Multiple --product ignored since v0.2.5
#215
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Multiple
Since v0.2.5 multiple products specified in the
--productflag are not respected, only the last entry is included in the generated document.Input:
v0.2.3 (working version)
The document contains both products as expected.
{ "@context": "https://openvex.dev/ns", "@id": "https://openvex.dev/docs/public/vex-2613e8dc7264f6789755f29d2af472a62d062bfd2ca490daf79f80413a88d919", "author": "Unknown Author", "role": "Document Creator", "timestamp": "2024-07-08T16:08:40.017534+02:00", "version": "1", "statements": [ { "vulnerability": "CVE-2023-12345", "products": [ "pkg:apk/wolfi/[email protected]?arch=armv7", "pkg:apk/wolfi/[email protected]?arch=x86_64" ], "status": "fixed" } ] }v0.2.5 or later.
The document contains only one product which is the last one specified in the
--productflag.{ "@context": "https://openvex.dev/ns/v0.2.0", "@id": "https://openvex.dev/docs/public/vex-efaf99907d8597748979c0dec618c1f55fc247d11b43d5f0be8c96a68f7dda9f", "author": "Unknown Author", "timestamp": "2024-07-08T16:10:17.192584+02:00", "version": 1, "statements": [ { "vulnerability": { "name": "CVE-2023-12345" }, "timestamp": "2024-07-08T16:10:17.192585+02:00", "products": [ { "@id": "pkg:apk/wolfi/[email protected]?arch=armv7" } ], "status": "fixed" } ] }The text was updated successfully, but these errors were encountered: