hi,
when v5 will be eol (meaning un-supported like v1, v2)
will the schema of grype change? (breaking changes)
thanks!
There will be no further changes to the v5 schema, but it will continue to be published for at least one year after it has been marked as deprecated in the feed, per the grype readme:
Only the latest database schema is considered to be supported. When a new database schema is introduced then the one it replaces is marked as deprecated. Deprecated schemas will continue to receive updates for at least one year after they are marked as deprecated at which point they will no longer be supported.
and grype schema? i assume it will handle differently v5 and v6 (since it has more information)?
The Grype data model will continue to evolve until it reaches 1.0. DB v6 currently populates the same Vulnerability objects that v5 used with some additions. As far as Iām aware, the JSON output has not changed in any breaking ways as a result of the v6 work. However, I suspect there may be some refinements that could be breaking changes prior to 1.0. There is a Grype milestone in Github, which has some issues that may or may not result in changes depending on the outcome of team discussions.
1 Like