does anyone use container image scanning – and if so have you noticed that as of some time last week the “Vulnerabilities” tab disappeared from the console within a specific image result in artifact registry? (I … see it if I pull via API)
I noticed today that the link to the actual json file containing the sbom is missing from the web UI and it’s pretty obtuse to get it yourself
I think that is actually what someone else was trying to tell me – I only use the “vulnerabilities” tab … but they were saying “dependencies” ?
could you open a case w/ google if this is still happening?
they’ve reviewed my permissions, and they can see it they say, but we can’t… dozens of us… but they’re blaming our local browsers and telling us to clear our cache
do you use CEP (chrome enterprise premium per chance?)
link is not there. we don’t use CEP
The SBOM files are in a bucket but the web UI says “No SBOM data found”
I am running gcloud artifacts sbom export --uri=$URI in CI and I guess now it doesn’t work the same as before.
we had to add the container analyis viewer roles explicitly now… I am pretty sure that it used to be covered in securityReviewer but now isn’t
