operation system package don't work

snyk / parlay

Enrich SBOMs with data from third party services

Apache License 2.0

123 stars 19 forks source link

operation system package don't work #29

Closed fingeromer closed 9 months ago

fingeromer commented 1 year ago

I run cat before_parlay.json | ./parlay ecosystems enrich -

on:

{
  "bomFormat": "CycloneDX",
  "specVersion": "1.3",
  "serialNumber": "1",
  "version": 1,
  "metadata": {
    "timestamp": "1496244605"
  },
  "component": {
    "name": "api",
    "type": "application"
  },
  "components": [
    {
      "type": "library",
      "name": "musl",
      "version": "1.2.3-r3",
      "purl": "pkg:apk/alpine/musl@1.2.3-r3?arch=x86_64"
    }
  ]
}

and the result is not enriched. Here is the ecosyste.ms link

garethr commented 1 year ago

I think this fix may apply here, related to a bug in mapping the alpine purls to the backend data.

garethr commented 1 year ago

This commit should fix this issue https://github.com/snyk/parlay/pull/40

mcombuechen commented 9 months ago

Closing this since a fix for apk was merged and released some time ago. If the issue still persists, please let us know and we can re-open this.