Replies: 7 comments
-
|
We received a new SBOM that was half the size, but still 46k entries and still got the same error even though it passes the DT and other SBOM validations. So I converted the SBOM into a CSV and found there were around 30,000 duplicate package entries which probably did not help. I removed them, converted it back into an SBOM. This does import with no error this time, but no packages are showing and no errors in the logs :-( |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Annoyingly, it is actually taking the same error, just the apiserver log is writing out the times an hour earlier than the system time. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
The logs you shared indicate that DT failed to parse an SPDX license expression. It's unfortunate we don't log the offending value, we will change that. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks @nscuro . It would be nice to have the logs show the SBOM importing and completing. I ended up converting the SBOM into a CSV, transformed it into a version our tooling would import, did that and generated a new SBOM that worked. So it seems what we use to generate the SBOM manages the licenses better than whatever they were using. As always, thanks for your advice. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Not sure it is related, but I noted that DT did not handle all the SPDX IDs as some were added late last year and I raised it as an issue for DT to pick them up or it does not import into DT, but that is a different error as the SBOM fails to import at all |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Just for information, the following are all the license expressions from the SBOM: As an example of one with one with a long expression, possibly the longest expression is: I hope it is useful in identifying the issue. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Raised as an issue #5025 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi. hoping someone can help
I have a 75Mbyte SBOM so probably in the region of 70k+ packages. I have validated it and DT imports it, but then gives the following error:
Any suggestions as to what to look at as to what might cause this.
Guessing it is around
projectVersion=null
and
java.util.NoSuchElementException: null
Just not sure what that might refer to in the SBOM.
Thanks, N
Beta Was this translation helpful? Give feedback.
All reactions