This is a snapshot of all the components and associated licenses used. It includes what is used to build EVE-OS and what is included in the EVE-OS images. The golang dependencies in deps-eve-xyz.csv are quite volumnious since they include the transitive closure of all of the packages and since different packages in that closure pull in different versions/hashes of other packages there are many instances where several versions/hashes of a package is included.
This snapshot is based on the EVE-OS release: 8.8.0
Scan code report scancode-report.htmlscancode-report.csv
Snyk report deps-eve-880.csv
Final image / learn more about building process https://github.com/lf-edge/eve/blob/master/docs/BUILD.md
docker sbom lfedge/eve | docker scan lfedge/eve |
---|---|
Syft v0.43.0 | Testing lfedge/eve... Package manager: apk ✔ Tested 32 dependencies for known vulnerabilities, no vulnerable paths found. Note that we do not currently have vulnerability data for your image. For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp |
...