The dependencies spreadsheet is no longer included in the BOM Excel report available for download from software composition. This happened even when in the Export data interface, BOM options to include dependencies and their vulnerabilities is selected to ON.
Details
The dependencies tab will not be generated if the following threshold is reached:
- More than 20 components which have more than 40 dependencies. This fix effective from release CAST Highlight 5.4.84 is put into place to handle memory allocation issues when there are huge number of dependencies. The CAST Highlight API: https://demo.casthighlight.com/api-doc/index.html#/Dependencies/thirdpartyByNameVersion may provide similar level of details provided by the dependency tab in the excel BOM report.
-
When an application has more than 2,000 components, in order to not fail the SBOM generation, transitive dependencies are not calculated.
Ticket
42384, 48251
Related Articles
CAST HIGHLIGHT - Results - Many details are missing in PPT report
Additional Resources
CAST Highlight Troubleshooting Guides
CAST Highlight Product Documentation
Comments