Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Timeout on generation #10

Open
alper opened this issue Apr 6, 2023 · 2 comments
Open

Timeout on generation #10

alper opened this issue Apr 6, 2023 · 2 comments

Comments

@alper
Copy link

alper commented Apr 6, 2023

I'm getting this error:

2023/04/06 12:59:14 Message: timedout, Locations: [{Line:1 Column:155}]
@steiza
Copy link
Collaborator

steiza commented Apr 12, 2023

As you discovered, this can take awhile to generate a SBOM for a large repository, or fail altogether for very large repositories.

The Dependency Graph team was kind enough to implement a server-side SBOM generator for SPDX, which is much, much faster. The gh-sbom v0.0.9 release makes use of this feature - give it a try and let us know if that works for you?

You'll need to update gh-sbom with:

$ gh ext remove advanced-security/gh-sbom
$ gh ext install advanced-security/gh-sbom

@reedloden
Copy link

Are there plans to do the same for CycloneDX (or at least some other type of fix)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alper @steiza @reedloden