Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-enable dependency check plugin #4293

Open
patchwork01 opened this issue Feb 20, 2025 · 0 comments
Open

Re-enable dependency check plugin #4293

patchwork01 opened this issue Feb 20, 2025 · 0 comments
Labels
build-pipeline on-hold
Milestone
0.29.0

Comments

@patchwork01
Copy link
Collaborator

Background

Dependency check workflows are currently failing because the NVD API is too slow:
https://github.com/gchq/sleeper/actions/runs/13404343561
https://github.com/gchq/sleeper/actions/runs/13426764578

The NVD website says:

Current API Status:

Due to changes described below, a large number of CVE records have recently been updated, resulting in a large increase in API requests. We are aware of the issue and are working to mitigate it. Thank you for your patience.

November 15, 2024: NVD Technical Update

CVE List Authorized Data Publisher (ADP) Support
We plan to deploy changes to our systems the week of November 18th. After this is complete, NVD systems will begin ingesting supported datatypes within the CVE List from all sources (CNAs and ADPs).

https://www.nist.gov/itl/nvd

We temporarily disabled the plugin in the following issue:

Description

We can re-enable the dependency check plugin once the API is back up.
@patchwork01 patchwork01 added enhancement New feature or request build-pipeline on-hold and removed enhancement New feature or request labels Feb 20, 2025
@patchwork01 patchwork01 added this to the 0.29.0 milestone Feb 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
build-pipeline on-hold
Projects
None yet
Milestone
0.29.0
Development

No branches or pull requests
1 participant
@patchwork01