You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What happened:
When running xeol over a syft generated json sbom from a version of Syft later than v0.92 you get this error:
% xeol sbom:./v1.4.1-syft-filesystem-image-sbom.json --lookahead 1y -o table
✔ EOL DB [no update available]
1 error occurred:
* failed to catalog: unable to decode sbom: unable to decode syft-json: json: cannot unmarshal object into Go struct field Document.artifacts of type string
What you expected to happen:
When running xeol over a syft generated json sbom from a version of Syft v0.92 you do not receive this error:
% xeol sbom:./v0.92-syft-filesystem-image-sbom.json --lookahead 1y -o table
✔ EOL DB [no update available]
✔ Scanned for EOL [1 eol matches]
NAME VERSION EOL DAYS EOL TYPE
python 3.8.10 2024-10-31 - binary
How to reproduce it (as minimally and precisely as possible):
install Syft version 0.92 - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b . v0.92.0
% xeol sbom:./v1.4.1-syft-filesystem-image-sbom.json --lookahead 1y -o table
✔ EOL DB [no update available]
1 error occurred:
* failed to catalog: unable to decode sbom: unable to decode syft-json: json: cannot unmarshal object into Go struct field Document.artifacts of type string
Anything else we need to know?:
I generated the SBOM's I tested against using Ubuntu 22.04 .ova from https://cloud-images.ubuntu.com/jammy/current/, however, I see this error when running across all our products. I would expect that simply updating the version of Syft from v.0.92 to something newer would solve this issue however I dont know if there are dependency versions for why its been held back on v0.92.
it seems to occurs because of the fork this library is based on... replace github.com/anchore/syft => github.com/noqcks/syft v0.0.0-20240109150718-1b286b681098
What happened:
When running xeol over a syft generated json sbom from a version of Syft later than v0.92 you get this error:
What you expected to happen:
When running xeol over a syft generated json sbom from a version of Syft v0.92 you do not receive this error:
How to reproduce it (as minimally and precisely as possible):
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b . v0.92.0
./syft --version
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b .
./syft --version
Anything else we need to know?:
I generated the SBOM's I tested against using Ubuntu 22.04 .ova from https://cloud-images.ubuntu.com/jammy/current/, however, I see this error when running across all our products. I would expect that simply updating the version of Syft from v.0.92 to something newer would solve this issue however I dont know if there are dependency versions for why its been held back on v0.92.
Environment:
xeol version
:cat /etc/os-release
or similar):The text was updated successfully, but these errors were encountered: