feat(opensuse): add `MicroOS` and `Leap Micro` support · aquasecurity/trivy#8409

(1 comment) (0 reactions) (0 assignees)Go (35,000 stars) (371 forks)batch import

help wantedscan/vulnerability

説明

Description

OpenSUSE has 2 server versions:

We may add support for these OSes

Vulnerability detection

These OSes are based on Tumbleweed and Leap (immutable OS versions), so we can use advisories for these versions.

But we cannot match OS versions correctly. for example, MicroOS uses timestamp as version (see https://github.com/aquasecurity/trivy/pull/8202#issuecomment-2659348797).

As a compromise, we can still add support for these OSes. In this case, users can detect OS packages and create SBOM files. To detect vulnerabilities they can use the --distro flag (but they will have to select the correct OS version themselves)

See comments from https://github.com/aquasecurity/trivy/pull/8202 for more details.

コントリビューターガイド

技術スタック: go
領域: backendsecurity
Issue 種別: feature
難度: 4
推定時間: 3-5 days
活動状況: fresh
明確さ: mostly clear
前提条件: Go programmingUnderstanding of Trivy's OS detectionOpenSUSE package management
初心者向け度: 40
調査方針: Examine Trivy's OS detection logic in `pkg/fanal/analyzer/os.go` and related files for how other distributions are supported. Review the discussion in PR #8202 regarding version handling for MicroOS. Consider adding new OS types for MicroOS and Leap Micro and mapping them to Tumbleweed/Leap for vulnerability matching.