Open maaaaz opened 1 month ago
Just wanted to note: conda is its own packaging ecosystem that is not currently in OSV (also, from a quick look, Anaconda seems to only provide CVE information as part of their paid tiers). I don't really think that it's possible for us to support scanning for the conda packages.
That said, we should be able to support packages in conda environments that were installed through pip, which seem to be the ones with the =pypi_0
build / the ones listed under pip:
.
Hello there,
osv-scanner
currently does not support conda lockfiles.Conda lockfiles, called "environment" files, can come at least in 2 different formats:
Cheers !