What happened:
Scanning a jar with syft fails to find the jar itself if the current working directory is a symlink prints "no packages discovered."
Prints No packages discovered.
What you expected to happen:
I expected at least the jar itself to be found.
Steps to reproduce the issue:
mkdir actual
ln -s $PWD/actual im-a-link
cd im-a-link
curl -O https://repo1.maven.org/maven2/xalan/xalan/2.7.2/xalan-2.7.2.jar
syft -q xalan-2.7.2.jar
cd ../actual
syft -q xalan-2.7.2.jar
The first syft invocation finds nothing, but the second one finds the jar.
Anything else we need to know?:
I discovered this because /tmp on newer macOS installations is a symlink.
Environment:
❯ syft version
Application: syft
Version: 0.97.1
BuildDate: 2023-11-17T20:53:01Z
GitCommit: Homebrew
GitDescription: [not provided]
Platform: darwin/arm64
GoVersion: go1.21.4
Compiler: gc
- OS (e.g:
cat /etc/os-release or similar):
❯ uname -moprsv
Darwin 23.0.0 Darwin Kernel Version 23.0.0: Fri Sep 15 14:41:43 PDT 2023; root:xnu-10002.1.13~1/RELEASE_ARM64_T6000 arm64 arm
What happened:
Scanning a jar with syft fails to find the jar itself if the current working directory is a symlink prints "no packages discovered."
Prints
No packages discovered.What you expected to happen:
I expected at least the jar itself to be found.
Steps to reproduce the issue:
The first syft invocation finds nothing, but the second one finds the jar.
Anything else we need to know?:
I discovered this because
/tmpon newer macOS installations is a symlink.Environment:
syft version:cat /etc/os-releaseor similar):