Hi Steve.
THX. It works :-)
Cheers Paddy
Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
I
itadmin_9894
@itadmin_9894
0
Reputation
11
Posts
1
Profile views
0
Followers
0
Following
Best posts made by itadmin_9894
This user hasn't posted anything yet.
Latest posts made by itadmin_9894
-
RE: Api-Call to get vulnerabilties by package and versionposted in Support
Hi Dan.
I have now built a parser that fetches the desired information from the WebApp.
Thank you very much for your help.
Paddy -
RE: Block package from downloadposted in Support
@stevedennis said in Block package from download:
Can you give us a few more details of what you're trying to do? A connector filter is intended to allow or block a package by name; it does not filter out versions.
Hi @stevedennis
THX for your feedback. I am happy to describe my problem in more detail. As you can see in the screenshot, I have created a filter that is supposed to block the nuget “FluentAssertion” from version 8.0.0.
In the package view you can see that no version >= 8.0.0 of FluentAssertions is stored in the cache:
Despite the filter, it is possible to obtain this package in VisualStudio:
I would like to prevent this. How is this possible?
Cheers Paddy -
Block package from downloadposted in Support
Hi folks.
I would like to prevent the download of a package in one version or more. It does not work via the connector filter.
How do I do it correctly in version 24.0.27?
Best regards
Paddy -
RE: Api-Call to get vulnerabilties by package and versionposted in Support
Good morning @atripp .
It looks like this method is not working as I expect it to. As you can see from the following printscreens, the result is different between WebUi and API.
Am I using the API call incorrectly?
Best regards
Paddy -
RE: Api-Call to get vulnerabilties by package and versionposted in Support
Hi @atripp ,
THX for your feedback. It looks like that's not what I want. https://docs.inedo.com/docs/proget/api/vulnerabilities/audit
This method does not provide for the vulnerabilities of the package.
Any other ideas?Best regards
Paddy -
Api-Call to get vulnerabilties by package and versionposted in Support
Hi folks.
Is there a way to get the vulnerabilities via an api call using a nuget packet and its version?
I would like the information as in the picture:
THX Paddy -
RE: Migrate OSS Index to PGVCposted in Support
Hi Alana.
Thanks for your feedback. I will try it like that.
Best regards
Paddy -
Migrate OSS Index to PGVCposted in Support
Hi folks.
I am trying to migrate the OSS index, but I get the following error:
(500) Server Error
Could not find stored procedure 'PgvcVulnerabilities_GetMatachedVulnerabilities'.
For more information, visit the Error Log Page.Can anyone tell me where I can get this StoredProcedure?
Or is this migration not necessary if I want to update to the latest version?
THX Paddy
-
RE: How to change affected version range in Vulnerablity Assessment?posted in Support
Hi @atripp ,
Thank you for your quick reply. We will try your suggested approach and migrate from OSS Index to ProGet's Vulnerability Database. We will also update our server installation.
There are other libraries with the same issue, so your statement regarding the reliability of OSS Index as a data source seems to be accurate.
Best regards