Skip to content

feat(scan/apk): Respect GRYPE_DB_MAX_ALLOWED_BUILT_AGE #1495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(scan/apk): Respect GRYPE_DB_MAX_ALLOWED_BUILT_AGE #1495

wants to merge 1 commit into from

Conversation

@EyeCantCU
Copy link
Member

There was about a one hour window of time where I couldn't scan Hadoop or gRPC while working through vulnerabilities without possibly building the database locally (because it hadn't been updated yet) so I took a quick look at how we handle this in wolfictl and found it deviates from the behavior in grype

Similar to grype, respect GRYPE_DB_MAX_ALLOWED_BUILT_AGE so that users can set this to whatever their preferred duration is. Default to 24 hours

developer-guy
developer-guy reviewed Mar 14, 2025
View reviewed changes
@EyeCantCU
feat(scan/apk): Respect GRYPE_DB_MAX_ALLOWED_BUILT_AGE
b202e39 
There was about a one hour window of time where I couldn't scan Hadoop
or gRPC while working through vulnerabilities without possibly building
the database locally (because it hadn't been updated yet) so I took a
quick look at how we handle this in wolfictl and found it deviates from
the behavior in grype

Similar to grype, respect GRYPE_DB_MAX_ALLOWED_BUILT_AGE so that users
can set this to whatever their preferred duration is. Default to 24
hours

Signed-off-by: RJ Sampson <[email protected]>
hectorj2f
hectorj2f requested changes Mar 14, 2025
View reviewed changes
Copy link
Member

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add this as a flag? So this doesn't get hidden into the code. That way we could add some documentation about it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@developer-guy developer-guy developer-guy left review comments

@hectorj2f hectorj2f hectorj2f requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@EyeCantCU @hectorj2f @developer-guy