Platform Extension missing results on certain component parents #68
Comments
|
Hey @ajoanes98 - thanks for the report. As of a test (21-Aug-2023 09:14 UK Time), I am seeing that the component in question is returning a match state of UNKNOWN from Sonatype's data services. I'd suggest you reach out to Sonatype officially to understand why the PURL (as in your screenshot) is coming back as unknown. If the PURL we are calculating turns out to be incorrect for some reason, we can look to provide a fix, but the PURL does look as we'd expect in this situation. FYI @maurycupitt |
|
As you said in the title, this purl points to a component parent, not the actual component. There is no binary for this purl, just the pom that defines the project. Since their is no component, there is no policy or security info to report on. The following are the components in the project.
I'll take a look and see if there is a better way to handle these types. |
|
some thougts:
I imagine we can just let the extension mark the component as recognized and safe. |
Describe the bug
When testing the chrome extension, found that certain components return an error screen with the message "We were unable to find that peanut in a haystack!" instead of returning a scan results page with no violations.
To Reproduce
Steps to reproduce the behavior:
Url for component experiencing the bug: https://central.sonatype.com/artifact/org.apache.logging.log4j/log4j/3.0.0-alpha1
Expected behavior
Expected there to be a scan with no violations not an error screen
Screenshots
Desktop (please complete the following information):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: