dependency-track
dependency-track copied to clipboard
DependencyTrack
BOM Download fails to generate the file, without display an error
Current Behavior
BOM Download fails to generate the file. No file is downloaded and no error is displayed.
HTTP API URL requested: https://dependency-track.local/api/v1/bom/cyclonedx/project/00000000-0000-0000-0000-000000000000?format=json&variant=inventory&download=true
HTTP API response:
{
"status": 400,
"title": "Illegal argument provided",
"detail": "No enum constant org.cyclonedx.model.Component.Type.NONE"
}
CycloneDX specification for classifier/type enum: https://github.com/CycloneDX/specification/blob/e9e0e4e6f4226d60e739a957bbcdb65fd3510ffd/schema/bom-1.6.schema.json#L834
"type": {
"type": "string",
"enum": [
"application",
"framework",
"library",
"container",
"platform",
"operating-system",
"device",
"device-driver",
"firmware",
"file",
"machine-learning-model",
"data",
"cryptographic-asset"
],
"meta:enum": {
"...": "...",
},
"title": "Component Type",
"description": "Specifies the type of component. For software components, classify as application if no more specific appropriate classification is available or cannot be determined for the component.",
"examples": ["library"]
},
Steps to Reproduce
- "Create Project" or Open an existing one.
- Open "Components" tab.
- "Add Component" with:
- On tab "Identity": "Component name" and "Version" set at your convenience.
- On tab "Extended": "Classifier" equal to "None".
- "Create".
- "Download BOM" > "Inventory".
Expected Behavior
One of:
- An error message is displayed to the user.
- "None" is not a valid value for "Classifier" when component is created.
Dependency-Track Version
4.13.2
Dependency-Track Distribution
Container Image
Database Server
Microsoft SQL Server
Database Server Version
No response
Browser
Microsoft Edge
Checklist
- [x] I have read and understand the contributing guidelines
- [x] I have checked the existing issues for whether this defect was already reported
