anthonyharrison / sbom-manager Goto Github PK
View Code? Open in Web Editor NEWManage collection of SBOMs (Software Bill of Materials)
License: MIT License
sbom-manager's People
Contributors
Stargazers
Watchers
sbom-manager's Issues
DepShield Deprecation Notice
Depshield will be deprecated on Monday December 12th
Please install our new product, Sonatype Lift with advanced features
KeyError when SBOM library does not contain a version
Hey,
I am currently experiencing the issue that a library does not contain a version and the sbom manager is running into a KeyError
[15:51:00] ERROR sbom_manager - 'version'
Traceback (most recent call last):
File "/Users/timosur/Work/app-platform/app-sbom-collection/search.py", line 104, in <module>
raise e
File "/Users/timosur/Work/app-platform/app-sbom-collection/search.py", line 82, in <module>
sbom_data = sbom_input.process_file(
^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/timosur/Library/Caches/pypoetry/virtualenvs/app-sbom-collection-SPq90rSX-py3.12/lib/python3.12/site-packages/sbom_manager/input.py", line 37, in process_file
sbom_data = self.sbom_process[self.sbom_type](filename)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/timosur/Library/Caches/pypoetry/virtualenvs/app-sbom-collection-SPq90rSX-py3.12/lib/python3.12/site-packages/sbom_manager/input.py", line 149, in process_cyclonedx_json_file
version = d["version"]
~^^^^^^^^^^^
KeyError: 'version'
This is the SBOM library which is causing the issue:
{
"type": "library",
"bom-ref": "pkg:maven/mavenEcjBootstrapAgent/mavenEcjBootstrapAgent?package-id=775e6befe95c2f5a",
"name": "mavenEcjBootstrapAgent",
"licenses": [],
"cpe": "cpe:2.3:a:mavenEcjBootstrapAgent:mavenEcjBootstrapAgent:*:*:*:*:*:*:*:*",
"purl": "pkg:maven/mavenEcjBootstrapAgent/mavenEcjBootstrapAgent",
"externalReferences": [
{
"url": "",
"type": "build-meta",
"hashes": [
{
"alg": "SHA-1",
"content": "e67209a53266080be85e8848c01fd15af98700c7"
}
]
}
],
"properties": [
{
"name": "syft:package:foundBy",
"value": "java-cataloger"
},
{
"name": "syft:package:language",
"value": "java"
},
{
"name": "syft:package:metadataType",
"value": "JavaMetadata"
},
{
"name": "syft:package:type",
"value": "java-archive"
},
{
"name": "syft:location:0:layerID",
"value": "sha256:67eefc4c7fb1481960e7e7b769f382199f45cb08e0a20400c881a90f7a05f4f5"
},
{
"name": "syft:location:0:path",
"value": "/app/app.jar"
},
{
"name": "syft:metadata:virtualPath",
"value": "/app/app.jar:BOOT-INF/lib/lombok-1.18.30.jar:lombok/launch/mavenEcjBootstrapAgent.jar"
}
]
}Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.