| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | SCA-109 add version to IssueReleaseDetails and pass purl_in_use to ↵ | Havoc Pennington | 2025-03-12 | 5 | -37/+67 | |
| | | | | | vulnerability details cloud API | |||||
| * | SONAR-20263 Do not fail GET quality-gates on condition duplicates | Viktor Vorona | 2025-03-12 | 2 | -1/+10 | |
| | | ||||||
| * | SONAR-24413 Set default provider.key and modelKey properties | Serhat Yenican | 2025-03-12 | 3 | -1/+168 | |
| | | ||||||
| * | SCA-106 Return "createdAt" along with dependency risks. | Tieg Zaharia | 2025-03-11 | 5 | -9/+32 | |
| | | | | Co-authored-by: Havoc Pennington <havoc.pennington@sonarsource.com> | |||||
| * | SQRP-252 Purge SCA tables when a branch is deleted | Madeline Cowie | 2025-03-11 | 5 | -0/+75 | |
| | | ||||||
| * | SONAR-24594 Fix telemetry bug in the daemon | Alain Kermis | 2025-03-11 | 2 | -33/+26 | |
| | | ||||||
| * | SONAR-24413 check azure openai endpoint connection | Serhat Yenican | 2025-03-10 | 5 | -3/+73 | |
| | | ||||||
| * | SONAR-24413 Create GET /feature-enablement endpoint | Serhat Yenican | 2025-03-10 | 3 | -0/+15 | |
| | | ||||||
| * | SCA-105 move SCA endpoints into their own /sca domain and tweak path names | Havoc Pennington | 2025-03-10 | 1 | -0/+6 | |
| | | ||||||
| * | SQRP-268 Adds endpoint to fetch a dependency risk, including vuln details. | Tieg Zaharia | 2025-03-10 | 6 | -6/+56 | |
| | | | | Co-authored-by: Havoc Pennington <hp@pobox.com> | |||||
| * | SQRP-214 ComputationStep.Context telemetry methods add a prefix argument | Havoc Pennington | 2025-03-08 | 6 | -39/+101 | |
| | | | | | | This allows us to nudge using a telemetry prefix, while also leaving it off the statistics keys since it's just noisy when used on those. | |||||
| * | ScaDependencyDto: fix some Nullable annotations | Havoc Pennington | 2025-03-08 | 1 | -11/+9 | |
| | | ||||||
| * | SONAR-24588 Search for releases with before and after instead of just the ↵ | Jeremy Katz | 2025-03-08 | 2 | -6/+6 | |
| | | | | | beginning of the string | |||||
| * | SQRP-308 add the newInPullRequest filter to releases and risks endpoints | Havoc Pennington | 2025-03-08 | 12 | -43/+94 | |
| | | | | | Also, default it to true on pull requests. | |||||
| * | SQRP-308 add a new_in_pull_request column to sca_releases and sca_dependencies | Havoc Pennington | 2025-03-08 | 16 | -15/+273 | |
| | | ||||||
| * | SCA-97 make ScaDependenciesDbTester.newScaDependencyDto static | Havoc Pennington | 2025-03-07 | 1 | -13/+13 | |
| | | ||||||
| * | SCA-97 pull the identity concept out of PersistScalStepImpl and into DTOs ↵ | Havoc Pennington | 2025-03-07 | 6 | -1/+187 | |
| | | | | | | | | themselves This allows it to be more consistent/documented and reusable (and helps us remember to update it when needed). | |||||
| * | SONAR-24578 Fix flaky test | Travis Collins | 2025-03-07 | 1 | -1/+1 | |
| | | ||||||
| * | SQRP-275 Add counts of releases by package manager in releases endpoint | Jeremy Katz | 2025-03-06 | 5 | -0/+56 | |
| | | | | This will enable the frontend to know what package managers are in use by a project to show the correct things in the left filter bar | |||||
| * | SQRP-302 Add CE statistics mirroring the telemetry values | Travis Collins | 2025-03-05 | 6 | -14/+75 | |
| | | ||||||
| * | SQRP-299 Add query with filter/sort to ScaIssuesReleasesDetailsDao | Havoc Pennington | 2025-03-04 | 9 | -16/+957 | |
| | | ||||||
| * | SQRP-249 add ScaIssueReleaseDetailsDto and mapper | Havoc Pennington | 2025-03-04 | 10 | -0/+367 | |
| | | | | | | | | | | | | | | | | | This is used to query SCA issues for a single analysis with all the necessary tables joined to it to get the full issue context. SQRP-301 rename DbTester.getIssuesWithScaDbTester to getScaIssuesReleasesDetailsDbTester SQRP-301 rename DbClient.issuesWithScaDao to scaIssuesReleasesDao SQRP-301 add better doc comment to ScaIssueReleaseDetailsDto on meaning of identity fields in sca_issues_releases dbtester, fix to work after separating new/insert SQRP-296 port ScaIssueReleaseDetails to query cve_ids not title | |||||
| * | SQRP-292 Add sca_issues_releases | Travis Collins | 2025-03-04 | 23 | -3/+872 | |
| | | | | | | | | | SQRP-293 add sca_issues_releases.severity column SQRP-292 Update sca_issues_releases Dao to support persisting SQRP-300 Add sca_issues_releases.severity_sort_key | |||||
| * | SQRP-246 Register a UUID for SCA issues in sca_issues table | Havoc Pennington | 2025-03-04 | 37 | -11/+1860 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gives each issue a UUID that spans projects & analyses. SQRP-246 remove "get" from DbClient getter for sca issues DAO This wasn't following the naming convention. SQRP-287 add "IfApplicable" methods to ScaIssue These handle two things: * blank values become Optional.empty instead of junk * allows us to get all applicable values from a ScaIssue reference without type-casting. SQRP-287 add ScaIssuesDbTester Utility methods for ScaIssues testing SQRP-287 use a magic string value instead of empty string in ScaIssueDto Because Oracle considers empty string to be a synonym for null. SQRP-287 ScaIssuesDbTester vary the license saved in test issues SQRP-247 add more unit tests for ScaIssueDto SQRP-287 rename ScaIssue.titleIfApplicable => vulnerabilityTitleIfApplicable SQRP-246 make assertColumnDefinition work with DECIMAL on H2 SQRP-293 add base_severity to sca_vulnerability_issues This is the severity prior to any project-specific factors such as reachability. SQRP-293 increase ScaIssue test coverage SQRP-246 Add ScaIssueDto.Builder SQRP-246 Use a short placeholder CVE title, not giant description SQRP-246 Add toString to ScaIssue subtypes in sca_issues dbtester, separate new from insert SQRP-296 replace sca_vulnerability_issues.title with cwe_ids Replace title with cweIds in ScaIssue Remove ScaIssueFactory to be put back with IssuesReleases Replace title with cweids in the steps Change severity to INFO, LOW, MEDIUM, HIGH | |||||
| * | SGB-298 Fix IT on PostgreSQL | Eric Giffon | 2025-03-04 | 1 | -1/+1 | |
| | | ||||||
| * | SONAR-24522 Add analysis warning when persisting large measures | Eric Giffon | 2025-03-04 | 2 | -8/+101 | |
| | | ||||||
| * | SONAR-24436 Only pass 2 params to CONCAT() | Duarte Meneses | 2025-03-04 | 1 | -1/+1 | |
| | | | | Co-authored-by: Cody Simms <cody.simms@sonarsource.com> | |||||
| * | SQRP-187 Add SCA steps telemetry | Javier García Orduña | 2025-03-03 | 25 | -69/+525 | |
| | | ||||||
| * | SQRP-294 use ListOfListOfStringsTypeHandler only for a single mapper, not ↵ | Havoc Pennington | 2025-03-01 | 3 | -24/+33 | |
| | | | | | globally | |||||
| * | SONAR-24489 Move Core extension loading to happen before start of level ↵ | Steve Marion | 2025-02-28 | 5 | -72/+64 | |
| | | | | | containers on web and CE. | |||||
| * | SONAR-24489 Improve platform tests to showcase misloading of core extension ↵ | Steve Marion | 2025-02-28 | 6 | -44/+140 | |
| | | | | | on level 1. | |||||
| * | SONAR-24210 Lower the size limit and exclude duplications_data | Eric Giffon | 2025-02-28 | 2 | -4/+8 | |
| | | ||||||
| * | SONAR-23184 Fix deactivated rules in a Quality Profile are activated after ↵ | Zipeng WU | 2025-02-28 | 5 | -9/+144 | |
| | | | | | an upgrade | |||||
| * | SQRP-279 Don't say SCA analysis | Bill Nottingham | 2025-02-28 | 1 | -1/+1 | |
| | | ||||||
| * | SONAR-24358 Make measures migration reentrant | Aleksandra Bozhinoska | 2025-02-28 | 3 | -2/+113 | |
| | | ||||||
| * | SONAR-24350 Decrypt encrypted properties from SMTP configuration | Pawel Kupinski | 2025-02-28 | 3 | -2/+103 | |
| | | ||||||
| * | SCA-57 Simplify ScaStep IOC | Travis Collins | 2025-02-28 | 12 | -396/+105 | |
| | | ||||||
| * | SCA-56 Run "reformat code" on SCA files | Havoc Pennington | 2025-02-28 | 13 | -105/+102 | |
| | | ||||||
| * | SQRP-191 Ingest and persist the new "chains" field on each dependency | Tieg Zaharia | 2025-02-28 | 11 | -21/+123 | |
| | | | | Co-authored-by: Travis Collins <travistx@gmail.com> | |||||
| * | SQRP-156 A frontend-used API is created that returns a CycloneDX SBOM for a ↵ | John Bintz | 2025-02-28 | 2 | -9/+10 | |
| | | | | | | project Co-authored-by: Antoine Vinot <antoine.vinot@sonarsource.com> | |||||
| * | SONAR-23456 Add IPv6 support to health check endpoint | Alain Kermis | 2025-02-28 | 3 | -3/+20 | |
| | | ||||||
| * | SONAR-23456 allowing users to set IPv6 address in square brackets for ↵ | Lukasz Jarocki | 2025-02-28 | 2 | -4/+29 | |
| | | | | | property 'sonar.cluster.node.host' | |||||
| * | SONAR-23456 enabled support for IPv6 in hazelcast | lukasz-jarocki-sonarsource | 2025-02-28 | 1 | -0/+2 | |
| | | ||||||
| * | SONAR-23454 Add telemetry data about usage of IPv6 | Matteo Mara | 2025-02-28 | 6 | -18/+223 | |
| | | ||||||
| * | SONAR-23456 ElasticSearch changes | lukasz-jarocki-sonarsource | 2025-02-28 | 2 | -0/+8 | |
| | | ||||||
| * | SONAR-23456 fix sonar.cluster.hosts not supporting default port on ipv6 ↵ | Steve Marion | 2025-02-28 | 4 | -96/+183 | |
| | | | | | addresses | |||||
| * | SQRP-242 Add releases endpoints | Travis Collins | 2025-02-28 | 6 | -2/+123 | |
| | | ||||||
| * | SONAR-24399 inNewCodePeriod has no effect on portfolios when using ↵ | Zipeng WU | 2025-02-28 | 1 | -1/+2 | |
| | | | | | api/issues/search | |||||
| * | SQRP-191 add new "sca_dependencies.chains" column | Tieg Zaharia | 2025-02-19 | 4 | -0/+8 | |
| | | ||||||
| * | SQRP-221 Add sca_releases table splitting out part of sca_dependencies | Havoc Pennington | 2025-02-19 | 35 | -250/+1502 | |
| | | | | | | | | | This will allow us to do paginated queries of releases instead of dependencies. In this commit, the behavior of the dependencies endpoint is not changed; this commit sets it up to be change-able, but just keeps it the same for the time being. | |||||
 |
index : sonarqube.git | |
| Continuous Inspection: https://github.com/SonarSource/sonarqube | www-data |
| aboutsummaryrefslogtreecommitdiffstats |