Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
BSD 2-Clause "Simplified" License
967
stars
188
forks
source link
Correctly parse and report local image names #1216
A recent commit[1] added the ability to analyze local images by adding the docker-daemon: string before the image name. While this works from an analysis point of view, it yields the incorrect string for the container name in Tern's reporting. As a fix, this new commit removes the docker-daemon string when instantiating a new OCIImage or DockerImage object, yielding the correct image name in the reports.
A recent commit[1] added the ability to analyze local images by adding the
docker-daemon:string before the image name. While this works from an analysis point of view, it yields the incorrect string for the container name in Tern's reporting. As a fix, this new commit removes thedocker-daemonstring when instantiating a new OCIImage or DockerImage object, yielding the correct image name in the reports.[1]https://github.com/tern-tools/tern/commit/40b981ce54578a7bd6fc5e19e8ded455fa9a98fc
Resolves #1214 Resolves #1212