Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component #3579

markusmuellerusi · 2024-03-25T17:08:10Z

Current Behavior

-alpha, -beta, -rc, -preview, -SNAPSHOT should never be displayed or handled as latest version. They are not stable.

Sample:

Steps to Reproduce

Upload and analyse an SBoM, where the latest available version in repository is a alpha, beta, rc, preview or snapshot
Analyse the project component (done in step 1)
Verify my succested code snippet.

Expected Behavior

Please skip these versions in function findLatestVersion.

Sample code:

private String findLatestVersion(JSONArray versions) {
    if (versions.length() < 1) {
        return null;
    }

    ComparableVersion latestVersion = null;
    for (int i = 0; i < versions.length(); i++) {

        String version = versions.getString(i);
        if (version == null || version.trim().length() == 0 ||
                version.trim().toLowerCase().contains("-alfa") ||
                version.trim().toLowerCase().contains("-alpha") ||
                version.trim().toLowerCase().contains("-beta") ||
                version.trim().toLowerCase().contains("-snapshot") ||
                version.trim().toLowerCase().contains("-rc") ||
                version.trim().toLowerCase().contains("-preview")) {
            continue;
        }

        ComparableVersion comparableVersion = new ComparableVersion(version);
        if (latestVersion == null) {
            latestVersion = comparableVersion;
        }
        else if (comparableVersion.compareTo(latestVersion) > 0) {
            latestVersion = comparableVersion;
        }
    }

    if (latestVersion == null) {
        return null;
    }

    return latestVersion.toString();
}

Dependency-Track Version

4.10.1

Dependency-Track Distribution

Executable WAR

Database Server

Microsoft SQL Server

Database Server Version

No response

Browser

Microsoft Edge

Checklist

I have read and understand the contributing guidelines
I have checked the existing issues for whether this defect was already reported

The text was updated successfully, but these errors were encountered:

markusmuellerusi added defect Something isn't working in triage labels Mar 25, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component #3579

Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component #3579

markusmuellerusi commented Mar 25, 2024

Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component #3579

Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component #3579

Comments

markusmuellerusi commented Mar 25, 2024

Current Behavior

Steps to Reproduce

Expected Behavior

Dependency-Track Version

Dependency-Track Distribution

Database Server

Database Server Version

Browser

Checklist