Open sozercan opened 3 months ago
No response
it should be:
"@id": "pkg:oci/nginx@sha256....",
https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst#oci
However, I am not sure if we can do this since image is not at the registry at this time so sha256 will not be accurate
vex statement output has
"@id": "pkg:oci/docker.io/library/nginx:1.21.6-patched",
https://project-copacetic.github.io/copacetic/website/output
Version of copa
No response
Expected Behavior
it should be:
https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst#oci
However, I am not sure if we can do this since image is not at the registry at this time so sha256 will not be accurate
Actual Behavior
vex statement output has
https://project-copacetic.github.io/copacetic/website/output
Steps To Reproduce
No response
Are you willing to submit PRs to contribute to this bug fix?