From dae56aada1b0ba22f9e681b71bd7437e99e83c94 Mon Sep 17 00:00:00 2001 From: adrobuta Date: Fri, 19 Dec 2025 15:07:54 +0200 Subject: [PATCH] feat: support for OCI images with manifests missing platform fields --- package-lock.json | 261 +++--------------- package.json | 2 +- .../snyk-container/container.spec.ts | 12 + 3 files changed, 56 insertions(+), 219 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5ce8e93db1..8507f11e91 100644 --- a/package-lock.json +++ b/package-lock.json @@ -69,7 +69,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.1", - "snyk-docker-plugin": "8.14.0", + "snyk-docker-plugin": "8.15.0", "snyk-go-plugin": "1.28.0", "snyk-gradle-plugin": "5.1.1", "snyk-module": "3.1.0", @@ -3142,9 +3142,9 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@snyk/docker-registry-v2-client": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.23.0.tgz", - "integrity": "sha512-LLXTW9BnnAtZkUI4YwhIzm8DjA1gB824CnhZbitLuP695oy1jLeXryk/jxMT3YnMrMXuXerj7GoZgmX65L5Zvw==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.24.0.tgz", + "integrity": "sha512-BALoUNzKYPHSq9kHlajf/W48z66pW3/ERlZ+7uBnCa69KKyZR8HEyXH3pKmbPE1pprS0zi5blIkuREenaqe00A==", "license": "Apache-2.0", "dependencies": { "needle": "^3.2.0", @@ -20190,14 +20190,14 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/snyk-docker-plugin": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-8.14.0.tgz", - "integrity": "sha512-YKzzyRR2cbL8DOHiXtY+w7lRa0Xtvx9/9jJGkLJ9khJ1c61cHk+WrjdEW0k3Lxp7cXTUl5UGIjh9vyvVHb8U2Q==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-8.15.0.tgz", + "integrity": "sha512-uqA/ceSUvD/K9y8RA0krEh04nVJGptoQBuCxO0F8JEBg4fAB8f3iNeFC8Qh6qUkSHQFRgYMFfnhIZ/u8LGmIFw==", "license": "Apache-2.0", "dependencies": { "@snyk/composer-lockfile-parser": "^1.4.1", - "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.23.0", + "@snyk/dep-graph": "^2.10.0", + "@snyk/docker-registry-v2-client": "^2.24.0", "@snyk/rpm-parser": "^3.4.0", "@snyk/snyk-docker-pull": "^3.15.0", "@swimlane/docker-reference": "^2.0.1", @@ -20214,9 +20214,9 @@ "mkdirp": "^1.0.4", "packageurl-js": "1.2.0", "semver": "^7.7.3", - "shescape": "^2.1.6", + "shescape": "^2.1.7", "snyk-nodejs-lockfile-parser": "^2.2.2", - "snyk-poetry-lockfile-parser": "1.9.0", + "snyk-poetry-lockfile-parser": "1.9.1", "snyk-resolve-deps": "^4.9.1", "tar-stream": "^2.1.0", "tmp": "^0.2.5", @@ -20325,12 +20325,12 @@ } }, "node_modules/snyk-docker-plugin/node_modules/shescape": { - "version": "2.1.6", - "resolved": "https://registry.npmjs.org/shescape/-/shescape-2.1.6.tgz", - "integrity": "sha512-c9Ns1I+Tl0TC+cpsOT1FeZcvFalfd0WfHeD/CMccJH20xwochmJzq6AqtenndlyAw/BUi3BMcv92dYLVrqX+dw==", + "version": "2.1.7", + "resolved": "https://registry.npmjs.org/shescape/-/shescape-2.1.7.tgz", + "integrity": "sha512-Y1syY0ggm3ow7mE1zrcK9YrOhAqv/IGbm3+J9S+MXLukwXf/M8yzL3hZp7ubVeSy250TT7M5SVKikTZkKyib6w==", "license": "MPL-2.0", "dependencies": { - "which": "^3.0.0 || ^4.0.0 || ^5.0.0" + "which": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0" }, "engines": { "node": "^14.18.0 || ^16.13.0 || ^18 || ^19 || ^20 || ^22 || ^24" @@ -20382,9 +20382,9 @@ } }, "node_modules/snyk-docker-plugin/node_modules/which": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/which/-/which-5.0.0.tgz", - "integrity": "sha512-JEdGzHwwkrbWoGOlIHqQ5gtprKGOenpDHpxE9zVR1bWbOtYRyPPHMe9FaP6x61CmNaTThSkb0DAJte5jD+DmzQ==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/which/-/which-6.0.0.tgz", + "integrity": "sha512-f+gEpIKMR9faW/JgAgPK1D7mekkFoqbmiwvNzuhsHetni20QSgzg9Vhn0g2JSJkkfehQnqdUAx7/e15qS1lPxg==", "license": "ISC", "dependencies": { "isexe": "^3.1.1" @@ -20393,7 +20393,7 @@ "node-which": "bin/which.js" }, "engines": { - "node": "^18.17.0 || >=20.5.0" + "node": "^20.17.0 || >=22.9.0" } }, "node_modules/snyk-docker-plugin/node_modules/yallist": { @@ -21374,9 +21374,10 @@ "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" }, "node_modules/snyk-poetry-lockfile-parser": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.0.tgz", - "integrity": "sha512-G6KzP9p3qRuc8jIcVuIUZOZL4pnzPqtvNarSl2i4yUycrP3wRmLj8SdqL5baZzcX5XZraGZ2WLMMr57ToJBhLg==", + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.1.tgz", + "integrity": "sha512-Hj89ZYAt7OubTHLFUOcI3fCwngsiMZ1wAzO9x3rlSlIFqhQ93MoDLGUMjPDJ/wBrwD6NECP+Jb5RvlTLKBXqKw==", + "license": "Apache-2.0", "dependencies": { "@iarna/toml": "^2.2.5", "@snyk/cli-interface": "^2.9.2", @@ -21529,22 +21530,6 @@ "node": ">=8" } }, - "node_modules/snyk-python-plugin/node_modules/@snyk/error-catalog-nodejs-public": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/@snyk/error-catalog-nodejs-public/-/error-catalog-nodejs-public-4.0.4.tgz", - "integrity": "sha512-M+t/MNfR/qr/Rdxc3Kl2p26mIx0YdcM22CAZfNsCuldl1DIZQma8jc7zmm14AwhwmdoU6TE7mzzO33KINgB8LA==", - "license": "Apache-2.0", - "dependencies": { - "tslib": "^2.6.2", - "uuid": "^9.0.0" - } - }, - "node_modules/snyk-python-plugin/node_modules/@snyk/error-catalog-nodejs-public/node_modules/tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "license": "0BSD" - }, "node_modules/snyk-python-plugin/node_modules/isexe": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", @@ -21561,12 +21546,6 @@ "node": ">= 6" } }, - "node_modules/snyk-python-plugin/node_modules/packageurl-js": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz", - "integrity": "sha512-N5ixXjzTy4QDQH0Q9YFjqIWd6zH6936Djpl2m9QNFmDv5Fum8q8BjkpAcHNMzOFE0IwQrFhJWex3AN6kS0OSwg==", - "license": "MIT" - }, "node_modules/snyk-python-plugin/node_modules/semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", @@ -21589,69 +21568,6 @@ "node": "^14.18.0 || ^16.13.0 || ^18 || ^19 || ^20 || ^22 || ^24" } }, - "node_modules/snyk-python-plugin/node_modules/snyk-poetry-lockfile-parser": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.1.tgz", - "integrity": "sha512-Hj89ZYAt7OubTHLFUOcI3fCwngsiMZ1wAzO9x3rlSlIFqhQ93MoDLGUMjPDJ/wBrwD6NECP+Jb5RvlTLKBXqKw==", - "license": "Apache-2.0", - "dependencies": { - "@iarna/toml": "^2.2.5", - "@snyk/cli-interface": "^2.9.2", - "@snyk/dep-graph": "^2.3.0", - "@snyk/error-catalog-nodejs-public": "^4.0.1", - "debug": "^4.2.0", - "lodash": "^4.17.21", - "tslib": "^2.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/snyk-python-plugin/node_modules/snyk-poetry-lockfile-parser/node_modules/@snyk/dep-graph": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-2.10.0.tgz", - "integrity": "sha512-Gx4YbGPf+jIlARMBfmVxPH5nZuMqXVe3W17y0S2uPsVRCt9NBglsEEGpjIFppq0r6eM0eOV6Iergh0NdmchTnA==", - "license": "Apache-2.0", - "dependencies": { - "event-loop-spinner": "^2.1.0", - "lodash.clone": "^4.5.0", - "lodash.constant": "^3.0.0", - "lodash.filter": "^4.6.0", - "lodash.foreach": "^4.5.0", - "lodash.isempty": "^4.4.0", - "lodash.isequal": "^4.5.0", - "lodash.isfunction": "^3.0.9", - "lodash.isundefined": "^3.0.1", - "lodash.map": "^4.6.0", - "lodash.reduce": "^4.6.0", - "lodash.size": "^4.2.0", - "lodash.transform": "^4.6.0", - "lodash.union": "^4.6.0", - "lodash.values": "^4.3.0", - "object-hash": "^3.0.0", - "packageurl-js": "2.0.1", - "semver": "^7.0.0", - "tslib": "^2" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/snyk-python-plugin/node_modules/snyk-poetry-lockfile-parser/node_modules/object-hash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", - "integrity": "sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==", - "license": "MIT", - "engines": { - "node": ">= 6" - } - }, - "node_modules/snyk-python-plugin/node_modules/snyk-poetry-lockfile-parser/node_modules/tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "license": "0BSD" - }, "node_modules/snyk-python-plugin/node_modules/tmp": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", @@ -21660,19 +21576,6 @@ "node": ">=14.14" } }, - "node_modules/snyk-python-plugin/node_modules/uuid": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", - "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==", - "funding": [ - "https://github.com/sponsors/broofa", - "https://github.com/sponsors/ctavan" - ], - "license": "MIT", - "bin": { - "uuid": "dist/bin/uuid" - } - }, "node_modules/snyk-python-plugin/node_modules/which": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/which/-/which-5.0.0.tgz", @@ -27172,9 +27075,9 @@ } }, "@snyk/docker-registry-v2-client": { - "version": "2.23.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.23.0.tgz", - "integrity": "sha512-LLXTW9BnnAtZkUI4YwhIzm8DjA1gB824CnhZbitLuP695oy1jLeXryk/jxMT3YnMrMXuXerj7GoZgmX65L5Zvw==", + "version": "2.24.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.24.0.tgz", + "integrity": "sha512-BALoUNzKYPHSq9kHlajf/W48z66pW3/ERlZ+7uBnCa69KKyZR8HEyXH3pKmbPE1pprS0zi5blIkuREenaqe00A==", "requires": { "needle": "^3.2.0", "parse-link-header": "^2.0.0", @@ -39833,13 +39736,13 @@ } }, "snyk-docker-plugin": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-8.14.0.tgz", - "integrity": "sha512-YKzzyRR2cbL8DOHiXtY+w7lRa0Xtvx9/9jJGkLJ9khJ1c61cHk+WrjdEW0k3Lxp7cXTUl5UGIjh9vyvVHb8U2Q==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-8.15.0.tgz", + "integrity": "sha512-uqA/ceSUvD/K9y8RA0krEh04nVJGptoQBuCxO0F8JEBg4fAB8f3iNeFC8Qh6qUkSHQFRgYMFfnhIZ/u8LGmIFw==", "requires": { "@snyk/composer-lockfile-parser": "^1.4.1", - "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.23.0", + "@snyk/dep-graph": "^2.10.0", + "@snyk/docker-registry-v2-client": "^2.24.0", "@snyk/rpm-parser": "^3.4.0", "@snyk/snyk-docker-pull": "^3.15.0", "@swimlane/docker-reference": "^2.0.1", @@ -39856,9 +39759,9 @@ "mkdirp": "^1.0.4", "packageurl-js": "1.2.0", "semver": "^7.7.3", - "shescape": "^2.1.6", + "shescape": "^2.1.7", "snyk-nodejs-lockfile-parser": "^2.2.2", - "snyk-poetry-lockfile-parser": "1.9.0", + "snyk-poetry-lockfile-parser": "1.9.1", "snyk-resolve-deps": "^4.9.1", "tar-stream": "^2.1.0", "tmp": "^0.2.5", @@ -39928,11 +39831,11 @@ "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==" }, "shescape": { - "version": "2.1.6", - "resolved": "https://registry.npmjs.org/shescape/-/shescape-2.1.6.tgz", - "integrity": "sha512-c9Ns1I+Tl0TC+cpsOT1FeZcvFalfd0WfHeD/CMccJH20xwochmJzq6AqtenndlyAw/BUi3BMcv92dYLVrqX+dw==", + "version": "2.1.7", + "resolved": "https://registry.npmjs.org/shescape/-/shescape-2.1.7.tgz", + "integrity": "sha512-Y1syY0ggm3ow7mE1zrcK9YrOhAqv/IGbm3+J9S+MXLukwXf/M8yzL3hZp7ubVeSy250TT7M5SVKikTZkKyib6w==", "requires": { - "which": "^3.0.0 || ^4.0.0 || ^5.0.0" + "which": "^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0" } }, "snyk-module": { @@ -39973,9 +39876,9 @@ "integrity": "sha512-voyz6MApa1rQGUxT3E+BK7/ROe8itEx7vD8/HEvt4xwXucvQ5G5oeEiHkmHZJuBO21RpOf+YYm9MOivj709jow==" }, "which": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/which/-/which-5.0.0.tgz", - "integrity": "sha512-JEdGzHwwkrbWoGOlIHqQ5gtprKGOenpDHpxE9zVR1bWbOtYRyPPHMe9FaP6x61CmNaTThSkb0DAJte5jD+DmzQ==", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/which/-/which-6.0.0.tgz", + "integrity": "sha512-f+gEpIKMR9faW/JgAgPK1D7mekkFoqbmiwvNzuhsHetni20QSgzg9Vhn0g2JSJkkfehQnqdUAx7/e15qS1lPxg==", "requires": { "isexe": "^3.1.1" } @@ -40717,9 +40620,9 @@ } }, "snyk-poetry-lockfile-parser": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.0.tgz", - "integrity": "sha512-G6KzP9p3qRuc8jIcVuIUZOZL4pnzPqtvNarSl2i4yUycrP3wRmLj8SdqL5baZzcX5XZraGZ2WLMMr57ToJBhLg==", + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.1.tgz", + "integrity": "sha512-Hj89ZYAt7OubTHLFUOcI3fCwngsiMZ1wAzO9x3rlSlIFqhQ93MoDLGUMjPDJ/wBrwD6NECP+Jb5RvlTLKBXqKw==", "requires": { "@iarna/toml": "^2.2.5", "@snyk/cli-interface": "^2.9.2", @@ -40844,22 +40747,6 @@ "tslib": "^1.13.0" } }, - "@snyk/error-catalog-nodejs-public": { - "version": "4.0.4", - "resolved": "https://registry.npmjs.org/@snyk/error-catalog-nodejs-public/-/error-catalog-nodejs-public-4.0.4.tgz", - "integrity": "sha512-M+t/MNfR/qr/Rdxc3Kl2p26mIx0YdcM22CAZfNsCuldl1DIZQma8jc7zmm14AwhwmdoU6TE7mzzO33KINgB8LA==", - "requires": { - "tslib": "^2.6.2", - "uuid": "^9.0.0" - }, - "dependencies": { - "tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" - } - } - }, "isexe": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", @@ -40870,11 +40757,6 @@ "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz", "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==" }, - "packageurl-js": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz", - "integrity": "sha512-N5ixXjzTy4QDQH0Q9YFjqIWd6zH6936Djpl2m9QNFmDv5Fum8q8BjkpAcHNMzOFE0IwQrFhJWex3AN6kS0OSwg==" - }, "semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", @@ -40888,68 +40770,11 @@ "which": "^3.0.0 || ^4.0.0 || ^5.0.0" } }, - "snyk-poetry-lockfile-parser": { - "version": "1.9.1", - "resolved": "https://registry.npmjs.org/snyk-poetry-lockfile-parser/-/snyk-poetry-lockfile-parser-1.9.1.tgz", - "integrity": "sha512-Hj89ZYAt7OubTHLFUOcI3fCwngsiMZ1wAzO9x3rlSlIFqhQ93MoDLGUMjPDJ/wBrwD6NECP+Jb5RvlTLKBXqKw==", - "requires": { - "@iarna/toml": "^2.2.5", - "@snyk/cli-interface": "^2.9.2", - "@snyk/dep-graph": "^2.3.0", - "@snyk/error-catalog-nodejs-public": "^4.0.1", - "debug": "^4.2.0", - "lodash": "^4.17.21", - "tslib": "^2.0.0" - }, - "dependencies": { - "@snyk/dep-graph": { - "version": "2.10.0", - "resolved": "https://registry.npmjs.org/@snyk/dep-graph/-/dep-graph-2.10.0.tgz", - "integrity": "sha512-Gx4YbGPf+jIlARMBfmVxPH5nZuMqXVe3W17y0S2uPsVRCt9NBglsEEGpjIFppq0r6eM0eOV6Iergh0NdmchTnA==", - "requires": { - "event-loop-spinner": "^2.1.0", - "lodash.clone": "^4.5.0", - "lodash.constant": "^3.0.0", - "lodash.filter": "^4.6.0", - "lodash.foreach": "^4.5.0", - "lodash.isempty": "^4.4.0", - "lodash.isequal": "^4.5.0", - "lodash.isfunction": "^3.0.9", - "lodash.isundefined": "^3.0.1", - "lodash.map": "^4.6.0", - "lodash.reduce": "^4.6.0", - "lodash.size": "^4.2.0", - "lodash.transform": "^4.6.0", - "lodash.union": "^4.6.0", - "lodash.values": "^4.3.0", - "object-hash": "^3.0.0", - "packageurl-js": "2.0.1", - "semver": "^7.0.0", - "tslib": "^2" - } - }, - "object-hash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", - "integrity": "sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==" - }, - "tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==" - } - } - }, "tmp": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", "integrity": "sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==" }, - "uuid": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", - "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==" - }, "which": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/which/-/which-5.0.0.tgz", diff --git a/package.json b/package.json index 176f34a7b9..162993cdf8 100644 --- a/package.json +++ b/package.json @@ -117,7 +117,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.1", - "snyk-docker-plugin": "8.14.0", + "snyk-docker-plugin": "8.15.0", "snyk-go-plugin": "1.28.0", "snyk-gradle-plugin": "5.1.1", "snyk-module": "3.1.0", diff --git a/test/jest/acceptance/snyk-container/container.spec.ts b/test/jest/acceptance/snyk-container/container.spec.ts index b73f3be37d..01cac166f9 100644 --- a/test/jest/acceptance/snyk-container/container.spec.ts +++ b/test/jest/acceptance/snyk-container/container.spec.ts @@ -169,6 +169,18 @@ describe('snyk container', () => { expect(goModulesResults).toBeDefined(); }); + it('should correctly scan an OCI image with manifest missing platform field', async () => { + const image = 'snykgoof/oci-goof:ociNoPlatformTag'; + const { code, stdout } = await runSnykCLI( + `container test ${image} --json`, + ); + const jsonOutput = JSON.parse(stdout); + expect(code).toEqual(1); + expect(jsonOutput).toBeDefined(); + expect(jsonOutput.vulnerabilities).toBeDefined(); + expect(Array.isArray(jsonOutput.vulnerabilities)).toBe(true); + }, 180000); + it('npm depGraph is generated in an npm image with lockfiles', async () => { const { code, stdout, stderr } = await runSnykCLIWithDebug( `container test docker-archive:test/fixtures/container-projects/npm7-with-package-lock-file.tar --print-deps`,