Question d’entretien chez FOSSA

How would you block a dependency version with a zero-day using the FOSSA CLI and APIs?

Réponse à la question d'entretien

Utilisateur anonyme

10 nov. 2025

I created a small test project, scanned it using the FOSSA CLI to surface the dependency in the SBOM, then inspected network requests and headers in the browser to identify the internal policy API and related parameters used to block specific versions. I reconstructed and executed the call using curl, verified that the block was registered, and re-ran the scan to confirm enforcement.