gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(sbom): don't overwrite srcEpoch when decoding SBOM files (#6866)

Browse Source
This commit is contained in:
DmitriyLewen
2024-06-07 14:44:07 +06:00
committed by GitHub
parent bb26445e3d
commit 04af59c290
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/sbom/io/decode.go
View File

@@ -271,6 +271,11 @@ func (m *Decoder) fillSrcPkg(c *core.Component, pkg *ftypes.Package) {
}
m.parseSrcVersion(pkg, c.SrcVersion)
// Source info was added from component or properties
if pkg.SrcName != "" && pkg.SrcVersion != "" {
return
}
// Fill source package information for components in third-party SBOMs .
if pkg.SrcName == "" {
pkg.SrcName = pkg.Name