Hi there 
I’ve spotted a bug in the Snyk plugin, specifically the snyk_sbom table. I’ve created an issue for it here - GitHub Issue #17767.
Hi @suitable-glider!
Thank you for submitting the issue. As we don’t have the enterprise access for the Snyk API, would you mind testing v0.0.0-sbom-rc1 of the snyk source plugin and telling us if the issue was fixed?
Unfortunately, this version has not solved the issue. To avoid duplication, I’ve commented more detail on the issue here.
Happy to discuss over VC if that’s easier too.
Thanks!
I see that you are using the synced data to see the org and projects.
Could you please also check that for a couple of projects with the API calls (verifying just a couple of orgs would suffice)?
Essentially, for the orgs used in the repro, it’s vital to see that the API will return a non-empty list.
I’ve tried a handful of organisation/project pairs on Snyk API Documentation, each returning a non-empty list.
OK, great, thanks for the info!
@suitable-glider I’ve pushed v0.0.0-mx-rc2 plugin version that should solve the issue, could you retest please?
OK, we’ve released v5.4.0 with this fix!
Amazing! Thanks! Will test it out now.
Tested. Works. Deployed to PROD!
Thanks again!
The release notes suggest the fix is to retry based on a non-200 status code from the Snyk API.
Wonder if the status code could be logged for any/all calls to third-party APIs? At least at trace or debug level? This might make it easier for any future issues to be triaged by users and lead to a more detailed GitHub issue being raised?
Multiplex on all organization projects (#2074) (e2b2d0b) is the correct entry 
Ah, yep. Should have read things more closely.
It also looks like the status code is already logged, at least according to this issue #17671.