Robert
Robert
**Describe the bug** When importing a particular SBOM created with cdxgen, the `load_sbom` pipeline succeeds according to ScanCode.io, but DejaCode reports issues importing the dependencies. The error message states: `The...
**Describe the bug** Current DejaCode versions already represent the relationships between packages in a product's inventory and their dependencies with other packages. However, when exporting an SBOM that relationship is...
**Describe the bug** If a package scan through `scan_single_package` in ScanCode.io intially failed, the pipeline is restarted manually in ScanCode.io, and it completes successfully, then no usage policy (e.g. Approved...
**Is your enhancement request related to a problem? Please describe.** When integrating DejaCode in CI pipelines it is currently unclear when you can start retrieving data from it, since there...
**Is your enhancement request related to a problem? Please describe.** It is currently not possible to access the scan results through DejaCode's API both because there is no API endpoint...
**Is your enhancement request related to a problem? Please describe.** Currently the scanning of NuGet packages does not seem to work as no `scan_single_package` is getting triggered. **What are the...
**Describe the bug** Users that are assigned to the "Legal" group and have _Staff Status_ enable, currently posses the following permissions among others, as documented by the permission matrix: -...
**Describe the bug** It appears that importing an SBOM that contains a mix of npm and Maven packages only results in npm packages being scanned by ScanCode.io. It seems that...
**Is your enhancement request related to a problem? Please describe.** Products may have vulnerabilities in their own source code, not just in their dependencies. The Cyber Resilience Act mandates that...
**What type of documentation would you like?** Details on integration of PurlDB and Vulnerable Code: https://dejacode.readthedocs.io/en/latest/application-settings.html **Documentation topic** When running DejaCode it by default connects to public instances of PurlDB...