grype db is not being downloaded

[tomersein]

What happened: trying to scan images like alpine \ ubuntu. it starts to download grype-db and then hangs. this issue started today. What you expected to happen: download the db How to reproduce it (as minimally and precisely as possible):

Anything else we need to know?: attaching logs:

0000] DEBUG found database update candidate: Listing(url=https://toolbox-data.anchore.io/grype/databases/vulnerability-db_v5_2024-06-13T01:31:30Z_1718252496.tar.gz)
[0000] DEBUG existing database (2024-06-10 01:30:58 +0000 UTC) is older than candidate update (2024-06-13 01:31:30 +0000 UTC), using update...
[0000] DEBUG database update available: Listing(url=https://toolbox-data.anchore.io/grype/databases/vulnerability-db_v5_2024-06-13T01:31:30Z_1718252496.tar.gz)
[0000]  INFO downloading new vulnerability DB
[0000]  INFO new version of grype is available: 0.78.0 (currently running: 0.74.7)

Environment:

• Output of grype version: 0.78.0
• OS (e.g: cat /etc/os-release or similar): mac

[tgerla]

Hi @tomersein, thanks for the report. I just tried to trivially reproduce this and I was able to successfully use "grype db update" to download the database. Can you try this manual download command using curl and let us know the output?

curl -vO https://toolbox-data.anchore.io/grype/databases/vulnerability-db_v5_2024-06-13T01:31:30Z_1718252496.tar.gz

[tomerse-sg]

I guess it is something with my network.. 40m and it is still downloading it

[tgerla]

Let us know if you continue to see problems, we have had other issue with our CDN in the past.

[tomersein]

happens in grype db diff

example from today: unable to download listing: context deadline exceeded (Client.Timeout or context cancellation while reading body)

last log i can see - [0000] INFO base_db_url and target_db_url not provided; fetching most recent