Skip to content

Proposal: Stream sbom to disk (avoiding large memory footprint and OOMs) #3263

New issue
New issue
Open
Open
Proposal: Stream sbom to disk (avoiding large memory footprint and OOMs)#3263
Labels
enhancementNew feature or requestneeds-proposalShould be done but needs proposal/design for further discussionperformance
Milestone
Syft 2.0
@HairyMike

Description

@HairyMike
HairyMike
opened on Sep 23, 2024

What would you like to be added:
Currently, Syft builds the sbom report in memory before writing it to disk. I propose that instead of building in memory, we stream directly to disk.

Why is this needed:
To avoid OOMs

Additional context:
SBOM generation:
https://github.com/anchore/syft/blob/main/cmd/syft/internal/commands/scan.go#L199
https://github.com/anchore/syft/blob/main/internal/task/package_task_factory.go#L116
https://github.com/anchore/syft/blob/main/syft/create_sbom.go#L66

Report generation:
https://github.com/anchore/syft/blob/main/cmd/syft/internal/commands/scan.go#L208

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestneeds-proposalShould be done but needs proposal/design for further discussionperformance

    Type

    No type

    Projects

    OSS

    Status

    Backlog

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions