fix:best effort to get the os info of an ELF binary#4438
Merged
wagoodman merged 16 commits intoanchore:mainfrom Dec 12, 2025
Merged
fix:best effort to get the os info of an ELF binary#4438wagoodman merged 16 commits intoanchore:mainfrom
wagoodman merged 16 commits intoanchore:mainfrom
Conversation
…on is empty Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
wagoodman
reviewed
Dec 10, 2025
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
56c38d2 to
a32e694
Compare
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
Signed-off-by: Yuntao Hu <victorhu493@gmail.com>
29e8bfa to
e137d6f
Compare
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
wagoodman
reviewed
Dec 12, 2025
Contributor
There was a problem hiding this comment.
I changed this to not be a breaking change for JSON consumers. We can correct the output in syft JSON with syft v2.
wagoodman
reviewed
Dec 12, 2025
| Location file.Location `json:"-"` | ||
| // CorrectOSCPE has the corrected casing for the osCPE field relative to the systemd ELF package metadata "spec" https://systemd.io/ELF_PACKAGE_METADATA/ . | ||
| // Ideally in syft 2.0 this field should be replaced with the pkg.ELFBinaryPackageNoteJSONPayload.OSCPE field directly (with the struct tag corrected). | ||
| CorrectOSCPE string `json:"osCpe,omitempty"` |
Contributor
There was a problem hiding this comment.
Since we can't change the osCPE field on the pkg.ELFBinaryPackageNoteJSONPayload struct, this adds it to the struct responsible for unmarshaling. In this way we aren't exposing out the temporary field.
wagoodman
reviewed
Dec 12, 2025
| return nil, err | ||
| } | ||
|
|
||
| func unmarshalELFPackageNotesPayload(data []byte) (*elfBinaryPackageNotes, error) { |
Contributor
There was a problem hiding this comment.
I made this function as a choke point as early on in processing to deal with capturing the "correct" osCPE field onto the public field.
wagoodman
approved these changes
Dec 12, 2025
spiffcs
added a commit
that referenced
this pull request
Dec 19, 2025
* main: (76 commits) feat: snap can be queried by revision and ```track/risk/branch``` (#4439) fix: 4423 dotnet-deps cataloger skips project type by def signpost to docs site (#4483) chore(deps): bump github/codeql-action from 4.31.8 to 4.31.9 (#4481) chore(deps): bump github.com/goccy/go-yaml from 1.19.0 to 1.19.1 (#4482) Detect embedded deps.json in .NET binaries (#4375) chore(deps): bump actions/cache from 5.0.0 to 5.0.1 (#4476) chore(deps): bump actions/cache in /.github/actions/bootstrap (#4477) chore(deps): update tools to latest versions (#4473) unapply base path for resolver inbound requests (#4478) fix: golang PURL should include full module (#4395) fix:best effort to get the os info of an ELF binary (#4438) Improve PR template (#4472) feat: add support for Gemfile.next.lock (#4457) chore:cancel in-progress workflows for new commits on same PR (#4465) chore(deps): update tools to latest versions (#4466) chore(deps): bump github/codeql-action from 4.31.7 to 4.31.8 (#4468) chore(deps): bump actions/cache from 4.3.0 to 5.0.0 (#4469) chore(deps): bump github.com/anchore/stereoscope from 0.1.14 to 0.1.16 (#4470) chore(deps): bump actions/cache in /.github/actions/bootstrap (#4471) ... Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR requires a json-schema label though the version of the schema may change due to the conflicts across PRs.
In the newly introduced test cases for the issue, the constructor of
locationneeds to be altered.appCpeis just added according to the document,whose usage in Syft remains uncertain.Type of change
Checklist: