Comments (4)
@tgerla I'm your reluctant huckleberry. Sure, where do I start?
from syft.
There are two approaches to getting arbitrary binaries detected by syft:
- as @tgerla mentioned, adding the right regex to syft for the binary cataloger to pick up on it. We have a good readme just for how to add these regexes. This is great in circumstances where you don't have control over the build of the artifact you want detected and the binary has sufficient data to pick up on.
- another approach that is more suited if you do control the build would be to add a JSON payload as a
.note.package
ELF section. Syft recently added support to pick up on such payloads with further enhancements inbound. It looks like there are already bazel rules in envoy that add ELF notes, another rule could be added during the release to include name and version information.
from syft.
Hi @officerNordberg, thanks for the report! It doesn't look as though Syft currently knows anything about Envoy binaries. Syft's binary cataloger needs to know how to match each individual app: https://github.com/anchore/syft/blob/main/syft/pkg/cataloger/binary/classifiers.go
If you're interested in adding support for envoy detection, please let us know and we can help get started, otherwise I will move this into our backlog for future consideration. Thanks!
from syft.
Great! First please take a quick look at our contributor's guide: https://github.com/anchore/syft/blob/main/CONTRIBUTING.md and our developer's guide: https://github.com/anchore/syft/blob/main/DEVELOPING.md -- you will probably want to make sure you can run Syft out of a checkout like step 4 in DEVELOPING.md.
From there, you will add a new classifier to the list here: https://github.com/anchore/syft/blob/main/syft/pkg/cataloger/binary/classifiers.go
You will need to determine a file glob and "EvidenceMatcher" which is basically a regular expression designed to reliably identify the binary artifact you're classifying. It's often helpful to run "strings" on your binary and look for possible fragments of plain text that you can match against. You can take a look at some of the other classifiers to get an idea of what to look for.
If you want, please feel free to join our Slack (https://get.anchore.com/join-anchore-community/) and post to the #syft-help channel and we will be happy to help you through the process.
Thank you for giving it a shot! Much appreciated.
from syft.
Related Issues (20)
- Syft reports some fw* pckages, which are nowhere to find HOT 4
- Add support for dnf packages HOT 1
- Support Swift Package Manager Package.resolved schema version 3 HOT 2
- Catalog TiDB binary
- Redis not listed in the artifact lists of the bitnami/redis image HOT 2
- License not pickedup for binaries like java (openjdk), node (nodejs) HOT 4
- Ignore Go compiler affecting CVE when Docker image only contains a binary compiled with Go HOT 2
- Pom parser not resolving all dependency versions
- SBOM is generated with empty name HOT 4
- components inside tar.gz / tgz not picked up HOT 2
- Golang: Search remote licenses not working in a CI pipeline when scanning Docker image HOT 4
- Clearly document the fact that CPE strings could be made up HOT 1
- Recognition of files in a folder works inconsistently between Linux distributions. HOT 1
- New version 1.3.0 leads to "too many open files" while scanning bigger images HOT 1
- Add `bun-lock-cataloger` & `bun-binary-cataloger` catalogers HOT 1
- Improve linting for `defer Close` type issues HOT 2
- Relationships / Dependencies are present in Syft json and SPDX json files but not in Cyclonedx json file format HOT 3
- Not all the packages are getting imported in Blackduck scanner HOT 5
- Scanning a git repository folder present in /tmp produce an empty sbom HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from syft.