include image labels in cycloneDX SBOM #2294
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Benji Visser <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
wagoodman
previously approved these changes
Nov 8, 2023
wagoodman
dismissed
their stale review
I'm going to make one more change: remove the need to update the snapshot test (since that updates a binary in the repo)
Signed-off-by: Alex Goodman <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
wagoodman
approved these changes
Nov 8, 2023
There was a problem hiding this comment.
I made one more update to remove the change to the snapshot tests since they updated the golden bin that is captured in the repo. Changing this isn't a bad thing, but it seemed unnecessary since it could be captured in a lower level unit test (which I just added). Snapshot tests are great for change detection with how the component is wired together, and less about correctness of values in different circumstances.
GijsCalis
pushed a commit
to GijsCalis/syft
that referenced
this pull request
Feb 19, 2024
* include image labels in SBOM Signed-off-by: Benji Visser <[email protected]> * update tests Signed-off-by: Benji Visser <[email protected]> * gocritic Signed-off-by: Benji Visser <[email protected]> * add properties Signed-off-by: Benji Visser <[email protected]> * add decoder Signed-off-by: Benji Visser <[email protected]> * update golden snapshots Signed-off-by: Benji Visser <[email protected]> * decodeProperties Signed-off-by: Benji Visser <[email protected]> * add test Signed-off-by: Alex Goodman <[email protected]> * remove the snapshot test changes Signed-off-by: Alex Goodman <[email protected]> * restore snapshots Signed-off-by: Alex Goodman <[email protected]> --------- Signed-off-by: Benji Visser <[email protected]> Signed-off-by: Alex Goodman <[email protected]> Co-authored-by: Alex Goodman <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a
metadata.propertiesfield with information about image labels to cycloneDX SBOMsresolves #2267