-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GET /api/v1/package/{uuid} fails with some packages #466
Comments
This looks like a mix of data types. "Packages" is most like "PURLs" (which we still label incorrectly). Actual packages have an ID which is a UUID (because we use UUIDs in many cases internally). What looks like a "package version" here is, most likely, actually the "version" component of a "PURL" from a container. Same format, but unknown to our system. The endpoint |
Can we verify if this is still an issue? |
It is still happening. Unfortunately, it is tricky to reproduce. I needed to run the CVE 2024 importer and then the CSAF importer wait for some time and search for packages as the video below Screencast.from.2024-07-19.13-30-42.mp4 |
Your video seems to show If it's SBOM packages, that'd be under For purls, it'd be /api/v1/purl/{id} I'll try to reproduce... |
- use bigger ints for jackholes who version stuff like 202410298675309. - if a version cmp fails (because a sha:xxx "version" was given) don't fail, just false. In theory fixes trustification#466.
- use bigger ints for jackholes who version stuff like 202410298675309. - if a version cmp fails (because a sha:xxx "version" was given) don't fail, just false. In theory fixes trustification#466.
- use bigger ints for jackholes who version stuff like 202410298675309. - if a version cmp fails (because a sha:xxx "version" was given) don't fail, just false. In theory fixes trustification#466.
- use bigger ints for jackholes who version stuff like 202410298675309. - if a version cmp fails (because a sha:xxx "version" was given) don't fail, just false. In theory fixes trustification#466.
- use bigger ints for jackholes who version stuff like 202410298675309. - if a version cmp fails (because a sha:xxx "version" was given) don't fail, just false. In theory fixes #466.
Steps to reproduce:
Screencast.from.2024-06-27.10-44-54.mp4
The text was updated successfully, but these errors were encountered: