NodeJS package-lock.json SBOM libraries list inconsistent #5829
Closed
OfirSandak
started this conversation in
Adopters
Replies: 1 comment
-
|
You can leave a comment on #5532 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We need to check (and not overwrite) Dev field when retrieving uniq libs (utils.UniqueLibraries function).
See #5532 for more details.
Fixed and merged 3 weeks ago:
aquasecurity/go-dep-parser#280
Latest Trivy version doesn't include this fix, please update Trivy to use latest go-dep-parser.
Beta Was this translation helpful? Give feedback.
All reactions