Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The SBOM details has something that doesn't make sense. #20324

Closed
zyyw opened this issue Apr 23, 2024 · 2 comments
Closed

The SBOM details has something that doesn't make sense. #20324

zyyw opened this issue Apr 23, 2024 · 2 comments
Assignees
@stonezdj
Labels
area/SBOM target/2.11.0

Comments

@zyyw
Copy link
Contributor

zyyw commented Apr 23, 2024

reproduce steps:

  1. select the checkbox of library project to "Automatically generate SBOM on push"
  2. docker push /library/alpine:3.15.5
  3. there will be an SBOM generated, but the SBOM details have something that doesn't make sense.
Screenshot 2024-04-23 at 1 54 34 PM
@stonezdj
Copy link
Contributor

It is the scanner generate the output. other scanner keep the image layer information in the SBOM

@wy65701436
Copy link
Contributor

The first package was returned by the scanner, mark this issue as by designed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stonezdj stonezdj

Labels
area/SBOM target/2.11.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stonezdj @wy65701436 @zyyw