Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to deactivate old project versions on BOM upload #4533

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add option to deactivate old project versions on BOM upload #4533

wants to merge 1 commit into from

Conversation

crumohr
Copy link

@crumohr crumohr commented Jan 7, 2025

Description

Fixes #4532

Addressed Issue

Current Behavior

In a continuous delivery scenario every commit to a software project creates a new version (and therefore project) in Dependency-Track. Over time there will be hundreds of "active" versions, even though they are actually not "active".

New Behavior

The POST /v1/bom resource has another flag in addition to the already existing isLatest parameter: isActiveExclusively.

When both arguments are true all "old" versions are deactivated and do not clutter the UI anymore.

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@codacy-production Codacy Production
Copy link

codacy-production bot commented Jan 7, 2025
edited
Loading

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.02% (target: -1.00%) 95.83% (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (bcd2651) 23013 18284 79.45%
Head commit (dfa6e6f) 23036 (+23) 18308 (+24) 79.48% (+0.02%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#4533) 24 23 95.83%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more

@crumohr
Copy link
Author

crumohr commented Jan 7, 2025

While not pretty this MR makes this work without any refactoring of the existing code. I can provide a refactored version of @POST uploadBom() when needed.

nscuro
nscuro requested changes Jan 7, 2025
View reviewed changes
Copy link
Member

@nscuro nscuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please also extend the other uploadBom accordingly, so they're consistent functionality-wise.

src/main/java/org/dependencytrack/resources/v1/BomResource.java Outdated Show resolved Hide resolved
src/main/java/org/dependencytrack/resources/v1/BomResource.java Outdated Show resolved Hide resolved
src/main/java/org/dependencytrack/resources/v1/BomResource.java Outdated Show resolved Hide resolved
@crumohr crumohr force-pushed the feature/4532-post-bom-flag-active-exclusively branch from e59f655 to 4e90c94 Compare January 7, 2025 19:17
@crumohr crumohr force-pushed the feature/4532-post-bom-flag-active-exclusively branch from 4e90c94 to dfa6e6f Compare January 7, 2025 19:20
@crumohr
Copy link
Author

crumohr commented Jan 7, 2025

Please also extend the other uploadBom accordingly, so they're consistent functionality-wise.

Done.

@crumohr crumohr requested a review from nscuro January 7, 2025 20:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nscuro nscuro Awaiting requested review from nscuro

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add option to deactivate old project versions on BOM upload
2 participants
@crumohr @nscuro