From e236054668434857e07ec4f6bd7f9e391019e9a3 Mon Sep 17 00:00:00 2001
From: Weston Steimel <weston.steimel@anchore.com>
Date: Fri, 10 Feb 2023 18:04:16 +0000
Subject: [PATCH] fix: python CPE generation for alpine (#1564)

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
---
 .../cataloger/common/cpe/candidate_by_package_type.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go b/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
index 812bd09a71c..cd134a50ee6 100644
--- a/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
+++ b/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
@@ -127,6 +127,17 @@ var defaultCandidateAdditions = buildCandidateLookup(
 			candidateKey{PkgName: "python-rrdtool"},
 			candidateAddition{AdditionalProducts: []string{"rrdtool"}},
 		},
+		// Alpine packages
+		{
+			pkg.ApkPkg,
+			candidateKey{PkgName: "python3"},
+			candidateAddition{AdditionalProducts: []string{"python"}, AdditionalVendors: []string{"python", "python_software_foundation"}},
+		},
+		{
+			pkg.ApkPkg,
+			candidateKey{PkgName: "python"},
+			candidateAddition{AdditionalVendors: []string{"python_software_foundation"}},
+		},
 	})
 
 var defaultCandidateRemovals = buildCandidateRemovalLookup(