-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WARN: Unable to read vulnerability information #22502
Comments
seems error comes from |
@JamieMagee @viceice @secustor any thoughts on this? We could either:
|
it probably tries to download inside the package folder which is only allowed by root? |
Yeah, I'm guessing it's folder permissions too |
Why not both. I opened renovatebot/osv-offline#364 |
Isn't it undesirable for libraries to do their own logging unless "asked"? Otherwise it makes it hard for apps or CLIs to control their output |
True. I had considered |
renovatebot/osv-offline#364 is complete, and updated in renovate in #22885. @rarkins are you seeing any more useful logs? |
@JamieMagee it's an API rate limit error:
You might be able to see https://developer.mend.io/github/renovate-reproductions/22487/-/job/0188fff1-c0fc-7b19-a03a-184c6132684c Prior to that there's a log for:
|
Oh, I guess the OSV library doesn't use hostRules :) |
I think it supports a |
Can we enhance it to take the token as a variable? I'm not sure we want to expose the token in env in all cases |
For me the GitHub App is running into this issue on a new repository which causes it to fail:
Update: It seems to be triggered by setting |
since it can fail due to GitHub API rate limits renovatebot/renovate#22502 (comment)
Getting this in my renovate runs, both in github cloud or self hosted.
Anything I could do to debug more? |
Disable "dependencyDashboardOSVVulnerabilitySummary"[1] which is currently experimental and has caused problems (see celo-org/infrastructure#1428 and renovatebot/renovate#22502). Dependabot supplies similar information. [1]: celo-org/infrastructure#1428
Found discussion relevant to the |
Describe the proposed change(s).
Error found in https://github.com/renovate-reproductions/22487
This seems to only occur in the hosted app, and not when I dry run the same repo locally.
Something/somehow seems incompatible.
Describe why we need/want these change(s).
The text was updated successfully, but these errors were encountered: