feat: match against debian unstable #1593
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1446
Works by special casing
debian:unstable
to skip semver creation / parsing in a couple of places.Manual testing done
(
go run cmd/grype/main.go
is this change,grype
is v0.73.0 from homebrew)from the original issue
testing against
debian:testing
directly❯ go run cmd/grype/main.go debian:testing ✔ Vulnerability DB [no update available] ✔ Loaded image debian:testing ✔ Parsed image sha256:0450fd13eb205233d4ad56781f0018843029ac48b8f40172a7378edd88562857 ✔ Cataloged packages [87 packages] ✔ Scanned for vulnerabilities [46 vulnerability matches] ├── by severity: 1 critical, 1 high, 0 medium, 1 low, 43 negligible └── by status: 0 fixed, 46 not-fixed, 0 ignored NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY apt 2.7.6 deb CVE-2011-3374 Negligible bsdutils 1:2.39.2-4 deb CVE-2022-0563 Negligible coreutils 9.1-1 deb CVE-2016-2781 Low ... snip
As opposed to: