Rating overrides should reflect in findings #966
Assignees
Labels
component/api-server
defect
Something isn't working
p2
Non-critical bugs, and features that help organizations to identify and reduce risk
size/S
Small effort
Comments
nscuro
added
defect
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 14, 2023
Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 15, 2023
Additionally, refactor findings query to use JDBI and a single SQL statement, instead of multiple additional queries to enrich the results. The new query also supports pagination, which the original logic didn't. Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
2 tasks
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 15, 2023
Additionally, refactor findings query to use JDBI and a single SQL statement, instead of multiple additional queries to enrich the results. The new query also supports pagination, which the original logic didn't. Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 15, 2023
Additionally, refactor findings query to use JDBI and a single SQL statement, instead of multiple additional queries to enrich the results. The new query also supports pagination, which the original logic didn't. Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 18, 2023
Additionally, refactor findings query to use JDBI and a single SQL statement, instead of multiple additional queries to enrich the results. The new query also supports pagination, which the original logic didn't. Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this issue
Dec 22, 2023
Additionally, refactor findings query to use JDBI and a single SQL statement, instead of multiple additional queries to enrich the results. The new query also supports pagination, which the original logic didn't. Closes DependencyTrack/hyades#966 Signed-off-by: nscuro <nscuro@protonmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
Findings query must be updated to reflect any applied rating overrides:https://github.com/DependencyTrack/hyades-apiserver/blob/34884c9f395676b513374b3e3c0bf22ac4ccee78/src/main/java/org/dependencytrack/model/Finding.java#L56-L90
Currently, findings will report the original rating, despite them having been overwritten via analysis.
Note
This is also a good opportunity to rewrite the
Findingquery logic to use JDBI, and also add support for pagination.The text was updated successfully, but these errors were encountered: