User requested a BOM report and tried to download it from the link received by email. It did not work.
Details and Workaround
The message indicate that the report failed during operation.
-
This may happen when there are large number of components for which HL detected the dependencies.
-
- Check whether the option to include dependencies is activated. With the option deactivated report generation may happen without error. If the number of level-1 components is high and if one or many of them have a lot of dependencies, then it will take time for the system to build the full report which includes component dependencies. In the newer versions if there are more than 20 components which have more than 40 dependencies the dependencies tab will not be generated in the report.
- For NodeJS apps, if a version prior to CAST Highlight 5.4.22 is used generate the BOM without transitive dependencies . For NodeJS apps prior to CAST Highlight version 5.4.22, all components from yarn.lock and node_modules fingerprints were detected, direct and transitive dependencies were at the same level in SCA results . The default mode of versions after 5.4.22 will automatically exclude NodeJS transitive dependencies (node_modules) from results. With the default mode in the latest versions, only direct dependencies found in both yarn.lock and package.json are detected.
- Check whether the option to include dependencies is activated. With the option deactivated report generation may happen without error. If the number of level-1 components is high and if one or many of them have a lot of dependencies, then it will take time for the system to build the full report which includes component dependencies. In the newer versions if there are more than 20 components which have more than 40 dependencies the dependencies tab will not be generated in the report.
-
- Use the latest version of Highlight. If using CLI use the latest version of the CLI. As the platform evolves (new features, new api endpoints, etc.), the command line also uses some of these functionalities so it needs to be updated frequently.
-
If it is a SAML configured organization, even if the user is a non-SAML user, when the user downloads the report, user will receive a SAML link. Please check CAST HIGHLIGHT - Web - Download link received by email when the reports are exported are SAML links
- Reports can be triggered through the API, by using WS (not documented API endpoint). Liaise with your local Highlight SME, if you need further assistance.
Note that this feature is not available at the portfolio level as it is resource consuming for a large volume of applications (i.e., use with caution with some timeout).
Related Articles
CAST HIGHLIGHT - Results - PPT report extraction is running for long time
CAST HIGHLIGHT - Web - Download link received by email when the reports are exported are SAML links
Additional Resources
CAST Highlight Troubleshooting Guides
CAST Highlight Product Documentation
Ticket Number
37225, 29013, 37972, 41910
Comments