Tracking software versions in Docker images

rcannood commented 1 year ago

I was experimenting with listing version numbers of Docker images so they can be documented. For reference, I used the following code:

docker_pkg_version <- function(container_id) {
  # Commands to detect package versions
  commands <- list(
    apt = "dpkg-query --showformat='${Package} ${Version}\\n' --show",
    apk = "apk info --all | grep -e ^P -e ^V | awk 'NR%2{printf \"%s \", $0; next} 1'",
    yum = "yum list installed | awk 'NR>1 {print $1, $2}'",
    r_packages = "Rscript -e 'installed.packages()[,c(1,3)]'",
    python_packages = "pip freeze"
  )

  # Execute the commands inside the Docker container and store the results
  package_versions <- lapply(commands, function(command) {
    tryCatch({
      docker_command <- paste("docker run", container_id, command)
      system(docker_command, intern = TRUE, ignore.stderr = TRUE)
    }, error = function(e) {
      character(0)
    })
  })

  # Print the detected package versions
  names(package_versions) <- names(commands)

  package_versions
}

This could be executed immediately after a Docker image has been built (maybe not by default, but definitely during a main_build and a release). This information could then be stored inside the viash config.

Additionally, we should add a way for adding versions of custom cli tools, such as:

resources:
  - type: bash_script
    path: script.sh
    usage: main
  - type: bash_script
    path: version.sh
    usage: version
test_resources:
  - type: bash_script
    path: test.sh
    usage: test

(Would need to find a better name for 'usage')

With version.sh:

cellranger --version
viash -v | awk '{print $1, $2}'

rcannood commented 1 year ago

@DriesSchaumont noted that we can use https://docs.docker.com/engine/sbom/ for this, which seems like a great solution to the problem!

Caveats

It still can't detect custom software Example: CellRanger in docker sbom ghcr.io/openpipelines-bio/mapping_cellranger_multi:0.9.0
It also doesn't detect R packages Example: docker sbom ghcr.io/openpipelines-bio/process_10xh5_filter_10xh5:0.9.0 Maybe I just need to update syft → https://github.com/anchore/syft/pull/1790

rcannood commented 1 year ago

Indeed, with a newer version of Syft, the R packages do show up.

syft ghcr.io/openpipelines-bio/process_10xh5_filter_10xh5:0.9.0

Output

``` ✔ Loaded image ✔ Parsed image ✔ Cataloged packages [480 packages] NAME VERSION TYPE KernSmooth 2.23-20 R-package MASS 7.3-59 R-package Matrix 1.5-4 R-package Pillow 9.5.0 python PyGObject 3.42.1 python R6 2.5.1 R-package Rcpp 1.0.10 R-package RcppTOML 0.2.2 R-package adduser 3.118ubuntu5 deb anndata 0.7.5.6 R-package anndata 0.8.0 python apt 2.4.8 deb assertthat 0.2.1 R-package base 4.3.0 R-package base-files 12ubuntu4.2 deb base-passwd 3.5.52build1 deb bash 5.1-6ubuntu1 deb binutils 2.38-4ubuntu2.1 deb binutils-common 2.38-4ubuntu2.1 deb binutils-x86-64-linux-gnu 2.38-4ubuntu2.1 deb bit 4.0.5 R-package bit64 4.0.5 R-package boot 1.3-28.1 R-package brio 1.1.3 R-package bsdutils 1:2.37.2-4ubuntu3 deb bspm 0.5.1 R-package build-essential 12.9ubuntu3 deb bzip2 1.0.8-5build1 deb ca-certificates 20211016ubuntu0.22.04.1 deb callr 3.7.3 R-package class 7.3-21 R-package cli 3.6.1 R-package cluster 2.1.4 R-package codetools 0.2-19 R-package compiler 4.3.0 R-package contourpy 1.1.0 python coreutils 8.32-4.1ubuntu1 deb cpp 4:11.2.0-1ubuntu1 deb cpp-11 11.3.0-1ubuntu1~22.04 deb crayon 1.5.2 R-package cycler 0.11.0 python dash 0.5.11+git20210903+057cd650a4ed-3build1 deb datasets 4.3.0 R-package dbus-python 1.2.18 python debconf 1.5.79ubuntu1 deb debianutils 5.5-1ubuntu2 deb desc 1.4.2 R-package diffobj 0.3.5 R-package diffutils 1:3.8-0ubuntu2 deb digest 0.6.31 R-package distro-info-data 0.52ubuntu0.3 deb docopt 0.7.1 R-package dpkg 1.21.1ubuntu2.1 deb dpkg-dev 1.21.1ubuntu2.1 deb e2fsprogs 1.46.5-2ubuntu1.1 deb ellipsis 0.3.2 R-package evaluate 0.21 R-package fansi 1.0.4 R-package findutils 4.8.0-1ubuntu3 deb fontconfig 2.13.1-4.2ubuntu5 deb fontconfig-config 2.13.1-4.2ubuntu5 deb fonts-dejavu-core 2.37-2build1 deb fonttools 4.40.0 python foreign 0.8-84 R-package fs 1.6.2 R-package g++ 4:11.2.0-1ubuntu1 deb g++-11 11.3.0-1ubuntu1~22.04 deb gcc 4:11.2.0-1ubuntu1 deb gcc-11 11.3.0-1ubuntu1~22.04 deb gcc-11-base 11.3.0-1ubuntu1~22.04 deb gcc-12-base 12.1.0-2ubuntu1~22.04 deb gfortran 4:11.2.0-1ubuntu1 deb gfortran-11 11.3.0-1ubuntu1~22.04 deb gir1.2-glib-2.0 1.72.0-1 deb glue 1.6.2 R-package gpgv 2.2.27-3ubuntu2.1 deb grDevices 4.3.0 R-package graphics 4.3.0 R-package grep 3.7-1build1 deb grid 4.3.0 R-package gzip 1.10-4ubuntu4.1 deb h5py 3.8.0 python hdf5-helpers 1.10.7+repack-4ubuntu2 deb hdf5r 1.3.8 R-package here 1.0.1 R-package hostname 3.23ubuntu2 deb icu-devtools 70.1-2 deb init-system-helpers 1.62 deb joblib 1.2.0 python jsonlite 1.8.5 R-package kiwisolver 1.4.4 python lattice 0.21-8 R-package libacl1 2.3.1-1 deb libaec-dev 1.0.6-1 deb libaec0 1.0.6-1 deb libapt-pkg6.0 2.4.8 deb libasan6 11.3.0-1ubuntu1~22.04 deb libatomic1 12.1.0-2ubuntu1~22.04 deb libattr1 1:2.5.1-1build1 deb libaudit-common 1:3.0.7-1build1 deb libaudit1 1:3.0.7-1build1 deb libbinutils 2.38-4ubuntu2.1 deb libblas-dev 3.10.0-2ubuntu1 deb libblas3 3.10.0-2ubuntu1 deb libblkid1 2.37.2-4ubuntu3 deb libbrotli1 1.0.9-2build6 deb libbsd0 0.11.5-1 deb libbz2-1.0 1.0.8-5build1 deb libbz2-dev 1.0.8-5build1 deb libc-bin 2.35-0ubuntu3.1 deb libc-dev-bin 2.35-0ubuntu3.1 deb libc6 2.35-0ubuntu3.1 deb libc6-dev 2.35-0ubuntu3.1 deb libcairo2 1.16.0-5ubuntu2 deb libcap-ng0 0.7.9-2.2build3 deb libcap2 1:2.44-1build3 deb libcc1-0 12.1.0-2ubuntu1~22.04 deb libcom-err2 1.46.5-2ubuntu1.1 deb libcrypt-dev 1:4.4.27-1 deb libcrypt1 1:4.4.27-1 deb libctf-nobfd0 2.38-4ubuntu2.1 deb libctf0 2.38-4ubuntu2.1 deb libcurl4 7.81.0-1ubuntu1.10 deb libcurl4-openssl-dev 7.81.0-1ubuntu1.10 deb libdatrie1 0.2.13-2 deb libdb5.3 5.3.28+dfsg1-0.8ubuntu3 deb libdbus-1-3 1.12.20-2ubuntu4.1 deb libdebconfclient0 0.261ubuntu1 deb libdeflate0 1.10-2 deb libdpkg-perl 1.21.1ubuntu2.1 deb libexpat1 2.4.7-1ubuntu0.2 deb libexpat1-dev 2.4.7-1ubuntu0.2 deb libext2fs2 1.46.5-2ubuntu1.1 deb libffi8 3.4.2-4 deb libfontconfig1 2.13.1-4.2ubuntu5 deb libfreetype6 2.11.1+dfsg-1ubuntu0.1 deb libfribidi0 1.0.8-2ubuntu3.1 deb libgcc-11-dev 11.3.0-1ubuntu1~22.04 deb libgcc-s1 12.1.0-2ubuntu1~22.04 deb libgcrypt20 1.9.4-3ubuntu3 deb libgdbm-compat4 1.23-1 deb libgdbm6 1.23-1 deb libgfortran-11-dev 11.3.0-1ubuntu1~22.04 deb libgfortran5 12.1.0-2ubuntu1~22.04 deb libgirepository-1.0-1 1.72.0-1 deb libglib2.0-0 2.72.4-0ubuntu2 deb libgmp10 2:6.2.1+dfsg-3ubuntu1 deb libgnutls30 3.7.3-4ubuntu1.1 deb libgomp1 12.1.0-2ubuntu1~22.04 deb libgpg-error0 1.43-3 deb libgraphite2-3 1.3.14-1build2 deb libgssapi-krb5-2 1.19.2-2 deb libharfbuzz0b 2.7.4-1ubuntu3.1 deb libhdf5-103-1 1.10.7+repack-4ubuntu2 deb libhdf5-cpp-103-1 1.10.7+repack-4ubuntu2 deb libhdf5-dev 1.10.7+repack-4ubuntu2 deb libhdf5-fortran-102 1.10.7+repack-4ubuntu2 deb libhdf5-hl-100 1.10.7+repack-4ubuntu2 deb libhdf5-hl-cpp-100 1.10.7+repack-4ubuntu2 deb libhdf5-hl-fortran-100 1.10.7+repack-4ubuntu2 deb libhogweed6 3.7.3-1build2 deb libice6 2:1.0.10-1build2 deb libicu-dev 70.1-2 deb libicu70 70.1-2 deb libidn2-0 2.3.2-2build1 deb libisl23 0.24-2build1 deb libitm1 12.1.0-2ubuntu1~22.04 deb libjbig0 2.1-3.1ubuntu0.22.04.1 deb libjpeg-dev 8c-2ubuntu10 deb libjpeg-turbo8 2.1.2-0ubuntu1 deb libjpeg-turbo8-dev 2.1.2-0ubuntu1 deb libjpeg8 8c-2ubuntu10 deb libjpeg8-dev 8c-2ubuntu10 deb libjs-jquery 3.6.0+dfsg+~3.5.13-1 deb libjs-sphinxdoc 4.3.2-1 deb libjs-underscore 1.13.2~dfsg-2 deb libk5crypto3 1.19.2-2 deb libkeyutils1 1.6.1-2ubuntu3 deb libkrb5-3 1.19.2-2 deb libkrb5support0 1.19.2-2 deb liblapack-dev 3.10.0-2ubuntu1 deb liblapack3 3.10.0-2ubuntu1 deb libldap-2.5-0 2.5.14+dfsg-0ubuntu0.22.04.2 deb liblsan0 12.1.0-2ubuntu1~22.04 deb liblz4-1 1.9.3-2build2 deb liblzma-dev 5.2.5-2ubuntu1 deb liblzma5 5.2.5-2ubuntu1 deb libmd0 1.0.4-1build1 deb libmount1 2.37.2-4ubuntu3 deb libmpc3 1.2.1-2build1 deb libmpdec3 2.5.1-2build2 deb libmpfr6 4.1.0-3build3 deb libncurses-dev 6.3-2 deb libncurses5-dev 6.3-2 deb libncurses6 6.3-2 deb libncursesw6 6.3-2 deb libnettle8 3.7.3-1build2 deb libnghttp2-14 1.43.0-1build3 deb libnsl-dev 1.3.0-2build2 deb libnsl2 1.3.0-2build2 deb libp11-kit0 0.24.0-6build1 deb libpam-modules 1.4.0-11ubuntu2 deb libpam-modules-bin 1.4.0-11ubuntu2 deb libpam-runtime 1.4.0-11ubuntu2 deb libpam0g 1.4.0-11ubuntu2 deb libpango-1.0-0 1.50.6+ds-2ubuntu1 deb libpangocairo-1.0-0 1.50.6+ds-2ubuntu1 deb libpangoft2-1.0-0 1.50.6+ds-2ubuntu1 deb libpaper-utils 1.1.28build2 deb libpaper1 1.1.28build2 deb libpcre16-3 2:8.39-13ubuntu0.22.04.1 deb libpcre2-16-0 10.39-3ubuntu0.1 deb libpcre2-32-0 10.39-3ubuntu0.1 deb libpcre2-8-0 10.39-3ubuntu0.1 deb libpcre2-dev 10.39-3ubuntu0.1 deb libpcre2-posix3 10.39-3ubuntu0.1 deb libpcre3 2:8.39-13ubuntu0.22.04.1 deb libpcre3-dev 2:8.39-13ubuntu0.22.04.1 deb libpcre32-3 2:8.39-13ubuntu0.22.04.1 deb libpcrecpp0v5 2:8.39-13ubuntu0.22.04.1 deb libperl5.34 5.34.0-3ubuntu1.1 deb libpixman-1-0 0.40.0-1ubuntu0.22.04.1 deb libpng-dev 1.6.37-3build5 deb libpng16-16 1.6.37-3build5 deb libprocps8 2:3.3.17-6ubuntu2 deb libpsl5 0.21.0-1.2build2 deb libpython3-dev 3.10.6-1~22.04 deb libpython3-stdlib 3.10.6-1~22.04 deb libpython3.10 3.10.6-1~22.04.2ubuntu1.1 deb libpython3.10-dev 3.10.6-1~22.04.2ubuntu1.1 deb libpython3.10-minimal 3.10.6-1~22.04.2ubuntu1.1 deb libpython3.10-stdlib 3.10.6-1~22.04.2ubuntu1.1 deb libquadmath0 12.1.0-2ubuntu1~22.04 deb libreadline-dev 8.1.2-1 deb libreadline8 8.1.2-1 deb librtmp1 2.4+20151223.gitfa8646d.1-2build4 deb libsasl2-2 2.1.27+dfsg2-3ubuntu1.2 deb libsasl2-modules-db 2.1.27+dfsg2-3ubuntu1.2 deb libseccomp2 2.5.3-2ubuntu2 deb libselinux1 3.3-1build2 deb libsemanage-common 3.3-1build2 deb libsemanage2 3.3-1build2 deb libsepol2 3.3-1build1 deb libsm6 2:1.2.3-1build2 deb libsmartcols1 2.37.2-4ubuntu3 deb libsqlite3-0 3.37.2-2ubuntu0.1 deb libss2 1.46.5-2ubuntu1.1 deb libssh-4 0.9.6-2build1 deb libssl-dev 3.0.2-0ubuntu1.10 deb libssl3 3.0.2-0ubuntu1.10 deb libstdc++-11-dev 11.3.0-1ubuntu1~22.04 deb libstdc++6 12.1.0-2ubuntu1~22.04 deb libsystemd0 249.11-0ubuntu3.6 deb libsz2 1.0.6-1 deb libtasn1-6 4.18.0-4build1 deb libtcl8.6 8.6.12+dfsg-1build1 deb libthai-data 0.1.29-1build1 deb libthai0 0.1.29-1build1 deb libtiff5 4.3.0-6ubuntu0.4 deb libtinfo6 6.3-2 deb libtirpc-common 1.3.2-2ubuntu0.1 deb libtirpc-dev 1.3.2-2ubuntu0.1 deb libtirpc3 1.3.2-2ubuntu0.1 deb libtk8.6 8.6.12-1build1 deb libtsan0 11.3.0-1ubuntu1~22.04 deb libubsan1 12.1.0-2ubuntu1~22.04 deb libudev1 249.11-0ubuntu3.6 deb libunistring2 1.0-1 deb libuuid1 2.37.2-4ubuntu3 deb libwebp7 1.2.2-2 deb libx11-6 2:1.7.5-1 deb libx11-data 2:1.7.5-1 deb libxau6 1:1.0.9-1build5 deb libxcb-render0 1.14-3ubuntu3 deb libxcb-shm0 1.14-3ubuntu3 deb libxcb1 1.14-3ubuntu3 deb libxdmcp6 1:1.1.3-0ubuntu5 deb libxext6 2:1.3.4-1build1 deb libxft2 2.3.4-1 deb libxmuu1 2:1.1.3-3 deb libxrender1 1:0.9.10-1build4 deb libxss1 1:1.2.3-1build2 deb libxt6 1:1.2.1-1 deb libxxhash0 0.8.1-1 deb libzstd1 1.4.8+dfsg-3build1 deb lifecycle 1.0.3 R-package linux-libc-dev 5.15.0-71.78 deb littler 0.3.18 R-package llvmlite 0.40.1rc1 python locales 2.35-0ubuntu3.1 deb login 1:4.8.1-2ubuntu2 deb logsave 1.46.5-2ubuntu1.1 deb lsb-base 11.1.0ubuntu4 deb lto-disabled-list 24 deb magrittr 2.0.3 R-package make 4.3-4.1build1 deb matplotlib 3.7.1 python mawk 1.3.4.20200120-3 deb media-types 7.0.0 deb methods 4.3.0 R-package mgcv 1.8-42 R-package mount 2.37.2-4ubuntu3 deb natsort 8.3.1 python ncurses-base 6.3-2 deb ncurses-bin 6.3-2 deb networkx 3.1 python nlme 3.1-162 R-package nnet 7.3-18 R-package numba 0.57.0 python numpy 1.24.3 python openssl 3.0.2-0ubuntu1.9 deb packaging 23.1 python pandas 2.0.2 python parallel 4.3.0 R-package passwd 1:4.8.1-2ubuntu2 deb patch 2.7.6-7build2 deb patsy 0.5.3 python perl 5.34.0-3ubuntu1.1 deb perl-base 5.34.0-3ubuntu1.1 deb perl-modules-5.34 5.34.0-3ubuntu1.1 deb pillar 1.9.0 R-package pip 22.0.2 python pip 23.1.2 python pkg-config 0.29.2-1ubuntu3 deb pkgconfig 2.0.3 R-package pkgload 1.3.2 R-package png 0.1-8 R-package praise 1.0.0 R-package processx 3.8.1 R-package procps 2:3.3.17-6ubuntu2 deb ps 1.7.5 R-package pynndescent 0.5.10 python pyparsing 3.1.0 python python 3.10.6 binary python-apt 2.4.0+ubuntu1 python python-apt-common 2.4.0ubuntu1 deb python-dateutil 2.8.2 python python3 3.10.6-1~22.04 deb python3-apt 2.4.0ubuntu1 deb python3-dbus 1.2.18-3build1 deb python3-dev 3.10.6-1~22.04 deb python3-distutils 3.10.6-1~22.04 deb python3-gi 3.42.1-0ubuntu1 deb python3-lib2to3 3.10.6-1~22.04 deb python3-minimal 3.10.6-1~22.04 deb python3-pip 22.0.2+dfsg-1ubuntu0.3 deb python3-pkg-resources 59.6.0-1.2ubuntu0.22.04.1 deb python3-setuptools 59.6.0-1.2ubuntu0.22.04.1 deb python3-wheel 0.37.1-2ubuntu0.22.04.1 deb python3.10 3.10.6-1~22.04.2ubuntu1.1 deb python3.10-dev 3.10.6-1~22.04.2ubuntu1.1 deb python3.10-minimal 3.10.6-1~22.04.2ubuntu1.1 deb pytz 2023.3 python r-base 4.3.0-1.2204.0 deb r-base-core 4.3.0-1.2204.0 deb r-base-dev 4.3.0-1.2204.0 deb r-cran-anndata 0.7.5.6-1.ca2204.1 deb r-cran-assertthat 0.2.1-1.ca2204.1 deb r-cran-bit 4.0.5-1.ca2204.1 deb r-cran-bit64 4.0.5-1.ca2204.1 deb r-cran-boot 1.3-28.1-1.ca2204.1 deb r-cran-brio 1.1.3-1.ca2204.1 deb r-cran-bspm 0.5.1-1.ca2204.1 deb r-cran-callr 3.7.3-1.ca2204.1 deb r-cran-class 7.3-21-1.ca2204.1 deb r-cran-cli 3.6.1-1.ca2204.1 deb r-cran-cluster 2.1.4-1.ca2204.1 deb r-cran-codetools 0.2-19-1.ca2204.1 deb r-cran-crayon 1.5.2-1.ca2204.1 deb r-cran-desc 1.4.2-1.ca2204.1 deb r-cran-diffobj 0.3.5-1.ca2204.1 deb r-cran-digest 0.6.31-1.ca2204.1 deb r-cran-docopt 0.7.1-1.ca2204.1 deb r-cran-ellipsis 0.3.2-1.ca2204.1 deb r-cran-evaluate 0.21-1.ca2204.1 deb r-cran-fansi 1.0.4-1.ca2204.1 deb r-cran-foreign 0.8.84-1.ca2204.1 deb r-cran-fs 1.6.2-1.ca2204.1 deb r-cran-glue 1.6.2-1.ca2204.1 deb r-cran-hdf5r 1.3.8-1.ca2204.1 deb r-cran-here 1.0.1-1.ca2204.1 deb r-cran-jsonlite 1.8.5-1.ca2204.1 deb r-cran-kernsmooth 2.23-20-1.ca2204.1 deb r-cran-lattice 0.21-8-1.ca2204.1 deb r-cran-lifecycle 1.0.3-1.ca2204.1 deb r-cran-littler 0.3.18-1.ca2204.2 deb r-cran-magrittr 2.0.3-1.ca2204.1 deb r-cran-mass 7.3-59-1.ca2204.1 deb r-cran-matrix 1.5-4-1.ca2204.1 deb r-cran-mgcv 1.8-42-1.ca2204.1 deb r-cran-nlme 3.1.162-1.ca2204.1 deb r-cran-nnet 7.3-18-1.ca2204.1 deb r-cran-pillar 1.9.0-1.ca2204.1 deb r-cran-pkgconfig 2.0.3-1.ca2204.1 deb r-cran-pkgload 1.3.2-1.ca2204.1 deb r-cran-png 0.1-8-1.ca2204.1 deb r-cran-praise 1.0.0-1.ca2204.1 deb r-cran-processx 3.8.1-1.ca2204.1 deb r-cran-ps 1.7.5-1.ca2204.1 deb r-cran-r6 2.5.1-1.ca2204.1 deb r-cran-rappdirs 0.3.3-1.ca2204.1 deb r-cran-rcpp 1.0.10-1.ca2204.1 deb r-cran-rcpptoml 0.2.2-1.ca2204.1 deb r-cran-rematch2 2.1.2-1.ca2204.1 deb r-cran-remotes 2.4.2-1.ca2204.1 deb r-cran-reticulate 1.30-1.ca2204.1 deb r-cran-rlang 1.1.1-1.ca2204.1 deb r-cran-rpart 4.1.19-1.ca2204.1 deb r-cran-rprojroot 2.0.3-1.ca2204.1 deb r-cran-spatial 7.3-16-1.ca2204.1 deb r-cran-survival 3.5-5-1.ca2204.1 deb r-cran-testthat 3.1.9-1.ca2204.1 deb r-cran-tibble 3.2.1-1.ca2204.1 deb r-cran-utf8 1.2.3-1.ca2204.1 deb r-cran-vctrs 0.6.3-1.ca2204.1 deb r-cran-waldo 0.5.1-1.ca2204.1 deb r-cran-withr 2.5.0-1.ca2204.1 deb r-recommended 4.3.0-1.2204.0 deb rappdirs 0.3.3 R-package readline-common 8.1.2-1 deb rematch2 2.1.2 R-package remotes 2.4.2 R-package reticulate 1.30 R-package rlang 1.1.1 R-package rpart 4.1.19 R-package rpcsvc-proto 1.4.2-0ubuntu6 deb rprojroot 2.0.3 R-package scanpy 1.9.3 python scikit-learn 1.2.2 python scipy 1.10.1 python seaborn 0.12.2 python sed 4.8-1ubuntu2 deb sensible-utils 0.0.17 deb session-info 1.0.0 python setuptools 59.6.0 python six 1.16.0 python spatial 7.3-16 R-package splines 4.3.0 R-package stats 4.3.0 R-package stats4 4.3.0 R-package statsmodels 0.14.0 python stdlib-list 0.8.0 python survival 3.5-5 R-package sysvinit-utils 3.01-1ubuntu1 deb tar 1.34+dfsg-1build3 deb tcltk 4.3.0 R-package testRcppAttributePackage 1.0 R-package testRcppClass 0.1 R-package testRcppInterfaceExporter 0.1.0 R-package testRcppInterfaceUser 0.1.0 R-package testRcppModule 0.1 R-package testRcppPackage 0.1.0 R-package testthat 3.1.9 R-package threadpoolctl 3.1.0 python tibble 3.2.1 R-package tools 4.3.0 R-package tqdm 4.65.0 python translations 4.3.0 R-package tzdata 2023.3 python tzdata 2023c-0ubuntu0.22.04.1 deb ubuntu-keyring 2021.03.26 deb ucf 3.0043 deb umap-learn 0.5.3 python unzip 6.0-26ubuntu3.1 deb usrmerge 25ubuntu2 deb utf8 1.2.3 R-package util-linux 2.37.2-4ubuntu3 deb utils 4.3.0 R-package vctrs 0.6.3 R-package waldo 0.5.1 R-package wget 1.21.2-2ubuntu1 deb wheel 0.37.1 python withr 2.5.0 R-package x11-common 1:7.7+23ubuntu2 deb xauth 1:1.1-1build2 deb xdg-utils 1.1.3-4.1ubuntu3~22.04.1 deb xz-utils 5.2.5-2ubuntu1 deb zip 3.0-12build2 deb zlib1g 1:1.2.11.dfsg-2ubuntu9.2 deb zlib1g-dev 1:1.2.11.dfsg-2ubuntu9.2 deb ```

However it still doesn't detect CellRanger:

syft ghcr.io/openpipelines-bio/mapping_cellranger_multi:0.9.0

Output

``` ✔ Loaded image ✔ Parsed image ✔ Cataloged packages [322 packages] NAME VERSION TYPE Bottleneck 1.3.4 python Pillow 9.0.1 python adduser 3.118ubuntu2 deb alien 8.95 deb apt 2.0.9 deb autoconf 2.69-11.1 deb automake 1:1.16.1-4ubuntu6 deb autopoint 0.19.8.1-10build1 deb autotools-dev 20180224.1 deb base-files 11ubuntu5.7 deb base-passwd 3.5.47 deb bash 5.0-6ubuntu1.2 deb bcl2fastq2 0v2.20.0.422-2 deb binutils 2.34-6ubuntu1.6 deb binutils-common 2.34-6ubuntu1.6 deb binutils-x86-64-linux-gnu 2.34-6ubuntu1.6 deb bsdmainutils 11.1.2ubuntu3 deb bsdutils 1:2.34-0.1ubuntu9.4 deb build-essential 12.8ubuntu1.1 deb bzip2 1.0.8-2 deb ca-certificates 20230311ubuntu0.20.04.1 deb certifi 2021.10.8 python coreutils 8.30-3ubuntu2 deb cpio 2.13+dfsg-2ubuntu0.3 deb cpp 4:9.3.0-1ubuntu2 deb cpp-9 9.4.0-1ubuntu1~20.04.1 deb curl 7.68.0-1ubuntu2.18 deb dash 0.5.10.2-6 deb dbus 1.12.16-2ubuntu2.3 deb debconf 1.5.73 deb debhelper 12.10ubuntu1 deb debianutils 4.9.1 deb debugedit 4.14.2.1+dfsg1-1build2 deb dh-autoreconf 19 deb dh-strip-nondeterminism 1.7.0-1 deb diffutils 1:3.7-3 deb dirmngr 2.2.19-3ubuntu2.2 deb docopt 0.6.2 python dpkg 1.19.7ubuntu3.2 deb dpkg-dev 1.19.7ubuntu3.2 deb dwz 0.13-5 deb e2fsprogs 1.45.5-2ubuntu1.1 deb fakeroot 1.24-1 deb fdisk 2.34-0.1ubuntu9.4 deb file 1:5.38-4 deb findutils 4.7.0-1ubuntu1 deb g++ 4:9.3.0-1ubuntu2 deb g++-9 9.4.0-1ubuntu1~20.04.1 deb gcc 4:9.3.0-1ubuntu2 deb gcc-10-base 10.3.0-1ubuntu1~20.04 deb gcc-9 9.4.0-1ubuntu1~20.04.1 deb gcc-9-base 9.4.0-1ubuntu1~20.04.1 deb gettext java-archive gettext 0.19.8.1-10build1 deb gettext-base 0.19.8.1-10build1 deb gnupg 2.2.19-3ubuntu2.2 deb gnupg-l10n 2.2.19-3ubuntu2.2 deb gnupg-utils 2.2.19-3ubuntu2.2 deb gpg 2.2.19-3ubuntu2.2 deb gpg-agent 2.2.19-3ubuntu2.2 deb gpg-wks-client 2.2.19-3ubuntu2.2 deb gpg-wks-server 2.2.19-3ubuntu2.2 deb gpgconf 2.2.19-3ubuntu2.2 deb gpgsm 2.2.19-3ubuntu2.2 deb gpgv 2.2.19-3ubuntu2.2 deb grep 3.4-1 deb groff-base 1.22.4-4build1 deb gzip 1.10-0ubuntu4.1 deb h5py 3.6.0 python hostname 3.23 deb init-system-helpers 1.57 deb intltool-debian 0.35.0+20060710.5 deb joblib 1.1.0 python krb5-locales 1.17-6ubuntu4.3 deb libacl1 2.2.53-6 deb libalgorithm-diff-perl 1.19.03-2 deb libalgorithm-diff-xs-perl 0.04-6 deb libalgorithm-merge-perl 0.08-3 deb libapparmor1 2.13.3-7ubuntu5.2 deb libapt-pkg6.0 2.0.9 deb libarchive-cpio-perl 0.10-1 deb libarchive-zip-perl 1.67-2 deb libarchive13 3.4.0-2ubuntu1.2 deb libasan5 9.4.0-1ubuntu1~20.04.1 deb libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libassuan0 2.5.3-7ubuntu2 deb libatomic1 10.3.0-1ubuntu1~20.04 deb libattr1 1:2.4.48-5 deb libaudit-common 1:2.8.5-2ubuntu6 deb libaudit1 1:2.8.5-2ubuntu6 deb libbinutils 2.34-6ubuntu1.6 deb libblkid1 2.34-0.1ubuntu9.4 deb libbrotli1 1.0.7-6ubuntu0.1 deb libbsd0 0.10.0-1 deb libbz2-1.0 1.0.8-2 deb libc-bin 2.31-0ubuntu9.9 deb libc-dev-bin 2.31-0ubuntu9.9 deb libc6 2.31-0ubuntu9.9 deb libc6-dev 2.31-0ubuntu9.9 deb libcap-ng0 0.7.9-2.1build1 deb libcap2 1:2.32-1ubuntu0.1 deb libcc1-0 10.3.0-1ubuntu1~20.04 deb libcom-err2 1.45.5-2ubuntu1.1 deb libcroco3 0.6.13-1 deb libcrypt-dev 1:4.4.10-10ubuntu4 deb libcrypt1 1:4.4.10-10ubuntu4 deb libctf-nobfd0 2.34-6ubuntu1.6 deb libctf0 2.34-6ubuntu1.6 deb libcurl4 7.68.0-1ubuntu2.18 deb libdb5.3 5.3.28+dfsg1-0.6ubuntu2 deb libdbus-1-3 1.12.16-2ubuntu2.3 deb libdebconfclient0 0.251ubuntu1 deb libdebhelper-perl 12.10ubuntu1 deb libdpkg-perl 1.19.7ubuntu3.2 deb libdw1 0.176-1.1build1 deb libelf1 0.176-1.1build1 deb libexpat1 2.2.9-1ubuntu0.6 deb libexpat1-dev 2.2.9-1ubuntu0.6 deb libext2fs2 1.45.5-2ubuntu1.1 deb libfakeroot 1.24-1 deb libfdisk1 2.34-0.1ubuntu9.4 deb libffi7 3.3-4 deb libfile-fcntllock-perl 0.22-3build4 deb libfile-stripnondeterminism-perl 1.7.0-1 deb libgcc-9-dev 9.4.0-1ubuntu1~20.04.1 deb libgcc-s1 10.3.0-1ubuntu1~20.04 deb libgcrypt20 1.8.5-5ubuntu1.1 deb libgdbm-compat4 1.18.1-5 deb libgdbm6 1.18.1-5 deb libglib2.0-0 2.64.6-1~ubuntu20.04.6 deb libglib2.0-data 2.64.6-1~ubuntu20.04.6 deb libgmp10 2:6.2.0+dfsg-4ubuntu0.1 deb libgnutls30 3.6.13-2ubuntu1.8 deb libgomp1 10.3.0-1ubuntu1~20.04 deb libgpg-error0 1.37-1 deb libgssapi-krb5-2 1.17-6ubuntu4.3 deb libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libhogweed5 3.5.1+really3.5.1-2ubuntu0.2 deb libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libicu66 66.1-2ubuntu2.1 deb libidn2-0 2.2.0-2 deb libintl java-archive libisl22 0.22.1-1 deb libitm1 10.3.0-1ubuntu1~20.04 deb libk5crypto3 1.17-6ubuntu4.3 deb libkeyutils1 1.6-6ubuntu1.1 deb libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libkrb5-3 1.17-6ubuntu4.3 deb libkrb5support0 1.17-6ubuntu4.3 deb libksba8 1.3.5-2ubuntu0.20.04.2 deb libldap-2.4-2 2.4.49+dfsg-2ubuntu1.9 deb libldap-common 2.4.49+dfsg-2ubuntu1.9 deb liblocale-gettext-perl 1.07-4 deb liblsan0 10.3.0-1ubuntu1~20.04 deb libltdl-dev 2.4.6-14 deb libltdl7 2.4.6-14 deb liblua5.2-0 5.2.4-1.1build3 deb liblz4-1 1.9.2-2ubuntu0.20.04.1 deb liblzma5 5.2.4-1ubuntu1.1 deb libmagic-mgc 1:5.38-4 deb libmagic1 1:5.38-4 deb libmail-sendmail-perl 0.80-1 deb libmount1 2.34-0.1ubuntu9.4 deb libmpc3 1.1.0-1 deb libmpdec2 2.4.2-3 deb libmpfr6 4.0.2-1 deb libncurses6 6.2-0ubuntu2.1 deb libncursesw6 6.2-0ubuntu2.1 deb libnettle7 3.5.1+really3.5.1-2ubuntu0.2 deb libnghttp2-14 1.40.0-1ubuntu0.1 deb libnpth0 1.6-1 deb libnspr4 2:4.25-1 deb libnss3 2:3.49.1-1ubuntu1.9 deb libp11-kit0 0.23.20-1ubuntu0.1 deb libpam-modules 1.3.1-5ubuntu4.6 deb libpam-modules-bin 1.3.1-5ubuntu4.6 deb libpam-runtime 1.3.1-5ubuntu4.6 deb libpam0g 1.3.1-5ubuntu4.6 deb libpcre2-8-0 10.34-7ubuntu0.1 deb libpcre3 2:8.39-12ubuntu0.1 deb libperl5.30 5.30.0-9ubuntu0.4 deb libpipeline1 1.5.2-2build1 deb libpopt0 1.16-14 deb libprocps8 2:3.3.16-1ubuntu2.3 deb libpsl5 0.21.0-1ubuntu1 deb libpython3-dev 3.8.2-0ubuntu2 deb libpython3-stdlib 3.8.2-0ubuntu2 deb libpython3.8 3.8.10-0ubuntu1~20.04.8 deb libpython3.8-dev 3.8.10-0ubuntu1~20.04.8 deb libpython3.8-minimal 3.8.10-0ubuntu1~20.04.8 deb libpython3.8-stdlib 3.8.10-0ubuntu1~20.04.8 deb libquadmath0 10.3.0-1ubuntu1~20.04 deb libreadline8 8.0-4 deb libroken18-heimdal 7.7.0+dfsg-1ubuntu1.4 deb librpm8 4.14.2.1+dfsg1-1build2 deb librpmbuild8 4.14.2.1+dfsg1-1build2 deb librpmio8 4.14.2.1+dfsg1-1build2 deb librpmsign8 4.14.2.1+dfsg1-1build2 deb librtmp1 2.4+20151223.gitfa8646d.1-2build1 deb libsasl2-2 2.1.27+dfsg-2ubuntu0.1 deb libsasl2-modules 2.1.27+dfsg-2ubuntu0.1 deb libsasl2-modules-db 2.1.27+dfsg-2ubuntu0.1 deb libseccomp2 2.5.1-1ubuntu1~20.04.2 deb libselinux1 3.0-1build2 deb libsemanage-common 3.0-1build2 deb libsemanage1 3.0-1build2 deb libsepol1 3.0-1ubuntu0.1 deb libsigsegv2 2.12-2 deb libsmartcols1 2.34-0.1ubuntu9.4 deb libsqlite3-0 3.31.1-4ubuntu0.5 deb libss2 1.45.5-2ubuntu1.1 deb libssh-4 0.9.3-2ubuntu2.3 deb libssl1.1 1.1.1f-1ubuntu2.19 deb libstdc++-9-dev 9.4.0-1ubuntu1~20.04.1 deb libstdc++6 10.3.0-1ubuntu1~20.04 deb libsub-override-perl 0.09-2 deb libsys-hostname-long-perl 1.5-1 deb libsystemd0 245.4-4ubuntu3.22 deb libtasn1-6 4.16.0-2 deb libtinfo6 6.2-0ubuntu2.1 deb libtool 2.4.6-14 deb libtsan0 10.3.0-1ubuntu1~20.04 deb libubsan1 10.3.0-1ubuntu1~20.04 deb libuchardet0 0.0.6-3build1 deb libudev1 245.4-4ubuntu3.22 deb libunistring2 0.9.10-2 deb libuuid1 2.34-0.1ubuntu9.4 deb libwind0-heimdal 7.7.0+dfsg-1ubuntu1.4 deb libxml2 2.9.10+dfsg-5ubuntu0.20.04.6 deb libzstd1 1.4.4+dfsg-3ubuntu0.1 deb linux-libc-dev 5.4.0-152.169 deb login 1:4.8.1-1ubuntu5.20.04.4 deb logsave 1.45.5-2ubuntu1.1 deb lsb-base 11.1.0ubuntu2 deb lz4 3.1.3 python m4 1.4.18-4 deb make 4.2.1-1.2 deb man-db 2.9.1-1 deb manpages 5.05-1 deb manpages-dev 5.05-1 deb mawk 1.3.4.20200120-2 deb mime-support 3.64ubuntu1 deb mkl-fft 1.3.1 python mkl-random 1.2.2 python mkl-service 2.4.0 python mock 4.0.3 python mount 2.34-0.1ubuntu9.4 deb ncurses-base 6.2-0ubuntu2.1 deb ncurses-bin 6.2-0ubuntu2.1 deb netbase 6.1 deb numexpr 2.8.1 python numpy 1.21.2 python numpy 1.24.3 python openssl 1.1.1f-1ubuntu2.19 deb packaging 21.3 python pandas 1.3.5 python pandas 2.0.2 python passwd 1:4.8.1-1ubuntu5.20.04.4 deb patch 2.7.6-6 deb patsy 0.5.2 python perl 5.30.0-9ubuntu0.4 deb perl-base 5.30.0-9ubuntu0.4 deb perl-modules-5.30 5.30.0-9ubuntu0.4 deb pinentry-curses 1.1.0-3build1 deb pip 20.0.2 python pip 23.1.2 python po-debconf 1.0.21 deb procps 2:3.3.16-1ubuntu2.3 deb publicsuffix 20200303.0012-1 deb pycurl 7.44.1 python pyfaidx 0.6.4 python pyparsing 3.0.4 python pysam 0.16.0.1 python python 3.8.10 binary python 3.8.12 binary python-dateutil 2.8.2 python python-pip-whl 20.0.2-5ubuntu1.9 deb python3 3.8.2-0ubuntu2 deb python3-dev 3.8.2-0ubuntu2 deb python3-distutils 3.8.10-0ubuntu1~20.04 deb python3-lib2to3 3.8.10-0ubuntu1~20.04 deb python3-minimal 3.8.2-0ubuntu2 deb python3-pip 20.0.2-5ubuntu1.9 deb python3-pkg-resources 45.2.0-1ubuntu0.1 deb python3-setuptools 45.2.0-1ubuntu0.1 deb python3-wheel 0.34.2-1ubuntu0.1 deb python3.8 3.8.10-0ubuntu1~20.04.8 deb python3.8-dev 3.8.10-0ubuntu1~20.04.8 deb python3.8-minimal 3.8.10-0ubuntu1~20.04.8 deb pytz 2021.3 python pytz 2023.3 python readline-common 8.0-4 deb rpm 4.14.2.1+dfsg1-1build2 deb rpm-common 4.14.2.1+dfsg1-1build2 deb rpm2cpio 4.14.2.1+dfsg1-1build2 deb scikit-learn 0.24.2 python scipy 1.7.3 python sed 4.7-1 deb sensible-utils 0.0.12+nmu1 deb setuptools 45.2.0 python setuptools 58.0.4 python shared-mime-info 1.15-1 deb six 1.16.0 python statsmodels 0.13.2 python sysvinit-utils 2.96-2.1ubuntu1 deb tables 3.6.1 python tar 1.30+dfsg-7ubuntu0.20.04.3 deb threadpoolctl 2.2.0 python tzdata 2023.3 python tzdata 2023c-0ubuntu0.20.04.2 deb ubuntu-keyring 2020.02.11.4 deb util-linux 2.34-0.1ubuntu9.4 deb wheel 0.34.2 python xdg-user-dirs 0.17-2ubuntu1 deb xz-utils 5.2.4-1ubuntu1.1 deb zlib1g 1:1.2.11.dfsg-2ubuntu1.5 deb zlib1g-dev 1:1.2.11.dfsg-2ubuntu1.5 deb ```

DriesSchaumont commented 11 months ago

I am going to drop this here: https://github.com/microsoft/sbom-tool which uses: https://github.com/microsoft/component-detection

viash-io / viash

Tracking software versions in Docker images #416