Windows sbom have strange % in purl/sbom-ref #3569
Labels
bug
Something isn't working
Comments
|
Hey @freeeflyer -- thanks for the report. Is there a way to reproduce this using a container image, source code, or something that doesn't involve booting a Windows machine with an alternate boot loader? |
|
|
Pointing to the DLL/exe would be great, if there's a publicly available one we could download 👍 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened:
I tried to generate a sbom with syft on a windows system.
To avoid intrusion on a working unconnecter system
I tried to import said sbom on dependency track got an error :
I searched that string in the json file -> nothing
But some of the the sbom-ref or purl fields were strange:
What you expected to happen:
Get readable & short fields
Anything else we need to know?:
It seems to be urlencoded: I found that "pkg:nuget/Microsoft%20Reporting%20Services%20%D0%BF%D1%80%D0%BE%D1%88%D0%B8%D1%80%D0%B5%D1%9A%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20%D0%B7%D0%B0%20Analysis%20Services@11.0.9165.1186" decodes as "pkg:nuget/Microsoft Reporting Services проширење података за Analysis Services@11.0.9165.1186"
Environment:
syft version: 1.18.1cat /etc/os-releaseor similar): ubuntu 24 on the stick, windows 10 ltsc on the systemThe text was updated successfully, but these errors were encountered: