59516 2026-06-11 18:39:35 +0300 Пишет "This OS version is not on the EOL list" 2026-06-11 18:39:35 +0300 1 1 4 Development Sisyphus trivy unstable x86_64 Linux NEW P5 normal --- 1 maxim shaba shaba qa-sisyphus oldest_to_newest 289405 0 maxim 2026-06-11 18:39:35 +0300 При вызове trivy image --scanners vuln registry.altlinux.org/p10/alt:latest пишет "This OS version is not on the EOL list". Хотя информация судя по исходному коду (https://altlinux.space/trivy/trivy/src/commit/3ddaf56050471955feaa1e60079bc756ad0d0903/pkg/detector/ospkg/alt/alt.go#L26-L35) должна быть. Похоже, что надо сделать: ``` func (s *Scanner) IsSupportedVersion(ctx context.Context, osFamily ftypes.OSType, osVer string) bool { return osver.Supported(ctx, eolDates, osFamily, fromCPE(osVer)) } ``` $ trivy version Version: 0.70.0 Vulnerability DB: Version: 2 UpdatedAt: 2026-06-11 12:03:21.492332916 +0000 UTC NextUpdate: 2026-06-11 18:03:21.492332163 +0000 UTC DownloadedAt: 2026-06-11 14:56:05.244949352 +0000 UTC $ trivy image --scanners vuln registry.altlinux.org/p10/alt:latest --debug 2026-06-11T18:30:41+03:00 DEBUG No plugins loaded 2026-06-11T18:30:41+03:00 DEBUG Default config file "file_path=trivy.yaml" not found, using built in values 2026-06-11T18:30:41+03:00 DEBUG Cache dir dir="/home/maxim/.cache/trivy" 2026-06-11T18:30:41+03:00 DEBUG Cache dir dir="/home/maxim/.cache/trivy" 2026-06-11T18:30:41+03:00 DEBUG Parsed severities severities=[UNKNOWN LOW MEDIUM HIGH CRITICAL] 2026-06-11T18:30:41+03:00 DEBUG Ignore statuses statuses=[] 2026-06-11T18:30:41+03:00 DEBUG DB update was skipped because the local DB is the latest 2026-06-11T18:30:41+03:00 DEBUG DB info schema=2 updated_at=2026-06-11T12:03:21.492332916Z next_update=2026-06-11T18:03:21.492332163Z downloaded_at=2026-06-11T14:56:05.244949352Z 2026-06-11T18:30:41+03:00 DEBUG [pkg] Package types types=[os library] 2026-06-11T18:30:41+03:00 DEBUG [pkg] Package relationships relationships=[unknown root workspace direct indirect] 2026-06-11T18:30:41+03:00 INFO [vuln] Vulnerability scanning is enabled 2026-06-11T18:30:41+03:00 DEBUG Initializing scan cache... type="fs" 2026-06-11T18:30:41+03:00 DEBUG [notification] Running version check 2026-06-11T18:30:42+03:00 DEBUG [image] Image found image="registry.altlinux.org/p10/alt:latest" source="remote" 2026-06-11T18:30:42+03:00 DEBUG Created process-specific temp directory path="/tmp/.private/maxim/trivy-65530" 2026-06-11T18:30:42+03:00 DEBUG [image] Detected image ID image_id="sha256:7387f2d5f20f88d97c4e0b44d22916cee7434f251fe527c25a78bff7c9ce9f66" 2026-06-11T18:30:42+03:00 DEBUG [image] Detected diff ID diff_ids=[sha256:d5283aff84e0f6923d97a9cb96b9cd1a79f94062d7b44008b3448e1804bab0a7 sha256:fd8b7823c01c2d68d358033e0fab4d7e986b29a21382fc73a8cdfef0644c5ddc] 2026-06-11T18:30:42+03:00 DEBUG [image] Detected base layers diff_ids=[] 2026-06-11T18:30:42+03:00 INFO Detected OS family="alt" version="cpe:/o:alt:container:10" 2026-06-11T18:30:42+03:00 WARN This OS version is not on the EOL list family="alt" version="cpe:/o:alt:container:10" 2026-06-11T18:30:42+03:00 DEBUG [alt] Skipping third-party packages packages=[alt-gpgkeys alt-os-release altlinux-repos apt apt-conf-branch apt-https basesystem bash bash4 bashrc branding-alt-container-notes branding-alt-container-release bzip2 bzlib chkconfig chrooted chrooted-resolv common-licenses control coreutils cpio diffutils etcskel fakeroot file filesystem findutils gawk getopt glibc-core glibc-nss glibc-preinstall glibc-pthread glibc-utils gnupg grep gzip iproute2 iputils libacl libapt libatm libattr libaudit1 libblkid libcap libcap-ng libcap-utils libcrypt libdb4.7 libelf libffi7 libgcc1 libgcrypt20 libgmp10 libgnutls30 libgpg-error libgpm libhogweed6 libidn2 libiptables liblua5.3 liblzma libmagic libmnl libmount libncursesw libnetlink libnettle8 libp11-kit libpam0 libpasswdqc libpcre3 libpopt libprocps libreadline7 librpm7 libseccomp libselinux libsha1detectcoll1 libshell libsmartcols libstdc++6 libtasn1 libtcb libtic libtinfo libudev1 libunistring2 libuuid libzstd nss_tcb pam pam-config pam-config-control pam0_mktemp pam0_passwdqc pam0_tcb pam0_userpass passwdqc-control perl-base perl-parent procps psmisc rootfiles rpm sed service setarch setproctitle setup sh sh4 shadow-convert shadow-utils sysvinit-utils tar tcb-utils terminfo termutils usrmerge usrmerge-hier-convert usrmerge-ready util-linux util-linux-control vim-minimal vitmp xz zlib zstd] 2026-06-11T18:30:42+03:00 INFO [alt] Detecting ALT vulnerabilities... 2026-06-11T18:30:42+03:00 DEBUG [alt] ALT: os version: cpe="p10" 2026-06-11T18:30:42+03:00 DEBUG [alt] ALT: the number of packages: pkg_num=0 0 [________________________________________________________________________________________________________________________________________________________________] ?% ? p/s 2026-06-11T18:30:42+03:00 INFO Number of language-specific files num=0 2026-06-11T18:30:42+03:00 DEBUG Specified ignore file does not exist file=".trivyignore" 2026-06-11T18:30:42+03:00 DEBUG [vex] VEX filtering is disabled Report Summary ┌────────────────────────────────────────────────────────────────────┬──────┬─────────────────┐ │ Target │ Type │ Vulnerabilities │ ├────────────────────────────────────────────────────────────────────┼──────┼─────────────────┤ │ registry.altlinux.org/p10/alt:latest (alt cpe:/o:alt:container:10) │ alt │ 0 │ └────────────────────────────────────────────────────────────────────┴──────┴─────────────────┘ Legend: - '-': Not scanned - '0': Clean (no security findings detected) 2026-06-11T18:30:42+03:00 DEBUG Cleaning up temp directory path="/tmp/.private/maxim/trivy-65530"