Add configuration to disable capturing any file info in SBOM #3132
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: tomersein <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
wagoodman
changed the title
Signed-off-by: Alex Goodman <[email protected]>
|
force push was to rebase / solve merge conflicts |
Signed-off-by: Alex Goodman <[email protected]>
wagoodman
reviewed
Nov 12, 2024
| for _, relationship := range s.Relationships { | ||
| for _, coordinates := range extractCoordinates(relationship) { | ||
| set.Add(coordinates) | ||
| if set.Size() > 0 { |
There was a problem hiding this comment.
the downside with this is that we are adding relationships already from pkg-to-file or file-to-file and here we're silently dropping only the nodes, but not changing the relationships. I think this part needs a little more thought -- that is, if there is an edge in the SBOM that describes the file directly, then we either need to include that file or drop the relationship.
There was a problem hiding this comment.
hi! sounds right.. however I am not sure how to solve it.
please let me know how to proceed further so this PR can be merged in the future :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds
files.enableconfiguration such that, when set tofalse, no entries are populated in the.filessection of the SBOM.Closes #2989