You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a digest is available for the subject of an SBOM, the HasSbom node should be attached to an Artifact corresponding to that digest, and then an IsOccurrence should link the Artifact to a Package.
@pxp928 identified a few more places where code changes are needed:
update the Vuln CLI to take in hash to search for hasSBOM
Update the patch planning CLI to use hasSBOM dependencies and not direct isDependency when calculating patch plan
The text was updated successfully, but these errors were encountered:
When a digest is available for the subject of an SBOM, the
HasSbom
node should be attached to anArtifact
corresponding to that digest, and then anIsOccurrence
should link theArtifact
to aPackage
.@pxp928 identified a few more places where code changes are needed:
The text was updated successfully, but these errors were encountered: