Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add layerID to package struct in report #52

Open
tomerse-sg opened this issue Feb 6, 2024 · 3 comments
Open

Add layerID to package struct in report #52

tomerse-sg opened this issue Feb 6, 2024 · 3 comments
Labels
blocked feat New feature or request

Comments

@tomerse-sg
Copy link

Hello,

When I want to check the licenses of a given images, it is important to me to understand in which layer the package exists.
This information is already provided by syft, is it possible to display it in grant as well?

Thanks for your time!
@spiffcs spiffcs added the feat New feature or request label Feb 6, 2024
@wagoodman wagoodman added this to OSS Feb 7, 2024
@spiffcs spiffcs moved this to Backlog in OSS Feb 8, 2024
@limaonet
Copy link

I also really need this feature

@spiffcs
Copy link
Collaborator

spiffcs commented Jul 25, 2024

Nice! Thanks for the feedback on this.

anchore/syft#15
^ This is blocked since grant uses syft and would need 15 to be fulfilled

This would allow files to be associated to the individual layers and then we could disqualify base image layer licenses and ONLY find licenses added by our own software

@tomersein
Copy link

tomersein commented Sep 14, 2024
edited
Loading

what about it?
anchore/syft#3138

this PR will provide a resolver which can find out which file \ package exists in each layer @spiffcs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked feat New feature or request
Projects
OSS
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
4 participants
@spiffcs @limaonet @tomersein @tomerse-sg