Timeout on generation

[alper]

I'm getting this error:

2023/04/06 12:59:14 Message: timedout, Locations: [{Line:1 Column:155}]

[steiza]

As you discovered, this can take awhile to generate a SBOM for a large repository, or fail altogether for very large repositories.

The Dependency Graph team was kind enough to implement a server-side SBOM generator for SPDX, which is much, much faster. The gh-sbom v0.0.9 release makes use of this feature - give it a try and let us know if that works for you?

You'll need to update gh-sbom with:

$ gh ext remove advanced-security/gh-sbom
$ gh ext install advanced-security/gh-sbom

[reedloden]

Are there plans to do the same for CycloneDX (or at least some other type of fix)?