NodeJS package-lock.json SBOM libraries list inconsistent #5829
Closed
OfirSandak
started this conversation in
Adopters
Replies: 1 comment
-
|
You can leave a comment on #5532 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
We need to check (and not overwrite) Dev field when retrieving uniq libs (utils.UniqueLibraries function).
See #5532 for more details.
Fixed and merged 3 weeks ago:
aquasecurity/go-dep-parser#280
Latest Trivy version doesn't include this fix, please update Trivy to use latest go-dep-parser.
Beta Was this translation helpful? Give feedback.
All reactions