Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(opensuse): add MicroOS and Leap Micro support #8409

Open
DmitriyLewen opened this issue Feb 17, 2025 · 1 comment
Open

feat(opensuse): add MicroOS and Leap Micro support #8409

DmitriyLewen opened this issue Feb 17, 2025 · 1 comment
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. scan/vulnerability Issues relating to vulnerability scanning

Comments

@DmitriyLewen
Copy link
Contributor

Description

OpenSUSE has 2 server versions:

We may add support for these OSes

Vulnerability detection

These OSes are based on Tumbleweed and Leap (immutable OS versions), so we can use advisories for these versions.

But we cannot match OS versions correctly.
for example, MicroOS uses timestamp as version (see #8202 (comment)).

As a compromise, we can still add support for these OSes.
In this case, users can detect OS packages and create SBOM files.
To detect vulnerabilities they can use the --distro flag (but they will have to select the correct OS version themselves)

See comments from #8202 for more details.
@DmitriyLewen DmitriyLewen added help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. scan/vulnerability Issues relating to vulnerability scanning labels Feb 17, 2025
@DmitriyLewen DmitriyLewen mentioned this issue Feb 17, 2025
Merged
@DmitriyLewen
Copy link
Contributor Author

Hello @htcosta
I have 2 questions:

  • Can you send os-release file for Leap Micro?
  • Do you have information how we can compare Leap and Leap MIcro version (to detection vulnerabilities)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. scan/vulnerability Issues relating to vulnerability scanning
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DmitriyLewen