ortelius / ms-dep-pkg-cud Goto Github PK
View Code? Open in Web Editor NEWDependency Package Data Microservice - Create, Update and Delete
License: Apache License 2.0
ms-dep-pkg-cud's Issues
Dependency Dashboard
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Open
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
- Update all dependencies (
cgr.dev/chainguard/python,github/codeql-action,packageurl-python,starlette,uvicorn)
Detected dependencies
dockerfile
Dockerfile
cgr.dev/chainguard/python latest-dev@sha256:26ed3bc11419b81a1d787e9815024e294adc5c5749ae3d9d944cf93151a93d12cgr.dev/chainguard/python latest@sha256:26af703291a0edd92560df0ddfaaa6deb07be1885131991edd195d9d6f5e1885
github-actions
.github/workflows/build-push-chart.yml
ortelius/workflow-toolkit 384309c664a0bda080a44b167268397a45d43760ortelius/workflow-toolkit 384309c664a0bda080a44b167268397a45d43760ortelius/workflow-toolkit 384309c664a0bda080a44b167268397a45d43760ortelius/workflow-toolkit 384309c664a0bda080a44b167268397a45d43760ortelius/workflow-toolkit 384309c664a0bda080a44b167268397a45d43760.github/workflows/codeql.yml
step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515cactions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332github/codeql-action v3.25.13@2d790406f505036ef40ecba973cc774a50395aacgithub/codeql-action v3.25.13@2d790406f505036ef40ecba973cc774a50395aac.github/workflows/mega-linter.yml
step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515cactions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332oxsecurity/megalinter v7.13.0@bacb5f8674e3730b904ca4d20c8bd477bc51b1a7actions/upload-artifact v4.3.4@0b2256b8c012f0828dc542b3febcab082c67f72bpeter-evans/create-pull-request v6.1.0@c5a7806660adbe173f04e3e038b0ccdcd758773cstefanzweifel/git-auto-commit-action v5.0.1@8621497c8c39c72f3e2a999a26b4ca1b5058a842.github/workflows/scorecard.yml
step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515cactions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332ossf/scorecard-action v2.3.3@dc50aa9510b46c811795eb24b2f1ba02a914e534github/codeql-action v3.25.13@2d790406f505036ef40ecba973cc774a50395aac
pip_requirements
requirements.in
fastapi ==0.111.1psycopg2_binary ==2.9.9pydantic ==2.8.2SQLAlchemy ==2.0.31uvicorn ==0.30.1requests ==2.32.3certifi ==2024.7.4cvss ==3.1defusedxml ==0.7.1packageurl-python ==0.15.4idna ==3.7requirements.txt
annotated-types ==0.7.0anyio ==4.4.0certifi ==2024.7.4charset-normalizer ==3.3.2click ==8.1.7cvss ==3.1defusedxml ==0.7.1dnspython ==2.6.1email-validator ==2.2.0exceptiongroup ==1.2.2fastapi ==0.111.1fastapi-cli ==0.0.4greenlet ==3.0.3h11 ==0.14.0httpcore ==1.0.5httptools ==0.6.1httpx ==0.27.0idna ==3.7jinja2 ==3.1.4markdown-it-py ==3.0.0markupsafe ==2.1.5mdurl ==0.1.2orjson ==3.10.6packageurl-python ==0.15.4psycopg2-binary ==2.9.9pydantic ==2.8.2pydantic-core ==2.20.1pygments ==2.18.0python-dotenv ==1.0.1python-multipart ==0.0.9pyyaml ==6.0.1requests ==2.32.3rich ==13.7.1shellingham ==1.5.4sniffio ==1.3.1sqlalchemy ==2.0.31starlette ==0.37.2typer ==0.12.3typing-extensions ==4.12.2ujson ==5.10.0urllib3 ==2.2.2uvicorn ==0.30.1uvloop ==0.19.0watchfiles ==0.22.0websockets ==12.0
- Check this box to trigger a request for Renovate to run again on this repository
Action Required: Fix Renovate Configuration
There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.
Location: renovate.json
Error type: Invalid JSON (parsing failed)
Message: JSON.parse error: JSON5: invalid character '}' at 31:1
Loading of SBOM components results in SQL syntax error
Performing a request to e.g. /msapi/deppkg/cyclonedx with a SBOM containing components results in the following request response:
{"detail":"syntax error at or near \".\"\nLINE 3: ...tro=rhel-8.7', 'rpm') ON CONFLICT ON CONSTRAINT dm.dm_compon...\n ^\n"}The root cause of this error seem to be the query for inserting a new component into the database:
sqlstmt = """
INSERT INTO dm.dm_componentdeps(compid, packagename, packageversion, deptype, name, url, summary, purl, pkgtype)
VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s) ON CONFLICT ON CONSTRAINT dm.dm_componentdeps_pkey DO NOTHING
"""I think it should be:
sqlstmt = """
INSERT INTO dm.dm_componentdeps(compid, packagename, packageversion, deptype, name, url, summary, purl, pkgtype)
VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s) ON CONFLICT ON CONSTRAINT dm_componentdeps_pkey DO NOTHING
"""Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.