We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What happened: Originally reported https://github.com/anchore/vulnerability-match-exclusion-database/issues/240#issuecomment-2489341204
syft -q ~/Downloads/jruby-exec.zip NAME VERSION TYPE JRuby 1.0 dotnet
What you expected to happen: Jruby is not a .NET application, thus should not be detected as so (should find no packages)
Steps to reproduce the issue: Download jruby binary and scan it with syft.
Anything else we need to know?: Proposed fix: scan the PE binary for indications of the .NET framework. Partial fix implemented: https://github.com/anchore/syft/compare/filter-dotnet-pe
The text was updated successfully, but these errors were encountered:
Hey Alex! CBP also went on to note that the same issue affects jrubyw.exe.
Sorry, something went wrong.
No branches or pull requests
What happened:
Originally reported https://github.com/anchore/vulnerability-match-exclusion-database/issues/240#issuecomment-2489341204
What you expected to happen:
Jruby is not a .NET application, thus should not be detected as so (should find no packages)
Steps to reproduce the issue:
Download jruby binary and scan it with syft.
Anything else we need to know?:
Proposed fix: scan the PE binary for indications of the .NET framework.
Partial fix implemented: https://github.com/anchore/syft/compare/filter-dotnet-pe
The text was updated successfully, but these errors were encountered: