Comments (7)
Seems like response changed and does not contain coordinates
for ComponentReport
deserialization:
[
{
"description":"",
"reference":"https://ossindex.sonatype.org/component/pkg:maven/commons-lang/[email protected]?utm_source=dependency-check&utm_medium=integration&utm_content=7.1.0",
"vulnerabilities":[
],
"sonatypeOssiScore":0.0
}
]
from ossindex-public.
Seems like response changed and does not contain
coordinates
forComponentReport
deserialization:[ { "description":"", "reference":"https://ossindex.sonatype.org/component/pkg:maven/commons-lang/[email protected]?utm_source=dependency-check&utm_medium=integration&utm_content=7.1.0", "vulnerabilities":[ ], "sonatypeOssiScore":0.0 } ]
I tested that specific component and I did get a response with coordinates
:
[
{
"coordinates": "pkg:maven/commons-lang/[email protected]",
"description": "",
"reference": "https://ossindex.sonatype.org/component/pkg:maven/commons-lang/[email protected]?utm_source=insomnia&utm_medium=integration&utm_content=2022.3.0",
"vulnerabilities": [],
"sonatypeOssiScore": 0.0
}
]
from ossindex-public.
Looks like now it depends if you provide credentials or not: jeremylong/DependencyCheck#4535 (comment)
from ossindex-public.
I didn't provide any credentials.
Here's a cURL
export of my request:
curl --request POST \
--url https://ossindex.sonatype.org/api/v3/component-report \
--header 'Accept: application/vnd.ossindex.component-report.v1+json' \
--header 'Content-Type: application/vnd.ossindex.component-report-request.v1+json' \
--data '{
"coordinates":[
"pkg:maven/commons-lang/[email protected]"
]
}
'
from ossindex-public.
It's fixed now: jeremylong/DependencyCheck#4535 (comment)
from ossindex-public.
This problem no longer manifests.
from ossindex-public.
Thanks for letting us know. We have been chasing down a variety of edge cases causing problems, so I am glad one of them resolved your issue. Sorry for the inconvenience.
from ossindex-public.
Related Issues (20)
- Scanning RPM packages for vulnerabilities HOT 2
- add namespaces for the conda ecosystem?
- Externalreferences in practice appears to be (temporarily?) nullable, but is not marked as such HOT 1
- CVE-2022-25647 ossindex-service-client contains vulnerable dependency gson v2.8.5 HOT 1
- SSL Certificate Renewal Request HOT 2
- Vulnerabilities missing due to user-agent HOT 1
- component-report request returns 500 when '/' is URL encoded HOT 2
- Allow to ignore ssl errors with a system property
- DepShield Deprecation Notice
- Account Creation Error HOT 1
- OSSIndex API errors out on HTTP 500 with payload requesting report for an old jgroups version HOT 5
- oss index unexpected response; status 500
- Cant pass several components
- OssIndex HTTP 500 error
- Component report throws error 500 for [email protected] package HOT 1
- Status 500
- OssIndex 503 Service Temporarily Unavailable HOT 6
- API call : rate limit HOT 7
- CVSS version mismatch HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ossindex-public.