License
146 stars 109 forks source link

fix: check Dev field for UniqueLibraries func #280

Closed DmitriyLewen closed 11 months ago

DmitriyLewen commented 11 months ago

Description

We need to check (and not overwrite) Dev field when retrieving uniq libs (utils.UniqueLibraries function). See aquasecurity/trivy/issues/5532 for more details.

knqyf263 commented 10 months ago

@DmitriyLewen Do we need to bump the go-dep-parser version in Trivy?

DmitriyLewen commented 10 months ago

True, but we are blocked by https://github.com/aquasecurity/trivy/pull/5630 Because we updated SearchByArtifactID function in https://github.com/aquasecurity/go-dep-parser/pull/276

DmitriyLewen commented 10 months ago

I created https://github.com/aquasecurity/trivy/pull/5837 to remember to update go-dep-parser in Trivy