-
Notifications
You must be signed in to change notification settings - Fork 552
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support to bci images #740
Comments
👋 @gmontalvoy thanks so much for filing the issue! I ran grype against the BCI image with one of our newer releases and see that it's picking up the packages now, but no vulnerabilities are being reported. Is there a case you're aware of where this is a false negative report? If you have more details about what you expect the output to be as far as correct findings let me know and I'll investigate further. I'll keep this issue open for now so I can track myself the packages and see if we're missing anything. |
@gmontalvoy -- it looks like the latest versions of Grype are working fine with
|
What happened
While Grype works well on sle-based images:
The same does not happen with the new bci-based images even with syft installed and available.
What you expected to happen:
I'd expect Grype to be able to perform vuln scans also on bci
How to reproduce it (as minimally and precisely as possible):
grype registry.suse.com/bci/bci-base:15.3
and it will detect 0 packages and, obviously, 0 vulnerabilities.Environment:
grype version
:cat /etc/os-release
or similar):As it is being tested on macos, I am using a linux box to do this, here's the box details.
Thanks
The text was updated successfully, but these errors were encountered: