unable to check for vulnerability database update

[erhan-]

Hey everyone,

I have the following problem at the moment which blocks me for scanning for vulnerabilities:

 Executing: grype -o sarif --fail-on medium sbom:action-sandbox-sbom.spdx.json
  [0060] WARN unable to check for vulnerability database update
  
  1 error occurred:
  	* failed to load vulnerability db: vulnerability database is invalid (run db update to correct): database metadata not found: .cache/grype/db/4
  	

Does someone have or had this problem as well?

Thanks for your help.

Best regards,

Erhan

[kzantow]

Hi @erhan- is this a problem that just started or has it happened for multiple runs? Can you maybe just re-run the workflow to fix it?

This error happens if Grype is unable to download the latest database. I don't see a problem with this happening locally, so the latest database is definitely available and working. Maybe it was a network hiccup on GitHub's side?

[erhan-]

I am using this yesterday for the first time and have no comparison. It might be a network issue but it would be nice if that error would indicate that I think. I will try again these days and rerun the workflow. Thanks for your help!

[kzantow]

One other question: which version are you using? Could you share your action config for this?

[kzantow]

Hey @erhan- I'm going to close this one, as I think it was probably just a network hiccup and haven't heard otherwise. Please reopen if this continues to be an issue!

[erhan-]

Sorry for not responding. I had not checked my notifications and also have not worked with this for a while. If I get back to this and it does not occur, I will edit this comment as well to confirm the potential network hiccup as well. Thanks for your help!