scan-action
scan-action copied to clipboard
unable to check for vulnerability database update
Hey everyone,
I have the following problem at the moment which blocks me for scanning for vulnerabilities:
Executing: grype -o sarif --fail-on medium sbom:action-sandbox-sbom.spdx.json
[0060] WARN unable to check for vulnerability database update
1 error occurred:
* failed to load vulnerability db: vulnerability database is invalid (run db update to correct): database metadata not found: .cache/grype/db/4
Does someone have or had this problem as well?
Thanks for your help.
Best regards,
Erhan
Hi @erhan- is this a problem that just started or has it happened for multiple runs? Can you maybe just re-run the workflow to fix it?
This error happens if Grype is unable to download the latest database. I don't see a problem with this happening locally, so the latest database is definitely available and working. Maybe it was a network hiccup on GitHub's side?
I am using this yesterday for the first time and have no comparison. It might be a network issue but it would be nice if that error would indicate that I think. I will try again these days and rerun the workflow. Thanks for your help!
One other question: which version are you using? Could you share your action config for this?
Hey @erhan- I'm going to close this one, as I think it was probably just a network hiccup and haven't heard otherwise. Please reopen if this continues to be an issue!
Sorry for not responding. I had not checked my notifications and also have not worked with this for a while. If I get back to this and it does not occur, I will edit this comment as well to confirm the potential network hiccup as well. Thanks for your help!