Comments (4)
kzantow
commented on May 25, 2024
I don't think we will be able to support this exact use case, since as you noted there is a grype directory and this is unlikely to change.
You have a couple options:
- Use
go run ./cmd/grype, which is effectively what many of us do during development. You can make code changes and re-run this easily. - Run
make snapshot(aftermake bootstrap), which will build snapshot releases closest to what our release process does, but this is considerably slower as it builds binaries for all supported platforms.
It looks like we need to get the DEVELOPING.md updated.
from grype.
colton-freeman
commented on May 25, 2024
Ah, well thats a bummer. Neither of those use cases will work for us but thank you for the quick feedback. The install.sh build does work for us but was hoping for a source route. If need be you can feel free to close this issue.
from grype.
kzantow
commented on May 25, 2024
@colton-freeman you can also just build the binary with -o <binary-file-name>, for example:
go build -o build/grype ./cmd/grype
... will give you a binary named grype output in a build directory
from grype.
colton-freeman
commented on May 25, 2024
oh very nice. that might work for us, thank you.
from grype.
Related Issues (20)
- Getting Error while installing Grype HOT 2
- Ignore Go compiler affecting CVE when Docker image only contains a binary compiled with Go
- problems running grype after installation HOT 2
- False positive: GHSA-xqr8-7jwr-rhp7 in SUSE Eco-system
- How to output ANSI colors HOT 1
- Java 5/6 CVEs are reported against Java 11/17 images HOT 3
- Add "none" as possible value for --fail-on option HOT 1
- Read Syft configuration from Grype HOT 4
- False negatives: Apache Tomcat vulnerabilities (e.g., CVE-2024-23673) not detected HOT 7
- PHP pecl redis mixes with redis project itself and creates false positive cve
- False positive: CVE-2020-10663 (GHSA-jphg-qwrw-7w9g) json for Java is not affected, json for C is affected
- False Positive: CVE-2023-42282 not affected in SUSE ecosystem. HOT 1
- Distro tests fail within nixos HOT 10
- Add Can ecosystem and GITLAB Advisory database HOT 1
- Support for Azure Linux 3.0 HOT 4
- Add SARIF validation to test suite
- CVE-2024-3154 found with latest version HOT 2
- vex documents from the --vex flag do get processed or applied to the output correctly HOT 1
- False positives when installing both libcrypto, libssl 1.1 and 3 on alpine 3.19 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grype.