Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SBOM is generated with empty name #2782

Open
vjpiyush123 opened this issue Apr 16, 2024 · 4 comments
Open

SBOM is generated with empty name #2782

vjpiyush123 opened this issue Apr 16, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@vjpiyush123
Copy link

What happened:
SBOM is generated with an empty name for the company's proprietary modules. It used to work earlier.

"packages": [
	{
		"name": "",
		"SPDXID": "SPDXRef-Package-java-archive-a3a6833c5eb6fc44",
		"supplier": "NOASSERTION",
		"downloadLocation": "NOASSERTION",
		"filesAnalyzed": false,

What you expected to happen:
name should be present for the module

Steps to reproduce the issue:

Generate the SBOM for the proprietary images , the modules which are company owned.
SBOM generated with empty Name for those company owned module (not open source)

Anything else we need to know?:

Environment:
@vjpiyush123 vjpiyush123 added the bug Something isn't working label Apr 16, 2024
@spiffcs
Copy link
Contributor

spiffcs commented Apr 16, 2024

👋 @vjpiyush123 do you know which version it worked on earlier? That would help us track down the regression and what changes we might have made to the java cataloger

@vjpiyush123
Copy link
Author

vjpiyush123 commented Apr 17, 2024
edited

Old version - syft-0.98.0

Current version - syft-1.2.0"

@vjpiyush123
Copy link
Author

@spiffcs - Would like to know if any updated on this issue.

@tgerla
Copy link
Contributor

tgerla commented Apr 25, 2024

Hi @vjpiyush123, we will need more information to help you solve this--can you provide us a publicly accessible image or even a single Jar file that reproduces the problem? If you can't provide us a test image or Jar, we will need you to figure out the exact version of Syft where the problem occurs. From there we can take a look. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
OSS
Status: No status
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tgerla @spiffcs @vjpiyush123