-
Notifications
You must be signed in to change notification settings - Fork 521
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Duplicates in Syft JSON "artifactRelationships" #2251
Comments
Hi @Joerki, thanks for the report! Is there a public Docker image that we can use to reproduce this problem? Thanks. |
Hi Tim, |
Hi @Joerki, no problem, I think we can make progress on this without your private image. We'll let you know if we need any more info to reproduce. |
Is this the same issue described and fixed with #2509? |
@Joerki - it's very similar, but my fix was specific to a double call of building relationships that was newly introduced after this issue was filed. If your specific example (I didn't see the image you used in the issue) is still showing duplicate relationships please let me know. I added a regression test in syft to try and protect against this happening in the future, but some odd edges could still exist. If you still find duplicate relationships on the latest release please let us know! I will close this issue, but reopen if you find your case is still relevant =) |
What happened:
In the "artifactRelationships" section there may be duplicates:
What you expected to happen:
Any parent/child/type item is unique
Steps to reproduce the issue:
Generate a Syft JSON SBOM (from a Docker image in my case).
Anything else we need to know?:
Environment:
syft version
: 0.94.0cat /etc/os-release
or similar): linux/amd64, PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"The text was updated successfully, but these errors were encountered: