Closed angushenderson closed 2 years ago
Hi @angushenderson,
Thanks for raising this issue. It looks like jake
is unexpectedly pulling in a much newer version of one of its upstream dependencies (where that method has been removed).
The upstream dependency is still only a RC, so this is not expected.
We'll see if we can quickly adjust our dependency definitions to prevent this in the immediate term.
jake 1.4.5
has been released which should resolve this issue @angushenderson.
Can you let us know if that is not the case please?
Thanks again!
Thank you so much @madpah, that's all working now!
Describe the bug When running a jake scan an AttributeError is raised when checking for vulnerabilities (AttributeError: 'OssIndexComponent' object has no attribute 'has_known_vulnerabilities'), full stack trace is shown in screenshot below. For context, all python modules are installed via pipenv. I've tried running this command in 3 places, and this error is thrown in each of them: locally in command line, locally using pre-commit hooks, and on Gitlab ci.
To Reproduce Steps to reproduce the behavior:
pipenv install --dev
to install all dependencies (see Pipfile below).pipenv run jake ddt --clear-cache
(--clear-cache
flag is used as per issue https://github.com/sonatype-nexus-community/jake/issues/100)Expected behavior Normal, error free, execution of Jake OSS Index-backed scan
Screenshots
Additional Context Here is the 'Pipfile':
Pre-commit hook in '.pre-commit-config.yaml':
And the command getting run on the ci is:
pipenv run jake ddt --clear-cache
Desktop (please complete the following information):