Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some questions regarding the Syft code #3573

Open
PatrickStarBaby opened this issue Jan 9, 2025 · 2 comments
Open

Some questions regarding the Syft code #3573

PatrickStarBaby opened this issue Jan 9, 2025 · 2 comments

Comments

@PatrickStarBaby
Copy link

Hello, I have some questions regarding the Syft code that I'd like to ask. In pkg/cataloger/debian/dependency.go and pkg/cataloger/redhat/dependency.go, after retrieving Requires, how are the dependencies resolved from require to specific Linux software packages? For example, in Fedora, when analyzing the dependency list of a binary package, it might include /bin/sh and libc.so.6(GLIBC_2.38)(64bit). How are these dependencies eventually resolved into a concrete package list (e.g., bash and glibc)? Thank you!

@spiffcs
Copy link
Contributor

spiffcs commented Jan 15, 2025

@PatrickStarBaby did you answer your own question and file the issue here:
#3589

If so can I close this one in favor of #3589 or is there some nuance I am missing as to why these two are separate?

@PatrickStarBaby
Copy link
Author

Of course

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: No status
Development

No branches or pull requests

2 participants