You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @pythiankerr, can you attach the resulting SBOM and we can take a look to see what is has detected? The relevant binary detection mechanism is here:
We are looking for binaries called "java" and a particular version string within that binary, and for some reason it may not be matching the release you have deployed with Oracle. Having a look at the SBOM might help us figure out what, if anything, it is matching. Thanks!
Hi there, since we haven't heard back we'll go ahead and close this issue, but please feel free to re-open it with additional information if you are still having a problem. Thank you!
What happened:
Does not discover some Oracle Java installations. The path is not even mentioned in the generated syft-json output.
What you expected to happen:
Detect Oracle Java (for licence compliance survey)
Steps to reproduce the issue:
Java is installed on a server as part of an Oracle product (12cR2). I don't know how to reproduce that.
This shows a number of results for Java, but nothing inside /opt/oracle/product/12.2.0/
Grepping the SBoM for /opt/oracle/product/12.2.0/ shows plenty of results, but nothing with bin/java
Anything else we need to know?:
The Java 'release' file looks like the following:
There is also a 32-bit version installed that wasn't detected.
Environment:
syft version
: syft 0.82.0cat /etc/os-release
or similar): RHEL7.9The text was updated successfully, but these errors were encountered: