You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to implement what @stevespringett proposed in this GitHub issue comment. Currently, I'm uploading my BOM via /api/v1/bom and using the response token to check if it's still being processed by querying /api/v1/bom/token/$uuid. Only after this step is done, I upload my VEX. Unfortunately, this approach doesn't seem to work for larger projects, as the CVE analysis appears to be a separate task that needs to be completed before uploading the VEX file. Is there a way to check the security analysis status of a project/BOM?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I'm trying to implement what @stevespringett proposed in this GitHub issue comment. Currently, I'm uploading my BOM via
/api/v1/bomand using the response token to check if it's still being processed by querying/api/v1/bom/token/$uuid. Only after this step is done, I upload my VEX. Unfortunately, this approach doesn't seem to work for larger projects, as the CVE analysis appears to be a separate task that needs to be completed before uploading the VEX file. Is there a way to check the security analysis status of a project/BOM?Beta Was this translation helpful? Give feedback.
All reactions