-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: RedHat Modules & PURLs #469
Conversation
94a28fa
to
aac2ecd
Compare
aac2ecd
to
fe89a9c
Compare
503beda
to
110adb0
Compare
BREAKING CHANGE: This commit removes the RedHatRepositories fact from the returned envelope. It should be unused, so it is not expected that this breaking change would actually break something. This is in preparation for the RedHat support, where the repositories will be added to the package's `purl` fields instead.
110adb0
to
b08b17e
Compare
ab047ac
to
e5f6a51
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update rpm-parser
with the correct version.
This commit makes use of the added PURL-support in DepGraph to include the RPM package modules as the "namespace", and the repositories as part of the qualifiers in the PURL. With this, Vuln can filter down vulnerabilities based on the repository-to-cpe mapping and also query packages by module. Support for this has been added through [Vuln #708](snyk/vuln#708).
e5f6a51
to
ccd9c06
Compare
Expected release notes (by @shlomiSnyk) features: others (will not be included in Semantic-Release notes):
|
🎉 This PR is included in version 6.0.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
What does this PR do?
todo
Where should the reviewer start?
How should this be manually tested?
Any background context you want to provide?
What are the relevant tickets?
Screenshots
Additional questions