sharang/compliance-scanner-agent

fix: SBOM multi-ecosystem support with correct package managers and licenses #8

Merged

sharang merged 2 commits from fix/sbom-package-manager-from-purl into main

2026-03-10 12:37:30 +00:00

Author	SHA1	Message	Date
Sharang Parnerkar	1d861ef8fc	style: apply cargo fmt All checks were successful CI / Clippy (pull_request) Successful in 4m29s Details CI / Security Audit (pull_request) Has been skipped Details CI / Tests (pull_request) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Format (push) Successful in 5s Details CI / Clippy (push) Successful in 4m37s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Format (pull_request) Successful in 3s Details CI / Detect Changes (push) Has been skipped Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-10 13:21:54 +01:00
Sharang Parnerkar	9da1d057d5	fix: SBOM multi-ecosystem support with correct package managers and licenses Some checks failed CI / Format (push) Failing after 39s Details CI / Clippy (push) Successful in 4m24s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Format (pull_request) Failing after 3s Details CI / Clippy (pull_request) Successful in 4m24s Details CI / Security Audit (pull_request) Has been skipped Details CI / Tests (pull_request) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details - Extract package manager from PURL instead of CycloneDX component type (was showing "library"/"file" instead of "npm"/"cargo"/"pip" etc.) - Generate missing lock files (Cargo.lock, package-lock.json) before Syft scan so repos that gitignore them still get full dependency trees - Enable Syft remote license lookups for Go, JS, Python, and Java - Enrich Cargo entries with license data from cargo metadata - Parse CycloneDX license expressions (e.g. "MIT OR Apache-2.0") - Delete stale SBOM entries on rescan instead of only upserting - Add /api/v1/sbom/filters endpoint for dynamic filter options - Make manager and license dropdowns dynamic from actual DB data - Add cargo, npm, go, php, ruby, composer, bundler to Docker image Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-10 12:49:41 +01:00