-
-
Notifications
You must be signed in to change notification settings - Fork 583
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add health endpoint #2633
Merged
Merged
Add health endpoint #2633
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also reduce default health check interval in Dockerfile from 5m to 30s Signed-off-by: nscuro <[email protected]>
Signed-off-by: nscuro <[email protected]>
sahibamittal
added a commit
to sahibamittal/dependency-track
that referenced
this pull request
Apr 6, 2023
commit d29ab68 Merge: 43be7bb e867283 Author: Niklas <[email protected]> Date: Tue Apr 4 18:28:30 2023 +0200 Merge pull request DependencyTrack#2633 from nscuro/health-check Add health endpoint commit 43be7bb Merge: 8c825bd ea693f9 Author: Niklas <[email protected]> Date: Tue Apr 4 18:28:08 2023 +0200 Merge pull request DependencyTrack#2635 from DependencyTrack/dependabot/github_actions/actions/setup-java-3.11.0 Bump actions/setup-java from 3.10.0 to 3.11.0 commit ea693f9 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Apr 3 08:58:34 2023 +0000 Bump actions/setup-java from 3.10.0 to 3.11.0 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.10.0 to 3.11.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v3.10.0...v3.11.0) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 8c825bd Merge: 83c8e89 d78826b Author: Niklas <[email protected]> Date: Sat Apr 1 23:19:33 2023 +0200 Merge pull request DependencyTrack#2631 from ch8matt/master fix project URL in mail & cisco webex commit e867283 Author: nscuro <[email protected]> Date: Sat Apr 1 16:21:19 2023 +0200 Add health check documentation Signed-off-by: nscuro <[email protected]> commit 9c9cb4c Author: nscuro <[email protected]> Date: Fri Mar 31 21:18:33 2023 +0200 Add health endpoint Also reduce default health check interval in Dockerfile from 5m to 30s Signed-off-by: nscuro <[email protected]> commit d78826b Author: ch8matt <[email protected]> Date: Tue Mar 28 18:10:53 2023 +0200 fix project URL in mail & cisco webex Signed-off-by: ch8matt <[email protected]> commit 83c8e89 Merge: 6c752b9 cc888ba Author: Niklas <[email protected]> Date: Mon Mar 27 19:56:19 2023 +0200 Merge pull request DependencyTrack#2618 from DependencyTrack/dependabot/maven/org.apache.commons-commons-compress-1.23.0 Bump commons-compress from 1.22 to 1.23.0 commit 6c752b9 Merge: 485abde 3136353 Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:44 2023 +0200 Merge pull request DependencyTrack#2620 from DependencyTrack/dependabot/maven/net.javacrumbs.json-unit-json-unit-assertj-2.37.0 Bump json-unit-assertj from 2.36.1 to 2.37.0 commit 485abde Merge: 6dc7244 298497b Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:28 2023 +0200 Merge pull request DependencyTrack#2624 from DependencyTrack/dependabot/github_actions/actions/checkout-3.5.0 Bump actions/checkout from 3.4.0 to 3.5.0 commit 6dc7244 Merge: 61c6538 c092419 Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:11 2023 +0200 Merge pull request DependencyTrack#2625 from DependencyTrack/dependabot/docker/src/main/docker/debian-bullseye-20230320-slim Bump debian from bullseye-20230227-slim to bullseye-20230320-slim in /src/main/docker commit 61c6538 Merge: 09d3492 09ee0b0 Author: Niklas <[email protected]> Date: Mon Mar 27 19:53:57 2023 +0200 Merge pull request DependencyTrack#2626 from Citi/map-published-date-snyk-parsing Map Snyk publication time commit 09ee0b0 Author: sahibamittal <[email protected]> Date: Mon Mar 27 13:21:57 2023 +0100 map Snyk publication time Signed-off-by: sahibamittal <[email protected]> commit c092419 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 27 08:59:06 2023 +0000 Bump debian in /src/main/docker Bumps debian from bullseye-20230227-slim to bullseye-20230320-slim. --- updated-dependencies: - dependency-name: debian dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> commit 298497b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 27 08:58:32 2023 +0000 Bump actions/checkout from 3.4.0 to 3.5.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3.4.0...v3.5.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 3136353 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Mar 24 08:57:10 2023 +0000 Bump json-unit-assertj from 2.36.1 to 2.37.0 Bumps [json-unit-assertj](https://github.com/lukas-krecan/JsonUnit) from 2.36.1 to 2.37.0. - [Release notes](https://github.com/lukas-krecan/JsonUnit/releases) - [Commits](lukas-krecan/JsonUnit@json-unit-parent-2.36.1...json-unit-parent-2.37.0) --- updated-dependencies: - dependency-name: net.javacrumbs.json-unit:json-unit-assertj dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 09d3492 Merge: 8a4b59a 946ff0f Author: Niklas <[email protected]> Date: Thu Mar 23 10:56:28 2023 +0100 Merge pull request DependencyTrack#2617 from nscuro/issue-2494 Prevent dependency graph deletion during CycloneDX export commit cc888ba Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Mar 23 08:58:52 2023 +0000 Bump commons-compress from 1.22 to 1.23.0 Bumps commons-compress from 1.22 to 1.23.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 8a4b59a Merge: 7a6de03 0e82216 Author: Niklas <[email protected]> Date: Wed Mar 22 20:15:42 2023 +0100 Merge pull request DependencyTrack#2610 from Mvld3r/issue-2313-move-jira-configuration Fix: Move jira configuration commit 7a6de03 Merge: 2295e35 ef4f026 Author: Niklas <[email protected]> Date: Wed Mar 22 20:13:20 2023 +0100 Merge pull request DependencyTrack#2608 from DependencyTrack/dependabot/github_actions/actions/checkout-3.4.0 Bump actions/checkout from 3.3.0 to 3.4.0 commit 2295e35 Merge: 0f14594 9118e2d Author: Niklas <[email protected]> Date: Wed Mar 22 20:13:08 2023 +0100 Merge pull request DependencyTrack#2607 from DependencyTrack/dependabot/maven/org.slf4j-log4j-over-slf4j-2.0.7 Bump log4j-over-slf4j from 2.0.6 to 2.0.7 commit 0f14594 Merge: 7a789d5 615141c Author: Niklas <[email protected]> Date: Wed Mar 22 20:12:46 2023 +0100 Merge pull request DependencyTrack#2606 from DependencyTrack/dependabot/maven/org.apache.maven-maven-artifact-3.9.1 Bump maven-artifact from 3.9.0 to 3.9.1 commit 7a789d5 Author: rbt-mm <[email protected]> Date: Wed Mar 22 20:11:36 2023 +0100 Add `BOM_PROCESSING_FAILED` notification (DependencyTrack#2600) * Add BOM_PROCESSING_FAILED notification A new notification is sent if the notification rule includes the notification group BOM_PROCESSING_FAILED and if an error happens during the upload of a BOM. Signed-off-by: RBickert <[email protected]> * Add project url and exception to new notification Signed-off-by: RBickert <[email protected]> * Add BOM format and specVersion Detach `bomProcessingFailedProject` Rename `exception` to `cause` Signed-off-by: RBickert <[email protected]> --------- Signed-off-by: RBickert <[email protected]> commit 7fd47cd Merge: 5c7200c 2226f41 Author: Niklas <[email protected]> Date: Wed Mar 22 20:07:58 2023 +0100 Merge pull request DependencyTrack#2561 from nscuro/db-inspect-dev-docs Add developer docs for database inspection commit 2226f41 Author: nscuro <[email protected]> Date: Wed Mar 22 19:38:47 2023 +0100 Update docs with h2 console instructions Signed-off-by: nscuro <[email protected]> commit 946ff0f Author: nscuro <[email protected]> Date: Wed Mar 22 18:57:11 2023 +0100 Prevent dependency graph deletion during CycloneDX export Fixes DependencyTrack#2494 Fixes DependencyTrack#2546 Signed-off-by: nscuro <[email protected]> commit 0e82216 Author: Enora Germond <[email protected]> Date: Thu Mar 16 14:06:30 2023 +0100 Fix: Move jira configuration Signed-off-by: Enora Germond <[email protected]> commit ef4f026 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 09:00:38 2023 +0000 Bump actions/checkout from 3.3.0 to 3.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3.3.0...v3.4.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 9118e2d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 08:57:39 2023 +0000 Bump log4j-over-slf4j from 2.0.6 to 2.0.7 Bumps [log4j-over-slf4j](https://github.com/qos-ch/slf4j) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/qos-ch/slf4j/releases) - [Commits](https://github.com/qos-ch/slf4j/commits) --- updated-dependencies: - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 615141c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 08:57:27 2023 +0000 Bump maven-artifact from 3.9.0 to 3.9.1 Bumps [maven-artifact](https://github.com/apache/maven) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/apache/maven/releases) - [Commits](apache/maven@maven-3.9.0...maven-3.9.1) --- updated-dependencies: - dependency-name: org.apache.maven:maven-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 5c7200c Merge: f7ad3b1 fabed3e Author: Niklas <[email protected]> Date: Sun Mar 19 22:03:17 2023 +0100 Merge pull request DependencyTrack#2592 from syalioune/feature/enabling-h2-web-console-usage Feature: Allow H2 web console usage for dev purposes commit fabed3e Author: syalioune <[email protected]> Date: Sun Mar 19 16:16:16 2023 +0100 Feature: Allow H2 web console usage for dev purposes Taking into account review comments : conditional activation based on a maven profile Signed-off-by: syalioune <[email protected]> commit f7ad3b1 Merge: 56e41f0 54e30e0 Author: Niklas <[email protected]> Date: Thu Mar 16 21:35:49 2023 +0100 Merge pull request DependencyTrack#2593 from walterdeboer/feature/639 Support for CPAN repository commit 56e41f0 Merge: e94cf55 467c81d Author: Niklas <[email protected]> Date: Thu Mar 16 21:34:31 2023 +0100 Merge pull request DependencyTrack#2597 from DependencyTrack/dependabot/github_actions/docker/setup-buildx-action-2.5.0 Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 commit e94cf55 Merge: 3f5bbcd 0971956 Author: Niklas <[email protected]> Date: Thu Mar 16 21:34:08 2023 +0100 Merge pull request DependencyTrack#2598 from DependencyTrack/dependabot/github_actions/aquasecurity/trivy-action-0.9.2 Bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 commit 3f5bbcd Merge: 3a5989a 61c9369 Author: Niklas <[email protected]> Date: Thu Mar 16 21:33:53 2023 +0100 Merge pull request DependencyTrack#2603 from Mvld3r/issue-2488-component-author-length Fix: Allow component author to be larger than 255 characters commit 61c9369 Author: Enora Germond <[email protected]> Date: Tue Mar 14 18:24:30 2023 +0100 Fix: Allow component author to be larger than 255 characters Signed-off-by: Enora Germond <[email protected]> commit 54e30e0 Author: Walter de Boer <[email protected]> Date: Mon Mar 13 08:33:29 2023 +0100 Removed invallid cpan support from SnykAnalysisTask Signed-off-by: Walter de Boer <[email protected]> commit 0971956 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 13 08:59:02 2023 +0000 Bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.9.1 to 0.9.2. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.9.1...0.9.2) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 467c81d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 13 08:58:57 2023 +0000 Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.4.1...v2.5.0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit d324a67 Author: Walter de Boer <[email protected]> Date: Sun Mar 12 00:34:31 2023 +0100 Support for CPAN repository Signed-off-by: Walter de Boer <[email protected]> commit 3a5989a Merge: e47c1d2 3a71894 Author: Niklas <[email protected]> Date: Sat Mar 11 21:11:58 2023 +0100 Merge pull request DependencyTrack#2563 from syalioune/feature/2456-handle-analyzer-errors-gracefully Feature: Handle repository meta analyzers errors gracefully commit e47c1d2 Merge: 48adb8b ca74c26 Author: Niklas <[email protected]> Date: Sat Mar 11 21:07:47 2023 +0100 Merge pull request DependencyTrack#2584 from nscuro/issue-2583 Fix invalid query filter assembly commit 48adb8b Merge: c486415 d3cc980 Author: Niklas <[email protected]> Date: Sat Mar 11 21:07:24 2023 +0100 Merge pull request DependencyTrack#2585 from Citi/Issue-2571-map-snyk-remedies Issue-2571 : map Snyk remedies to recommendation Closes DependencyTrack#2571 commit c486415 Merge: 97121d4 16cf3d6 Author: Niklas <[email protected]> Date: Sat Mar 11 21:06:49 2023 +0100 Merge pull request DependencyTrack#2586 from Citi/feature/fixPolicyEngineIssue Minor bugfix for PolicyEngine commit 97121d4 Merge: 9a5645a 37fb7c3 Author: Niklas <[email protected]> Date: Sat Mar 11 21:06:00 2023 +0100 Merge pull request DependencyTrack#2594 from walterdeboer/issues/2587 Match null values commit 37fb7c3 Author: Walter de Boer <[email protected]> Date: Sat Mar 11 16:24:41 2023 +0100 Match null tags Signed-off-by: Walter de Boer <[email protected]> commit 91fa7e5 Author: Walter de Boer <[email protected]> Date: Sat Mar 11 16:10:08 2023 +0100 Match null values Signed-off-by: Walter de Boer <[email protected]> commit d36df15 Author: syalioune <[email protected]> Date: Fri Mar 10 22:05:42 2023 +0100 Feature: Allow H2 web console usage for dev purposes Toggle H2 web servlet exposure and alpine web filters related configuration for dev environment Signed-off-by: syalioune <[email protected]> commit 16cf3d6 Author: mehab <[email protected]> Date: Thu Mar 9 15:06:41 2023 +0000 addressing review comments Signed-off-by: mehab <[email protected]> commit d3cc980 Author: sahibamittal <[email protected]> Date: Thu Mar 9 12:11:01 2023 +0000 map Snyk remedies to recommendation Signed-off-by: sahibamittal <[email protected]> commit 1adb397 Author: mehab <[email protected]> Date: Thu Mar 9 11:28:54 2023 +0000 added bugfix for isPolicyAssignedToProjectTag to scan through all project tags Signed-off-by: mehab <[email protected]> commit ca74c26 Author: nscuro <[email protected]> Date: Thu Mar 9 11:46:41 2023 +0100 Fix invalid query filter assembly Fixes DependencyTrack#2583 Signed-off-by: nscuro <[email protected]> commit 9a5645a Merge: 3d208f6 066ec81 Author: Niklas <[email protected]> Date: Wed Mar 8 17:27:13 2023 +0000 Merge pull request DependencyTrack#2564 from DependencyTrack/dependabot/docker/src/main/docker/debian-bullseye-20230227-slim Bump debian from bullseye-20230208-slim to bullseye-20230227-slim in /src/main/docker commit 3d208f6 Author: Sahiba Mittal <[email protected]> Date: Wed Mar 8 13:12:26 2023 +0000 Add support for vulnerability ID policy condition (DependencyTrack#2570) * add vulnerability id in policy condition Signed-off-by: sahibamittal <[email protected]> * fix test Signed-off-by: sahibamittal <[email protected]> * update violation type Signed-off-by: sahibamittal <[email protected]> --------- Signed-off-by: sahibamittal <[email protected]> Closes DependencyTrack#2557 commit 416f824 Merge: f35b129 e49d539 Author: Niklas <[email protected]> Date: Wed Mar 8 13:10:46 2023 +0000 Merge pull request DependencyTrack#2576 from syalioune/fix/issue-2420-empty-mail-content Fix: Null subject on project audit change notification mails Closes DependencyTrack#2420 commit 3a71894 Author: syalioune <[email protected]> Date: Wed Mar 8 10:28:07 2023 +0100 Feature: Handle repository meta analyzers errors gracefully Taking review comments into account : logic inversion. Retryable exceptions should be explicitly declared. Signed-off-by: syalioune <[email protected]> commit e49d539 Author: syalioune <[email protected]> Date: Wed Mar 8 09:51:07 2023 +0100 Fix: Null subject on project audit change notification mails See DependencyTrack#2420 for details Signed-off-by: syalioune <[email protected]> commit f35b129 Merge: 64e0f99 8e72253 Author: Niklas <[email protected]> Date: Tue Mar 7 15:54:39 2023 +0000 Merge pull request DependencyTrack#2532 from lme-nca/bugfix/issue_2424_add_do_not_reactivate_flag add DefectDojo "do not reactivate" flag, fixes issue 2424 Closes DependencyTrack#2424 commit 066ec81 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 6 09:00:00 2023 +0000 Bump debian in /src/main/docker Bumps debian from bullseye-20230208-slim to bullseye-20230227-slim. --- updated-dependencies: - dependency-name: debian dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> commit baf9b37 Author: syalioune <[email protected]> Date: Sun Mar 5 12:53:08 2023 +0100 Feature: Handle repository meta analyzers errors gracefully See DependencyTrack#2456. Allowing CacheStampedeBlocker to not retry on specific exceptions and applying that on repometa analyzer. Signed-off-by: syalioune <[email protected]> commit 52b2f01 Author: nscuro <[email protected]> Date: Sat Mar 4 20:57:17 2023 +0100 Add developer docs for database inspection Signed-off-by: nscuro <[email protected]> commit 8e72253 Author: Lars Meijers <[email protected]> Date: Fri Mar 3 16:39:59 2023 +0100 do not reactivate flag documentation Signed-off-by: Lars Meijers <[email protected]> commit c480335 Author: Lars Meijers <[email protected]> Date: Mon Feb 27 11:46:56 2023 +0100 add do not reactivate flag Signed-off-by: Lars Meijers <[email protected]>
sahibamittal
added a commit
to sahibamittal/dependency-track
that referenced
this pull request
Apr 12, 2023
commit a7f499a Merge: c10153f 22c2844 Author: Niklas <[email protected]> Date: Tue Apr 11 21:15:47 2023 +0200 Merge pull request DependencyTrack#2549 from syalioune/fix/issue-2538-vex-for-all-sources Fix: Allowing VEX import to audit all vulnerability sources Fixes DependencyTrack#2538 commit c10153f Merge: 695b6f2 2962fc7 Author: Niklas <[email protected]> Date: Tue Apr 11 21:12:51 2023 +0200 Merge pull request DependencyTrack#2665 from mvandermade/use-component-for-msteams Change dependency to component to show info again Closes DependencyTrack#2638 commit 22c2844 Author: syalioune <[email protected]> Date: Tue Apr 11 19:55:50 2023 +0200 Fix: Allowing VEX import to audit all vulnerability sources Taking into account code review comments Signed-off-by: syalioune <[email protected]> commit 4db8420 Author: syalioune <[email protected]> Date: Wed Mar 8 11:14:27 2023 +0100 Fix: Allowing VEX import to audit all vulnerability sources Taking into account Steve insights Signed-off-by: syalioune <[email protected]> commit 8820f9b Author: syalioune <[email protected]> Date: Thu Mar 2 11:14:30 2023 +0100 Fix: Allowing VEX import to audit all vulnerability sources See DependencyTrack#2538 for details Signed-off-by: syalioune <[email protected]> commit 2962fc7 Author: mvandermade <[email protected]> Date: Tue Apr 11 15:35:27 2023 +0200 Change dependency to component to show info again For MSTeams plugin Signed-off-by: mvandermade <[email protected]> commit 695b6f2 Merge: 7fbc063 9c4c339 Author: Niklas <[email protected]> Date: Tue Apr 11 12:34:18 2023 +0200 Merge pull request DependencyTrack#2545 from Hunroll/master Allow specifying parent project for autocreated projects (bom upload) commit 7fbc063 Merge: 169acce 4877351 Author: Niklas <[email protected]> Date: Tue Apr 11 08:21:58 2023 +0200 Merge pull request DependencyTrack#2661 from nscuro/bom-processing-failed-test commit 169acce Merge: 8f7fb01 d29e082 Author: Niklas <[email protected]> Date: Tue Apr 11 08:21:27 2023 +0200 Merge pull request DependencyTrack#2662 from nscuro/bump-temurin commit d29e082 Author: nscuro <[email protected]> Date: Mon Apr 10 21:54:16 2023 +0200 Bump temurin base image to 17.0.6_10 Signed-off-by: nscuro <[email protected]> commit 4877351 Author: nscuro <[email protected]> Date: Mon Apr 10 21:04:23 2023 +0200 Add test to verify that the `BOM_PROCESSING_FAILED` notification is triggered as expected Signed-off-by: nscuro <[email protected]> commit 8f7fb01 Merge: a2df9ca 15d0958 Author: Niklas <[email protected]> Date: Mon Apr 10 12:42:28 2023 +0200 Merge pull request DependencyTrack#2646 from DependencyTrack/dependabot/maven/org.cyclonedx-cyclonedx-core-java-7.3.2 Bump cyclonedx-core-java from 7.3.0 to 7.3.2 commit a2df9ca Merge: 92cb66e d94d7f9 Author: Niklas <[email protected]> Date: Mon Apr 10 12:42:11 2023 +0200 Merge pull request DependencyTrack#2645 from DependencyTrack/dependabot/maven/org.mock-server-mockserver-netty-5.15.0 Bump mockserver-netty from 5.14.0 to 5.15.0 commit 92cb66e Merge: f14b08d cff912a Author: Niklas <[email protected]> Date: Mon Apr 10 12:41:57 2023 +0200 Merge pull request DependencyTrack#2644 from DependencyTrack/dependabot/maven/com.puppycrawl.tools-checkstyle-10.9.3 Bump checkstyle from 10.6.0 to 10.9.3 commit f14b08d Merge: d29ab68 19bcaaf Author: Niklas <[email protected]> Date: Mon Apr 10 12:41:43 2023 +0200 Merge pull request DependencyTrack#2643 from DependencyTrack/dependabot/maven/lib.resilience4j.version-2.0.2 Bump lib.resilience4j.version from 2.0.1 to 2.0.2 commit 15d0958 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Apr 7 09:16:53 2023 +0000 Bump cyclonedx-core-java from 7.3.0 to 7.3.2 Bumps [cyclonedx-core-java](https://github.com/CycloneDX/cyclonedx-core-java) from 7.3.0 to 7.3.2. - [Release notes](https://github.com/CycloneDX/cyclonedx-core-java/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-core-java/blob/master/CHANGELOG.md) - [Commits](CycloneDX/cyclonedx-core-java@cyclonedx-core-java-7.3.0...cyclonedx-core-java-7.3.2) --- updated-dependencies: - dependency-name: org.cyclonedx:cyclonedx-core-java dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit d94d7f9 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Apr 7 09:16:20 2023 +0000 Bump mockserver-netty from 5.14.0 to 5.15.0 Bumps [mockserver-netty](https://github.com/jamesdbloom/mockservice) from 5.14.0 to 5.15.0. - [Release notes](https://github.com/jamesdbloom/mockservice/releases) - [Changelog](https://github.com/mock-server/mockserver/blob/master/changelog.md) - [Commits](mock-server/mockserver@mockserver-5.14.0...mockserver-5.15.0) --- updated-dependencies: - dependency-name: org.mock-server:mockserver-netty dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit cff912a Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Apr 7 09:08:24 2023 +0000 Bump checkstyle from 10.6.0 to 10.9.3 Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 10.6.0 to 10.9.3. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.6.0...checkstyle-10.9.3) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 19bcaaf Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Apr 7 09:02:29 2023 +0000 Bump lib.resilience4j.version from 2.0.1 to 2.0.2 Bumps `lib.resilience4j.version` from 2.0.1 to 2.0.2. Updates `resilience4j-retry` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/resilience4j/resilience4j/releases) - [Changelog](https://github.com/resilience4j/resilience4j/blob/master/RELEASENOTES.adoc) - [Commits](resilience4j/resilience4j@v2.0.1...v2.0.2) Updates `resilience4j-ratelimiter` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/resilience4j/resilience4j/releases) - [Changelog](https://github.com/resilience4j/resilience4j/blob/master/RELEASENOTES.adoc) - [Commits](resilience4j/resilience4j@v2.0.1...v2.0.2) Updates `resilience4j-micrometer` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/resilience4j/resilience4j/releases) - [Changelog](https://github.com/resilience4j/resilience4j/blob/master/RELEASENOTES.adoc) - [Commits](resilience4j/resilience4j@v2.0.1...v2.0.2) --- updated-dependencies: - dependency-name: io.github.resilience4j:resilience4j-retry dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.github.resilience4j:resilience4j-ratelimiter dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.github.resilience4j:resilience4j-micrometer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit d29ab68 Merge: 43be7bb e867283 Author: Niklas <[email protected]> Date: Tue Apr 4 18:28:30 2023 +0200 Merge pull request DependencyTrack#2633 from nscuro/health-check Add health endpoint commit 43be7bb Merge: 8c825bd ea693f9 Author: Niklas <[email protected]> Date: Tue Apr 4 18:28:08 2023 +0200 Merge pull request DependencyTrack#2635 from DependencyTrack/dependabot/github_actions/actions/setup-java-3.11.0 Bump actions/setup-java from 3.10.0 to 3.11.0 commit ea693f9 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Apr 3 08:58:34 2023 +0000 Bump actions/setup-java from 3.10.0 to 3.11.0 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.10.0 to 3.11.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v3.10.0...v3.11.0) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 8c825bd Merge: 83c8e89 d78826b Author: Niklas <[email protected]> Date: Sat Apr 1 23:19:33 2023 +0200 Merge pull request DependencyTrack#2631 from ch8matt/master fix project URL in mail & cisco webex commit e867283 Author: nscuro <[email protected]> Date: Sat Apr 1 16:21:19 2023 +0200 Add health check documentation Signed-off-by: nscuro <[email protected]> commit 9c9cb4c Author: nscuro <[email protected]> Date: Fri Mar 31 21:18:33 2023 +0200 Add health endpoint Also reduce default health check interval in Dockerfile from 5m to 30s Signed-off-by: nscuro <[email protected]> commit d78826b Author: ch8matt <[email protected]> Date: Tue Mar 28 18:10:53 2023 +0200 fix project URL in mail & cisco webex Signed-off-by: ch8matt <[email protected]> commit 83c8e89 Merge: 6c752b9 cc888ba Author: Niklas <[email protected]> Date: Mon Mar 27 19:56:19 2023 +0200 Merge pull request DependencyTrack#2618 from DependencyTrack/dependabot/maven/org.apache.commons-commons-compress-1.23.0 Bump commons-compress from 1.22 to 1.23.0 commit 6c752b9 Merge: 485abde 3136353 Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:44 2023 +0200 Merge pull request DependencyTrack#2620 from DependencyTrack/dependabot/maven/net.javacrumbs.json-unit-json-unit-assertj-2.37.0 Bump json-unit-assertj from 2.36.1 to 2.37.0 commit 485abde Merge: 6dc7244 298497b Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:28 2023 +0200 Merge pull request DependencyTrack#2624 from DependencyTrack/dependabot/github_actions/actions/checkout-3.5.0 Bump actions/checkout from 3.4.0 to 3.5.0 commit 6dc7244 Merge: 61c6538 c092419 Author: Niklas <[email protected]> Date: Mon Mar 27 19:54:11 2023 +0200 Merge pull request DependencyTrack#2625 from DependencyTrack/dependabot/docker/src/main/docker/debian-bullseye-20230320-slim Bump debian from bullseye-20230227-slim to bullseye-20230320-slim in /src/main/docker commit 61c6538 Merge: 09d3492 09ee0b0 Author: Niklas <[email protected]> Date: Mon Mar 27 19:53:57 2023 +0200 Merge pull request DependencyTrack#2626 from Citi/map-published-date-snyk-parsing Map Snyk publication time commit 9c4c339 Author: Anton Soroka <[email protected]> Date: Mon Mar 27 19:59:36 2023 +0300 Codestyle correction Signed-off-by: Anton Soroka <[email protected]> commit de5ca28 Merge: e1990e3 09d3492 Author: Anton Soroka <[email protected]> Date: Mon Mar 27 19:42:07 2023 +0300 Merge remote-tracking branch 'origin/master' Signed-off-by: Anton Soroka <[email protected]> commit e1990e3 Author: Anton Soroka <[email protected]> Date: Mon Mar 27 18:56:06 2023 +0300 Fixed tests Also extended PUT method uploadBom with parent. Signed-off-by: Anton Soroka <[email protected]> commit 09ee0b0 Author: sahibamittal <[email protected]> Date: Mon Mar 27 13:21:57 2023 +0100 map Snyk publication time Signed-off-by: sahibamittal <[email protected]> commit c092419 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 27 08:59:06 2023 +0000 Bump debian in /src/main/docker Bumps debian from bullseye-20230227-slim to bullseye-20230320-slim. --- updated-dependencies: - dependency-name: debian dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> commit 298497b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 27 08:58:32 2023 +0000 Bump actions/checkout from 3.4.0 to 3.5.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3.4.0...v3.5.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 3136353 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Mar 24 08:57:10 2023 +0000 Bump json-unit-assertj from 2.36.1 to 2.37.0 Bumps [json-unit-assertj](https://github.com/lukas-krecan/JsonUnit) from 2.36.1 to 2.37.0. - [Release notes](https://github.com/lukas-krecan/JsonUnit/releases) - [Commits](lukas-krecan/JsonUnit@json-unit-parent-2.36.1...json-unit-parent-2.37.0) --- updated-dependencies: - dependency-name: net.javacrumbs.json-unit:json-unit-assertj dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 09d3492 Merge: 8a4b59a 946ff0f Author: Niklas <[email protected]> Date: Thu Mar 23 10:56:28 2023 +0100 Merge pull request DependencyTrack#2617 from nscuro/issue-2494 Prevent dependency graph deletion during CycloneDX export commit cc888ba Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Mar 23 08:58:52 2023 +0000 Bump commons-compress from 1.22 to 1.23.0 Bumps commons-compress from 1.22 to 1.23.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 8a4b59a Merge: 7a6de03 0e82216 Author: Niklas <[email protected]> Date: Wed Mar 22 20:15:42 2023 +0100 Merge pull request DependencyTrack#2610 from Mvld3r/issue-2313-move-jira-configuration Fix: Move jira configuration commit 7a6de03 Merge: 2295e35 ef4f026 Author: Niklas <[email protected]> Date: Wed Mar 22 20:13:20 2023 +0100 Merge pull request DependencyTrack#2608 from DependencyTrack/dependabot/github_actions/actions/checkout-3.4.0 Bump actions/checkout from 3.3.0 to 3.4.0 commit 2295e35 Merge: 0f14594 9118e2d Author: Niklas <[email protected]> Date: Wed Mar 22 20:13:08 2023 +0100 Merge pull request DependencyTrack#2607 from DependencyTrack/dependabot/maven/org.slf4j-log4j-over-slf4j-2.0.7 Bump log4j-over-slf4j from 2.0.6 to 2.0.7 commit 0f14594 Merge: 7a789d5 615141c Author: Niklas <[email protected]> Date: Wed Mar 22 20:12:46 2023 +0100 Merge pull request DependencyTrack#2606 from DependencyTrack/dependabot/maven/org.apache.maven-maven-artifact-3.9.1 Bump maven-artifact from 3.9.0 to 3.9.1 commit 7a789d5 Author: rbt-mm <[email protected]> Date: Wed Mar 22 20:11:36 2023 +0100 Add `BOM_PROCESSING_FAILED` notification (DependencyTrack#2600) * Add BOM_PROCESSING_FAILED notification A new notification is sent if the notification rule includes the notification group BOM_PROCESSING_FAILED and if an error happens during the upload of a BOM. Signed-off-by: RBickert <[email protected]> * Add project url and exception to new notification Signed-off-by: RBickert <[email protected]> * Add BOM format and specVersion Detach `bomProcessingFailedProject` Rename `exception` to `cause` Signed-off-by: RBickert <[email protected]> --------- Signed-off-by: RBickert <[email protected]> commit 7fd47cd Merge: 5c7200c 2226f41 Author: Niklas <[email protected]> Date: Wed Mar 22 20:07:58 2023 +0100 Merge pull request DependencyTrack#2561 from nscuro/db-inspect-dev-docs Add developer docs for database inspection commit 2226f41 Author: nscuro <[email protected]> Date: Wed Mar 22 19:38:47 2023 +0100 Update docs with h2 console instructions Signed-off-by: nscuro <[email protected]> commit 946ff0f Author: nscuro <[email protected]> Date: Wed Mar 22 18:57:11 2023 +0100 Prevent dependency graph deletion during CycloneDX export Fixes DependencyTrack#2494 Fixes DependencyTrack#2546 Signed-off-by: nscuro <[email protected]> commit 0e82216 Author: Enora Germond <[email protected]> Date: Thu Mar 16 14:06:30 2023 +0100 Fix: Move jira configuration Signed-off-by: Enora Germond <[email protected]> commit ef4f026 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 09:00:38 2023 +0000 Bump actions/checkout from 3.3.0 to 3.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3.3.0...v3.4.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit 9118e2d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 08:57:39 2023 +0000 Bump log4j-over-slf4j from 2.0.6 to 2.0.7 Bumps [log4j-over-slf4j](https://github.com/qos-ch/slf4j) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/qos-ch/slf4j/releases) - [Commits](https://github.com/qos-ch/slf4j/commits) --- updated-dependencies: - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 615141c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 20 08:57:27 2023 +0000 Bump maven-artifact from 3.9.0 to 3.9.1 Bumps [maven-artifact](https://github.com/apache/maven) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/apache/maven/releases) - [Commits](apache/maven@maven-3.9.0...maven-3.9.1) --- updated-dependencies: - dependency-name: org.apache.maven:maven-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 5c7200c Merge: f7ad3b1 fabed3e Author: Niklas <[email protected]> Date: Sun Mar 19 22:03:17 2023 +0100 Merge pull request DependencyTrack#2592 from syalioune/feature/enabling-h2-web-console-usage Feature: Allow H2 web console usage for dev purposes commit fabed3e Author: syalioune <[email protected]> Date: Sun Mar 19 16:16:16 2023 +0100 Feature: Allow H2 web console usage for dev purposes Taking into account review comments : conditional activation based on a maven profile Signed-off-by: syalioune <[email protected]> commit 0a0dd40 Author: Anton Soroka <[email protected]> Date: Fri Mar 17 20:03:37 2023 +0200 Added a test for bom upload with autocreation of project as a child. Signed-off-by: Anton Soroka <[email protected]> commit 0a461b6 Author: Anton Soroka <[email protected]> Date: Fri Mar 17 17:39:08 2023 +0200 Added access control check for parent project Signed-off-by: Anton Soroka <[email protected]> commit f7ad3b1 Merge: 56e41f0 54e30e0 Author: Niklas <[email protected]> Date: Thu Mar 16 21:35:49 2023 +0100 Merge pull request DependencyTrack#2593 from walterdeboer/feature/639 Support for CPAN repository commit 56e41f0 Merge: e94cf55 467c81d Author: Niklas <[email protected]> Date: Thu Mar 16 21:34:31 2023 +0100 Merge pull request DependencyTrack#2597 from DependencyTrack/dependabot/github_actions/docker/setup-buildx-action-2.5.0 Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 commit e94cf55 Merge: 3f5bbcd 0971956 Author: Niklas <[email protected]> Date: Thu Mar 16 21:34:08 2023 +0100 Merge pull request DependencyTrack#2598 from DependencyTrack/dependabot/github_actions/aquasecurity/trivy-action-0.9.2 Bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 commit 3f5bbcd Merge: 3a5989a 61c9369 Author: Niklas <[email protected]> Date: Thu Mar 16 21:33:53 2023 +0100 Merge pull request DependencyTrack#2603 from Mvld3r/issue-2488-component-author-length Fix: Allow component author to be larger than 255 characters commit 61c9369 Author: Enora Germond <[email protected]> Date: Tue Mar 14 18:24:30 2023 +0100 Fix: Allow component author to be larger than 255 characters Signed-off-by: Enora Germond <[email protected]> commit 54e30e0 Author: Walter de Boer <[email protected]> Date: Mon Mar 13 08:33:29 2023 +0100 Removed invallid cpan support from SnykAnalysisTask Signed-off-by: Walter de Boer <[email protected]> commit 0971956 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 13 08:59:02 2023 +0000 Bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.9.1 to 0.9.2. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.9.1...0.9.2) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> commit 467c81d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 13 08:58:57 2023 +0000 Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.4.1...v2.5.0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> commit d324a67 Author: Walter de Boer <[email protected]> Date: Sun Mar 12 00:34:31 2023 +0100 Support for CPAN repository Signed-off-by: Walter de Boer <[email protected]> commit 3a5989a Merge: e47c1d2 3a71894 Author: Niklas <[email protected]> Date: Sat Mar 11 21:11:58 2023 +0100 Merge pull request DependencyTrack#2563 from syalioune/feature/2456-handle-analyzer-errors-gracefully Feature: Handle repository meta analyzers errors gracefully commit e47c1d2 Merge: 48adb8b ca74c26 Author: Niklas <[email protected]> Date: Sat Mar 11 21:07:47 2023 +0100 Merge pull request DependencyTrack#2584 from nscuro/issue-2583 Fix invalid query filter assembly commit 48adb8b Merge: c486415 d3cc980 Author: Niklas <[email protected]> Date: Sat Mar 11 21:07:24 2023 +0100 Merge pull request DependencyTrack#2585 from Citi/Issue-2571-map-snyk-remedies Issue-2571 : map Snyk remedies to recommendation Closes DependencyTrack#2571 commit c486415 Merge: 97121d4 16cf3d6 Author: Niklas <[email protected]> Date: Sat Mar 11 21:06:49 2023 +0100 Merge pull request DependencyTrack#2586 from Citi/feature/fixPolicyEngineIssue Minor bugfix for PolicyEngine commit 97121d4 Merge: 9a5645a 37fb7c3 Author: Niklas <[email protected]> Date: Sat Mar 11 21:06:00 2023 +0100 Merge pull request DependencyTrack#2594 from walterdeboer/issues/2587 Match null values commit 37fb7c3 Author: Walter de Boer <[email protected]> Date: Sat Mar 11 16:24:41 2023 +0100 Match null tags Signed-off-by: Walter de Boer <[email protected]> commit 91fa7e5 Author: Walter de Boer <[email protected]> Date: Sat Mar 11 16:10:08 2023 +0100 Match null values Signed-off-by: Walter de Boer <[email protected]> commit d36df15 Author: syalioune <[email protected]> Date: Fri Mar 10 22:05:42 2023 +0100 Feature: Allow H2 web console usage for dev purposes Toggle H2 web servlet exposure and alpine web filters related configuration for dev environment Signed-off-by: syalioune <[email protected]> commit 16cf3d6 Author: mehab <[email protected]> Date: Thu Mar 9 15:06:41 2023 +0000 addressing review comments Signed-off-by: mehab <[email protected]> commit d3cc980 Author: sahibamittal <[email protected]> Date: Thu Mar 9 12:11:01 2023 +0000 map Snyk remedies to recommendation Signed-off-by: sahibamittal <[email protected]> commit 1adb397 Author: mehab <[email protected]> Date: Thu Mar 9 11:28:54 2023 +0000 added bugfix for isPolicyAssignedToProjectTag to scan through all project tags Signed-off-by: mehab <[email protected]> commit ca74c26 Author: nscuro <[email protected]> Date: Thu Mar 9 11:46:41 2023 +0100 Fix invalid query filter assembly Fixes DependencyTrack#2583 Signed-off-by: nscuro <[email protected]> commit 9a5645a Merge: 3d208f6 066ec81 Author: Niklas <[email protected]> Date: Wed Mar 8 17:27:13 2023 +0000 Merge pull request DependencyTrack#2564 from DependencyTrack/dependabot/docker/src/main/docker/debian-bullseye-20230227-slim Bump debian from bullseye-20230208-slim to bullseye-20230227-slim in /src/main/docker commit 3d208f6 Author: Sahiba Mittal <[email protected]> Date: Wed Mar 8 13:12:26 2023 +0000 Add support for vulnerability ID policy condition (DependencyTrack#2570) * add vulnerability id in policy condition Signed-off-by: sahibamittal <[email protected]> * fix test Signed-off-by: sahibamittal <[email protected]> * update violation type Signed-off-by: sahibamittal <[email protected]> --------- Signed-off-by: sahibamittal <[email protected]> Closes DependencyTrack#2557 commit 416f824 Merge: f35b129 e49d539 Author: Niklas <[email protected]> Date: Wed Mar 8 13:10:46 2023 +0000 Merge pull request DependencyTrack#2576 from syalioune/fix/issue-2420-empty-mail-content Fix: Null subject on project audit change notification mails Closes DependencyTrack#2420 commit 3a71894 Author: syalioune <[email protected]> Date: Wed Mar 8 10:28:07 2023 +0100 Feature: Handle repository meta analyzers errors gracefully Taking review comments into account : logic inversion. Retryable exceptions should be explicitly declared. Signed-off-by: syalioune <[email protected]> commit e49d539 Author: syalioune <[email protected]> Date: Wed Mar 8 09:51:07 2023 +0100 Fix: Null subject on project audit change notification mails See DependencyTrack#2420 for details Signed-off-by: syalioune <[email protected]> commit f35b129 Merge: 64e0f99 8e72253 Author: Niklas <[email protected]> Date: Tue Mar 7 15:54:39 2023 +0000 Merge pull request DependencyTrack#2532 from lme-nca/bugfix/issue_2424_add_do_not_reactivate_flag add DefectDojo "do not reactivate" flag, fixes issue 2424 Closes DependencyTrack#2424 commit 066ec81 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Mar 6 09:00:00 2023 +0000 Bump debian in /src/main/docker Bumps debian from bullseye-20230208-slim to bullseye-20230227-slim. --- updated-dependencies: - dependency-name: debian dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> commit baf9b37 Author: syalioune <[email protected]> Date: Sun Mar 5 12:53:08 2023 +0100 Feature: Handle repository meta analyzers errors gracefully See DependencyTrack#2456. Allowing CacheStampedeBlocker to not retry on specific exceptions and applying that on repometa analyzer. Signed-off-by: syalioune <[email protected]> commit 52b2f01 Author: nscuro <[email protected]> Date: Sat Mar 4 20:57:17 2023 +0100 Add developer docs for database inspection Signed-off-by: nscuro <[email protected]> commit 8e72253 Author: Lars Meijers <[email protected]> Date: Fri Mar 3 16:39:59 2023 +0100 do not reactivate flag documentation Signed-off-by: Lars Meijers <[email protected]> commit 3c35c85 Author: Anton <[email protected]> Date: Wed Mar 1 18:23:07 2023 +0200 Extend POST /api/v1/bom (uploadBom) to select ParentProject for autocreated projects. Added 3 params: parentName, parentVersion, parentUUID. If parentUUID is specified, it is used to find parent project and attach it to newly created one. If not, parentName and parentVersion are used. If parentUUID or parentName were specified but such project does not exist, 404 is returned. Signed-off-by: Anton Soroka <[email protected]> commit b0662c3 Author: Anton <[email protected]> Date: Wed Mar 1 18:52:22 2023 +0200 Updated documentation for POST /v1/bom Added a sample of autocreating project as a child to some other project/version Signed-off-by: Anton Soroka <[email protected]> commit c480335 Author: Lars Meijers <[email protected]> Date: Mon Feb 27 11:46:56 2023 +0100 add do not reactivate flag Signed-off-by: Lars Meijers <[email protected]>
nscuro
added a commit
to DependencyTrack/hyades-apiserver
that referenced
this pull request
Apr 13, 2023
Signed-off-by: nscuro <[email protected]>
1 task
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR utilizes stevespringett/Alpine#480 to provide a meaningful health endpoint.
It currently only uses a readiness check for database connections, but may / should be extended in the future with more checks.
Addressed Issue
Closes #1001
Additional Details
The default health check interval in
Dockerfile
has been reduced from 5min to 30sec. 5min is way too long to identify unhealthy services.Checklist
This PR fixes a defect, and I have provided tests to verify that the fix is effectiveThis PR implements an enhancement, and I have provided tests to verify that it works as intendedThis PR introduces changes to the database model, and I have added corresponding update logic