-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
xeol unable to decode syft-json from versions of syft newer than v0.92 #346
Labels
bug
Something isn't working
Comments
Any update on this? |
it seems to occurs because of the fork this library is based on... |
That seems bad? Why is this component dependent on go package from a fork of syft with no tags or releases instead of the official syft package? |
is this project still maintained? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened:
When running xeol over a syft generated json sbom from a version of Syft later than v0.92 you get this error:
What you expected to happen:
When running xeol over a syft generated json sbom from a version of Syft v0.92 you do not receive this error:
How to reproduce it (as minimally and precisely as possible):
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b . v0.92.0
./syft --version
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b .
./syft --version
Anything else we need to know?:
I generated the SBOM's I tested against using Ubuntu 22.04 .ova from https://cloud-images.ubuntu.com/jammy/current/, however, I see this error when running across all our products. I would expect that simply updating the version of Syft from v.0.92 to something newer would solve this issue however I dont know if there are dependency versions for why its been held back on v0.92.
Environment:
xeol version
:cat /etc/os-release
or similar):The text was updated successfully, but these errors were encountered: