aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-db-dao
Commit message (Collapse)AuthorAgeFilesLines
* SCA-297 remove dup sca_releases and add constraintHEADmasterHavoc Pennington38 hours1-0/+1
|
* SCA-300 Add change_comment columnTravis Collins4 days1-2/+2
|
* SCA-242 track encountered license policy idsHavoc Pennington5 days1-0/+9
|
* SCA-248 add unique constraint on sca_license_profiles.nameMatt Pace5 days1-0/+1
|
* SCA-243 license category/customization tablesHavoc Pennington5 days1-0/+21
|
* SCA-241 Add schema for sca_lic_prof_projectsMatt Pace5 days1-0/+10
|
* SCA-241 Add schema and dto for sca_license_profilesMatt Pace5 days1-0/+9
|
* SCA-224 Start Recording Changes for Dependency RisksMike Young11 days1-0/+12
|
* SCA-229 Add SCA AssigneeTravis Collins13 days1-1/+2
|
* SCA-206 Rename new_in_pull_request -> is_newJohn Bintz2025-04-112-5/+6
| | | Co-authored-by: Havoc Pennington <havoc.pennington@sonarsource.com>
* SCA-223 Add Status Column to SCA Issues Releases TableMike Young2025-04-082-3/+4
|
* SQRP-346 add known_package to sca_releases tableMatt Pace2025-04-032-1/+3
|
* SONAR-24712 Computation of portfolios with more than 1000 projects fails on ↵Duarte Meneses2025-03-271-1/+1
| | | | Oracle and MSSQL
* SONAR-24667 Stop relying on UserRole from the plugin APIJulien HENRY2025-03-2727-256/+489
|
* SONAR-24520 Replace usages of Plugin API RuleType with internal Enumantoine.vinot2025-03-2719-29/+29
|
* SONAR-24546 squashed migrations from 10.0 to 10.8Lukasz Jarocki2025-03-261-2/+2
| | | | Co-Authored-By: Matteo Mara <matteo.mara@sonarsource.com>
* SCA-182: core-extension-sca: move all sca db classes to sca-applicationHavoc Pennington2025-03-2670-6342/+45
|
* SONAR-24671 create unique index for architecture graph table.Steve Marion2025-03-211-0/+1
|
* SONAR-24623 Remove the support of ProfileExporter and ProfileImporterJulien HENRY2025-03-181-3/+2
|
* SONAR-24602 Add Telemetry for architecture visualization usage.Steve Marion2025-03-184-10/+47
|
* SQRP-333 Sort issues for a single release by descending severityHavoc Pennington2025-03-182-62/+91
|
* SONAR-24641 Fix Next issues with ScaDependenciesDaoIT (#13199)Travis Collins2025-03-171-4/+0
|
* SQRP-314 - Fix migration for declared_license_expression with existing data ↵Madeline Cowie2025-03-171-1/+1
| | | | (#13203)
* SQRP-314 SPDX SBOMs provide a licenseDeclared if we have one from upstream ↵Madeline Cowie2025-03-178-2/+25
| | | | (#13168)
* SCA-137 de-duplicate release ids in searching for issues-releases (#13196)Havoc Pennington2025-03-171-10/+19
|
* SONAR-24514 add architecture core-extension and Dao.Steve Marion2025-03-171-0/+4
|
* SONAR-24514 add architecture_graphs table.Steve Marion2025-03-171-0/+9
|
* SCA-131 store sca_dependencies.production_scope and add to endpoints (#13191)Havoc Pennington2025-03-1717-51/+275
|
* SCA-134 reduce cut-and-paste of field list for Release and Issue (#13190)Havoc Pennington2025-03-1719-301/+604
|
* SCA-124 add a filter for "direct" on sca/issues-releases endpoint (#13184)Havoc Pennington2025-03-174-4/+52
|
* SCA-125 Perf: releases endpoint (#13178)Travis Collins2025-03-178-56/+37
|
* SCA-107 Add new IssueResource to ReleaseResource payload.Tieg Zaharia2025-03-133-0/+20
| | | Co-authored-by: Havoc Pennington <havoc.pennington@sonarsource.com>
* SCA-109 add version to IssueReleaseDetails and pass purl_in_use to ↵Havoc Pennington2025-03-125-37/+67
| | | | vulnerability details cloud API
* SCA-106 Return "createdAt" along with dependency risks.Tieg Zaharia2025-03-115-9/+32
| | | Co-authored-by: Havoc Pennington <havoc.pennington@sonarsource.com>
* SQRP-252 Purge SCA tables when a branch is deletedMadeline Cowie2025-03-115-0/+75
|
* SONAR-24413 Create GET /feature-enablement endpointSerhat Yenican2025-03-103-0/+15
|
* SQRP-268 Adds endpoint to fetch a dependency risk, including vuln details.Tieg Zaharia2025-03-106-6/+56
| | | Co-authored-by: Havoc Pennington <hp@pobox.com>
* ScaDependencyDto: fix some Nullable annotationsHavoc Pennington2025-03-081-11/+9
|
* SONAR-24588 Search for releases with before and after instead of just the ↵Jeremy Katz2025-03-082-6/+6
| | | | beginning of the string
* SQRP-308 add the newInPullRequest filter to releases and risks endpointsHavoc Pennington2025-03-0812-43/+94
| | | | Also, default it to true on pull requests.
* SQRP-308 add a new_in_pull_request column to sca_releases and sca_dependenciesHavoc Pennington2025-03-0811-14/+58
|
* SCA-97 make ScaDependenciesDbTester.newScaDependencyDto staticHavoc Pennington2025-03-071-13/+13
|
* SCA-97 pull the identity concept out of PersistScalStepImpl and into DTOs ↵Havoc Pennington2025-03-076-1/+187
| | | | | | | themselves This allows it to be more consistent/documented and reusable (and helps us remember to update it when needed).
* SQRP-275 Add counts of releases by package manager in releases endpointJeremy Katz2025-03-065-0/+56
| | | This will enable the frontend to know what package managers are in use by a project to show the correct things in the left filter bar
* SQRP-299 Add query with filter/sort to ScaIssuesReleasesDetailsDaoHavoc Pennington2025-03-049-16/+957
|
* SQRP-249 add ScaIssueReleaseDetailsDto and mapperHavoc Pennington2025-03-0410-0/+367
| | | | | | | | | | | | | | | | This is used to query SCA issues for a single analysis with all the necessary tables joined to it to get the full issue context. SQRP-301 rename DbTester.getIssuesWithScaDbTester to getScaIssuesReleasesDetailsDbTester SQRP-301 rename DbClient.issuesWithScaDao to scaIssuesReleasesDao SQRP-301 add better doc comment to ScaIssueReleaseDetailsDto on meaning of identity fields in sca_issues_releases dbtester, fix to work after separating new/insert SQRP-296 port ScaIssueReleaseDetails to query cve_ids not title
* SQRP-292 Add sca_issues_releasesTravis Collins2025-03-0412-2/+417
| | | | | | | | SQRP-293 add sca_issues_releases.severity column SQRP-292 Update sca_issues_releases Dao to support persisting SQRP-300 Add sca_issues_releases.severity_sort_key
* SQRP-246 Register a UUID for SCA issues in sca_issues tableHavoc Pennington2025-03-0427-10/+1480
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gives each issue a UUID that spans projects & analyses. SQRP-246 remove "get" from DbClient getter for sca issues DAO This wasn't following the naming convention. SQRP-287 add "IfApplicable" methods to ScaIssue These handle two things: * blank values become Optional.empty instead of junk * allows us to get all applicable values from a ScaIssue reference without type-casting. SQRP-287 add ScaIssuesDbTester Utility methods for ScaIssues testing SQRP-287 use a magic string value instead of empty string in ScaIssueDto Because Oracle considers empty string to be a synonym for null. SQRP-287 ScaIssuesDbTester vary the license saved in test issues SQRP-247 add more unit tests for ScaIssueDto SQRP-287 rename ScaIssue.titleIfApplicable => vulnerabilityTitleIfApplicable SQRP-246 make assertColumnDefinition work with DECIMAL on H2 SQRP-293 add base_severity to sca_vulnerability_issues This is the severity prior to any project-specific factors such as reachability. SQRP-293 increase ScaIssue test coverage SQRP-246 Add ScaIssueDto.Builder SQRP-246 Use a short placeholder CVE title, not giant description SQRP-246 Add toString to ScaIssue subtypes in sca_issues dbtester, separate new from insert SQRP-296 replace sca_vulnerability_issues.title with cwe_ids Replace title with cweIds in ScaIssue Remove ScaIssueFactory to be put back with IssuesReleases Replace title with cweids in the steps Change severity to INFO, LOW, MEDIUM, HIGH
* SONAR-24436 Only pass 2 params to CONCAT()Duarte Meneses2025-03-041-1/+1
| | | Co-authored-by: Cody Simms <cody.simms@sonarsource.com>
* SQRP-294 use ListOfListOfStringsTypeHandler only for a single mapper, not ↵Havoc Pennington2025-03-013-24/+33
| | | | globally