sbom: allow collector to scan library packages and any relationships

DataDog · Jan 27, 2025 · 4b457c9 · 4b457c9
1 parent 982ba73
commit 4b457c9
Showing 1 changed file with 3 additions and 5 deletions.
diff --git a/pkg/util/trivy/trivy.go b/pkg/util/trivy/trivy.go
@@ -328,11 +328,9 @@ func (c *Collector) scan(ctx context.Context, artifact artifact.Artifact, applie
 
 	trivyReport, err := s.ScanArtifact(ctx, types.ScanOptions{
 		ScanRemovedPackages: false,
-		PkgTypes:            []types.PkgType{types.PkgTypeOS},
-		PkgRelationships: []ftypes.Relationship{
-			ftypes.RelationshipUnknown,
-		},
-		Scanners: types.Scanners{types.VulnerabilityScanner},
+		PkgTypes:            []types.PkgType{types.PkgTypeOS, types.PkgTypeLibrary},
+		PkgRelationships:    ftypes.Relationships,
+		Scanners:            types.Scanners{types.VulnerabilityScanner},
 	})
 	if err != nil {
 		return nil, err