We recently updated Harbor to 2.4.2 and with that the Backstage Harbor Plugin broke. We're getting Cannot read properties of undefined (reading 'severity')
We investigated a bit and it seems we get a report back with a new vulnKey. The default X-Accept-Vulnerabilites is application/vnd.security.vulnerability.report; version=1.1, application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0. The resulting json contains the key application/vnd.security.vulnerability.report; version=1.1
Specifying only X-Accept-Vulnerabilites: application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0 returns an empty json result
Here's two related issues in Harbor: goharbor/harbor#16085 & goharbor/harbor#16295
I'm not quite convinced yet that our solution, changing vulnKey to application/vnd.security.vulnerability.report; version=1.1, is correct but might be.
What do you think?
We recently updated Harbor to 2.4.2 and with that the Backstage Harbor Plugin broke. We're getting
Cannot read properties of undefined (reading 'severity')We investigated a bit and it seems we get a report back with a new vulnKey. The default X-Accept-Vulnerabilites is
application/vnd.security.vulnerability.report; version=1.1, application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0. The resulting json contains the keyapplication/vnd.security.vulnerability.report; version=1.1Specifying only
X-Accept-Vulnerabilites: application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0returns an empty json resultHere's two related issues in Harbor: goharbor/harbor#16085 & goharbor/harbor#16295
I'm not quite convinced yet that our solution, changing
vulnKeytoapplication/vnd.security.vulnerability.report; version=1.1, is correct but might be.What do you think?