gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-12 15:50:15 -08:00
Code Issues Packages Projects Releases Wiki Activity

docs: update links to packaging.python.org (#7318)

Browse Source 
Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
This commit is contained in:
Nikita Pivkin
2024-08-08 13:00:05 +07:00
committed by GitHub
parent 7278abd4e4
commit 65d991cee7
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/docs/coverage/language/python.md
View File

@@ -42,7 +42,7 @@ Trivy parses your files generated by package managers in filesystem/repository s
### pip
#### Dependency detection
Trivy only parses [version specifiers](https://packaging.python.org/en/latest/specifications/version-specifiers/#id4) with `==` comparison operator and without `.*`.
Trivy only parses [version specifiers](https://packaging.python.org/en/latest/specifications/version-specifiers/#id5) with `==` comparison operator and without `.*`.
To convert unsupported version specifiers - use the `pip freeze` command.
```bash
@@ -119,7 +119,7 @@ License detection is not supported for `Poetry`.
## Packaging
Trivy parses the manifest files of installed packages in container image scanning and so on.
See [here](https://packaging.python.org/en/latest/discussions/wheel-vs-egg/) for the detail.
See [here](https://packaging.python.org/en/latest/discussions/package-formats/) for the detail.
### Egg
Trivy looks for `*.egg-info`, `*.egg-info/PKG-INFO`, `*.egg` and `EGG-INFO/PKG-INFO` to identify Python packages.