Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan with javascript-lock cataloger does not provide licenses #1910

Closed
aslansky opened this issue Jul 4, 2023 · 4 comments
Closed

Scan with javascript-lock cataloger does not provide licenses #1910

aslansky opened this issue Jul 4, 2023 · 4 comments
Labels
bug Something isn't working

Comments

@aslansky
Copy link

aslansky commented Jul 4, 2023

When scanning with javascript-lock cataloger the license field in the resulting bom is empty. Is there a way to get the licenses with this cataloger?
@aslansky aslansky added the bug Something isn't working label Jul 4, 2023
@tgerla
Copy link
Contributor

tgerla commented Jul 6, 2023

Hi @aslansky, thanks for filing this issue. Do you mind attaching a lockfile or container image that you're using so we can test it out on our end? Thanks!

@tgerla tgerla moved this to Awaiting Response in OSS Jul 6, 2023
@aslansky
Copy link
Author

aslansky commented Jul 7, 2023

Sure, we are using yarn.

yarn.lock.txt

syft version is 0.84.1

.syft.yaml looks like this:

output: cyclonedx-json
file: dist/bom.json
exclude:
  - ./dist/**
  - ./node_modules/**
  - ./tmp/**
  - ./tools/**
  - ./coverage/**
  - ./.storybook/**
  - ./.nx/**
catalogers:
  - javascript-lock
  - go-mod-file
  - dotnet-deps
golang:
  search-local-mod-cache-licenses: true
  search-remote-licenses: true

@aslansky
Copy link
Author

aslansky commented Jul 7, 2023

Ah, by posting the content of the config file, I noticed that node_modules was excluded. Removing it from exclude config solves this.

Sorry for opening up the ticket, should have checked the config before asking :-)

@aslansky aslansky closed this as completed Jul 7, 2023
@github-project-automation github-project-automation bot moved this from Awaiting Response to Done in OSS Jul 7, 2023
@tgerla
Copy link
Contributor

tgerla commented Jul 7, 2023

No problem, glad it was an easy fix! :)

@tgerla tgerla closed this as not planned Won't fix, can't repro, duplicate, stale Jul 7, 2023
@jeremytbrun jeremytbrun mentioned this issue Oct 26, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
OSS
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aslansky @tgerla