Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alpine installed is too generic and might be conflict with other files with the same name #124

Closed
another-rex opened this issue Jan 9, 2023 · 0 comments · Fixed by #94
Closed

Alpine installed is too generic and might be conflict with other files with the same name #124

another-rex opened this issue Jan 9, 2023 · 0 comments · Fixed by #94
Labels
enhancement New feature or request

Comments

@another-rex
Copy link
Collaborator

See #107 (comment)

A potential solution suggested there is:

G-Rath:
I wonder if this should be handled similar to git, sboms and csvs in osv-detector (which are a parser located in lockfile, but are never assumed when scanning directories - you have to explicitly say "this is a CSV I want you to check") - because /lib/apk/db/installed is very specific, so you're only ever going to get it checked if you run the scanner from anywhere along that path with -r anyway

So what if instead it had a dedicated flag, like --check-apk-installed?

#94 could then be used as a way of telling the scanner to treat arbitrary files as installed, but the scanner would never automatically assume a file called installed should be parsed as-such
@another-rex another-rex mentioned this issue Jan 9, 2023
Merged
@cmaritan cmaritan mentioned this issue Jan 9, 2023
Closed
@G-Rath G-Rath mentioned this issue Jan 10, 2023
Closed
@another-rex another-rex added the enhancement New feature or request label Jan 10, 2023
@cmaritan cmaritan mentioned this issue Jan 25, 2023
Closed
@another-rex another-rex mentioned this issue Jan 29, 2023
Merged
cmaritan pushed a commit to cmaritan/osv-scanner that referenced this issue Feb 12, 2023
@G-Rath @cmaritan
feat: support specifying what parser to use in --lockfile (google#94)
79303e3 
Resolves google#67
Resolves google#124
hayleycd pushed a commit that referenced this issue Mar 9, 2023
@G-Rath @hayleycd
feat: support specifying what parser to use in --lockfile (#94)
b502601 
Resolves #67
Resolves #124
julieqiu pushed a commit to julieqiu/osv-scanner that referenced this issue May 2, 2023
@G-Rath @julieqiu
feat: support specifying what parser to use in --lockfile (google#94)
113aae9 
Resolves google#67
Resolves google#124
julieqiu pushed a commit to julieqiu/osv-scanner that referenced this issue May 2, 2023
@G-Rath @julieqiu
feat: support specifying what parser to use in --lockfile (google#94)
dcd6ca6 
Resolves google#67
Resolves google#124
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
1 participant
@another-rex