include image labels in cycloneDX SBOM #2294
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Benji Visser <benji@093b.org>
Signed-off-by: Benji Visser <benji@093b.org>
Signed-off-by: Benji Visser <benji@093b.org>
Signed-off-by: Benji Visser <benji@093b.org>
Signed-off-by: Benji Visser <benji@093b.org>
Signed-off-by: Benji Visser <benji@093b.org>
wagoodman
previously approved these changes
Nov 8, 2023
wagoodman
dismissed
their stale review
I'm going to make one more change: remove the need to update the snapshot test (since that updates a binary in the repo)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
wagoodman
approved these changes
Nov 8, 2023
There was a problem hiding this comment.
I made one more update to remove the change to the snapshot tests since they updated the golden bin that is captured in the repo. Changing this isn't a bad thing, but it seemed unnecessary since it could be captured in a lower level unit test (which I just added). Snapshot tests are great for change detection with how the component is wired together, and less about correctness of values in different circumstances.
GijsCalis
pushed a commit
to GijsCalis/syft
that referenced
this pull request
Feb 19, 2024
* include image labels in SBOM Signed-off-by: Benji Visser <benji@093b.org> * update tests Signed-off-by: Benji Visser <benji@093b.org> * gocritic Signed-off-by: Benji Visser <benji@093b.org> * add properties Signed-off-by: Benji Visser <benji@093b.org> * add decoder Signed-off-by: Benji Visser <benji@093b.org> * update golden snapshots Signed-off-by: Benji Visser <benji@093b.org> * decodeProperties Signed-off-by: Benji Visser <benji@093b.org> * add test Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * remove the snapshot test changes Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * restore snapshots Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Benji Visser <benji@093b.org> Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a
metadata.propertiesfield with information about image labels to cycloneDX SBOMsresolves #2267