You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What happened:
Since the v0.68.1 (possibly the v0.68.0) release the SARIF output is no longer compatible with GitHub via the github/codeql-action/upload-sarif action.
Uploading results
Error: Invalid request.
1 item required; only 0 were supplied.
RequestError [HttpError]: Invalid request.
1 item required; only 0 were supplied.
What you expected to happen:
SARIF files generated from Grype should be compatible with GitHub.
How to reproduce it (as minimally and precisely as possible):
Scan an OCI image with Grype and set the output to SARIF, then attempt to upload it to the GitHub CodeQL endpoint.
Anything else we need to know?:
n/a
Environment:
Output of grype version: grype 0.69.0
OS (e.g: cat /etc/os-release or similar): Ubuntu 22.04 (GH Runner)
The text was updated successfully, but these errors were encountered:
👋 Thanks for the report @stevehipwell - looks like the $Schema field is still using the old rtm version right before it was finalized in 2.1.0. I've filed a PR with our upstream so hope to get this fixed in Grype relatively soon:
What happened:
Since the
v0.68.1
(possibly thev0.68.0
) release the SARIF output is no longer compatible with GitHub via thegithub/codeql-action/upload-sarif
action.What you expected to happen:
SARIF files generated from Grype should be compatible with GitHub.
How to reproduce it (as minimally and precisely as possible):
Scan an OCI image with Grype and set the output to SARIF, then attempt to upload it to the GitHub CodeQL endpoint.
Anything else we need to know?:
n/a
Environment:
grype version
:grype 0.69.0
cat /etc/os-release
or similar): Ubuntu 22.04 (GH Runner)The text was updated successfully, but these errors were encountered: