Comments (3)
Same error on linux/amd64 (fedora 37), version 0.4.1
from bom.
Weird, I've managed to reproduce it and I'm checking it now. Thanks for the report @jaevans !
from bom.
I've pushed #244 to fix this bug, now generating the sbom works:
bom generate --image busybox --file file1 --file file2 --file file3 | bom document outline -
_
___ _ __ __| |_ __
/ __| '_ \ / _` \ \/ /
\__ \ |_) | (_| |> <
|___/ .__/ \__,_/_/\_\
|_|
📂 SPDX Document SBOM-SPDX-3b54773f-02aa-4c3e-9a12-85d2a8f44af3
│
│ 📦 DESCRIBES 1 Packages
│
├ sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │ 🔗 10 Relationships
│ ├ CONTAINS PACKAGE sha256:e8df49b8bf88d2e57d68613eb891a863b9a4d107d46804bb5456430ef3f8ca6a
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:3cd170288f2fd3e424ba5329d99b40927f4721c5b16fe20ef72dd73c160b0245
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:9c4aa07dc6de17545781cfad8cf412c810ba88f98187008eeae7bdaa3976f3bb
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:ed0e558e1a9b9e8d9be4d1bdc09a27e86b8e816de9788f292232d1a5e84b0731
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:2c8ed5408179ff4f53242a4bdd2706110ce000be239fe37a61be9c52f704c437
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:1487bff95222881565c7c063129c2c2ce3d6fc4d14796ac7627bd1f167bc5621
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:c6c4fb2c249a531ce74e7970daf33dd5597fbb1b217bb4b52e0e9b350b5218f4
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:9c10fd6e29d89874e9355832b75a2c3baa067b2a90ae6f26b5c2b22e942bead6
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:afebab8e3d8cbef70c0632b5a7aa5c003f253d4f4f1ca47fe6b094ef7fe0cd07
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:814c8b675ca358072b3bfd78ba92ae7e5cf5d9e44fbe710fbfa619f6fdc4b72b
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:b7c64f5c78e96bd56921c28d7794a5ed1ffcf10536d748219dc20bb799162e80
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:57e84f0a7f5010bc07bd842638c4a106afd40ca113b3e4b57f934aa9348f5f2a
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:77cf10a9f12c8e1274d80b8644934ee279c201697d8036c199322b258a20b30d
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:59520f5d6c57137715f3f3afecdaed7360828fedc3abc05aa1972c4371a749f2
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:0d985c89169632f79e8594b8fa522b44649312b5f86e28ee3ff3e56f30cc7c44
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:fe77dc6592f172993935753980c1081538bc17af23d7ef0435af99a0bbbd905f
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ ├ CONTAINS PACKAGE sha256:bc35ee0ae8c742ec79d347808e26c5f08bc6c1d8c883d6cac34151983791ab6a
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:13cca494f936f21fbf8f00e454e6cff8ab62e733f468c102f4d0a0fe4eb21e4d
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│ └ CONTAINS PACKAGE sha256:c1d97f83e9971011d6c1c492892bce9ac2be24705650cd52ac09effab5b8abba
│ │ │ 🔗 2 Relationships
│ │ ├ CONTAINS PACKAGE sha256:81407dacd54e9a77b35c98644d5e51f8fc3a0f257ef24886dd20c352e1a42ab5
│ │ └ VARIANT_OF PACKAGE sha256:c118f538365369207c12e5794c3cbfb7b042d950af590ae6c287ede74f29b7d4
│ │
│
│
│ 📄 DESCRIBES 3 Files
│
├ SPDXRef-File-file3 (file3)
├ SPDXRef-File-file1 (file1)
└ SPDXRef-File-file2 (file2)
from bom.
Related Issues (20)
- Error When Installing With Published Command
- Error When Creating SBOM for Image Specified with Digest HOT 2
- SPDX2.2: bom generates SBOM with invalid value for packageVerificationCodeValue
- [SPDX][TV/JSON] SBOM required field 'Creator' is missing/incorrect HOT 1
- SBOMs support dependency hierarchy for file systems and containers HOT 13
- info? compare and contrast this project viz a viz anchore/syft HOT 5
- PackageFromDirectory segfault HOT 2
- Replace `golang.org/x/tools/go/vcs` HOT 5
- Support Go binaries in bom generate HOT 2
- SPDX relationships like `DEPENDENCY_OF` and `TEST_DEPENDENCY_OF` seem to be not supported HOT 9
- Update asciinema tutorial to use mage not compile-release-tools HOT 4
- RPM Scanner does not work on layers where /var/lib/rpm is a symlink HOT 4
- Release v0.5.1 of `bom generate` can panic while main has been fixed, could we get v0.5.2? HOT 5
- typo maybe? HOT 3
- Record module version
- Push to github release HOT 1
- Refactor internals to use protobom
- Support for SBOMs in (signed) in-toto attestations
- Support reading/writing SBOMs from OCI registries
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bom.