Java cataloger doesn't scan the top-level directory during glob matching for pom and nested archives #238
Assignees
Labels
bug
Something isn't working
Comments
zhill
added a commit
to zhill/syft
that referenced
this issue
Oct 23, 2020
…g for java archives/pom files. Fixes anchore#238 Signed-off-by: Zach Hill <zach@anchore.com>
zhill
added a commit
to zhill/syft
that referenced
this issue
Oct 23, 2020
…g for java archives/pom files. Fixes anchore#238 Signed-off-by: Zach Hill <zach@anchore.com>
zhill
added a commit
to zhill/syft
that referenced
this issue
Oct 23, 2020
…g for all catalogers that search for files. Fixes anchore#238 Signed-off-by: Zach Hill <zach@anchore.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened: Invoke syft on a directory that has a jar, in that jar at the top level is another jar. See anchore/grype#182 All of the nested jars in the winstone.jar embedded in that jar were not cataloged.
What you expected to happen: The winstone.jar should be inspected but is not
How to reproduce it (as minimally and precisely as possible): See anchore/grype#182
Anything else we need to know?:
Environment:
syft version: 0.3.0cat /etc/os-releaseor similar): MacOSThe text was updated successfully, but these errors were encountered: