-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
schemas version 2 wishlist #266
Comments
@westonsteimel how would overriding the severity at a per-package level here help if grype db schema v5 can only have one severity per |
Yes |
I think adding a column to the vulnerability table in the current grype-db schema could be done without a breaking change, so we should get vunnel supporting it first and then update grype-db when we're ready to consume it |
what do you thing adding EOL based on - https://endoflife.date/ |
@wagoodman / @westonsteimel do we need to do anything here for the grype schema v6 work? Should we take advantage of the grype schema change to implement anything here? |
The original vunnel schemas were very heavily influenced by the existing results format from Anchore Enterprise since we were trying to rip that out with as little disruption as possible. Now we would like to begin evaluating what a future iteration of these schemas could look like.
FixedIn
entries but rather actual constraints. This way each provider can tailor the constraint creation logic to its needs, and grype-db does not have to figure out how to interpret multipleFixedIn
entries.The text was updated successfully, but these errors were encountered: