Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
22.31k
stars
2.2k
forks
source link
fix(sbom): detect OS from `purl` if OS component not found #7101
Open
DmitriyLewen opened 2 weeks ago
Description
There are cases when SBOM file doesn't contain
OS component
. To avoid missing OS packages -we can try to get OS frompurl
. More details - https://github.com/aquasecurity/trivy/discussions/7073#discussioncomment-9932362Related issues
Checklist